add principal for mail

This commit is contained in:
Max Erenberg 2021-09-09 23:21:22 -04:00
parent 7e4b6a018a
commit 6862ff4a63
9 changed files with 61 additions and 27 deletions

View File

@ -87,5 +87,9 @@ killall slapd && sleep 0.5 && service slapd start
# sync with phosphoric-acid
apt install -y netcat-openbsd
nc -l 0.0.0.0 9000
if [ -z "$CI" ]; then
# sync with mail
nc -l 0.0.0.0 9001
fi
sleep infinity

View File

@ -15,3 +15,21 @@ add_fqdn_to_hosts() {
rm /tmp/hosts
echo "$ip_addr $hostname.csclub.internal $hostname" >> /etc/hosts
}
sync_with() {
host=$1
port=9000
if [ $# -eq 2 ]; then
port=$2
fi
synced=false
# give it 5 minutes
for i in {1..60}; do
if nc -vz $host $port ; then
synced=true
break
fi
sleep 5
done
test $synced = true
}

View File

@ -151,6 +151,6 @@ dn: cn=exec,ou=Group,dc=csclub,dc=internal
objectClass: top
objectClass: group
objectClass: posixGroup
cn: syscom
cn: exec
gidNumber: 10013
uniqueMember: uid=exec1,ou=People,dc=csclub,dc=internal

View File

@ -6,9 +6,31 @@ set -ex
# set FQDN in /etc/hosts
add_fqdn_to_hosts $(get_ip_addr $(hostname)) mail
add_fqdn_to_hosts $(get_ip_addr auth1) auth1
. venv/bin/activate
python tests/MockMailmanServer.py &
python tests/MockSMTPServer.py &
# KERBEROS
export DEBIAN_FRONTEND=noninteractive
apt update
apt install -y krb5-user netcat-openbsd
cp .drone/krb5.conf /etc/krb5.conf
# sync with auth1
sync_with auth1 9001
rm -f /etc/krb5.keytab
cat <<EOF | kadmin -p sysadmin/admin
krb5
addprinc -randkey host/mail.csclub.internal
ktadd host/mail.csclub.internal
addprinc -randkey ceod/mail.csclub.internal
ktadd ceod/mail.csclub.internal
EOF
# sync with phosphoric-acid
nc -l 0.0.0.0 9000
sleep infinity

View File

@ -4,20 +4,6 @@ set -ex
. .drone/common.sh
sync_with() {
host=$1
synced=false
# give it 5 minutes
for i in {1..60}; do
if nc -vz $host 9000 ; then
synced=true
break
fi
sleep 5
done
test $synced = true
}
# set FQDN in /etc/hosts
add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid
add_fqdn_to_hosts $(get_ip_addr auth1) auth1
@ -61,6 +47,9 @@ EOF
service nslcd start
sync_with coffee
if [ -z "$CI" ]; then
sync_with mail
fi
# initialize the skel directory
shopt -s dotglob

View File

@ -1,8 +1,8 @@
dn: ou=People,dc=uwaterloo,dc=internal
dn: ou=UWLDAP,dc=csclub,dc=internal
objectClass: organizationalUnit
ou: People
dn: uid=ctdalek,ou=People,dc=uwaterloo,dc=internal
dn: uid=ctdalek,ou=UWLDAP,dc=csclub,dc=internal
displayName: Calum Dalek
givenName: Calum
sn: Dalek
@ -17,7 +17,7 @@ objectClass: top
uid: ctdalek
mail: ctdalek@uwaterloo.internal
dn: uid=regular1,ou=People,dc=uwaterloo,dc=internal
dn: uid=regular1,ou=UWLDAP,dc=csclub,dc=internal
displayName: Regular One
givenName: Regular
sn: One
@ -32,7 +32,7 @@ objectClass: top
uid: regular1
mail: regular1@uwaterloo.internal
dn: uid=regular2,ou=People,dc=uwaterloo,dc=internal
dn: uid=regular2,ou=UWLDAP,dc=csclub,dc=internal
displayName: Regular Two
givenName: Regular
sn: Two
@ -47,7 +47,7 @@ objectClass: top
uid: regular2
mail: regular2@uwaterloo.internal
dn: uid=exec1,ou=People,dc=uwaterloo,dc=internal
dn: uid=exec1,ou=UWLDAP,dc=csclub,dc=internal
displayName: Exec One
givenName: Exec
sn: One
@ -62,7 +62,7 @@ objectClass: top
uid: exec1
mail: exec1@uwaterloo.internal
dn: uid=exec2,ou=People,dc=uwaterloo,dc=internal
dn: uid=exec2,ou=UWLDAP,dc=csclub,dc=internal
displayName: Exec Two
givenName: Exec
sn: One

View File

@ -2,13 +2,12 @@
set -x
if ! [ -d venv ]; then
docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
sh -c "python -m venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
fi
case $1 in
up)
if ! [ -d venv ]; then
docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
sh -c "python -m venv venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
fi
docker network create ceod
for host in auth1 coffee mail phosphoric-acid; do
if [ $host = auth1 -o $host = coffee ]; then

View File

@ -1,4 +1,5 @@
import os
import time
from aiosmtpd.controller import Controller
@ -33,3 +34,4 @@ if __name__ == '__main__':
assert os.geteuid() == 0
server = MockSMTPServer('0.0.0.0', 25)
server.start()
time.sleep(1e6)

View File

@ -21,7 +21,7 @@ sudo_base = ou=SUDOers,dc=csclub,dc=internal
[uwldap]
server_url = ldap://auth1.csclub.internal
base = dc=uwaterloo,dc=internal
base = ou=UWLDAP,dc=csclub,dc=internal
[members]
min_id = 20001