mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-08 19:06:25 +00:00
Ajoute une fonction 'update-settings' + cleanup
This commit is contained in:
parent
7dda04e91d
commit
d2693173fa
4 changed files with 287 additions and 215 deletions
351
install_re2o.sh
351
install_re2o.sh
|
@ -4,6 +4,53 @@ SETTINGS_LOCAL_FILE='re2o/settings_local.py'
|
|||
SETTINGS_EXAMPLE_FILE='re2o/settings_local.example.py'
|
||||
|
||||
|
||||
VALUE= # global value used to return values by some functions
|
||||
|
||||
_ask_value() {
|
||||
### Usage _ask_value <text> [<option1> [<option2> ... ] ]
|
||||
#
|
||||
# This function is a utility function to force a user to enter a value
|
||||
# available in a set of options.
|
||||
#
|
||||
# Parameters:
|
||||
# * text: The text to display
|
||||
# * option#: A possible option for the user. If no option is specifed,
|
||||
# all inputs are considered valid
|
||||
#
|
||||
# Echo: The value entered by the user. Should be one of the choicesN if
|
||||
# not ommited
|
||||
###
|
||||
|
||||
shopt -s extglob
|
||||
|
||||
input_text="$1"
|
||||
shift
|
||||
if [ "$#" -ne 0 ]; then
|
||||
choices="("
|
||||
while [ "$#" -ne 1 ]; do
|
||||
choices+="$1|"
|
||||
shift
|
||||
done
|
||||
choices+="$1)"
|
||||
input_text+=" $choices: "
|
||||
choices="@$choices"
|
||||
else
|
||||
input_text+=": "
|
||||
choices="@(*)"
|
||||
fi
|
||||
|
||||
while true; do
|
||||
read -p "$input_text" choice
|
||||
case "$choice" in
|
||||
$choices ) break;;
|
||||
* ) echo "Invalid option";;
|
||||
esac
|
||||
done
|
||||
|
||||
VALUE="$choice"
|
||||
}
|
||||
|
||||
|
||||
|
||||
install_requirements() {
|
||||
### Usage: install_requirements
|
||||
|
@ -57,13 +104,13 @@ install_database() {
|
|||
|
||||
echo "Setting up the database ..."
|
||||
|
||||
engine_type=$1
|
||||
local_setup=$2
|
||||
db_name=$3
|
||||
username=$4
|
||||
password=$5
|
||||
engine_type="$1"
|
||||
local_setup="$2"
|
||||
db_name="$3"
|
||||
username="$4"
|
||||
password="$5"
|
||||
|
||||
if [ $engine_type == 1 ]; then
|
||||
if [ "$engine_type" == 1 ]; then
|
||||
|
||||
echo "Installing MySQL client ..."
|
||||
apt-get -y install python3-mysqldb mysql-client
|
||||
|
@ -74,7 +121,7 @@ install_database() {
|
|||
GRANT ALL PRIVILEGES ON $db_name.* TO '$username'@'localhost';
|
||||
FLUSH PRIVILEGES;"
|
||||
|
||||
if [ $local_setup == 1 ]; then
|
||||
if [ "$local_setup" == 1 ]; then
|
||||
echo "Setting up local MySQL server ..."
|
||||
apt-get -y install mysql-server
|
||||
mysql -u root --execute="$mysql_command"
|
||||
|
@ -102,7 +149,7 @@ install_database() {
|
|||
pgsql_command2="CREATE USER $username with password '$password';"
|
||||
pgsql_command3="ALTER DATABASE $db_name owner to $username;"
|
||||
|
||||
if [ $local_setup == 1 ]; then
|
||||
if [ "$local_setup" == 1 ]; then
|
||||
echo "Setting up local PostgreSQL server ..."
|
||||
apt-get -y install postgresql
|
||||
sudo -u postgres psql --command="$pgsql_command1"
|
||||
|
@ -131,38 +178,38 @@ install_database() {
|
|||
|
||||
|
||||
|
||||
install_active_directory() {
|
||||
### Usage: install_active_directory <local_setup> <password> <domain>
|
||||
install_ldap() {
|
||||
### Usage: install_ldap <local_setup> <password> <domain>
|
||||
#
|
||||
# This function will install the active directory
|
||||
# This function will install the LDAP
|
||||
#
|
||||
# Parameters:
|
||||
# * local_setup: Should the Active Directory be installed locally ?
|
||||
# * local_setup: Should the LDAP be installed locally ?
|
||||
# 1 = yes
|
||||
# 2 = no
|
||||
# * password: the clear password for the admin user of the LDAP
|
||||
# * domain: the domain extension to use for the LDAP structure in LDAP notation
|
||||
###
|
||||
|
||||
echo "Setting up the active direcory ..."
