forked from Github-Mirrors/canaille
b24efd3076
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate. Translation: Canaille/Documentation: Tutorial Translate-URL: https://hosted.weblate.org/projects/canaille/documentation-tutorial/
461 lines
16 KiB
Text
461 lines
16 KiB
Text
# SOME DESCRIPTIVE TITLE.
|
|
# Copyright (C) 2024, Yaal Coop
|
|
# This file is distributed under the same license as the canaille package.
|
|
# FIRST AUTHOR <EMAIL@ADDRESS>, 2024.
|
|
#
|
|
#, fuzzy
|
|
msgid ""
|
|
msgstr ""
|
|
"Project-Id-Version: canaille 0.0.56\n"
|
|
"Report-Msgid-Bugs-To: \n"
|
|
"POT-Creation-Date: 2024-11-22 17:21+0100\n"
|
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
|
"Language-Team: fr <LL@li.org>\n"
|
|
"Language: fr\n"
|
|
"MIME-Version: 1.0\n"
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
"Content-Transfer-Encoding: 8bit\n"
|
|
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
|
|
"Generated-By: Babel 2.16.0\n"
|
|
|
|
#: ../tutorial/databases.rst:2 34b6a5df315e4629b9710884e3f5be9e
|
|
msgid "Databases"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:4 31f93a60c87648478dfe7a6c74d5f36a
|
|
msgid ""
|
|
"Canaille can read and save data in different databases. This page presents "
|
|
"the different database backends and their specificities:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:8 8dc081315c7a4eea8be2e81b8a049162
|
|
msgid "Memory"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:10 08608b21b52a4a22ac26b3a2a2d29f6a
|
|
msgid ""
|
|
"Canaille comes with a lightweight inmemory backend by default. It is used "
|
|
"when no other backend has been configured."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:13 dbb9009fcf724d6290135aa1d6a32026
|
|
msgid ""
|
|
"This backend is only for test purpose and should not be used in production "
|
|
"environments."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:16 06113268bf4a49d0880cdae75f961fc5
|
|
msgid "SQL"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:18 2bb9cb1d3c4f4e4f93d649960bca123d
|
|
msgid ""
|
|
"Canaille can use any database supported by `SQLAlchemy <https://www."
|
|
"sqlalchemy.org/>`_, such as sqlite, postgresql or mariadb."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:21 bb4ec73e439d430aa8dbdddb0301bf5b
|
|
msgid ""
|
|
"It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For "
|
|
"instance:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:23 ../tutorial/databases.rst:37
|
|
#: 7de375f96b054244a9fb0c7c60663f32 ebab073f2f894dfb87705d06ebb870af
|
|
msgid "config.toml"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:29 6e78f6be25cb4151951a1bc6994643a9
|
|
msgid ""
|
|
"You can find more details on the SQL configuration in the :class:`dedicated "
|
|
"section <canaille.backends.sql.configuration.SQLSettings>`."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:32 bcfa707ba3b2494ab1af853bcdc7673f
|
|
msgid "LDAP"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:34 426e632fa07a44369bdadb8a290672bf
|
|
msgid ""
|
|
"Canaille can use OpenLDAP as its main database. It is used when the "
|
|
"``CANAILLE_LDAP`` configuration parameter is defined. For instance:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:52 0c319bcdd3b649569745572bb2944fec
|
|
msgid ""
|
|
"You can find more details on the LDAP configuration in the :class:`dedicated "
|
|
"section <canaille.backends.ldap.configuration.LDAPSettings>`."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:55 ebc6e35e9a6049be8bc66eb127adf882
|
|
msgid ""
|
|
"Currently, only the ``inetOrgPerson`` and ``groupOfNames`` schemas have been "
|
|
"tested. If you want to use different schemas or LDAP servers, adaptations "
|
|
"may be needed. Patches are welcome."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:60 6a9ec2b8bf724122b5752c753bdaea7a
|
|
msgid "OpenLDAP overlays integration"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:62 ce6daa0ac4974084990221c2806a5549
|
|
msgid "Canaille can integrate with several OpenLDAP overlays:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:65 24a7dc4d61504545ac841910fbaca48b
|
|
msgid "memberof / refint"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:67 d24183e3349f42bfbbecde663f03f846
|
|
msgid ""
|
|
"`memberof <https://www.openldap.org/doc/admin26/overlays."
|
|
"html#Reverse%20Group%20Membership%20Maintenance>`_ and `refint <https://www."
|
|
"openldap.org/doc/admin26/overlays.html#Referential%20Integrity>`_ overlays "
|
|
"are needed for the Canaille group membership to work correctly."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:71 ../tutorial/databases.rst:94
|
|
#: 65357e9c96e341128f9448507ce02f1b 692bdeebfc9c40999c9b09c8d9371e52
|
|
msgid "Here is a configuration example compatible with canaille:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:73 511312387435410987a190cf7b68f2ab
|
|
msgid "memberof-config.ldif"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:77 c95e78d9dde84102b1a97c2399430c23
|
|
msgid "refint-config.ldif"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:81 ../tutorial/databases.rst:104
|
|
#: 2e0fddced7e949f8a66653530c8a120b 8686380cd79949259b48f68fe6c4d3b8
|
|
msgid "You can adapt and load those configuration files with:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:90 af864ca7a8ef4d128d3fbe54749a944c
|
|
msgid "ppolicy"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:92 fc8d77f8ca4d48de9eba6c408a9f5fc2
|
|
msgid ""
|
|
"If the `ppolicy <https://www.ietf.org/archive/id/draft-behera-ldap-password-"
|
|
"policy-11.html>`_ overlay is configured and the ``pwdEndTime`` attribute is "
|
|
"available (since OpenLDAP 2.6), then account locking support will be enabled "
|
|
"in canaille. To allow users to manage account expiration, they need to have "
|
|
"a *write* permission on the :attr:`~canaille.core.models.User.lock_date` "
|
|
"attribute."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:96 15e6cfdc691149efbbdc2f3834c7a3d0
|
|
msgid "ppolicy-config.ldif"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/databases.rst:100 ef7f7bd8dd0445be8596864cb1b50fa5
|
|
msgid "ppolicy.ldif"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:2 a7ef8cd4696b4e53a1ffdb87fb18c375
|
|
msgid "Deployment"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:5 0f1f7c0caa8a4dfcb659c15bedda5aae
|
|
msgid "Application service"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:7 b93527ef33ad4a65af273da09bb780f3
|
|
msgid ""
|
|
"After having finished Canaille installation you have to run it in a WSGI "
|
|
"application server. Here are some WSGI server configuration examples you can "
|
|
"pick. Do not forget to update the paths."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:11 1ffbe89a8ff744fc9686484ce526e541
|
|
msgid "gunicorn"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:13 418a0ab3603442f2b0a515962f003029
|
|
msgid "Todo"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:15 c40ad558fd584c01a6c564f8f72d12f3
|
|
msgid "Write a gunicorn configuration sample file."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:18 ec3a0c7c05b74be6b1640ff6a4090aec
|
|
msgid "uwsgi"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:42 5c4862bc3810432195a2e9a353f60b54
|
|
msgid "Webserver"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:44 94e56452db9741f0a3eee45f672e73a8
|
|
msgid ""
|
|
"Now you have to plug your WSGI application server to your webserver so it is "
|
|
"accessible on the internet. Here are some webserver configuration examples "
|
|
"you can pick:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:48 7c4ae615fbd44c3f8ab3ece2d0201ed7
|
|
msgid "Nginx"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:114 ac66da9f7d1342bdad81dbdf97218b4e
|
|
msgid "Apache"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:153 ad13e4fdf804422facdde8b1b619e9a2
|
|
msgid "Recurrent jobs"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:155 b9ba07959e7f4d57846b44490735d913
|
|
msgid ""
|
|
"You might want to clean up your database to avoid it growing too much. You "
|
|
"can regularly delete expired tokens and authorization codes with:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:164 4a9929824eba46a883f1147dcdaa526e
|
|
msgid "Webfinger"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:166 cbd15001d4a043e5a0ec93a5eff80b9f
|
|
msgid ""
|
|
"You may want to configure a `WebFinger`_ endpoint on your main website to "
|
|
"allow the automatic discovery of your Canaille installation based on the "
|
|
"account name of one of your users. For instance, suppose your domain is "
|
|
"``mydomain.example`` and your Canaille domain is ``auth.mydomain.example`` "
|
|
"and there is a user ``john.doe``. A third-party application could require to "
|
|
"authenticate the user and ask them for a user account. The user would give "
|
|
"their account ``john.doe@mydomain.example``, then the application would "
|
|
"perform a WebFinger request at ``https://mydomain.example/.well-known/"
|
|
"webfinger`` and the response would contain the address of the authentication "
|
|
"server ``https://auth.mydomain.example``. With this information the third "
|
|
"party application can redirect the user to the Canaille authentication page."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:168 e515d97f8d8248f98081746a9b723611
|
|
msgid ""
|
|
"The difficulty here is that the WebFinger endpoint must be hosted at the top-"
|
|
"level domain (i.e. ``mydomain.example``) while the authentication server "
|
|
"might be hosted on a sublevel (i.e. ``auth.mydomain.example``). Canaille "
|
|
"provides a WebFinger endpoint, but if it is not hosted at the top-level "
|
|
"domain, a web redirection is required on the ``/.well-known/webfinger`` path."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:170 3c7cb4cd4a2d498098fe4387a5ae3b2a
|
|
msgid "Here are configuration examples for Nginx or Apache:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:172 a11ff6002ffc46b7b401b29c222cb984
|
|
msgid "Nginx webfinger configuration for a top level domain"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:181 cc81b2ca58b842bab2583d46cd8ac1dc
|
|
msgid "Apache webfinger configuration for a top level domain"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:191 b9b3713c6f724e5cb3cad50756e8211c
|
|
msgid "Create the first user"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/deployment.rst:193 02df7f55e6df4452ac60d899b5a98cc2
|
|
msgid ""
|
|
"Once canaille is installed, soon enough you will need to add users. To "
|
|
"create your first user you can use the :ref:`canaille create <cli_create>` "
|
|
"CLI."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/index.rst:2 3deeb02f520e41b4a510d72bdd446046
|
|
msgid "Tutorial"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:2 36b529fead5242468a36bdbbbdd28544
|
|
msgid "Installation"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:6 c717982f410e46a28e3f97a9a1096146
|
|
msgid ""
|
|
"Canaille is under heavy development and may not fit a production environment "
|
|
"yet."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:8 6e7bc4fde5d74dceb03c1f03a95fa779
|
|
msgid ""
|
|
"The installation of canaille consist in several steps, some of which you can "
|
|
"do manually or with command line tool:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:11 25f53875201f4538b26df4d537d355ea
|
|
msgid "Get the code"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:13 ac342d74e14244c4badfab8c1f829d94
|
|
msgid ""
|
|
"As the moment there is no distribution package for canaille. However, it can "
|
|
"be installed with the ``pip`` package manager. Let us choose a place for the "
|
|
"canaille environment, like ``/opt/canaille/env``."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:24 15d4a0b372c44934a05f1ed6eb327a87
|
|
msgid "Extras"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:26 6c563bb9847e4766a5c3d0d461a35c2f
|
|
msgid "Canaille provides different package options:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:28 65dbf1cc88e14dcda675a7a20f71477b
|
|
msgid "`front` provides all the things needed to produce the user interface;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:29 932751ee90ac445f8271d5f0bf062139
|
|
msgid "`oidc` provides the dependencies to perform OAuth2/OIDC authentication;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:30 33ba6546cbf94064ab5290438b1120a8
|
|
msgid "`ldap` provides the dependencies to enable the LDAP backend;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:31 e65f505181e448e58b1aa158e8af5d42
|
|
msgid "`sqlite` provides the dependencies to enable the SQLite backend;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:32 f3fa4d1a59674077b16bdc0e432f326e
|
|
msgid ""
|
|
"`postgresql` provides the dependencies to enable the PostgreSQL backend;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:33 f914db4dca274ab9bc725faba6cc6e86
|
|
msgid "`mysql` provides the dependencies to enable the MySQL backend;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:34 7dad7a35aea54e549ac3328577c8e3e1
|
|
msgid "`sentry` provides sentry integration to watch Canaille exceptions;"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:35 1cd7e38d50bd4f439e285c870a8b005c
|
|
msgid "`all` provides all the extras above."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:37 cf6a1f2144114c7abfe4177c427d72f8
|
|
msgid "They can be installed with:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:44 51d6f24a101c4511aa3d49db1914fa3a
|
|
msgid "Configure"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:46 4efc51c21f274c449ecdd33dcc439625
|
|
msgid ""
|
|
"Choose a path where to store your configuration file. You can pass any "
|
|
"configuration path with the ``CONFIG`` environment variable."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:54 90dd73339c3e43f18395eb80d9749456
|
|
msgid ""
|
|
"You should then edit your configuration file to adapt the values to your "
|
|
"needs. Look at the configuration details in the :doc:`configuration <../"
|
|
"references/configuration>` page."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:57 3ff3b9dbf5904b3dbb2494ee61825d15
|
|
msgid "Install"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:59 56e161c2e2ed4ae7a7d55bcc024135a1
|
|
msgid ""
|
|
"The :ref:`install command <cli_install>` will apply most of the things "
|
|
"needed to get Canaille working. Depending on the configured :doc:`database "
|
|
"<databases>` it will create the SQL tables, or install the LDAP schemas for "
|
|
"instance."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:68 e4b60f64108549189d9627699af12a91
|
|
msgid "Check"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/install.rst:70 1a9056c774724a0491bcb5060e8903f2
|
|
msgid ""
|
|
"After a manual installation, you can check your configuration file using "
|
|
"the :ref:`check command <cli_install>`:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:2 8e2c5e7ea5f14416a11a2ec648a32593
|
|
msgid "Troubleshooting"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:5 d1d6667b4caa4506a5be55cc7c4df22a
|
|
msgid "The web interface throws useless error messages"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:7 a71c850aa84d41e99550cc54f23e5441
|
|
msgid ""
|
|
"Unless the current user has admin :class:`permissions <canaille.core."
|
|
"configuration.Permission>`, or the installation is in :attr:`~canaille.app."
|
|
"configuration.RootSettings.DEBUG` mode, error messages won't be too "
|
|
"technical. For instance, you can see *The request you made is invalid*. To "
|
|
"enable detailed error messages, you can **temporarily** enable the :attr:"
|
|
"`~canaille.app.configuration.RootSettings.DEBUG` configuration parameter."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:12 cc846be11ca448ddb1c1913d1e41ccbf
|
|
msgid "How to manually install LDAP schemas?"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:16 c9a20d92290541c0b5536e5cd150999d
|
|
msgid ""
|
|
"Schema installation can be automatically done using the :ref:`install "
|
|
"command <cli_install>`."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:18 830b3a72844a44d386308540cc44f1e4
|
|
msgid "As of OpenLDAP 2.4, two configuration methods are available:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:20 02db4b758cfd40f7b64bfb79bea9f5c3
|
|
msgid ""
|
|
"The `deprecated <https://www.openldap.org/doc/admin26/slapdconf2.html>`_ "
|
|
"one, based on a configuration file (generally ``/etc/ldap/slapd.conf``);"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:21 0b24de0faa944ae3b1af5c604a71098f
|
|
msgid ""
|
|
"The new one, based on a configuration directory (generally ``/etc/ldap/slapd."
|
|
"d``)."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:23 7acd99c26fd7480e8733523fbd29db13
|
|
msgid ""
|
|
"Depending on the configuration method you use with your OpenLDAP "
|
|
"installation, you need to chose how to add the canaille schemas:"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:26 3917d45c79604f16ba0aca4887ff6dac
|
|
msgid "Old fashion: Copy the schemas in your filesystem"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:35 430b74fa77a94624bcae8606289222a3
|
|
msgid "New fashion: Use slapadd to add the schemas"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:37 9fdc2c09b2dc44b3b5e45ed1271b3e7c
|
|
msgid "Be careful to stop your ldap server before running ``slapadd``"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:46 cc6bfd549bd541eead7a37af15a25aef
|
|
msgid "How to manually generate the OIDC keypair?"
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:50 6dc2d317536b41ff839d98287a84f358
|
|
msgid ""
|
|
"The keypair generation can be automatically done using the :ref:`install "
|
|
"command <cli_install>`."
|
|
msgstr ""
|
|
|
|
#: ../tutorial/troubleshooting.rst:52 31db4facc32b4691b3625065562ef5c3
|
|
msgid ""
|
|
"Canaille needs a key pair to sign OIDC tokens. You can customize those "
|
|
"commands, as long as they match the ``JWT`` section of your configuration "
|
|
"file."
|
|
msgstr ""
|