mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2025-01-12 03:04:30 +00:00
Script d'installation : prise en charge config apache...
This commit is contained in:
parent
36f67474ac
commit
58c4fcdcbf
5 changed files with 250 additions and 118 deletions
201
install_re2o.sh
201
install_re2o.sh
|
@ -1,16 +1,41 @@
|
|||
#!/bin/bash
|
||||
echo "Installation de Re2o !
|
||||
Cet utilitaire va procéder à l'installation initiale de re2o. Le serveur présent doit être vierge.
|
||||
Preconfiguration..."
|
||||
while true; do
|
||||
read -p "Moteur de bdd choisi (mysql ou postgresql)" sql_bdd_type
|
||||
case $sql_bdd_type in
|
||||
[mysql]* ) break;;
|
||||
[postgresql]* ) break;;
|
||||
* ) echo "Réponse incorrecte";;
|
||||
esac
|
||||
done
|
||||
|
||||
read -p "Extension locale (ex : example.org)" extension_locale
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
apt-get -y install dialog
|
||||
|
||||
HEIGHT=15
|
||||
WIDTH=40
|
||||
CHOICE_HEIGHT=4
|
||||
BACKTITLE="Preconfiguration re2o"
|
||||
MENU="Choisir une option"
|
||||
|
||||
TITLE="Choix du moteur bdd"
|
||||
OPTIONS=(1 "mysql"
|
||||
2 "postgresql")
|
||||
|
||||
sql_bdd_type=$(dialog --clear \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" \
|
||||
--menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||
"${OPTIONS[@]}" \
|
||||
2>&1 >/dev/tty)
|
||||
|
||||
clear
|
||||
|
||||
|
||||
TITLE="Extension locale (ex : example.org)"
|
||||
|
||||
extension_locale=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
|
||||
IFS='.' read -a extension_locale_array <<< $extension_locale
|
||||
|
||||
|
||||
|
@ -21,21 +46,49 @@ done
|
|||
ldap_dn=${ldap_dn::-1}
|
||||
echo $ldap_dn
|
||||
|
||||
while true; do
|
||||
read -p "Installer la base de donnée sql en local (Y/N)" sql_is_local
|
||||
case $sql_is_local in
|
||||
[N]* ) echo "Vous devrez fournir un login/mdp/host dans ce cas"; break;;
|
||||
[Y]* ) break;;
|
||||
* ) echo "Réponse incorrecte (Y/N)";;
|
||||
esac
|
||||
done
|
||||
TITLE="Emplacement de la bdd"
|
||||
OPTIONS=(1 "Local"
|
||||
2 "Distant")
|
||||
|
||||
read -p "Mot de passe sql " sql_password
|
||||
if [ $sql_is_local == "N" ]
|
||||
sql_is_local=$(dialog --clear \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" \
|
||||
--menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||
"${OPTIONS[@]}" \
|
||||
2>&1 >/dev/tty)
|
||||
|
||||
clear
|
||||
|
||||
TITLE="Mot de passe sql"
|
||||
|
||||
sql_password=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
|
||||
|
||||
if [ $sql_is_local == 2 ]
|
||||
then
|
||||
read -p "Login sql " sql_login
|
||||
read -p "Nom bdd sql " sql_name
|
||||
read -p "Hote de la base de donnée " sql_host
|
||||
TITLE="Login sql"
|
||||
sql_login=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
TITLE="Nom de la bdd sql"
|
||||
sql_name=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
TITLE="Hote de la base de donnée"
|
||||
sql_host=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
else
|
||||
sql_name="re2o"
|
||||
sql_login="re2o"
|
||||
|
@ -47,21 +100,41 @@ CREATE USER '$sql_login'@'localhost' IDENTIFIED BY '$sql_password';
|
|||
GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost';
|
||||
FLUSH PRIVILEGES;"
|
||||
|
||||
while true; do
|
||||
read -p "Installer la base de donnée ldap en local (Y/N)" ldap_is_local
|
||||
case $ldap_is_local in
|
||||
[N]* ) echo "Vous devrez fournir un login/mdp/host dans ce cas"; break;;
|
||||
[Y]* ) break;;
|
||||
* ) echo "Réponse incorrecte (Y/N)";;
|
||||
esac
|
||||
done
|
||||
|
||||
TITLE="Emplacement du ldap"
|
||||
OPTIONS=(1 "Local"
|
||||
2 "Distant")
|
||||
|
||||
read -p "Mot de passe ldap " ldap_password
|
||||
if [ $ldap_is_local == "N" ]
|
||||
ldap_is_local=$(dialog --clear \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" \
|
||||
--menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||
"${OPTIONS[@]}" \
|
||||
2>&1 >/dev/tty)
|
||||
|
||||
echo "Vous devrez fournir un login/host dans le cas où le ldap est non local"
