afornerot
/
ninedocker
1
0
Fork 0
Code Issues 26 Pull Requests Packages Projects Releases Wiki Activity

init nv01

This commit is contained in:
Arno 2024-10-21 19:45:27 +00:00
parent 73a8539886
commit d217884d35
9 changed files with 153 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
env/.env vendored
View File

@ -100,13 +100,20 @@ LDAP_BASEDN=dc=nine,dc=org
LDAP_ADMIN_USERNAME=${ADMIN_USER} LDAP_ADMIN_USERNAME=${ADMIN_USER}
LDAP_USER=cn=${LDAP_ADMIN_USERNAME},${LDAP_BASEDN} LDAP_USER=cn=${LDAP_ADMIN_USERNAME},${LDAP_BASEDN}
LDAP_PASSWORD=${ADMIN_PASSWORD} LDAP_PASSWORD=${ADMIN_PASSWORD}
LDAP_BASEORGANISATION=ou=ninegate,${LDAP_BASEDN} LDAP_OUORGANISATION=nine
LDAP_OUNIVEAU01=niveau01
LDAP_OUNIVEAU02=niveau02
LDAP_OUNIVEAU03=niveau03
LDAP_OUNIVEAU04=niveau04
LDAP_OUGROUP=groups
LDAP_BASEORGANISATION=ou=${LDAP_OUORGANISATION},${LDAP_BASEDN}
LDAP_BASENIVEAU01=ou=${LDAP_OUNIVEAU01},${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU02=ou=${LDAP_OUNIVEAU02},${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU03=ou=${LDAP_OUNIVEAU03},${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU04=ou=${LDAP_OUNIVEAU04},${LDAP_BASEORGANISATION}
LDAP_BASEUSER=ou=users,${LDAP_BASEORGANISATION} LDAP_BASEUSER=ou=users,${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU01=ou=niveau01,${LDAP_BASEORGANISATION} LDAP_BASEGROUP=ou=${LDAP_OUGROUP},${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU02=ou=niveau02,${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU03=ou=niveau03,${LDAP_BASEORGANISATION}
LDAP_BASENIVEAU04=ou=niveau04,${LDAP_BASEORGANISATION}
LDAP_BASEGROUP=ou=groups,${LDAP_BASEORGANISATION}
LDAP_SYNC=1 LDAP_SYNC=1
LDAP_TEMPLATE=open LDAP_TEMPLATE=open
@ -122,7 +129,7 @@ LDAP_GROUP_NAME=cn
LDAP_GROUP_MEMBER=memberUid LDAP_GROUP_MEMBER=memberUid
LDAP_GROUP_MEMBERISDN=0 LDAP_GROUP_MEMBERISDN=0
LDAP_LOGIN_FILTER="(&(${LDAP_USERNAME}=%uid%)(objectClass=person)(!(description=Computer)))" LDAP_LOGIN_FILTER="(&(${LDAP_USERNAME}=%uid)(objectClass=person)(!(description=Computer)))"
LDAP_USER_FILTER="(&(${LDAP_USERNAME}=*)(objectClass=person)(!(description=Computer)))" LDAP_USER_FILTER="(&(${LDAP_USERNAME}=*)(objectClass=person)(!(description=Computer)))"
LDAP_GROUP_FILTER="(&(objectClass=posixGroup))" LDAP_GROUP_FILTER="(&(objectClass=posixGroup))"

2
services/30-openldap/dicos/.env.dicos Normal file
View File

@ -0,0 +1,2 @@
templates=services/30-openldap/tmpl/nine.ldif
destinations=services/30-openldap/volume/nine/ldif/nine.ldif

