diff options
| author | root <root@kolab.example.org> | 2012-09-06 11:37:45 (GMT) |
|---|---|---|
| committer | root <root@kolab.example.org> | 2012-09-06 11:37:45 (GMT) |
| commit | ca1dbbd1c050ab3ab15af37000fd2abc836c5782 (patch) | |
| tree | 8bbcd02535074d0a104d6066078f56d21aef98de | |
| parent | d0cbf8bd59e5386912d0ddfda8ac5d7774eba3ce (diff) | |
| download | kolab-scripts-ca1dbbd1c050ab3ab15af37000fd2abc836c5782.tar.gz | |
Add some hosted-kolab scripts
| -rwxr-xr-x | hosted-kolab/01-add-hosted-kolab-service-account.sh | 16 | ||||
| -rwxr-xr-x | hosted-kolab/02-allow-hosted-kolab-service-account-to-list-domains.sh | 11 | ||||
| -rwxr-xr-x | hosted-kolab/03-prevent-hosted-kolab-service-account-from-reading-domain.sh | 18 | ||||
| -rwxr-xr-x | hosted-kolab/04-add-kolab-hosting-section.sh | 14 | ||||
| -rw-r--r-- | hosted-kolab/05-add-kolabsys.com.sh | 0 | ||||
| -rw-r--r-- | hosted-kolab/06-add-demo.kolab.org.sh | 0 | ||||
| -rw-r--r-- | hosted-kolab/07-add-kolab.org.sh | 0 | ||||
| -rwxr-xr-x | hosted-kolab/08-restrict-access-to-new-domains.sh | 5 | ||||
| -rwxr-xr-x | hosted-kolab/09-allow-add-users-by-hosted-kolab-service-account.sh | 11 | ||||
| -rwxr-xr-x | hosted-kolab/10-add-initial-admin-user-to-domain.sh | 52 | ||||
| -rwxr-xr-x | hosted-kolab/11-add-domain-sections.sh | 202 | ||||
| -rwxr-xr-x | hosted-kolab/12-update-mysql-table-for-hosted.sh | 12 | ||||
| l--------- | hosted-kolab/settings.sh | 1 |
13 files changed, 342 insertions, 0 deletions
diff --git a/hosted-kolab/01-add-hosted-kolab-service-account.sh b/hosted-kolab/01-add-hosted-kolab-service-account.sh new file mode 100755 index 0000000..6af577f --- /dev/null +++ b/hosted-kolab/01-add-hosted-kolab-service-account.sh @@ -0,0 +1,16 @@ +#!/bin/bash + + . ./settings.sh +( + echo "dn: uid=hosted-kolab-service,ou=Special Users,${rootdn}" + echo "objectclass: top" + echo "objectclass: inetorgperson" + echo "objectclass: person" + echo "uid: hosted-kolab-service" + echo "cn: Hosted Kolab Service Account" + echo "sn: Service Account" + echo "givenname: Hosted Kolab" + echo "userpassword: ${hosted_kolab_service_pw}" + echo "" +) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" + diff --git a/hosted-kolab/02-allow-hosted-kolab-service-account-to-list-domains.sh b/hosted-kolab/02-allow-hosted-kolab-service-account-to-list-domains.sh new file mode 100755 index 0000000..3b20b7c --- /dev/null +++ b/hosted-kolab/02-allow-hosted-kolab-service-account-to-list-domains.sh @@ -0,0 +1,11 @@ +#!/bin/bash + + . ./settings.sh + +( + echo "dn: cn=kolab,cn=config" + echo "changetype: modify" + echo "add: aci" + echo "aci: (targetattr = \"*\") (version 3.0;acl \"Hosted Kolab Services\";allow (read,compare,search)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)" + echo "" +) | ldapmodify -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" diff --git a/hosted-kolab/03-prevent-hosted-kolab-service-account-from-reading-domain.sh b/hosted-kolab/03-prevent-hosted-kolab-service-account-from-reading-domain.sh new file mode 100755 index 0000000..26856e9 --- /dev/null +++ b/hosted-kolab/03-prevent-hosted-kolab-service-account-from-reading-domain.sh @@ -0,0 +1,18 @@ +#!