louis.depres/SioTP
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: louis.depres:v.2.0.5
Branches Tags
louis.depres:master
louis.depres:v2.0.11 louis.depres:v2.0.10 louis.depres:v2.0.9 louis.depres:v2.0.8 louis.depres:V2.0.7 louis.depres:V2.0.6-b louis.depres:V2.0.6 louis.depres:v2.0.4 louis.depres:v2.0.3 louis.depres:v.2.0.5 louis.depres:v2.0.2 louis.depres:v2.0.1 louis.depres:v2.0.0 louis.depres:v0.12.6 louis.depres:v0.1.15 louis.depres:v1 louis.depres:v0.5b louis.depres:v0.5 louis.depres:v0.1.5c louis.depres:v0.1.5b louis.depres:v0.1.5 louis.depres:v1.0.0 louis.depres:v0.1 louis.depres:v0.1.0
..
compare: louis.depres:V2.0.7
Branches Tags
louis.depres:master
louis.depres:v2.0.11 louis.depres:v2.0.10 louis.depres:v2.0.9 louis.depres:v2.0.8 louis.depres:V2.0.7 louis.depres:V2.0.6-b louis.depres:V2.0.6 louis.depres:v2.0.4 louis.depres:v2.0.3 louis.depres:v.2.0.5 louis.depres:v2.0.2 louis.depres:v2.0.1 louis.depres:v2.0.0 louis.depres:v0.12.6 louis.depres:v0.1.15 louis.depres:v1 louis.depres:v0.5b louis.depres:v0.5 louis.depres:v0.1.5c louis.depres:v0.1.5b louis.depres:v0.1.5 louis.depres:v1.0.0 louis.depres:v0.1 louis.depres:v0.1.0

8 Commits
v.2.0.5 ... V2.0.7

Author SHA1 Message Date
Louis
85f12c53cb OpenVPN 2022-10-12 11:55:15 +02:00
Louis
100f6bcfef Suite Ansible 2022-10-11 11:01:29 +02:00
Louis
62052834f9 Debut Ansible 2022-10-11 08:11:15 +02:00
louis
6a287b8ee7 Fin Python 2022-09-30 14:38:24 +02:00
louis
20f4f4f183 Log 2022-09-29 11:50:14 +02:00
louis
bef3ed97e7 Creatusr v2 2022-09-29 09:47:20 +02:00
louis
72aba346b9 Python V1 2022-09-28 17:50:16 +02:00
Louis
7a35ccf29e LDAP 2022-09-27 10:55:55 +02:00
29 changed files with 12598 additions and 0 deletions
Expand all files Collapse all files

20
Sio2/CYBER/20-openvpn/ca.crt Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDOTCCAiGgAwIBAgIUC8Reak8KplpJ6RkJQ4dy228ay7MwDQYJKoZIhvcNAQEL
BQAwEDEOMAwGA1UEAwwFTG91aXMwHhcNMjIxMDEyMDgzNDIwWhcNMzIxMDA5MDgz
NDIwWjAQMQ4wDAYDVQQDDAVMb3VpczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAMZUauq/R97I03UHCO2sCYMm0xSSgabWcM7pKz/Xa09zpGm6QZHAiOHh
cCIWL4iLPRx8X8IAlVi5iRndAQhMnYkxx/gX/aHilDYrjPxn8RdaZB42lwJox0Xs
qYIc1TDnHLuf2sv9rRL3AUZ3BwdoCR7XbFhOsD6Kk5VFy4TNTfFwms51ATqOzfA4
in3QDGkPVTq/6+8kPFkbI96FiUQ1FwvRPQyqrQjh3su5pDaM19wFLAgp4zWYIUqZ
H+HOuvdPvM7fbz1dW+PZPPLGu1SJFiJ9mpoYVq5UwcjeRSl+qQQNDpsnT+gv8sop
h2ANhyEu3M2ZCQiH1WCfvamo5xH/67UCAwEAAaOBijCBhzAdBgNVHQ4EFgQUF4fN
H8XCXNYjLio+Cex0siWsW0UwSwYDVR0jBEQwQoAUF4fNH8XCXNYjLio+Cex0siWs
W0WhFKQSMBAxDjAMBgNVBAMMBUxvdWlzghQLxF5qTwqmWknpGQlDh3LbbxrLszAM
BgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZQhI
N6DNawRxGSO5ioWNKsnB14sFrvrCbiAtr/vcj/5mnxqJlE8KTfOmAs0JHp9hgsDg
9rRn7pSKfOJfXSzwvlLotEBAg7QEqX1k1PAVwD5roc0RmvS0yH7eoF8CcwQhWuDj
RbcuA2yah/L8v6SrtLcbzvWRF2Jm/zEiEUoHoUJwt4TaLL4z7lnDZ/H0Kgx/dfI5
DYzAdfAQASOOMZHc57lBNB2Md1PIVt50Rj6K+ZDyXE2uKgVGCkroDpA+n2a6QaFn
35CqrUjg66U4pLBCmrZwBScHp8cUXNju44FS7/Y8WnFsX5Wm3RVdErlcvqOg5Jxs
GOsIks/TvelhSMjwiw==
-----END CERTIFICATE-----