|
||||
|
||||
TITLE="Mot de passe ldap"
|
||||
ldap_password=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
if [ $ldap_is_local == 2 ]
|
||||
then
|
||||
read -p "Cn admin à utiliser " ldap_cn
|
||||
read -p "Hote de la base de donnée (adresse ip seulement !)" ldap_host
|
||||
TITLE="Cn ldap admin"
|
||||
ldap_cn=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
TITLE="Hote ldap"
|
||||
ldap_host=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
else
|
||||
ldap_cn="cn=admin,"
|
||||
ldap_cn+=$ldap_dn
|
||||
|
@ -70,17 +143,17 @@ fi
|
|||
|
||||
|
||||
echo "Installation des paquets de base"
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev
|
||||
pip3 install django-bootstrap3
|
||||
pip3 install django-ldapdb
|
||||
pip3 install django-macaddress
|
||||
|
||||
if [ $sql_bdd_type == "mysql" ]
|
||||
if [ $sql_bdd_type == 1 ]
|
||||
then
|
||||
if [ $sql_is_local == "Y" ]
|
||||
if [ $sql_is_local == 1 ]
|
||||
then
|
||||
apt-get -y install mysql-server
|
||||
mysql -u root --execute="$sql_command"
|
||||
else
|
||||
echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez"
|
||||
echo $sql_command
|
||||
|
@ -95,24 +168,24 @@ then
|
|||
fi
|
||||
apt-get -y install python3-mysqldb mysql-client
|
||||
else
|
||||
if [ $sql_is_local == "Y" ]
|
||||
if [ $sql_is_local == 1 ]
|
||||
then
|
||||
apt-get -y install postgresql-server
|
||||
fi
|
||||
apt-get -y install postgresql-client
|
||||
fi
|
||||
|
||||
if [ $ldap_is_local == "Y" ]
|
||||
if [ $ldap_is_local == 1 ]
|
||||
then
|
||||
apt-get -y install slapd
|
||||
|
||||
echo "Hashage du mot de passe ldap..."
|
||||
hashed_ldap_passwd=$(slappasswd -s ldap_password)
|
||||
hashed_ldap_passwd=$(slappasswd -s $ldap_password)
|
||||
|
||||
echo $hashed_ldap_passwd
|
||||
echo "Formatage des fichiers de config ldap"
|
||||
sed 's/dc=example,dc=org/'"$ldap_dn"'/g' install_utils/db.ldiff | sed 's/FILL_IT/'"$hashed_ldap_passwd"'/g' > /tmp/db
|
||||
sed 's/dc=example,dc=org/'"$ldap_dn"'/g' install_utils/schema.ldiff | sed 's/FILL_IT/'"$hashed_ldap_passwd"'/g' > /tmp/schema
|
||||
sed 's|dc=example,dc=org|'"$ldap_dn"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
|
||||
sed 's|dc=example,dc=org|'"$ldap_dn"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema
|
||||
|
||||
echo "Destruction config ldap existante"
|
||||
service slapd stop
|
||||
|
@ -135,10 +208,10 @@ fi
|
|||
|
||||
echo "Ecriture de settings_local"
|
||||
|
||||
django_secret_key=$(python -c 'import random; import string; print "".join([random.SystemRandom().choice(string.digits + string.letters + string.punctuation) for i in range(100)])')
|
||||
django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")
|
||||
|
||||
cp re2o/settings_local.example.py re2o/settings_local.py
|
||||
#sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py
|
||||
sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py
|
||||
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' re2o/settings_local.py
|
||||
sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py
|
||||
sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py
|
||||
|
@ -150,5 +223,43 @@ sed -i 's/dc=example,dc=org/'"$ldap_dn"'/g' re2o/settings_local.py
|
|||
sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py
|
||||
|
||||
echo "Application des migrations"
|
||||
#python3 manage.py migrate
|
||||
python3 manage.py migrate
|
||||
|
||||
echo "Collecte des statics"
|
||||
python3 manage.py collectstatics
|
||||
|
||||
BACKTITLE="Fin de l'installation"
|
||||
TITLE="Serveur web à utiliser"
|
||||
OPTIONS=(1 "apache2"
|
||||
2 "nginx")
|
||||
|
||||
web_serveur=$(dialog --clear \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--title "$TITLE" \
|
||||
--menu "$MENU" \
|
||||
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||
"${OPTIONS[@]}" \
|
||||
2>&1 >/dev/tty)
|
||||
|
||||
clear
|
||||
|
||||
TITLE="Url où servir le serveur web (ex : re2o.example.org)"
|
||||
