Add samba to test build

author Nick Porter <nick@portercomputing.co.uk>

Fri, 19 Aug 2022 15:41:37 +0000 (16:41 +0100)

committer Nick Porter <nick@portercomputing.co.uk>

Tue, 30 Aug 2022 12:51:35 +0000 (13:51 +0100)
author Nick Porter <nick@portercomputing.co.uk>
Fri, 19 Aug 2022 15:41:37 +0000 (16:41 +0100)
committer Nick Porter <nick@portercomputing.co.uk>
Tue, 30 Aug 2022 12:51:35 +0000 (13:51 +0100)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml

index 328cabe9629904dce17abcbaa1cffbb2e15c95a5..988feb4172eb9f349613bc36d330306d9aa0a0cf 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -325,6 +325,11 @@ jobs:
          sudo systemctl stop dovecot exim4 slapd openresty
          sudo aa-complain /usr/sbin/slapd
  
+        echo "samba-common samba-common/workgroup string WORKGROUP" | sudo debconf-set-selections
+        echo "samba-common samba-common/dhcp boolean false" | sudo debconf-set-selections
+        echo "samba-common samba-common/do_debconf boolean true" | sudo debconf-set-selections
+        sudo apt-get install -y samba winbind krb5-user
+
          export PG_VER=14
          sudo sh -c "echo host  all all 127.0.0.1/32 trust >  /etc/postgresql/$PG_VER/main/pg_hba.conf"
          sudo sh -c "echo local all all              trust >> /etc/postgresql/$PG_VER/main/pg_hba.conf"
@@ -342,6 +347,7 @@ jobs:
              ldap-setup.sh \
              ldap2-setup.sh \
              389ds-setup.sh \
+            samba-setup.sh \
              redis-setup.sh; do
  
              script="./scripts/ci/$i"
diff --git a/scripts/ci/samba-setup.sh b/scripts/ci/samba-setup.sh

new file mode 100755 (executable)

index 0000000..dd43926
--- /dev/null
+++ b/scripts/ci/samba-setup.sh
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+# Remove previous samba config and stop all services
+sudo systemctl stop smbd
+sudo systemctl disable smbd
+sudo systemctl mask smbd
+
+sudo systemctl stop nmbd
+sudo systemctl disable nmbd
+sudo systemctl mask nmbd
+
+sudo rm /etc/samba/smb.conf
+
+# Enable the AD-DC samba service
+sudo systemctl unmask samba-ad-dc
+sudo systemctl enable samba-ad-dc
+sudo systemctl stop samba-ad-dc
+
+# Remove other samba data
+for DIR in $(/usr/sbin/smbd -b | awk '/LOCKDIR|STATEDIR|CACHEDIR|PRIVATE_DIR/{print $2}'); do
+       sudo rm -rf "$DIR"/*
+done
+
+sudo rm -f /etc/krb5.conf
+
+# Configure the domain
+sudo /usr/bin/samba-tool domain provision \
+       --realm="example.com" \
+       --domain="EXAMPLE" \
+       --adminpass="secret123!" \
+       --use-rfc2307 \
+       --server-role=dc \
+       --dns-backend=SAMBA_INTERNAL
+
+sudo cp /var/lib/samba/private/krb5.conf /etc
+
+# Sort resolver
+if ! grep -q "nameserver 127.0.0.1" /etc/resolv.conf; then
+       sudo mv /etc/resolv.conf /etc/resolv.conf.tmp
+       echo "search example.com" | sudo tee /etc/resolv.conf
+       echo "nameserver 127.0.0.1" | sudo tee -a /etc/resolv.conf
+       grep "^nameserver" /etc/resolv.conf.tmp | sudo tee -a /etc/resolv.conf
+fi
+
+# Allow non TLS LDAP connections to Samba
+sudo sed -i 's/\[global\]/\[global\]\n\tldap server require strong auth = no/' /etc/samba/smb.conf
+
+# Start the domain controller
+sudo systemctl start samba-ad-dc
author	Nick Porter <nick@portercomputing.co.uk>
	Fri, 19 Aug 2022 15:41:37 +0000 (16:41 +0100)
committer	Nick Porter <nick@portercomputing.co.uk>
	Tue, 30 Aug 2022 12:51:35 +0000 (13:51 +0100)
.github/workflows/ci.yml		patch \| blob \| blame \| history
scripts/ci/samba-setup.sh	[new file with mode: 0755]	patch \| blob