8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-23 11:53:12 +00:00

Script d'installation : prise en charge config apache...

This commit is contained in:
Gabriel Detraz 2017-08-31 19:40:24 +02:00 committed by root
parent 688ccdd697
commit d77d21d311
5 changed files with 250 additions and 118 deletions

View file

@ -1,16 +1,41 @@
#!/bin/bash
echo "Installation de Re2o ! echo "Installation de Re2o !
Cet utilitaire va procéder à l'installation initiale de re2o. Le serveur présent doit être vierge. Cet utilitaire va procéder à l'installation initiale de re2o. Le serveur présent doit être vierge.
Preconfiguration..." Preconfiguration..."
while true; do
read -p "Moteur de bdd choisi (mysql ou postgresql)" sql_bdd_type
case $sql_bdd_type in
[mysql]* ) break;;
[postgresql]* ) break;;
* ) echo "Réponse incorrecte";;
esac
done
read -p "Extension locale (ex : example.org)" extension_locale export DEBIAN_FRONTEND=noninteractive
apt-get -y install dialog
HEIGHT=15
WIDTH=40
CHOICE_HEIGHT=4
BACKTITLE="Preconfiguration re2o"
MENU="Choisir une option"
TITLE="Choix du moteur bdd"
OPTIONS=(1 "mysql"
2 "postgresql")
sql_bdd_type=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
clear
TITLE="Extension locale (ex : example.org)"
extension_locale=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
IFS='.' read -a extension_locale_array <<< $extension_locale IFS='.' read -a extension_locale_array <<< $extension_locale
@ -21,21 +46,49 @@ done
ldap_dn=${ldap_dn::-1} ldap_dn=${ldap_dn::-1}
echo $ldap_dn echo $ldap_dn
while true; do TITLE="Emplacement de la bdd"
read -p "Installer la base de donnée sql en local (Y/N)" sql_is_local OPTIONS=(1 "Local"
case $sql_is_local in 2 "Distant")
[N]* ) echo "Vous devrez fournir un login/mdp/host dans ce cas"; break;;
[Y]* ) break;;
* ) echo "Réponse incorrecte (Y/N)";;
esac
done
read -p "Mot de passe sql " sql_password sql_is_local=$(dialog --clear \
if [ $sql_is_local == "N" ] --backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
clear
TITLE="Mot de passe sql"
sql_password=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
if [ $sql_is_local == 2 ]
then then
read -p "Login sql " sql_login TITLE="Login sql"
read -p "Nom bdd sql " sql_name sql_login=$(dialog --title "$TITLE" \
read -p "Hote de la base de donnée " sql_host --backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="Nom de la bdd sql"
sql_name=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="Hote de la base de donnée"
sql_host=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
else else
sql_name="re2o" sql_name="re2o"
sql_login="re2o" sql_login="re2o"
@ -47,21 +100,41 @@ CREATE USER '$sql_login'@'localhost' IDENTIFIED BY '$sql_password';
GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost'; GRANT ALL PRIVILEGES ON $sql_name.* TO '$sql_login'@'localhost';
FLUSH PRIVILEGES;" FLUSH PRIVILEGES;"
while true; do
read -p "Installer la base de donnée ldap en local (Y/N)" ldap_is_local
case $ldap_is_local in
[N]* ) echo "Vous devrez fournir un login/mdp/host dans ce cas"; break;;
[Y]* ) break;;
* ) echo "Réponse incorrecte (Y/N)";;
esac
done
TITLE="Emplacement du ldap"
OPTIONS=(1 "Local"
2 "Distant")
read -p "Mot de passe ldap " ldap_password ldap_is_local=$(dialog --clear \
if [ $ldap_is_local == "N" ] --backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
echo "Vous devrez fournir un login/host dans le cas où le ldap est non local"
TITLE="Mot de passe ldap"
ldap_password=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
if [ $ldap_is_local == 2 ]
then then
read -p "Cn admin à utiliser " ldap_cn TITLE="Cn ldap admin"
read -p "Hote de la base de donnée (adresse ip seulement !)" ldap_host ldap_cn=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
TITLE="Hote ldap"
ldap_host=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
else else
ldap_cn="cn=admin," ldap_cn="cn=admin,"
ldap_cn+=$ldap_dn ldap_cn+=$ldap_dn
@ -70,17 +143,17 @@ fi
echo "Installation des paquets de base" echo "Installation des paquets de base"
export DEBIAN_FRONTEND=noninteractive
apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev apt-get -y install python3-django python3-dateutil texlive-latex-base texlive-fonts-recommended python3-djangorestframework python3-django-reversion python3-pip libsasl2-dev libldap2-dev libssl-dev