url_server=$(dialog --title "$TITLE" \
|
||||
--backtitle "$BACKTITLE" \
|
||||
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||
2>&1 >/dev/tty)
|
||||
clear
|
||||
|
||||
if [ $web_serveur == 1 ]
|
||||
then
|
||||
apt-get -y install apache2 libapache2-mod-wsgi-py3
|
||||
cp install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf
|
||||
sed -i 's/URL_SERVER/'"$url_server"'/g' /etc/apache2/sites-available/re2o.conf
|
||||
current_path=$(pwd)
|
||||
sed -i 's|PATH|'"$current_path"'|g' /etc/apache2/sites-available/re2o.conf
|
||||
a2ensite re2o
|
||||
service apache2 reload
|
||||
else
|
||||
echo "Nginx non supporté, vous devrez installer manuellement"
|
||||
fi
|
||||
|
||||
|
|
22
install_utils/apache2/re2o.conf
Normal file
22
install_utils/apache2/re2o.conf
Normal file
|
@ -0,0 +1,22 @@
|
|||
<VirtualHost *:80>
|
||||
ServerName URL_SERVER
|
||||
|
||||
LogLevel warn
|
||||
ErrorLog ${APACHE_LOG_DIR}/re2o-error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/re2o-access.log combined
|
||||
|
||||
<Directory />
|
||||
AuthType Basic
|
||||
AuthName "Password Required"
|
||||
AuthUserFile /usr/local/password
|
||||
Require valid-user
|
||||
#Require all granted
|
||||
</Directory>
|
||||
|
||||
Alias /static PATH/static_files
|
||||
|
||||
WSGIScriptAlias / PATH/re2o/wsgi.py
|
||||
WSGIProcessGroup re2o
|
||||
WSGIDaemonProcess re2o processes=2 threads=16 maximum-requests=1000 display-name=re2o
|
||||
|
||||
</VirtualHost>
|
|
@ -1,39 +1,38 @@
|
|||
dn: dc=ldap,dc=example,dc=org
|
||||
dn: dc=example,dc=org
|
||||
o: rezo
|
||||
dc: ldap
|
||||
structuralObjectClass: organization
|
||||
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20150225150906Z
|
||||
description: ldap
|
||||
objectClass: top
|
||||
objectClass: dcObject
|
||||
objectClass: organization
|
||||
entryCSN: 20151003212702.245118Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20151003212702Z
|
||||
contextCSN: 20161004233332.689769Z#000000#000#000000
|
||||
|
||||
dn: cn=admin,dc=ldap,dc=example,dc=org
|
||||
dn: cn=admin,dc=example,dc=org
|
||||
objectClass: simpleSecurityObject
|
||||
objectClass: organizationalRole
|
||||
cn: admin
|
||||
structuralObjectClass: organizationalRole
|
||||
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20150225150906Z
|
||||
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160604005945.576566Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160604005945Z
|
||||
|
||||
dn: cn=Utilisateurs,dc=ldap,dc=example,dc=org
|
||||
dn: cn=Utilisateurs,dc=example,dc=org
|
||||
gidNumber: 500
|
||||
cn: Utilisateurs
|
||||
structuralObjectClass: posixGroup
|
||||
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20150226130856Z
|
||||
sambaSID: 500
|
||||
uid: Users
|
||||
|
@ -42,143 +41,143 @@ objectClass: top
|
|||
objectClass: sambaSamAccount
|
||||
objectClass: radiusprofile
|
||||
entryCSN: 20150226130950.194154Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20150226130950Z
|
||||
|
||||
dn: ou=groups,dc=ldap,dc=example,dc=org
|
||||
dn: ou=groups,dc=example,dc=org
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes d'utilisateurs
|
||||
ou: groups
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160531142039Z
|
||||
entryCSN: 20160531142039.780151Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160531142039Z
|
||||
|
||||
dn: ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
||||
dn: ou=services,ou=groups,dc=example,dc=org
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes de comptes techniques
|
||||
ou: services
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160601173411Z
|
||||
entryCSN: 20160601173411.088359Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160601173411Z
|
||||
|
||||
dn: ou=service-users,dc=ldap,dc=example,dc=org
|
||||
dn: ou=service-users,dc=example,dc=org
|
||||
objectClass: organizationalUnit
|
||||
description: Utilisateurs techniques de l'annuaire
|
||||
ou: service-users
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160601173602Z
