def configureNest(cfgScript):
main = cfgScript.getMain()
nest = main.serviceNest()
repoPath = nest.getCentralRepoPath()
info("Installing 'Mercurial'...")
info("Creating the '" + repoPath + "' repository...")
mymakedirs(repoPath)
runCmd('groupadd', NEST_RW_GROUP)
info("Added the '" + NEST_RW_GROUP + "' group.")
runCmd('usermod', '-a', '-G', NEST_RW_GROUP, 'matej')
info("Added the user 'matej' to the '" + NEST_RW_GROUP + "' group.")
runCmd('chown', '-R', 'root:root', repoPath)
runCmd('setfacl', '-b', repoPath)
runCmd('setfacl', '-R', '-m', 'd:u::rwx,d:g::rwx,d:o:0,d:m:rwx,m:rwx,d:u:apache:rx,d:g:apache:rx,d:u:root:rwx,d:g:root:rwx,d:g:' + NEST_RW_GROUP + ':rwx,u:apache:rx,g:apache:rx,g:' + NEST_RW_GROUP + ':rwx', repoPath)
info("Configured Nest access rights.")
createLink([ main.dirNastavitve(), 'Mercurial/Server Configuration/BackupHgRepos.sh' ], CRON_WEEKLY_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0550, 'root', 'root')
createLink([ main.dirNastavitve(), 'Mercurial/Server Configuration/hgrc' ], MERCURIAL_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0444, 'root', 'root')
restoreconR(MERCURIAL_ETC_DIR)
restoreconR(CRON_WEEKLY_DIR)
info('Installed the global Mercurial configuration file and configured the repository backup creation script.')
def setupWebDAVCalendar(cfgScript):
createLink([dirEtcHttpdConfd(cfgScript), 'mycalendar.conf'], HTTPD_CONFD_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
chprops(join(srvDirMaco(), '.htpasswd.calendars'), 0440, 'apache', 'apache')
mymakedirs(srvDirCalendars())
runCmd('chown', '-R', 'apache:apache', srvDirCalendars())
setupMacoPolicy(cfgScript)
info('Configured WebDAV on HTTPD for calendars.')
def setupSvn(cfgScript):
runCmd('chown', '-R', 'apache:apache', srvDirSvn())
setupMySvnPolicy(cfgScript)
createLink([dirSvn(cfgScript), 'SVNBackup'], CRON_WEEKLY_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0550, 'root', 'root')
restoreconR(CRON_WEEKLY_DIR)
info('Installed the weekly SVN backup cron script.')
restoreconR(srvDirSvn())
info('Configured the SVN repository.')
def setupDovecot(cfgScript):
installUrbasPrivateKey(cfgScript, 'mail.urbas.si.20110122.key.pem', 'mail.urbas.si.key.pem')
installUrbasCert(cfgScript, 'mail.urbas.si.20110122.cert.pem', 'mail.urbas.si.cert.pem')
createLink([dirDovecotConf(cfgScript), 'dovecot.conf'], DOVECOT_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirDovecotConfD(cfgScript), '10-auth.conf'], DOVECOT_CONFD_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirDovecotConfD(cfgScript), '10-mail.conf'], DOVECOT_CONFD_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirDovecotConfD(cfgScript), '10-master.conf'], DOVECOT_CONFD_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirDovecotConfD(cfgScript), '10-ssl.conf'], DOVECOT_CONFD_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
def setupPostfix(cfgScript):
installUrbasPrivateKey(cfgScript, 'smtp.urbas.si.20110122.key.pem', 'smtp.urbas.si.key.pem')
installUrbasCert(cfgScript, 'smtp.urbas.si.20110122.cert.pem', 'smtp.urbas.si.cert.pem')
createLink([dirPostfix(cfgScript), 'main.cf'], POSTFIX_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirPostfix(cfgScript), 'master.cf'], POSTFIX_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirPostfix(cfgScript), 'sasl', 'smtpd.conf'], [POSTFIX_ETC_DIR, 'sasl'], UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirPostfix(cfgScript), 'aliases'], ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
# restorecon(join(ETC_DIR, 'aliases'))
srcAliases = join(dirPostfix(cfgScript), 'aliases')
runCmd('postalias', 'hash:' + srcAliases)
aliases = join(ETC_DIR, 'aliases.db')
if exists(aliases):
remove(aliases)
move(join(dirPostfix(cfgScript), 'aliases.db'), aliases)
chprops(aliases, 0644, 'root', 'smmsp')
# restorecon(aliases)
runCmd('newaliases')
runCmd('postmap', 'hash:' + join(dirPostfix(cfgScript), 'local_recipient_table'))
try:
remove(join(POSTFIX_ETC_DIR, 'local_recipient_table.db'))
except Exception as ex:
info("Could not remove '" + join(POSTFIX_ETC_DIR, 'local_recipient_table.db') + "'.");
move(join(dirPostfix(cfgScript), 'local_recipient_table.db'), POSTFIX_ETC_DIR)
chprops(join(POSTFIX_ETC_DIR, 'local_recipient_table.db'), 0644, 'root', 'root')
def installUrbasCert(cfgScript, certName, destName = None):
"""
Installs the given 'urbas.si' certificate into the '/etc/pki/tls/certs'
folder.
@param cfgScript The context object (provides us with the path to the
private keys and the tool for decrypting private keys).
@param certName The name of the certificate to install.
"""
if destName is None:
destPath = join(CERTS_DIR, certName)
else:
destPath = join(CERTS_DIR, destName)
createLink([dirCertifikatiUrbasSi(cfgScript), 'public', certName], destPath, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0444, 'root', 'root')
# restorecon(destPath)
info("Installed certificate '" + destPath + "'.")
def initPgSql(cfgScript):
# runCmd("service", PGSQL_SERVICE_NAME, 'initdb') # Doesn't seem to be working in F16 anymore
# @type main Main
main = cfgScript.getMain()
createLink([main.dirNastavitve(), PGSQL_NASTAVITVE_MACO_DIR, PGSQL_HBA_FILE], PGSQL_DATA_DIR, UTILS_CREATE_LINK_HARD_LINK, PGSQL_CONF_FILE_MODE, PGSQL_SERVICE_USER, PGSQL_SERVICE_GROUP)
createLink([main.dirNastavitve(), PGSQL_NASTAVITVE_MACO_DIR, PGSQL_IDENT_FILE], PGSQL_DATA_DIR, UTILS_CREATE_LINK_HARD_LINK, PGSQL_CONF_FILE_MODE, PGSQL_SERVICE_USER, PGSQL_SERVICE_GROUP)
createLink([main.dirNastavitve(), PGSQL_NASTAVITVE_MACO_DIR, PGSQL_MAIN_CONF_FILE], PGSQL_DATA_DIR, UTILS_CREATE_LINK_HARD_LINK, PGSQL_CONF_FILE_MODE, PGSQL_SERVICE_USER, PGSQL_SERVICE_GROUP)
def setupCalendarBackup(cfgScript):
createLink([ dirCronDaily(cfgScript), 'BackupMyCalendars.sh' ], CRON_DAILY_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0550, 'root', 'root')
info('Installed the daily calendar backup cron script.')
def setupGit(cfgScript):
main = cfgScript.getMain()
createLink([ main.dirNastavitve(), 'Git/Maco/BackupGitRepos.sh' ], CRON_WEEKLY_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0550, 'root', 'root')
info('Installed the weekly GIT backup cron script.')
def setupSsh(cfgScript):
createLink([ dirSsh(cfgScript), 'sshd_config' ], SSH_DIR, UTILS_CREATE_LINK_HARD_LINK, 0600)
restoreconR(SSH_DIR)
def setupDesktopNetworking(cfgScript):
createLink([ dirNetworkScripts(cfgScript), 'ifcfg-p34p1.home_desktop' ], [NET_SCRIPTS_DIR, 'ifcfg-p34p1'], UTILS_CREATE_LINK_HARD_LINK, 0644)
def setupNetworking(cfgScript):
mymakedirs(NET_SCRIPTS_DIR)
createLink([ dirNetworkScripts(cfgScript), 'ifcfg-p33p1' ], NET_SCRIPTS_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644)
createLink([ dirSysconfig(cfgScript), 'iptables' ], SYSCONFIG_DIR, UTILS_CREATE_LINK_HARD_LINK, 0600)
createLink([ dirSysconfig(cfgScript), 'system-config-firewall' ], SYSCONFIG_DIR, UTILS_CREATE_LINK_HARD_LINK, 0600)
restoreconR(SYSCONFIG_DIR)
def installHomePage(cfgScript):
createLink([dirHttpd(cfgScript), 'index.html'], WWW_HTML_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0444, 'apache', 'apache')
restoreconR(WWW_HTML_DIR)
def setupBind(cfgScript):
createLink([dirBindConf(cfgScript), 'named.conf.default-zones'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK, 0640, 'root', 'bind')
createLink([dirBindConf(cfgScript), 'named.conf.options'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK, 0640, 'root', 'bind')
createLink([dirBindConf(cfgScript), 'named.conf.local'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK, 0640, 'root', 'bind')
createLink([dirBindConf(cfgScript), '90.157.141.db'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
createLink([dirBindConf(cfgScript), 'urbas.si.db'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
createLink([dirBindConf(cfgScript), 'stanujem.si.db'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
createLink([dirBindConf(cfgScript), 'stanuj.si.db'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
createLink([dirBindConf(cfgScript), 'banda.si.db'], NAMED_CONF_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
#createLink([dirBindSlaves(cfgScript), 'vcsweb.com.db'], NAMED_SLAVES_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'named', 'named')
info('Configured BIND (domain name system server).')
def installHttpdCerts(cfgScript):
createLink([dirCertifikatiStartSsl(cfgScript), 'urbas.si.20130108.cert.pem'], [CERTS_DIR, 'httpd.urbas.si.cert.pem'], UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0444, 'root', 'root')
createLink([dirCertifikatiStartSsl(cfgScript), 'sub.class1.server.ca.pem'], CERTS_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0440, 'root', 'root')
installPrivateKey(cfgScript, [dirCertifikatiStartSsl(cfgScript), 'urbas.si.20130108.key.pem'], 'httpd.urbas.si.key.pem')
info('Installed the HTTPD SSL certificates and keys.')