mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-12-25 00:13:45 +00:00
Merge branch 'Fix_install_re2o' into 'master'
Fix install re2o Closes #122 See merge request federez/re2o!163
This commit is contained in:
commit
acb41cf375
10 changed files with 975 additions and 684 deletions
41
CHANGELOG.md
41
CHANGELOG.md
|
@ -1,13 +1,32 @@
|
||||||
Datepicker
|
## MR 160: Datepicker
|
||||||
=======
|
|
||||||
Install libjs-jquery
|
Install libjs-jquery libjs-jquery-ui libjs-jquery-timepicker libjs-bootstrap javascript-common
|
||||||
Install libjs-jquery-ui
|
```
|
||||||
Install libjs-jquery-timepicker
|
apt-get -y install \
|
||||||
Install libjs-bootstrap
|
libjs-jquery \
|
||||||
Install (if not) javascript-common
|
libjs-jquery-ui \
|
||||||
Enable (if not) javascript-common conf
|
libjs-jquery-timepicker \
|
||||||
|
libjs-bootstrap \
|
||||||
|
javascript-common
|
||||||
|
```
|
||||||
|
Enable javascript-common conf
|
||||||
|
```
|
||||||
|
a2enconf javascript-common
|
||||||
|
```
|
||||||
|
|
||||||
Delete old jquery files :
|
Delete old jquery files :
|
||||||
rm -rf static_files/js/jquery-ui-*
|
```
|
||||||
rm -rf static_files/js/jquery-2.2.4.min.js
|
rm -r static_files/js/jquery-ui-*
|
||||||
static/css/jquery-ui-timepicker-addon.css
|
rm static_files/js/jquery-2.2.4.min.js
|
||||||
|
rm static/css/jquery-ui-timepicker-addon.css
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## MR 163: Fix install re2o
|
||||||
|
|
||||||
|
Refactored install_re2o.sh script.
|
||||||
|
* There are more tools available with it but some fucntion have changed, report to [the dedicated wiki page](for more informations) or run:
|
||||||
|
```
|
||||||
|
install_re2o.sh help
|
||||||
|
```
|
||||||
|
* The installation templates (LDIF files and `re2o/settings_locale.example.py`) have been changed to use `example.net` instead of `example.org` (more neutral and generic)
|
||||||
|
|
161
README.md
161
README.md
|
@ -18,165 +18,10 @@ le réseau (adhérent à jour de cotisation).
|
||||||
|
|
||||||
# Installation
|
# Installation
|
||||||
|
|
||||||
## Installation des dépendances
|
Un tutoriel pour installer le projet est disponible [sur le wiki](https://gitlab.federez.net/federez/re2o/wikis/User%20Documentation/Quick%20Start).
|
||||||
|
|
||||||
L'installation comporte 3 partie : le serveur web où se trouve le depot re2o
|
# Installations Optionnelles
|
||||||
ainsi que toutes ses dépendances, le serveur bdd (mysql ou pgsql) et le
|
## Générer le schéma des dépendances
|
||||||
serveur ldap. Ces 3 serveurs peuvent en réalité être la même machine, ou séparés
|
|
||||||
(recommandé en production).
|
|
||||||
Le serveur web sera nommé serveur A, le serveur bdd serveur B et le serveur ldap
|
|
||||||
serveur C.
|
|
||||||
|
|
||||||
### Prérequis sur le serveur A
|
|
||||||
|
|
||||||
Voici la liste des dépendances à installer sur le serveur principal (A).
|
|
||||||
|
|
||||||
### Avec apt :
|
|
||||||
|
|
||||||
#### Sous debian 9
|
|
||||||
|
|
||||||
Paquets obligatoires:
|
|
||||||
* python3-django (1.10, stretch)
|
|
||||||
* python3-dateutil (stretch)
|
|
||||||
* texlive-latex-base (stretch)
|
|
||||||
* texlive-fonts-recommended (strech)
|
|
||||||
* python3-djangorestframework (stretch)
|
|
||||||
* python3-django-reversion (stretch)
|
|
||||||
* python3-pip (stretch)
|
|
||||||
|
|
||||||
Paquet recommandés:
|
|
||||||
* python3-django-extensions (stretch)
|
|
||||||
|
|
||||||
|
|
||||||
### Autres dépendances :
|
|
||||||
|
|
||||||
Paquets préalables à installer avec apt :
|
|
||||||
* libsasl2-dev (stable)
|
|
||||||
* libldap2-dev (stable)
|
|
||||||
* libssl-dev (stable)
|
|
||||||
|
|
||||||
Avec pip3 (pip3 install):
|
|
||||||
* django-bootstrap3
|
|
||||||
* django-ldapdb
|
|
||||||
* django-macaddress
|
|
||||||
|
|
||||||
Moteur de db conseillé (mysql), postgresql fonctionne également.
