documentation:1.0:upgrade

Upgrade from 0.9.4 to 1.0

If you are using packages, they should have done the upgrade process for you, but you can check here that all is in order.

Now LemonLDAP::NG is shipped with 3 Apache configuration files:

  • portal-apache2.conf: portal virtual host
  • manager-apache2.conf: manager virtual host
  • handler-apache2.conf: handler declaration and protected application virtual hosts
If you are still using Apache 1, those files are named portal-apache.conf, manager-apache.conf, handler-apache.conf, but some features will not work (for example form replay).

You need to update these files with all your Apache configuration customization.

LemonLDAP::NG 0.9.4 used local files for some settings:

  • apply.conf: URI used by Manager to apply changes
  • storage.conf: Configuration location and Cache settings
  • apps-list.xml: Application menu

Those file are not used anymore, and merged into lemonldap-ng.ini.

There is a script in the bin/ directory called lmMigrateConfFiles2ini designed to parse old configuration files and copy parameters in the new file.

Script options:

  • --dir,-d: path to main configuration directory (default: /etc/lemonldap-ng)
  • --storage,-s: path to storage.conf (if not stored in conf dir)
  • --apply,-a: path to apply.conf (if not stored in conf dir)
  • --menuxml,-m: path to apps-list.xml (if not stored in conf dir)
  • --ini,-i: path to lemonldap-ng.ini (if not stored in conf dir)
  • --preserve,-p: do not erase old files after import
  • --help,-h: show this message
  • --verbose,-v: let me tell you my life

Here is how you can use it, if you installed LemonLDAP::NG from the tarball in the /usr/local/lemonldap-ng directory:

/usr/local/lemonldap-ng/bin/lmMigrateConfFiles2ini -d /usr/local/lemonldap-ng/etc -v -p

Remove the -p options if you want to delete old files.

The migration of application list in ini file will work, but it will then be hard to update. You should use the Manager and reconfigure all categories and applications trough it, and then comment applicationList in ini file.
Be sure that lemonldap-ng.ini is readable by your Apache server and not for other:
chmod 640 /etc/lemonldap-ng/lemonldap-ng.ini
chown root:www-data /etc/lemonldap-ng/lemonldap-ng.ini

If you have built a custom skin for LL::NG portal, you will need to adapt it to the new version.

If you just modified the CSS file, you can follow the skin customization documentation and copy you CSS in the new skin.

If you modified also the templates, you have to import all templates changes into your skin. The easiest way is maybe to start by copying new skin and then import your changes into it.

Before 1.0, we used to override some configuration parameters by editing Perl scripts (like portal/index.pl) and setting values like this:

my $portal = Lemonldap::NG::Portal::SharedConf->new( {
    portal => 'auth.example.com',
    cookieName => 'lemonldap',
    ldapPort => '390',
} );

The new lemonldap-ng.ini file should be now used to do this, as Perl scripts are program files that are erased on software updates. You have to know too that all configuration parameters are now available in Manager interface.

If you still need to customize those program files, please prefer to copy them:

cp portal/index.pl portal/indexcustom.pl

And declare your custom file in Apache configuration

DirectoryIndex indexcustom.pl

This will prevent your local modifications to be dropped when you will update your LemonLDAP::NG version.

Liberty Alliance portal was removed. So ID-FF authentication is no more supported.

To replace it, LemonLDAP::NG has now SAML2 authentication backend.

DBI configuration has been removed. You now have two choices to store configuration in a database:

  • RDBI
  • CDBI
Click here to learn how reconfigure DBI configuration backend.

If you upgrade a Debian packaged install and if you've customize Perl index.pl files, you must upgrade them. If you want to use default files, you can use the following :

cd /var/lib/lemonldap-ng/portal
rm -f *.pl
for i in /usr/share/lemonldap-ng/portal/*.pl; do
    ln -s $i
done
cd /var/lib/lemonldap-ng/manager
rm -f *.pl
for i in /usr/share/lemonldap-ng/manager/*.pl; do
    ln -s $i
done