From: Zoltán Felleg Date: Tue, 12 Jul 2022 12:11:09 +0000 (+0200) Subject: Updated fdc.in (https -> http). X-Git-Url: http://git.useribm.hu/?a=commitdiff_plain;h=39026ea8ce8a0467a659a122d220ee60794388f7;p=user-lxc.git Updated fdc.in (https -> http). --- diff --git a/sources/fdc.in/c3d/firstboot/scripts/20_setupletsencrypt.sh b/sources/fdc.in/c3d/firstboot/scripts/20_setupletsencrypt.sh deleted file mode 100755 index 019bbd0..0000000 --- a/sources/fdc.in/c3d/firstboot/scripts/20_setupletsencrypt.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - - -/usr/local/bin/getletsencrypt.sh diff --git a/sources/fdc.in/c3d/firstboot/scripts/30_setuphttpd.sh b/sources/fdc.in/c3d/firstboot/scripts/30_setuphttpd.sh deleted file mode 100755 index 6a3a230..0000000 --- a/sources/fdc.in/c3d/firstboot/scripts/30_setuphttpd.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - - -if [ -d /etc/letsencrypt/live/useribm ] -then - for ORIG_FILE in /etc/httpd/conf.d/*.le - do - CONF_FILE=$(echo $ORIG_FILE | sed 's/^\(.*\)\.le$/\1/') - echo "Moving $ORIG_FILE to $CONF_FILE" - mv $ORIG_FILE $CONF_FILE - done - cp --archive \ - /usr/lib/python3.10/site-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf \ - /etc/letsencrypt/options-ssl-apache.conf - systemctl enable httpd.service - systemctl start httpd.service -fi diff --git a/sources/fdc.in/c3d/firstboot/scripts/90_setupservices.sh b/sources/fdc.in/c3d/firstboot/scripts/90_setupservices.sh index 73b97b6..d22ac19 100755 --- a/sources/fdc.in/c3d/firstboot/scripts/90_setupservices.sh +++ b/sources/fdc.in/c3d/firstboot/scripts/90_setupservices.sh @@ -1,6 +1,8 @@ #!/bin/sh +systemctl enable httpd.service +systemctl start httpd.service systemctl enable oddjobd.service systemctl start oddjobd.service systemctl enable postfix.service diff --git a/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.443.conf.le b/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.443.conf.le deleted file mode 100644 index 67d5497..0000000 --- a/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.443.conf.le +++ /dev/null @@ -1,26 +0,0 @@ -WSGISocketPrefix run/wsgi - - - ServerName fdc.useribm.hu - ServerAdmin siteadmin@useribm.hu - DocumentRoot "/var/www/htdocs.443" - - SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem - SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem - Include /etc/letsencrypt/options-ssl-apache.conf - - - DirectoryIndex index.xhtml - #Options FollowSymLinks Indexes - #IndexOptions Charset=UTF-8 NameWidth=* - - Require all granted - - - - DavLockDB /var/www/htdocs.443/dav/lock - - WSGIDaemonProcess was.443 processes=1 threads=1 maximum-requests=10000 shutdown-timeout=5 - WSGIProcessGroup was.443 - WSGIScriptAlias /passwordchange /var/www/htdocs.443/wsgi/passwordchange.wsgi - diff --git a/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.80.conf b/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.80.conf index 10fb4c9..f66b3e0 100644 --- a/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.80.conf +++ b/sources/fdc.in/c3d/postinstall/install-data/etc/httpd/conf.d/fdc.80.conf @@ -1,6 +1,18 @@ +WSGISocketPrefix run/wsgi + - ServerName fdc.useribm.hu + ServerName fdc.in.useribm.hu ServerAdmin siteadmin@useribm.hu + DocumentRoot "/var/www/htdocs.443" + + + DirectoryIndex index.xhtml + Require all granted + + + DavLockDB /var/www/htdocs.443/dav/lock - Redirect permanent / https://fdc.useribm.hu/ + WSGIDaemonProcess was.80 processes=1 threads=1 maximum-requests=10000 shutdown-timeout=5 + WSGIProcessGroup was.80 + WSGIScriptAlias /passwordchange /var/www/htdocs.80/wsgi/passwordchange.wsgi diff --git a/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh b/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh deleted file mode 100755 index eb5ba2d..0000000 --- a/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh - - -if [ -d /etc/letsencrypt ] -then - rm --force --recursive /etc/letsencrypt.old - cp --archive /etc/letsencrypt /etc/letsencrypt.old -fi - -/usr/bin/rsync \ - --archive \ - --delete-after \ - --info=STATS \ - pki.in.useribm.hu::letsencrypt \ - /etc/letsencrypt - -cp --archive \ - /usr/lib/python3.10/site-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf \ - /etc/letsencrypt/options-ssl-apache.conf diff --git a/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/mailpwdexpiration.py b/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/mailpwdexpiration.py index 77cb550..89578be 100755 --- a/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/mailpwdexpiration.py +++ b/sources/fdc.in/c3d/postinstall/install-data/usr/local/bin/mailpwdexpiration.py @@ -11,16 +11,15 @@ LDAP_URI='ldaps://fds.useribm.hu' USERS_BASE='ou=people,dc=user,dc=hu' -PWD_MAX_AGE = 8640000 -PWD_EXP_WARN_DAYS_1 = 7 -PWD_EXP_WARN_DAYS_2 = 3 -PWD_EXP_WARN_DAYS_3 = 1 +PWD_MAX_AGE = 365 * 24 * 60 * 60 +PWD_EXP_WARN_DAYS = [1, 3, 7] +PWD_EXPIRED_DAYS = [-1, -3, -7] PWD_WARNING_SUBJECT = 'Your password expires in {} days' PWD_WARNING_MESSAGE = '''Dear {}, Your password will expire in {} days. -Please visit https://fdc.useribm.hu and change it. +Please visit https://passwordchange.useribm.hu and change it. Respectfully yours, Directory Server''' @@ -29,7 +28,7 @@ PWD_ERROR_SUBJECT = 'Your password has expired' PWD_ERROR_MESSAGE = '''Dear {}, Your password has expired. -Please visit https://fdc.useribm.hu and change it. +Please visit https://passwordchange.useribm.hu and change it. Respectfully yours, Directory Server''' @@ -80,20 +79,7 @@ if __name__ == '__main__': expiration_seconds = PWD_MAX_AGE - (current_timestamp - pwd_update_timestamp) expiration_days = expiration_seconds / (24 * 60 * 60) rounded_expiration_days = int(expiration_days + 0.5) - if expiration_days > PWD_EXP_WARN_DAYS_1: - #send_mail('OK', rounded_expiration_days, uid, email_address) - continue - if (expiration_days + PWD_EXP_WARN_DAYS_2) < 0: - #send_mail('CRITICAL', rounded_expiration_days, uid, email_address) - continue - if expiration_days < 0: + if rounded_expiration_days in PWD_EXPIRED_DAYS: send_mail('ERROR', rounded_expiration_days, uid, email_address) - continue - if expiration_days == PWD_EXP_WARN_DAYS_3: - send_mail('WARNING', rounded_expiration_days, uid, email_address) - continue - if expiration_days == PWD_EXP_WARN_DAYS_2: - send_mail('WARNING', rounded_expiration_days, uid, email_address) - continue - if expiration_days == PWD_EXP_WARN_DAYS_1: + elif rounded_expiration_days in PWD_EXP_WARN_DAYS: send_mail('WARNING', rounded_expiration_days, uid, email_address) diff --git a/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/index.xhtml b/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/index.xhtml similarity index 100% rename from sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/index.xhtml rename to sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/index.xhtml diff --git a/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/main.css b/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/main.css similarity index 100% rename from sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/main.css rename to sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/main.css diff --git a/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/wsgi/epilogue.xhtml b/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/wsgi/epilogue.xhtml similarity index 100% rename from sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/wsgi/epilogue.xhtml rename to sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/wsgi/epilogue.xhtml diff --git a/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/wsgi/passwordchange.wsgi b/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/wsgi/passwordchange.wsgi similarity index 100% rename from sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/wsgi/passwordchange.wsgi rename to sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/wsgi/passwordchange.wsgi diff --git a/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/wsgi/prologue.xhtml b/sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/wsgi/prologue.xhtml similarity index 100% rename from sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.443/wsgi/prologue.xhtml rename to sources/fdc.in/c3d/postinstall/install-data/var/www/htdocs.80/wsgi/prologue.xhtml diff --git a/sources/fdc.in/config b/sources/fdc.in/config index 7d1300c..9ec0b0b 100644 --- a/sources/fdc.in/config +++ b/sources/fdc.in/config @@ -1,7 +1,7 @@ lxc.include = /usr/share/lxc/config/common.conf lxc.arch = x86_64 -lxc.uts.name = fdc.useribm.hu +lxc.uts.name = fdc.in.useribm.hu lxc.rootfs.path = __CONTAINER_PATH__/rootfs lxc.mount.auto = proc:rw sys:ro diff --git a/sources/fdc.in/envvars b/sources/fdc.in/envvars index 87a78cf..d65253c 100644 --- a/sources/fdc.in/envvars +++ b/sources/fdc.in/envvars @@ -3,5 +3,4 @@ DISTRIBUTION_VERSION=36 SPEC_PACKAGES="authselect cronie httpd mod_ssl oddjob-mkhomedir" SPEC_PACKAGES="$SPEC_PACKAGES openldap-clients openssh-clients" SPEC_PACKAGES="$SPEC_PACKAGES openssh-server passwd postfix" -SPEC_PACKAGES="$SPEC_PACKAGES python3-certbot-apache python3-ldap" -SPEC_PACKAGES="$SPEC_PACKAGES python3-mod_wsgi rsync sssd-ldap" +SPEC_PACKAGES="$SPEC_PACKAGES python3-ldap python3-mod_wsgi sssd-ldap"