diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..b07a9a3 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +tests/ +run_test.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..73703f1 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM ubuntu:16.04 + +ADD . /opt/ +WORKDIR "/opt" +RUN apt update && apt install -y python-dev python-pip libldap2-dev libsasl2-dev libssl-dev +RUN pip install -e /opt/ -r /opt/requirements.txt +RUN pip install pycodestyle passlib coveralls +RUN /usr/bin/python2 /opt/setup.py install + +VOLUME /etc/ldapcherry +EXPOSE 80 + +CMD ["/usr/bin/python2", "/opt/init.py"] diff --git a/README.rst b/README.rst index 330eb88..cee0891 100644 --- a/README.rst +++ b/README.rst @@ -26,7 +26,7 @@ Nice and simple application to manage users and groups in multiple directory ser :Dev: `LdapCherry source code on GitHub `_ :PyPI: `LdapCherry package on Pypi `_ :License: MIT -:Author: Pierre-Francois Carpentier - copyright © 2016 +:Author: Pierre-Francois Carpentier - copyright 2016 ---- diff --git a/conf/ldapcherry.ini b/conf/ldapcherry.ini index c5de286..dd325bf 100644 --- a/conf/ldapcherry.ini +++ b/conf/ldapcherry.ini @@ -32,9 +32,9 @@ request.show_tracebacks = False # configuration to log to stdout # ##################################### ## logger stdout for access log -#log.access_handler = 'stdout' +log.access_handler = 'stdout' ## logger stdout for error and ldapcherry log -#log.error_handler = 'stdout' +log.error_handler = 'stdout' ##################################### # configuration to log in syslog # @@ -42,18 +42,18 @@ request.show_tracebacks = False # logger syslog for access log #log.access_handler = 'syslog' ## logger syslog for error and ldapcherry log -log.error_handler = 'syslog' +#log.error_handler = 'syslog' ##################################### # configuration to not log at all # ##################################### # logger none for access log -log.access_handler = 'none' +#log.access_handler = 'none' # logger none for error and ldapcherry log #log.error_handler = 'none' # log level -log.level = 'info' +log.level = 'debug' # session configuration # activate session diff --git a/init.py b/init.py new file mode 100644 index 0000000..034eace --- /dev/null +++ b/init.py @@ -0,0 +1,88 @@ +#!/usr/bin/env python2 + +import os +import sys + +# +# This script sets up the ldapcherry config files through environment variables +# that are passed at startup time. +# + +# TODO: Add the rest of the options +# TODO: Make some of these required, and some optional. How to fail when +# they're not provided? +ldapcherry_ini_settings = { + 'SERVER_SOCKET_HOST': '0.0.0.0', + 'SERVER_SOCKET_PORT': '80', + 'SERVER_THREAD_POOL': '0', + 'LOG_ACCESS_HANDLER': 'stdout', + 'LOG_ERROR_HANDLER': 'stdout', + 'LOG_LEVEL': '', + 'LDAP_DISPLAY_NAME': 'My LDAP Directory', + 'LDAP_URI': '', + 'LDAP_CA': '', + 'LDAP_STARTTLS': '', + 'LDAP_CHECKCERT': '', + 'LDAP_BINDDN': '', + 'LDAP_PASSWORD': '', + 'LDAP_TIMEOUT': '1', + 'LDAP_GROUPDN': 'group', + 'LDAP_USERDN': 'people', + 'LDAP_USER_FILTER_TMPL': '', + 'LDAP_GROUP_FILTER_TMPL': '', + 'LDAP_SEARCH_FILTER_TMPL': '', + 'LDAP_OBJECTCLASSES': '', + 'LDAP_DN_USER_ATTR': '', + 'AD_DISPLAY_NAME': '', + 'AD_DOMAIN': '', + 'AD_LOGIN': '', + 'AD_PASSWORD': '', + 'AD_URI': '', + 'AD_CA': '', + 'AD_STARTTLS': '', + 'AD_CHECKCERT': '' +} + +with open('/etc/ldapcherry/ldapcherry.ini', 'r') as file: + filelines = file.readlines() + +for setting in ldapcherry_ini_settings: + # Replace the instances of the key with the value of the env var or the + # default + setting_key = setting.replace('_', '.', 1).lower() + setting_val = os.getenv(setting, ldapcherry_ini_settings[setting]) + if (any(line.startswith(setting_key) for line in filelines) + and ldapcherry_ini_settings[setting] != ''): + # We know that it is defined somewhere, so we don't want to uncomment + # any of the commented-out lines to replace it + indeces = [idx for idx, elem in enumerate(filelines) + if elem.startswith(setting_key)] + # Exit if there are more than one instance defined + if len(indeces) != 1: + sys.exit() + if any(not char.isdigit() for char in setting_val): + # Make sure none of these are digits if it's going to be quoted + filelines[indeces[0]] = "{0} = '{1}'\n".format(setting_key, + setting_val) + else: + filelines[indeces[0]] = "{0} = {1}\n".format(setting_key, + setting_val) + elif (any(line.startswith('#' + setting_key) for line in filelines) + and ldapcherry_ini_settings[setting] != ''): + # We know that it is defined somewhere, but behind a comment. We will + # just change the first instance of it to the value that we want. + # We also know that it isn't defined anywhere due to the earlier test. + indeces = [idx for idx, elem in enumerate(filelines) + if elem.startswith("#" + setting_key)] + filelines[indeces[0]] = "{0} = '{1}'\n".format(setting_key, + setting_val) + else: + # It is not defined anywhere + continue + +# Write the file out again +with open('/etc/ldapcherry/ldapcherry.ini', 'w') as file: + for fileline in filelines: + file.write("{}".format(fileline)) + +os.system("/usr/local/bin/ldapcherryd -c /etc/ldapcherry/ldapcherry.ini") diff --git a/requirements.txt b/requirements.txt index a9dabc8..8ff1287 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ -CherryPy>=3.0.0 +CherryPy==17.3.0 PyYAML Mako python-ldap +more-itertools<6.0.0