Browse Source

fusion de eole-annuaire et eole-annuaireslave

2.6.2/master
Emmanuel Garette 6 months ago
parent
commit
6ccbbadcd0
6 changed files with 122 additions and 103 deletions
  1. 57
    40
      dicos/23_annuaire.xml
  2. 24
    25
      dicos/24_annuaireslave.xml
  3. 10
    6
      posttemplate/00-annuaire
  4. 2
    3
      posttemplate/02-annuaire
  5. 12
    12
      tmpl/DB_CONFIG
  6. 17
    17
      tmpl/replication.conf

+ 57
- 40
dicos/23_annuaire.xml View File

@@ -67,44 +67,36 @@
67 67
             <variable name='ldap_restrict_access' type="string" description="Utilisateur autorisé à accéder à distance au serveur LDAP">
68 68
                 <value>tous</value>
69 69
             </variable>
70
-            <variable name='tuneDBConfig' type='oui/non' description='Tunning du backend hdb via DB_CONFIG' mode='expert'>
71
-                <value>non</value>
70
+            <variable name='tune_db_config' type='oui/non' description='Tunning du backend hdb via DB_CONFIG' mode='expert'/>
71
+        </family>
72
+        <family name='DB_CONFIG' mode='expert'>
73
+            <variable name='db_cache_size_g' description="Quantité de Giga-octets à utiliser pour le cache HDB"/>
74
+            <variable name='db_cache_size_o' description="Quantité d'octets à utiliser pour le cache HDB"/>
75
+            <variable name='db_cache_chunks' description="Nombre de fichiers ou écrire le cache HDB"/>
76
+            <variable name='db_log_region_max' type='number' description='set_lg_regionmax'>
77
+                <value>262144</value>
78
+            </variable>
79
+            <variable name='db_log_bsize' type='number' description='set_lg_bsize'>
80
+                <value>2097152</value>
81
+            </variable>
82
+            <variable name='db_log_max' type='number' description='set_lg_max'>
83
+                <value>8388608</value>
84
+            </variable>
85
+            <variable name='db_log_directory' type='string' description='set_lg_dir'>
86
+                <value>/var/lib/ldap/logs</value>
72 87
             </variable>
73
-       </family>
74
-       <family name='DB_CONFIG' mode='expert'>
75
-           <variable name='dbCacheSizeG' description="Quantité de Giga-octets à utiliser pour le cache HDB">
76
-               <value>0</value>
77
-           </variable>
78
-           <variable name='dbCacheSizeO' description="Quantité d'octets à utiliser pour le cache HDB">
79
-               <value>52428800</value>
80
-           </variable>
81
-           <variable name='dbCacheChunks' description="Nombre de fichiers ou écrire le cache HDB">
82
-               <value>0</value>
83
-           </variable>
84
-           <variable name='dbLogRegionMax' type='number' description='set_lg_regionmax'>
85
-               <value>262144</value>
86
-           </variable>
87
-           <variable name='dbLogBsize' type='number' description='set_lg_bsize'>
88
-               <value>2097152</value>
89
-           </variable>
90
-           <variable name='dbLogMax' type='number' description='set_lg_max'>
91
-               <value>8388608</value>
92
-           </variable>
93
-           <variable name='dbLogDirectory' type='string' description='set_lg_dir'>
94
-               <value>/var/lib/ldap/logs</value>
95
-           </variable>
96
-           <variable name='dbLkMax' type='number' description='set_lk_max_locks'>
97
-               <value>4000</value>
98
-           </variable>
99
-           <variable name='dbLkMaxLockers' type='number' description='set_lk_max_lockers'>
100
-               <value>200</value>
101
-           </variable>
102
-           <variable name='dbLkMaxObjects' type='number' description='set_lk_max_objects'>
103
-               <value>2000</value>
104
-           </variable>
105
-           <variable name='dbConfigRawConf' type='string' description="Clé de configuration DB_CONFIG" multi='True'/>
106
-           <variable name='dbConfigRawValue' type='string' description="Valeur de configuration"/>
107
-       </family>
88
+            <variable name='db_lk_max' type='number' description='set_lk_max_locks'>
89
+                <value>4000</value>
90
+            </variable>
91
+            <variable name='db_lk_max_lockers' type='number' description='set_lk_max_lockers'>
92
+                <value>200</value>
93
+            </variable>
94
+            <variable name='db_lk_max_objects' type='number' description='set_lk_max_objects'>
95
+                <value>2000</value>
96
+            </variable>
97
+            <variable name='db_config_raw_conf' type='string' description="Clé de configuration DB_CONFIG" multi='True'/>
98
+            <variable name='db_config_raw_value' type='string' description="Valeur de configuration"/>
99
+        </family>
108 100
     </variables>
109 101
 
