-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathldap-server-setup.sh
executable file
·90 lines (66 loc) · 2.16 KB
/
ldap-server-setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#/bin/bash
# cd to dir script is run from
cd "$( dirname "${BASH_SOURCE[0]}" )"
if [ `id -u` -ne 0 ]; then
echo "Must be root to run this script"
exit 1
fi
if [ -z $1 ] ; then
echo -e "\nNo backup files specified to restore. If you wish to restore a database, type:"
echo "./ldap-server-setup.sh backupfile"
echo "The backup file is an ldif format that would come from typing something like slapcat -b \"dc=netsoc,dc=dit,dc=ie\" > backupfile.ldif on the ldap server"
echo "the cn=config file is included within this script and is not needed"
exit
fi
restoredatabase=$1
#Config dir exists
if [ ! -d "configs" ]; then
echo "Main configs dir missing. Can't do anything without it. This contains all the templates to deploy to the system"
echo "If you have assumed you don't need this, you're wrong. Please put it back"
exit 1
fi
#Temp dir exists
if [ ! -d "temp" ]; then
mkdir temp
fi
chmod 700 temp
#temp ldap-server dir exists
if [ -d "temp/ldap-server" ]; then
echo "Cleaning up old config files"
rm -r "temp/ldap-server"
fi
#copy files
cp -r configs/ldap-server temp/ldap-server
ldapDir="/var/lib/ldap-netsoc"
#Check for old files + delete
if [ -d $ldapDir ]; then
echo "WARNING: THIS IS PERMANENT"
echo "ldap files already installed, do you wish to remove? (y/n)"
read removeOld
if [ "$removeOld" == "y" ];then
rm -rf $ldapDir/
else
exit
fi
fi
mkdir $ldapDir
debconf-set-selections < temp/ldap-server/debconf-defaults
apt-get update
apt-get -y install slapd ldap-utils pwgen
#TODO configure tls ldif file to contain the right location
#TODO handle tls certs/keys
#Restore old database
/etc/init.d/slapd stop
rm -rf /etc/ldap/slapd.d/*
echo "Now restoring cn=config"
slapadd -F /etc/ldap/slapd.d/ -n0 -l temp/ldap-server/cn.config.ldif
echo "Adding netsoc user objectClass schema..."
slapadd -n 0 < temp/ldap-server/netsocuser_schema.ldif
echo "Adding sudo schema..."
slapadd -n 0 < temp/ldap-server/sudo_schema.ldif
echo "Now restoring database contents"
slapadd -b "dc=netsoc,dc=dit,dc=ie" < $restoredatabase
echo "Fixing permissions..."
chown -R openldap:openldap /var/lib/ldap-netsoc/
chown -R openldap:openldap /etc/ldap/slapd.d/
/etc/init.d/slapd start