8
Sio2/CYBER/20-openvpn/dh.pem Normal file
View File

@ -0,0 +1,8 @@
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA4jWuH4ZUAtE0fXIfp3xq7zpRxPLhKeNY0IuwutL0ZCMUTmJjVp7G
tesWOF5Zmeu4E/SdKOIg6fKSLjr4vUIesL9clkHabjagEaIu07cDlbMC38BGeHzb
YT6Ba+UrHyz5Qqk7lhwGz3/yMmIOcvV60GL8okVAd37bCz08jObEtvlyWzJD8zUr
rgCArb4T8jj7/V/9w6ROt9TWJHxZdUlUMhxjK451pozLqY4QXiH4PRNAIP7BUr1l
Qh5gYpQU/BrMMxH/7n0LCCeoxrbUYz+UfzO1Rxs2KWJ2UCTCgGqNwXkS3hMUb4xC
qSNC0ssaAFlra5AlIxd06F6A0lRTkwQtEwIBAg==
-----END DH PARAMETERS-----

84
Sio2/CYBER/20-openvpn/openvpnclt.crt Normal file
View File

@ -0,0 +1,84 @@
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
ef:26:be:be:1c:6f:df:b6:72:ab:d0:98:5e:8e:ab:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Louis
Validity
Not Before: Oct 12 08:35:54 2022 GMT
Not After : Jan 14 08:35:54 2025 GMT
Subject: CN=openvpnclt
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:21:3d:b7:82:3d:47:36:e5:94:4e:9b:84:
39:b0:f5:66:54:43:09:29:c2:81:59:ee:ff:d3:1f:
3c:4c:73:c2:a6:de:08:db:f9:c8:ff:1b:19:1a:13:
65:91:d6:af:9c:ee:bf:15:49:1c:74:6a:f1:cd:3c:
a8:87:2c:24:c0:d2:99:9e:ec:46:b1:f4:50:86:0b:
8c:4a:8a:b6:13:04:9a:1a:6e:e8:de:57:40:7b:f8:
b2:7b:1e:05:e9:ae:56:bf:f5:0e:6a:49:85:cb:a7:
4d:f1:72:ea:d6:83:1c:c2:19:7b:86:b0:ef:89:82:
7d:98:3e:32:f3:83:03:89:36:7c:32:13:f3:f5:af:
d4:8c:92:95:95:02:48:2b:21:b0:3a:79:a2:ef:64:
55:c5:1c:4a:ab:9d:1b:70:fe:a7:9e:bc:fa:b8:12:
22:87:52:95:ca:a4:5c:26:91:6d:d6:9e:aa:07:53:
13:6a:bc:e7:91:98:c7:57:b6:ff:b8:10:82:73:99:
0a:b8:5c:70:13:f7:8c:e5:d4:b7:7b:d0:51:24:ed:
bc:ac:50:61:d3:2e:9e:98:6a:a6:16:9c:cc:eb:fa:
4c:10:69:f0:c2:2f:cd:8e:6b:b7:7f:2c:5b:c1:a8:
fc:af:ef:1a:91:1e:5d:f4:d1:fb:cc:33:34:6e:e8:
d2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
78:9F:7E:30:60:4E:EB:50:F5:FC:D2:6E:1E:2B:F3:AC:DE:73:C0:AD
X509v3 Authority Key Identifier:
keyid:17:87:CD:1F:C5:C2:5C:D6:23:2E:2A:3E:09:EC:74:B2:25:AC:5B:45
DirName:/CN=Louis
serial:0B:C4:5E:6A:4F:0A:A6:5A:49:E9:19:09:43:87:72:DB:6F:1A:CB:B3
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