|
||||
echo "Setting up the LDAP ..."
|
||||
|
||||
local_setup=$1
|
||||
password=$2
|
||||
domain=$3
|
||||
local_setup="$1"
|
||||
password="$2"
|
||||
domain="$3"
|
||||
|
||||
if [ $local_setup == 1 ]; then
|
||||
if [ "$local_setup" == 1 ]; then
|
||||
|
||||
echo "Installing slapd package ..."
|
||||
apt-get -y install slapd
|
||||
echo "Installing slapd package: Done"
|
||||
|
||||
echo "Hashing the LDAP password ..."
|
||||
hashed_ldap_passwd=$(slappasswd -s $1)
|
||||
hashed_ldap_passwd="$(slappasswd -s $1)"
|
||||
echo "Hash of the password: $hashed_ldap_passwd"
|
||||
|
||||
echo "Building the LDAP config files ..."
|
||||
sed 's|dc=example,dc=org|'"$2"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
|
||||
sed 's|dc=example,dc=org|'"$2"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema
|
||||
sed 's|dc=example,dc=net|'"$2"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
|
||||
sed 's|dc=example,dc=net|'"$2"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema
|
||||
echo "Building the LDAP config files: Done"
|
||||
|
||||
echo "Stopping slapd service ..."
|
||||
|
@ -203,7 +250,7 @@ install_active_directory() {
|
|||
|
||||
fi
|
||||
|
||||
echo "Setting up the active directory: Done"
|
||||
echo "Setting up the LDAP: Done"
|
||||
}
|
||||
|
||||
|
||||
|
@ -223,13 +270,13 @@ write_settings_file() {
|
|||
# * sql_db_name: The name of the database itself
|
||||
# * sql_username: The user to use to access the database
|
||||
# * sql_password: The password to use to access the database
|
||||
# * ldap_cn: The CN entry for the Active Directory admin in LDAP notation
|
||||
# * ldap_tls: Should the TLS be activated to contact the Active Directory
|
||||
# * ldap_cn: The CN entry for the LDAP admin in LDAP notation
|
||||
# * ldap_tls: Should the TLS be activated to contact the LDAP
|
||||
# 1 = yes
|
||||
# 2 = no
|
||||
# * ldap_password: The password to use to connect to the Active Directoryy
|
||||
# * ldap_hostname: The hostname for contacting the Active Directory
|
||||
# * ldap_domain: The local domain for the Active Directory in LDAP notation
|
||||
# * ldap_password: The password to use to connect to the LDAP
|
||||
# * ldap_hostname: The hostname for contacting the LDAP
|
||||
# * ldap_domain: The local domain for the LDAP in LDAP notation
|
||||
# * email_hostname: The hostname for contacting the mail server
|
||||
# * email_port: The port for contacting the mail server
|
||||
# * extension: The extension to use
|
||||
|
@ -238,48 +285,48 @@ write_settings_file() {
|
|||
|
||||
echo "Writing of the settings_local.py file ..."
|
||||
|
||||
db_engine_type=$1
|
||||
sql_hostname=$2
|
||||
sql_db_name=$3
|
||||
sql_username=$4
|
||||
sql_password=$5
|
||||
ldap_cn=$6
|
||||
ldap_tls=$7
|
||||
ldap_password=$8
|
||||
ldap_hostname=$9
|
||||
ldap_domain=${10}
|
||||
email_hostname=${11}
|
||||
email_port=${12}
|
||||
extension=${13}
|
||||
url=${14}
|
||||
db_engine_type="$1"
|
||||
sql_hostname="$2"
|
||||
sql_db_name="$3"
|
||||
sql_username="$4"
|
||||
sql_password="$5"
|
||||
ldap_cn="$6"
|
||||
ldap_tls="$7"
|
||||
ldap_password="$8"
|
||||
ldap_hostname="$9"
|
||||
ldap_domain="${10}"
|
||||
email_hostname="${11}"
|
||||
email_port="${12}"
|
||||
extension="${13}"
|
||||
url="${14}"
|
||||
|
||||
cp $SETTINGS_EXAMPLE_FILE $SETTINGS_LOCAL_FILE
|
||||
cp "$SETTINGS_EXAMPLE_FILE" "$SETTINGS_LOCAL_FILE"
|
||||
|
||||
django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")
|
||||
aes_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(32)]))")
|
||||
django_secret_key="$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")"
|
||||
aes_key="$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(32)]))")"
|
||||
|
||||
if [ $db_engine_type == 1 ]; then
|
||||
sed -i 's/db_engine/django.db.backends.mysql/g' $SETTINGS_LOCAL_FILE
|
||||
if [ "$db_engine_type" == 1 ]; then
|
||||
sed -i 's/db_engine/django.db.backends.mysql/g' "$SETTINGS_LOCAL_FILE"
|
||||
else
|
||||
