2021-08-20 14:17:00 -04:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
set -ex
|
|
|
|
|
2021-08-29 13:08:35 -04:00
|
|
|
. .drone/common.sh
|
2021-08-20 14:34:29 -04:00
|
|
|
|
2021-08-20 14:17:00 -04:00
|
|
|
# set FQDN in /etc/hosts
|
2021-08-21 02:27:33 -04:00
|
|
|
add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid
|
|
|
|
add_fqdn_to_hosts $(get_ip_addr auth1) auth1
|
2021-08-29 13:08:35 -04:00
|
|
|
add_fqdn_to_hosts $(get_ip_addr coffee) coffee
|
2021-09-09 20:13:39 -04:00
|
|
|
# mail container doesn't run in CI
|
|
|
|
if [ -z "$CI" ]; then
|
|
|
|
add_fqdn_to_hosts $(get_ip_addr mail) mail
|
|
|
|
fi
|
2021-08-20 14:17:00 -04:00
|
|
|
|
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
apt update
|
|
|
|
|
|
|
|
# LDAP
|
|
|
|
apt install -y --no-install-recommends libnss-ldapd
|
|
|
|
service nslcd stop || true
|
|
|
|
cp .drone/ldap.conf /etc/ldap/ldap.conf
|
|
|
|
grep -Eq '^map group member uniqueMember$' /etc/nslcd.conf || \
|
|
|
|
echo 'map group member uniqueMember' >> /etc/nslcd.conf
|
|
|
|
sed -E -i 's/^uri .*$/uri ldap:\/\/auth1.csclub.internal/' /etc/nslcd.conf
|
|
|
|
sed -E -i 's/^base .*$/base dc=csclub,dc=internal/' /etc/nslcd.conf
|
|
|
|
cp .drone/nsswitch.conf /etc/nsswitch.conf
|
|
|
|
|
|
|
|
# KERBEROS
|
|
|
|
apt install -y krb5-user libpam-krb5 libsasl2-modules-gssapi-mit
|
|
|
|
cp .drone/krb5.conf /etc/krb5.conf
|
|
|
|
|
|
|
|
apt install -y netcat-openbsd
|
2021-08-29 13:08:35 -04:00
|
|
|
|
|
|
|
sync_with auth1
|
2021-08-20 14:17:00 -04:00
|
|
|
|
|
|
|
rm -f /etc/krb5.keytab
|
|
|
|
cat <<EOF | kadmin -p sysadmin/admin
|
|
|
|
krb5
|
|
|
|
addprinc -randkey host/phosphoric-acid.csclub.internal
|
|
|
|
ktadd host/phosphoric-acid.csclub.internal
|
|
|
|
addprinc -randkey ceod/phosphoric-acid.csclub.internal
|
|
|
|
ktadd ceod/phosphoric-acid.csclub.internal
|
|
|
|
addprinc -randkey ceod/admin
|
|
|
|
ktadd ceod/admin
|
|
|
|
EOF
|
|
|
|
service nslcd start
|
|
|
|
|
2021-08-29 13:08:35 -04:00
|
|
|
sync_with coffee
|
2021-09-09 23:21:22 -04:00
|
|
|
if [ -z "$CI" ]; then
|
|
|
|
sync_with mail
|
|
|
|
fi
|
2021-08-29 13:08:35 -04:00
|
|
|
|
2021-08-20 14:17:00 -04:00
|
|
|
# initialize the skel directory
|
|
|
|
shopt -s dotglob
|
|
|
|
mkdir -p /users/skel
|
|
|
|
cp /etc/skel/* /users/skel/
|
2021-09-09 20:13:39 -04:00
|
|
|
|
|
|
|
# create directories for users
|
|
|
|
for user in ctdalek regular1 exec1; do
|
|
|
|
mkdir /users/$user
|
|
|
|
chown $user:$user /users/$user
|
|
|
|
done
|
|
|
|
|
|
|
|
if [ -z "$CI" ]; then
|
|
|
|
sleep infinity
|
|
|
|
fi
|