forked from Deuxfleurs/guichet
Containerize
This commit is contained in:
parent
7ab5451a3f
commit
9a6e24aea0
7 changed files with 89 additions and 67 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
|||
guichet
|
||||
guichet.static
|
||||
config.json
|
||||
|
|
7
Dockerfile
Normal file
7
Dockerfile
Normal file
|
@ -0,0 +1,7 @@
|
|||
FROM scratch
|
||||
|
||||
ADD static /static
|
||||
ADD guichet.static /guichet
|
||||
ADD templates /templates
|
||||
|
||||
ENTRYPOINT ["/guichet"]
|
22
Makefile
22
Makefile
|
@ -1,5 +1,19 @@
|
|||
all: guichet
|
||||
BIN=guichet
|
||||
SRC=main.go ssha.go profile.go admin.go
|
||||
DOCKER=lxpz/guichet_amd64
|
||||
|
||||
guichet: main.go ssha.go profile.go admin.go
|
||||
go get -v
|
||||
go build -v
|
||||
all: $(BIN)
|
||||
|
||||
$(BIN): $(SRC)
|
||||
go get -d -v
|
||||
go build -v -o $(BIN)
|
||||
|
||||
$(BIN).static: $(SRC)
|
||||
go get -d -v
|
||||
CGO_ENABLED=0 GOOS=linux go build -a -v -o $(BIN).static
|
||||
|
||||
docker: $(BIN).static
|
||||
docker build -t $(DOCKER):$(TAG) .
|
||||
docker push $(DOCKER):$(TAG)
|
||||
docker tag $(DOCKER):$(TAG) $(DOCKER):latest
|
||||
docker push $(DOCKER):latest
|
||||
|
|
|
@ -5,7 +5,6 @@ Exemple de config.json pour Deuxfleurs:
|
|||
```
|
||||
{
|
||||
"http_bind_addr": ":9991",
|
||||
"session_key": "V1BAbmn9VW/wL0EZ6Q8xwhkVq/QVwmwPOtliUlfc0iI=",
|
||||
"ldap_server_addr": "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389",
|
||||
|
||||
"base_dn": "dc=deuxfleurs,dc=fr",
|
||||
|
@ -14,7 +13,12 @@ Exemple de config.json pour Deuxfleurs:
|
|||
"group_base_dn": "ou=groups,dc=deuxfleurs,dc=fr",
|
||||
"group_name_attr": "cn",
|
||||
|
||||
"admin_account": "cn=admin,dc=deuxfleurs,dc=fr",
|
||||
"group_can_admin": "cn=admin,ou=groups,dc=deuxfleurs,dc=fr",
|
||||
"group_can_invite": "cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr"
|
||||
}
|
||||
```
|
||||
|
||||
```
|
||||
docker run --net host -v $PWD/config.json:/config.json -i lxpz/guichet_amd64:latest
|
||||
```
|
||||
|
|
48
main.go
48
main.go
|
@ -3,7 +3,6 @@ package main
|
|||
import (
|
||||
"crypto/rand"
|
||||
"crypto/tls"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"flag"
|
||||
"fmt"
|
||||
|
@ -21,7 +20,6 @@ import (
|
|||
|
||||
type ConfigFile struct {
|
||||
HttpBindAddr string `json:"http_bind_addr"`
|
||||
SessionKey string `json:"session_key"`
|
||||
LdapServerAddr string `json:"ldap_server_addr"`
|
||||
LdapTLS bool `json:"ldap_tls"`
|
||||
|
||||
|
@ -45,15 +43,8 @@ const SESSION_NAME = "guichet_session"
|
|||
var store sessions.Store = nil
|
||||
|
||||
func readConfig() ConfigFile {
|
||||
key_bytes := make([]byte, 32)
|
||||
n, err := rand.Read(key_bytes)
|
||||
if err != nil || n != 32 {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
config_file := ConfigFile{
|
||||
HttpBindAddr: ":9991",
|
||||
SessionKey: base64.StdEncoding.EncodeToString(key_bytes),
|
||||
LdapServerAddr: "ldap://127.0.0.1:389",
|
||||
LdapTLS: false,
|
||||
BaseDN: "dc=example,dc=com",
|
||||
|
@ -66,7 +57,7 @@ func readConfig() ConfigFile {
|
|||
GroupCanAdmin: "gid=admin,ou=groups,dc=example,dc=com",
