Commit 02fb3d96 authored by Clément OUDOT's avatar Clément OUDOT
Browse files

LEMONLDAP::NG : brand new WebSSO example installation

parent 7baf8c6b
#!/usr/bin/make
# Example CHROOT
EXAMPLECHROOT=`pwd`/example/
# Subfolders
SYSTEMCONFDIR=$(EXAMPLECHROOT)etc/lemonldap-ng/
SCRIPTSDIR=$(EXAMPLECHROOT)var/lib/lemonldap-ng/
# DNS Domain for cookie and virtual hosts
DNSDOMAIN="example.com"
# LDAP parameters
LDAPHOST="localhost"
LDAPPORT="389"
LDAPSUFFIX="dc=example,dc=com"
# Other
VERSION=`head -n1 changelog |sed -e 's/lemonldap-ng (//' -e 's/).*$$//'`
HANDLERDIR=lemonldap-ng-handler
PORTALDIR=lemonldap-ng-portal
MANAGERDIR=lemonldap-ng-manager
EXAMPLEDIRBUILD=`pwd`/example/
EXAMPLEDIR=$(EXAMPLEDIRBUILD)
EXAMPLECONFDIR=$(EXAMPLEDIR)conf/
EXAMPLELASPDIR=$(EXAMPLEDIR)liberty-alliance-sp-portal/
EXAMPLELASPDIRBUILD=$(EXAMPLELASPDIR)
EXAMPLELANG=en
EXAMPLEPORTALDIRBUILD=$(EXAMPLEDIRBUILD)portal/
EXAMPLEHANDLERDIRBUILD=$(EXAMPLEDIRBUILD)handler/
EXAMPLEMANAGERDIRBUILD=$(EXAMPLEDIRBUILD)manager/
EXAMPLEPORTALDIR=$(EXAMPLEDIR)portal/
EXAMPLEHANDLERDIR=$(EXAMPLEDIR)handler/
EXAMPLEMANAGERDIR=$(EXAMPLEDIR)manager/
SRCHANDLERDIR=lemonldap-ng-handler
SRCPORTALDIR=lemonldap-ng-portal
SRCMANAGERDIR=lemonldap-ng-manager
EXAMPLELANG=en # For static Manager only
DESTFILECONFDIR=$(SCRIPTSDIR)conf/
DESTSESSIONDIR=$(SCRIPTSDIR)sessions/
DESTLASPDIR=$(SCRIPTSDIR)liberty-alliance-sp-portal
DESTPORTALDIR=$(SCRIPTSDIR)portal/
DESTHANDLERDIR=$(SCRIPTSDIR)handler/
DESTMANAGERDIR=$(SCRIPTSDIR)manager/
DESTDOCSDIR=$(SCRIPTSDIR)docs/
all: handler manager portal
handler: handler_conf
$(MAKE) -C ${HANDLERDIR}
touch handler
@$(MAKE) -C ${SRCHANDLERDIR}
@touch .handler
portal: portal_conf
$(MAKE) -C ${PORTALDIR}
touch portal
@$(MAKE) -C ${SRCPORTALDIR}
@touch .portal
manager: manager_conf
$(MAKE) -C ${MANAGERDIR}
touch manager
@$(MAKE) -C ${SRCMANAGERDIR}
@touch .manager
configure: handler_conf portal_conf manager_conf
handler_conf:
cd ${HANDLERDIR}; perl Makefile.PL INSTALLDIRS=$(INSTALLDIRS)
touch handler_conf
@cd ${SRCHANDLERDIR}; perl Makefile.PL
@touch .handler_conf
portal_conf:
cd ${PORTALDIR}; perl Makefile.PL INSTALLDIRS=$(INSTALLDIRS)
touch portal_conf
@cd ${SRCPORTALDIR}; perl Makefile.PL
@touch .portal_conf
manager_conf:
cd ${MANAGERDIR}; perl Makefile.PL INSTALLDIRS=$(INSTALLDIRS)
touch manager_conf
@cd ${SRCMANAGERDIR}; perl Makefile.PL
@touch .manager_conf
test: manager handler portal manager_test handler_test portal_test
manager_test: manager
$(MAKE) -C ${MANAGERDIR} test
@$(MAKE) -C ${SRCMANAGERDIR} test
handler_test: handler
$(MAKE) -C ${HANDLERDIR} test INST_ARCHLIB=../${MANAGERDIR}/blib/lib/
@$(MAKE) -C ${SRCHANDLERDIR} test INST_ARCHLIB=../${SRCMANAGERDIR}/blib/lib/
portal_test: portal
$(MAKE) -C ${PORTALDIR} test INST_ARCHLIB=../${MANAGERDIR}/blib/lib/
@$(MAKE) -C ${SRCPORTALDIR} test INST_ARCHLIB=../${SRCMANAGERDIR}/blib/lib/
install: handler_install portal_install manager_install
handler_install: handler
$(MAKE) -C ${HANDLERDIR} install