/bin/bash + + . ./settings.sh + +if [ $# -ne 1 ]; then + domain_to_lock=${domain} +else + domain_to_lock=$1 +fi + +( + echo "dn: associateddomain=${domain_to_lock},cn=kolab,cn=config" + echo "changetype: modify" + echo "add: aci" + echo "aci: (targetattr = \"*\") (version 3.0;acl \"Hosted Kolab Services\";deny (read,search)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)" + echo "" +) | ldapmodify -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" + diff --git a/hosted-kolab/04-add-kolab-hosting-section.sh b/hosted-kolab/04-add-kolab-hosting-section.sh new file mode 100755 index 0000000..9a6ac27 --- /dev/null +++ b/hosted-kolab/04-add-kolab-hosting-section.sh @@ -0,0 +1,14 @@ +#!/bin/bash + + . ./settings.sh + +( + echo "" + echo "[kolab_hosting]" + echo "primary_domain = demo.kolab.org" + echo "bind_dn = uid=hosted-kolab-service,ou=Special Users,${rootdn}" + echo "bind_pw = ${hosted_kolab_service_pw}" + echo "" +) >> /etc/kolab/kolab.conf + +sed -r -i -e 's/\[kolab_wap\]/[kolab_wap]\ndevel_mode = 1\ndebug_mode = trace/g' /etc/kolab/kolab.conf diff --git a/hosted-kolab/05-add-kolabsys.com.sh b/hosted-kolab/05-add-kolabsys.com.sh new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/hosted-kolab/05-add-kolabsys.com.sh diff --git a/hosted-kolab/06-add-demo.kolab.org.sh b/hosted-kolab/06-add-demo.kolab.org.sh new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/hosted-kolab/06-add-demo.kolab.org.sh diff --git a/hosted-kolab/07-add-kolab.org.sh b/hosted-kolab/07-add-kolab.org.sh new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/hosted-kolab/07-add-kolab.org.sh diff --git a/hosted-kolab/08-restrict-access-to-new-domains.sh b/hosted-kolab/08-restrict-access-to-new-domains.sh new file mode 100755 index 0000000..0429d2f --- /dev/null +++ b/hosted-kolab/08-restrict-access-to-new-domains.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +./03-prevent-hosted-kolab-service-account-from-reading-domain.sh kolabsys.com +./03-prevent-hosted-kolab-service-account-from-reading-domain.sh kolab.org + diff --git a/hosted-kolab/09-allow-add-users-by-hosted-kolab-service-account.sh b/hosted-kolab/09-allow-add-users-by-hosted-kolab-service-account.sh new file mode 100755 index 0000000..0cfad05 --- /dev/null +++ b/hosted-kolab/09-allow-add-users-by-hosted-kolab-service-account.sh @@ -0,0 +1,11 @@ +#!/bin/bash + + . ./settings.sh + +( + echo "dn: ou=People,${hosted_domain_rootdn}" + echo "changetype: modify" + echo "add: aci" + echo "aci: (targetattr = \"*\") (version 3.0;acl \"Hosted Kolab Services\";allow (all)(userdn = \"ldap:///uid=hosted-kolab-service,ou=Special Users,${rootdn}\");)" + echo "" +) | ldapmodify -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" diff --git a/hosted-kolab/10-add-initial-admin-user-to-domain.sh b/hosted-kolab/10-add-initial-admin-user-to-domain.sh new file mode 100755 index 0000000..4d01b32 --- /dev/null +++ b/hosted-kolab/10-add-initial-admin-user-to-domain.sh @@ -0,0 +1,52 @@ +#!