mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-08 10:56:27 +00:00
Merge branch 'Fix_install_re2o' into 'master'
Fix install re2o Closes #122 See merge request federez/re2o!163
This commit is contained in:
commit
acb41cf375
10 changed files with 975 additions and 684 deletions
41
CHANGELOG.md
41
CHANGELOG.md
|
@ -1,13 +1,32 @@
|
|||
Datepicker
|
||||
=======
|
||||
Install libjs-jquery
|
||||
Install libjs-jquery-ui
|
||||
Install libjs-jquery-timepicker
|
||||
Install libjs-bootstrap
|
||||
Install (if not) javascript-common
|
||||
Enable (if not) javascript-common conf
|
||||
## MR 160: Datepicker
|
||||
|
||||
Install libjs-jquery libjs-jquery-ui libjs-jquery-timepicker libjs-bootstrap javascript-common
|
||||
```
|
||||
apt-get -y install \
|
||||
libjs-jquery \
|
||||
libjs-jquery-ui \
|
||||
libjs-jquery-timepicker \
|
||||
libjs-bootstrap \
|
||||
javascript-common
|
||||
```
|
||||
Enable javascript-common conf
|
||||
```
|
||||
a2enconf javascript-common
|
||||
```
|
||||
|
||||
Delete old jquery files :
|
||||
rm -rf static_files/js/jquery-ui-*
|
||||
rm -rf static_files/js/jquery-2.2.4.min.js
|
||||
static/css/jquery-ui-timepicker-addon.css
|
||||
```
|
||||
rm -r static_files/js/jquery-ui-*
|
||||
rm static_files/js/jquery-2.2.4.min.js
|
||||
rm static/css/jquery-ui-timepicker-addon.css
|
||||
```
|
||||
|
||||
|
||||
## MR 163: Fix install re2o
|
||||
|
||||
Refactored install_re2o.sh script.
|
||||
* There are more tools available with it but some fucntion have changed, report to [the dedicated wiki page](for more informations) or run:
|
||||
```
|
||||
install_re2o.sh help
|
||||
```
|
||||
* The installation templates (LDIF files and `re2o/settings_locale.example.py`) have been changed to use `example.net` instead of `example.org` (more neutral and generic)
|
||||
|
|
161
README.md
161
README.md
|
@ -18,165 +18,10 @@ le réseau (adhérent à jour de cotisation).
|
|||
|
||||
# Installation
|
||||
|
||||
## Installation des dépendances
|
||||
Un tutoriel pour installer le projet est disponible [sur le wiki](https://gitlab.federez.net/federez/re2o/wikis/User%20Documentation/Quick%20Start).
|
||||
|
||||
L'installation comporte 3 partie : le serveur web où se trouve le depot re2o
|
||||
ainsi que toutes ses dépendances, le serveur bdd (mysql ou pgsql) et le
|
||||
serveur ldap. Ces 3 serveurs peuvent en réalité être la même machine, ou séparés
|
||||
(recommandé en production).
|
||||
Le serveur web sera nommé serveur A, le serveur bdd serveur B et le serveur ldap
|
||||
serveur C.
|
||||
|
||||
### Prérequis sur le serveur A
|
||||
|
||||
Voici la liste des dépendances à installer sur le serveur principal (A).
|
||||
|
||||
### Avec apt :
|
||||
|
||||
#### Sous debian 9
|
||||
|
||||
Paquets obligatoires:
|
||||
* python3-django (1.10, stretch)
|
||||
* python3-dateutil (stretch)
|
||||
* texlive-latex-base (stretch)
|
||||
* texlive-fonts-recommended (strech)
|
||||
* python3-djangorestframework (stretch)
|
||||
* python3-django-reversion (stretch)
|
||||
* python3-pip (stretch)
|
||||
|
||||
Paquet recommandés:
|
||||
* python3-django-extensions (stretch)
|
||||
|
||||
|
||||
### Autres dépendances :
|
||||
|
||||
Paquets préalables à installer avec apt :
|
||||
* libsasl2-dev (stable)
|
||||
* libldap2-dev (stable)
|
||||
* libssl-dev (stable)
|
||||
|
||||
Avec pip3 (pip3 install):
|
||||
* django-bootstrap3
|
||||
* django-ldapdb
|
||||
* django-macaddress
|
||||
|
||||
Moteur de db conseillé (mysql), postgresql fonctionne également.