95:b5:d4:87:5e:e3:3f:a1:4f:2a:8a:e1:52:cc:25:63:42:bb:
f7:2e:6e:f6:aa:bc:9e:a6:88:ab:d5:02:65:29:31:0e:a1:a7:
0d:e7:20:ac:9d:1c:a8:31:23:5a:8d:07:a4:94:88:99:f8:88:
83:69:1a:0a:a8:5a:d5:39:2f:00:5a:27:53:60:70:2f:fc:7f:
e1:2c:15:7b:ea:6b:91:72:9a:e5:b6:c9:ae:b7:b4:89:3c:95:
17:bf:a3:31:3e:0e:41:ec:90:bb:d6:4a:1a:c3:79:7a:95:55:
23:e9:86:84:91:05:32:69:9e:44:cd:03:df:c8:97:a8:6c:47:
6c:2c:d1:64:f5:91:30:87:56:7b:42:38:0a:78:1e:b9:6d:bb:
8d:02:7b:fd:df:ac:a9:41:2c:cd:c7:10:34:d3:98:91:a9:bd:
bc:e3:76:1e:13:9c:7b:98:c0:01:3c:9a:e3:fb:a1:41:cf:6b:
35:d1:ea:b9:d4:f4:9a:d8:c3:60:c7:b8:4b:79:09:1b:9c:25:
d4:90:51:ae:87:46:47:f6:ee:a2:45:fa:a9:79:0a:7d:24:3f:
bf:e4:aa:fc:26:43:ed:68:dd:a2:74:01:81:ad:f7:a5:5f:76:
2a:54:49:08:14:a6:d2:27:ac:a6:1d:af:08:e2:be:2f:23:c7:
82:c1:a5:78
-----BEGIN CERTIFICATE-----
MIIDTTCCAjWgAwIBAgIRAO8mvr4cb9+2cqvQmF6OqxowDQYJKoZIhvcNAQELBQAw
EDEOMAwGA1UEAwwFTG91aXMwHhcNMjIxMDEyMDgzNTU0WhcNMjUwMTE0MDgzNTU0
WjAVMRMwEQYDVQQDDApvcGVudnBuY2x0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAqKIhPbeCPUc25ZROm4Q5sPVmVEMJKcKBWe7/0x88THPCpt4I2/nI
/xsZGhNlkdavnO6/FUkcdGrxzTyohywkwNKZnuxGsfRQhguMSoq2EwSaGm7o3ldA
e/iyex4F6a5Wv/UOakmFy6dN8XLq1oMcwhl7hrDviYJ9mD4y84MDiTZ8MhPz9a/U
jJKVlQJIKyGwOnmi72RVxRxKq50bcP6nnrz6uBIih1KVyqRcJpFt1p6qB1MTarzn
kZjHV7b/uBCCc5kKuFxwE/eM5dS3e9BRJO28rFBh0y6emGqmFpzM6/pMEGnwwi/N
jmu3fyxbwaj8r+8akR5d9NH7zDM0bujSowIDAQABo4GcMIGZMAkGA1UdEwQCMAAw
HQYDVR0OBBYEFHiffjBgTutQ9fzSbh4r86zec8CtMEsGA1UdIwREMEKAFBeHzR/F
wlzWIy4qPgnsdLIlrFtFoRSkEjAQMQ4wDAYDVQQDDAVMb3Vpc4IUC8Reak8KplpJ
6RkJQ4dy228ay7MwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA0G
CSqGSIb3DQEBCwUAA4IBAQCVtdSHXuM/oU8qiuFSzCVjQrv3Lm72qryepoir1QJl
KTEOoacN5yCsnRyoMSNajQeklIiZ+IiDaRoKqFrVOS8AWidTYHAv/H/hLBV76muR
cprltsmut7SJPJUXv6MxPg5B7JC71koaw3l6lVUj6YaEkQUyaZ5EzQPfyJeobEds
LNFk9ZEwh1Z7QjgKeB65bbuNAnv936ypQSzNxxA005iRqb2843YeE5x7mMABPJrj
+6FBz2s10eq51PSa2MNgx7hLeQkbnCXUkFGuh0ZH9u6iRfqpeQp9JD+/5Kr8JkPt
aN2idAGBrfelX3YqVEkIFKbSJ6ymHa8I4r4vI8eCwaV4
-----END CERTIFICATE-----