touch handler_install
@$(MAKE) -C ${SRCHANDLERDIR} install
@touch .handler_install
portal_install: portal
$(MAKE) -C ${PORTALDIR} install
touch portal_install
@$(MAKE) -C ${SRCPORTALDIR} install
@touch .portal_install
manager_install: manager
$(MAKE) -C ${MANAGERDIR} install
touch manager_install
@$(MAKE) -C ${SRCMANAGERDIR} install
@touch .manager_install
distclean: clean
clean: handler_clean portal_clean manager_clean
rm -rf example
rm -vf *gz
@rm -rf ${SYSTEMCONFDIR}
@rm -rf ${SCRIPTSDIR}
@rm -vf *gz
handler_clean:
- $(MAKE) -C ${HANDLERDIR} distclean
rm -vf handler*
- $(MAKE) -C ${SRCHANDLERDIR} distclean
@rm -vf .handler*
portal_clean:
- $(MAKE) -C ${PORTALDIR} distclean
rm -vf portal*
- $(MAKE) -C ${SRCPORTALDIR} distclean
@rm -vf .portal*
manager_clean:
- $(MAKE) -C ${MANAGERDIR} distclean
rm -vf manager*
- $(MAKE) -C ${SRCMANAGERDIR} distclean
@rm -vf .manager*
example: all
mkdir -p ${EXAMPLEDIRBUILD}/portal ${EXAMPLEDIRBUILD}/manager ${EXAMPLEDIRBUILD}/handler ${EXAMPLEDIRBUILD}/conf
chmod 1777 ${EXAMPLEDIRBUILD}/conf
cp -a ${HANDLERDIR}/example/* ${EXAMPLEHANDLERDIRBUILD}
cp -a ${PORTALDIR}/example/* ${EXAMPLEPORTALDIRBUILD}
#perl -l -e '$$a="${EXAMPLELASPDIRBUILD}";$$a=~s#/$$##;print $$a;'
#perl -l -e '$$ARGV[0]=~s#/$$##;print $$ARGV[0];' ${EXAMPLELASPDIRBUILD}
mv ${EXAMPLEDIRBUILD}/portal/AuthLA $$(echo ${EXAMPLELASPDIRBUILD}|sed -e 's/\/$$//')
cp -a ${MANAGERDIR}/example/* ${EXAMPLEMANAGERDIRBUILD}
cp -a _example/* ${EXAMPLEDIRBUILD}
find ${EXAMPLELASPDIRBUILD} -type f -exec perl -i -pe 's#__DIR__/?#'${EXAMPLELASPDIR}'#g;s#__CONFDIR__/?#'${EXAMPLECONFDIR}'#g;s#__SKINDIR__/?#'${EXAMPLEPORTALDIR}'skins/#g;s#__PORTALDIR__/?#'${EXAMPLEPORTALDIR}'/#g;' {} \;
find ${EXAMPLEDIRBUILD} -type f -exec perl -i -pe 's#__DIR__/?#'${EXAMPLEDIR}'#g;s#__CONFDIR__/?#'${EXAMPLECONFDIR}'#g;s#__SKINDIR__/?#'${EXAMPLEPORTALDIR}'skins/#g;s#__PORTALDIR__/?#'${EXAMPLEPORTALDIR}'/#g;' {} \;
@mkdir -p ${DESTFILECONFDIR} ${DESTPORTALDIR} ${DESTHANDLERDIR} ${DESTMANAGERDIR} ${SYSTEMCONFDIR} ${DESTDOCSDIR} ${DESTSESSIONDIR}
@cp -a ${SRCHANDLERDIR}/example/* ${DESTHANDLERDIR}
@cp -a ${SRCPORTALDIR}/example/* ${DESTPORTALDIR}
@rm -rf ${DESTLASPDIR}
@mv ${DESTPORTALDIR}AuthLA $$(echo ${DESTLASPDIR} | sed -e 's/\/$$//')
@cp -a ${SRCMANAGERDIR}/example/* ${DESTMANAGERDIR}
@cp -a _example/etc/lemonldap-ng/* ${SYSTEMCONFDIR}
@cp -a _example/var/lib/lemonldap-ng/* ${SCRIPTSDIR}
@cp -a doc/* ${DESTDOCSDIR}
@find ${DESTLASPDIR} -type f -exec perl -i -pe 's#__DIR__/?#'${DESTLASPDIR}'#g;s#__CONFDIR__/?#'${DESTFILECONFDIR}'#g' {} \;
@find ${SCRIPTSDIR} -type f -exec perl -i -pe 's#__DIR__/?#'${SCRIPTSDIR}'#g;s#__CONFDIR__/?#'${DESTFILECONFDIR}'#g;s#__SESSIONDIR__/?#'${DESTSESSIONDIR}'#g;s#__DNSDOMAIN__#'${DNSDOMAIN}'#g;s#__LDAPHOST__#'${LDAPHOST}'#g;s#__LDAPPORT__#'${LDAPPORT}'#g;s#__LDAPSUFFIX__#'${LDAPSUFFIX}'#g;' {} \;
@find ${SYSTEMCONFDIR} -type f -exec perl -i -pe 's#__DIR__/?#'${SCRIPTSDIR}'#g;s#__DNSDOMAIN__#'${DNSDOMAIN}'#g;' {} \;
@echo
@echo "Example is ready."