|
|
||||||
Pour mysql, il faut installer :
|
|
||||||
* python3-mysqldb
|
|
||||||
* mysql-client
|
|
||||||
|
|
||||||
### Prérequis sur le serveur B
|
|
||||||
|
|
||||||
Sur le serveur B, installer mysql ou postgresql, dans la version stretch.
|
|
||||||
* mysql-server (stretch) ou postgresql (stretch)
|
|
||||||
|
|
||||||
### Prérequis sur le serveur C
|
|
||||||
Sur le serveur C (ldap), avec apt :
|
|
||||||
* slapd (stretch)
|
|
||||||
|
|
||||||
### Installation sur le serveur principal A
|
|
||||||
|
|
||||||
Cloner le dépot re2o à partir du gitlab, par exemple dans /var/www/re2o.
|
|
||||||
Ensuite, il faut créer le fichier settings_local.py dans le sous dossier re2o,
|
|
||||||
un settings_local.example.py est présent. Les options sont commentées, et des
|
|
||||||
options par défaut existent.
|
|
||||||
|
|
||||||
En particulier, il est nécessaire de générer un login/mdp admin pour le ldap et
|
|
||||||
un login/mdp pour l'utilisateur sql (cf ci-dessous), à mettre dans
|
|
||||||
settings_local.py
|
|
||||||
|
|
||||||
### Installation du serveur mysql/postgresql sur B
|
|
||||||
|
|
||||||
Sur le serveur mysql ou postgresl, il est nécessaire de créer une base de
|
|
||||||
donnée re2o, ainsi qu'un user re2o et un mot de passe associé.
|
|
||||||
Ne pas oublier de faire écouter le serveur mysql ou postgresql avec les acl
|
|
||||||
nécessaire pour que A puisse l'utiliser.
|
|
||||||
|
|
||||||
#### Mysql
|
|
||||||
Voici les étapes à éxecuter pour mysql :
|
|
||||||
* CREATE DATABASE re2o collate='utf8_general_ci';
|
|
||||||
* CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'password';
|
|
||||||
* GRANT ALL PRIVILEGES ON re2o.* TO 'newuser'@'localhost';
|
|
||||||
* FLUSH PRIVILEGES;
|
|
||||||
|
|
||||||
#### Postgresql
|
|
||||||
* CREATE DATABASE re2o ENCODING 'UTF8' LC_COLLATE='fr_FR.UTF-8'
|
|
||||||
LC_CTYPE='fr_FR.UTF-8';
|
|
||||||
* CREATE USER newuser with password 'password';
|
|
||||||
* ALTER DATABASE re2o owner to newuser;
|
|
||||||
|
|
||||||
Si les serveurs A et B ne sont pas la même machine, il est nécessaire de
|
|
||||||
remplacer localhost par l'ip avec laquelle A contacte B dans les commandes
|
|
||||||
du dessus.