110 102
     <constraints>
@@ -131,8 +123,8 @@
131 123
             <slave>aclAction</slave>
132 124
         </group>
133 125
 
134
-        <group master='dbConfigRawConf'>
135
-            <slave>dbConfigRawValue</slave>
126
+        <group master='db_config_raw_conf'>
127
+            <slave>db_config_raw_value</slave>
136 128
         </group>
137 129
 
138 130
         <fill name='calc_multi_condition' target='adresse_ip_ldap'>
@@ -142,6 +134,31 @@
142 134
             <param name='default_mismatch'>None</param>
143 135
         </fill>
144 136
 
137
+        <fill name='calc_val' target='tune_db_config'>
138
+            <param type='eole'>ldap_replication_client</param>
139
+        </fill>
140
+
141
+        <fill name='calc_multi_condition' target='db_cache_size_g'>
142
+            <param>non</param>
143
+            <param type='eole' name='condition_1'>ldap_replication_client</param>
144
+            <param name='match'>0</param>
145
+            <param name='mismatch'>1</param>
146
+        </fill>
147
+
148
+        <fill name='calc_multi_condition' target='db_cache_size_o'>
149
+            <param>non</param>
150
+            <param type='eole' name='condition_1'>ldap_replication_client</param>
151
+            <param name='match'>52428800</param>
152
+            <param name='mismatch'>0</param>
153
+        </fill>
154
+
155
+        <fill name='calc_multi_condition' target='db_cache_chunks'>
156
+            <param>non</param>
157
+            <param type='eole' name='condition_1'>ldap_replication_client</param>
158
+            <param name='match'>0</param>
159
+            <param name='mismatch'>1</param>
160
+        </fill>
161
+
145 162
         <!-- slapd est activé si client_ldap est configuré sur local -->
146 163
         <condition name='disabled_if_in' source='activer_client_ldap'>
147 164
             <param>distant</param>
@@ -157,7 +174,7 @@
157 174
             <target type='variable'>ldapAdminAccounts</target>
158 175
         </condition>
159 176
 
160
-        <condition name='disabled_if_in' source='tuneDBConfig'>
177
+        <condition name='disabled_if_in' source='tune_db_config'>
161 178
             <param>non</param>
162 179
             <target type='family'>DB_CONFIG</target>
163 180
         </condition>

+ 24
- 25
dicos/24_annuaireslave.xml View File

@@ -5,30 +5,27 @@
5 5
     </files>
6 6
     <variables>
7 7
         <family name='Replication'>
8
-			<variable name='typeRepl' description="Type de réplication">
9
-				<value>scribe-scribe</value>
10
-			</variable>
11
-			<variable name='replSourceUAI' type="string" description="Code UAI du scribe source"/>
12
-			<variable name='replSourceIP' type='string' description="Adresse du serveur source (ip ou dns)"/>
13
-			<variable name='replSourcePort' type='number' description="Port du serveur LDAP source">
14
-				<value>389</value>
15
-			</variable>
16
-			<variable name='replSSL' type='oui/non' description="Liaison chiffrée avec SSL (utiliser LDAPs)">
17
-				<value>non</value>
18
-			</variable>
8
+            <variable name='typeRepl' description="Type de réplication">
9
+                <value>scribe-scribe</value>
10
+            </variable>
11
+            <variable name='replSourceUAI' type="string" description="Code UAI du scribe source" mandatory="True"/>
12
+            <variable name='replSourceIP' type='string' description="Adresse du serveur source" mandatory="True"/>
13
+            <variable name='replSourcePort' type='number' description="Port du serveur LDAP source">
14
+                <value>389</value>
15
+            </variable>
16
+            <variable name='replSSL' type='oui/non' description="Liaison chiffrée avec SSL (utiliser LDAPs)">
17
+                <value>non</value>
18
+            </variable>
19 19
 