sed -i 's/db_engine/django.db.backends.postgresql_psycopg2/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/db_engine/django.db.backends.postgresql_psycopg2/g' "$SETTINGS_LOCAL_FILE"
|
||||
fi
|
||||
sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/A_SECRET_AES_KEY/'"$aes_key"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/db_name_value/'"$sql_db_name"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/db_user_value/'"$sql_username"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/db_host_value/'"$sql_hostname"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/ldap_dn/'"$ldap_cn"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/A_SECRET_AES_KEY/'"$aes_key"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/db_name_value/'"$sql_db_name"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/db_user_value/'"$sql_username"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/db_host_value/'"$sql_hostname"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/ldap_dn/'"$ldap_cn"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
if [ $ldap_tls == 2 ]; then
|
||||
sed -i "s/'TLS': True,/# 'TLS': True,#/g" $SETTINGS_LOCAL_FILE
|
||||
sed -i "s/'TLS': True,/# 'TLS': True,/g" "$SETTINGS_LOCAL_FILE"
|
||||
fi
|
||||
sed -i 's/SUPER_SECRET_LDAP/'"$ldap_password"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/ldap_host_ip/'"$ldap_hostname"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/dc=example,dc=org/'"$ldap_domain"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/example.org/'"$extension"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/MY_EMAIL_HOST/'"$email_hostname"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/MY_EMAIL_PORT/'"$email_port"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/URL_SERVER/'"$url"'/g' $SETTINGS_LOCAL_FILE
|
||||
sed -i 's/SUPER_SECRET_LDAP/'"$ldap_password"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/ldap_host_ip/'"$ldap_hostname"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/dc=example,dc=net/'"$ldap_domain"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/example.net/'"$extension"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/MY_EMAIL_HOST/'"$email_hostname"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/MY_EMAIL_PORT/'"$email_port"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
sed -i 's/URL_SERVER/'"$url"'/g' "$SETTINGS_LOCAL_FILE"
|
||||
|
||||
echo "Writing of the settings_local.py file: Done"
|
||||
}
|
||||
|
@ -335,11 +382,11 @@ install_webserver() {
|
|||
|
||||
echo "Setting up web server ..."
|
||||
|
||||
engine_type=$1
|
||||
tls=$2
|
||||
url=$3
|
||||
engine_type="$1"
|
||||
tls="$2"
|
||||
url="$3"
|
||||
|
||||
if [ $engine_type == 1 ]; then
|
||||
if [ "$engine_type" == 1 ]; then
|
||||
|
||||
echo "Setting up Apache2 web server ..."
|
||||
|
||||
|
@ -348,12 +395,12 @@ install_webserver() {
|
|||
a2enmod wsgi
|
||||
a2enconf javascript-common
|
||||
|
||||
if [ $tls == 1 ]; then
|
||||
if [ "$tls" == 1 ]; then
|
||||
echo "Setting up TLS with LE for Apache2 web server ..."
|
||||
cp install_utils/apache2/re2o-tls.conf /etc/apache2/sites-available/re2o.conf
|
||||
apt-get -y install certbot
|
||||
apt-get -y install python-certbot-apache
|
||||
certbot certonly --rsa-key-size 4096 --apache -d $url
|
||||
certbot certonly --rsa-key-size 4096 --apache -d "$url"
|
||||
sed -i 's/LE_PATH/'"$url"'/g' /etc/apache2/sites-available/re2o.conf
|
||||
echo "Setting up TLS with LE for Apache2 web server: Done"
|
||||
else
|
||||
|
@ -424,9 +471,9 @@ interactive_guide() {
|
|||
# Welcome prompt
|
||||
TITLE="Welcome"
|
||||
MSGBOX="This tool will help you setup re2o. It is highly recommended to use a Debian clean server for this operation."
|
||||
init=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
init="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --msgbox "$MSGBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
|
||||
|
||||
|
@ -441,9 +488,9 @@ interactive_guide() {
|
|||
MENU="Which engine should be used as the database ?"