|
|
||||||
Une fois ces commandes effectuées, ne pas oublier de vérifier que newuser et
|
|
||||||
password sont présents dans settings_local.py
|
|
||||||
|
|
||||||
### Installation du serveur ldap sur le serveur C
|
|
||||||
|
|
||||||
Ceci se fait en plusieurs étapes :
|
|
||||||
* générer un login/mdp administrateur (par example mkpasswd sous debian)
|
|
||||||
* Copier depuis re2o/install_utils (dans le dépot re2o) les fichiers db.ldiff
|
|
||||||
et schema.ldiff (normalement sur le serveur A) sur le serveur C
|
|
||||||
(par ex dans /tmp)
|
|
||||||
* Hasher le mot de passe généré en utilisant la commande slappasswd
|
|
||||||
(installée par slapd)
|
|
||||||
* Remplacer toutes les sections FILL_IN par le hash dans schema.ldiff et
|
|
||||||
db.ldiff
|
|
||||||
* Remplacer dans schema.ldiff et db.ldiff 'dc=example,dc=org' par le
|
|
||||||
suffixe de l'organisation
|
|
||||||
* Arréter slapd
|
|
||||||
* Supprimer les données existantes : '''rm -rf /etc/ldap/slapd.d/*''' et
|
|
||||||
'''rm -rf /var/lib/ldap/*'''
|
|
||||||
* Injecter le nouveau schéma :
|
|
||||||
'''slapadd -n 0 -l schema.ldiff -F /etc/ldap/slapd.d/''' et
|
|
||||||
'''slapadd -n 1 -l db.ldiff'''
|
|
||||||
* Réparer les permissions (chown -R openldap:openldap /etc/ldap/slapd.d et
|
|
||||||
chown -R openldap:openldap /var/lib/ldap) puis relancer slapd
|
|
||||||
|
|
||||||
Pour visualiser et éditer le ldap, l'utilisation de shelldap est fortement
|
|
||||||
recommandée, en utilisant en binddn et basedn tous deux égaux à 'cn=config' et
|
|
||||||
binddpw le mot de passe admin.
|
|
||||||
|
|
||||||
Rajouter (exemple de chemin de fichier avec un certif LE):
|
|
||||||
`olcTLSCertificateKeyFile: /etc/letsencrypt/live/HOSTNAME/privkey.pem
|
|
||||||
olcTLSCACertificateFile: /etc/letsencrypt/live/HOSTNAME/chain.pem
|
|
||||||
olcTLSCertificateFile: /etc/letsencrypt/live/HOSTNAME/cert.pem `
|
|
||||||
|
|
||||||
Mettre à jour la partie ldap du `settings_local.py` (mettre 'TLS' à True
|
|
||||||
si besoin, user cn=config,dc=example,dc=org et mot de passe
|
|
||||||
ldap choisi précédemment).
|
|
||||||
|
|
||||||
## Configuration initiale
|
|
||||||
|
|
||||||
Normalement à cette étape, le ldap et la bdd sql sont configurées correctement.
|
|
||||||
|
|
||||||
Il faut alors lancer dans le dépot re2o '''python3 manage.py migrate''' qui
|
|
||||||
va structurer initialement la base de données.
|
|
||||||
Les migrations sont normalement comitées au fur et à mesure, néanmoins cette
|
|
||||||
étape peut crasher, merci de reporter les bugs.
|
|
||||||
|
|
||||||
## Démarer le site web
|
|
||||||
|
|
||||||
Il faut utiliser un moteur pour servir le site web. Nginx ou apache2 sont
|
|
||||||
recommandés.
|
|
||||||
Pour apache2 :
|
|
||||||
* apt install apache2
|
|
||||||
* apt install libapache2-mod-wsgi-py3 (pour le module wsgi)
|
|
||||||
|
|
||||||
Un example de site apache2 se trouve dans install_utils ( re2o.conf)
|
|
||||||
re2o/wsgi.py permet de fonctionner avec apache2 en production
|
|
||||||
|
|
||||||
## Configuration avancée
|
|
||||||
|
|
||||||
Une fois démaré, le site web devrait être accessible.
|
|
||||||
Pour créer un premier user, faire '''python3 manage.py createsuperuser'''
|
|
||||||
qui va alors créer un user admin.
|
|
||||||
Il est conseillé de créer un user portant le nom de
|
|
||||||
l'association/organisation, qui possedera l'ensemble des machines, à indiquer
|
|
||||||
dans le menu reglages sur l'interface.
