[enh] Add slapd conf regen hook

2024-09-03 20:06:10 +02:00 · 2015-09-28 19:47:43 -04:00 · 2015-09-28 19:47:43 -04:00 · b9f9a3f105
commit b9f9a3f105
parent cfc661e612
4 changed files with 63 additions and 4 deletions
--- a/data/hooks/conf_regen/.15-nginx.swn
+++ b/data/hooks/conf_regen/.15-nginx.swn
--- a/data/hooks/conf_regen/06-slapd
+++ b/data/hooks/conf_regen/06-slapd
@ -0,0 +1,40 @@
+#!/bin/bash
+set -e 
+
+force=$1
+
+function safe_copy () {
+    if [ $force ]; then
+        sudo yunohost service safecopy \
+          -s slapd \
+          $1 $2 \
+          --force
+    else
+        sudo yunohost service safecopy \
+          -s slapd \
+          $1 $2
+    fi
+}
+
+cd /usr/share/yunohost/templates/slapd
+
+safe_copy mailserver.schema /etc/ldap/schema/mailserver.schema
+safe_copy ldap.conf /etc/ldap/ldap.conf
+safe_copy slapd.default /etc/default/slapd
+
+# Compatibility: change from HDB to MDB on Jessie
+version=$(sed 's/\..*//' /etc/debian_version)
+if [[ "$version" == '8' ]]; then
+    sudo sed -i "s/  hdb/  mdb/g" slapd.conf
+fi
+
+safe_copy slapd.conf /etc/ldap/slapd.conf
+sudo chown root:openldap /etc/ldap/slapd.conf
+sudo rm -Rf /etc/ldap/slapd.d
+sudo mkdir /etc/ldap/slapd.d
+sudo chown -R openldap:openldap /etc/ldap/schema/
+sudo chown -R openldap:openldap /etc/ldap/slapd.d/
+
+sudo slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d/
+
+sudo service slapd force-reload
--- a/data/templates/slapd/ldap.conf
+++ b/data/templates/slapd/ldap.conf
@ -0,0 +1,18 @@
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+#BASE dc=example,dc=com
+#URI  ldap://ldap.example.com ldap://ldap-master.example.com:666
+
+#SIZELIMIT  12
+#TIMELIMIT  15
+#DEREF    never
+
+# TLS certificates (needed for GnuTLS)
+TLS_CACERT  /etc/ssl/certs/ca-certificates.crt
+
+sudoers_base ou=sudo,dc=yunohost,dc=org
--- a/lib/yunohost/service.py
+++ b/lib/yunohost/service.py
@ -511,10 +511,11 @@ def service_safecopy(service, new_conf_file, conf_file, force=False):
    regenerated = False
    services = _get_services()

-    if os.path.exists(new_conf_file):
-        filename = new_conf_file
-        with open(filename, 'r') as f:
-            new_conf = ''.join(f.readlines()).rstrip()
+    if not os.path.exists(new_conf_file):
+        raise MoulinetteError(errno.EIO, m18n.n('no_such_conf_file', new_conf_file))
+
+    with open(new_conf_file, 'r') as f:
+        new_conf = ''.join(f.readlines()).rstrip()

    # Backup existing file
    date = time.strftime("%Y%m%d.%H%M%S")