Skip to main content

Lab 6 - Bookstack and LDAP Authentication

In this lab, you will install and configure Bookstack, a self-hosted web wiki tool that allows you to write and share documentation. In fact, this website is an instance of Bookstack. You will also configure Bookstack to utilize LDAP authentication, a precursor to many of the more modern (OIDC/SAML/etc) authentication methods today. As we are approaching the end of the course, this lab will be less guided. Instead, it is expected that you will be able to use the internet to determine the best course of action to complete the requirements below.

Objectives

  • Bookstack is installed and running
  • Bookstack is able to use LDAP authentication
  • Bookstack is accessible beyond your local gateway (OPNSense server)

Stage 1 - Installing Bookstack

Navigate to the bookstack documentation website linked here. Based on your knowledge from previous labs, use this documentation site and resources on the internet to determine the best path forward to install and run bookstack on your Ubuntu server. For a hint, consider how the LDAP server was installed in the previous lab.

As an alternative, you can look into hosting Bookstack and it's dependencies utilizing Proxmox's "LXC Container" functionality. However, this path will likely be more complex than simply using docker within your Ubuntu machine.

Remember, Bookstack is not a standalone application, and will require other software be running in a place it can access (Either locally or remote) in order to function properly. See if you can determine what these pre-requisites might be before you get started.

The Bookstack docs prescribe several different methods for installing and configuring Bookstack. Remember that we will be configuring LDAP authentication in this lab as well.

Stage 2 - Making Bookstack publicly accessible

At this stage, it would be prudent to expose Bookstack beyond your OPNSense. This will make future configuration of the application far easier. Refer back to previous labs if you do not remember how to accomplish this.

A few things to take of note:

  • HTTP's default port is 80
  • HTTPS's default port is 443
  • At the moment, your OPNsense is hosting it's own internal WebGUI over these ports. It's up to you to decide whether you simply want to open new ports for Bookstack, or shift the WebGUI to use alternative ports and route ports 80/443 to your Ubuntu instead

Stage 3 - Setting up LDAP Authentication

LDAP stands for Lightweight Directory Access Protocol. It is essentially a standardized method for different software to query user information from a central database. In Lab 5, we setup an LDAP server on our Ubuntu machine. Now, we must connect Bookstack to it.

Use the Bookstack documentation website and any other accompanying documentation you can find to properly configure LDAP

 

Deliverables

  1. Bookstack is installed and running on your Ubuntu machine (Or LXC Container)
  2. Bookstack is publicly accessible outside of your assigned VLAN "network"
  3. Bookstack is utilizing your LDAP authentication server for LDAP
Back to top