dataset/seed/openldap/templates/users.ldif

{% set add_test = True %}
{% set username="rougail_test@silique.fr" %}
{% set username_family="rougail_test@gnunux.info" %}
{% set name_family="gnunux" %}
# BaseDN
{% set groups = {} %}
dn: {{ general.ldap.ldap_base_dn }}
{% set attribute, organization = ldap_base_dn.split(',', 1)[0].split('=') %}
{{ attribute }}: {{ organization }}
objectClass: top
{% if attribute == 'o' %}
objectClass: organization
{% else %}
objectClass: organizationalUnit
{% endif %}

# Remote
{% set acc = [] %}
{% for idx in range(3) %}
{% set name = 'remote_test' + idx|string %}
{{ acc.append(('cn=' + name + ',' + ldap_base_dn, name, name|get_password(server_name=domain_name_eth0, description="remote account", type="cleartext", hide=hide_secret, temporary=True))) }}
{% endfor %}
{% for remote in accounts.remotes %}
{% set name = remote|normalize_family %}
{{ acc.append((accounts['remote_' + name]['dn_' + name], remote, accounts['remote_' + name]['password_' + name])) }}
{% endfor %}
{% for dn, remote, password in acc %}
dn: {{ dn }}
cn: {{ remote }}
sn: {{ remote }}
uid: {{ remote }}
userPassword:: {{ password|ssha_encode }}
objectClass: top
objectClass: inetOrgPerson

{% endfor %}
# Accounts
dn: {{ ldap_account_dn }}
ou: accounts
objectClass: top
objectClass: organizationalUnit

## Accounts users
{% set users = ldap_user_dn %}
dn: {{ users }}
ou: users
objectClass: top
objectClass: organizationalUnit

{% set userdn = 'cn=' + username + ',' + ldap_base_dn|calc_ldapclient_base_dn %}
{% set userfamilydn = 'cn=' + username_family + ',' + ldap_base_dn|calc_ldapclient_base_dn(family_name=name_family) %}
{% set acc = [(userdn, username, username|get_password(server_name='test', description="test", type="cleartext", hide=hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test', [], 'users'),
              (userfamilydn, username_family, username_family|get_password(server_name='test', description='test', type="cleartext", hide=hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test_gnunux', [], name_family),
              ] %}
{% set x=groups.__setitem__('users', [userdn]) %}
{% set x=groups.__setitem__(name_family, [userfamilydn]) %}
{% for user in accounts.users.ldap_user_mail %}
{% set userdn = "cn=" + user + "," + users %}
{{ acc.append((userdn, user, user.ldap_user_password, user.ldap_user_sn, user.ldap_user_gn, user.ldap_user_uid, user.ldap_user_aliases, 'users')) }}
{{ groups.setdefault('users', []).append(userdn) }}
{% endfor %}
## Families
dn: {{ ldap_base_dn|calc_ldapclient_base_dn(family_name='-') }}
ou: families
objectClass: top
objectClass: organizationalUnit

{% macro add_family(family, families) %}
dn: {{ families }}
ou: {{ family }}
objectClass: top
objectClass: organizationalUnit
{% endmacro %}
{% if add_test and 'gnunux' not in accounts.families %}
{% set families = ldap_base_dn|calc_ldapclient_base_dn(family_name='gnunux') %}
{{ add_family('gnunux', families) }}
{% endif %}
{% for family in accounts.families %}
{% set families = ldap_base_dn|calc_ldapclient_base_dn(family_name=family) %}
{{ add_family(family, families) }}
{% for user in accounts['family_' + family]['users_' + family]['ldap_user_mail_' + family] %}
{% set userdn = "cn=" + user + "," + families %}
{{ groups.setdefault(family, []).append(userdn) }}
{{ acc.append((userdn, user, user['ldap_user_password_' + family], user['ldap_user_sn_' + family], user['ldap_user_gn_' + family], user['ldap_user_uid_' + family], user['ldap_user_aliases_' + family], family)) }}
{% endfor %}
{% endfor %}
{% for userdn, user, password, sn, gn, uid, aliases, family in acc %}
dn: {{ userdn }}
cn: {{ user }}
mail: {{ user }}
sn: {{ sn }}
givenName: {{ gn }}
uid: {{ uid }}
userPassword:: {{ password|ssha_encode }}
{% if family == 'users' %}
homeDirectory: /srv/home/users/{{ user }}
{% else %}
homeDirectory: /srv/home/families/{{ family }}/{{ user }}
{% endif %}
mailLocalAddress: {{ user }}
{% if aliases %}
{% for alias in aliases %}
mailLocalAddress: {{ alias }}
{% endfor %}
{% endif %}
uidNumber: 0
gidNumber: 0
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: inetLocalMailRecipient

