From db5ffa2de2c52166cf61694c0bd0cb80d1adf540 Mon Sep 17 00:00:00 2001 From: kay0u Date: Sat, 4 May 2019 21:13:12 +0200 Subject: [PATCH] Add ldap support --- conf/lutim.conf.template | 18 ++++++++++-------- scripts/actions/public_private | 13 +++++++++++++ scripts/actions/reset_default_config | 7 +++++++ scripts/install | 6 ++++++ scripts/upgrade | 7 +++++++ 5 files changed, 43 insertions(+), 8 deletions(-) diff --git a/conf/lutim.conf.template b/conf/lutim.conf.template index 5a6f5f5..5ef94fd 100644 --- a/conf/lutim.conf.template +++ b/conf/lutim.conf.template @@ -165,14 +165,16 @@ # set `ldap` if you want that only authenticated users can shorten URLs # please note that everybody can still use shortend URLs # optional, no default - #ldap => { - # uri => 'ldaps://ldap.example.org', # server URI - # user_tree => 'ou=users,dc=example,dc=org', # search base DN - # bind_dn => 'uid=ldap_user,ou=users,dc=example,dc=org', # search bind DN - # bind_pwd => 'secr3t', # search bind password - # user_attr => 'uid', # user attribute (uid, mail, sAMAccountName, etc.) - # user_filter => '(!(uid=ldap_user))', # user filter (to exclude some users, etc.) - #}, + ##### BEGIN_LDAP ##### + __IS_PUBLIC__ldap => { + __IS_PUBLIC__ uri => 'ldap://localhost:389', # server URI + __IS_PUBLIC__ user_tree => 'dc=yunohost,dc=org', # search base DN + __IS_PUBLIC__ bind_dn => 'ou=users,dc=yunohost,dc=org', # search bind DN + __IS_PUBLIC__# bind_pwd => '', # search bind password + __IS_PUBLIC__ user_attr => 'uid', # user attribute (uid, mail, sAMAccountName, etc.) + __IS_PUBLIC__# user_filter => '(!(uid=ldap_user))', # user filter (to exclude some users, etc.) + __IS_PUBLIC__}, + ##### END_LDAP ##### # set `htpasswd` if you want to use an htpasswd file instead of ldap # create the file with `htpasswd -c lutim.passwd user`, update it with `htpasswd lutim.passwd user2` diff --git a/scripts/actions/public_private b/scripts/actions/public_private index bfb74ae..10707c6 100755 --- a/scripts/actions/public_private +++ b/scripts/actions/public_private @@ -20,6 +20,7 @@ is_public=${YNH_ACTION_IS_PUBLIC} app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) +final_path=$(ynh_app_setting_get $app final_path) #================================================= # CHECK IF ARGUMENTS ARE CORRECT @@ -50,6 +51,8 @@ ynh_script_progression --message="Move the application to $public_private" --wei if [ $is_public -eq 0 ] then + # If the app is private, uncomment the ldap conf + sed -i '/BEGIN_LDAP/,/END_LDAP/{/BEGIN_LDAP/n;/END_LDAP/!{s/\(\s\+\)#\(.*\)/\1\2/}}' "$final_path/lutim.conf" # If the app is private, viewing images stays publicly accessible. if [ "$path_url" == "/" ]; then # If the path is /, clear it to prevent any error with the regex. @@ -59,6 +62,8 @@ then domain_regex=$(echo "$domain" | sed 's@-@.@g') ynh_app_setting_set $app protected_regex "$domain_regex$path_url/stats$","$domain_regex$path_url/manifest.webapp$","$domain_regex$path_url/$","$domain_regex$path_url/d/.*$","$domain_regex$path_url/m/.*$" else + # If the app is public, comment the ldap conf + sed -i '/BEGIN_LDAP/,/END_LDAP/{/BEGIN_LDAP/n;/END_LDAP/!{s/\(\s\+\)\(.*\)/\1#\2/}}' "$final_path/lutim.conf" ynh_app_setting_delete $app protected_regex fi @@ -75,6 +80,14 @@ ynh_script_progression --message="Reload nginx" ynh_systemd_action --action=reload --service_name=nginx +#================================================= +# START AND CHECK LUTIM BOOTING +#================================================= +ynh_script_progression --message="Restart Lutim" + +# Wait for lutim to be fully started +ynh_systemd_action --action=restart --line_match="Manager.*started" --log_path="/var/log/$app/production.log" --timeout="120" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config index 87ad555..a917f54 100755 --- a/scripts/actions/reset_default_config +++ b/scripts/actions/reset_default_config @@ -21,6 +21,7 @@ path_url=$(ynh_app_setting_get $app path) port=$(ynh_app_setting_get $app port) always_encrypt=$(ynh_app_setting_get $app always_encrypt) secret=$(ynh_app_setting_get $app secret) +is_public=$(ynh_app_setting_get $app is_public) #================================================= # SORT OUT THE CONFIG FILE TO HANDLE @@ -53,6 +54,12 @@ then ynh_replace_string "__PORT__" "$port" "$config_file" ynh_replace_string "__ENCRYPT__" "$always_encrypt" "$config_file" ynh_replace_string "__SECRET__" "$secret" "$config_file" + if [ $is_public -eq 0 ]; + then + ynh_replace_string "__IS_PUBLIC__" "" "$config_file" + else + ynh_replace_string "__IS_PUBLIC__" "#" "$config_file" + fi fi # Calculate and store the config file checksum into the app settings diff --git a/scripts/install b/scripts/install index dbb969c..2367e0a 100644 --- a/scripts/install +++ b/scripts/install @@ -119,6 +119,12 @@ ynh_replace_string "__ENCRYPT__" "$always_encrypt" "$final_path/lutim.conf" secret=$(ynh_string_random) ynh_replace_string "__SECRET__" "$secret" "$final_path/lutim.conf" ynh_app_setting_set $app secret "$secret" +if [ $is_public -eq 0 ]; +then + ynh_replace_string "__IS_PUBLIC__" "" "$final_path/lutim.conf" +else + ynh_replace_string "__IS_PUBLIC__" "#" "$final_path/lutim.conf" +fi # Calculate and store the config file checksum into the app settings ynh_store_file_checksum "$final_path/lutim.conf" diff --git a/scripts/upgrade b/scripts/upgrade index 5fdad75..a6efb37 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -187,6 +187,13 @@ then ynh_replace_string "__PORT__" "$port" "$final_path/lutim.conf" ynh_replace_string "__ENCRYPT__" "$always_encrypt" "$final_path/lutim.conf" ynh_replace_string "__SECRET__" "$secret" "$final_path/lutim.conf" + + if [ $is_public -eq 0 ]; + then + ynh_replace_string "__IS_PUBLIC__" "" "$final_path/lutim.conf" + else + ynh_replace_string "__IS_PUBLIC__" "#" "$final_path/lutim.conf" + fi # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum "$final_path/lutim.conf"