X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Finstall%2Fipsilon-server-install;h=ce78aba6a5361ad9a0940a2267f0984036cc3420;hp=4ae0c8f7c6e812a0aec4078b68834880908ad004;hb=aaed708431955d4cc01e82f003c9d35851073510;hpb=904898b83d90d3d7f83c574b27a79b98a23e3734

diff --git a/ipsilon/install/ipsilon-server-install b/ipsilon/install/ipsilon-server-install
index 4ae0c8f..ce78aba 100755
--- a/ipsilon/install/ipsilon-server-install
+++ b/ipsilon/install/ipsilon-server-install
@@ -19,7 +19,9 @@
 
 from ipsilon.login.common import LoginMgrsInstall
 from ipsilon.providers.common import ProvidersInstall
+from ipsilon.helpers.common import EnvHelpersInstall
 from ipsilon.util.data import Store
+from ipsilon.tools import files
 import argparse
 import cherrypy
 import logging
@@ -27,12 +29,14 @@ import os
 import pwd
 import shutil
 import socket
+import subprocess
 import sys
 import time
 
 
 TEMPLATES = '/usr/share/ipsilon/templates/install'
 CONFDIR = '/etc/ipsilon'
+DATADIR = '/var/lib/ipsilon'
 HTTPDCONFD = '/etc/httpd/conf.d'
 
 
@@ -76,19 +80,35 @@ def openlogs():
 def install(plugins, args):
     logger.info('Installation initiated')
     now = time.strftime("%Y%m%d%H%M%S", time.gmtime())
+    instance_conf = os.path.join(CONFDIR, args['instance'])
 
     logger.info('Installing default config files')
-    ipsilon_conf = os.path.join(CONFDIR, 'ipsilon.conf')
-    idp_conf = os.path.join(CONFDIR, 'idp.conf')
-    args['httpd_conf'] = os.path.join(HTTPDCONFD, 'idp.conf')
+    ipsilon_conf = os.path.join(instance_conf, 'ipsilon.conf')
+    idp_conf = os.path.join(instance_conf, 'idp.conf')
+    args['httpd_conf'] = os.path.join(HTTPDCONFD,
+                                      'ipsilon-%s.conf' % args['instance'])
+    args['data_dir'] = os.path.join(DATADIR, args['instance'])
     if os.path.exists(ipsilon_conf):
         shutil.move(ipsilon_conf, '%s.bakcup.%s' % (ipsilon_conf, now))
     if os.path.exists(idp_conf):
         shutil.move(idp_conf, '%s.backup.%s' % (idp_conf, now))
-    shutil.copy(os.path.join(TEMPLATES, 'ipsilon.conf'), CONFDIR)
-    shutil.copy(os.path.join(TEMPLATES, 'idp.conf'), CONFDIR)
+    if not os.path.exists(instance_conf):
+        os.makedirs(instance_conf, 0700)
+    confopts = {'instance': args['instance'], 'datadir': args['data_dir']}
+    files.write_from_template(ipsilon_conf,
+                              os.path.join(TEMPLATES, 'ipsilon.conf'),
+                              confopts)
+    files.write_from_template(idp_conf,
+                              os.path.join(TEMPLATES, 'idp.conf'),
+                              confopts)
     if not os.path.exists(args['httpd_conf']):
         os.symlink(idp_conf, args['httpd_conf'])
+    sessdir = os.path.join(args['data_dir'], 'sessions')
+    if not os.path.exists(sessdir):
+        os.makedirs(sessdir, 0700)
+    data_conf = os.path.join(args['data_dir'], 'ipsilon.conf')
+    if not os.path.exists(data_conf):
+        os.symlink(ipsilon_conf, data_conf)
     # Load the cherrypy config from the newly installed file so
     # that db paths and all is properly set before configuring
     # components
@@ -106,6 +126,11 @@ def install(plugins, args):
     db = Store()
     db.save_user_preferences(args['admin_user'], {'is_admin': 1})
 
+    logger.info('Configuring environment helpers')
+    for plugin_name in plugins['Environment Helpers']:
+        plugin = plugins['Environment Helpers'][plugin_name]
+        plugin.configure_server(args)
+
     logger.info('Configuring login managers')
     for plugin_name in args['lm_order']:
         plugin = plugins['Login Managers'][plugin_name]
@@ -116,6 +141,13 @@ def install(plugins, args):
         plugin = plugins['Auth Providers'][plugin_name]
         plugin.configure(args)
 
+    # Fixup permissions so only the ipsilon user can read these files
+    files.fix_user_dirs(instance_conf, opts['system_user'], mode=0500)
+    files.fix_user_dirs(args['data_dir'], opts['system_user'])
+    try:
+        subprocess.call(['/usr/sbin/restorecon', '-R', args['data_dir']])
+    except Exception:  # pylint: disable=broad-except
+        pass
 
 def uninstall(plugins, args):
     logger.info('Uninstallation initiated')
@@ -124,6 +156,7 @@ def uninstall(plugins, args):
 
 def find_plugins():
     plugins = {
+        'Environment Helpers': EnvHelpersInstall().plugins,
         'Login Managers': LoginMgrsInstall().plugins,
         'Auth Providers': ProvidersInstall().plugins
     }
@@ -138,12 +171,12 @@ def parse_args(plugins):
                         help='Comma separated list of login managers')
     parser.add_argument('--hostname',
                         help="Machine's fully qualified host name")
+    parser.add_argument('--instance', default='idp',
+                        help="IdP instance name, each is a separate idp")
     parser.add_argument('--system-user', default='ipsilon',
                         help="User account used to run the server")
     parser.add_argument('--admin-user', default='admin',
                         help="User account that is assigned admin privileges")
-    parser.add_argument('--ipa', choices=['yes', 'no'], default='yes',
-                        help='Detect and use an IPA server for authentication')
     parser.add_argument('--uninstall', action='store_true',
                         help="Uninstall the server and all data")
 
@@ -186,6 +219,8 @@ def parse_args(plugins):
         args['lm_order'] = ['pam']
         args['pam'] = 'yes'
 
+    #FIXME: check instance is only alphanums
+
     return args
 
 if __name__ == '__main__':