Smooth the configuration of LemonLDAP::NG on Scribe

Ref: #30852
2020-10-14 13:19:05 +02:00 · 2020-10-14 13:19:05 +02:00 · a6eeb05ca9
parent dec2cb8e79
commit a6eeb05ca9
2 changed files with 102 additions and 0 deletions
--- a/dicos/71_lemonldap_ng_scribe.xml
+++ b/dicos/71_lemonldap_ng_scribe.xml
@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="utf-8"?>
+<creole>
+
+    <files />
+
+    <variables />
+
+    <constraints>
+
+        <fill name='calc_multi_condition' target='activer_sso'>
+            <param>oui</param>
+            <param type='eole' name='condition_1'>activerLemon</param>
+            <param name='match'>distant</param>
+            <param name='default_mismatch'>local</param>
+        </fill>
+
+        <condition name='frozen_if_in' source='activerLemon'>
+            <param>oui</param>
+            <target type='variable'>activer_sso</target>
+        </condition>
+
+        <auto name='calc_multi_condition' target='ldapScheme'>
+            <param>oui</param>
+            <param type='eole' name='condition_1'>ldap_tls</param>
+            <param name='match'>ldaps</param>
+            <param name='default_mismatch'>ldap</param>
+        </auto>
+
+        <auto name='calc_val' target='ldapServer'>
+            <param type='eole'>adresse_ip_ldap</param>
+        </auto>
+
+        <auto name='calc_val' target='ldapServerPort'>
+            <param type='eole'>ldap_port</param>
+        </auto>
+
+        <auto name='calc_val' target='ldapUserBaseDN'>
+            <param type='eole'>ldap_base_dn</param>
+        </auto>
+
+        <auto name='calc_val' target='ldapBindUserDN'>
+            <param type='eole'>ldap_reader</param>
+        </auto>
+
+        <auto name='calc_val' target='ldapBindUserPassword'>
+            <param type='eole'>ldap_reader_passfile</param>
+        </auto>
+
+        <auto name='calc_val' target='casFolder'>
+            <param type='eole'>eolesso_cas_folder</param>
+        </auto>
+
+    </constraints>
+
+    <help />
+
+</creole>
--- a/postservice/98-lemonldap-ng-scribe-register-hosts
+++ b/postservice/98-lemonldap-ng-scribe-register-hosts
@ -0,0 +1,45 @@
+#!/bin/bash
+
+[ "$(CreoleGet activerLemon non)" = 'oui' ] || exit 0
+
+[ -f /usr/lib/eole/eolead.sh ] || exit 0
+
+. /usr/lib/eole/eolead.sh
+# ScribeAD/HorusAD
+. $CONTAINER_ROOTFS/etc/eole/samba4-vars.conf
+DNS_IP="${CONTAINER_IP}"
+CONTAINER_EXEC='lxc-attach -n addc --'
+
+EXT_IP=$(CreoleGet adresse_ip_eth0)
+
+for service in manager auth reload
+do
+    fqdn=$(CreoleGet "${service}WebName")
+    service_addr=$(dig "@${DNS_IP}" "${fqdn}" +short)
+    if [ "${service_addr}" != "${EXT_IP}" ]
+    then
+        ${CONTAINER_EXEC} kinit "${AD_HOST_NAME^^}@${AD_REALM^^}" -k -t "${AD_HOST_KEYTAB_FILE}"
+        if [ -n "${service_addr}" ]
+        then
+            echo -n "Suppression de l’enregistrement DNS '${fqdn} IN A ${service_addr}' : "
+            $CONTAINER_EXEC samba-tool \
+                            dns \
+                            delete \
+                            "${AD_HOST_NAME}.${AD_REALM}" \
+                            "${AD_REALM}" \
+                            "${fqdn}" A "${service_addr}" \
+                            -k 1
+        fi
+
+        echo -n "Ajout de l’enregistrement DNS '${fqdn} IN A ${EXT_IP}' : "
+        $CONTAINER_EXEC samba-tool \
+                        dns \
+                        add \
+                        "${AD_HOST_NAME}.${AD_REALM}" \
+                        "${AD_REALM}" \
+                        "${fqdn}" A "${EXT_IP}" \
+                        -k 1
+    fi
+done
+
+exit 0