diff options
author | Daniel Baumann <daniel.baumann@open-infrastructure.net> | 2022-07-26 11:30:24 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@open-infrastructure.net> | 2023-06-20 04:27:57 +0000 |
commit | 8826ccc80d0cacb18c942174b6b44522b8121b03 (patch) | |
tree | dc83aa2b8ec745b5cd168de2ec32d90ff15d0bb3 /openldap | |
parent | linux-leds (WIP) (diff) | |
download | service-tools-8826ccc80d0cacb18c942174b6b44522b8121b03.tar.xz service-tools-8826ccc80d0cacb18c942174b6b44522b8121b03.zip |
openldap (WIP)
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Diffstat (limited to 'openldap')
-rw-r--r-- | openldap/Makefile | 138 | ||||
-rwxr-xr-x | openldap/bin/slapd-cron-backup | 33 | ||||
-rwxr-xr-x | openldap/bin/slapd-cron-clean | 29 | ||||
-rwxr-xr-x | openldap/share/cron/dehydrated | 4 |
4 files changed, 204 insertions, 0 deletions
diff --git a/openldap/Makefile b/openldap/Makefile new file mode 100644 index 0000000..e68219e --- /dev/null +++ b/openldap/Makefile @@ -0,0 +1,138 @@ +# Open Infrastructure: service-tools + +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +SHELL := sh -e + +SCRIPTS = bin/* + +all: build + +test: + @echo -n "Checking for syntax errors with sh... " + @for SCRIPT in $(SCRIPTS); \ + do \ + sh -n $${SCRIPT}; \ + echo -n "."; \ + done + @echo " done." + + @echo -n "Checking for bashisms... " + @if [ -x /usr/bin/checkbashisms ]; \ + then \ + for SCRIPT in $(SCRIPTS); \ + do \ + checkbashisms -f -x $${SCRIPT}; \ + echo -n "."; \ + done; \ + else \ + echo "Note: devscripts not installed, skipping checkbashisms."; \ + fi + @echo " done." + + @echo -n "Checking with shellcheck... " + @if [ -x /usr/bin/shellcheck ]; \ + then \ + for SCRIPT in $(SCRIPTS); \ + do \ + shellcheck -e SC1090 -e SC2039 $${SCRIPT}; \ + echo -n "."; \ + done; \ + else \ + echo "Note: shellcheck not installed, skipping shellcheck."; \ + fi + @echo " done." + +build: share/man/*.rst + $(MAKE) -C share/man + +install: build + mkdir -p $(DESTDIR)/etc/dehydrated/hook.d + + mkdir -p $(DESTDIR)/etc/cron.d + cp -r share/cron/* $(DESTDIR)/etc/cron.d + + mkdir -p $(DESTDIR)/etc/cron.daily + ln -s /usr/bin/dehydrated-cron $(DESTDIR)/etc/cron.daily/dehydrated + + mkdir -p $(DESTDIR)/etc/logrotate.d + cp -r share/logrotate/* $(DESTDIR)/etc/logrotate.d + + mkdir -p $(DESTDIR)/usr/bin + cp -r bin/* $(DESTDIR)/usr/bin + + mkdir -p $(DESTDIR)/usr/share/dehydrated/hooks + cp -r share/hooks/* $(DESTDIR)/usr/share/dehydrated/hooks + + ln -sf /usr/bin/dehydrated-nsupdate $(DESTDIR)/usr/share/dehydrated/hooks/clean_challenge.nsupdate + ln -sf /usr/bin/dehydrated-nsupdate $(DESTDIR)/usr/share/dehydrated/hooks/deploy_challenge.nsupdate + + for SECTION in $$(seq 1 8); \ + do \ + if ls share/man/*.$${SECTION} > /dev/null 2>&1; \ + then \ + mkdir -p $(DESTDIR)/usr/share/man/man$${SECTION}; \ + cp share/man/*.$${SECTION} $(DESTDIR)/usr/share/man/man$${SECTION}; \ + fi; \ + done + +uninstall: + for SECTION in $$(seq 1 8); \ + do \ + for FILE in share/man/*.$${SECTION}; \ + do \ + rm -f $(DESTDIR)/usr/share/man/man$${SECTION}/$$(basename $${FILE}); \ + done; \ + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/share/man/man$${SECTION} || true; \ + done + + rm -rf $(DESTDIR)/usr/share/dehydrated/hooks + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/share/dehydrated || true + + for FILE in bin/*; \ + do \ + rm -f $(DESTDIR)/usr/bin/$$(basename $${FILE}); \ + done + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/bin || true + + for FILE in share/logrotate/*; \ + do \ + rm -f $(DESTDIR)/etc/logrotate.d/$$(basename $${FILE}); \ + done + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/etc/logrotate.d || true + + rm -f $(DESTDIR)/etc/cron.daily/dehydrated + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/etc/cron.daily || true + + for FILE in share/cron/*; \ + do \ + rm -f $(DESTDIR)/etc/cron.d/$$(basename $${FILE}); \ + done + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/etc/cron.d || true + + rm -rf $(DESTDIR)/etc/dehydrated/hook.d + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/etc/dehydrated || true + + rmdir --ignore-fail-on-non-empty --parents $(DESTDIR) || true + +clean: + $(MAKE) -C share/man clean + +distclean: clean + +reinstall: uninstall install diff --git a/openldap/bin/slapd-cron-backup b/openldap/bin/slapd-cron-backup new file mode 100755 index 0000000..814590e --- /dev/null +++ b/openldap/bin/slapd-cron-backup @@ -0,0 +1,33 @@ +#!/bin/sh + +# Open Infrastructure: service-tools + +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +set -e + +BFHBCK=bfh-$( date +%y%m%d-%H%M ).ldif +ACCESSBCK=access-$( date +%y%m%d-%H%M ).ldif +BACKUPDIR=/srv/ldap-master.bfh.ch/slapcat + +/usr/sbin/slapcat -v -b "dc=bfh,dc=ch" -l $BACKUPDIR/$BFHBCK +gzip -9 $BACKUPDIR/$BFHBCK +/usr/sbin/slapcat -v -b "cn=accesslog" -l $BACKUPDIR/$ACCESSBCK +gzip -9 $BACKUPDIR/$ACCESSBCK + +find $BACKUPDIR -mtime +14 -exec rm {} + diff --git a/openldap/bin/slapd-cron-clean b/openldap/bin/slapd-cron-clean new file mode 100755 index 0000000..9e915bb --- /dev/null +++ b/openldap/bin/slapd-cron-clean @@ -0,0 +1,29 @@ +#!/bin/sh + +# Open Infrastructure: service-tools + +# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net> +# +# SPDX-License-Identifier: GPL-3.0+ +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <https://www.gnu.org/licenses/>. + +set -e + +for FILE in $(find /var/lib/ldap -type f -name DB_CONFIG) +do + DATABASE="$(dirname "${FILE}")" + + db_archive -d -h "${DATABASE}" +done diff --git a/openldap/share/cron/dehydrated b/openldap/share/cron/dehydrated new file mode 100755 index 0000000..a560985 --- /dev/null +++ b/openldap/share/cron/dehydrated @@ -0,0 +1,4 @@ +# /etc/cron.d/dehydrated + +@daily root /usr/bin/slapd-cron-db +@daily root /usr/bin/slapd-cron-backup |