fork 0k-charms
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

90 lines
2.0 KiB

  1. #!/bin/bash
  2. set -eux # -x for verbose logging to juju debug-log
  3. ## XXXvlab: this is interactive : requires a password !
  4. apt-get install -y slapd
  5. ## XXXvlab: this is a client package, and could maybe be removed from here.
  6. apt-get install -y ldap-utils
  7. ## Install a database
  8. rootsuffix="dc=example,dc=com"
  9. rootdn="cn=admin,$rootsuffix"
  10. rootpw="secret"
  11. cat <<EOF > /tmp/database.ldif
  12. ## XXXvlab: already loaded
  13. ## Load dynamic backend modules
  14. #dn: cn=module,cn=config
  15. #objectClass: olcModuleList
  16. #cn: module
  17. #olcModulepath: /usr/lib/ldap
  18. #olcModuleload: back_hdb
  19. ## Database settings
  20. dn: olcDatabase=hdb,cn=config
  21. objectClass: olcDatabaseConfig
  22. objectClass: olcHdbConfig
  23. olcDatabase: {1}hdb
  24. olcSuffix: $rootsuffix
  25. olcDbDirectory: /var/lib/ldap
  26. olcRootDN: $rootdn
  27. olcRootPW: $rootpw
  28. olcDbConfig: set_cachesize 0 2097152 0
  29. olcDbConfig: set_lk_max_objects 1500
  30. olcDbConfig: set_lk_max_locks 1500
  31. olcDbConfig: set_lk_max_lockers 1500
  32. olcDbIndex: objectClass eq
  33. olcLastMod: TRUE
  34. olcDbCheckpoint: 512 30
  35. olcAccess: to attrs=userPassword by dn="$rootdn" write by anonymous auth by self write by * none
  36. olcAccess: to attrs=shadowLastChange by self write by * read
  37. olcAccess: to dn.base="" by * read
  38. olcAccess: to * by dn="$rootdn" write by * read
  39. EOF
  40. ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/database.ldif
  41. rm /tmp/database.ldif
  42. ## MMC schema
  43. echo "
  44. ## Mandriva Directory Server
  45. deb http://mds.mandriva.org/pub/mds/debian squeeze main
  46. " >> /etc/apt/sources.list
  47. apt-get update
  48. apt-get install -y mmc-agent
  49. mmc-add-schema /usr/share/doc/python-mmc-base/contrib/ldap/mmc.schema /etc/ldap/schema/
  50. mmc-add-schema /usr/share/doc/python-mmc-base/contrib/ldap/mail.schema /etc/ldap/schema/
  51. ## Change password
  52. ##
  53. #python -c 'print($LDAP_PASSWORD).encode("base64")'
  54. # to put in /etc/mmc/plugins/base.ini
  55. ##
  56. ## LDAP Backup
  57. ##
  58. cat <<EOF > /etc/cron.d/ldapbackup
  59. SHELL=/bin/sh
  60. PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
  61. 32 1 * * * root ansi_colors=no dayold=3 nbold=15 ldapdump_to_dir /var/backups
  62. EOF