@echo "LemonLDAP::NG example v${VERSION} is installed with these parameters:"
@echo " - System configuration: ${SYSTEMCONFDIR}"
@echo " - Scripts: ${SCRIPTSDIR}"
@echo " - LemonLDAP::NG Configuration: ${DESTFILECONFDIR}"
@echo " - DNS domain (for cookies and virtual hosts): ${DNSDOMAIN}"
@echo " - LDAP parameters:"
@echo " - Host: ${LDAPHOST}"
@echo " - Port: ${LDAPPORT}"
@echo " - Suffix: ${LDAPSUFFIX}"
@echo
@echo "To finish configuration:"
@echo
@echo "1 - Add this in your Apache configuration file:"
@echo " with Apache-1.3.x"
@echo
@echo " include ${EXAMPLEDIR}apache.conf"
@echo
@echo " include ${SYSTEMCONFDIR}apache.conf"
@echo " or with Apache-2.x:"
@echo " include ${SYSTEMCONFDIR}apache2.conf"
@echo
@echo " include ${EXAMPLEDIR}apache2.conf"
@echo
@echo "2 - Add test.example.com and auth.example.com in your /etc/hosts or"
@echo " modify apache.conf to use NameVirtualHost, different port or"
@echo " address;"
@echo
@echo " cat ${EXAMPLEDIRBUILD}/for_etc_hosts >> /etc/hosts"
@echo "2 - Run 'make postconf' as root to update /etc/hosts and set UNIX rights"
@echo
@echo "3 - Use the manager at http://manager.example.com/ (after apache restart)"
@echo " or edit ${EXAMPLEDIR}/conf/lmConf-1 and set ldapServer and ldapBase."
@echo "3 - Use the manager at http://manager.${DNSDOMAIN}/ (after Apache restart) or edit ${DESTFILECONFDIR}lmConf-1 to modify LemonLDAP::NG configuration."
@echo " Edit ${DESTPORTALDIR}apps/apps-list.xml to modify the menu."
@echo
@echo "4 - Restart Apache (or Apache2)"
@echo
@echo "5 - Try to connect to http://test.example.com/"
@echo "5 - Try to connect to http://test1.${DNSDOMAIN}/ or http://test2.${DNSDOMAIN}/"
postconf_hosts:
@cat ${SYSTEMCONFDIR}for_etc_hosts >> /etc/hosts
@echo "/etc/hosts was updated"
postconf_unixrights:
@chmod 1777 ${DESTFILECONFDIR}
@chmod 1777 ${DESTSESSIONDIR}
@echo "UNIX files permissions set"
postconf: postconf_hosts postconf_unixrights
@echo "Post configuration done"
production_preconf:
# TODO: modify EXAMPLECHROOT and set it to /
# TODO: ask parameters value (like DNSDOMAIN, LDAPHOST, etc.)
production_install: production_preconf example
uninstall: configure handler_uninstall portal_uninstall manager_uninstall
handler_uninstall: handler
$(MAKE) -C ${HANDLERDIR} uninstall
rm -vf handler_uninstall
@$(MAKE) -C ${SRCHANDLERDIR} uninstall
@rm -vf .handler_uninstall
portal_uninstall: portal
$(MAKE) -C ${PORTALDIR} uninstall
rm -vf portal_uninstall
@$(MAKE) -C ${SRCPORTALDIR} uninstall
@rm -vf .portal_uninstall
manager_uninstall: manager
$(MAKE) -C ${MANAGERDIR} uninstall
rm -vf manager_uninstall
@$(MAKE) -C ${SRCMANAGERDIR} uninstall
@rm -vf .manager_uninstall
dist: clean
- $(MAKE) clean
mkdir -p lemonldap-ng-$(VERSION)
- cp -pR lemonldap-ng-manager/ lemonldap-ng-portal/ lemonldap-ng-handler/ * lemonldap-ng-$(VERSION)
- dir=lemonldap-ng-$(VERSION); find $$dir -name .svn -exec rm -rf {} \; 2>/dev/null
rm -rf lemonldap-ng-$(VERSION)/lemonldap-ng-$(VERSION)
tar czf lemonldap-ng-$(VERSION).tar.gz lemonldap-ng-$(VERSION)
rm -rf lemonldap-ng-$(VERSION)
@- $(MAKE) clean
@mkdir -p lemonldap-ng-$(VERSION)
@- cp -pR lemonldap-ng-manager/ lemonldap-ng-portal/ lemonldap-ng-handler/ * lemonldap-ng-$(VERSION)
@- dir=lemonldap-ng-$(VERSION); find $$dir -name .svn -exec rm -rf {} \; 2>/dev/null
@rm -rf lemonldap-ng-$(VERSION)/lemonldap-ng-$(VERSION)
@tar czf lemonldap-ng-$(VERSION).tar.gz lemonldap-ng-$(VERSION)
@rm -rf lemonldap-ng-$(VERSION)
debian-dist: dist
mv lemonldap-ng-$(VERSION).tar.gz lemonldap-ng_$(VERSION).orig.tar.gz
@mv lemonldap-ng-$(VERSION).tar.gz lemonldap-ng_$(VERSION).orig.tar.gz
cpan: clean configure handler_cpan portal_cpan manager_cpan
handler_cpan: handler_conf
$(MAKE) -C ${HANDLERDIR} dist
mv ${HANDLERDIR}/Lemonldap*.gz .
@$(MAKE) -C ${SRCHANDLERDIR} dist
@mv ${SRCHANDLERDIR}/Lemonldap*.gz .
portal_cpan: portal_conf
$(MAKE) -C ${PORTALDIR} dist
mv ${PORTALDIR}/Lemonldap*.gz .
@$(MAKE) -C ${SRCPORTALDIR} dist
@mv ${SRCPORTALDIR}/Lemonldap*.gz .
manager_cpan: manager_conf
$(MAKE) -C ${MANAGERDIR} dist
mv ${MANAGERDIR}/Lemonldap*.gz .
@$(MAKE) -C ${SRCMANAGERDIR} dist
@mv ${SRCMANAGERDIR}/Lemonldap*.gz .
static_example: example
mkdir -p ${EXAMPLEDIRBUILD}/static
cd ${EXAMPLEDIRBUILD}/static/;cp -a ../manager/{imgs,theme} .;cd -
scripts/make_static_example.pl ${EXAMPLEDIRBUILD}/manager/index.pl ${EXAMPLEDIRBUILD}/static/index.html $(EXAMPLELANG)
@mkdir -p ${SCRIPTSDIR}static/
@cd ${SCRIPTSDIR}static/;cp -a ../manager/{imgs,theme} .;cd -
@../scripts/make_static_example.pl ${DESTMANAGERDIR}index.pl ${SCRIPTSDIR}static/index.html $(EXAMPLELANG)
documentation:
cd doc && ../scripts/doc.pl
@cd doc/ && ../scripts/doc.pl
......@@ -2,8 +2,6 @@ Lemonldap::NG TODO
------------------
TODO list for Lemonldap::NG development
- Priority: Normal Status: Planning Created: 2007\05\03 12-28-30
Modify example to use nameVirtualHost instead of 127.0.0.x adresses
- Priority: Low Status: In progress Created: 2007\05\03 10-41-36
Modify install to make a running example as debian install
- Priority: Low Status: Done Created: 2007\04\23 21-26-18 Done: 2007\10\24 10-17-47
......