|
||||
Pour mysql, il faut installer :
|
||||
* python3-mysqldb
|
||||
* mysql-client
|
||||
|
||||
### Prérequis sur le serveur B
|
||||
|
||||
Sur le serveur B, installer mysql ou postgresql, dans la version stretch.
|
||||
* mysql-server (stretch) ou postgresql (stretch)
|
||||
|
||||
### Prérequis sur le serveur C
|
||||
Sur le serveur C (ldap), avec apt :
|
||||
* slapd (stretch)
|
||||
|
||||
### Installation sur le serveur principal A
|
||||
|
||||
Cloner le dépot re2o à partir du gitlab, par exemple dans /var/www/re2o.
|
||||
Ensuite, il faut créer le fichier settings_local.py dans le sous dossier re2o,
|
||||
un settings_local.example.py est présent. Les options sont commentées, et des
|
||||
options par défaut existent.
|
||||
|
||||
En particulier, il est nécessaire de générer un login/mdp admin pour le ldap et
|
||||
un login/mdp pour l'utilisateur sql (cf ci-dessous), à mettre dans
|
||||
settings_local.py
|
||||
|
||||
### Installation du serveur mysql/postgresql sur B
|
||||
|
||||
Sur le serveur mysql ou postgresl, il est nécessaire de créer une base de
|
||||
donnée re2o, ainsi qu'un user re2o et un mot de passe associé.
|
||||
Ne pas oublier de faire écouter le serveur mysql ou postgresql avec les acl
|
||||
nécessaire pour que A puisse l'utiliser.
|
||||
|
||||
#### Mysql
|
||||
Voici les étapes à éxecuter pour mysql :
|
||||
* CREATE DATABASE re2o collate='utf8_general_ci';
|
||||
* CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';
|
||||
* GRANT ALL PRIVILEGES ON re2o.* TO 'newuser'@'localhost';
|
||||
* FLUSH PRIVILEGES;
|
||||
|
||||
#### Postgresql
|
||||
* CREATE DATABASE re2o ENCODING 'UTF8' LC_COLLATE='fr_FR.UTF-8'
|
||||
LC_CTYPE='fr_FR.UTF-8';
|
||||
* CREATE USER newuser with password 'password';
|
||||
* ALTER DATABASE re2o owner to newuser;
|
||||
|
||||
Si les serveurs A et B ne sont pas la même machine, il est nécessaire de
|
||||
remplacer localhost par l'ip avec laquelle A contacte B dans les commandes
|
||||
du dessus.
|
||||
Une fois ces commandes effectuées, ne pas oublier de vérifier que newuser et
|
||||
password sont présents dans settings_local.py
|
||||
|
||||
### Installation du serveur ldap sur le serveur C
|
||||
|
||||
Ceci se fait en plusieurs étapes :
|
||||
* générer un login/mdp administrateur (par example mkpasswd sous debian)
|
||||
* Copier depuis re2o/install_utils (dans le dépot re2o) les fichiers db.ldiff
|
||||
et schema.ldiff (normalement sur le serveur A) sur le serveur C
|
||||
(par ex dans /tmp)
|
||||
* Hasher le mot de passe généré en utilisant la commande slappasswd
|
||||
(installée par slapd)
|
||||
* Remplacer toutes les sections FILL_IN par le hash dans schema.ldiff et
|
||||
db.ldiff
|
||||
* Remplacer dans schema.ldiff et db.ldiff 'dc=example,dc=org' par le
|
||||
suffixe de l'organisation
|
||||
* Arréter slapd
|
||||
* Supprimer les données existantes : '''rm -rf /etc/ldap/slapd.d/*''' et
|
||||
'''rm -rf /var/lib/ldap/*'''
|
||||
* Injecter le nouveau schéma :
|
||||
'''slapadd -n 0 -l schema.ldiff -F /etc/ldap/slapd.d/''' et
|
||||
'''slapadd -n 1 -l db.ldiff'''
|
||||
* Réparer les permissions (chown -R openldap:openldap /etc/ldap/slapd.d et
|
||||
chown -R openldap:openldap /var/lib/ldap) puis relancer slapd
|
||||
|
||||
Pour visualiser et éditer le ldap, l'utilisation de shelldap est fortement
|
||||
recommandée, en utilisant en binddn et basedn tous deux égaux à 'cn=config' et
|
||||
binddpw le mot de passe admin.
