Initial import.

diff --git a/.gitignore b/.gitignore
new file mode 100644 (file)
index 0000000..4a99d28
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+./template.ldif

diff --git a/Makefile b/Makefile
new file mode 100644 (file)
index 0000000..2018ea6
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,44 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2012  IPFire Development Team                                 #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+LDIFS     = $(sort $(wildcard templates/*.ldif))
+TEMPLATE  = template.ldif
+
+PREFIX  = /usr
+DATADIR = $(PREFIX)/share/ipfire-dit
+
+.PHONY: all
+all: $(TEMPLATE)
+
+$(TEMPLATE): $(LDIFS)
+       for ldif in $^; do \
+               echo -e "# Source: $${ldif}"; \
+               cat $${ldif}; echo ""; \
+       done > $@
+
+.PHONY: install
+install: $(TEMPLATE)
+       # Install all of the templates.
+       -mkdir -pv $(DATADIR)
+       cp -vf $(TEMPLATE) $(DATADIR)
+
+.PHONY: clean
+clean:
+       rm -f $(TEMPLATE)

diff --git a/install.sh b/install.sh
new file mode 100644 (file)
index 0000000..b4f7fca
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,103 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2012  IPFire Development Team                                 #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+BASEDIR="/usr/share/ipfire-dit"
+TEMPLATE="${BASEDIR}/template.ldif"
+
+DOMAIN=${HOSTNAME#*.}
+PASSWORD=
+
+function parse_cli() {
+       while [ $# -gt 0 ]; do
+               case "${1}" in
+                       -p)
+                               PASSWORD=${2}
+                               shift
+                               ;;
+                       *)
+                               DOMAIN=${1}
+                               ;;
+               esac
+               shift
+       done
+
+       while [ -z "${PASSWORD}" ]; do
+               echo -n "Enter password: "
+               read -s PASSWORD
+               echo
+       done
+
+       # Check for valid input data.
+
+       if [ ${#PASSWORD} -lt 8 ]; then
+               echo "Using weak password. Must at least have 8 characters!" >&2
+               exit 1
+       fi
+
+       if [ -z "${DOMAIN}" ]; then
+               echo "Domain is empty." >&2
+               exit 1
+       fi
+
+       # XXX check domain for invalid characters
+}
+
+function substitude_ldif() {
+       local output=${1}
+
+       local suffix bit dc
+       for bit in ${DOMAIN//./ }; do
+               if [ -n "${suffix}" ]; then
+                       suffix="${suffix},dc=${bit}"
+               else
+                       dc="${bit}"
+                       suffix="dc=${bit}"
+               fi
+       done
+
+       sed \
+               -e "s/@DC@/${dc}/g" \
+               -e "s/@SUFFIX@/${suffix}/g" \
+               < ${TEMPLATE} > ${output}
+}
+
+function load_database() {
+       local new_ldif=$(mktemp)
+       trap "rm -f ${new_ldif}" EXIT KILL TERM
+
+       substitude_ldif ${new_ldif}
+
+       slapadd < ${new_ldif}
+}
+
+function generate_pwhash() {
+       local password="${PASSWORD}"
+
+       slappasswd -h "{SSHA}" -s "${password}"
+}
+
+# Hello to this wonderful script.
+# Firstly, let's see what we need to do.
+parse_cli $@
+
+# Now, we got all the information we need, we
+# can load the database.
+load_database

diff --git a/templates/000-header.ldif b/templates/000-header.ldif
new file mode 100644 (file)
index 0000000..14c6605
--- /dev/null
+++ b/templates/000-header.ldif
@@ -0,0 +1,29 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2012  IPFire Development Team                                 #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+# These files contain an initial layout of the IPFire LDAP DIT.
+
+# The following variables will be substituted:
+#
+# @SUFFIX@
+# The domain suffix of the base dn (e.g. dc=ipfire,dc=site).
+#
+# @DC@
+# The first dc part of @SUFFIX@ (e.g. ipfire).

diff --git a/templates/010-root.ldif b/templates/010-root.ldif
new file mode 100644 (file)
index 0000000..a37e8f7
--- /dev/null
+++ b/templates/010-root.ldif
@@ -0,0 +1,8 @@
+dn: @SUFFIX@
+objectClass: top
+objectClass: dcObject
+objectClass: organization
+dc: @DC@
+o: @DC@
+
+# XXX possibly, we could remove objectClass=organization from here

diff --git a/templates/011-manager.ldif b/templates/011-manager.ldif
new file mode 100644 (file)
index 0000000..d07f4ea
--- /dev/null
+++ b/templates/011-manager.ldif
@@ -0,0 +1,4 @@
+dn: cn=root,@SUFFIX@
+objectClass: organizationalRole
+cn: root
+description: LDAP root account

diff --git a/templates/021-dn-Group.ldif b/templates/021-dn-Group.ldif
new file mode 100644 (file)
index 0000000..9b8c79d
--- /dev/null
+++ b/templates/021-dn-Group.ldif
@@ -0,0 +1,5 @@
+dn: ou=Group,@SUFFIX@
+objectClass: top
+objectClass: organizationalUnit
+ou: Group
+description: Organizational unit for user groups

diff --git a/templates/022-dn-People.ldif b/templates/022-dn-People.ldif
new file mode 100644 (file)
index 0000000..9ef3d23
--- /dev/null
+++ b/templates/022-dn-People.ldif
@@ -0,0 +1,5 @@
+dn: ou=People,@SUFFIX@
+objectClass: top
+objectClass: organizationalUnit
+ou: People
+description: Organizational unit for user accounts