+++ /dev/null
-#!/bin/sh
-
-
-/usr/local/bin/getletsencrypt.sh
+++ /dev/null
-#!/bin/sh
-
-
-if [ -d /etc/letsencrypt/live/useribm ]
-then
- for ORIG_FILE in /etc/httpd/conf.d/*.le
- do
- CONF_FILE=$(echo $ORIG_FILE | sed 's/^\(.*\)\.le$/\1/')
- echo "Moving $ORIG_FILE to $CONF_FILE"
- mv $ORIG_FILE $CONF_FILE
- done
- cp --archive \
- /usr/lib/python3.10/site-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf \
- /etc/letsencrypt/options-ssl-apache.conf
- systemctl enable httpd.service
- systemctl start httpd.service
-fi
#!/bin/sh
+systemctl enable httpd.service
+systemctl start httpd.service
systemctl enable oddjobd.service
systemctl start oddjobd.service
systemctl enable postfix.service
+++ /dev/null
-WSGISocketPrefix run/wsgi
-
-<VirtualHost *:443>
- ServerName fdc.useribm.hu
- ServerAdmin siteadmin@useribm.hu
- DocumentRoot "/var/www/htdocs.443"
-
- SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
- Include /etc/letsencrypt/options-ssl-apache.conf
-
- <Directory /var/www/htdocs.443>
- DirectoryIndex index.xhtml
- #Options FollowSymLinks Indexes
- #IndexOptions Charset=UTF-8 NameWidth=*
- <RequireAny>
- Require all granted
- </RequireAny>
- </Directory>
-
- DavLockDB /var/www/htdocs.443/dav/lock
-
- WSGIDaemonProcess was.443 processes=1 threads=1 maximum-requests=10000 shutdown-timeout=5
- WSGIProcessGroup was.443
- WSGIScriptAlias /passwordchange /var/www/htdocs.443/wsgi/passwordchange.wsgi
-</VirtualHost>
+WSGISocketPrefix run/wsgi
+
<VirtualHost *:80>
- ServerName fdc.useribm.hu
+ ServerName fdc.in.useribm.hu
ServerAdmin siteadmin@useribm.hu
+ DocumentRoot "/var/www/htdocs.443"
+
+ <Directory /var/www/htdocs.443>
+ DirectoryIndex index.xhtml
+ Require all granted
+ </Directory>
+
+ DavLockDB /var/www/htdocs.443/dav/lock
- Redirect permanent / https://fdc.useribm.hu/
+ WSGIDaemonProcess was.80 processes=1 threads=1 maximum-requests=10000 shutdown-timeout=5
+ WSGIProcessGroup was.80
+ WSGIScriptAlias /passwordchange /var/www/htdocs.80/wsgi/passwordchange.wsgi
</VirtualHost>
+++ /dev/null
-#!/bin/sh
-
-
-if [ -d /etc/letsencrypt ]
-then
- rm --force --recursive /etc/letsencrypt.old
- cp --archive /etc/letsencrypt /etc/letsencrypt.old
-fi
-
-/usr/bin/rsync \
- --archive \
- --delete-after \
- --info=STATS \
- pki.in.useribm.hu::letsencrypt \
- /etc/letsencrypt
-
-cp --archive \
- /usr/lib/python3.10/site-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf \
- /etc/letsencrypt/options-ssl-apache.conf
USERS_BASE='ou=people,dc=user,dc=hu'
-PWD_MAX_AGE = 8640000
-PWD_EXP_WARN_DAYS_1 = 7
-PWD_EXP_WARN_DAYS_2 = 3
-PWD_EXP_WARN_DAYS_3 = 1
+PWD_MAX_AGE = 365 * 24 * 60 * 60
+PWD_EXP_WARN_DAYS = [1, 3, 7]
+PWD_EXPIRED_DAYS = [-1, -3, -7]
PWD_WARNING_SUBJECT = 'Your password expires in {} days'
PWD_WARNING_MESSAGE = '''Dear {},
Your password will expire in {} days.
-Please visit https://fdc.useribm.hu and change it.
+Please visit https://passwordchange.useribm.hu and change it.
Respectfully yours,
Directory Server'''
PWD_ERROR_MESSAGE = '''Dear {},
Your password has expired.
-Please visit https://fdc.useribm.hu and change it.
+Please visit https://passwordchange.useribm.hu and change it.
Respectfully yours,
Directory Server'''
expiration_seconds = PWD_MAX_AGE - (current_timestamp - pwd_update_timestamp)
expiration_days = expiration_seconds / (24 * 60 * 60)
rounded_expiration_days = int(expiration_days + 0.5)
- if expiration_days > PWD_EXP_WARN_DAYS_1:
- #send_mail('OK', rounded_expiration_days, uid, email_address)
- continue
- if (expiration_days + PWD_EXP_WARN_DAYS_2) < 0:
- #send_mail('CRITICAL', rounded_expiration_days, uid, email_address)
- continue
- if expiration_days < 0:
+ if rounded_expiration_days in PWD_EXPIRED_DAYS:
send_mail('ERROR', rounded_expiration_days, uid, email_address)
- continue
- if expiration_days == PWD_EXP_WARN_DAYS_3:
- send_mail('WARNING', rounded_expiration_days, uid, email_address)
- continue
- if expiration_days == PWD_EXP_WARN_DAYS_2:
- send_mail('WARNING', rounded_expiration_days, uid, email_address)
- continue
- if expiration_days == PWD_EXP_WARN_DAYS_1:
+ elif rounded_expiration_days in PWD_EXP_WARN_DAYS:
send_mail('WARNING', rounded_expiration_days, uid, email_address)
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = x86_64
-lxc.uts.name = fdc.useribm.hu
+lxc.uts.name = fdc.in.useribm.hu
lxc.rootfs.path = __CONTAINER_PATH__/rootfs
lxc.mount.auto = proc:rw sys:ro
SPEC_PACKAGES="authselect cronie httpd mod_ssl oddjob-mkhomedir"
SPEC_PACKAGES="$SPEC_PACKAGES openldap-clients openssh-clients"
SPEC_PACKAGES="$SPEC_PACKAGES openssh-server passwd postfix"
-SPEC_PACKAGES="$SPEC_PACKAGES python3-certbot-apache python3-ldap"
-SPEC_PACKAGES="$SPEC_PACKAGES python3-mod_wsgi rsync sssd-ldap"
+SPEC_PACKAGES="$SPEC_PACKAGES python3-ldap python3-mod_wsgi sssd-ldap"
https://git.useribm.hu / user-lxc.git / commitdiff