28
Sio2/CYBER/20-openvpn/openvpnclt.key Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCooiE9t4I9Rzbl
lE6bhDmw9WZUQwkpwoFZ7v/THzxMc8Km3gjb+cj/GxkaE2WR1q+c7r8VSRx0avHN
PKiHLCTA0pme7Eax9FCGC4xKirYTBJoabujeV0B7+LJ7HgXprla/9Q5qSYXLp03x
curWgxzCGXuGsO+Jgn2YPjLzgwOJNnwyE/P1r9SMkpWVAkgrIbA6eaLvZFXFHEqr
nRtw/qeevPq4EiKHUpXKpFwmkW3WnqoHUxNqvOeRmMdXtv+4EIJzmQq4XHAT94zl
1Ld70FEk7bysUGHTLp6YaqYWnMzr+kwQafDCL82Oa7d/LFvBqPyv7xqRHl300fvM
MzRu6NKjAgMBAAECggEBAIpJQjcpOH1l2+fSgc/YU7MA2qR4wJflMEv+yP1pnPoY
5+QNKnix0pkYsLIIe/9nbWWlBz++T75MQPQMLSuEELOrQFzp52NhNXNnHum17G+W
E4VftEk4heHj5QE/cpvZ4rvRiruwhS6niSxaD6hPppKpcPnYOOasArCJOSEmLA0l
MyxW7zGa3aVFXzZWMMNc++EZxksCiSrFGzgfqvaZ65Bfj3GjUMs16C0yjlysC6y4
kXYdU92bvXM2LDEg2sST9+9PxAsr5lcpy+g2yTCKDfwz5lNgo9B6E1WmAZk0rvEQ
Das5u93gTfMsTWpqR66tpwm7z8VM/NlpVuh9+KkB/EECgYEA1nTh1KE+tkMNxcod
MuXDKT0a5BdXGF8kuJcqo/GDTs4fLtX3p+aJjEL2n7/r20FXf5IopWjvwNOT9hO6
qLSxwiN1L+raA24isg6sMWq0KBAlP1DtsEy6OFWEGbVCaeNQvR2oQarLZyUB+tjV
IpZOQB+QiVltPPAGjc8Mpv3rc+ECgYEAyUzTj7XfVTpLe1MKbrmma5mGoK2k1aUe
e6Si2SzZ+xfo5ujtACwsdRF5044IkaQdZ3bVfRkLPzPeDj7NijVPnFQzLUlKr29t
inemCtwSsW2Gq829qz8ZbIk7EHui4DBcUipyzmJTGGxFFtT+uTNU4QHIPIJfsp/x
W/IkltllVwMCgYEAk5PNUFBB4pTUJncGjt7z5S4KkknJgpj+oRRNoJHzRUisxsMx
cNZBc0clhhtBSBl4B+7hj6pdynkOyfkbqzrlVG6oFvhrXI7uy08zibIfFa6+owqi
9n5ma5vVkwdcE5f9GJcPEVliLbGW4jNSwEFkydWu1gW3GYcnS3DfCQ+VdqECgYEA
wiDG/halFGotlPcWXoXHSok6XgZXqnmclhzFt68bYJ1ETDthJAN1tEhwNmcJOHsO
qFLfu87FG+SHRzGlwp168wX4fLnrvpg1CY4toNdvZ5B6iYDWYyls+VC2l0TEZHP+
9HZfVU1ZWXpAfq5WIICyYHP5iPEqHPdGKiewxZFNu8UCgYBqkHQA2emQWsPwACpC
JyaDSS+oya6+GiijOTl13zU6hXwk353lzxG5XHuHh+DKjoY7N6K+WAytkt5m1pFM
h918zgOI8Ntpw9hYOY9IRh7/mRibCrcX7ywGhBc/X5xcXglWCTqjm7X8mUE3ZWMp
1ea9UgXBanlvVdqgdYZQcArMNw==
-----END PRIVATE KEY-----