|
||||
OPTIONS=(1 "mysql"
|
||||
2 "postgresql")
|
||||
sql_bdd_type=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
sql_bdd_type="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt for choosing the database location
|
||||
TITLE="SQL location"
|
||||
|
@ -452,31 +499,31 @@ interactive_guide() {
|
|||
* 'Remote' will ask you to manually perform some setup commands on the remote server"
|
||||
OPTIONS=(1 "Local"
|
||||
2 "Remote")
|
||||
sql_is_local=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
sql_is_local="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
if [ $sql_is_local == 2 ]; then
|
||||
# Prompt to enter the remote database hostname
|
||||
TITLE="SQL hostname"
|
||||
INPUTBOX="The hostname of the remote SQL database"
|
||||
sql_host=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
sql_host="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to enter the remote database name
|
||||
TITLE="SQL database name"
|
||||
INPUTBOX="The name of the remote SQL database"
|
||||
sql_name=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
sql_name="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to enter the remote database username
|
||||
TITLE="SQL username"
|
||||
INPUTBOX="The username to access the remote SQL database"
|
||||
sql_login=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
sql_login="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
clear
|
||||
else
|
||||
# Use of default values for local setup
|
||||
|
@ -488,17 +535,17 @@ interactive_guide() {
|
|||
# Prompt to enter the database password
|
||||
TITLE="SQL password"
|
||||
INPUTBOX="The password to access the SQL database"
|
||||
sql_password=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
sql_password="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
|
||||
|
||||
##############################
|
||||
## Active directory options ##
|
||||
##############################
|
||||
##################
|
||||
## LDAP options ##
|
||||
##################
|
||||
|
||||
BACKTITLE="Re2o setup - configuration of the active directory"
|
||||
BACKTITLE="Re2o setup - configuration of the LDAP"
|
||||
|
||||
# Prompt to choose the LDAP location
|
||||
TITLE="LDAP location"
|
||||
|
@ -507,16 +554,16 @@ interactive_guide() {
|
|||
* 'Remote' will ask you to manually perform some setup commands on the remote server"
|
||||
OPTIONS=(1 "Local"
|
||||
2 "Remote")
|
||||
ldap_is_local=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
ldap_is_local="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to enter the LDAP domain extension
|
||||
TITLE="Domain extension"
|
||||
INPUTBOX="The local domain extension to use (e.g. 'example.net'). This is used in the LDAP configuration."
|
||||
extension_locale=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
extension_locale="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
# Building the DN of the LDAP from the extension
|
||||
IFS='.' read -a extension_locale_array <<< $extension_locale
|
||||
|
@ -524,34 +571,34 @@ interactive_guide() {
|
|||
do
|
||||
ldap_dn+="dc=$i,"
|
||||
done
|
||||
ldap_dn=${ldap_dn::-1}
|
||||
ldap_dn="${ldap_dn::-1}"
|
||||
|
||||
if [ $ldap_is_local == 2 ]; then
|
||||
if [ "$ldap_is_local" == 2 ]; then
|
||||
# Prompt to enter the remote LDAP hostname
|
||||
TITLE="LDAP hostname"
|
||||
INPUTBOX="The hostname of the remote LDAP"
|
||||
ldap_host=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
ldap_host="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to choose if TLS should be activated or not for the LDAP
|
||||
TITLE="TLS on LDAP"
|
||||
MENU="Would you like to activate TLS for communicating with the remote LDAP ?"
|
||||
OPTIONS=(1 "Yes"
|
||||
2 "No")
|
||||
ldap_tls=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
ldap_tls="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --MENU "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to enter the admin's CN of the remote LDAP
|
||||
TITLE="CN of amdin user"
|
||||
INPUTBOX="The CN entry for the admin user of the remote LDAP"
|
||||
ldap_cn=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
ldap_cn="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
else
|
||||
ldap_cn="cn=admin,"
|
||||
ldap_cn+=$ldap_dn
|
||||
ldap_cn+="$ldap_dn"
|
||||
ldap_host="localhost"
|
||||
ldap_tls=2
|
||||
fi
|
||||
|
@ -559,9 +606,9 @@ interactive_guide() {
|
|||
# Prompt to enter the LDAP password
|
||||
TITLE="LDAP password"
|
||||
INPUTBOX="The password to access the LDAP"
|
||||
ldap_password=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
ldap_password="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
|
||||
|
||||
|
@ -574,9 +621,9 @@ interactive_guide() {
|
|||
# Prompt to enter the hostname of the mail server
|
||||
TITLE="Mail server hostname"
|
||||
INPUTBOX="The hostname of the mail server to use"
|
||||
email_host=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
email_host="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$TITLE" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to choose the port of the mail server
|
||||
TITLE="Mail server port"
|
||||
|
@ -584,9 +631,9 @@ interactive_guide() {
|
|||
OPTIONS=(25 "SMTP"
|
||||
465 "SMTPS"
|
||||
587 "Submission")
|
||||
email_port=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
email_port="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
|
||||
|
||||
|
@ -601,25 +648,25 @@ interactive_guide() {
|
|||
MENU="Which web server to install for accessing Re2o web frontend (automatic setup of nginx is not supported) ?"
