#!/bin/bash set -e # Pull in the mustache template library for bash source lib/mo if [ ! -f ./ldap.vars ]; then echo "ldap.vars file not found!" echo "Please copy ldap.vars.template to ldap.vars and edit it." exit 1 fi source ldap.vars export user_uid=`echo -n "${user_first_name:0:1}$user_last_name" | tr '[:upper:]' '[:lower:]'` export password_md5=`echo -n "$password" | openssl dgst -md5 -binary | openssl enc -base64` export ldpad_client_password_md5=`echo -n "$ldpad_client_password" | openssl dgst -md5 -binary | openssl enc -base64` export user_password_md5=`echo -n "$user_password" | openssl dgst -md5 -binary | openssl enc -base64` echo "slapd slapd/internal/adminpw string $password" | debconf-set-selections echo "slapd slapd/password1 string $password" | debconf-set-selections echo "slapd slapd/password2 string $password" | debconf-set-selections echo "slapd slapd/domain string $domain" | debconf-set-selections echo "slapd slapd/backend string MDB" | debconf-set-selections echo "slapd shared/organization string $org_name" | debconf-set-selections echo "slapd slapd/purge_database boolean true" | debconf-set-selections echo "slapd slapd/password_mismatchs string $password" | debconf-set-selections echo "slapd slapd/no_configuration boolean false" | debconf-set-selections echo "slapd slapd/allow_ldap_v2 string false" | debconf-set-selections echo "slapd slapd/dump_database string when needed" | debconf-set-selections echo "slapd slapd/move_old_database boolean true" | debconf-set-selections echo "slapd slapd/invalid_config boolean true" | debconf-set-selections apt install -y slapd ldap-utils echo '' > /etc/ldap/ldap.conf echo "BASE $ldap_base" >> /etc/ldap/ldap.conf echo "URI ldap://localhost" >> /etc/ldap/ldap.conf temp_populate_ldif=$(mktemp) populate_ldif_template="$(cat files/populate.ldif.template)" echo "$populate_ldif_template" | mo > "$temp_populate_ldif" ldapadd -Y EXTERNAL -H ldapi:/// -f files/sshkey.ldif ldapadd -Y EXTERNAL -H ldapi:/// -f files/sudo.ldif ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f files/add_index.ldif ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f files/logging.ldif ldapadd -Q -Y EXTERNAL -H ldapi:/// -f files/memberof_config.ldif ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f files/refint1.ldif ldapadd -Q -Y EXTERNAL -H ldapi:/// -f files/refint2.ldif ldapadd -x -D "cn=admin,$ldap_base" -w "$password" -H ldap:// -f "$temp_populate_ldif" apt install curl git redis-server -y curl -fsSL https://deb.nodesource.com/setup_14.x | sudo -E bash - apt update apt-get install -y nodejs git sso_conf_template="$(cat files/sso-manager.conf.template)" mkdir /var/www cd /var/www git clone https://github.com/theta42/sso-manager-node.git cd sso-manager-node/nodejs npm install echo "$sso_conf_template" | mo > "conf/secrets.js" wget -q https://raw.githubusercontent.com/theta42/sso-manager-node/master/ops/systemd/sso-manager.service -O /etc/systemd/system/sso-manger.service systemctl start sso-manger.service systemctl enable sso-manger.service