315
Sio2/CYBER/20-openvpn/server.conf Normal file
View File

@ -0,0 +1,315 @@
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
# of a many-clients <-> one-server #
# OpenVPN configuration. #
# #
# OpenVPN also supports #
# single-machine <-> single-machine #
# configurations (See the Examples page #
# on the web site for more info). #
# #
# This config should work on Windows #
# or Linux/BSD systems. Remember on #
# Windows to quote pathnames and use #
# double backslashes, e.g.: #
# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
# #
# Comments are preceded with '#' or ';' #
#################################################
# Which local IP address should OpenVPN
# listen on? (optional)
;local a.b.c.d
# Which TCP/UDP port should OpenVPN listen on?
# If you want to run multiple OpenVPN instances
# on the same machine, use a different port
# number for each one. You will need to
# open up this port on your firewall.
port 1194
# TCP or UDP server?
;proto tcp
proto udp
# "dev tun" will create a routed IP tunnel,
# "dev tap" will create an ethernet tunnel.
# Use "dev tap0" if you are ethernet bridging
# and have precreated a tap0 virtual interface
# and bridged it with your ethernet interface.
# If you want to control access policies
# over the VPN, you must create firewall
# rules for the the TUN/TAP interface.
# On non-Windows systems, you can give
# an explicit unit number, such as tun0.
# On Windows, use "dev-node" for this.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel if you
# have more than one. On XP SP2 or higher,
# you may need to selectively disable the
# Windows firewall for the TAP adapter.
# Non-Windows systems usually don't need this.
;dev-node MyTap
# SSL/TLS root certificate (ca), certificate
# (cert), and private key (key). Each client
# and the server must have their own cert and
# key file. The server and all clients will
# use the same ca file.
#
# See the "easy-rsa" directory for a series
# of scripts for generating RSA certificates
# and private keys. Remember to use
# a unique Common Name for the server
# and each of the client certificates.
#
# Any X509 key management system can be used.
# OpenVPN can also use a PKCS #12 formatted key file
# (see "pkcs12" directive in man page).
ca ca.crt
cert issued/openvpnsrv.crt
key private/openvpnsrv.key
# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh2048.pem 2048
dh dh.pem
# Network topology
# Should be subnet (addressing via IP)
# unless Windows clients v2.0.9 and lower have to
# be supported (then net30, i.e. a /30 per client)
# Defaults to net30 (not recommended)
;topology subnet
# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 10.8.0.0 255.255.255.0
# Maintain a record of client <-> virtual IP address
# associations in this file. If OpenVPN goes down or
# is restarted, reconnecting clients can be assigned
# the same virtual IP address from the pool that was
# previously assigned.
ifconfig-pool-persist /var/log/openvpn/ipp.txt
# Configure server mode for ethernet bridging.
# You must first use your OS's bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface, here we
# assume 10.8.0.4/255.255.255.0. Finally we
# must set aside an IP range in this subnet
# (start=10.8.0.50 end=10.8.0.100) to allocate
# to connecting clients. Leave this line commented
# out unless you are ethernet bridging.
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