|
||||
|
||||
Rajouter (exemple de chemin de fichier avec un certif LE):
|
||||
`olcTLSCertificateKeyFile: /etc/letsencrypt/live/HOSTNAME/privkey.pem
|
||||
olcTLSCACertificateFile: /etc/letsencrypt/live/HOSTNAME/chain.pem
|
||||
olcTLSCertificateFile: /etc/letsencrypt/live/HOSTNAME/cert.pem `
|
||||
|
||||
Mettre à jour la partie ldap du `settings_local.py` (mettre 'TLS' à True
|
||||
si besoin, user cn=config,dc=example,dc=org et mot de passe
|
||||
ldap choisi précédemment).
|
||||
|
||||
## Configuration initiale
|
||||
|
||||
Normalement à cette étape, le ldap et la bdd sql sont configurées correctement.
|
||||
|
||||
Il faut alors lancer dans le dépot re2o '''python3 manage.py migrate''' qui
|
||||
va structurer initialement la base de données.
|
||||
Les migrations sont normalement comitées au fur et à mesure, néanmoins cette
|
||||
étape peut crasher, merci de reporter les bugs.
|
||||
|
||||
## Démarer le site web
|
||||
|
||||
Il faut utiliser un moteur pour servir le site web. Nginx ou apache2 sont
|
||||
recommandés.
|
||||
Pour apache2 :
|
||||
* apt install apache2
|
||||
* apt install libapache2-mod-wsgi-py3 (pour le module wsgi)
|
||||
|
||||
Un example de site apache2 se trouve dans install_utils ( re2o.conf)
|
||||
re2o/wsgi.py permet de fonctionner avec apache2 en production
|
||||
|
||||
## Configuration avancée
|
||||
|
||||
Une fois démaré, le site web devrait être accessible.
|
||||
Pour créer un premier user, faire '''python3 manage.py createsuperuser'''
|
||||
qui va alors créer un user admin.
|
||||
Il est conseillé de créer un user portant le nom de
|
||||
l'association/organisation, qui possedera l'ensemble des machines, à indiquer
|
||||
dans le menu reglages sur l'interface.
|
||||
|
||||
## Installations Optionnelles
|
||||
### Générer le schéma des dépendances
|
||||
# Installations Optionnelles
|
||||
## Générer le schéma des dépendances
|
||||
|
||||
Pour cela :
|
||||
* apt install python3-django-extensions
|
||||
|
|
16
apt_requirements.txt
Normal file
16
apt_requirements.txt
Normal file
|
@ -0,0 +1,16 @@
|
|||
python3-django
|
||||
python3-dateutil
|
||||
texlive-latex-base
|
||||
texlive-fonts-recommended
|
||||
python3-djangorestframework
|
||||
python3-django-reversion
|
||||
python3-pip
|
||||
libsasl2-dev libldap2-dev
|
||||
libssl-dev
|
||||
python3-crypto
|
||||
python3-git
|
||||
javascript-common
|
||||
libjs-jquery
|
||||
libjs-jquery-ui
|
||||
libjs-jquery-timepicker
|
||||
libjs-bootstrap
|
1267
install_re2o.sh
1267
install_re2o.sh
File diff suppressed because it is too large
Load diff
|
@ -1,38 +1,38 @@
|
|||
dn: dc=example,dc=org
|
||||
dn: dc=example,dc=net
|
||||
o: rezo
|
||||
structuralObjectClass: organization
|
||||
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20150225150906Z
|
||||
description: ldap
|
||||
objectClass: top
|
||||
objectClass: dcObject
|
||||
objectClass: organization
|
||||
entryCSN: 20151003212702.245118Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20151003212702Z
|
||||
contextCSN: 20161004233332.689769Z#000000#000#000000
|
||||
|
||||
dn: cn=admin,dc=example,dc=org
|
||||
dn: cn=admin,dc=example,dc=net
|
||||
objectClass: simpleSecurityObject
|
||||
objectClass: organizationalRole
|
||||
cn: admin
|
||||
structuralObjectClass: organizationalRole
|
||||
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20150225150906Z
|
||||
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160604005945.576566Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160604005945Z
|
||||
|
||||
dn: cn=Utilisateurs,dc=example,dc=org
|
||||
dn: cn=Utilisateurs,dc=example,dc=net
|
||||
gidNumber: 500
|
||||
cn: Utilisateurs
|
||||
structuralObjectClass: posixGroup
|
||||
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20150226130856Z
|
||||
sambaSID: 500
|
||||
uid: Users
|
||||
|
@ -41,143 +41,143 @@ objectClass: top
|
|||
objectClass: sambaSamAccount
|
||||
objectClass: radiusprofile
|
||||
entryCSN: 20150226130950.194154Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20150226130950Z
|
||||
|
||||
dn: ou=groups,dc=example,dc=org
|
||||
dn: ou=groups,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes d'utilisateurs
|
||||
ou: groups
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160531142039Z
|
||||
entryCSN: 20160531142039.780151Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160531142039Z
|
||||
|
||||
dn: ou=services,ou=groups,dc=example,dc=org
|
||||
dn: ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes de comptes techniques
|
||||
ou: services
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601173411Z
|
||||
entryCSN: 20160601173411.088359Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160601173411Z