|
||||
OPTIONS=(1 "apache2"
|
||||
2 "nginx")
|
||||
web_serveur=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
web_serveur="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to enter the requested URL for the web frontend
|
||||
TITLE="Web URL"
|
||||
INPUTBOX="URL for accessing the web server (e.g. re2o.example.net). Be sure that this URL is accessible and correspond to a DNS entry (if applicable)."
|
||||
url_server=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
url_server="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --inputbox "$INPUTBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
# Prompt to choose if the TLS should be setup or not for the web server
|
||||
TITLE="TLS on web server"
|
||||
MENU="Would you like to activate the TLS (with Let'Encrypt) on the web server ?"
|
||||
OPTIONS=(1 "Yes"
|
||||
2 "No")
|
||||
is_tls=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
is_tls="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT "${OPTIONS[@]}" 2>&1 >/dev/tty)"
|
||||
|
||||
|
||||
|
||||
|
@ -640,9 +687,9 @@ interactive_guide() {
|
|||
* Collect the statics for the web interface
|
||||
* Install and setup the requested web server
|
||||
* Install and setup a TLS certificate for the web server if requested"
|
||||
end_config=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
end_config="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --msgbox "$MSGBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
|
||||
clear
|
||||
|
||||
|
@ -654,20 +701,20 @@ interactive_guide() {
|
|||
|
||||
install_requirements
|
||||
|
||||
install_database $sql_bdd_type $sql_is_local $sql_name $sql_login $sql_password
|
||||
install_database "$sql_bdd_type" "$sql_is_local" "$sql_name" "$sql_login" "$sql_password"
|
||||
|
||||
install_active_directory $ldap_is_local $ldap_password $ldap_dn
|
||||
install_ldap "$ldap_is_local" "$ldap_password" "$ldap_dn"
|
||||
|
||||
|
||||
write_settings_file $sql_bdd_type $sql_host $sql_name $sql_login $sql_password \
|
||||
$ldap_cn $ldap_tls $ldap_password $ldap_host $ldap_dn \
|
||||
$email_host $email_port $extension_locale $url_server
|
||||
write_settings_file "$sql_bdd_type" "$sql_host" "$sql_name" "$sql_login" "$sql_password" \
|
||||
"$ldap_cn" "$ldap_tls" "$ldap_password" "$ldap_host" "$ldap_dn" \
|
||||
"$email_host" "$email_port" "$extension_locale" "$url_server"
|
||||
|
||||
update_django
|
||||
|
||||
create_superuser
|
||||
|
||||
install_webserver $web_serveur $is_tls $url_server
|
||||
install_webserver "$web_serveur" "$is_tls" "$url_server"
|
||||
|
||||
|
||||
|
||||
|
@ -680,9 +727,9 @@ interactive_guide() {
|
|||
# Prompt to inform the installation process is over
|
||||
TITLE="End of the setup"
|
||||
MSGBOX="You can now visit $url_server and connect with the credentials you just entered. This user hhas the superuser rights, meaning he can access and do everything."