|
||||
entryCSN: 20160601173602.683304Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160601173602Z
|
||||
|
||||
dn: cn=freeradius,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
dn: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: freeradius
|
||||
userPassword: FILL_IT
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160601173922Z
|
||||
entryCSN: 20160601173922.944598Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160601173922Z
|
||||
|
||||
dn: cn=nssauth,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
dn: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: nssauth
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160601174127Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160603093724.770069Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160603093724Z
|
||||
|
||||
dn: cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
||||
dn: cn=auth,ou=services,ou=groups,dc=example,dc=org
|
||||
objectClass: groupOfNames
|
||||
cn: auth
|
||||
member: cn=nssauth,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
member: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160601175413Z
|
||||
entryCSN: 20160620005705.309928Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160620005705Z
|
||||
|
||||
dn: ou=posix,ou=groups,dc=ldap,dc=example,dc=org
|
||||
dn: ou=posix,ou=groups,dc=example,dc=org
|
||||
objectClass: organizationalUnit
|
||||
description: Groupes de comptes POSIX
|
||||
ou: posix
|
||||
structuralObjectClass: organizationalUnit
|
||||
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160603090455Z
|
||||
entryCSN: 20160603090455.267192Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160603090455Z
|
||||
|
||||
dn: cn=wifi,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
dn: cn=wifi,ou=service-users,dc=example,dc=org
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: wifi
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160603103452Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160603103638.682210Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160603103638Z
|
||||
|
||||
dn: cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
||||
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=org
|
||||
objectClass: groupOfNames
|
||||
cn: usermgmt
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160603103732Z
|
||||
member: cn=wifi,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
member: cn=wifi,ou=service-users,dc=example,dc=org
|
||||
entryCSN: 20160603103746.897151Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160603103746Z
|
||||
|
||||
dn: cn=replica,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
dn: cn=replica,ou=service-users,dc=example,dc=org
|
||||
objectClass: applicationProcess
|
||||
objectClass: simpleSecurityObject
|
||||
cn: replica
|
||||
structuralObjectClass: applicationProcess
|
||||
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160607101733Z
|
||||
userPassword: FILL_IT
|
||||
entryCSN: 20160607101829.424643Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160607101829Z
|
||||
|
||||
dn: cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
||||
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=org
|
||||
objectClass: groupOfNames
|
||||
cn: readonly
|
||||
structuralObjectClass: groupOfNames
|
||||
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
creatorsName: cn=admin,dc=example,dc=org
|
||||
createTimestamp: 20160607101846Z
|
||||
member: cn=replica,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
member: cn=freeradius,ou=service-users,dc=ldap,dc=example,dc=org
|
||||
member: cn=replica,ou=service-users,dc=example,dc=org
|
||||
member: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||
entryCSN: 20160619214628.287369Z#000000#000#000000
|
||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
||||
modifiersName: cn=admin,dc=example,dc=org
|
||||
modifyTimestamp: 20160619214628Z
|
||||
|
||||
|
|
|
@ -1108,35 +1108,35 @@ objectClass: olcDatabaseConfig
|
|||
objectClass: olcHdbConfig
|
||||
olcDatabase: {1}hdb
|
||||
olcDbDirectory: /var/lib/ldap
|
||||
olcSuffix: dc=ldap,dc=example,dc=org
|
||||
olcSuffix: dc=example,dc=org
|
||||
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
||||
onymous auth by dn="cn=admin,dc=ldap,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="
|
||||
cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org" write by * no
|
||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||
cn=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * no
|
||||
ne
|
||||
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
||||
onymous auth by dn="cn=admin,dc=ldap,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="
|
||||
cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="cn
|
||||
=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org" write by * none
|
||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||
cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn
|
||||
=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * none
|
||||
olcAccess: {2}to dn.base="" by * read
|
||||
olcAccess: {3}to dn.sub="ou=groups,dc=ldap,dc=example,dc=org" by group="cn=
|
||||
auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="cn=re
|
||||
adonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read
|
||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=ldap,dc=example,dc=org" by grou
|
||||
p="cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by self r
|
||||
ead by group="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org"
|
||||
read by group="cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=or
|
||||
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=org" by group="cn=
|
||||
auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn=re
|
||||
adonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=org" by grou
|
||||
p="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by self r
|
||||
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=org"
|
||||
read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
|
||||
g" write
|
||||
olcAccess: {5}to dn.sub="ou=service-users,dc=ldap,dc=example,dc=org" by gro
|
||||
up="cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group
|
||||
="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read
|
||||
olcAccess: {6}to dn.base="dc=ldap,dc=example,dc=org" by * read
|
||||
olcAccess: {7}to * by dn="cn=admin,dc=ldap,dc=example,dc=org" write by self
|
||||
read by group="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=or
|
||||
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=org" by gro
|
||||
up="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group
|
||||
="cn=readonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||
olcAccess: {6}to dn.base="dc=example,dc=org" by * read
|
||||
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=org" write by self
|
||||
read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
|
||||
g" read
|
||||
olcLastMod: TRUE
|
||||
olcRootDN: cn=admin,dc=ldap,dc=example,dc=org
|
||||
olcRootDN: cn=admin,dc=example,dc=org
|
||||
olcRootPW: FILL_IT
|
||||
olcDbCheckpoint: 512 30
|
||||
olcDbConfig: {0}set_cachesize 0 2097152 0
|
||||
|
|
|
@ -65,10 +65,10 @@ EMAIL_HOST = 'smtp.example.org'
|
|||
|
||||
# Reglages pour la bdd ldap
|
||||
LDAP = {
|
||||
'base_user_dn' : 'cn=Utilisateurs,dc=ldap,dc=example,dc=org',
|
||||
'base_userservice_dn' : 'ou=service-users,dc=ldap,dc=example,dc=org',
|
||||
'base_usergroup_dn' : 'ou=posix,ou=groups,dc=ldap,dc=example,dc=org',
|
||||
'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=ldap,dc=example,dc=org',
|
||||
'base_user_dn' : 'cn=Utilisateurs,dc=example,dc=org',
|
||||
'base_userservice_dn' : 'ou=service-users,dc=example,dc=org',
|
||||
'base_usergroup_dn' : 'ou=posix,ou=groups,dc=example,dc=org',
|
||||
'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=example,dc=org',
|
||||
'user_gid' : 500,
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue