mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-23 20:03:11 +00:00
Script d'installation : prise en charge config apache...
This commit is contained in:
parent
688ccdd697
commit
d77d21d311
5 changed files with 250 additions and 118 deletions
201
install_re2o.sh
201
install_re2o.sh
|
@ -1,16 +1,41 @@
|
||||||
|
#!/bin/bash
|
||||||
echo "Installation de Re2o !
|
echo "Installation de Re2o !
|
||||||
Cet utilitaire va procéder à l'installation initiale de re2o. Le serveur présent doit être vierge.
|
Cet utilitaire va procéder à l'installation initiale de re2o. Le serveur présent doit être vierge.
|
||||||
Preconfiguration..."
|
Preconfiguration..."
|
||||||
while true; do
|
|
||||||
read -p "Moteur de bdd choisi (mysql ou postgresql)" sql_bdd_type
|
|
||||||
case $sql_bdd_type in
|
|
||||||
[mysql]* ) break;;
|
|
||||||
[postgresql]* ) break;;
|
|
||||||
* ) echo "Réponse incorrecte";;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
read -p "Extension locale (ex : example.org)" extension_locale
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
|
||||||
|
apt-get -y install dialog
|
||||||
|
|
||||||
|
HEIGHT=15
|
||||||
|
WIDTH=40
|
||||||
|
CHOICE_HEIGHT=4
|
||||||
|
BACKTITLE="Preconfiguration re2o"
|
||||||
|
MENU="Choisir une option"
|
||||||
|
|
||||||
|
TITLE="Choix du moteur bdd"
|
||||||
|
OPTIONS=(1 "mysql"
|
||||||
|
2 "postgresql")
|
||||||
|
|
||||||
|
sql_bdd_type=$(dialog --clear \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--title "$TITLE" \
|
||||||
|
--menu "$MENU" \
|
||||||
|
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||||
|
"${OPTIONS[@]}" \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
|
||||||
|
clear
|
||||||
|
|
||||||
|
|
||||||
|
TITLE="Extension locale (ex : example.org)"
|
||||||
|
|
||||||
|
extension_locale=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
|
||||||
IFS='.' read -a extension_locale_array <<< $extension_locale
|
IFS='.' read -a extension_locale_array <<< $extension_locale
|
||||||
|
|
||||||
|
|
||||||
|
@ -21,21 +46,49 @@ done
|
||||||
ldap_dn=${ldap_dn::-1}
|
ldap_dn=${ldap_dn::-1}
|
||||||
echo $ldap_dn
|
echo $ldap_dn
|
||||||
|
|
||||||
while true; do
|
TITLE="Emplacement de la bdd"
|
||||||
read -p "Installer la base de donnée sql en local (Y/N)" sql_is_local
|
OPTIONS=(1 "Local"
|
||||||
case $sql_is_local in
|
2 "Distant")
|
||||||
[N]* ) echo "Vous devrez fournir un login/mdp/host dans ce cas"; break;;
|
|
||||||
[Y]* ) break;;
|
|
||||||
* ) echo "Réponse incorrecte (Y/N)";;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
read -p "Mot de passe sql " sql_password
|
sql_is_local=$(dialog --clear \
|
||||||
if [ $sql_is_local == "N" ]
|
--backtitle "$BACKTITLE" \
|
||||||
|
--title "$TITLE" \
|
||||||
|
--menu "$MENU" \
|
||||||
|
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||||
|
"${OPTIONS[@]}" \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
|
||||||
|
clear
|
||||||
|
|
||||||
|
TITLE="Mot de passe sql"
|
||||||
|
|
||||||
|
sql_password=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
|
||||||
|
|
||||||
|
if [ $sql_is_local == 2 ]
|
||||||
then
|
then
|
||||||
read -p "Login sql " sql_login
|
TITLE="Login sql"
|
||||||
read -p "Nom bdd sql " sql_name
|
sql_login=$(dialog --title "$TITLE" \
|
||||||
read -p "Hote de la base de donnée " sql_host
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
TITLE="Nom de la bdd sql"
|
||||||
|
sql_name=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
TITLE="Hote de la base de donnée"
|
||||||
|
sql_host=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
else
|
else
|
||||||
sql_name="re2o"
|
sql_name="re2o"
|
||||||
sql_login="re2o"
|
sql_login="re2o"
|
||||||
|
@ -47,21 +100,41 @@ CREATE USER '$sql_login'@'localhost' IDENTIFIED BY '$sql_password';
|
||||||
GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost';
|
GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost';
|
||||||
FLUSH PRIVILEGES;"
|
FLUSH PRIVILEGES;"
|
||||||
|
|
||||||
while true; do
|
|
||||||
read -p "Installer la base de donnée ldap en local (Y/N)" ldap_is_local
|
|
||||||
case $ldap_is_local in
|
|
||||||
[N]* ) echo "Vous devrez fournir un login/mdp/host dans ce cas"; break;;
|
|
||||||
[Y]* ) break;;
|
|
||||||
* ) echo "Réponse incorrecte (Y/N)";;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
|
TITLE="Emplacement du ldap"
|
||||||
|
OPTIONS=(1 "Local"
|
||||||
|
2 "Distant")
|
||||||
|
|
||||||
read -p "Mot de passe ldap " ldap_password
|
ldap_is_local=$(dialog --clear \
|
||||||
if [ $ldap_is_local == "N" ]
|
--backtitle "$BACKTITLE" \
|
||||||
|
--title "$TITLE" \
|
||||||
|
--menu "$MENU" \
|
||||||
|
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||||
|
"${OPTIONS[@]}" \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
|
||||||
|
echo "Vous devrez fournir un login/host dans le cas où le ldap est non local"
|
||||||
|
|
||||||
|
TITLE="Mot de passe ldap"
|
||||||
|
ldap_password=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
if [ $ldap_is_local == 2 ]
|
||||||
then
|
then
|
||||||
read -p "Cn admin à utiliser " ldap_cn
|
TITLE="Cn ldap admin"
|
||||||
read -p "Hote de la base de donnée (adresse ip seulement !)" ldap_host
|
ldap_cn=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
TITLE="Hote ldap"
|
||||||
|
ldap_host=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
else
|
else
|
||||||
ldap_cn="cn=admin,"
|
ldap_cn="cn=admin,"
|
||||||
ldap_cn+=$ldap_dn
|
ldap_cn+=$ldap_dn
|
||||||
|
@ -70,17 +143,17 @@ fi
|
||||||
|
|
||||||
|
|
||||||
echo "Installation des paquets de base"
|
echo "Installation des paquets de base"
|
||||||
export DEBIAN_FRONTEND=noninteractive
|
|
||||||
apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev
|
apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev
|
||||||
pip3 install django-bootstrap3
|
pip3 install django-bootstrap3
|
||||||
pip3 install django-ldapdb
|
pip3 install django-ldapdb
|
||||||
pip3 install django-macaddress
|
pip3 install django-macaddress
|
||||||
|
|
||||||
if [ $sql_bdd_type == "mysql" ]
|
if [ $sql_bdd_type == 1 ]
|
||||||
then
|
then
|
||||||
if [ $sql_is_local == "Y" ]
|
if [ $sql_is_local == 1 ]
|
||||||
then
|
then
|
||||||
apt-get -y install mysql-server
|
apt-get -y install mysql-server
|
||||||
|
mysql -u root --execute="$sql_command"
|
||||||
else
|
else
|
||||||
echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez"
|
echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez"
|
||||||
echo $sql_command
|
echo $sql_command
|
||||||
|
@ -95,24 +168,24 @@ then
|
||||||
fi
|
fi
|
||||||
apt-get -y install python3-mysqldb mysql-client
|
apt-get -y install python3-mysqldb mysql-client
|
||||||
else
|
else
|
||||||
if [ $sql_is_local == "Y" ]
|
if [ $sql_is_local == 1 ]
|
||||||
then
|
then
|
||||||
apt-get -y install postgresql-server
|
apt-get -y install postgresql-server
|
||||||
fi
|
fi
|
||||||
apt-get -y install postgresql-client
|
apt-get -y install postgresql-client
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ $ldap_is_local == "Y" ]
|
if [ $ldap_is_local == 1 ]
|
||||||
then
|
then
|
||||||
apt-get -y install slapd
|
apt-get -y install slapd
|
||||||
|
|
||||||
echo "Hashage du mot de passe ldap..."
|
echo "Hashage du mot de passe ldap..."
|
||||||
hashed_ldap_passwd=$(slappasswd -s ldap_password)
|
hashed_ldap_passwd=$(slappasswd -s $ldap_password)
|
||||||
|
|
||||||
echo $hashed_ldap_passwd
|
echo $hashed_ldap_passwd
|
||||||
echo "Formatage des fichiers de config ldap"
|
echo "Formatage des fichiers de config ldap"
|
||||||
sed 's/dc=example,dc=org/'"$ldap_dn"'/g' install_utils/db.ldiff | sed 's/FILL_IT/'"$hashed_ldap_passwd"'/g' > /tmp/db
|
sed 's|dc=example,dc=org|'"$ldap_dn"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
|
||||||
sed 's/dc=example,dc=org/'"$ldap_dn"'/g' install_utils/schema.ldiff | sed 's/FILL_IT/'"$hashed_ldap_passwd"'/g' > /tmp/schema
|
sed 's|dc=example,dc=org|'"$ldap_dn"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema
|
||||||
|
|
||||||
echo "Destruction config ldap existante"
|
echo "Destruction config ldap existante"
|
||||||
service slapd stop
|
service slapd stop
|
||||||
|
@ -135,10 +208,10 @@ fi
|
||||||
|
|
||||||
echo "Ecriture de settings_local"
|
echo "Ecriture de settings_local"
|
||||||
|
|
||||||
django_secret_key=$(python -c 'import random; import string; print "".join([random.SystemRandom().choice(string.digits + string.letters + string.punctuation) for i in range(100)])')
|
django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")
|
||||||
|
|
||||||
cp re2o/settings_local.example.py re2o/settings_local.py
|
cp re2o/settings_local.example.py re2o/settings_local.py
|
||||||
#sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py
|
sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py
|
||||||
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' re2o/settings_local.py
|
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' re2o/settings_local.py
|
||||||
sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py
|
sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py
|
||||||
sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py
|
sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py
|
||||||
|
@ -150,5 +223,43 @@ sed -i 's/dc=example,dc=org/'"$ldap_dn"'/g' re2o/settings_local.py
|
||||||
sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py
|
sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py
|
||||||
|
|
||||||
echo "Application des migrations"
|
echo "Application des migrations"
|
||||||
#python3 manage.py migrate
|
python3 manage.py migrate
|
||||||
|
|
||||||
|
echo "Collecte des statics"
|
||||||
|
python3 manage.py collectstatics
|
||||||
|
|
||||||
|
BACKTITLE="Fin de l'installation"
|
||||||
|
TITLE="Serveur web à utiliser"
|
||||||
|
OPTIONS=(1 "apache2"
|
||||||
|
2 "nginx")
|
||||||
|
|
||||||
|
web_serveur=$(dialog --clear \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--title "$TITLE" \
|
||||||
|
--menu "$MENU" \
|
||||||
|
$HEIGHT $WIDTH $CHOICE_HEIGHT \
|
||||||
|
"${OPTIONS[@]}" \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
|
||||||
|
clear
|
||||||
|
|
||||||
|
TITLE="Url où servir le serveur web (ex : re2o.example.org)"
|
||||||
|
url_server=$(dialog --title "$TITLE" \
|
||||||
|
--backtitle "$BACKTITLE" \
|
||||||
|
--inputbox "$TITLE" $HEIGHT $WIDTH \
|
||||||
|
2>&1 >/dev/tty)
|
||||||
|
clear
|
||||||
|
|
||||||
|
if [ $web_serveur == 1 ]
|
||||||
|
then
|
||||||
|
apt-get -y install apache2 libapache2-mod-wsgi-py3
|
||||||
|
cp install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf
|
||||||
|
sed -i 's/URL_SERVER/'"$url_server"'/g' /etc/apache2/sites-available/re2o.conf
|
||||||
|
current_path=$(pwd)
|
||||||
|
sed -i 's|PATH|'"$current_path"'|g' /etc/apache2/sites-available/re2o.conf
|
||||||
|
a2ensite re2o
|
||||||
|
service apache2 reload
|
||||||
|
else
|
||||||
|
echo "Nginx non supporté, vous devrez installer manuellement"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
22
install_utils/apache2/re2o.conf
Normal file
22
install_utils/apache2/re2o.conf
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName URL_SERVER
|
||||||
|
|
||||||
|
LogLevel warn
|
||||||
|
ErrorLog ${APACHE_LOG_DIR}/re2o-error.log
|
||||||
|
CustomLog ${APACHE_LOG_DIR}/re2o-access.log combined
|
||||||
|
|
||||||
|
<Directory />
|
||||||
|
AuthType Basic
|
||||||
|
AuthName "Password Required"
|
||||||
|
AuthUserFile /usr/local/password
|
||||||
|
Require valid-user
|
||||||
|
#Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
Alias /static PATH/static_files
|
||||||
|
|
||||||
|
WSGIScriptAlias / PATH/re2o/wsgi.py
|
||||||
|
WSGIProcessGroup re2o
|
||||||
|
WSGIDaemonProcess re2o processes=2 threads=16 maximum-requests=1000 display-name=re2o
|
||||||
|
|
||||||
|
</VirtualHost>
|
|
@ -1,39 +1,38 @@
|
||||||
dn: dc=ldap,dc=example,dc=org
|
dn: dc=example,dc=org
|
||||||
o: rezo
|
o: rezo
|
||||||
dc: ldap
|
|
||||||
structuralObjectClass: organization
|
structuralObjectClass: organization
|
||||||
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20150225150906Z
|
createTimestamp: 20150225150906Z
|
||||||
description: ldap
|
description: ldap
|
||||||
objectClass: top
|
objectClass: top
|
||||||
objectClass: dcObject
|
objectClass: dcObject
|
||||||
objectClass: organization
|
objectClass: organization
|
||||||
entryCSN: 20151003212702.245118Z#000000#000#000000
|
entryCSN: 20151003212702.245118Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20151003212702Z
|
modifyTimestamp: 20151003212702Z
|
||||||
contextCSN: 20161004233332.689769Z#000000#000#000000
|
contextCSN: 20161004233332.689769Z#000000#000#000000
|
||||||
|
|
||||||
dn: cn=admin,dc=ldap,dc=example,dc=org
|
dn: cn=admin,dc=example,dc=org
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
objectClass: organizationalRole
|
objectClass: organizationalRole
|
||||||
cn: admin
|
cn: admin
|
||||||
structuralObjectClass: organizationalRole
|
structuralObjectClass: organizationalRole
|
||||||
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20150225150906Z
|
createTimestamp: 20150225150906Z
|
||||||
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160604005945.576566Z#000000#000#000000
|
entryCSN: 20160604005945.576566Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160604005945Z
|
modifyTimestamp: 20160604005945Z
|
||||||
|
|
||||||
dn: cn=Utilisateurs,dc=ldap,dc=example,dc=org
|
dn: cn=Utilisateurs,dc=example,dc=org
|
||||||
gidNumber: 500
|
gidNumber: 500
|
||||||
cn: Utilisateurs
|
cn: Utilisateurs
|
||||||
structuralObjectClass: posixGroup
|
structuralObjectClass: posixGroup
|
||||||
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20150226130856Z
|
createTimestamp: 20150226130856Z
|
||||||
sambaSID: 500
|
sambaSID: 500
|
||||||
uid: Users
|
uid: Users
|
||||||
|
@ -42,143 +41,143 @@ objectClass: top
|
||||||
objectClass: sambaSamAccount
|
objectClass: sambaSamAccount
|
||||||
objectClass: radiusprofile
|
objectClass: radiusprofile
|
||||||
entryCSN: 20150226130950.194154Z#000000#000#000000
|
entryCSN: 20150226130950.194154Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20150226130950Z
|
modifyTimestamp: 20150226130950Z
|
||||||
|
|
||||||
dn: ou=groups,dc=ldap,dc=example,dc=org
|
dn: ou=groups,dc=example,dc=org
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Groupes d'utilisateurs
|
description: Groupes d'utilisateurs
|
||||||
ou: groups
|
ou: groups
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160531142039Z
|
createTimestamp: 20160531142039Z
|
||||||
entryCSN: 20160531142039.780151Z#000000#000#000000
|
entryCSN: 20160531142039.780151Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160531142039Z
|
modifyTimestamp: 20160531142039Z
|
||||||
|
|
||||||
dn: ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
dn: ou=services,ou=groups,dc=example,dc=org
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Groupes de comptes techniques
|
description: Groupes de comptes techniques
|
||||||
ou: services
|
ou: services
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160601173411Z
|
createTimestamp: 20160601173411Z
|
||||||
entryCSN: 20160601173411.088359Z#000000#000#000000
|
entryCSN: 20160601173411.088359Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160601173411Z
|
modifyTimestamp: 20160601173411Z
|
||||||
|
|
||||||
dn: ou=service-users,dc=ldap,dc=example,dc=org
|
dn: ou=service-users,dc=example,dc=org
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Utilisateurs techniques de l'annuaire
|
description: Utilisateurs techniques de l'annuaire
|
||||||
ou: service-users
|
ou: service-users
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160601173602Z
|
createTimestamp: 20160601173602Z
|
||||||
entryCSN: 20160601173602.683304Z#000000#000#000000
|
entryCSN: 20160601173602.683304Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160601173602Z
|
modifyTimestamp: 20160601173602Z
|
||||||
|
|
||||||
dn: cn=freeradius,ou=service-users,dc=ldap,dc=example,dc=org
|
dn: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: freeradius
|
cn: freeradius
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160601173922Z
|
createTimestamp: 20160601173922Z
|
||||||
entryCSN: 20160601173922.944598Z#000000#000#000000
|
entryCSN: 20160601173922.944598Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160601173922Z
|
modifyTimestamp: 20160601173922Z
|
||||||
|
|
||||||
dn: cn=nssauth,ou=service-users,dc=ldap,dc=example,dc=org
|
dn: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: nssauth
|
cn: nssauth
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160601174127Z
|
createTimestamp: 20160601174127Z
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160603093724.770069Z#000000#000#000000
|
entryCSN: 20160603093724.770069Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160603093724Z
|
modifyTimestamp: 20160603093724Z
|
||||||
|
|
||||||
dn: cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
dn: cn=auth,ou=services,ou=groups,dc=example,dc=org
|
||||||
objectClass: groupOfNames
|
objectClass: groupOfNames
|
||||||
cn: auth
|
cn: auth
|
||||||
member: cn=nssauth,ou=service-users,dc=ldap,dc=example,dc=org
|
member: cn=nssauth,ou=service-users,dc=example,dc=org
|
||||||
structuralObjectClass: groupOfNames
|
structuralObjectClass: groupOfNames
|
||||||
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160601175413Z
|
createTimestamp: 20160601175413Z
|
||||||
entryCSN: 20160620005705.309928Z#000000#000#000000
|
entryCSN: 20160620005705.309928Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160620005705Z
|
modifyTimestamp: 20160620005705Z
|
||||||
|
|
||||||
dn: ou=posix,ou=groups,dc=ldap,dc=example,dc=org
|
dn: ou=posix,ou=groups,dc=example,dc=org
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
description: Groupes de comptes POSIX
|
description: Groupes de comptes POSIX
|
||||||
ou: posix
|
ou: posix
|
||||||
structuralObjectClass: organizationalUnit
|
structuralObjectClass: organizationalUnit
|
||||||
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160603090455Z
|
createTimestamp: 20160603090455Z
|
||||||
entryCSN: 20160603090455.267192Z#000000#000#000000
|
entryCSN: 20160603090455.267192Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160603090455Z
|
modifyTimestamp: 20160603090455Z
|
||||||
|
|
||||||
dn: cn=wifi,ou=service-users,dc=ldap,dc=example,dc=org
|
dn: cn=wifi,ou=service-users,dc=example,dc=org
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: wifi
|
cn: wifi
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160603103452Z
|
createTimestamp: 20160603103452Z
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160603103638.682210Z#000000#000#000000
|
entryCSN: 20160603103638.682210Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160603103638Z
|
modifyTimestamp: 20160603103638Z
|
||||||
|
|
||||||
dn: cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=org
|
||||||
objectClass: groupOfNames
|
objectClass: groupOfNames
|
||||||
cn: usermgmt
|
cn: usermgmt
|
||||||
structuralObjectClass: groupOfNames
|
structuralObjectClass: groupOfNames
|
||||||
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160603103732Z
|
createTimestamp: 20160603103732Z
|
||||||
member: cn=wifi,ou=service-users,dc=ldap,dc=example,dc=org
|
member: cn=wifi,ou=service-users,dc=example,dc=org
|
||||||
entryCSN: 20160603103746.897151Z#000000#000#000000
|
entryCSN: 20160603103746.897151Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160603103746Z
|
modifyTimestamp: 20160603103746Z
|
||||||
|
|
||||||
dn: cn=replica,ou=service-users,dc=ldap,dc=example,dc=org
|
dn: cn=replica,ou=service-users,dc=example,dc=org
|
||||||
objectClass: applicationProcess
|
objectClass: applicationProcess
|
||||||
objectClass: simpleSecurityObject
|
objectClass: simpleSecurityObject
|
||||||
cn: replica
|
cn: replica
|
||||||
structuralObjectClass: applicationProcess
|
structuralObjectClass: applicationProcess
|
||||||
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160607101733Z
|
createTimestamp: 20160607101733Z
|
||||||
userPassword: FILL_IT
|
userPassword: FILL_IT
|
||||||
entryCSN: 20160607101829.424643Z#000000#000#000000
|
entryCSN: 20160607101829.424643Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160607101829Z
|
modifyTimestamp: 20160607101829Z
|
||||||
|
|
||||||
dn: cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org
|
dn: cn=readonly,ou=services,ou=groups,dc=example,dc=org
|
||||||
objectClass: groupOfNames
|
objectClass: groupOfNames
|
||||||
cn: readonly
|
cn: readonly
|
||||||
structuralObjectClass: groupOfNames
|
structuralObjectClass: groupOfNames
|
||||||
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
|
||||||
creatorsName: cn=admin,dc=ldap,dc=example,dc=org
|
creatorsName: cn=admin,dc=example,dc=org
|
||||||
createTimestamp: 20160607101846Z
|
createTimestamp: 20160607101846Z
|
||||||
member: cn=replica,ou=service-users,dc=ldap,dc=example,dc=org
|
member: cn=replica,ou=service-users,dc=example,dc=org
|
||||||
member: cn=freeradius,ou=service-users,dc=ldap,dc=example,dc=org
|
member: cn=freeradius,ou=service-users,dc=example,dc=org
|
||||||
entryCSN: 20160619214628.287369Z#000000#000#000000
|
entryCSN: 20160619214628.287369Z#000000#000#000000
|
||||||
modifiersName: cn=admin,dc=ldap,dc=example,dc=org
|
modifiersName: cn=admin,dc=example,dc=org
|
||||||
modifyTimestamp: 20160619214628Z
|
modifyTimestamp: 20160619214628Z
|
||||||
|
|
||||||
|
|
|
@ -1108,35 +1108,35 @@ objectClass: olcDatabaseConfig
|
||||||
objectClass: olcHdbConfig
|
objectClass: olcHdbConfig
|
||||||
olcDatabase: {1}hdb
|
olcDatabase: {1}hdb
|
||||||
olcDbDirectory: /var/lib/ldap
|
olcDbDirectory: /var/lib/ldap
|
||||||
olcSuffix: dc=ldap,dc=example,dc=org
|
olcSuffix: dc=example,dc=org
|
||||||
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
|
||||||
onymous auth by dn="cn=admin,dc=ldap,dc=example,dc=org" write by group="cn
|
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||||
=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="
|
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||||
cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org" write by * no
|
cn=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * no
|
||||||
ne
|
ne
|
||||||
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
|
||||||
onymous auth by dn="cn=admin,dc=ldap,dc=example,dc=org" write by group="cn
|
onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
|
||||||
=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="
|
=readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
|
||||||
cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="cn
|
cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn
|
||||||
=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org" write by * none
|
=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * none
|
||||||
olcAccess: {2}to dn.base="" by * read
|
olcAccess: {2}to dn.base="" by * read
|
||||||
olcAccess: {3}to dn.sub="ou=groups,dc=ldap,dc=example,dc=org" by group="cn=
|
olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=org" by group="cn=
|
||||||
auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="cn=re
|
auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn=re
|
||||||
adonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read
|
adonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||||
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=ldap,dc=example,dc=org" by grou
|
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=org" by grou
|
||||||
p="cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by self r
|
p="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by self r
|
||||||
ead by group="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org"
|
ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=org"
|
||||||
read by group="cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=or
|
read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
|
||||||
g" write
|
g" write
|
||||||
olcAccess: {5}to dn.sub="ou=service-users,dc=ldap,dc=example,dc=org" by gro
|
olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=org" by gro
|
||||||
up="cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group
|
up="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group
|
||||||
="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read
|
="cn=readonly,ou=services,ou=groups,dc=example,dc=org" read
|
||||||
olcAccess: {6}to dn.base="dc=ldap,dc=example,dc=org" by * read
|
olcAccess: {6}to dn.base="dc=example,dc=org" by * read
|
||||||
olcAccess: {7}to * by dn="cn=admin,dc=ldap,dc=example,dc=org" write by self
|
olcAccess: {7}to * by dn="cn=admin,dc=example,dc=org" write by self
|
||||||
read by group="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=or
|
read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
|
||||||
g" read
|
g" read
|
||||||
olcLastMod: TRUE
|
olcLastMod: TRUE
|
||||||
olcRootDN: cn=admin,dc=ldap,dc=example,dc=org
|
olcRootDN: cn=admin,dc=example,dc=org
|
||||||
olcRootPW: FILL_IT
|
olcRootPW: FILL_IT
|
||||||
olcDbCheckpoint: 512 30
|
olcDbCheckpoint: 512 30
|
||||||
olcDbConfig: {0}set_cachesize 0 2097152 0
|
olcDbConfig: {0}set_cachesize 0 2097152 0
|
||||||
|
|
|
@ -65,10 +65,10 @@ EMAIL_HOST = 'smtp.example.org'
|
||||||
|
|
||||||
# Reglages pour la bdd ldap
|
# Reglages pour la bdd ldap
|
||||||
LDAP = {
|
LDAP = {
|
||||||
'base_user_dn' : 'cn=Utilisateurs,dc=ldap,dc=example,dc=org',
|
'base_user_dn' : 'cn=Utilisateurs,dc=example,dc=org',
|
||||||
'base_userservice_dn' : 'ou=service-users,dc=ldap,dc=example,dc=org',
|
'base_userservice_dn' : 'ou=service-users,dc=example,dc=org',
|
||||||
'base_usergroup_dn' : 'ou=posix,ou=groups,dc=ldap,dc=example,dc=org',
|
'base_usergroup_dn' : 'ou=posix,ou=groups,dc=example,dc=org',
|
||||||
'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=ldap,dc=example,dc=org',
|
'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=example,dc=org',
|
||||||
'user_gid' : 500,
|
'user_gid' : 500,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue