diff --git a/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/actions.yaml b/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/actions.yaml index e4b157ae1c0dfd901e05a717309ca3420171b6fe..d1e5d4f7b7b1b6791028dae91857cf8e404c4669 100644 --- a/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/actions.yaml +++ b/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/actions.yaml @@ -61,3 +61,19 @@ remove-snap: update-system: description: "Updates all software to latest version." +integrate-ldap: + description: "Adds support for ldap." + params: + ldap_host: + description: "Ip or domain of the ldap host." + type: string + ldap_domain: + description: "Ldap domian." + type: string + ldap_password: + description: "Password for the admin user." + type: string + required: + - ldap_host + - ldap_domain + - ldap_password diff --git a/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/src/charm.py b/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/src/charm.py index 41e3c64201ded3be2b440a423d3db2c47809ad15..50729e7455009b6ce240a413957bfb639f6391f6 100755 --- a/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/src/charm.py +++ b/hackfest_virtual-pc_vnfd/charms/virtual-pc-src/src/charm.py @@ -70,6 +70,7 @@ class VirtualPCCharm(CharmBase, InstallProgress): self._stored.set_default() self.last_status_update = time.time() + self._stored.set_default(ldap_installed=False) # Basic hooks self.framework.observe(self.on.install, self._on_install) @@ -86,6 +87,7 @@ class VirtualPCCharm(CharmBase, InstallProgress): self.framework.observe(self.on["remove-package"].action, self._remove_package) self.framework.observe(self.on["remove-snap"].action, self._remove_snap) self.framework.observe(self.on["update-system"].action, self._update_system) + self.framework.observe(self.on["integrate-ldap"].action, self._ldap_integration) # Relations hooks @@ -201,6 +203,23 @@ class VirtualPCCharm(CharmBase, InstallProgress): upgrade_apt(update=True, progress=self) self.unit.status = self._get_current_status() + def _ldap_integration(self, event): + self.unit.status = MaintenanceStatus("Configuring Ldap autentication") + self._configure_ldap(event.params["ldap_host"], event.params["ldap_domain"], event.params["ldap_password"]) + if not self._stored.ldap_installed: + install_apt(packages=["ldap-auth-client", "nscd"], + update=True, progress=self) + # edit /etc/nsswitch.conf + shell("sudo sed -E -i '/passwd|group|shadow/ !b; s/$/ ldap/' /etc/nsswitch.conf") + # restart nscd + shell("sudo systemctl restart nscd") + #create a home directory when user login + shell("echo session required pam_mkhomedir.so skel=/etc/skel umask=077 | sudo tee /etc/pam.d/common-session") + self._stored.ldap_installed = True + else: + shell("dpkg-reconfigure -f noninteractive ldap-auth-client") + self.unit.status = ActiveStatus("Ldap autentication configured") + # Relation hooks # Private functions @@ -211,6 +230,21 @@ class VirtualPCCharm(CharmBase, InstallProgress): status_msg = "Ready" return status_type(status_msg) + def _configure_ldap(self, host, domain, password): + #configure ldap-auth-config with debconf + shell("echo ldap-auth-config ldap-auth-config/rootbindpw password {} | sudo debconf-set-selections".format(password)) + shell("echo ldap-auth-config ldap-auth-config/bindpw password {} | sudo debconf-set-selections".format(password)) + shell("echo ldap-auth-config ldap-auth-config/binddn string cn=admin,dc={},dc={} | sudo debconf-set-selections".format(domain.split(".")[0],domain.split(".")[1])) + shell("echo ldap-auth-config ldap-auth-config/dblogin boolean false | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/rootbinddn string cn=admin,dc={},dc={} | sudo debconf-set-selections".format(domain.split(".")[0],domain.split(".")[1])) + shell("echo ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://{} | sudo debconf-set-selections".format(host)) + shell("echo ldap-auth-config ldap-auth-config/override boolean true | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3 | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/dbrootlogin boolean true | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/ldapns/base-dn string dc={},dc={} | sudo debconf-set-selections".format(domain.split(".")[0],domain.split(".")[1])) + shell("echo ldap-auth-config ldap-auth-config/move-to-debconf boolean true | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/pam_password select clear | sudo debconf-set-selections") + if __name__ == "__main__": main(VirtualPCCharm) diff --git a/hackfest_virtual-pc_vnfd/charms/virtual-pc/actions.yaml b/hackfest_virtual-pc_vnfd/charms/virtual-pc/actions.yaml index e4b157ae1c0dfd901e05a717309ca3420171b6fe..d1e5d4f7b7b1b6791028dae91857cf8e404c4669 100644 --- a/hackfest_virtual-pc_vnfd/charms/virtual-pc/actions.yaml +++ b/hackfest_virtual-pc_vnfd/charms/virtual-pc/actions.yaml @@ -61,3 +61,19 @@ remove-snap: update-system: description: "Updates all software to latest version." +integrate-ldap: + description: "Adds support for ldap." + params: + ldap_host: + description: "Ip or domain of the ldap host." + type: string + ldap_domain: + description: "Ldap domian." + type: string + ldap_password: + description: "Password for the admin user." + type: string + required: + - ldap_host + - ldap_domain + - ldap_password diff --git a/hackfest_virtual-pc_vnfd/charms/virtual-pc/src/charm.py b/hackfest_virtual-pc_vnfd/charms/virtual-pc/src/charm.py index 41e3c64201ded3be2b440a423d3db2c47809ad15..50729e7455009b6ce240a413957bfb639f6391f6 100755 --- a/hackfest_virtual-pc_vnfd/charms/virtual-pc/src/charm.py +++ b/hackfest_virtual-pc_vnfd/charms/virtual-pc/src/charm.py @@ -70,6 +70,7 @@ class VirtualPCCharm(CharmBase, InstallProgress): self._stored.set_default() self.last_status_update = time.time() + self._stored.set_default(ldap_installed=False) # Basic hooks self.framework.observe(self.on.install, self._on_install) @@ -86,6 +87,7 @@ class VirtualPCCharm(CharmBase, InstallProgress): self.framework.observe(self.on["remove-package"].action, self._remove_package) self.framework.observe(self.on["remove-snap"].action, self._remove_snap) self.framework.observe(self.on["update-system"].action, self._update_system) + self.framework.observe(self.on["integrate-ldap"].action, self._ldap_integration) # Relations hooks @@ -201,6 +203,23 @@ class VirtualPCCharm(CharmBase, InstallProgress): upgrade_apt(update=True, progress=self) self.unit.status = self._get_current_status() + def _ldap_integration(self, event): + self.unit.status = MaintenanceStatus("Configuring Ldap autentication") + self._configure_ldap(event.params["ldap_host"], event.params["ldap_domain"], event.params["ldap_password"]) + if not self._stored.ldap_installed: + install_apt(packages=["ldap-auth-client", "nscd"], + update=True, progress=self) + # edit /etc/nsswitch.conf + shell("sudo sed -E -i '/passwd|group|shadow/ !b; s/$/ ldap/' /etc/nsswitch.conf") + # restart nscd + shell("sudo systemctl restart nscd") + #create a home directory when user login + shell("echo session required pam_mkhomedir.so skel=/etc/skel umask=077 | sudo tee /etc/pam.d/common-session") + self._stored.ldap_installed = True + else: + shell("dpkg-reconfigure -f noninteractive ldap-auth-client") + self.unit.status = ActiveStatus("Ldap autentication configured") + # Relation hooks # Private functions @@ -211,6 +230,21 @@ class VirtualPCCharm(CharmBase, InstallProgress): status_msg = "Ready" return status_type(status_msg) + def _configure_ldap(self, host, domain, password): + #configure ldap-auth-config with debconf + shell("echo ldap-auth-config ldap-auth-config/rootbindpw password {} | sudo debconf-set-selections".format(password)) + shell("echo ldap-auth-config ldap-auth-config/bindpw password {} | sudo debconf-set-selections".format(password)) + shell("echo ldap-auth-config ldap-auth-config/binddn string cn=admin,dc={},dc={} | sudo debconf-set-selections".format(domain.split(".")[0],domain.split(".")[1])) + shell("echo ldap-auth-config ldap-auth-config/dblogin boolean false | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/rootbinddn string cn=admin,dc={},dc={} | sudo debconf-set-selections".format(domain.split(".")[0],domain.split(".")[1])) + shell("echo ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://{} | sudo debconf-set-selections".format(host)) + shell("echo ldap-auth-config ldap-auth-config/override boolean true | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3 | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/dbrootlogin boolean true | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/ldapns/base-dn string dc={},dc={} | sudo debconf-set-selections".format(domain.split(".")[0],domain.split(".")[1])) + shell("echo ldap-auth-config ldap-auth-config/move-to-debconf boolean true | sudo debconf-set-selections") + shell("echo ldap-auth-config ldap-auth-config/pam_password select clear | sudo debconf-set-selections") + if __name__ == "__main__": main(VirtualPCCharm) diff --git a/hackfest_virtual-pc_vnfd/virtual-pc_vnfd.yaml b/hackfest_virtual-pc_vnfd/virtual-pc_vnfd.yaml index 511baf03fda4e2d659a2929fe83580dd6dfac05d..dff3c9d8def2a7db858012c7153ed1e77418fe26 100644 --- a/hackfest_virtual-pc_vnfd/virtual-pc_vnfd.yaml +++ b/hackfest_virtual-pc_vnfd/virtual-pc_vnfd.yaml @@ -57,6 +57,16 @@ vnfd: name: package - name: update-system execution-environment-ref: virtual-pc-ee + - name: integrate-ldap + execution-environment-ref: virtual-pc-ee + parameter: + - name: ldap_host + data-type: STRING + - name: ldap_domain + data-type: STRING + - name: ldap_password + data-type: STRING + ext-cpd: - id: virtual-pc-private-ext