/bin/bash + + . ./settings.sh + +( + echo "dn: uid=admin,ou=People,dc=kolabsys,dc=com" + echo "objectclass: top" + echo "objectclass: inetorgperson" + echo "objectclass: person" + echo "uid: admin" + echo "cn: Temporary Administrator" + echo "sn: Administrator" + echo "givenname: Temporary" + echo "displayname: Temporary Administrator" + echo "mail: admin@kolabsys.com" + echo "nsroledn: cn=kolab-admin,dc=kolabsys,dc=com" + echo "userpassword: ${ldap_bindpw}" + echo "" +) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" + +( + echo "dn: uid=admin,ou=People,dc=kolab,dc=org" + echo "objectclass: top" + echo "objectclass: inetorgperson" + echo "objectclass: person" + echo "uid: admin" + echo "cn: Temporary Administrator" + echo "sn: Administrator" + echo "givenname: Temporary" + echo "displayname: Temporary Administrator" + echo "mail: admin@kolab.org" + echo "nsroledn: cn=kolab-admin,dc=kolab,dc=org" + echo "userpassword: ${ldap_bindpw}" + echo "" +) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" + +( + echo "dn: uid=admin,ou=People,dc=demo,dc=kolab,dc=org" + echo "objectclass: top" + echo "objectclass: inetorgperson" + echo "objectclass: person" + echo "uid: admin" + echo "cn: Temporary Administrator" + echo "sn: Administrator" + echo "givenname: Temporary" + echo "displayname: Temporary Administrator" + echo "mail: admin@demo.kolab.org" + echo "nsroledn: cn=kolab-admin,dc=demo,dc=kolab,dc=org" + echo "userpassword: ${ldap_bindpw}" + echo "" +) | ldapadd -x -h ${ldap_host} -D "${ldap_binddn}" -w "${ldap_bindpw}" + diff --git a/hosted-kolab/11-add-domain-sections.sh b/hosted-kolab/11-add-domain-sections.sh new file mode 100755 index 0000000..8692036 --- /dev/null +++ b/hosted-kolab/11-add-domain-sections.sh @@ -0,0 +1,202 @@ +cat >>/etc/kolab/kolab.conf<<EOF +[demo.kolab.org] +base_dn = dc=demo,dc=kolab,dc=org +user_base_dn = ou=People,%(base_dn)s +personal_user_base_dn = ou=People,%(base_dn)s +professional_user_base_dn = ou=People,%(base_dn)s +primary_mail = %(uid)s@(domain)s +autocreate_folders = { + 'Calendar': { + 'annotations': { + '/private/vendor/kolab/folder-type': "event.default", + '/shared/vendor/kolab/folder-type': "event", + }, + }, + 'Configuration': { + 'annotations': { + '/private/vendor/kolab/folder-type': "configuration.default", + '/shared/vendor/kolab/folder-type': "configuration.default", + }, + }, + 'Drafts': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.drafts", + }, + }, + 'Contacts': { + 'annotations': { + '/private/vendor/kolab/folder-type': "contact.default", + '/shared/vendor/kolab/folder-type': "contact", + }, + }, + 'Journal': { + 'annotations': { + '/private/vendor/kolab/folder-type': "journal.default", + '/shared/vendor/kolab/folder-type': "journal", + }, + }, + 'Notes': { + 'annotations': { + '/private/vendor/kolab/folder-type': 'note.default', + '/shared/vendor/kolab/folder-type': 'note', + }, + }, + 'Sent': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.sentitems", + }, + }, + 'Spam': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.junkemail", + }, + }, + 'Tasks': { + 'annotations': { + '/private/vendor/kolab/folder-type': "task.default", + '/shared/vendor/kolab/folder-type': "task", + }, + }, + 'Trash': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.trash", + }, + }, + } +default_quota = 1048576 + +[kolabsys.com] +primary_mail = %(uid)s@(domain)s +autocreate_folders = { + 'Calendar': { + 'annotations': { + '/private/vendor/kolab/folder-type': "event.default", + '/shared/vendor/kolab/folder-type': "event", + }, + }, + 'Configuration': { + 'annotations': { + '/private/vendor/kolab/folder-type': "configuration.default", + '/shared/vendor/kolab/folder-type': "configuration.default", + }, + }, + 'Drafts': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.drafts", + }, + }, + 