pip3 install django-bootstrap3 pip3 install django-bootstrap3
pip3 install django-ldapdb pip3 install django-ldapdb
pip3 install django-macaddress pip3 install django-macaddress
if [ $sql_bdd_type == "mysql" ] if [ $sql_bdd_type == 1 ]
then then
if [ $sql_is_local == "Y" ] if [ $sql_is_local == 1 ]
then then
apt-get -y install mysql-server apt-get -y install mysql-server
mysql -u root --execute="$sql_command"
else else
echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez" echo "Veuillez saisir la commande suivante sur le serveur sql distant, puis validez"
echo $sql_command echo $sql_command
@ -95,24 +168,24 @@ then
fi fi
apt-get -y install python3-mysqldb mysql-client apt-get -y install python3-mysqldb mysql-client
else else
if [ $sql_is_local == "Y" ] if [ $sql_is_local == 1 ]
then then
apt-get -y install postgresql-server apt-get -y install postgresql-server
fi fi
apt-get -y install postgresql-client apt-get -y install postgresql-client
fi fi
if [ $ldap_is_local == "Y" ] if [ $ldap_is_local == 1 ]
then then
apt-get -y install slapd apt-get -y install slapd
echo "Hashage du mot de passe ldap..." echo "Hashage du mot de passe ldap..."
hashed_ldap_passwd=$(slappasswd -s ldap_password) hashed_ldap_passwd=$(slappasswd -s $ldap_password)
echo $hashed_ldap_passwd echo $hashed_ldap_passwd
echo "Formatage des fichiers de config ldap" echo "Formatage des fichiers de config ldap"
sed 's/dc=example,dc=org/'"$ldap_dn"'/g' install_utils/db.ldiff | sed 's/FILL_IT/'"$hashed_ldap_passwd"'/g' > /tmp/db sed 's|dc=example,dc=org|'"$ldap_dn"'|g' install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db
sed 's/dc=example,dc=org/'"$ldap_dn"'/g' install_utils/schema.ldiff | sed 's/FILL_IT/'"$hashed_ldap_passwd"'/g' > /tmp/schema sed 's|dc=example,dc=org|'"$ldap_dn"'|g' install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema
echo "Destruction config ldap existante" echo "Destruction config ldap existante"
service slapd stop service slapd stop
@ -135,10 +208,10 @@ fi
echo "Ecriture de settings_local" echo "Ecriture de settings_local"
django_secret_key=$(python -c 'import random; import string; print "".join([random.SystemRandom().choice(string.digits + string.letters + string.punctuation) for i in range(100)])') django_secret_key=$(python -c "import random; print(''.join([random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyz0123456789%=+') for i in range(50)]))")
cp re2o/settings_local.example.py re2o/settings_local.py cp re2o/settings_local.example.py re2o/settings_local.py
#sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py sed -i 's/SUPER_SECRET_KEY/'"$django_secret_key"'/g' re2o/settings_local.py
sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' re2o/settings_local.py sed -i 's/SUPER_SECRET_DB/'"$sql_password"'/g' re2o/settings_local.py
sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py sed -i 's/db_name_value/'"$sql_name"'/g' re2o/settings_local.py
sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py sed -i 's/db_user_value/'"$sql_login"'/g' re2o/settings_local.py
@ -150,5 +223,43 @@ sed -i 's/dc=example,dc=org/'"$ldap_dn"'/g' re2o/settings_local.py
sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py sed -i 's/example.org/'"$extension_locale"'/g' re2o/settings_local.py
echo "Application des migrations" echo "Application des migrations"
#python3 manage.py migrate python3 manage.py migrate
echo "Collecte des statics"
python3 manage.py collectstatics
BACKTITLE="Fin de l'installation"
TITLE="Serveur web à utiliser"
OPTIONS=(1 "apache2"
2 "nginx")
web_serveur=$(dialog --clear \
--backtitle "$BACKTITLE" \
--title "$TITLE" \
--menu "$MENU" \
$HEIGHT $WIDTH $CHOICE_HEIGHT \
"${OPTIONS[@]}" \
2>&1 >/dev/tty)
clear
TITLE="Url où servir le serveur web (ex : re2o.example.org)"
url_server=$(dialog --title "$TITLE" \
--backtitle "$BACKTITLE" \
--inputbox "$TITLE" $HEIGHT $WIDTH \
2>&1 >/dev/tty)
clear
if [ $web_serveur == 1 ]
then
apt-get -y install apache2 libapache2-mod-wsgi-py3
cp install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf
sed -i 's/URL_SERVER/'"$url_server"'/g' /etc/apache2/sites-available/re2o.conf
current_path=$(pwd)
sed -i 's|PATH|'"$current_path"'|g' /etc/apache2/sites-available/re2o.conf
a2ensite re2o
service apache2 reload
else
echo "Nginx non supporté, vous devrez installer manuellement"
fi

View file

@ -0,0 +1,22 @@
<VirtualHost *:80>
ServerName URL_SERVER
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/re2o-error.log
CustomLog ${APACHE_LOG_DIR}/re2o-access.log combined
<Directory />
AuthType Basic
AuthName "Password Required"
AuthUserFile /usr/local/password
Require valid-user
#Require all granted
</Directory>
Alias /static PATH/static_files
WSGIScriptAlias / PATH/re2o/wsgi.py
WSGIProcessGroup re2o
WSGIDaemonProcess re2o processes=2 threads=16 maximum-requests=1000 display-name=re2o
</VirtualHost>

View file

@ -1,39 +1,38 @@
dn: dc=ldap,dc=example,dc=org dn: dc=example,dc=org
o: rezo o: rezo
dc: ldap
structuralObjectClass: organization structuralObjectClass: organization
entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b entryUUID: fc97a0fe-514b-1034-9e4d-59675b32507b
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20150225150906Z createTimestamp: 20150225150906Z
description: ldap description: ldap
objectClass: top objectClass: top
objectClass: dcObject objectClass: dcObject
objectClass: organization objectClass: organization
entryCSN: 20151003212702.245118Z#000000#000#000000 entryCSN: 20151003212702.245118Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20151003212702Z modifyTimestamp: 20151003212702Z
contextCSN: 20161004233332.689769Z#000000#000#000000 contextCSN: 20161004233332.689769Z#000000#000#000000
dn: cn=admin,dc=ldap,dc=example,dc=org dn: cn=admin,dc=example,dc=org
objectClass: simpleSecurityObject objectClass: simpleSecurityObject
objectClass: organizationalRole objectClass: organizationalRole
cn: admin cn: admin
structuralObjectClass: organizationalRole structuralObjectClass: organizationalRole
entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b entryUUID: fc97fa72-514b-1034-9e4e-59675b32507b
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20150225150906Z createTimestamp: 20150225150906Z
description:: TERBUCBhZG1pbmlzdHJhdG9yDQo= description:: TERBUCBhZG1pbmlzdHJhdG9yDQo=
userPassword: FILL_IT userPassword: FILL_IT
entryCSN: 20160604005945.576566Z#000000#000#000000 entryCSN: 20160604005945.576566Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160604005945Z modifyTimestamp: 20160604005945Z
dn: cn=Utilisateurs,dc=ldap,dc=example,dc=org dn: cn=Utilisateurs,dc=example,dc=org
gidNumber: 500 gidNumber: 500
cn: Utilisateurs cn: Utilisateurs
structuralObjectClass: posixGroup structuralObjectClass: posixGroup
entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc entryUUID: 5d53854e-5204-1034-8c61-8da535cabdfc
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20150226130856Z createTimestamp: 20150226130856Z
sambaSID: 500 sambaSID: 500
uid: Users uid: Users
@ -42,143 +41,143 @@ objectClass: top
objectClass: sambaSamAccount objectClass: sambaSamAccount
objectClass: radiusprofile objectClass: radiusprofile
entryCSN: 20150226130950.194154Z#000000#000#000000 entryCSN: 20150226130950.194154Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20150226130950Z modifyTimestamp: 20150226130950Z
dn: ou=groups,dc=ldap,dc=example,dc=org dn: ou=groups,dc=example,dc=org
objectClass: organizationalUnit objectClass: organizationalUnit
description: Groupes d'utilisateurs description: Groupes d'utilisateurs
ou: groups ou: groups
structuralObjectClass: organizationalUnit structuralObjectClass: organizationalUnit
entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24 entryUUID: 986aa1b6-bb86-1035-9a4c-2ff0c800ec24
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160531142039Z createTimestamp: 20160531142039Z
entryCSN: 20160531142039.780151Z#000000#000#000000 entryCSN: 20160531142039.780151Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160531142039Z modifyTimestamp: 20160531142039Z
dn: ou=services,ou=groups,dc=ldap,dc=example,dc=org dn: ou=services,ou=groups,dc=example,dc=org
objectClass: organizationalUnit objectClass: organizationalUnit
description: Groupes de comptes techniques description: Groupes de comptes techniques
ou: services ou: services
structuralObjectClass: organizationalUnit structuralObjectClass: organizationalUnit
entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba entryUUID: cbb56904-bc6a-1035-9fbb-3dc3850d88ba
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160601173411Z createTimestamp: 20160601173411Z
entryCSN: 20160601173411.088359Z#000000#000#000000 entryCSN: 20160601173411.088359Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160601173411Z modifyTimestamp: 20160601173411Z
dn: ou=service-users,dc=ldap,dc=example,dc=org dn: ou=service-users,dc=example,dc=org
objectClass: organizationalUnit objectClass: organizationalUnit
description: Utilisateurs techniques de l'annuaire description: Utilisateurs techniques de l'annuaire
ou: service-users ou: service-users
structuralObjectClass: organizationalUnit structuralObjectClass: organizationalUnit
entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba entryUUID: 0e397270-bc6b-1035-9fbd-3dc3850d88ba
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160601173602Z createTimestamp: 20160601173602Z
entryCSN: 20160601173602.683304Z#000000#000#000000 entryCSN: 20160601173602.683304Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160601173602Z modifyTimestamp: 20160601173602Z
dn: cn=freeradius,ou=service-users,dc=ldap,dc=example,dc=org dn: cn=freeradius,ou=service-users,dc=example,dc=org
objectClass: applicationProcess objectClass: applicationProcess
objectClass: simpleSecurityObject objectClass: simpleSecurityObject
cn: freeradius cn: freeradius
userPassword: FILL_IT userPassword: FILL_IT
structuralObjectClass: applicationProcess structuralObjectClass: applicationProcess
entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba entryUUID: 8596e4ec-bc6b-1035-9fbf-3dc3850d88ba
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160601173922Z createTimestamp: 20160601173922Z
entryCSN: 20160601173922.944598Z#000000#000#000000 entryCSN: 20160601173922.944598Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160601173922Z modifyTimestamp: 20160601173922Z
dn: cn=nssauth,ou=service-users,dc=ldap,dc=example,dc=org dn: cn=nssauth,ou=service-users,dc=example,dc=org
objectClass: applicationProcess objectClass: applicationProcess
objectClass: simpleSecurityObject objectClass: simpleSecurityObject
cn: nssauth cn: nssauth
structuralObjectClass: applicationProcess structuralObjectClass: applicationProcess
entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba entryUUID: cfbdadc6-bc6b-1035-9fc4-3dc3850d88ba
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160601174127Z createTimestamp: 20160601174127Z
userPassword: FILL_IT userPassword: FILL_IT
entryCSN: 20160603093724.770069Z#000000#000#000000 entryCSN: 20160603093724.770069Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160603093724Z modifyTimestamp: 20160603093724Z
dn: cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org dn: cn=auth,ou=services,ou=groups,dc=example,dc=org
objectClass: groupOfNames objectClass: groupOfNames
cn: auth cn: auth
member: cn=nssauth,ou=service-users,dc=ldap,dc=example,dc=org member: cn=nssauth,ou=service-users,dc=example,dc=org
structuralObjectClass: groupOfNames structuralObjectClass: groupOfNames
entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba entryUUID: 98524836-bc6d-1035-9fc7-3dc3850d88ba
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160601175413Z createTimestamp: 20160601175413Z
entryCSN: 20160620005705.309928Z#000000#000#000000 entryCSN: 20160620005705.309928Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160620005705Z modifyTimestamp: 20160620005705Z
dn: ou=posix,ou=groups,dc=ldap,dc=example,dc=org dn: ou=posix,ou=groups,dc=example,dc=org
objectClass: organizationalUnit objectClass: organizationalUnit
description: Groupes de comptes POSIX description: Groupes de comptes POSIX
ou: posix ou: posix
structuralObjectClass: organizationalUnit structuralObjectClass: organizationalUnit
entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e entryUUID: fbd89c4a-bdb5-1035-9045-d5a09894d93e
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160603090455Z createTimestamp: 20160603090455Z
entryCSN: 20160603090455.267192Z#000000#000#000000 entryCSN: 20160603090455.267192Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160603090455Z modifyTimestamp: 20160603090455Z
dn: cn=wifi,ou=service-users,dc=ldap,dc=example,dc=org dn: cn=wifi,ou=service-users,dc=example,dc=org
objectClass: applicationProcess objectClass: applicationProcess
objectClass: simpleSecurityObject objectClass: simpleSecurityObject
cn: wifi cn: wifi
structuralObjectClass: applicationProcess structuralObjectClass: applicationProcess
entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e entryUUID: 8cc2d1a6-bdc2-1035-9051-d5a09894d93e
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160603103452Z createTimestamp: 20160603103452Z
userPassword: FILL_IT userPassword: FILL_IT
entryCSN: 20160603103638.682210Z#000000#000#000000 entryCSN: 20160603103638.682210Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160603103638Z modifyTimestamp: 20160603103638Z
dn: cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org dn: cn=usermgmt,ou=services,ou=groups,dc=example,dc=org
objectClass: groupOfNames objectClass: groupOfNames
cn: usermgmt cn: usermgmt
structuralObjectClass: groupOfNames structuralObjectClass: groupOfNames
entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e entryUUID: ec01e206-bdc2-1035-9054-d5a09894d93e
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160603103732Z createTimestamp: 20160603103732Z
member: cn=wifi,ou=service-users,dc=ldap,dc=example,dc=org member: cn=wifi,ou=service-users,dc=example,dc=org
entryCSN: 20160603103746.897151Z#000000#000#000000 entryCSN: 20160603103746.897151Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160603103746Z modifyTimestamp: 20160603103746Z
dn: cn=replica,ou=service-users,dc=ldap,dc=example,dc=org dn: cn=replica,ou=service-users,dc=example,dc=org
objectClass: applicationProcess objectClass: applicationProcess
objectClass: simpleSecurityObject objectClass: simpleSecurityObject
cn: replica cn: replica
structuralObjectClass: applicationProcess structuralObjectClass: applicationProcess
entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f entryUUID: caef5c54-c0e4-1035-948f-dfe369fe3d4f
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160607101733Z createTimestamp: 20160607101733Z
userPassword: FILL_IT userPassword: FILL_IT
entryCSN: 20160607101829.424643Z#000000#000#000000 entryCSN: 20160607101829.424643Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160607101829Z modifyTimestamp: 20160607101829Z
dn: cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org dn: cn=readonly,ou=services,ou=groups,dc=example,dc=org
objectClass: groupOfNames objectClass: groupOfNames
cn: readonly cn: readonly
structuralObjectClass: groupOfNames structuralObjectClass: groupOfNames
entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f entryUUID: f6bd2366-c0e4-1035-9492-dfe369fe3d4f
creatorsName: cn=admin,dc=ldap,dc=example,dc=org creatorsName: cn=admin,dc=example,dc=org
createTimestamp: 20160607101846Z createTimestamp: 20160607101846Z
member: cn=replica,ou=service-users,dc=ldap,dc=example,dc=org member: cn=replica,ou=service-users,dc=example,dc=org
member: cn=freeradius,ou=service-users,dc=ldap,dc=example,dc=org member: cn=freeradius,ou=service-users,dc=example,dc=org
entryCSN: 20160619214628.287369Z#000000#000#000000 entryCSN: 20160619214628.287369Z#000000#000#000000
modifiersName: cn=admin,dc=ldap,dc=example,dc=org modifiersName: cn=admin,dc=example,dc=org
modifyTimestamp: 20160619214628Z modifyTimestamp: 20160619214628Z

View file

@ -1108,35 +1108,35 @@ objectClass: olcDatabaseConfig
objectClass: olcHdbConfig objectClass: olcHdbConfig
olcDatabase: {1}hdb olcDatabase: {1}hdb
olcDbDirectory: /var/lib/ldap olcDbDirectory: /var/lib/ldap
olcSuffix: dc=ldap,dc=example,dc=org olcSuffix: dc=example,dc=org
olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an olcAccess: {0}to attrs=userPassword,sambaNTPassword,mail by self write by an
onymous auth by dn="cn=admin,dc=ldap,dc=example,dc=org" write by group="cn onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group=" =readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org" write by * no cn=usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * no
ne ne
olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an olcAccess: {1}to attrs=shadowLastChange,gecos,loginShell by self write by an
onymous auth by dn="cn=admin,dc=ldap,dc=example,dc=org" write by group="cn onymous auth by dn="cn=admin,dc=example,dc=org" write by group="cn
=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group=" =readonly,ou=services,ou=groups,dc=example,dc=org" read by group="
cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="cn cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn
=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=org" write by * none =usermgmt,ou=services,ou=groups,dc=example,dc=org" write by * none
olcAccess: {2}to dn.base="" by * read olcAccess: {2}to dn.base="" by * read
olcAccess: {3}to dn.sub="ou=groups,dc=ldap,dc=example,dc=org" by group="cn= olcAccess: {3}to dn.sub="ou=groups,dc=example,dc=org" by group="cn=
auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group="cn=re auth,ou=services,ou=groups,dc=example,dc=org" read by group="cn=re
adonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read adonly,ou=services,ou=groups,dc=example,dc=org" read
olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=ldap,dc=example,dc=org" by grou olcAccess: {4}to dn.sub="cn=Utilisateurs,dc=example,dc=org" by grou
p="cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by self r p="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by self r
ead by group="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" ead by group="cn=readonly,ou=services,ou=groups,dc=example,dc=org"
read by group="cn=usermgmt,ou=services,ou=groups,dc=ldap,dc=example,dc=or read by group="cn=usermgmt,ou=services,ou=groups,dc=example,dc=or
g" write g" write
olcAccess: {5}to dn.sub="ou=service-users,dc=ldap,dc=example,dc=org" by gro olcAccess: {5}to dn.sub="ou=service-users,dc=example,dc=org" by gro
up="cn=auth,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read by group up="cn=auth,ou=services,ou=groups,dc=example,dc=org" read by group
="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=org" read ="cn=readonly,ou=services,ou=groups,dc=example,dc=org" read
olcAccess: {6}to dn.base="dc=ldap,dc=example,dc=org" by * read olcAccess: {6}to dn.base="dc=example,dc=org" by * read
olcAccess: {7}to * by dn="cn=admin,dc=ldap,dc=example,dc=org" write by self olcAccess: {7}to * by dn="cn=admin,dc=example,dc=org" write by self
read by group="cn=readonly,ou=services,ou=groups,dc=ldap,dc=example,dc=or read by group="cn=readonly,ou=services,ou=groups,dc=example,dc=or
g" read g" read
olcLastMod: TRUE olcLastMod: TRUE
olcRootDN: cn=admin,dc=ldap,dc=example,dc=org olcRootDN: cn=admin,dc=example,dc=org
olcRootPW: FILL_IT olcRootPW: FILL_IT
olcDbCheckpoint: 512 30 olcDbCheckpoint: 512 30
olcDbConfig: {0}set_cachesize 0 2097152 0 olcDbConfig: {0}set_cachesize 0 2097152 0

View file

@ -65,10 +65,10 @@ EMAIL_HOST = 'smtp.example.org'
# Reglages pour la bdd ldap # Reglages pour la bdd ldap
LDAP = { LDAP = {
'base_user_dn' : 'cn=Utilisateurs,dc=ldap,dc=example,dc=org', 'base_user_dn' : 'cn=Utilisateurs,dc=example,dc=org',
'base_userservice_dn' : 'ou=service-users,dc=ldap,dc=example,dc=org', 'base_userservice_dn' : 'ou=service-users,dc=example,dc=org',
'base_usergroup_dn' : 'ou=posix,ou=groups,dc=ldap,dc=example,dc=org', 'base_usergroup_dn' : 'ou=posix,ou=groups,dc=example,dc=org',
'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=ldap,dc=example,dc=org', 'base_userservicegroup_dn' : 'ou=services,ou=groups,dc=example,dc=org',
'user_gid' : 500, 'user_gid' : 500,
} }