[fix] Init LDAP with package installation to fix ynh post-install

data/hooks/conf_regen/06-slapd

@@ -2,6 +2,30 @@
 
 set -e
 
+do_init_regen() {
+  if [[ $EUID -ne 0 ]]; then
+      echo "You must be root to run this script" 1>&2
+      exit 1
+  fi
+
+  do_pre_regen ""
+
+  # fix some permissions
+  chown root:openldap /etc/ldap/slapd.conf
+  chown -R openldap:openldap /etc/ldap/schema/
+
+  # check the slapd config file at first
+  slaptest -Q -u -f /etc/ldap/slapd.conf
+
+  # regenerate LDAP config directory from slapd.conf
+  rm -Rf /etc/ldap/slapd.d
+  mkdir /etc/ldap/slapd.d
+  slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/ 2>&1
+  chown -R openldap:openldap /etc/ldap/slapd.d/
+
+  service slapd restart
+}
+
 do_pre_regen() {
   pending_dir=$1
 
@@ -81,6 +105,9 @@ case "$1" in
   post)
     do_post_regen $4
     ;;
+  init)
+    do_init_regen
+    ;;
   *)
     echo "hook called with unknown argument \`$1'" >&2
     exit 1

debian/postinst

@@ -8,6 +8,7 @@ do_configure() {
   if [ ! -f /etc/yunohost/installed ]; then
       bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init
       bash /usr/share/yunohost/hooks/conf_regen/02-ssl init
+      bash /usr/share/yunohost/hooks/conf_regen/06-slapd init
       bash /usr/share/yunohost/hooks/conf_regen/15-nginx init
   else
       echo "Regenerating configuration, this might take a while..."

src/yunohost/tools.py

@@ -170,16 +170,10 @@ def tools_postinstall(domain, password, ignore_dyndns=False):
     """
     dyndns = not ignore_dyndns
 
-    try:
+    # Do some checks at first
-        with open('/etc/yunohost/installed') as f: pass
+    if os.path.isfile('/etc/yunohost/installed'):
-    except IOError:
+        raise MoulinetteError(errno.EPERM,
-        logger.info(m18n.n('yunohost_installing'))
+                              m18n.n('yunohost_already_installed'))
-    else:
-        raise MoulinetteError(errno.EPERM, m18n.n('yunohost_already_installed'))
-
-    # Regenerate some services at first
-    service_regen_conf(['slapd'], force=True)
-
     if len(domain.split('.')) >= 3 and not ignore_dyndns:
         try:
             r = requests.get('https://dyndns.yunohost.org/domains')
@@ -195,6 +189,19 @@ def tools_postinstall(domain, password, ignore_dyndns=False):
                     raise MoulinetteError(errno.EEXIST,
                                           m18n.n('dyndns_unavailable'))
 
+    logger.info(m18n.n('yunohost_installing'))
+
+    # Instantiate LDAP Authenticator
+    auth = init_authenticator(('ldap', 'default'),
+                              {'uri': "ldap://localhost:389",
+                               'base_dn': "dc=yunohost,dc=org",
+                               'user_rdn': "cn=admin" })
+    auth.authenticate('yunohost')
+
+    # Initialize LDAP for YunoHost
+    # TODO: Improve this part by integrate ldapinit into conf_regen hook
+    tools_ldapinit(auth)
+
     # Create required folders
     folders_to_create = [
         '/etc/yunohost/apps',
@@ -233,6 +240,7 @@ def tools_postinstall(domain, password, ignore_dyndns=False):
     os.system('chmod 644 /etc/ssowat/conf.json.persistent')
 
     # Create SSL CA
+    service_regen_conf(['ssl'], force=True)
     ssl_dir = '/usr/share/yunohost/yunohost-config/ssl/yunoCA'
     command_list = [
         'echo "01" > %s/serial' % ssl_dir,
@@ -250,16 +258,6 @@ def tools_postinstall(domain, password, ignore_dyndns=False):
             raise MoulinetteError(errno.EPERM,
                                   m18n.n('yunohost_ca_creation_failed'))
 
-    # Instantiate LDAP Authenticator
-    auth = init_authenticator(('ldap', 'default'),
-                              { 'uri': "ldap://localhost:389",
-                                'base_dn': "dc=yunohost,dc=org",
-                                'user_rdn': "cn=admin" })
-    auth.authenticate('yunohost')
-
-    # Initialize YunoHost LDAP base
-    tools_ldapinit(auth)
-
     # New domain config
     tools_maindomain(auth, old_domain='yunohost.org', new_domain=domain, dyndns=dyndns)