'Contacts': { + 'annotations': { + '/private/vendor/kolab/folder-type': "contact.default", + '/shared/vendor/kolab/folder-type': "contact", + }, + }, + 'Journal': { + 'annotations': { + '/private/vendor/kolab/folder-type': "journal.default", + '/shared/vendor/kolab/folder-type': "journal", + }, + }, + 'Notes': { + 'annotations': { + '/private/vendor/kolab/folder-type': 'note.default', + '/shared/vendor/kolab/folder-type': 'note', + }, + }, + 'Sent': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.sentitems", + }, + }, + 'Spam': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.junkemail", + }, + }, + 'Tasks': { + 'annotations': { + '/private/vendor/kolab/folder-type': "task.default", + '/shared/vendor/kolab/folder-type': "task", + }, + }, + 'Trash': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.trash", + }, + }, + } +secondary_mail = { + 0: { + "{0}.{1}@{2}": "format('%(givenname)s'[0:1].capitalize(), '%(surname)s', '%(domain)s')" + }, + 1: { + "{0}@{1}": "format('%(givenname)s.%(surname)s', '%(domain)s')" + } + } +default_quota = 1048576 + +[kolab.org] +base_dn = dc=kolab,dc=org +user_base_dn = ou=People,%(base_dn)s +primary_mail = %(givenname)s.%(surname)s@%(domain)s +autocreate_folders = { + 'Calendar': { + 'annotations': { + '/private/vendor/kolab/folder-type': "event.default", + '/shared/vendor/kolab/folder-type': "event", + }, + }, + 'Configuration': { + 'annotations': { + '/private/vendor/kolab/folder-type': "configuration.default", + '/shared/vendor/kolab/folder-type': "configuration.default", + }, + }, + 'Drafts': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.drafts", + }, + }, + 'Contacts': { + 'annotations': { + '/private/vendor/kolab/folder-type': "contact.default", + '/shared/vendor/kolab/folder-type': "contact", + }, + }, + 'Journal': { + 'annotations': { + '/private/vendor/kolab/folder-type': "journal.default", + '/shared/vendor/kolab/folder-type': "journal", + }, + }, + 'Notes': { + 'annotations': { + '/private/vendor/kolab/folder-type': 'note.default', + '/shared/vendor/kolab/folder-type': 'note', + }, + }, + 'Sent': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.sentitems", + }, + }, + 'Spam': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.junkemail", + }, + }, + 'Tasks': { + 'annotations': { + '/private/vendor/kolab/folder-type': "task.default", + '/shared/vendor/kolab/folder-type': "task", + }, + }, + 'Trash': { + 'annotations': { + '/private/vendor/kolab/folder-type': "mail.trash", + }, + }, + } +default_quota = 1048576 +EOF + diff --git a/hosted-kolab/12-update-mysql-table-for-hosted.sh b/hosted-kolab/12-update-mysql-table-for-hosted.sh new file mode 100755 index 0000000..f200bf3 --- /dev/null +++ b/hosted-kolab/12-update-mysql-table-for-hosted.sh @@ -0,0 +1,12 @@ +#!/bin/bash + + . ./settings.sh + +if [ -f "`ls -1 /usr/share/kolab-webadmin/doc/kolab_hosting-*.sql`" ]; then + sql_file="`ls -1 /usr/share/kolab-webadmin/doc/kolab_hosting-*.sql`" +else + sql_file="`ls -1 /usr/share/doc/kolab-webadmin-*/kolab_hosting-*.sql`" +fi + +mysql --user=kolab --password=Welcome2KolabSystems kolab < $sql_file + diff --git a/hosted-kolab/settings.sh b/hosted-kolab/settings.sh new file mode 120000 index 0000000..a08eca5 --- /dev/null +++ b/hosted-kolab/settings.sh @@ -0,0 +1 @@ +../settings.sh
\ No newline at end of file |