From 722464daf4e053cbfb8924615c6e7d77368287d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mathieu=20B=C3=A9langer?=
 <56379077+mbelangergit@users.noreply.github.com>
Date: Wed, 22 Jan 2025 16:12:54 -0500
Subject: [PATCH] example_configs: Add pgAdmin

---
 README.md                  |  1 +
 example_configs/pgadmin.md | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 example_configs/pgadmin.md

diff --git a/README.md b/README.md
index bba4f8b..e3ced23 100644
--- a/README.md
+++ b/README.md
@@ -615,6 +615,7 @@ folder for help with:
 - [OCIS (OwnCloud Infinite Scale)](example_configs/ocis.md)
 - [OneDev](example_configs/onedev.md)
 - [Organizr](example_configs/Organizr.md)
+- [pgAdmin](example_configs/pgadmin.md)
 - [Portainer](example_configs/portainer.md)
 - [PowerDNS Admin](example_configs/powerdns_admin.md)
 - [Prosody](example_configs/prosody.md)
diff --git a/example_configs/pgadmin.md b/example_configs/pgadmin.md
new file mode 100644
index 0000000..d7be258
--- /dev/null
+++ b/example_configs/pgadmin.md
@@ -0,0 +1,36 @@
+# Configuration for pgAdmin
+
+The configuration for [pgAdmin][pgadmin] is done in the `config_local.py`. Refer
+to the pgAdmin [documentation][config-doc] for guidance on its config file. The
+[Enabling LDAP Authentication][ldap-authentication] describes all available
+variables related to enabling LDAP authentication for pgAdmin.
+
+[pgadmin]: https://www.pgadmin.org/
+[config-doc]: https://www.pgadmin.org/docs/pgadmin4/latest/config_py.html#config-py
+[ldap-authentication]: https://www.pgadmin.org/docs/pgadmin4/latest/ldap.html
+
+> [!NOTE]
+> The configuration can also be done through pgAdmin's `PGADMIN_CONFIG_*`
+> [environnement variables][docker-variables] when run in Docker.
+
+[docker-variables]: https://www.pgadmin.org/docs/pgadmin4/latest/container_deployment.html#environment-variables
+
+Add and adapt the following in your `config_local.py` where:
+
+- `dc=example,dc=com` is your LLDAP configured domain.
+- `ldap://lldap:3890` is your `ldap://HOSTNAME-OR-IP:PORT` of your LLDAP server.
+- `bind_user` and `REPLACE_ME` are your user uid and password of the bind user
+  for pgAdmin.
+- `pgadmin_users` is the group of the users you want to give access to pgAdmin.
+
+```python
+AUTHENTICATION_SOURCES = ["ldap"]
+LDAP_AUTO_CREATE_USER = True
+LDAP_SERVER_URI = "ldap://lldap:3890"
+LDAP_USERNAME_ATTRIBUTE = "uid"
+LDAP_BASE_DN = "ou=people,dc=example,dc=com"
+LDAP_SEARCH_BASE_DN = "ou=people,dc=example,dc=com"
+LDAP_BIND_USER = "uid=bind_user,ou=people,dc=example,dc=com"
+LDAP_BIND_PASSWORD = "REPLACE_ME"
+LDAP_SEARCH_FILTER = "(memberof=cn=pgadmin_users,ou=groups,dc=example,dc=com)"
+```