20 20
             <variable name='replicationSource' type='string' description="Identifiant de l'annuaire à répliquer" multi='True'/>
21 21
             <variable name='replicationType' type='string' description="Type de réplication"/>
22 22
             <variable name='sourceURL' type='string' description="URL de la source à répliquer"/>
23 23
             <variable name='replicationMode' type='string' description="Mode de réplication"/>
24 24
             <variable name='refreshInterval' type='string' description="Interval de rafaichissement (hh:mm:ss:msms)"/>
25
-            <!-- <variable name='replicationFull' type='oui/non' description="Répliquer un annuaire complet ?">
26
-                <value>non</value>
27
-            </variable> -->
28 25
             <variable name='searchBase' type='string' description="Racine de la répliquer"/>
29
-            <variable name='replicationFilter' type='string' description="Filtre de recherche"/>
30 26
             <variable name='replicationBindDN' type='string' description="DN de connection"/>
31 27
             <variable name='replicationBindPass' type='string' description="Mot de passe"/>
28
+            <variable name='replicationFilter' type='string' description="Filtre de recherche"/>
32 29
         </family>
33 30
     </variables>
34 31
     <constraints>
@@ -54,34 +51,36 @@
54 51
         <condition name='disabled_if_in' source='replicationType'>
55 52
             <param>master-master</param>
56 53
             <target type='variable'>replicationMode</target>
54
+            <target type='variable'>refreshInterval</target>
57 55
         </condition>
58 56
 
59 57
         <condition name='disabled_if_in' source='ldap_replication_client'>
60 58
             <param>non</param>
61 59
             <target type='family'>Replication</target>
62 60
             <target type='filelist'>flReplication</target>
61
+            <!--1 target type='family'>DB Config</target-->
63 62
         </condition>
64 63
 
65 64
         <condition name='disabled_if_in' source='typeRepl'>
66 65
             <param>scribe-scribe</param>
67 66
             <target type='variable'>replicationSource</target>
68
-			<target type='variable'>sourceURL</target>
69
-			<target type='variable'>replicationType</target>
70
-			<target type='variable'>replicationMode</target>
71
-			<target type='variable'>refreshInterval</target>
72
-			<target type='variable'>replicationFilter</target>
73
-			<target type='variable'>searchBase</target>
74
-			<target type='variable'>replicationBindDN</target>
75
-			<target type='variable'>replicationBindPass</target>
67
+            <target type='variable'>sourceURL</target>
68
+            <target type='variable'>replicationType</target>
69
+            <target type='variable'>replicationMode</target>
70
+            <target type='variable'>refreshInterval</target>
71
+            <target type='variable'>replicationFilter</target>
72
+            <target type='variable'>searchBase</target>
73
+            <target type='variable'>replicationBindDN</target>
74
+            <target type='variable'>replicationBindPass</target>
76 75
         </condition>
77 76
 
78 77
         <condition name='disabled_if_in' source='typeRepl'>
79
-			<param>custom</param>
78
+            <param>custom</param>
80 79
             <target type='variable'>replSourceUAI</target>
81 80
             <target type='variable'>replSourceIP</target>
82 81
             <target type='variable'>replSourcePort</target>
83 82
             <target type='variable'>replSSL</target>
84
-		</condition>
83
+        </condition>
85 84
 
86 85
         <condition name='disabled_if_in' source='eole_module'>
87 86
             <param>seshat</param>