{% endfor %}
## Groups
{% set groupdn = ldap_group_dn %}
dn: {{ groupdn }}
ou: groups
objectClass: top
objectClass: organizationalUnit

{% for group, members in groups.items() %}
dn: cn={{ group }},{{ groupdn }}
cn: {{ group }}
objectclass: top
objectclass: groupOfNames
{% for member in members %}
member: {{ member }}
{% endfor %}

{% endfor %}
ansible template 2023-06-23 08:12:05 +02:00			`{% set add_test = True %}`
			`{% set username="rougail_test@silique.fr" %}`
			`{% set username_family="rougail_test@gnunux.info" %}`
			`{% set name_family="gnunux" %}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`# BaseDN`
ansible template 2023-06-23 08:12:05 +02:00			`{% set groups = {} %}`
			`dn: {{ general.ldap.ldap_base_dn }}`
			`{% set attribute, organization = ldap_base_dn.split(',', 1)[0].split('=') %}`
			`{{ attribute }}: {{ organization }}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`objectClass: top`
ansible template 2023-06-23 08:12:05 +02:00			`{% if attribute == 'o' %}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`objectClass: organization`
ansible template 2023-06-23 08:12:05 +02:00			`{% else %}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`objectClass: organizationalUnit`
ansible template 2023-06-23 08:12:05 +02:00			`{% endif %}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00
			`# Remote`
ansible template 2023-06-23 08:12:05 +02:00			`{% set acc = [] %}`
			`{% for idx in range(3) %}`
			`{% set name = 'remote_test' + idx\|string %}`
			`{{ acc.append(('cn=' + name + ',' + ldap_base_dn, name, name\|get_password(server_name=domain_name_eth0, description="remote account", type="cleartext", hide=hide_secret, temporary=True))) }}`
			`{% endfor %}`
			`{% for remote in accounts.remotes %}`
			`{% set name = remote\|normalize_family %}`
			`{{ acc.append((accounts['remote_' + name]['dn_' + name], remote, accounts['remote_' + name]['password_' + name])) }}`
			`{% endfor %}`
			`{% for dn, remote, password in acc %}`
			`dn: {{ dn }}`
			`cn: {{ remote }}`
			`sn: {{ remote }}`
			`uid: {{ remote }}`
			`userPassword:: {{ password\|ssha_encode }}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`objectClass: top`
			`objectClass: inetOrgPerson`

ansible template 2023-06-23 08:12:05 +02:00			`{% endfor %}`
roundcube multi domain 2022-05-07 08:11:18 +02:00			`# Accounts`
ansible template 2023-06-23 08:12:05 +02:00			`dn: {{ ldap_account_dn }}`
roundcube multi domain 2022-05-07 08:11:18 +02:00			`ou: accounts`
			`objectClass: top`
			`objectClass: organizationalUnit`

update 2022-06-24 19:00:16 +02:00			`## Accounts users`
ansible template 2023-06-23 08:12:05 +02:00			`{% set users = ldap_user_dn %}`
			`dn: {{ users }}`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`ou: users`
			`objectClass: top`
			`objectClass: organizationalUnit`

ansible template 2023-06-23 08:12:05 +02:00			`{% set userdn = 'cn=' + username + ',' + ldap_base_dn\|calc_ldapclient_base_dn %}`
			`{% set userfamilydn = 'cn=' + username_family + ',' + ldap_base_dn\|calc_ldapclient_base_dn(family_name=name_family) %}`
			`{% set acc = [(userdn, username, username\|get_password(server_name='test', description="test", type="cleartext", hide=hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test', [], 'users'),`
			`(userfamilydn, username_family, username_family\|get_password(server_name='test', description='test', type="cleartext", hide=hide_secret, temporary=True), 'Rougail', 'Test', 'rougail_test_gnunux', [], name_family),`
			`] %}`
			`{% set x=groups.__setitem__('users', [userdn]) %}`
			`{% set x=groups.__setitem__(name_family, [userfamilydn]) %}`
			`{% for user in accounts.users.ldap_user_mail %}`
			`{% set userdn = "cn=" + user + "," + users %}`
			`{{ acc.append((userdn, user, user.ldap_user_password, user.ldap_user_sn, user.ldap_user_gn, user.ldap_user_uid, user.ldap_user_aliases, 'users')) }}`
			`{{ groups.setdefault('users', []).append(userdn) }}`
			`{% endfor %}`
roundcube multi domain 2022-05-07 08:11:18 +02:00			`## Families`
ansible template 2023-06-23 08:12:05 +02:00			`dn: {{ ldap_base_dn\|calc_ldapclient_base_dn(family_name='-') }}`
add piwigo 2022-04-28 21:48:16 +02:00			`ou: families`
			`objectClass: top`
			`objectClass: organizationalUnit`

