Skip to content

Commit

Permalink
ADD LDAP configuration script
Browse files Browse the repository at this point in the history
  • Loading branch information
eLBati committed Apr 17, 2024
1 parent 3b7567e commit 65bfb0e
Show file tree
Hide file tree
Showing 3 changed files with 90 additions and 11 deletions.
11 changes: 0 additions & 11 deletions imageroot/actions/configure-module/40ldap

This file was deleted.

3 changes: 3 additions & 0 deletions imageroot/actions/configure-module/80start_services
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,6 @@ exec 1>&2
# Enable and restart the service
systemctl --user enable odoo.service postgres.service odoo-app.service
systemctl --user restart odoo.service postgres.service odoo-app.service

# Let services be responsive, to run 90ldap
sleep 10
87 changes: 87 additions & 0 deletions imageroot/actions/configure-module/90ldap
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
#!/usr/bin/env python3

import json
import sys
import os
from agent.ldapproxy import Ldapproxy

SCRIPT_CONTENT = """
import logging
logger = logging.getLogger(__name__)
ldap_server = "{ldap_server}"
ldap_server_port = "{ldap_server_port}"
ldap_binddn = "{ldap_binddn}"
ldap_password = "{ldap_password}"
ldap_base = "{ldap_base}"
# Filtro utilizzato per cercare gli account degli utenti nel database LDAP.
# È un filtro LDAP arbitrario nella rappresentazione delle stringhe.
ldap_filter = "cn=%s"
company_id = env.ref("base.main_company").id
ldap_model = env["res.company.ldap"]
servers = ldap_model.search([])
if servers:
logger.info("res.company.ldap records already present. Skipping...")
else:
server = ldap_model.create({{
"company": company_id,
"ldap_server": ldap_server,
"ldap_server_port": ldap_server_port,
"ldap_tls": False,
"ldap_binddn": ldap_binddn,
"ldap_password": ldap_password,
"ldap_base": ldap_base,
"ldap_filter": ldap_filter,
}})
logger.info("Server %s created" % server.id)
"""


# Try to parse the stdin as JSON.
# If parsing fails, output everything to stderr
data = json.load(sys.stdin)

# Setup LDAP values
ldap_domain = data.get("ldap_domain")

if not ldap_domain:
print("No LDAP domain passed. Skipping...", file=sys.stderr)
else:
print("Starting LDAP configuration...", file=sys.stderr)
lp = Ldapproxy()
domain = lp.get_domain(ldap_domain)

ldap_server = domain.get("host")
# See https://nethserver.github.io/ns8-core/core/user_domains/#ldap-service-discovery
ldap_server = ldap_server.replace("127.0.0.1", "10.0.2.2")
ldap_server_port = domain.get("port")
ldap_tls = False

# Account utente sul server LDAP, utilizzato per interrogare la directory.
# Lasciare vuoto per connettersi in modo anonimo
ldap_binddn = domain.get("bind_dn")

# Password dell'account utente sul server LDAP, utilizzata per interrogare la directory
ldap_password = domain.get("bind_password")

# DN dell'ambito di ricerca dell'utente: tutti i discendenti di questa base verranno cercati per gli utenti.
# Enter the domain name of the LDAP server in LDAP nomenclature (e.g. dc=example,dc=com).
ldap_base = domain.get("base_dn")

print("Writing /tmp/click-odoo-configure-ldap.py...", file=sys.stderr)
with open("/tmp/click-odoo-configure-ldap.py", "w") as script_file:
script_file.write(SCRIPT_CONTENT.format(
ldap_server=ldap_server,
ldap_server_port=ldap_server_port,
ldap_binddn=ldap_binddn,
ldap_password=ldap_password,
ldap_base=ldap_base
))

os.system("podman cp /tmp/click-odoo-configure-ldap.py odoo-app:/tmp/click-odoo-configure-ldap.py")
print("Calling click-odoo-configure-ldap.py...", file=sys.stderr)
os.system("podman exec -it odoo-app click-odoo -d odoo /tmp/click-odoo-configure-ldap.py")
print("click-odoo-configure-ldap.py executed", file=sys.stderr)

0 comments on commit 65bfb0e

Please sign in to comment.