add principal for mail
This commit is contained in:
parent
7e4b6a018a
commit
6862ff4a63
|
@ -87,5 +87,9 @@ killall slapd && sleep 0.5 && service slapd start
|
||||||
# sync with phosphoric-acid
|
# sync with phosphoric-acid
|
||||||
apt install -y netcat-openbsd
|
apt install -y netcat-openbsd
|
||||||
nc -l 0.0.0.0 9000
|
nc -l 0.0.0.0 9000
|
||||||
|
if [ -z "$CI" ]; then
|
||||||
|
# sync with mail
|
||||||
|
nc -l 0.0.0.0 9001
|
||||||
|
fi
|
||||||
|
|
||||||
sleep infinity
|
sleep infinity
|
||||||
|
|
|
@ -15,3 +15,21 @@ add_fqdn_to_hosts() {
|
||||||
rm /tmp/hosts
|
rm /tmp/hosts
|
||||||
echo "$ip_addr $hostname.csclub.internal $hostname" >> /etc/hosts
|
echo "$ip_addr $hostname.csclub.internal $hostname" >> /etc/hosts
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sync_with() {
|
||||||
|
host=$1
|
||||||
|
port=9000
|
||||||
|
if [ $# -eq 2 ]; then
|
||||||
|
port=$2
|
||||||
|
fi
|
||||||
|
synced=false
|
||||||
|
# give it 5 minutes
|
||||||
|
for i in {1..60}; do
|
||||||
|
if nc -vz $host $port ; then
|
||||||
|
synced=true
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
test $synced = true
|
||||||
|
}
|
||||||
|
|
|
@ -151,6 +151,6 @@ dn: cn=exec,ou=Group,dc=csclub,dc=internal
|
||||||
objectClass: top
|
objectClass: top
|
||||||
objectClass: group
|
objectClass: group
|
||||||
objectClass: posixGroup
|
objectClass: posixGroup
|
||||||
cn: syscom
|
cn: exec
|
||||||
gidNumber: 10013
|
gidNumber: 10013
|
||||||
uniqueMember: uid=exec1,ou=People,dc=csclub,dc=internal
|
uniqueMember: uid=exec1,ou=People,dc=csclub,dc=internal
|
||||||
|
|
|
@ -6,9 +6,31 @@ set -ex
|
||||||
|
|
||||||
# set FQDN in /etc/hosts
|
# set FQDN in /etc/hosts
|
||||||
add_fqdn_to_hosts $(get_ip_addr $(hostname)) mail
|
add_fqdn_to_hosts $(get_ip_addr $(hostname)) mail
|
||||||
|
add_fqdn_to_hosts $(get_ip_addr auth1) auth1
|
||||||
|
|
||||||
. venv/bin/activate
|
. venv/bin/activate
|
||||||
python tests/MockMailmanServer.py &
|
python tests/MockMailmanServer.py &
|
||||||
python tests/MockSMTPServer.py &
|
python tests/MockSMTPServer.py &
|
||||||
|
|
||||||
|
# KERBEROS
|
||||||
|
export DEBIAN_FRONTEND=noninteractive
|
||||||
|
apt update
|
||||||
|
apt install -y krb5-user netcat-openbsd
|
||||||
|
cp .drone/krb5.conf /etc/krb5.conf
|
||||||
|
|
||||||
|
# sync with auth1
|
||||||
|
sync_with auth1 9001
|
||||||
|
|
||||||
|
rm -f /etc/krb5.keytab
|
||||||
|
cat <<EOF | kadmin -p sysadmin/admin
|
||||||
|
krb5
|
||||||
|
addprinc -randkey host/mail.csclub.internal
|
||||||
|
ktadd host/mail.csclub.internal
|
||||||
|
addprinc -randkey ceod/mail.csclub.internal
|
||||||
|
ktadd ceod/mail.csclub.internal
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# sync with phosphoric-acid
|
||||||
|
nc -l 0.0.0.0 9000
|
||||||
|
|
||||||
sleep infinity
|
sleep infinity
|
||||||
|
|
|
@ -4,20 +4,6 @@ set -ex
|
||||||
|
|
||||||
. .drone/common.sh
|
. .drone/common.sh
|
||||||
|
|
||||||
sync_with() {
|
|
||||||
host=$1
|
|
||||||
synced=false
|
|
||||||
# give it 5 minutes
|
|
||||||
for i in {1..60}; do
|
|
||||||
if nc -vz $host 9000 ; then
|
|
||||||
synced=true
|
|
||||||
break
|
|
||||||
fi
|
|
||||||
sleep 5
|
|
||||||
done
|
|
||||||
test $synced = true
|
|
||||||
}
|
|
||||||
|
|
||||||
# set FQDN in /etc/hosts
|
# set FQDN in /etc/hosts
|
||||||
add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid
|
add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid
|
||||||
add_fqdn_to_hosts $(get_ip_addr auth1) auth1
|
add_fqdn_to_hosts $(get_ip_addr auth1) auth1
|
||||||
|
@ -61,6 +47,9 @@ EOF
|
||||||
service nslcd start
|
service nslcd start
|
||||||
|
|
||||||
sync_with coffee
|
sync_with coffee
|
||||||
|
if [ -z "$CI" ]; then
|
||||||
|
sync_with mail
|
||||||
|
fi
|
||||||
|
|
||||||
# initialize the skel directory
|
# initialize the skel directory
|
||||||
shopt -s dotglob
|
shopt -s dotglob
|
||||||
|
|
|
@ -1,8 +1,8 @@
|
||||||
dn: ou=People,dc=uwaterloo,dc=internal
|
dn: ou=UWLDAP,dc=csclub,dc=internal
|
||||||
objectClass: organizationalUnit
|
objectClass: organizationalUnit
|
||||||
ou: People
|
ou: People
|
||||||
|
|
||||||
dn: uid=ctdalek,ou=People,dc=uwaterloo,dc=internal
|
dn: uid=ctdalek,ou=UWLDAP,dc=csclub,dc=internal
|
||||||
displayName: Calum Dalek
|
displayName: Calum Dalek
|
||||||
givenName: Calum
|
givenName: Calum
|
||||||
sn: Dalek
|
sn: Dalek
|
||||||
|
@ -17,7 +17,7 @@ objectClass: top
|
||||||
uid: ctdalek
|
uid: ctdalek
|
||||||
mail: ctdalek@uwaterloo.internal
|
mail: ctdalek@uwaterloo.internal
|
||||||
|
|
||||||
dn: uid=regular1,ou=People,dc=uwaterloo,dc=internal
|
dn: uid=regular1,ou=UWLDAP,dc=csclub,dc=internal
|
||||||
displayName: Regular One
|
displayName: Regular One
|
||||||
givenName: Regular
|
givenName: Regular
|
||||||
sn: One
|
sn: One
|
||||||
|
@ -32,7 +32,7 @@ objectClass: top
|
||||||
uid: regular1
|
uid: regular1
|
||||||
mail: regular1@uwaterloo.internal
|
mail: regular1@uwaterloo.internal
|
||||||
|
|
||||||
dn: uid=regular2,ou=People,dc=uwaterloo,dc=internal
|
dn: uid=regular2,ou=UWLDAP,dc=csclub,dc=internal
|
||||||
displayName: Regular Two
|
displayName: Regular Two
|
||||||
givenName: Regular
|
givenName: Regular
|
||||||
sn: Two
|
sn: Two
|
||||||
|
@ -47,7 +47,7 @@ objectClass: top
|
||||||
uid: regular2
|
uid: regular2
|
||||||
mail: regular2@uwaterloo.internal
|
mail: regular2@uwaterloo.internal
|
||||||
|
|
||||||
dn: uid=exec1,ou=People,dc=uwaterloo,dc=internal
|
dn: uid=exec1,ou=UWLDAP,dc=csclub,dc=internal
|
||||||
displayName: Exec One
|
displayName: Exec One
|
||||||
givenName: Exec
|
givenName: Exec
|
||||||
sn: One
|
sn: One
|
||||||
|
@ -62,7 +62,7 @@ objectClass: top
|
||||||
uid: exec1
|
uid: exec1
|
||||||
mail: exec1@uwaterloo.internal
|
mail: exec1@uwaterloo.internal
|
||||||
|
|
||||||
dn: uid=exec2,ou=People,dc=uwaterloo,dc=internal
|
dn: uid=exec2,ou=UWLDAP,dc=csclub,dc=internal
|
||||||
displayName: Exec Two
|
displayName: Exec Two
|
||||||
givenName: Exec
|
givenName: Exec
|
||||||
sn: One
|
sn: One
|
||||||
|
|
|
@ -2,13 +2,12 @@
|
||||||
|
|
||||||
set -x
|
set -x
|
||||||
|
|
||||||
if ! [ -d venv ]; then
|
|
||||||
docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
|
|
||||||
sh -c "python -m venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
|
|
||||||
fi
|
|
||||||
|
|
||||||
case $1 in
|
case $1 in
|
||||||
up)
|
up)
|
||||||
|
if ! [ -d venv ]; then
|
||||||
|
docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
|
||||||
|
sh -c "python -m venv venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
|
||||||
|
fi
|
||||||
docker network create ceod
|
docker network create ceod
|
||||||
for host in auth1 coffee mail phosphoric-acid; do
|
for host in auth1 coffee mail phosphoric-acid; do
|
||||||
if [ $host = auth1 -o $host = coffee ]; then
|
if [ $host = auth1 -o $host = coffee ]; then
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
import os
|
import os
|
||||||
|
import time
|
||||||
|
|
||||||
from aiosmtpd.controller import Controller
|
from aiosmtpd.controller import Controller
|
||||||
|
|
||||||
|
@ -33,3 +34,4 @@ if __name__ == '__main__':
|
||||||
assert os.geteuid() == 0
|
assert os.geteuid() == 0
|
||||||
server = MockSMTPServer('0.0.0.0', 25)
|
server = MockSMTPServer('0.0.0.0', 25)
|
||||||
server.start()
|
server.start()
|
||||||
|
time.sleep(1e6)
|
||||||
|
|
|
@ -21,7 +21,7 @@ sudo_base = ou=SUDOers,dc=csclub,dc=internal
|
||||||
|
|
||||||
[uwldap]
|
[uwldap]
|
||||||
server_url = ldap://auth1.csclub.internal
|
server_url = ldap://auth1.csclub.internal
|
||||||
base = dc=uwaterloo,dc=internal
|
base = ou=UWLDAP,dc=csclub,dc=internal
|
||||||
|
|
||||||
[members]
|
[members]
|
||||||
min_id = 20001
|
min_id = 20001
|
||||||
|
|
Loading…
Reference in New Issue