# Configure server mode for ethernet bridging
# using a DHCP-proxy, where clients talk
# to the OpenVPN server-side DHCP server
# to receive their IP address allocation
# and DNS server addresses. You must first use
# your OS's bridging capability to bridge the TAP
# interface with the ethernet NIC interface.
# Note: this mode only works on clients (such as
# Windows), where the client-side TAP adapter is
# bound to a DHCP client.
;server-bridge
# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
# To assign specific IP addresses to specific
# clients or if a connecting client has a private
# subnet behind it that should also have VPN access,
# use the subdirectory "ccd" for client-specific
# configuration files (see man page for more info).
# EXAMPLE: Suppose the client
# having the certificate common name "Thelonious"
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
# Then create a file ccd/Thelonious with this line:
# iroute 192.168.40.128 255.255.255.248
# This will allow Thelonious' private subnet to
# access the VPN. This example will only work
# if you are routing, not bridging, i.e. you are
# using "dev tun" and "server" directives.
# EXAMPLE: Suppose you want to give
# Thelonious a fixed VPN IP address of 10.9.0.1.
# First uncomment out these lines:
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
# Then add this line to ccd/Thelonious:
# ifconfig-push 10.9.0.1 10.9.0.2
# Suppose that you want to enable different
# firewall access policies for different groups
# of clients. There are two methods:
# (1) Run multiple OpenVPN daemons, one for each
# group, and firewall the TUN/TAP interface
# for each group/daemon appropriately.
# (2) (Advanced) Create a script to dynamically
# modify the firewall in response to access
# from different clients. See man
# page for more info on learn-address script.
;learn-address ./script
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
;push "redirect-gateway def1 bypass-dhcp"
# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
# The addresses below refer to the public
# DNS servers provided by opendns.com.
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
;client-to-client
# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn
# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120
# For extra security beyond that provided
# by SSL/TLS, create an "HMAC firewall"
# to help block DoS attacks and UDP port flooding.
#
# Generate with:
# openvpn --genkey tls-auth ta.key
#
# The server and each client must have
# a copy of this key.
# The second parameter should be '0'
# on the server and '1' on the clients.
tls-auth ta.key 0 # This file is secret
# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
# See also the ncp-cipher option in the manpage
cipher AES-256-CBC
# Enable compression on the VPN link and push the
# option to the client (v2.4+ only, for earlier
# versions see below)
;compress lz4-v2
;push "compress lz4-v2"
# For compression compatible with older clients use comp-lzo
# If you enable it here, you must also
# enable it in the client config file.
;comp-lzo
# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100
# It's a good idea to reduce the OpenVPN
# daemon's privileges after initialization.
#
# You can uncomment this out on
# non-Windows systems.
;user nobody
;group nogroup
# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun
# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status /var/log/openvpn/openvpn-status.log
# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
;log /var/log/openvpn/openvpn.log
;log-append /var/log/openvpn/openvpn.log
# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3
# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20
# Notify the client that when the server restarts so it
# can automatically reconnect.
explicit-exit-notify 1