|
||||
}
|
||||
|
||||
_, err = os.Stat(*configFlag)
|
||||
_, err := os.Stat(*configFlag)
|
||||
if os.IsNotExist(err) {
|
||||
// Generate default config file
|
||||
log.Printf("Generating default config file as %s", *configFlag)
|
||||
|
@ -106,7 +97,13 @@ func main() {
|
|||
|
||||
config_file := readConfig()
|
||||
config = &config_file
|
||||
store = sessions.NewFilesystemStore("", []byte(config.SessionKey))
|
||||
|
||||
session_key := make([]byte, 32)
|
||||
n, err := rand.Read(session_key)
|
||||
if err != nil || n != 32 {
|
||||
log.Fatal(err)
|
||||
}
|
||||
store = sessions.NewCookieStore(session_key)
|
||||
|
||||
r := mux.NewRouter()
|
||||
r.HandleFunc("/", handleHome)
|
||||
|
@ -123,7 +120,7 @@ func main() {
|
|||
r.Handle("/static/{file:.*}", http.StripPrefix("/static/", staticfiles))
|
||||
|
||||
log.Printf("Starting HTTP server on %s", config.HttpBindAddr)
|
||||
err := http.ListenAndServe(config.HttpBindAddr, logRequest(r))
|
||||
err = http.ListenAndServe(config.HttpBindAddr, logRequest(r))
|
||||
if err != nil {
|
||||
log.Fatal("Cannot start http server: ", err)
|
||||
}
|
||||
|
@ -149,29 +146,29 @@ func logRequest(handler http.Handler) http.Handler {
|
|||
}
|
||||
|
||||
func checkLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
|
||||
session, err := store.Get(r, SESSION_NAME)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
}
|
||||
var login_info *LoginInfo
|
||||
|
||||
session, err := store.Get(r, SESSION_NAME)
|
||||
if err == nil {
|
||||
username, ok := session.Values["login_username"]
|
||||
password, ok2 := session.Values["login_password"]
|
||||
user_dn, ok3 := session.Values["login_dn"]
|
||||
|
||||
var login_info *LoginInfo
|
||||
if !(ok && ok2 && ok3) {
|
||||
login_info = handleLogin(w, r)
|
||||
if login_info == nil {
|
||||
return nil
|
||||
}
|
||||
} else {
|
||||
if ok && ok2 && ok3 {
|
||||
login_info = &LoginInfo{
|
||||
DN: user_dn.(string),
|
||||
Username: username.(string),
|
||||
Password: password.(string),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if login_info == nil {
|
||||
login_info = handleLogin(w, r)
|
||||
if login_info == nil {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
l := ldapOpen(w)
|
||||
if l == nil {
|
||||
|
@ -346,8 +343,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) *LoginInfo {
|
|||
// Successfully logged in, save it to session
|
||||
session, err := store.Get(r, SESSION_NAME)
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return nil
|
||||
session, _ = store.New(r, SESSION_NAME)
|
||||
}
|
||||
|
||||
session.Values["login_username"] = username
|
||||
|
|
|
@ -146,7 +146,7 @@
|
|||
<div class="col-md-3"><strong>Ajouter au groupe :</strong>
|
||||
</div>
|
||||
<div class="col-md-5">
|
||||
<input class="form-control" type="text" name="values" placeholder="Groupe..." />
|
||||
<input class="form-control" type="text" name="values" placeholder="Utilisateur..." />
|
||||
</div>
|
||||
<div class="col-md-2">
|
||||
<input type="submit" value="Ajouter" class="form-control btn btn-success btn-sm" />
|
||||
|
|
Loading…
Reference in a new issue