[c99abb]: scripts / setup-scm-server.py History

Child: [ddf08c] (diff)

Download this file

setup-scm-server.py    107 lines (92 with data), 2.9 kB 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
import os

import string

from tempfile import mkstemp

from ConfigParser import ConfigParser, NoOptionError



config = ConfigParser()



def main():

    config.read('.setup-scm-cache')

    if not config.has_section('scm'):

        config.add_section('scm')

    domain = get_value('domain', 'dc=example,dc=com')

    if config.get('start slapd', 'y') == 'y':

        run('service slapd start')

    if config.get('add base ldap schemas', 'y') == 'y':

        run('ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif')

        run('ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif')

        run('ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif')

    secret = config.get('admin password', 'secret')

    if config.get('add backend ldif', 'y') == 'y':

        add_ldif(backend_ldif, domain=domain, secret=secret)

    if config.get('add frontend ldif', 'y') == 'y':

        add_ldif(frontend_ldif, domain=domain, secret=secret)





def get_value(key, default):

    try:

        value = config.get('scm', key)

    except NoOptionError:

        value = raw_input('%s? [%s]' % key, default)

        if not value: value = default

        config.set('scm', key, value)

    return value



def run(command):

    rc = os.system(command)

    assert rc == 0

    return rc



def add_ldif(template, **values):

    fd, name = mkstemp()

    os.write(fd, template.substitute(values))

    os.close(fd)

    run('ldapadd -Y EXTERNAL -H ldapi:/// -f %s' % name)

    os.remove(name)



backend_ldif=string.Template('''

# Load dynamic backend modules

dn: cn=module,cn=config

objectClass: olcModuleList

cn: module

olcModulepath: /usr/lib/ldap

olcModuleload: back_hdb



# Database settings

dn: olcDatabase=hdb,cn=config

objectClass: olcDatabaseConfig

objectClass: olcHdbConfig

olcDatabase: {1}hdb

olcSuffix: $domain

olcDbDirectory: /var/lib/ldap

olcRootDN: cn=admin,$domain

olcRootPW: $secret

olcDbConfig: set_cachesize 0 2097152 0

olcDbConfig: set_lk_max_objects 1500

olcDbConfig: set_lk_max_locks 1500

olcDbConfig: set_lk_max_lockers 1500

olcDbIndex: objectClass eq

olcLastMod: TRUE

olcDbCheckpoint: 512 30

olcAccess: to attrs=userPassword by dn="cn=admin,$domain" write by anonymous auth by self write by * none

olcAccess: to attrs=shadowLastChange by self write by * read

olcAccess: to dn.base="" by * read

olcAccess: to * by dn="cn=admin,$domain" write by * read



''')



frontend_ldif=string.Template('''

# Create top-level object in domain

dn: $domain

objectClass: top

objectClass: dcObject

objectclass: organization

o: SCM Host Organization

dc: SCM

description: SCM Host Server



# Admin user.

dn: cn=admin,$domain

objectClass: simpleSecurityObject

objectClass: organizationalRole

cn: admin

description: LDAP administrator

userPassword: $secret



dn: ou=people,$domain

objectClass: organizationalUnit

ou: people



dn: ou=groups,$domain

objectClass: organizationalUnit

ou: groups

''')



if __name__ == '__main__':

    main()