ldap
authorOwen Smith <owen@omsmith.ca>
Wed, 15 May 2013 05:56:06 +0000 (01:56 -0400)
committerOwen Smith <owen@omsmith.ca>
Wed, 15 May 2013 05:56:06 +0000 (01:56 -0400)
bootstrap.sh
templates/ldap.conf [new file with mode: 0644]

index a69842f..2a6ae19 100755 (executable)
@@ -13,16 +13,17 @@ grep 'http://mirror' /etc/apt/sources.list > /dev/null \
 apt-get update
 apt-get install sed curl
 
-DISTRO=`lsb_release -sc`
+DIST=`lsb_release -si`
+DISTVERSION=`lsb_release -sc`
 
 # we'll be adding emdebian repo if we're on debian
-if [[ `lsb_release -si` = "Debian" ]] ; then
+if [[ $DIST = "Debian" ]] ; then
     apt-get install emdebian-archive-keyring
     cp ./templates/emdebian.list > /etc/apt/sources.list.d/emdebian.list
 fi
 
 # add csclub repo
-sed "s/<distribution>/$DISTRO/" < ./templates/csclub.list > /etc/apt/sources.list.d/csclub.list
+sed "s/<distribution>/$DISTVERSION/" < ./templates/csclub.list > /etc/apt/sources.list.d/csclub.list
 curl -s http://debian.csclub.uwaterloo.ca/csclub.asc | apt-key add -
 
 apt-get update
@@ -40,3 +41,9 @@ sed "s/_IP_SUFFIX/$IP_SUFFIX/" < ./templates/interfaces > /etc/network/interface
 # nsswitch
 cp ./templates/nsswitch.conf /etc/nsswitch.conf
 
+# ldap
+cp ./templates/ldap.conf /etc/ldap/ldap.conf
+if [[ $DIST = "Debian" ]] ; then
+       ln -s /etc/ldap/ldap.conf /etc/sudo-ldap.conf
+fi
+
diff --git a/templates/ldap.conf b/templates/ldap.conf
new file mode 100644 (file)
index 0000000..0c0da16
--- /dev/null
@@ -0,0 +1,18 @@
+# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01 kurt Exp $
+#
+# LDAP Defaults
+#
+
+# See ldap.conf(5) for details
+# This file should be world readable but not world writable.
+
+BASE   dc=csclub, dc=uwaterloo, dc=ca
+URI     ldaps://ldap1.csclub.uwaterloo.ca ldaps://ldap2.csclub.uwaterloo.ca
+
+SIZELIMIT      0
+
+TLS_CACERT      /etc/ssl/certs/GlobalSign_Intermediate_Root.pem
+TLS_CACERTFILE /etc/ssl/certs/GlobalSign_Intermediate_Root.pem
+
+SUDOERS_BASE    ou=SUDOers,dc=csclub,dc=uwaterloo,dc=ca
+