aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNicolas Vigier <boklm@mars-attacks.org>2013-06-23 19:42:17 +0200
committerNicolas Vigier <boklm@mars-attacks.org>2013-06-23 19:42:17 +0200
commitc781ddb2f56d944347c2eb5f76256bcc0acae4dd (patch)
treea6425e7bf56c32e999f343cc03bbb3b7acb0111b
parent2117492523aa7cc5dae81c4d675de9b382855404 (diff)
downloadmgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar
mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar.gz
mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar.bz2
mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar.xz
mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.zip
Load users from ldap and save their ssh keys in keydir
-rw-r--r--config_default3
-rw-r--r--lib/MGA/Git.pm44
-rwxr-xr-xmgagit2
3 files changed, 49 insertions, 0 deletions
diff --git a/config_default b/config_default
index d28ae4a..946ec81 100644
--- a/config_default
+++ b/config_default
@@ -4,8 +4,11 @@ binddn: uid=mgagit,ou=People,dc=mageia,dc=org
bindpwfile: /etc/mgagit.secret
groupbase: ou=Group,dc=mageia,dc=org
groupfilter: '(objectClass=groupOfNames)'
+userbase: ou=People,dc=mageia,dc=org
+userfilter: '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)(objectClass=ldapPublicKey))'
uid_username_re: '^uid=(.+),ou=People,dc=mageia,dc=org$'
group_re: '^cn=(.+),ou=Group,dc=mageia,dc=org$'
+pubkey_dir: /var/lib/git/.gitolite/keydir
tmpl_dir: /usr/share/mgagit/tmpl
gitolite_config: /var/lib/git/.gitolite/conf/gitolite.conf
repos_config:
diff --git a/lib/MGA/Git.pm b/lib/MGA/Git.pm
index 812ef58..378f00b 100644
--- a/lib/MGA/Git.pm
+++ b/lib/MGA/Git.pm
@@ -78,6 +78,17 @@ sub load_groups {
values %$res;
}
+sub load_users {
+ my ($r) = @_;
+ my $ldap = get_ldap;
+ my $m = $ldap->search(
+ base => $config->{userbase},
+ filter => $config->{userfilter},
+ );
+ my @users = grep { $_->{sshpublickey} } values %{$m->as_struct};
+ @{$r->{users}}{map { $_->{uid}[0] } @users} = map { $_->{sshpublickey} } @users;
+}
+
sub get_tmpl {
my ($name, $ext) = @_;
state %tmpl;
@@ -125,6 +136,39 @@ sub gitolite_config {
return join("\n", @groups, @repos);
}
+sub update_gitolite_keydir {
+ my ($r) = @_;
+ opendir(my $dh, $config->{pubkey_dir})
+ || die "Error opening $config->{include_dir}: $!";
+ my @files = grep { ! m/^\./ } readdir($dh);
+ closedir $dh;
+ my %users_old;
+ @users_old{@files} = map { read_file("$config->{pubkey_dir}/$_") } @files;
+ my %users_new;
+ foreach my $u (keys %{$r->{users}}) {
+ my $i = 0;
+ foreach my $key (@{$r->{users}{$u}}) {
+ next unless $key;
+ $users_new{"$u\@$i.pub"} = $key;
+ $i++;
+ }
+ }
+ foreach my $file (keys %users_old) {
+ if (!$users_new{$file}) {
+ print "Removing $file\n";
+ unlink "$config->{pubkey_dir}/$file";
+ $r->{keydir_changed} = 1;
+ }
+ }
+ foreach my $file (keys %users_new) {
+ if (!$users_old{$file} || chomp $users_old{$file} ne chomp $users_new{$file}) {
+ print "Writing $file\n";
+ write_file("$config->{pubkey_dir}/$file", $users_new{$file});
+ $r->{keydir_changed} = 1;
+ }
+ }
+}
+
sub update_gitolite_config {
my ($r) = @_;
my $oldconf = -f $config->{gitolite_config}
diff --git a/mgagit b/mgagit
index 9b8da85..3d94524 100755
--- a/mgagit
+++ b/mgagit
@@ -71,6 +71,8 @@ sub glrun {
my %r;
MGA::Git::load_gitrepos(\%r);
MGA::Git::load_groups(\%r);
+ MGA::Git::load_users(\%r);
+ MGA::Git::update_gitolite_keydir(\%r);
MGA::Git::update_gitolite_config(\%r);
}