|
|
||||||
|
|
||||||
## Installations Optionnelles
|
|
||||||
### Générer le schéma des dépendances
|
|
||||||
|
|
||||||
Pour cela :
|
Pour cela :
|
||||||
* apt install python3-django-extensions
|
* apt install python3-django-extensions
|
||||||
|
|
16
apt_requirements.txt
Normal file
16
apt_requirements.txt
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
python3-django
|
||||||
|
python3-dateutil
|
||||||
|
texlive-latex-base
|
||||||
|
texlive-fonts-recommended
|
||||||
|
python3-djangorestframework
|
||||||
|
python3-django-reversion
|
||||||
|
python3-pip
|
||||||
|
libsasl2-dev libldap2-dev
|
||||||
|
libssl-dev
|
||||||
|
python3-crypto
|
||||||
|
python3-git
|
||||||
|
javascript-common
|
||||||
|
libjs-jquery
|
||||||
|
libjs-jquery-ui
|
||||||
|
libjs-jquery-timepicker
|
||||||
|
libjs-bootstrap
|
1157
install_re2o.sh
1157
install_re2o.sh
File diff suppressed because it is too large
Load diff
|
@ -1,38 +1,38 @@
|
||||||
dn: dc=example,dc=org
|
dn: dc=example,dc=net
|
||||||
o: rezo
|
o: rezo
|
||||||
structuralObjectClass: organization
|
structuralObjectClass: organization
|
||||||
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20150225150906Z
|
createTimestamp: 20150225150906Z
|
||||||
description: ldap
|
description: ldap
|
||||||
objectClass: top
|
objectClass: top
|
||||||
objectClass: dcObject
|
objectClass: dcObject
|
||||||
objectClass: organization
|
objectClass: organization
|
||||||
entryCSN: 20151003212702.245118Z#000000#000#000000
|
entryCSN: 20151003212702.245118Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20151003212702Z
|
modifyTimestamp: 20151003212702Z
|
||||||
contextCSN: 20161004233332.689769Z#000000#000#000000
|
contextCSN: 20161004233332.689769Z#000000#000#000000
|
||||||
|
|
||||||
dn: cn=admin,dc=example,dc=org
|
dn: cn=admin,dc=example,dc=net
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
objectClass: organizationalRole
|
objectClass: organizationalRole
|
||||||
cn: admin
|
cn: admin
|
||||||
structuralObjectClass: organizationalRole
|
structuralObjectClass: organizationalRole
|
||||||
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20150225150906Z
|
createTimestamp: 20150225150906Z
|
||||||
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160604005945.576566Z#000000#000#000000
|
entryCSN: 20160604005945.576566Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160604005945Z
|
modifyTimestamp: 20160604005945Z
|
||||||
|
|
||||||
dn: cn=Utilisateurs,dc=example,dc=org
|
dn: cn=Utilisateurs,dc=example,dc=net
|
||||||
gidNumber: 500
|
gidNumber: 500
|
||||||
cn: Utilisateurs
|
cn: Utilisateurs
|
||||||
structuralObjectClass: posixGroup
|
structuralObjectClass: posixGroup
|
||||||
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20150226130856Z
|
createTimestamp: 20150226130856Z
|
||||||
sambaSID: 500
|
sambaSID: 500
|
||||||
uid: Users
|
uid: Users
|
||||||
|
@ -41,143 +41,143 @@ objectClass: top
|
||||||
objectClass: sambaSamAccount
|
objectClass: sambaSamAccount
|
||||||
objectClass: radiusprofile
|
objectClass: radiusprofile
|
||||||
entryCSN: 20150226130950.194154Z#000000#000#000000
|
entryCSN: 20150226130950.194154Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20150226130950Z
|
modifyTimestamp: 20150226130950Z
|
||||||
|
|
||||||
dn: ou=groups,dc=example,dc=org
|
dn: ou=groups,dc=example,dc=net
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Groupes d'utilisateurs
|
description: Groupes d'utilisateurs
|
||||||
ou: groups
|
ou: groups
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160531142039Z
|
createTimestamp: 20160531142039Z
|
||||||
entryCSN: 20160531142039.780151Z#000000#000#000000
|
entryCSN: 20160531142039.780151Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160531142039Z
|
modifyTimestamp: 20160531142039Z
|
||||||
|
|
||||||
dn: ou=services,ou=groups,dc=example,dc=org
|
dn: ou=services,ou=groups,dc=example,dc=net
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Groupes de comptes techniques
|
description: Groupes de comptes techniques
|
||||||
ou: services
|
ou: services
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160601173411Z
|
createTimestamp: 20160601173411Z
|
||||||
entryCSN: 20160601173411.088359Z#000000#000#000000
|
entryCSN: 20160601173411.088359Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160601173411Z
|
modifyTimestamp: 20160601173411Z