+ 10
- 6
posttemplate/00-annuaire View File

@@ -8,19 +8,23 @@ set -e
8 8
 # initialisation du fichier des fournisseurs ldap
9 9
 touch $(CreoleGet container_path_annuaire)/etc/ldap/replication.conf
10 10
 
11
-if [ $(CreoleGet activer_client_ldap) = "local" ];then
12
-    # Mise en place de l'arborescence SSL - ref #23389
13
-    container_path_annuaire=$(CreoleGet container_path_annuaire)
14
-    . ${container_path_annuaire}/etc/default/slapd
15
-    ldap_conf_dir=$(dirname ${SLAPD_CONF})
16
-    InstallSSLFiles openldap $SLAPD_USER $SLAPD_GROUP ${ldap_conf_dir}/ssl annuaire
11
+activer_client_ldap=$(CreoleGet activer_client_ldap)
17 12
 
13
+if [ $activer_client_ldap = "local" ] || [ $activer_client_ldap = "replication" ]; then
18 14
     #Copie du fichier DB_CONFIG que si le fichier est différent (#16862)
19 15
     SRC=/tmp/DB_CONFIG
20 16
     DST=$(CreoleGet container_path_annuaire)/var/lib/ldap/DB_CONFIG
21 17
     if [ -f $SRC ]; then
22 18
         diff -q $SRC $DST &> /dev/null || cp -af $SRC $DST
23 19
     fi
20
+fi
21
+
22
+if [ $activer_client_ldap = "local" ];then
23
+    # Mise en place de l'arborescence SSL - ref #23389
24
+    container_path_annuaire=$(CreoleGet container_path_annuaire)
25
+    . ${container_path_annuaire}/etc/default/slapd
26
+    ldap_conf_dir=$(dirname ${SLAPD_CONF})
27
+    InstallSSLFiles openldap $SLAPD_USER $SLAPD_GROUP ${ldap_conf_dir}/ssl annuaire
24 28
 
25 29
     if [ $(CreoleGet activer_admin_passfile) = 'oui' ]; then
26 30
         ldap_admin_passfile=$(CreoleGet ldap_admin_passfile)

+ 2
- 3
posttemplate/02-annuaire View File

@@ -68,9 +68,8 @@ if [[ ${mode} == "local" ]];then
68 68
     [ ! "$container_path_annuaire" = "" ] && CHROOT="chroot $container_path_annuaire"
69 69
 
70 70
 	# Creating log dir if needed
71
-    if [[ $(CreoleGet tuneDBConfig non) == "oui" ]]
72
-    then
73
-        logdir=$(CreoleGet dbLogDirectory)
71
+    if [[ $(CreoleGet tune_db_config) == "oui" ]]; then
72
+        logdir=$(CreoleGet db_log_directory)
74 73
         if [[ ! -f ${logdir} ]]
75 74
         then
76 75
             mkdir -p ${logdir}

+ 12
- 12
tmpl/DB_CONFIG View File

@@ -15,24 +15,24 @@
15 15
 #          0 or 1 then Berkeley DB will try to allocate one contiguous section
16 16
 #          of memory for the cache. If this value is greater than 1, the cache
17 17
 #          will be split into that number of segments.
18
-%if %%getVar('tuneDBConfig','non') == 'oui'
19
-set_cachesize   %%dbCacheSizeG   %%dbCacheSizeO    %%dbCacheChunks
18
+%if %%tune_db_config == 'oui'
19
+set_cachesize   %%db_cache_size_g   %%db_cache_size_o    %%db_cache_chunks
20 20
 
21
-set_lg_regionmax %%dbLogRegionMax
22
-set_lg_bsize %%dbLogBsize
23
-set_lg_max   %%dbLogMax
21
+set_lg_regionmax %%db_log_region_max
22
+set_lg_bsize %%db_log_bsize
23
+set_lg_max   %%db_log_max
24 24
 set_flags DB_LOG_AUTOREMOVE
25
-set_lg_dir %%dbLogDirectory
25
+set_lg_dir %%db_log_directory
26 26
 
27 27
 # Note: special DB_CONFIG flags are no longer needed for "quick"
28 28
 # slapadd(8) or slapindex(8) access (see their -q option).
29
-set_lk_max_locks %%dbLkMax
30
-set_lk_max_lockers %%dbLkMaxLockers
31
-set_lk_max_objects %%dbLkMaxObjects
29
+set_lk_max_locks %%db_lk_max
30
+set_lk_max_lockers %%db_lk_max_lockers
31
+set_lk_max_objects %%db_lk_max_objects
32 32
 
33
-%for %%line in %%getVar('dbConfigRawConf',[])
34
-%%line %%line.dbConfigRawValue
35
-%end for
33
+   %for %%line in %%getVar('db_config_raw_conf',[])
34
+%%line %%line.db_config_raw_value
35
+   %end for
36 36
 
37 37
 %else
38 38
    %if %%is_defined('import_slapadd')

+ 17
- 17
tmpl/replication.conf View File

@@ -6,11 +6,11 @@ checkpoint 128 15
6 6
 
7 7
 %if %%typeRepl == "scribe-scribe"
8 8
 syncrepl rid=0001
9
-%if %%replSSL == "oui"
9
+ %if %%replSSL == "oui"
10 10
   provider=ldaps://%%{replSourceIP}:%%{replSourcePort}
11
-%else
11
+ %else
12 12
   provider=ldap://%%{replSourceIP}:%%{replSourcePort}
13
-%end if
13
+ %end if
14 14
   type=refreshAndPersist
15 15
   retry="5 10 300 +"
16 16
   searchbase="ou=%%{replSourceUAI},ou=%%{nom_academie},ou=education,o=gouv,c=fr"
@@ -22,11 +22,11 @@ syncrepl rid=0001
22 22
 mirrormode true
23 23
 
24 24
 syncrepl rid=0002
25
-%if %%replSSL == "oui"
25
+ %if %%replSSL == "oui"
26 26
   provider=ldaps://%%{replSourceIP}:%%{replSourcePort}
27
-%else
27
+ %else
28 28
   provider=ldap://%%{replSourceIP}:%%{replSourcePort}
29
-%end if
29
+ %end if
30 30
   type=refreshAndPersist
31 31
   retry="5 10 300 +"
32 32
   searchbase="ou=%%{numero_etab},ou=%%{nom_academie},ou=education,o=gouv,c=fr"
@@ -36,29 +36,29 @@ syncrepl rid=0002
36 36
   credentials=%%pwdreader("","/root/.writer.aca")
37 37
 mirrormode true
38 38
 %else
39
-	%for %%ldap in %%replicationSource
39
+ %for %%ldap in %%replicationSource
40 40
 syncrepl rid=%%{ldap}
41 41
   provider=%%{ldap.sourceURL}
42
-		%if %%ldap.replicationType == 'master-master'
42
+  %if %%ldap.replicationType == 'master-master'
43 43
   type=refreshAndPersist
44
-		%else
44
+  %else
45 45
   type=%%ldap.replicationMode
46
-		%end if
47
-		%if %%getVar('ldap.replicationMode', '') == 'refreshOnly'
46
+   %if %%ldap.replicationMode == 'refreshOnly'
48 47
   interval=%%{ldap.refreshInterval}
49
-		%end if
48
+   %end if
49
+  %end if
50 50
   retry="5 10 300 +"
51 51
   searchbase="%%{ldap.searchBase}"
52 52
   attrs="*,+"
53
-		%if not %%is_empty(%%ldap.replicationFilter)
53
+  %if not %%is_empty(%%ldap.replicationFilter)
54 54
   filter="%%ldap.replicationFilter"
55
-		%end if
55
+  %end if
56 56
   bindmethod=simple
57 57
   binddn="%%{ldap.replicationBindDN}"
58 58
   credentials=%%{ldap.replicationBindPass}
59
-		%if %%ldap.replicationType == 'master-master'
59
+  %if %%ldap.replicationType == 'master-master'
60 60
 mirrormode true
61
-		%end if
62
-	%end for
61
+  %end if
62
+ %end for
63 63
 %end if
64 64
 

Loading…
Cancel
Save