66
services/30-openldap/tmpl/nine.ldif Executable file
View File

@ -0,0 +1,66 @@
# Entrée 3: ${LDAP_BASEORGANISATION}
dn: ${LDAP_BASEORGANISATION}
objectclass: organizationalUnit
objectclass: top
ou: ${LDAP_OUORGANISATION}
# Entrée 4: ${LDAP_BASENIVEAU01}
dn: ${LDAP_BASENIVEAU01}
objectclass: organizationalUnit
objectclass: top
ou: ${LDAP_OUNIVEAU01}
# Entrée 5: cn=${LDAP_OUORGANISATION},${LDAP_BASENIVEAU01}
dn: cn=${LDAP_OUORGANISATION},${LDAP_BASENIVEAU01}
objectclass: posixGroup
objectclass: top
objectclass: sambaGroupMapping
objectclass: cadolesGroup
objectclass: cadolesSiren
cn: ${LDAP_OUORGANISATION}
gidnumber: 1
memberuid: ${ADMIN_USER}
cadolesMember: ${LDAP_USERNAME}=${ADMIN_USER},${LDAP_BASEUSER}
sambagrouptype: 2
sambasid: 1
siren: ${LDAP_OUORGANISATION}
# Entrée 6: ${LDAP_BASENIVEAU02}
dn: ${LDAP_BASENIVEAU02}
objectclass: organizationalUnit
objectclass: top
ou: ${LDAP_OUNIVEAU02}
# Entrée 7: ${LDAP_BASEGROUP}
dn: ${LDAP_BASEGROUP}
objectclass: organizationalUnit
objectclass: top
ou: ${LDAP_OUNIVEAU02}
# Entrée 8: ${LDAP_BASEUSER}
dn: ${LDAP_BASEUSER}
objectclass: organizationalUnit
objectclass: top
ou: users
# Entrée 9: ${LDAP_USERNAME}=${ADMIN_USER},${LDAP_BASEUSER}
dn: ${LDAP_USERNAME}=${ADMIN_USER},${LDAP_BASEUSER}
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: cadolesPerson
objectclass: cadolesSiren
objectclass: cadolesSiret
authlevel: simple
${LDAP_USERNAME}: ${ADMIN_USER}
cn: ${ADMIN_USER}
${LDAP_LASTNAME}: ${ADMIN_USER}
${LDAP_DISPLAYNAME}: ${ADMIN_USER}
${LDAP_FIRSTNAME}: ${ADMIN_USER}
${LDAP_EMAIL}: ${ADMIN_EMAIL}
siren: ${LDAP_OUORGANISATION}
${LDAP_OUNIVEAU01}: ${LDAP_OUNIVEAU01}
userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2

2
services/30-openldap/volume/nine/changepassword.sh
View File

@ -1 +1 @@
ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "uid=$1,ou=users,ou=ninegate,dc=nine,dc=org" ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "${LDAP_USERNAME}=$1,${LDAP_BASEUSER}"

2
services/30-openldap/volume/nine/init.sh
View File

@ -10,7 +10,7 @@ then
ldapdelete ou=users,${LDAP_BASEDN} -r -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} 2>/dev/null ldapdelete ou=users,${LDAP_BASEDN} -r -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} 2>/dev/null
# Integration du ldif de base # Integration du ldif de base
ldapadd -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -f '/nine/ldif/cadoles.ldif' 2>/dev/null ldapadd -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -f '/nine/ldif/nine.ldif' 2>/dev/null
/nine/changepassword.sh admin ${ADMIN_PASSWORD} /nine/changepassword.sh admin ${ADMIN_PASSWORD}

0
services/30-openldap/volume/nine/ldif/.gitkeep Normal file
View File

66
services/30-openldap/volume/nine/ldif/cadoles.ldif
View File

@ -1,66 +0,0 @@
# Entrée 3: ou=ninegate,dc=nine,dc=org
dn: ou=ninegate,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: ninegate
# Entrée 4: ou=niveau01,ou=ninegate,dc=nine,dc=org
dn: ou=niveau01,ou=ninegate,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: niveau01
# Entrée 5: cn=nine,ou=niveau01,ou=ninegate,dc=nine,dc=org
dn: cn=nine,ou=niveau01,ou=ninegate,dc=nine,dc=org
objectclass: posixGroup
objectclass: top
objectclass: sambaGroupMapping
objectclass: cadolesGroup
objectclass: cadolesSiren
cn: nine
gidnumber: 1
memberuid: admin
cadolesMember: uid=admin,ou=users,ou=ninegate,dc=nine,dc=org
sambagrouptype: 2
sambasid: 1
siren: Ninegate
# Entrée 6: ou=niveau02,ou=ninegate,dc=nine,dc=org
dn: ou=niveau02,ou=ninegate,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: niveau02
# Entrée 7: ou=groups,ou=ninegate,dc=nine,dc=org
dn: ou=groups,ou=ninegate,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: groups
# Entrée 8: ou=users,ou=ninegate,dc=nine,dc=org
dn: ou=users,ou=ninegate,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: users
# Entrée 9: uid=admin,ou=users,ou=ninegate,dc=nine,dc=org
dn: uid=admin,ou=users,ou=ninegate,dc=nine,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: cadolesPerson
objectclass: cadolesSiren
objectclass: cadolesSiret
authlevel: simple
uid: admin
cn: nine
sn: nine
displayname: Administrateur nine
givenname: Administrateur
mail: admin@no-reply.fr
siren: 0000000A
niveau01: nine
userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2

66
services/30-openldap/volume/nine/ldif/nine.ldif Normal file
View File

@ -0,0 +1,66 @@
# Entrée 3: ou=nine,dc=nine,dc=org
dn: ou=nine,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: nine
# Entrée 4: ou=niveau01,ou=nine,dc=nine,dc=org
dn: ou=niveau01,ou=nine,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: niveau01
# Entrée 5: cn=nine,ou=niveau01,ou=nine,dc=nine,dc=org
dn: cn=nine,ou=niveau01,ou=nine,dc=nine,dc=org
objectclass: posixGroup
objectclass: top
objectclass: sambaGroupMapping
objectclass: cadolesGroup
objectclass: cadolesSiren
cn: nine
gidnumber: 1
memberuid: admin
cadolesMember: uid=admin,ou=users,ou=nine,dc=nine,dc=org
sambagrouptype: 2
sambasid: 1
siren: nine
# Entrée 6: ou=niveau02,ou=nine,dc=nine,dc=org
dn: ou=niveau02,ou=nine,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: niveau02
# Entrée 7: ou=groups,ou=nine,dc=nine,dc=org
dn: ou=groups,ou=nine,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: niveau02
# Entrée 8: ou=users,ou=nine,dc=nine,dc=org
dn: ou=users,ou=nine,dc=nine,dc=org
objectclass: organizationalUnit
objectclass: top
ou: users
# Entrée 9: uid=admin,ou=users,ou=nine,dc=nine,dc=org
dn: uid=admin,ou=users,ou=nine,dc=nine,dc=org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: cadolesPerson
objectclass: cadolesSiren
objectclass: cadolesSiret
authlevel: simple
uid: admin
cn: admin
sn: admin
displayName: admin
givenname: admin
mail: admin@noreply.fr
siren: nine
niveau01: niveau01
userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2

3
services/50-ninegate/env/.env vendored
View File

@ -7,6 +7,9 @@ DATABASE_USER=${MARIADB_USER}
DATABASE_PASSWORD=${MARIADB_PASSWORD} DATABASE_PASSWORD=${MARIADB_PASSWORD}
DATABASE_HOST=${MARIADB_SERVICE_NAME} DATABASE_HOST=${MARIADB_SERVICE_NAME}
# Init
LIBELLE_ETAB=${LDAP_OUORGANISATION}
# Activation Widget # Activation Widget
ACTIVATE_WIDADMINER=${ADMINER_ACTIVATE} ACTIVATE_WIDADMINER=${ADMINER_ACTIVATE}
WIDADMINER_URL="${ADMINER_URL}" WIDADMINER_URL="${ADMINER_URL}"