ansible template 2023-06-23 08:12:05 +02:00			`{% macro add_family(family, families) %}`
			`dn: {{ families }}`
			`ou: {{ family }}`
add piwigo 2022-04-28 21:48:16 +02:00			`objectClass: top`
			`objectClass: organizationalUnit`
ansible template 2023-06-23 08:12:05 +02:00			`{% endmacro %}`
			`{% if add_test and 'gnunux' not in accounts.families %}`
			`{% set families = ldap_base_dn\|calc_ldapclient_base_dn(family_name='gnunux') %}`
			`{{ add_family('gnunux', families) }}`
			`{% endif %}`
			`{% for family in accounts.families %}`
			`{% set families = ldap_base_dn\|calc_ldapclient_base_dn(family_name=family) %}`
			`{{ add_family(family, families) }}`
			`{% for user in accounts['family_' + family]['users_' + family]['ldap_user_mail_' + family] %}`
			`{% set userdn = "cn=" + user + "," + families %}`
			`{{ groups.setdefault(family, []).append(userdn) }}`
			`{{ acc.append((userdn, user, user['ldap_user_password_' + family], user['ldap_user_sn_' + family], user['ldap_user_gn_' + family], user['ldap_user_uid_' + family], user['ldap_user_aliases_' + family], family)) }}`
			`{% endfor %}`
			`{% endfor %}`
			`{% for userdn, user, password, sn, gn, uid, aliases, family in acc %}`
			`dn: {{ userdn }}`
			`cn: {{ user }}`
			`mail: {{ user }}`
			`sn: {{ sn }}`
			`givenName: {{ gn }}`
			`uid: {{ uid }}`
			`userPassword:: {{ password\|ssha_encode }}`
			`{% if family == 'users' %}`
			`homeDirectory: /srv/home/users/{{ user }}`
			`{% else %}`
			`homeDirectory: /srv/home/families/{{ family }}/{{ user }}`
			`{% endif %}`
			`mailLocalAddress: {{ user }}`
			`{% if aliases %}`
			`{% for alias in aliases %}`
			`mailLocalAddress: {{ alias }}`
			`{% endfor %}`
			`{% endif %}`
dovecot 2022-05-04 10:29:03 +02:00			`uidNumber: 0`
			`gidNumber: 0`
add piwigo 2022-04-28 21:48:16 +02:00			`objectClass: top`
			`objectClass: inetOrgPerson`
dovecot 2022-05-04 10:29:03 +02:00			`objectClass: posixAccount`
add aliases support 2022-05-23 08:54:15 +02:00			`objectClass: inetLocalMailRecipient`
add piwigo 2022-04-28 21:48:16 +02:00
ansible template 2023-06-23 08:12:05 +02:00			`{% endfor %}`
update 2022-06-24 19:00:16 +02:00			`## Groups`
ansible template 2023-06-23 08:12:05 +02:00			`{% set groupdn = ldap_group_dn %}`
			`dn: {{ groupdn }}`
update 2022-06-24 19:00:16 +02:00			`ou: groups`
			`objectClass: top`
			`objectClass: organizationalUnit`

ansible template 2023-06-23 08:12:05 +02:00			`{% for group, members in groups.items() %}`
			`dn: cn={{ group }},{{ groupdn }}`
			`cn: {{ group }}`
update 2022-06-24 19:00:16 +02:00			`objectclass: top`
			`objectclass: groupOfNames`
ansible template 2023-06-23 08:12:05 +02:00			`{% for member in members %}`
			`member: {{ member }}`
			`{% endfor %}`
update 2022-06-24 19:00:16 +02:00
ansible template 2023-06-23 08:12:05 +02:00			`{% endfor %}`