fork 0k-charms
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

90 lines
2.0 KiB

#!/bin/bash
set -eux # -x for verbose logging to juju debug-log
## XXXvlab: this is interactive : requires a password !
apt-get install -y slapd
## XXXvlab: this is a client package, and could maybe be removed from here.
apt-get install -y ldap-utils
## Install a database
rootsuffix="dc=example,dc=com"
rootdn="cn=admin,$rootsuffix"
rootpw="secret"
cat <<EOF > /tmp/database.ldif
## XXXvlab: already loaded
## Load dynamic backend modules
#dn: cn=module,cn=config
#objectClass: olcModuleList
#cn: module
#olcModulepath: /usr/lib/ldap
#olcModuleload: back_hdb
## Database settings
dn: olcDatabase=hdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcHdbConfig
olcDatabase: {1}hdb
olcSuffix: $rootsuffix
olcDbDirectory: /var/lib/ldap
olcRootDN: $rootdn
olcRootPW: $rootpw
olcDbConfig: set_cachesize 0 2097152 0
olcDbConfig: set_lk_max_objects 1500
olcDbConfig: set_lk_max_locks 1500
olcDbConfig: set_lk_max_lockers 1500
olcDbIndex: objectClass eq
olcLastMod: TRUE
olcDbCheckpoint: 512 30
olcAccess: to attrs=userPassword by dn="$rootdn" write by anonymous auth by self write by * none
olcAccess: to attrs=shadowLastChange by self write by * read
olcAccess: to dn.base="" by * read
olcAccess: to * by dn="$rootdn" write by * read
EOF
ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/database.ldif
rm /tmp/database.ldif
## MMC schema
echo "
## Mandriva Directory Server
deb http://mds.mandriva.org/pub/mds/debian squeeze main
" >> /etc/apt/sources.list
apt-get update
apt-get install -y mmc-agent
mmc-add-schema /usr/share/doc/python-mmc-base/contrib/ldap/mmc.schema /etc/ldap/schema/
mmc-add-schema /usr/share/doc/python-mmc-base/contrib/ldap/mail.schema /etc/ldap/schema/
## Change password
##
#python -c 'print($LDAP_PASSWORD).encode("base64")'
# to put in /etc/mmc/plugins/base.ini
##
## LDAP Backup
##
cat <<EOF > /etc/cron.d/ldapbackup
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
32 1 * * * root ansi_colors=no dayold=3 nbold=15 ldapdump_to_dir /var/backups
EOF