|
||||
end=$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
end="$(dialog --clear --backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" --msgbox "$MSGBOX" \
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)
|
||||
$HEIGHT $WIDTH 2>&1 >/dev/tty)"
|
||||
}
|
||||
|
||||
|
||||
|
@ -694,6 +741,23 @@ interactive_update_settings() {
|
|||
# This function will take the parameters in the example settings file, retrieve the
|
||||
# existing parameters from the local settings file and ask the user for the missing parameters
|
||||
###
|
||||
_ask_value "Database engine" "mysql" "postgresql"; if [ "$VALUE" == "mysql" ]; then db_engine_type=1; else db_engine_type=2; fi
|
||||
_ask_value "Database hostname"; sql_hostname="$VALUE"
|
||||
_ask_value "Database name"; sql_db_name="$VALUE"
|
||||
_ask_value "Database username"; sql_username="$VALUE"
|
||||
_ask_value "Database password"; sql_password="$VALUE"
|
||||
_ask_value "LDAP hostname"; ldap_hostname="$VALUE"
|
||||
_ask_value "Activate TLS on LDAP" "yes" "no"; if [ "$VALUE" == "mysql" ]; then ldap_tls=1; else ldap_tls=2; fi
|
||||
_ask_value "LDAP domain (e.g. 'dc=example,dc=net')"; ldap_domain="$VALUE"
|
||||
_ask_value "LDAP admin CN entry (e.g. 'cn=admin,dc=example,dc=net')"; ldap_cn="$VALUE"
|
||||
_ask_value "LDAP password"; ldap_password="$VALUE"
|
||||
_ask_value "Mail server hostname"; email_hostname="$VALUE"
|
||||
_ask_value "Mail server port" "25" "465" "587"; email_port="$VALUE"
|
||||
_ask_value "Extension de domain (e.g. 'example.net')"; extension="$VALUE"
|
||||
_ask_value "Main URL"; url="$VALUE"
|
||||
write_settings_file "$db_engine_type" "$sql_hostname" "$sql_db_name" "$sql_username" "$sql_password" \
|
||||
"$ldap_cn" "$ldap_tls" "$ldap_password" "$ldap_hostname" "$ldap_domain" \
|
||||
"$email_hostname" "$email_port" "$extension" "$url"
|
||||
|
||||
}
|
||||
|
||||
|
@ -718,7 +782,7 @@ main_function() {
|
|||
###
|
||||
|
||||
if [ ! -z "$1" ]; then
|
||||
subcmd=$1
|
||||
subcmd="$1"
|
||||
|
||||
case "$subcmd" in
|
||||
|
||||
|
@ -726,53 +790,62 @@ main_function() {
|
|||
install_requirements
|
||||
update_django
|
||||
interactive_update_settings
|
||||
exit;;
|
||||
;;
|
||||
|
||||
update-django )
|
||||
update_django
|
||||
exit;;
|
||||
;;
|
||||
|
||||
update-packages )
|
||||
install_requirements
|
||||
exit;;
|
||||
;;
|
||||
|
||||
update-settings )
|
||||
interactive_update_settings
|
||||
exit;;
|
||||
;;
|
||||
|
||||
reset-db )
|
||||
if [ ! -z "$2" ]; then
|
||||
db_password=$2
|
||||
db_password="$2"
|
||||
case "$3" in
|
||||
mysql|mariadb )
|
||||
db_engine_type=1; break;;
|
||||
mysql )
|
||||
db_engine_type=1;;
|
||||
postresql )
|
||||
db_engine_type=2; break;;
|
||||
db_engine_type=2;;
|
||||
* )
|
||||
db_engine_type=1; break;;
|
||||
db_engine_type=1;;
|
||||
esac
|
||||
if [ ! -z "$4" ]; then db_name=$4; else db_name="re2o"; fi
|
||||
if [ ! -z "$5" ]; then db_username=$5; else db_username="re2o"; fi
|
||||
install_database $db_engine_type 1 $db_name $db_username $db_password
|
||||
if [ ! -z "$4" ]; then
|
||||
db_name="$4"
|
||||
else
|
||||
db_name="re2o"
|
||||
fi
|
||||
if [ ! -z "$5" ]; then
|
||||
db_username="$5"
|
||||
else
|
||||
db_username="re2o"
|
||||
fi
|
||||
install_database "$db_engine_type" 1 "$db_name" "$db_username" "$db_password"
|
||||
else
|
||||
echo "Invalid arguments !"
|
||||
echo "Usage: ./install_re2o.sh setup-db <db_password> [<db_engine_type>] [<db_name>] [<db_username>]"
|
||||
fi
|
||||
exit;;
|
||||
;;
|
||||
|
||||
reset-ldap )
|
||||
if [ ! -z "$2" ] && [ ! -z "$3" ]; then
|
||||
ldap_password=$2
|
||||
local_domain=$3
|
||||
install_active_directory 1 $ldap_password $local_domain
|
||||
ldap_password="$2"
|
||||
local_domain="$3"
|
||||
install_ldap 1 "$ldap_password" "$local_domain"
|
||||
else
|
||||
echo "Invalid arguments !"
