From 6862ff4a632e028fbfbbc18795ba205929177bdc Mon Sep 17 00:00:00 2001
From: Max Erenberg <>
Date: Thu, 9 Sep 2021 23:21:22 -0400
Subject: [PATCH] add principal for mail

---
 .drone/auth1-setup.sh           |  4 ++++
 .drone/common.sh                | 18 ++++++++++++++++++
 .drone/data.ldif                |  2 +-
 .drone/mail-setup.sh            | 22 ++++++++++++++++++++++
 .drone/phosphoric-acid-setup.sh | 17 +++--------------
 .drone/uwldap_data.ldif         | 12 ++++++------
 docker.sh                       |  9 ++++-----
 tests/MockSMTPServer.py         |  2 ++
 tests/ceod_dev.ini              |  2 +-
 9 files changed, 61 insertions(+), 27 deletions(-)

diff --git a/.drone/auth1-setup.sh b/.drone/auth1-setup.sh
index 4ef21d1..c8486e8 100755
--- a/.drone/auth1-setup.sh
+++ b/.drone/auth1-setup.sh
@@ -87,5 +87,9 @@ killall slapd && sleep 0.5 && service slapd start
 # sync with phosphoric-acid
 apt install -y netcat-openbsd
 nc -l 0.0.0.0 9000
+if [ -z "$CI" ]; then
+    # sync with mail
+    nc -l 0.0.0.0 9001
+fi
 
 sleep infinity
diff --git a/.drone/common.sh b/.drone/common.sh
index ed91d08..740fc93 100644
--- a/.drone/common.sh
+++ b/.drone/common.sh
@@ -15,3 +15,21 @@ add_fqdn_to_hosts() {
     rm /tmp/hosts
     echo "$ip_addr $hostname.csclub.internal $hostname" >> /etc/hosts
 }
+
+sync_with() {
+    host=$1
+    port=9000
+    if [ $# -eq 2 ]; then
+        port=$2
+    fi
+    synced=false
+    # give it 5 minutes
+    for i in {1..60}; do
+        if nc -vz $host $port ; then
+            synced=true
+            break
+        fi
+        sleep 5
+    done
+    test $synced = true
+}
diff --git a/.drone/data.ldif b/.drone/data.ldif
index 6a50745..48873b1 100644
--- a/.drone/data.ldif
+++ b/.drone/data.ldif
@@ -151,6 +151,6 @@ dn: cn=exec,ou=Group,dc=csclub,dc=internal
 objectClass: top
 objectClass: group
 objectClass: posixGroup
-cn: syscom
+cn: exec
 gidNumber: 10013
 uniqueMember: uid=exec1,ou=People,dc=csclub,dc=internal
diff --git a/.drone/mail-setup.sh b/.drone/mail-setup.sh
index 527698a..42745b2 100755
--- a/.drone/mail-setup.sh
+++ b/.drone/mail-setup.sh
@@ -6,9 +6,31 @@ set -ex
 
 # set FQDN in /etc/hosts
 add_fqdn_to_hosts $(get_ip_addr $(hostname)) mail
+add_fqdn_to_hosts $(get_ip_addr auth1) auth1
 
 . venv/bin/activate
 python tests/MockMailmanServer.py &
 python tests/MockSMTPServer.py &
 
+# KERBEROS
+export DEBIAN_FRONTEND=noninteractive
+apt update
+apt install -y krb5-user netcat-openbsd
+cp .drone/krb5.conf /etc/krb5.conf
+
+# sync with auth1
+sync_with auth1 9001
+
+rm -f /etc/krb5.keytab
+cat <<EOF | kadmin -p sysadmin/admin
+krb5
+addprinc -randkey host/mail.csclub.internal
+ktadd host/mail.csclub.internal
+addprinc -randkey ceod/mail.csclub.internal
+ktadd ceod/mail.csclub.internal
+EOF
+
+# sync with phosphoric-acid
+nc -l 0.0.0.0 9000
+
 sleep infinity
diff --git a/.drone/phosphoric-acid-setup.sh b/.drone/phosphoric-acid-setup.sh
index e90d265..541d84f 100755
--- a/.drone/phosphoric-acid-setup.sh
+++ b/.drone/phosphoric-acid-setup.sh
@@ -4,20 +4,6 @@ set -ex
 
 . .drone/common.sh
 
-sync_with() {
-    host=$1
-    synced=false
-    # give it 5 minutes
-    for i in {1..60}; do
-        if nc -vz $host 9000 ; then
-            synced=true
-            break
-        fi
-        sleep 5
-    done
-    test $synced = true
-}
-
 # set FQDN in /etc/hosts
 add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid
 add_fqdn_to_hosts $(get_ip_addr auth1) auth1
@@ -61,6 +47,9 @@ EOF
 service nslcd start
 
 sync_with coffee
+if [ -z "$CI" ]; then
+    sync_with mail
+fi
 
 # initialize the skel directory
 shopt -s dotglob
diff --git a/.drone/uwldap_data.ldif b/.drone/uwldap_data.ldif
index 4f9cf07..2ba826d 100644
--- a/.drone/uwldap_data.ldif
+++ b/.drone/uwldap_data.ldif
@@ -1,8 +1,8 @@
-dn: ou=People,dc=uwaterloo,dc=internal
+dn: ou=UWLDAP,dc=csclub,dc=internal
 objectClass: organizationalUnit
 ou: People
 
-dn: uid=ctdalek,ou=People,dc=uwaterloo,dc=internal
+dn: uid=ctdalek,ou=UWLDAP,dc=csclub,dc=internal
 displayName: Calum Dalek
 givenName: Calum
 sn: Dalek
@@ -17,7 +17,7 @@ objectClass: top
 uid: ctdalek
 mail: ctdalek@uwaterloo.internal
 
-dn: uid=regular1,ou=People,dc=uwaterloo,dc=internal
+dn: uid=regular1,ou=UWLDAP,dc=csclub,dc=internal
 displayName: Regular One
 givenName: Regular
 sn: One
@@ -32,7 +32,7 @@ objectClass: top
 uid: regular1
 mail: regular1@uwaterloo.internal
 
-dn: uid=regular2,ou=People,dc=uwaterloo,dc=internal
+dn: uid=regular2,ou=UWLDAP,dc=csclub,dc=internal
 displayName: Regular Two
 givenName: Regular
 sn: Two
@@ -47,7 +47,7 @@ objectClass: top
 uid: regular2
 mail: regular2@uwaterloo.internal
 
-dn: uid=exec1,ou=People,dc=uwaterloo,dc=internal
+dn: uid=exec1,ou=UWLDAP,dc=csclub,dc=internal
 displayName: Exec One
 givenName: Exec
 sn: One
@@ -62,7 +62,7 @@ objectClass: top
 uid: exec1
 mail: exec1@uwaterloo.internal
 
-dn: uid=exec2,ou=People,dc=uwaterloo,dc=internal
+dn: uid=exec2,ou=UWLDAP,dc=csclub,dc=internal
 displayName: Exec Two
 givenName: Exec
 sn: One
diff --git a/docker.sh b/docker.sh
index 96e5301..dcb9441 100755
--- a/docker.sh
+++ b/docker.sh
@@ -2,13 +2,12 @@
 
 set -x
 
-if ! [ -d venv ]; then
-    docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
-       sh -c "python -m venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
-fi
-
 case $1 in
     up)
+	if ! [ -d venv ]; then
+	    docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
+	        sh -c "python -m venv venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
+	fi
         docker network create ceod
         for host in auth1 coffee mail phosphoric-acid; do
             if [ $host = auth1 -o $host = coffee ]; then
diff --git a/tests/MockSMTPServer.py b/tests/MockSMTPServer.py
index ebcc750..e0cbbd3 100644
--- a/tests/MockSMTPServer.py
+++ b/tests/MockSMTPServer.py
@@ -1,4 +1,5 @@
 import os
+import time
 
 from aiosmtpd.controller import Controller
 
@@ -33,3 +34,4 @@ if __name__ == '__main__':
     assert os.geteuid() == 0
     server = MockSMTPServer('0.0.0.0', 25)
     server.start()
+    time.sleep(1e6)
diff --git a/tests/ceod_dev.ini b/tests/ceod_dev.ini
index d73955f..b4b6cc5 100644
--- a/tests/ceod_dev.ini
+++ b/tests/ceod_dev.ini
@@ -21,7 +21,7 @@ sudo_base = ou=SUDOers,dc=csclub,dc=internal
 
 [uwldap]
 server_url = ldap://auth1.csclub.internal
-base = dc=uwaterloo,dc=internal
+base = ou=UWLDAP,dc=csclub,dc=internal
 
 [members]
 min_id = 20001