|
||||
|
||||
dn: ou=service-users,dc=example,dc=org
|
||||
dn: ou=service-users,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Utilisateurs techniques de l'annuaire
|
||||
ou: service-users
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601173602Z
|
||||
entryCSN: 20160601173602.683304Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160601173602Z
|
||||
|
||||
dn: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||
dn: cn=freeradius,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: freeradius
|
||||
userPassword: FILL_IT
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601173922Z
|
||||
entryCSN: 20160601173922.944598Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160601173922Z
|
||||
|
||||
dn: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||
dn: cn=nssauth,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: nssauth
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601174127Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160603093724.770069Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603093724Z
|
||||
|
||||
dn: cn=auth,ou=services,ou=groups,dc=example,dc=org
|
||||
dn: cn=auth,ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: groupOfNames
|
||||
cn: auth
|
||||
member: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||
member: cn=nssauth,ou=service-users,dc=example,dc=net
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601175413Z
|
||||
entryCSN: 20160620005705.309928Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160620005705Z
|
||||
|
||||
dn: ou=posix,ou=groups,dc=example,dc=org
|
||||
dn: ou=posix,ou=groups,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes de comptes POSIX
|
||||
ou: posix
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160603090455Z
|
||||
entryCSN: 20160603090455.267192Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603090455Z
|
||||
|
||||
dn: cn=wifi,ou=service-users,dc=example,dc=org
|
||||
dn: cn=wifi,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: wifi
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160603103452Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160603103638.682210Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603103638Z
|
||||
|
||||
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=org
|
||||
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: groupOfNames
|
||||
cn: usermgmt
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160603103732Z
|
||||
member: cn=wifi,ou=service-users,dc=example,dc=org
|
||||
member: cn=wifi,ou=service-users,dc=example,dc=net
|
||||
entryCSN: 20160603103746.897151Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603103746Z
|
||||
|
||||
dn: cn=replica,ou=service-users,dc=example,dc=org
|
||||
dn: cn=replica,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: replica
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160607101733Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160607101829.424643Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160607101829Z
|
||||
|
||||
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=org
|
||||
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: groupOfNames
|
||||
cn: readonly
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160607101846Z
|
||||
member: cn=replica,ou=service-users,dc=example,dc=org
|
||||
member: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||
member: cn=replica,ou=service-users,dc=example,dc=net
|
||||
member: cn=freeradius,ou=service-users,dc=example,dc=net
|
||||
entryCSN: 20160619214628.287369Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160619214628Z
|
||||
|
||||
|
|
|
@ -1108,35 +1108,35 @@ objectClass: olcDatabaseConfig
|
|||
objectClass: olcHdbConfig
|
||||
olcDatabase: {1}hdb
|
||||
olcDbDirectory: /var/lib/ldap
|
||||
olcSuffix: dc=example,dc=org
|
||||
olcSuffix: dc=example,dc=net
|
||||
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||
cn=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * no
|
||||
onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=net" read by group="
|
||||
cn=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * no
|
||||
ne
|
||||
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||
cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn
|
||||
=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * none
|
||||
onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=net" read by group="
|
||||
cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn
|
||||
=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * none
|
||||
olcAccess: {2}to dn.base="" by * read
|
||||
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=org" by group="cn=
|
||||
auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn=re
|
||||
adonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=org" by grou
|
||||
p="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by self r
|
||||
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=org"
|
||||
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=net" by group="cn=
|
||||
auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn=re
|
||||
adonly,ou=services,ou=groups,dc=example,dc=net" read
|
||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=net" by grou
|
||||
p="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by self r
|
||||
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=net"
|
||||
read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
|
||||
g" write
|
||||
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=org" by gro
|
||||
up="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group
|
||||
="cn=readonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||
olcAccess: {6}to dn.base="dc=example,dc=org" by * read
|
||||
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=org" write by self
|
||||
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=net" by gro
|
||||
up="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group
|
||||
="cn=readonly,ou=services,ou=groups,dc=example,dc=net" read
|
||||
olcAccess: {6}to dn.base="dc=example,dc=net" by * read
|
||||
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=net" write by self
|
||||
read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
|
||||
g" read
|
||||
olcLastMod: TRUE
|
||||
olcRootDN: cn=admin,dc=example,dc=org
|
||||
olcRootDN: cn=admin,dc=example,dc=net
|
||||
olcRootPW: FILL_IT
|
||||
olcDbCheckpoint: 512 30
|
||||
olcDbConfig: {0}set_cachesize 0 2097152 0
|
||||
|
|
|
@ -11,6 +11,7 @@ class Migration(migrations.Migration):
|
|||
|
||||
dependencies = [
|
||||
('machines', '0062_extension_origin_v6'),
|
||||
('reversion', '0001_squashed_0004_auto_20160611_1202')
|
||||
]
|
||||
|
||||
operations = [
|
||||
|
|
21
machines/migrations/0081_auto_20180515_2034.py
Normal file
21
machines/migrations/0081_auto_20180515_2034.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Generated by Django 1.10.7 on 2018-05-15 18:34
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import migrations, models
|
||||
import django.db.models.deletion
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('machines', '0080_auto_20180502_2334'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name='extension',
|
||||
name='soa',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.SOA'),
|
||||
),
|
||||
]
|
|
@ -1,4 +1,3 @@
|
|||
django-bootstrap3
|
||||
django-ldapdb==0.9.0
|
||||
django-macaddress
|
||||
python-dateutil
|
||||
pycrypto
|
|
@ -19,9 +19,8 @@
|
|||
# You should have received a copy of the GNU General Public License along
|
||||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
"""re2o.settings_locale.example
|
||||
The example settings_locale.py file with all the available
|
||||
options for a locale configuration of re2o
|
||||
"""re2o.settings_locale
|
||||
The file with all the available options for a locale configuration of re2o
|
||||
"""
|
||||
|
||||
from __future__ import unicode_literals
|
||||
|
@ -41,7 +40,7 @@ AES_KEY = 'A_SECRET_AES_KEY'
|
|||
DEBUG = False
|
||||
|
||||
# A list of admins of the services. Receive mails when an error occurs
|
||||
ADMINS = [('Example', 'rezo-admin@example.org')]
|
||||
ADMINS = [('Example', 'admin@example.net')]
|
||||
|
||||
# The list of hostname the server will respond to.
|
||||
ALLOWED_HOSTS = ['URL_SERVER']
|
||||
|
@ -81,16 +80,16 @@ SESSION_COOKIE_AGE = 60 * 60 * 3
|
|||
LOGO_PATH = "static_files/logo.png"
|
||||
|
||||
# The mail configuration for Re2o to send mails
|
||||
SERVER_EMAIL = 'no-reply@example.org' # The mail address to use
|
||||
SERVER_EMAIL = 'no-reply@example.net' # The mail address to use
|
||||
EMAIL_HOST = 'MY_EMAIL_HOST' # The host to use
|
||||
EMAIL_PORT = MY_EMAIL_PORT # The port to use
|
||||
|
||||
# Settings of the LDAP structure
|
||||
LDAP = {
|
||||
'base_user_dn': 'cn=Utilisateurs,dc=example,dc=org',
|
||||
'base_userservice_dn': 'ou=service-users,dc=example,dc=org',
|
||||
'base_usergroup_dn': 'ou=posix,ou=groups,dc=example,dc=org',
|
||||
'base_userservicegroup_dn': 'ou=services,ou=groups,dc=example,dc=org',
|
||||
'base_user_dn': 'cn=Utilisateurs,dc=example,dc=net',
|
||||
'base_userservice_dn': 'ou=service-users,dc=example,dc=net',
|
||||
'base_usergroup_dn': 'ou=posix,ou=groups,dc=example,dc=net',
|
||||
'base_userservicegroup_dn': 'ou=services,ou=groups,dc=example,dc=net',
|
||||
'user_gid': 500,
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue