public
/
pyceo
27
1
Fork 3
Code Issues 25 Pull Requests 5 Projects Releases 1 Wiki Activity

add docker.sh

This commit is contained in:
Max Erenberg 2021-09-09 20:13:39 -04:00
parent cb6243c3e2
commit 7e4b6a018a
11 changed files with 206 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.drone.yml
View File

@ -28,12 +28,10 @@ services:
image: debian:buster image: debian:buster
commands: commands:
- .drone/auth1-setup.sh - .drone/auth1-setup.sh
- sleep infinity
- name: coffee - name: coffee
image: debian:buster image: debian:buster
commands: commands:
- .drone/coffee-setup.sh - .drone/coffee-setup.sh
- sleep infinity
trigger: trigger:
branch: branch:

8
.drone/auth1-setup.sh
View File

@ -18,6 +18,9 @@ export DEBIAN_FRONTEND=noninteractive
apt update apt update
apt install -y psmisc apt install -y psmisc
# If we don't do this then OpenLDAP uses a lot of RAM
ulimit -n 1024
# LDAP # LDAP
apt install -y --no-install-recommends slapd ldap-utils libnss-ldapd sudo-ldap apt install -y --no-install-recommends slapd ldap-utils libnss-ldapd sudo-ldap
# `service slapd stop` doesn't seem to work # `service slapd stop` doesn't seem to work
@ -40,6 +43,9 @@ sed -E -i 's/^base .*$/base dc=csclub,dc=internal/' /etc/nslcd.conf
cp .drone/nsswitch.conf /etc/nsswitch.conf cp .drone/nsswitch.conf /etc/nsswitch.conf
service nslcd start service nslcd start
ldapadd -c -f .drone/data.ldif -Y EXTERNAL -H ldapi:/// ldapadd -c -f .drone/data.ldif -Y EXTERNAL -H ldapi:///
if [ -z "$CI" ]; then
ldapadd -c -f .drone/uwldap_data.ldif -Y EXTERNAL -H ldapi:///
fi
# KERBEROS # KERBEROS
apt install -y krb5-admin-server krb5-user libpam-krb5 libsasl2-modules-gssapi-mit sasl2-bin apt install -y krb5-admin-server krb5-user libpam-krb5 libsasl2-modules-gssapi-mit sasl2-bin
@ -81,3 +87,5 @@ killall slapd && sleep 0.5 && service slapd start
# sync with phosphoric-acid # sync with phosphoric-acid
apt install -y netcat-openbsd apt install -y netcat-openbsd
nc -l 0.0.0.0 9000 nc -l 0.0.0.0 9000
sleep infinity

2
.drone/coffee-setup.sh
View File

@ -46,3 +46,5 @@ EOF" postgres
# sync with phosphoric-acid # sync with phosphoric-acid
apt install -y netcat-openbsd apt install -y netcat-openbsd
nc -l 0.0.0.0 9000 nc -l 0.0.0.0 9000
sleep infinity

31
.drone/data.ldif
View File

@ -123,3 +123,34 @@ objectClass: group
objectClass: posixGroup objectClass: posixGroup
cn: regular1 cn: regular1
gidNumber: 20002 gidNumber: 20002
dn: uid=exec1,ou=People,dc=csclub,dc=internal
cn: Regular One
userPassword: {SASL}exec1@CSCLUB.INTERNAL
loginShell: /bin/bash
homeDirectory: /users/exec1
uid: exec1
uidNumber: 20003
gidNumber: 20003
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
objectClass: member
program: MAT/Mathematics Computer Science
term: s2021
dn: cn=exec1,ou=Group,dc=csclub,dc=internal
objectClass: top
objectClass: group
objectClass: posixGroup
cn: exec1
gidNumber: 20003
dn: cn=exec,ou=Group,dc=csclub,dc=internal
objectClass: top
objectClass: group
objectClass: posixGroup
cn: syscom
gidNumber: 10013
uniqueMember: uid=exec1,ou=People,dc=csclub,dc=internal

14
.drone/mail-setup.sh Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
set -ex
. .drone/common.sh
# set FQDN in /etc/hosts
add_fqdn_to_hosts $(get_ip_addr $(hostname)) mail
. venv/bin/activate
python tests/MockMailmanServer.py &
python tests/MockSMTPServer.py &
sleep infinity

14
.drone/phosphoric-acid-setup.sh
View File

@ -22,6 +22,10 @@ sync_with() {
add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid add_fqdn_to_hosts $(get_ip_addr $(hostname)) phosphoric-acid
add_fqdn_to_hosts $(get_ip_addr auth1) auth1 add_fqdn_to_hosts $(get_ip_addr auth1) auth1
add_fqdn_to_hosts $(get_ip_addr coffee) coffee add_fqdn_to_hosts $(get_ip_addr coffee) coffee
# mail container doesn't run in CI
if [ -z "$CI" ]; then
add_fqdn_to_hosts $(get_ip_addr mail) mail
fi
export DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND=noninteractive
apt update apt update
@ -62,3 +66,13 @@ sync_with coffee
shopt -s dotglob shopt -s dotglob
mkdir -p /users/skel mkdir -p /users/skel
cp /etc/skel/* /users/skel/ cp /etc/skel/* /users/skel/
# create directories for users
for user in ctdalek regular1 exec1; do
mkdir /users/$user
chown $user:$user /users/$user
done
if [ -z "$CI" ]; then
sleep infinity
fi

78
.drone/uwldap_data.ldif Normal file
View File

@ -0,0 +1,78 @@
dn: ou=People,dc=uwaterloo,dc=internal
objectClass: organizationalUnit
ou: People
dn: uid=ctdalek,ou=People,dc=uwaterloo,dc=internal
displayName: Calum Dalek
givenName: Calum
sn: Dalek
cn: Calum Dalek
ou: MAT/Mathematics Computer Science
mailLocalAddress: ctdalek@uwaterloo.internal
objectClass: inetLocalMailRecipient
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: ctdalek
mail: ctdalek@uwaterloo.internal
dn: uid=regular1,ou=People,dc=uwaterloo,dc=internal
displayName: Regular One
givenName: Regular
sn: One
cn: Regular One
ou: MAT/Mathematics Computer Science
mailLocalAddress: regular1@uwaterloo.internal
objectClass: inetLocalMailRecipient
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: regular1
mail: regular1@uwaterloo.internal
dn: uid=regular2,ou=People,dc=uwaterloo,dc=internal
displayName: Regular Two
givenName: Regular
sn: Two
cn: Regular Two
ou: MAT/Mathematics Computer Science
mailLocalAddress: regular2@uwaterloo.internal
objectClass: inetLocalMailRecipient
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: regular2
mail: regular2@uwaterloo.internal
dn: uid=exec1,ou=People,dc=uwaterloo,dc=internal
displayName: Exec One
givenName: Exec
sn: One
cn: Exec One
ou: MAT/Mathematics Computer Science
mailLocalAddress: exec1@uwaterloo.internal
objectClass: inetLocalMailRecipient
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: exec1
mail: exec1@uwaterloo.internal
dn: uid=exec2,ou=People,dc=uwaterloo,dc=internal
displayName: Exec Two
givenName: Exec
sn: One
cn: Exec Two
ou: MAT/Mathematics Computer Science
mailLocalAddress: exec2@uwaterloo.internal
objectClass: inetLocalMailRecipient
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: exec2
mail: exec2@uwaterloo.internal

40
docker.sh Executable file
View File

@ -0,0 +1,40 @@
#!/bin/bash
set -x
if ! [ -d venv ]; then
docker run --rm -v "$PWD:$PWD" -w "$PWD" python:3.7-buster \
sh -c "python -m venv && . venv/bin/activate && pip install -r dev-requirements.txt && pip install -r requirements.txt"
fi
case $1 in
up)
docker network create ceod
for host in auth1 coffee mail phosphoric-acid; do
if [ $host = auth1 -o $host = coffee ]; then
image=debian:buster
else
image=python:3.7-buster
fi
docker run \
--detach \
--name $host \
--hostname $host \
--network ceod \
--volume "$PWD:$PWD" \
--workdir "$PWD" \
$image .drone/$host-setup.sh
done
;;
down)
for host in auth1 coffee mail phosphoric-acid; do
docker kill $host
docker rm $host
done
docker network rm ceod
;;
*)
echo 'Usage: docker.sh <up|down>' >&2
exit 1
;;
esac

10
tests/MockMailmanServer.py
View File

@ -4,7 +4,8 @@ from aiohttp import web
class MockMailmanServer: class MockMailmanServer:
def __init__(self): def __init__(self, port=8002):
self.port = port
self.app = web.Application() self.app = web.Application()
self.app.add_routes([ self.app.add_routes([
web.post('/members', self.subscribe), web.post('/members', self.subscribe),
@ -24,7 +25,7 @@ class MockMailmanServer:
def _start_loop(self): def _start_loop(self):
asyncio.set_event_loop(self.loop) asyncio.set_event_loop(self.loop)
self.loop.run_until_complete(self.runner.setup()) self.loop.run_until_complete(self.runner.setup())
site = web.TCPSite(self.runner, '127.0.0.1', 8002) site = web.TCPSite(self.runner, '127.0.0.1', self.port)
self.loop.run_until_complete(site.start()) self.loop.run_until_complete(site.start())
self.loop.run_forever() self.loop.run_forever()
@ -67,3 +68,8 @@ class MockMailmanServer:
}, status=404) }, status=404)
subscribers.remove(subscriber) subscribers.remove(subscriber)
return web.json_response({'status': 'OK'}) return web.json_response({'status': 'OK'})
if __name__ == '__main__':
server = MockMailmanServer(8001)
server.start()

8
tests/MockSMTPServer.py
View File

@ -1,3 +1,5 @@
import os
from aiosmtpd.controller import Controller from aiosmtpd.controller import Controller
@ -25,3 +27,9 @@ class MockHandler:
} }
self.mock_server.messages.append(msg) self.mock_server.messages.append(msg)
return '250 Message accepted for delivery' return '250 Message accepted for delivery'
if __name__ == '__main__':
assert os.geteuid() == 0
server = MockSMTPServer('0.0.0.0', 25)
server.start()

6
tests/ceod_dev.ini
View File

@ -13,15 +13,15 @@ port = 9987
[ldap] [ldap]
admin_principal = ceod/admin admin_principal = ceod/admin
server_url = ldap://ldap-master.csclub.internal server_url = ldap://auth1.csclub.internal
sasl_realm = CSCLUB.INTERNAL sasl_realm = CSCLUB.INTERNAL
users_base = ou=People,dc=csclub,dc=internal users_base = ou=People,dc=csclub,dc=internal
groups_base = ou=Group,dc=csclub,dc=internal groups_base = ou=Group,dc=csclub,dc=internal
sudo_base = ou=SUDOers,dc=csclub,dc=internal sudo_base = ou=SUDOers,dc=csclub,dc=internal
[uwldap] [uwldap]
server_url = ldap://uwldap.uwaterloo.ca server_url = ldap://auth1.csclub.internal
base = dc=uwaterloo,dc=ca base = dc=uwaterloo,dc=internal
[members] [members]
min_id = 20001 min_id = 20001