YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Move ldap initialization before the postinstall

Browse source
This commit is contained in:
Alexandre Aubin 2020-10-11 17:05:08 +02:00
parent f5ab4443ff
commit ed35915e7f
6 changed files with 53 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
data/hooks/conf_regen/06-slapd
View file

@ -14,6 +14,30 @@ do_init_regen() {
systemctl daemon-reload systemctl daemon-reload
systemctl restart slapd
# Drop current existing slapd data
rm -rf /var/backups/*.ldapdb
rm -rf /var/backups/slapd-*
debconf-set-selections << EOF
slapd slapd/password1 password yunohost
slapd slapd/password2 password yunohost
slapd slapd/domain string yunohost.org
slapd shared/organization string yunohost.org
slapd slapd/allow_ldap_v2 boolean false
slapd slapd/invalid_config boolean true
slapd slapd/backend select MDB
slapd slapd/move_old_database boolean true
slapd slapd/no_configuration boolean false
slapd slapd/purge_database boolean false
EOF
DEBIAN_FRONTEND=noninteractive dpkg-reconfigure slapd -u
# Regen conf
_regenerate_slapd_conf _regenerate_slapd_conf
# Enforce permissions # Enforce permissions
@ -21,7 +45,11 @@ do_init_regen() {
chown -R openldap:openldap /etc/ldap/schema/ chown -R openldap:openldap /etc/ldap/schema/
usermod -aG ssl-cert openldap usermod -aG ssl-cert openldap
service slapd restart systemctl restart slapd
# (Re-)init data according to ldap_scheme.yaml
yunohost tools shell -c "from yunohost.tools import tools_ldapinit; tools_ldapinit()"
} }
_regenerate_slapd_conf() { _regenerate_slapd_conf() {
@ -31,7 +59,8 @@ _regenerate_slapd_conf() {
# so we use a temporary directory slapd_new.d # so we use a temporary directory slapd_new.d
rm -Rf /etc/ldap/slapd_new.d rm -Rf /etc/ldap/slapd_new.d
mkdir /etc/ldap/slapd_new.d mkdir /etc/ldap/slapd_new.d
slapadd -n0 -l /etc/ldap/slapd.ldif -F /etc/ldap/slapd_new.d/ 2>&1 slapadd -n0 -l /etc/ldap/slapd.ldif -F /etc/ldap/slapd_new.d/ 2>&1 \
| grep -v "none elapsed\|Closing DB" || true
# Actual validation (-Q is for quiet, -u is for dry-run) # Actual validation (-Q is for quiet, -u is for dry-run)
slaptest -Q -u -F /etc/ldap/slapd_new.d slaptest -Q -u -F /etc/ldap/slapd_new.d

10
data/hooks/conf_regen/09-nslcd
View file

@ -2,6 +2,11 @@
set -e set -e
do_init_regen() {
do_pre_regen ""
systemctl restart nslcd
}
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
@ -14,7 +19,7 @@ do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| service nslcd restart || systemctl restart nslcd
} }
FORCE=${2:-0} FORCE=${2:-0}
@ -27,6 +32,9 @@ case "$1" in
post) post)
do_post_regen $4 do_post_regen $4
;; ;;
init)
do_init_regen
;;
*) *)
echo "hook called with unknown argument \`$1'" >&2 echo "hook called with unknown argument \`$1'" >&2
exit 1 exit 1

10
data/hooks/conf_regen/46-nsswitch
View file

@ -2,6 +2,11 @@
set -e set -e
do_init_regen() {
do_pre_regen ""
systemctl restart unscd
}
do_pre_regen() { do_pre_regen() {
pending_dir=$1 pending_dir=$1
@ -14,7 +19,7 @@ do_post_regen() {
regen_conf_files=$1 regen_conf_files=$1
[[ -z "$regen_conf_files" ]] \ [[ -z "$regen_conf_files" ]] \
|| service unscd restart || systemctl restart unscd
} }
FORCE=${2:-0} FORCE=${2:-0}
@ -27,6 +32,9 @@ case "$1" in
post) post)
do_post_regen $4 do_post_regen $4
;; ;;
init)
do_init_regen
;;
*) *)
echo "hook called with unknown argument \`$1'" >&2 echo "hook called with unknown argument \`$1'" >&2
exit 1 exit 1

2
debian/postinst vendored
View file

@ -8,6 +8,8 @@ do_configure() {
if [ ! -f /etc/yunohost/installed ]; then if [ ! -f /etc/yunohost/installed ]; then
bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init bash /usr/share/yunohost/hooks/conf_regen/01-yunohost init
bash /usr/share/yunohost/hooks/conf_regen/02-ssl init bash /usr/share/yunohost/hooks/conf_regen/02-ssl init
bash /usr/share/yunohost/hooks/conf_regen/09-nslcd init
bash /usr/share/yunohost/hooks/conf_regen/46-nsswitch init
bash /usr/share/yunohost/hooks/conf_regen/06-slapd init bash /usr/share/yunohost/hooks/conf_regen/06-slapd init
bash /usr/share/yunohost/hooks/conf_regen/15-nginx init bash /usr/share/yunohost/hooks/conf_regen/15-nginx init
else else

1
src/yunohost/__init__.py
View file

@ -53,6 +53,7 @@ def check_command_is_valid_before_postinstall(args):
allowed_if_not_postinstalled = ['tools postinstall', allowed_if_not_postinstalled = ['tools postinstall',
'tools versions', 'tools versions',
'tools shell',
'backup list', 'backup list',
'backup restore', 'backup restore',
'log display'] 'log display']

8
src/yunohost/tools.py
View file

@ -59,8 +59,6 @@ def tools_versions():
def tools_ldapinit(): def tools_ldapinit():
""" """
YunoHost LDAP initialization YunoHost LDAP initialization
""" """
with open('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') as f: with open('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') as f:
@ -288,12 +286,6 @@ def tools_postinstall(operation_logger, domain, password, ignore_dyndns=False,
operation_logger.start() operation_logger.start()
logger.info(m18n.n('yunohost_installing')) logger.info(m18n.n('yunohost_installing'))
regen_conf(['nslcd', 'nsswitch'], force=True)
# Initialize LDAP for YunoHost
# TODO: Improve this part by integrate ldapinit into conf_regen hook
tools_ldapinit()
# Create required folders # Create required folders
folders_to_create = [ folders_to_create = [
'/etc/yunohost/apps', '/etc/yunohost/apps',