include __DIR__/handler/lmH-apache.conf
#Listen 127.0.0.2:80
<VirtualHost 127.0.0.2:*>
ServerName auth.example.com
# DocumentRoot
DocumentRoot __DIR__/portal
<Directory __DIR__/portal>
Order allow,deny
Allow from all
Options +ExecCGI
</Directory>
# Portal and Manager must be interpreted by Perl
<Files *.pl>
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
</VirtualHost>
#Listen 127.0.0.4:80
<VirtualHost 127.0.0.4:*>
ServerName manager.example.com
# DocumentRoot
DocumentRoot __DIR__/manager
<Directory __DIR__/manager>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# Portal and Manager must be interpreted by Perl
<Files *.pl>
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
</VirtualHost>
include __DIR__/handler/lmH-apache2.conf
PerlOptions +GlobalRequest
#Listen 127.0.0.2:80
<VirtualHost 127.0.0.2:*>
ServerName auth.example.com
# DocumentRoot
DocumentRoot __DIR__/portal
<Directory __DIR__/portal>
Order allow,deny
Allow from all
Options +ExecCGI
</Directory>
# Portal and Manager must be interpreted by Perl
<Files *.pl>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
</VirtualHost>
#Listen 127.0.0.4:80
<VirtualHost 127.0.0.4:*>
ServerName manager.example.com
# DocumentRoot
DocumentRoot __DIR__/manager
<Directory __DIR__/manager>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# Portal and Manager must be interpreted by Perl
<Files *.pl>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
</VirtualHost>
NameVirtualHost *
# Perl environment
PerlRequire __DIR__/handler/MyHandler.pm
<Files ~ "\.(pl)$">
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/error.pl
ServerSignature Off
LogLevel warn
# Portal virtual host
<VirtualHost *>
ServerName auth.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __DIR__/portal/
<Directory __DIR__/portal/>
Order allow,deny
Allow from all
Options +ExecCGI
</Directory>
</VirtualHost>
# Manager virtual host
<VirtualHost *>
ServerName manager.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __DIR__/manager/
<Directory __DIR__/manager/>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# On-line documentation
Alias /docs/ __DIR__/docs/
<Directory __DIR__/docs/>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
# Application Test
<VirtualHost *>
ServerName test1.__DNSDOMAIN__
# SSO protection
PerlHeaderParserHandler My::Package
# DocumentRoot
DocumentRoot __DIR__/test/
<Directory __DIR__/test/>
Order deny,allow
Allow from all
Options +ExecCGI
</Directory>
# Configuration reload mechanism (only 1 per physical server is
# needed): choose your URL to avoid restarting Apache when
# configuration change
<Location /reload>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
PerlHeaderParserHandler My::Package->refresh
</Location>
# Uncomment this to activate status module
#<Location /status>
# Order deny,allow
# Deny from all
# Allow from 127.0.0.0/8
# PerlHeaderParserHandler My::Package->status
#</Location>
</VirtualHost>
<VirtualHost *>
ServerName test2.__DNSDOMAIN__
# SSO protection
PerlHeaderParserHandler My::Package
# DocumentRoot
DocumentRoot __DIR__/test/
<Directory __DIR__/test/>
Order deny,allow
Allow from all
Options +ExecCGI
</Directory>
# Configuration reload mechanism (only 1 per physical server is
# needed): choose your URL to avoid restarting Apache when
# configuration change
<Location /reload>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
PerlHeaderParserHandler My::Package->refresh
</Location>
# Uncomment this to activate status module
#<Location /status>
# Order deny,allow
# Deny from all
# Allow from 127.0.0.0/8
# PerlHeaderParserHandler My::Package->status
#</Location>
</VirtualHost>
NameVirtualHost *
# Perl environment
PerlRequire __DIR__/handler/MyHandler.pm
PerlOptions +GlobalRequest
<Files ~ "\.(pl)$">
SetHandler perl-script
PerlHandler ModPerl::Registry
PerlSendHeader On
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/error.pl
ServerSignature Off
LogLevel warn
# Portal virtual host
<VirtualHost *>
ServerName auth.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __DIR__/portal/
<Directory __DIR__/portal/>
Order allow,deny
Allow from all
Options +ExecCGI
</Directory>
</VirtualHost>
# Manager virtual host
<VirtualHost *>
ServerName manager.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __DIR__/manager/
<Directory __DIR__/manager/>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# On-line documentation
Alias /docs/ __DIR__/docs/
<Directory __DIR__/docs/>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
# Application Test
<VirtualHost *>
ServerName test1.__DNSDOMAIN__
# SSO protection
PerlHeaderParserHandler My::Package
# DocumentRoot
DocumentRoot __DIR__/test/
<Directory __DIR__/test/>
Order deny,allow
Allow from all
Options +ExecCGI
</Directory>
# Configuration reload mechanism (only 1 per physical server is