1 files changed, 161 insertions, 0 deletions
diff --git a/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java b/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java
new file mode 100644
index 0000000..71ef249
--- /dev/null
+++ b/src/main/java/org/openslx/taskmanager/tasks/CreateAdConfig.java
@@ -0,0 +1,161 @@
+package org.openslx.taskmanager.tasks;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
+import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
+import org.apache.commons.io.FileUtils;
+import org.openslx.satserver.util.Archive;
+import org.openslx.satserver.util.Util;
+import org.openslx.taskmanager.api.AbstractTask;
+
+import com.google.gson.annotations.Expose;
+
+public class CreateAdConfig extends AbstractTask
+{
+	@Expose
+	private int moduleid = 0;
+	@Expose
+	private String filename = null;
+	@Expose
+	private String server = null;
+	@Expose
+	private String searchbase = null;
+	@Expose
+	private String binddn = null;
+	@Expose
+	private String bindpw = null;
+	@Expose
+	private String proxyip = null;
+	@Expose
+	private int proxyport = 0;
+	@Expose
+	private String home = null;
+
+	private Output status = new Output();
+
+	@Override
+	protected boolean initTask()
+	{
+		// TODO: Check path is allowed
+		this.setStatusObject( this.status );
+		if ( filename == null || server == null || searchbase == null || binddn == null || bindpw == null || proxyip == null || proxyport == 0 || moduleid == 0 ) {
+			status.error = "Missing argument to task";
+			return false;
+		}
+		if ( this.home == null )
+			this.home = "";
+		return true;
+	}
+
+	@Override
+	protected boolean execute()
+	{
+		TarArchiveOutputStream outArchive = null;
+		try {
+			// ldadp config
+			String ldadpConf = String.format(
+					"[%s]\n"
+							+ "binddn=%s\n"
+							+ "bindpw=%s\n"
+							+ "base=%s\n"
+							+ "port=%s\n"
+							+ "home=%s\n"
+							+ "\n",
+					this.server,
+					this.binddn,
+					this.bindpw,
+					this.searchbase,
+					this.proxyport,
+					this.home );
+			String fileName = "/opt/ldadp/configs/" + this.moduleid + ".cfg";
+			try {
+				Files.deleteIfExists( Paths.get( filename ) );
+			} catch ( IOException e1 ) {
+			}
+			try {
+				FileUtils.writeStringToFile( new File( fileName ), ldadpConf, StandardCharsets.UTF_8 );
+			} catch ( IOException e ) {
+				status.error = e.toString();
+				return false;
+			}
+			try {
+				outArchive = Archive.createTarArchive( this.filename );
+			} catch ( IOException e ) {
+				status.error = "Could not create archive at " + this.filename;
+				return false;
+			}
+			// Generic ldap config
+			String ldapConf = String
+					.format(
+							"URI                  ldap://%s:%d/\n"
+									+ "BASE                 %s\n"
+									+ "BIND_TIMELIMIT       10\n"
+									+ "TIMELIMIT            30\n"
+									+ "nss_base_passwd      %s\n"
+									+ "nss_base_group       %s\n"
+									+ "nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,dnsmasq,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data\n",
+							this.proxyip, this.proxyport,
+							this.searchbase,
+							this.searchbase,
+							this.searchbase
+					);
+			// nslcd config
+			String nslcdConf = String
+					.format(
+							"URI                  ldap://%s:%d/\n"
+									+ "BASE                 %s\n"
+									+ "BIND_TIMELIMIT       10\n"
+									+ "TIMELIMIT            30\n"
+									+ "scope sub\n"
+									+ "nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,dnsmasq,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data\n",
+							this.proxyip, this.proxyport,
+							this.searchbase,
+							this.searchbase,
+							this.searchbase
+					);
+			// nsswitch.conf with ldap enabled
+			if ( !Archive.tarAddFile( outArchive, "/etc/nsswitch.conf", new File( "./data/ad/nsswitch.conf" ), 0644 ) ) {
+				status.error = "Could not add nsswitch.conf to module";
+				return false;
+			}
+			// All the pam.d common-XXXX files
+			for ( String file : new String[] { "common-auth", "common-account", "common-session", "common-session-noninteractive", "common-password" } ) {
+				if ( !Archive.tarAddFile( outArchive, "/etc/pam.d/" + file, new File( "./data/ad/" + file ), 0644 ) ) {
+					status.error = "Could not add " + file + " to module";
+					return false;
+				}
+			}
+			// Home if present
+			if ( this.home.length() != 0
+					&& !Archive.tarAddFile( outArchive, "/opt/openslx/scripts/pam_script_mount_persistent", new File( "./data/ad/mountscript" ), 0644 ) ) {
+				status.error = "Could not add mount script to module";
+				return false;
+			}
+			boolean ret = Archive.tarCreateFileFromString( outArchive, "/etc/ldap.conf", ldapConf, 0644 )
+					&& Archive.tarCreateFileFromString( outArchive, "/etc/nslcd.conf", nslcdConf, 0644 )
+					&& Archive.tarCreateSymlink( outArchive, "/etc/ldap.conf", "/etc/ldap/ldap.conf" )
+					&& Archive.tarCreateSymlink( outArchive, "/etc/ldap.conf", "/etc/openldap/ldap.conf" )
+					&& Archive.tarCreateSymlink( outArchive, "../nslcd.service", "/etc/systemd/system/basic.target.wants/nslcd.service" );
+			if ( !ret ) {
+				status.error = "Could not add ldap configs to module";
+			}
+			return ret;
+		} finally {
+			Util.multiClose( outArchive );
+		}
+	}
+
+	/**
+	 * Output - contains additional status data of this task
+	 */
+	@SuppressWarnings( "unused" )
+	private static class Output
+	{
+		protected String error = null;
+	}
+
+}