|
||||
echo "Usage: ./install_re2o.sh setup-ldap <ldap_password> <local_domain>"
|
||||
fi
|
||||
exit;;
|
||||
;;
|
||||
|
||||
* )
|
||||
echo "Invalid";;
|
||||
echo "Invalid"
|
||||
;;
|
||||
|
||||
esac
|
||||
else
|
||||
|
|
|
@ -1,38 +1,38 @@
|
|||
dn: dc=example,dc=org
|
||||
dn: dc=example,dc=net
|
||||
o: rezo
|
||||
structuralObjectClass: organization
|
||||
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20150225150906Z
|
||||
description: ldap
|
||||
objectClass: top
|
||||
objectClass: dcObject
|
||||
objectClass: organization
|
||||
entryCSN: 20151003212702.245118Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20151003212702Z
|
||||
contextCSN: 20161004233332.689769Z#000000#000#000000
|
||||
|
||||
dn: cn=admin,dc=example,dc=org
|
||||
dn: cn=admin,dc=example,dc=net
|
||||
objectClass: simpleSecurityObject
|
||||
objectClass: organizationalRole
|
||||
cn: admin
|
||||
structuralObjectClass: organizationalRole
|
||||
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20150225150906Z
|
||||
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160604005945.576566Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160604005945Z
|
||||
|
||||
dn: cn=Utilisateurs,dc=example,dc=org
|
||||
dn: cn=Utilisateurs,dc=example,dc=net
|
||||
gidNumber: 500
|
||||
cn: Utilisateurs
|
||||
structuralObjectClass: posixGroup
|
||||
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20150226130856Z
|
||||
sambaSID: 500
|
||||
uid: Users
|
||||
|
@ -41,143 +41,143 @@ objectClass: top
|
|||
objectClass: sambaSamAccount
|
||||
objectClass: radiusprofile
|
||||
entryCSN: 20150226130950.194154Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20150226130950Z
|
||||
|
||||
dn: ou=groups,dc=example,dc=org
|
||||
dn: ou=groups,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes d'utilisateurs
|
||||
ou: groups
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160531142039Z
|
||||
entryCSN: 20160531142039.780151Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160531142039Z
|
||||
|
||||
dn: ou=services,ou=groups,dc=example,dc=org
|
||||
dn: ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes de comptes techniques
|
||||
ou: services
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601173411Z
|
||||
entryCSN: 20160601173411.088359Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160601173411Z
|
||||
|
||||
dn: ou=service-users,dc=example,dc=org
|
||||
dn: ou=service-users,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Utilisateurs techniques de l'annuaire
|
||||
ou: service-users
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601173602Z
|
||||
entryCSN: 20160601173602.683304Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160601173602Z
|
||||
|
||||
dn: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||
dn: cn=freeradius,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: freeradius
|
||||
userPassword: FILL_IT
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601173922Z
|
||||
entryCSN: 20160601173922.944598Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160601173922Z
|
||||
|
||||
dn: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||
dn: cn=nssauth,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: nssauth
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601174127Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160603093724.770069Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603093724Z
|
||||
|
||||
dn: cn=auth,ou=services,ou=groups,dc=example,dc=org
|
||||
dn: cn=auth,ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: groupOfNames
|
||||
cn: auth
|
||||
member: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||
member: cn=nssauth,ou=service-users,dc=example,dc=net
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160601175413Z
|
||||
entryCSN: 20160620005705.309928Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160620005705Z
|
||||
|
||||
dn: ou=posix,ou=groups,dc=example,dc=org
|
||||
dn: ou=posix,ou=groups,dc=example,dc=net
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes de comptes POSIX
|
||||
ou: posix
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160603090455Z
|
||||
entryCSN: 20160603090455.267192Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603090455Z
|
||||
|
||||
dn: cn=wifi,ou=service-users,dc=example,dc=org
|
||||
dn: cn=wifi,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: wifi
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160603103452Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160603103638.682210Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603103638Z
|
||||
|
||||
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=org
|
||||
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: groupOfNames
|
||||
cn: usermgmt
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160603103732Z
|
||||
member: cn=wifi,ou=service-users,dc=example,dc=org
|
||||
member: cn=wifi,ou=service-users,dc=example,dc=net
|
||||
entryCSN: 20160603103746.897151Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160603103746Z
|
||||
|
||||
dn: cn=replica,ou=service-users,dc=example,dc=org
|
||||
dn: cn=replica,ou=service-users,dc=example,dc=net
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: replica
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160607101733Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160607101829.424643Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160607101829Z
|
||||
|
||||