|
||||||
|
|
||||||
dn: ou=service-users,dc=example,dc=org
|
dn: ou=service-users,dc=example,dc=net
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Utilisateurs techniques de l'annuaire
|
description: Utilisateurs techniques de l'annuaire
|
||||||
ou: service-users
|
ou: service-users
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160601173602Z
|
createTimestamp: 20160601173602Z
|
||||||
entryCSN: 20160601173602.683304Z#000000#000#000000
|
entryCSN: 20160601173602.683304Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160601173602Z
|
modifyTimestamp: 20160601173602Z
|
||||||
|
|
||||||
dn: cn=freeradius,ou=service-users,dc=example,dc=org
|
dn: cn=freeradius,ou=service-users,dc=example,dc=net
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: freeradius
|
cn: freeradius
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160601173922Z
|
createTimestamp: 20160601173922Z
|
||||||
entryCSN: 20160601173922.944598Z#000000#000#000000
|
entryCSN: 20160601173922.944598Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160601173922Z
|
modifyTimestamp: 20160601173922Z
|
||||||
|
|
||||||
dn: cn=nssauth,ou=service-users,dc=example,dc=org
|
dn: cn=nssauth,ou=service-users,dc=example,dc=net
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: nssauth
|
cn: nssauth
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160601174127Z
|
createTimestamp: 20160601174127Z
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160603093724.770069Z#000000#000#000000
|
entryCSN: 20160603093724.770069Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160603093724Z
|
modifyTimestamp: 20160603093724Z
|
||||||
|
|
||||||
dn: cn=auth,ou=services,ou=groups,dc=example,dc=org
|
dn: cn=auth,ou=services,ou=groups,dc=example,dc=net
|
||||||
objectClass: groupOfNames
|
objectClass: groupOfNames
|
||||||
cn: auth
|
cn: auth
|
||||||
member: cn=nssauth,ou=service-users,dc=example,dc=org
|
member: cn=nssauth,ou=service-users,dc=example,dc=net
|
||||||
structuralObjectClass: groupOfNames
|
structuralObjectClass: groupOfNames
|
||||||
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160601175413Z
|
createTimestamp: 20160601175413Z
|
||||||
entryCSN: 20160620005705.309928Z#000000#000#000000
|
entryCSN: 20160620005705.309928Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160620005705Z
|
modifyTimestamp: 20160620005705Z
|
||||||
|
|
||||||
dn: ou=posix,ou=groups,dc=example,dc=org
|
dn: ou=posix,ou=groups,dc=example,dc=net
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Groupes de comptes POSIX
|
description: Groupes de comptes POSIX
|
||||||
ou: posix
|
ou: posix
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160603090455Z
|
createTimestamp: 20160603090455Z
|
||||||
entryCSN: 20160603090455.267192Z#000000#000#000000
|
entryCSN: 20160603090455.267192Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160603090455Z
|
modifyTimestamp: 20160603090455Z
|
||||||
|
|
||||||
dn: cn=wifi,ou=service-users,dc=example,dc=org
|
dn: cn=wifi,ou=service-users,dc=example,dc=net
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: wifi
|
cn: wifi
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160603103452Z
|
createTimestamp: 20160603103452Z
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160603103638.682210Z#000000#000#000000
|
entryCSN: 20160603103638.682210Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160603103638Z
|
modifyTimestamp: 20160603103638Z
|
||||||
|
|
||||||
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=org
|
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=net
|
||||||
objectClass: groupOfNames
|
objectClass: groupOfNames
|
||||||
cn: usermgmt
|
cn: usermgmt
|
||||||
structuralObjectClass: groupOfNames
|
structuralObjectClass: groupOfNames
|
||||||
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160603103732Z
|
createTimestamp: 20160603103732Z
|
||||||
member: cn=wifi,ou=service-users,dc=example,dc=org
|
member: cn=wifi,ou=service-users,dc=example,dc=net
|
||||||
entryCSN: 20160603103746.897151Z#000000#000#000000
|
entryCSN: 20160603103746.897151Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160603103746Z
|
modifyTimestamp: 20160603103746Z
|
||||||
|
|
||||||
dn: cn=replica,ou=service-users,dc=example,dc=org
|
dn: cn=replica,ou=service-users,dc=example,dc=net
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: replica
|
cn: replica
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160607101733Z
|
createTimestamp: 20160607101733Z
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160607101829.424643Z#000000#000#000000
|
entryCSN: 20160607101829.424643Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160607101829Z
|
modifyTimestamp: 20160607101829Z
|
||||||
|
|
||||||
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=org
|
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=net
|
||||||
objectClass: groupOfNames
|
objectClass: groupOfNames
|
||||||
cn: readonly
|
cn: readonly
|
||||||
structuralObjectClass: groupOfNames
|
structuralObjectClass: groupOfNames
|
||||||
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
||||||
creatorsName: cn=admin,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=net
|
||||||
createTimestamp: 20160607101846Z
|
createTimestamp: 20160607101846Z
|
||||||
member: cn=replica,ou=service-users,dc=example,dc=org
|
member: cn=replica,ou=service-users,dc=example,dc=net
|
||||||
member: cn=freeradius,ou=service-users,dc=example,dc=org
|
member: cn=freeradius,ou=service-users,dc=example,dc=net
|
||||||
entryCSN: 20160619214628.287369Z#000000#000#000000
|
entryCSN: 20160619214628.287369Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=net
|
||||||
modifyTimestamp: 20160619214628Z
|
modifyTimestamp: 20160619214628Z
|
||||||
|
|
||||||
|
|
|
@ -1108,35 +1108,35 @@ objectClass: olcDatabaseConfig
|
||||||
objectClass: olcHdbConfig
|
objectClass: olcHdbConfig
|
||||||
olcDatabase: {1}hdb
|
olcDatabase: {1}hdb
|
||||||
olcDbDirectory: /var/lib/ldap
|
olcDbDirectory: /var/lib/ldap
|
||||||
olcSuffix: dc=example,dc=org
|
olcSuffix: dc=example,dc=net
|
||||||
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
||||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn
|
||||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
=readonly,ou=services,ou=groups,dc=example,dc=net" read by group="
|
||||||
cn=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * no
|
cn=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * no
|
||||||
ne
|
ne
|
||||||
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
||||||
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
onymous auth by dn="cn=admin,dc=example,dc=net" write by group="cn
|
||||||
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
=readonly,ou=services,ou=groups,dc=example,dc=net" read by group="
|
||||||
cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn
|
cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn
|
||||||
=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * none
|
=usermgmt,ou=services,ou=groups,dc=example,dc=net" write by * none
|
||||||
olcAccess: {2}to dn.base="" by * read
|
olcAccess: {2}to dn.base="" by * read
|
||||||
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=org" by group="cn=
|
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=net" by group="cn=
|
||||||
auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn=re
|
auth,ou=services,ou=groups,dc=example,dc=net" read by group="cn=re
|
||||||
adonly,ou=services,ou=groups,dc=example,dc=org" read
|
adonly,ou=services,ou=groups,dc=example,dc=net" read
|
||||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=org" by grou
|
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=net" by grou
|
||||||
p="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by self r
|
p="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by self r
|
||||||
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=org"
|
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=net"
|
||||||
read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
|
read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
|
||||||
g" write
|
g" write
|
||||||
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=org" by gro
|
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=net" by gro
|
||||||
up="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group
|
up="cn=auth,ou=services,ou=groups,dc=example,dc=net" read by group
|
||||||
="cn=readonly,ou=services,ou=groups,dc=example,dc=org" read
|
="cn=readonly,ou=services,ou=groups,dc=example,dc=net" read
|
||||||
olcAccess: {6}to dn.base="dc=example,dc=org" by * read
|
olcAccess: {6}to dn.base="dc=example,dc=net" by * read
|
||||||
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=org" write by self
|
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=net" write by self
|
||||||
read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
|
read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
|
||||||
g" read
|
g" read
|
||||||
olcLastMod: TRUE
|
olcLastMod: TRUE
|
||||||
olcRootDN: cn=admin,dc=example,dc=org
|
olcRootDN: cn=admin,dc=example,dc=net
|
||||||
olcRootPW: FILL_IT
|
olcRootPW: FILL_IT
|
||||||
olcDbCheckpoint: 512 30
|
olcDbCheckpoint: 512 30
|
||||||
olcDbConfig: {0}set_cachesize 0 2097152 0
|
olcDbConfig: {0}set_cachesize 0 2097152 0
|
||||||
|
|
|
@ -11,6 +11,7 @@ class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
('machines', '0062_extension_origin_v6'),
|
('machines', '0062_extension_origin_v6'),
|
||||||
|
('reversion', '0001_squashed_0004_auto_20160611_1202')
|
||||||
]
|
]
|
||||||
|
|
||||||
operations = [
|
operations = [
|
||||||
|
|
21
machines/migrations/0081_auto_20180515_2034.py
Normal file
21
machines/migrations/0081_auto_20180515_2034.py
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# Generated by Django 1.10.7 on 2018-05-15 18:34
|
||||||
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
import django.db.models.deletion
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('machines', '0080_auto_20180502_2334'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name='extension',
|
||||||
|
name='soa',
|
||||||
|
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.SOA'),
|
||||||
|
),
|
||||||
|
]
|
|
@ -1,4 +1,3 @@
|
||||||
django-bootstrap3
|
django-bootstrap3
|
||||||
|
django-ldapdb==0.9.0
|
||||||
django-macaddress
|
django-macaddress
|
||||||
python-dateutil
|
|
||||||
pycrypto
|
|
|
@ -19,9 +19,8 @@
|
||||||
# You should have received a copy of the GNU General Public License along
|
# You should have received a copy of the GNU General Public License along
|
||||||
# with this program; if not, write to the Free Software Foundation, Inc.,
|
# with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
"""re2o.settings_locale.example
|
"""re2o.settings_locale
|
||||||
The example settings_locale.py file with all the available
|
The file with all the available options for a locale configuration of re2o
|
||||||
options for a locale configuration of re2o
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
from __future__ import unicode_literals
|
from __future__ import unicode_literals
|
||||||
|
@ -41,7 +40,7 @@ AES_KEY = 'A_SECRET_AES_KEY'
|
||||||
DEBUG = False
|
DEBUG = False
|
||||||
|
|
||||||
# A list of admins of the services. Receive mails when an error occurs
|
# A list of admins of the services. Receive mails when an error occurs
|
||||||
ADMINS = [('Example', 'rezo-admin@example.org')]
|
ADMINS = [('Example', 'admin@example.net')]
|
||||||
|
|
||||||
# The list of hostname the server will respond to.
|
# The list of hostname the server will respond to.
|
||||||
ALLOWED_HOSTS = ['URL_SERVER']
|
ALLOWED_HOSTS = ['URL_SERVER']
|
||||||
|
@ -81,16 +80,16 @@ SESSION_COOKIE_AGE = 60 * 60 * 3
|
||||||
LOGO_PATH = "static_files/logo.png"
|
LOGO_PATH = "static_files/logo.png"
|
||||||
|
|
||||||
# The mail configuration for Re2o to send mails
|
# The mail configuration for Re2o to send mails
|
||||||
SERVER_EMAIL = 'no-reply@example.org' # The mail address to use
|
SERVER_EMAIL = 'no-reply@example.net' # The mail address to use
|
||||||
EMAIL_HOST = 'MY_EMAIL_HOST' # The host to use
|
EMAIL_HOST = 'MY_EMAIL_HOST' # The host to use
|
||||||
EMAIL_PORT = MY_EMAIL_PORT # The port to use
|
EMAIL_PORT = MY_EMAIL_PORT # The port to use
|
||||||
|
|
||||||
# Settings of the LDAP structure
|
# Settings of the LDAP structure
|
||||||
LDAP = {
|
LDAP = {
|
||||||
'base_user_dn': 'cn=Utilisateurs,dc=example,dc=org',
|
'base_user_dn': 'cn=Utilisateurs,dc=example,dc=net',
|
||||||
'base_userservice_dn': 'ou=service-users,dc=example,dc=org',
|
'base_userservice_dn': 'ou=service-users,dc=example,dc=net',
|
||||||
'base_usergroup_dn': 'ou=posix,ou=groups,dc=example,dc=org',
|
'base_usergroup_dn': 'ou=posix,ou=groups,dc=example,dc=net',
|
||||||
'base_userservicegroup_dn': 'ou=services,ou=groups,dc=example,dc=org',
|
'base_userservicegroup_dn': 'ou=services,ou=groups,dc=example,dc=net',
|
||||||
'user_gid': 500,
|
'user_gid': 500,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue