wip

2022-08-31 12:06:45 +02:00 · 2022-08-31 12:06:45 +02:00 · 9991411f29
commit 9991411f29
parent 8c8e4b8433
5 changed files with 139 additions and 0 deletions
--- a/bundles/openldap/README.md
+++ b/bundles/openldap/README.md
@ -0,0 +1,5 @@
+dpkg-reconfigure -plow slapd
+
+QqLeyREjjrWgK2kjNQ
+
+ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config"
--- a/bundles/openldap/items.py
+++ b/bundles/openldap/items.py
--- a/bundles/openldap/metadata.py
+++ b/bundles/openldap/metadata.py
@ -0,0 +1,8 @@
+defaults = {
+    'apt': {
+        'packages': {
+            'slapd': {},
+            'ldap-utils': {},
+        },
+    },
+}
--- a/bundles/web2ldap/items.py
+++ b/bundles/web2ldap/items.py
@ -0,0 +1,63 @@
+from shlex import quote
+
+users = {
+    'web2ldap': {},
+}
+
+directories = {
+    '/opt/web2ldap': {
+        'owner': 'web2ldap',
+    },
+}
+
+actions = {
+    'web2ldap_initialize_venv': {
+        'command': 'sudo -u web2ldap python3 -m venv /opt/web2ldap',
+        'unless': 'test -e /opt/web2ldap/bin/pip3',
+        'needs': [
+            'directory:/opt/web2ldap',
+        ],
+        'triggers': [
+            'svc_systemd:web2ldap.service:restart',
+        ],
+    },
+    'web2ldap_install': {
+        'command': """sudo -u web2ldap /opt/web2ldap/bin/pip3 install web2ldap""",
+        'unless': """sudo -u web2ldap /opt/web2ldap/bin/pip3 list --format=freeze | cut -d '=' -f 1 | grep -q '^web2ldap$'""",
+        'needs': [
+            'action:web2ldap_initialize_venv',
+        ],
+        'triggers': [
+            'svc_systemd:web2ldap.service:restart',
+        ],
+    },
+    'web2ldap_set_cookie_domain': {
+        'command': f"""sed -iE "s/^cookie_domain.*/cookie_domain = '{node.metadata.get('web2ldap/domain')}'/g" /opt/web2ldap/etc/web2ldap/web2ldapcnf/__init__.py""",
+        'unless':  f"""grep -q "^cookie_domain = '{node.metadata.get('web2ldap/domain')}'$" /opt/web2ldap/etc/web2ldap/web2ldapcnf/__init__.py""",
+        'needs': [
+            'action:web2ldap_install',
+        ],
+        'triggers': [
+            'svc_systemd:web2ldap.service:restart',
+        ],
+    },
+    'web2ldap_upgrade_venv': {
+        'command': """sudo -u web2ldap /opt/web2ldap/bin/pip3 list --outdated --format=freeze | cut -d '=' -f 1 | xargs -n1 /opt/web2ldap/bin/pip3 install --upgrade""",
+        'unless':  """sudo -u web2ldap /opt/web2ldap/bin/pip3 list --outdated --format=freeze | wc -l | grep -q '^0$'""",
+        'needs': [
+            'action:web2ldap_install',
+        ],
+        'triggers': [
+            'svc_systemd:web2ldap.service:restart',
+        ],
+    },
+}
+
+svc_systemd = {
+    'web2ldap.service': {
+        'needs': [
+            'action:web2ldap_initialize_venv',
+            'action:web2ldap_upgrade_venv',
+        ],
+    },
+}
--- a/bundles/web2ldap/metadata.py
+++ b/bundles/web2ldap/metadata.py
@ -0,0 +1,63 @@
+from importlib.metadata import metadata
+
+
+defaults = {
+    'apt': {
+        'packages': {
+            'libsasl2-dev': {},
+            'python3-dev': {},
+            'libldap2-dev': {},
+            'libssl-dev': {},
+        },
+    },
+}
+
+
+@metadata_reactor.provides(
+    'systemd/units/web2ldap.service',
+)
+def systemd(metadata):
+    return {
+        'systemd': {
+            'units': {
+                'web2ldap.service': {
+                    'Unit': {
+                        'Description': 'gitea',
+                        'After': 'syslog.target',
+                        'After': 'network.target',
+                    },
+                    'Service': {
+                        'User': 'web2ldap',
+                        'WorkingDirectory': '/opt/web2ldap',
+                        'ExecStart': '/opt/web2ldap/bin/web2ldap 127.0.0.1 1760',
+                        'Restart': 'always',
+                        'Environment': [
+                            '"SERVER_NAME=' + metadata.get('web2ldap/domain') + '"',
+                            '"HTTP_HOST=' + metadata.get('web2ldap/domain') + '"',
+                        ],
+                    },
+                    'Install': {
+                        'WantedBy': {'multi-user.target'},
+                    },
+                },
+            },
+        },
+    }
+
+
+@metadata_reactor.provides(
+    'nginx/vhosts',
+)
+def nginx(metadata):
+    return {
+        'nginx': {
+            'vhosts': {
+                metadata.get('web2ldap/domain'): {
+                    'content': 'nginx/proxy_pass.conf',
+                    'context': {
+                        'target': 'http://127.0.0.1:1760',
+                    }
+                },
+            },
+        },
+    }