diff options
author | Nicolas Vigier <boklm@mars-attacks.org> | 2013-06-23 19:42:17 +0200 |
---|---|---|
committer | Nicolas Vigier <boklm@mars-attacks.org> | 2013-06-23 19:42:17 +0200 |
commit | c781ddb2f56d944347c2eb5f76256bcc0acae4dd (patch) | |
tree | a6425e7bf56c32e999f343cc03bbb3b7acb0111b | |
parent | 2117492523aa7cc5dae81c4d675de9b382855404 (diff) | |
download | mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar.gz mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar.bz2 mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.tar.xz mgagit-c781ddb2f56d944347c2eb5f76256bcc0acae4dd.zip |
Load users from ldap and save their ssh keys in keydir
-rw-r--r-- | config_default | 3 | ||||
-rw-r--r-- | lib/MGA/Git.pm | 44 | ||||
-rwxr-xr-x | mgagit | 2 |
3 files changed, 49 insertions, 0 deletions
diff --git a/config_default b/config_default index d28ae4a..946ec81 100644 --- a/config_default +++ b/config_default @@ -4,8 +4,11 @@ binddn: uid=mgagit,ou=People,dc=mageia,dc=org bindpwfile: /etc/mgagit.secret groupbase: ou=Group,dc=mageia,dc=org groupfilter: '(objectClass=groupOfNames)' +userbase: ou=People,dc=mageia,dc=org +userfilter: '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)(objectClass=ldapPublicKey))' uid_username_re: '^uid=(.+),ou=People,dc=mageia,dc=org$' group_re: '^cn=(.+),ou=Group,dc=mageia,dc=org$' +pubkey_dir: /var/lib/git/.gitolite/keydir tmpl_dir: /usr/share/mgagit/tmpl gitolite_config: /var/lib/git/.gitolite/conf/gitolite.conf repos_config: diff --git a/lib/MGA/Git.pm b/lib/MGA/Git.pm index 812ef58..378f00b 100644 --- a/lib/MGA/Git.pm +++ b/lib/MGA/Git.pm @@ -78,6 +78,17 @@ sub load_groups { values %$res; } +sub load_users { + my ($r) = @_; + my $ldap = get_ldap; + my $m = $ldap->search( + base => $config->{userbase}, + filter => $config->{userfilter}, + ); + my @users = grep { $_->{sshpublickey} } values %{$m->as_struct}; + @{$r->{users}}{map { $_->{uid}[0] } @users} = map { $_->{sshpublickey} } @users; +} + sub get_tmpl { my ($name, $ext) = @_; state %tmpl; @@ -125,6 +136,39 @@ sub gitolite_config { return join("\n", @groups, @repos); } +sub update_gitolite_keydir { + my ($r) = @_; + opendir(my $dh, $config->{pubkey_dir}) + || die "Error opening $config->{include_dir}: $!"; + my @files = grep { ! m/^\./ } readdir($dh); + closedir $dh; + my %users_old; + @users_old{@files} = map { read_file("$config->{pubkey_dir}/$_") } @files; + my %users_new; + foreach my $u (keys %{$r->{users}}) { + my $i = 0; + foreach my $key (@{$r->{users}{$u}}) { + next unless $key; + $users_new{"$u\@$i.pub"} = $key; + $i++; + } + } + foreach my $file (keys %users_old) { + if (!$users_new{$file}) { + print "Removing $file\n"; + unlink "$config->{pubkey_dir}/$file"; + $r->{keydir_changed} = 1; + } + } + foreach my $file (keys %users_new) { + if (!$users_old{$file} || chomp $users_old{$file} ne chomp $users_new{$file}) { + print "Writing $file\n"; + write_file("$config->{pubkey_dir}/$file", $users_new{$file}); + $r->{keydir_changed} = 1; + } + } +} + sub update_gitolite_config { my ($r) = @_; my $oldconf = -f $config->{gitolite_config} @@ -71,6 +71,8 @@ sub glrun { my %r; MGA::Git::load_gitrepos(\%r); MGA::Git::load_groups(\%r); + MGA::Git::load_users(\%r); + MGA::Git::update_gitolite_keydir(\%r); MGA::Git::update_gitolite_config(\%r); } |