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=org
|
||||
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=net
|
||||
objectClass: groupOfNames
|
||||
cn: readonly
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=net
|
||||
createTimestamp: 20160607101846Z
|
||||
member: cn=replica,ou=service-users,dc=example,dc=org
|
||||
member: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||
member: cn=replica,ou=service-users,dc=example,dc=net
|
||||
member: cn=freeradius,ou=service-users,dc=example,dc=net
|
||||
entryCSN: 20160619214628.287369Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=net
|
||||
modifyTimestamp: 20160619214628Z
|
||||
|
||||
|
|
|
@ -1108,35 +1108,35 @@ objectClass: olcDatabaseConfig
|
|||
objectClass: olcHdbConfig
|
||||
olcDatabase: {1}hdb
|
||||
olcDbDirectory: /var/lib/ldap
|
||||
olcSuffix: dc=example,dc=org
|
||||
olcSuffix: dc=example,dc=net
|
||||
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||
cn=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * no
|
||||
onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=net" read by group="
|
||||
cn=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * no
|
||||
ne
|
||||
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||
cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn
|
||||
=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * none
|
||||
onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=net" read by group="
|
||||
cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn
|
||||
=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * none
|
||||
olcAccess: {2}to dn.base="" by * read
|
||||
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=org" by group="cn=
|
||||
auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn=re
|
||||
adonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=org" by grou
|
||||
p="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by self r
|
||||
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=org"
|
||||
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=net" by group="cn=
|
||||
auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn=re
|
||||
adonly,ou=services,ou=groups,dc=example,dc=net" read
|
||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=net" by grou
|
||||
p="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by self r
|
||||
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=net"
|
||||
read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
|
||||
g" write
|
||||
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=org" by gro
|
||||
up="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group
|
||||
="cn=readonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||
olcAccess: {6}to dn.base="dc=example,dc=org" by * read
|
||||
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=org" write by self
|
||||
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=net" by gro
|
||||
up="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group
|
||||
="cn=readonly,ou=services,ou=groups,dc=example,dc=net" read
|
||||
olcAccess: {6}to dn.base="dc=example,dc=net" by * read
|
||||
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=net" write by self
|
||||
read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
|
||||
g" read
|
||||
olcLastMod: TRUE
|
||||
olcRootDN: cn=admin,dc=example,dc=org
|
||||
olcRootDN: cn=admin,dc=example,dc=net
|
||||
olcRootPW: FILL_IT
|
||||
olcDbCheckpoint: 512 30
|
||||
olcDbConfig: {0}set_cachesize 0 2097152 0
|
||||
|
|
|
@ -19,9 +19,8 @@
|
|||
# You should have received a copy of the GNU General Public License along
|
||||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
"""re2o.settings_locale.example
|
||||
The example settings_locale.py file with all the available
|
||||
options for a locale configuration of re2o
|
||||
"""re2o.settings_locale
|
||||
The file with all the available options for a locale configuration of re2o
|
||||
"""
|
||||
|
||||
from __future__ import unicode_literals
|
||||
|
@ -41,7 +40,7 @@ AES_KEY = 'A_SECRET_AES_KEY'
|
|||
DEBUG = False
|
||||
|
||||
# A list of admins of the services. Receive mails when an error occurs
|
||||
ADMINS = [('Example', 'rezo-admin@example.org')]
|
||||
ADMINS = [('Example', 'admin@example.net')]
|
||||
|
||||
# The list of hostname the server will respond to.
|
||||
ALLOWED_HOSTS = ['URL_SERVER']
|
||||
|
@ -81,16 +80,16 @@ SESSION_COOKIE_AGE = 60 * 60 * 3
|
|||
LOGO_PATH = "static_files/logo.png"
|
||||
|
||||
# The mail configuration for Re2o to send mails
|
||||
SERVER_EMAIL = 'no-reply@example.org' # The mail address to use
|
||||
SERVER_EMAIL = 'no-reply@example.net' # The mail address to use
|
||||
EMAIL_HOST = 'MY_EMAIL_HOST' # The host to use
|
||||
EMAIL_PORT = MY_EMAIL_PORT # The port to use
|
||||
|
||||
# Settings of the LDAP structure
|
||||
LDAP = {
|
||||
'base_user_dn': 'cn=Utilisateurs,dc=example,dc=org',
|
||||
'base_userservice_dn': 'ou=service-users,dc=example,dc=org',
|
||||
'base_usergroup_dn': 'ou=posix,ou=groups,dc=example,dc=org',
|
||||
'base_userservicegroup_dn': 'ou=services,ou=groups,dc=example,dc=org',
|
||||
'base_user_dn': 'cn=Utilisateurs,dc=example,dc=net',
|
||||
'base_userservice_dn': 'ou=service-users,dc=example,dc=net',
|
||||
'base_usergroup_dn': 'ou=posix,ou=groups,dc=example,dc=net',
|
||||
'base_userservicegroup_dn': 'ou=services,ou=groups,dc=example,dc=net',
|
||||
'user_gid': 500,
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue