authserv.conf

###### authserv.conf -- NoCatAuth Authentication Service Configuration.
#
# Format of this file is: <Directive> <Value>, one per
#   line. Trailing and leading whitespace is ignored. Any
#   line beginning with a punctuation character is assumed to
#   be a comment.

###### General settings.
#
# Log verbosity -- 0 is (almost) no logging. 10 is log
#   everything. 5 is probably a safe middle road.
#
Verbosity       10

##
# PGPKeyPath -- The directory in which PGP keys are stored.
#   NoCat tries to find this in the pgp/ directory above
#   the bin/ parent directory. Set this only if you put it
#   somewhere that NoCat doesn't expect.
#
# PGPKeyPath	/usr/local/nocat/pgp


###### Authservice-specific settings.
#
# HomePage -- The authservice's notion of a default
#   redirect.
#
HomePage	http://nocat.net/

# DocumentRoot -- Where all of the application templates (including
#   SplashPage) are hiding. Can be different from Apache's DocumentRoot.
#
DocumentRoot	/usr/local/nocat/htdocs

##### Authservice authentication source.
#
# DataSource -- specifies what to authenticate against.
#   Possible values are DBI, Passwd, LDAP, RADIUS, PAM, Samba, IMAP, NIS.
#
DataSource	DBI

##
# Auth service database settings.
#
# If you select DataSource DBI, then Database, DB_User, and DB_Password
#   are required.
#
# Database is a DBI-style data source specification.
#
# For postgres support:
# Database	dbi:Pg:dbname=nocat
#
# For mysql support:
Database	dbi:mysql:database=nocat
DB_User		nocat
DB_Passwd	whodatatmydo?!


## LDAP support. Requires Net::LDAP & IO::Socket::SSL to be installed from the CPAN.
#
# If you select DataSource LDAP, all of the following settings are required:
#
#    LDAP_Host - DNS name or IP Address of LDAP directory
#    LDAP_Base - the LDAP container for searching and creating users
#    LDAP_Admin_User - the fully distinguished name of the administrative user
#	NOTE: this user must be able to create users in the container specified above
#    LDAP_Admin_PW - the admin users password
#    LDAP_Hash_Passwords - Yes or No
#       - if passwords are to be MD5 hashed before being set in the directory
#    LDAP_Search_as_Admin - Yes or No
#       - "Yes" if all operations are to be done as the admin user, "No" if
#	    everything but creation should be done as anonymous
#    LDAP_Filter - Attribute name containing user's ID, email address 
#	or username.
#
# This version of LDAP.pm has been updated and tested against a Novell eDirectory
# LDAP server.  The login "unique ID" - the e-mail address - is stored as an
# attribute of the user, and the "name" provided by the user is used as the
# directory object name.
#
# Please send bug reports and patches.
#
# Still with this release, the admin tools don't fully work with LDAP support at
# the moment.
#
# LDAP_Host		ldap.mydomain.com
# LDAP_Base		ou=myContainer,o=universe
# LDAP_Admin_User	cn=LDAPAdmin,o=universe
# LDAP_Admin_PW		ldapAdminSecret
# LDAP_Hash_Passwords	Yes
# LDAP_Search_as_Admin	Yes
# LDAP_Filter		mail

## RADIUS support. Requires Authen::Radius to be installed from the CPAN.
#
# Right now, this support is totally experimental. Please send bug reports
# and patches. The admin tools don't fully work with RADIUS support at the moment.
#
# The RADIUS_Host may by in a number of different formats and is required:
#
#   RADIUS_Host radius.nocat.net
#   RADIUS_Host radius1.nocat.net,radius2.nocat.net,radius3.nocat.net
#   RADIUS_Host radius1.nocat.net:1645,radius2.nocat.net:1812,radius3.nocat.net
#
# The previous three examples are 1 host and multiple hosts (can be any number of
# hosts separated by a comma) and finally with ports provided after a colon.  (If
# no port number is supplied, it uses the Authen::Radius default of the radius 
# service in /etc/services or 1645.  Mixing entries with and without ports is 
# fine.)  These examples require a RADIUS_Secret in the format:
#
# RADIUS_Secret	sHHHH
#
# The other format is to use the RADIUS_Host with a secret after
# the hostname seperated by a * such as the examples below.  This 
# allows for different secrets on different hosts.
#
# RADIUS_Host radius1.nocat.net*secret1,radius2.nocat.net*secret2,radius3.nocat.net*secret3
#
# Alternatively, ports can also be used on any number of entries.  
# If the secret is not present, it uses the RADIUS_Secret.
#
# RADIUS_Host radius1.nocat.net:1645*secret1,radius2.nocat.net:1812,radius3.nocat.net*secret3
#
# RADIUS_TimeOut is optional and defaults to the Authen::Radius 
# default timeout.
#
# RADIUS_TimeOut 5
#
# Finally, RADIUS_Order controls the order in which RADIUS
# servers are used.  The acceptable values are "Ordered" 
# (the default) and Random (which will share the load 
# among the servers.
#
# RADIUS_Order Random
#     **** End RADIUS Configuration ****


## PAM support. Requires Authen::PAM to be installed from the CPAN.
#
# Make sure you have an /etc/pam.d/nocat or nocat line(s) in your /etc/pam.conf.
# See etc/pam.conf from this distribution for an example. The PAM_Service
# directive controls which PAM service NoCat attempts to authenticate against,
# but we don't recommend changing it unless you really know what you're doing
# with PAM. It defaults to "nocat". The admin tools don't work with PAM support
# at the moment.
#
# PAM_Service	nocat

## Samba support. Requires Authen::Smb to be installed from the CPAN.
#
# Samba_PDC and Samba_Domain are required. Samba_BDC is optional.
#
# Samba_Domain	MyWorkgroup
# Samba_PDC	MyPrimaryDomainController
# Samba_BDC	MyBackupDomainController

## IMAP support. Requires Net::IMAP::Simple to be installed from the CPAN.
#
# IMAP_Server is required. The admin tools don't work with this auth method.
#
# IMAP_Server	imap.yourdomain.net
# (or more likely:)
# IMAP_Server	localhost

## NIS support. Requires Net::NIS to be installed from the CPAN.
#
# The admin tools don't work with this auth source, surprise.
#
# DataSource NIS

## Alternately, you can use the Passwd data source. 
#
# UserFile	    /usr/local/nocat/etc/passwd
# GroupUserFile	    /usr/local/nocat/etc/group
# GroupAdminFile    /usr/local/nocat/etc/groupadm
#
# The format of these files is as follows:
#
# In UserFile, each line is of the form <username>:<password>, where the
#   password is an MD5 digest of the user's actual password.
#
# In GroupUserFile and GroupAuthFile, each line is of the form 
#   <group>:<user1>,<user2>,<user3>,...
#
# The UserFile may be updated with the bin/admintool script included in this
# distribution.

###### Auth service user table settings.
#
# UserTable names the table containing the user ID data.
#
# UserIDField names the column containing the ID that the
#    client uses to uniquely identifying themselves, i.e. their
#    e-mail address or username.
#
# UserPasswdField stores the user's MD5-hashed password.
#
# UserAuthField is deprecated and will go away.
#
UserTable	member
UserIDField	login
UserPasswdField pass
UserAuthField   status
UserStampField	created

GroupTable      network
GroupIDField    network
GroupAdminField admin

####### Auth service web application settings.
#
# MinPasswdLength -- Enforced minimum user password length.
#   Not much other checking is done on the user's p/w.
#
MinPasswdLength	6

# MessageSign -- shell command to sign an auth notification
#   with. The message to be signed is written to the
#   command's standard in, and the signed message is read
#   from standard out.
#
# GpgPath	/usr/bin/gpg
#
# MessageSign	$GpgPath --clearsign --homedir=$PGPKeyPath -o-

# LocalGateway -- If you run auth service on the same subnet 
#   (or host) as the gateway you need to specify the hostname 
#   of the gateway. Otherwise omit it.  (Requires Net::Netmask)
#
# LocalGateway    192.168.1.7

# Auth service template names. See the individual templates
#   for details on what each one does.
#
LoginForm	login.html
LoginOKForm	login_ok.html
FatalForm	fatal.html
ExpiredForm	expired.html
RenewForm	renew.html
PassiveRenewForm renew_pasv.html

RegisterForm	register.html
RegisterOKForm	register_ok.html
RegisterFields	name url description

UpdateForm	update.html
UpdateFields	url description

###### Auth service user messages. Should be self-explanatory.
#
LoginGreeting   Greetings! Welcome to the NoCat Network.
LoginMissing    Please fill in all fields!
LoginBadUser    That e-mail address is unknown. Please try again.
LoginBadPass	That e-mail and password do not match. Please try again.
LoginBadStatus  Sorry, you are not a registered co-op member.

RegisterGreeting    Welcome! Please enter the following information to register.
RegisterMissing	    Name, E-mail, and password fields must be filled in.
RegisterUserExists  Sorry, that e-mail address is already taken. Are you already registered?
RegisterBadUser	    The e-mail address provided appears to be invalid. Did you spell it correctly?
RegisterInvalidPass All passwords must be at least six characters long.
RegisterPassNoMatch The passwords you provided do not match. Please try again.
RegisterSuccess	    Congratulations, you have successfully registered.

UpdateGreeting	    Enter your E-mail and password to update your info.
UpdateBadUser	    That e-mail address is unknown. Please try again.
UpdateBadPass	    That e-mail and password do not match. Please try again.
UpdateInvalidPass   New passwords must be at least six characters long.
UpdatePassNoMatch   The new passwords you provided do not match. Please try again.
UpdateSuccess	    Congratulations, you have successfully updated your account.

###### Fin.