glauth-ui-light is a small golang web app to manage users and groups from the db files of glauth ldap server for small business, self hosted, labs infrastructure or raspbery servers.

Coverage Status

Thanks of hot-reload feature on glauth configuration file change, glauth-ui-light can edit and update glauth configuration and manage ldap users.

glauth-ui-light update only users and groups.

All lines after the first [[users]] in glauth configuration file will be updated. The use of same model structure than glauth V2 allow to keep manual edition of non managed features as capabilities, loginShell, sshkeys, otpsecret, yubikey, includegroups, .... Only comments on these lines are lost.

Current glauth experimental feature on customattributes is lost due to the need of a patched toml library.

Main aims

  • Static binary with small customisations
  • Keep abbility to edit glauth configuration file
  • Minimal javascript use

Current features

  • Custom front page text and application name
  • Add new localisations by adding new yaml file
  • Authentication with current glauth users if allowreadssha256 is set
  • Admin right is defined for members of group defined in gidadmin
  • Users in group gidcanchgpass are common users and can change their passwords

Missing glauth V2 features

Current glauth experimental feature on customattributes is lost due to the need of a patched toml library.

Some overkill features for a self hosted infrastrucuture

  • only register bcrypt passwords
  • daily log rotates
  • i18n support
  • responsive UI
  • delayed after 4 failed login
  • rate requests limiter against brute force ttempts
  • CSRF
  • STS, CSP
  • standalone SSL or via reverse proxy
  • high tests coverage
  • windows, macos builds (not tested)


Allow users to self change their passwords can create bad concurrent updates of glauth configuration file.


Download last release from

Create config file :

# glauth-ui-light.conf

# dbfile: glauth conf file 
#    with watchconfig enabled for hot-reload on conf file change
#    glauth-ui-light need write access
dbfile = "samples-conf/glauth-sample-simple.cfg"

# run on a non privileged port
port = ""
# When a self hosted ssl reverse proxy is used :
#  port = ""

# Custom first page texts
appname = "glauth-ui-light"
appdesc = "Manage users and groups for glauth ldap server"

  # TODO set random secrets for CSRF token
  csrfrandom = "secret1"

  min = 2
  max = 24
  allowreadssha256 = true  # to be set to false when all passwords are bcrypt

  start = 5000           # start with this uid number 
  gidadmin = 5501        # members of this group are admins
  gidcanchgpass = 5500   # members of this group can change their password

  start = 5500   # start with this gid number 

Start :

$ ./glauth-ui -c glauth-ui-light.conf &

$ firefox http://localhost:8080/




Change password
Change password

Manage users
Users page

Delete group
Delete group




cp locales/tr.yml locales/it-IT/it.yml

Translate strings and add new local to config file

  lang = "it"
  path = "locales/"
  langs = ["en-US","fr-FR","it-IT"]


$ git clone

$ cd glauth-ui-light

$ make


# linter
$ golangci-lint run ./...                                                                                    

# tests
$ go test ./...
?   	glauth-ui-light	[no test files]
ok  	glauth-ui-light/config	  0.284s
ok  	glauth-ui-light/handlers  0.246s
ok  	glauth-ui-light/helpers	  18.048s # failed login tests need 18s
ok  	glauth-ui-light/routes	  0.019s

# test coverage
$  go test -coverprofile=coverage.out ./... 

$ go tool cover -func=coverage.out
glauth-ui-light/routes/routes.go:78:	initServer		85.4%
glauth-ui-light/routes/routes.go:174:	SetRoutes		93.5%
glauth-ui-light/routes/routes.go:220:	contains		100.0%
glauth-ui-light/routes/routes.go:229:	setCacheHeaders		100.0%
glauth-ui-light/routes/routes.go:248:	Auth			100.0%
total:					(statements)		93.7%

# html browser output
$ go tool cover -html=coverage.out


$ scp -pr locales [email protected]:/home/app/glauth-ui-light

$ scp build/linux/glauth-ui  [email protected]:/home/app/glauth-ui-light

Code structure:

    |-glauth-config-v2.go   // glauth users goups models
    |-user.go     // user methods   
    |-cookie.go   // cookies for session
    |-db.go       // read write data
    |-18n.go      // i18n
    |-sessions.go // manage session
    |-global.go   // global var, render
|- routes
    |-routes.go   // load template, i18n. Set routes, auth middleware
    |-web         // due to "embed" files 




  • initial release


  • Add otp


MIT License

Copyright (c) 2022 Yves Agostini

[email protected]


View Github