21
Sio2/CYBER/20-openvpn/ta.key Normal file
View File

@ -0,0 +1,21 @@
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
802c84970a521b1a640fa14059c7f524
5c23ecddddb64a337203bf62c4ff17b7
3f8d8f62d16f73845b271ee8d6888dd4
ffaf36d37537573df58084a4af6cb770
89ce69cab2966f41cef0fdfb6a989c00
300f027b6e2a0c2028d0cb33c0b812d0
5d1f908f8de4f127d8e6e5b7eb253b2c
724292d58707db359a22158eff460ee4
37edf7f484dc72948c944ebde87add73
8e16c8af7c2a556be4aa37d11a8ecb74
800bb07de7d9e3d563eee347e07b3f2a
493a0be8a4e7fec27874b23dab51a7d3
39b61af065e5cdffd30418b40c7bff03
c139ba6f27331d49e17d75ee3cdb5217
d95d3b26eb5484c89ef70f2579a52f3c
62268bdae2e24de8cd748a73e3e795f1
-----END OpenVPN Static key V1-----

131
Sio2/SISR/20-ldap/doku.php Normal file
View File

@ -0,0 +1,131 @@
<?php
/**
* DokuWiki mainscript
*
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
* @author Andreas Gohr <andi@splitbrain.org>
*
* @global Input $INPUT
*/
// update message version - always use a string to avoid localized floats!
use dokuwiki\Extension\Event;
$updateVersion = "53";
// xdebug_start_profiling();
if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/');
// define all DokuWiki globals here (needed within test requests but also helps to keep track)
global $ACT, $INPUT, $QUERY, $ID, $REV, $DATE_AT, $IDX,
$DATE, $RANGE, $HIGH, $TEXT, $PRE, $SUF, $SUM, $INFO, $JSINFO;
if(isset($_SERVER['HTTP_X_DOKUWIKI_DO'])) {
$ACT = trim(strtolower($_SERVER['HTTP_X_DOKUWIKI_DO']));
} elseif(!empty($_REQUEST['idx'])) {
$ACT = 'index';
} elseif(isset($_REQUEST['do'])) {
$ACT = $_REQUEST['do'];
} else {
$ACT = 'show';
}
// load and initialize the core system
require_once(DOKU_INC.'inc/init.php');
//import variables
$INPUT->set('id', str_replace("\xC2\xAD", '', $INPUT->str('id'))); //soft-hyphen
$QUERY = trim($INPUT->str('q'));
$ID = getID();
$REV = $INPUT->int('rev');
$DATE_AT = $INPUT->str('at');
$IDX = $INPUT->str('idx');
$DATE = $INPUT->int('date');
$RANGE = $INPUT->str('range');
$HIGH = $INPUT->param('s');
if(empty($HIGH)) $HIGH = getGoogleQuery();
if($INPUT->post->has('wikitext')) {
$TEXT = cleanText($INPUT->post->str('wikitext'));
}
$PRE = cleanText(substr($INPUT->post->str('prefix'), 0, -1));
$SUF = cleanText($INPUT->post->str('suffix'));
$SUM = $INPUT->post->str('summary');
//parse DATE_AT
if($DATE_AT) {
$date_parse = strtotime($DATE_AT);
if($date_parse) {
$DATE_AT = $date_parse;
} else { // check for UNIX Timestamp
$date_parse = @date('Ymd',$DATE_AT);
if(!$date_parse || $date_parse === '19700101') {
msg(sprintf($lang['unable_to_parse_date'], hsc($DATE_AT)));
$DATE_AT = null;
}
}
}
//check for existing $REV related to $DATE_AT
if($DATE_AT) {
$pagelog = new \dokuwiki\ChangeLog\PageChangeLog($ID);
$rev_t = $pagelog->getLastRevisionAt($DATE_AT);
if($rev_t === '') { //current revision
$REV = null;
$DATE_AT = null;
} else if ($rev_t === false) { //page did not exist
$rev_n = $pagelog->getRelativeRevision($DATE_AT,+1);
msg(
sprintf(
$lang['page_nonexist_rev'],
dformat($DATE_AT),
wl($ID, array('rev' => $rev_n)),
dformat($rev_n)
)
);
$REV = $DATE_AT; //will result in a page not exists message
} else {
$REV = $rev_t;
}
}
//make infos about the selected page available
$INFO = pageinfo();
// handle debugging
if($conf['allowdebug'] && $ACT == 'debug') {
html_debug();
exit;
}
//send 404 for missing pages if configured or ID has special meaning to bots
if(!$INFO['exists'] &&
($conf['send404'] || preg_match('/^(robots\.txt|sitemap\.xml(\.gz)?|favicon\.ico|crossdomain\.xml)$/', $ID)) &&
($ACT == 'show' || (!is_array($ACT) && substr($ACT, 0, 7) == 'export_'))
) {
header('HTTP/1.0 404 Not Found');
}
//prepare breadcrumbs (initialize a static var)
if($conf['breadcrumbs']) breadcrumbs();
// check upstream
checkUpdateMessages();
$tmp = array(); // No event data
Event::createAndTrigger('DOKUWIKI_STARTED', $tmp);
//close session
session_write_close();
//do the work (picks up what to do from global env)
act_dispatch();
$tmp = array(); // No event data
Event::createAndTrigger('DOKUWIKI_DONE', $tmp);
// xdebug_dump_function_profile(1);

180
Sio2/SISR/20-ldap/dokuwiki.php Normal file
View File

@ -0,0 +1,180 @@
<?php
/**
* This is DokuWiki's Main Configuration file
*
* All the default values are kept here, you should not modify it but use
* a local.php file instead to override the settings from here.
*
* This is a piece of PHP code so PHP syntax applies!
*
* For help with the configuration and a more detailed explanation of the various options
* see https://www.dokuwiki.org/config
*/
/* Basic Settings */
$conf['title'] = 'DokuWiki'; //what to show in the title
$conf['start'] = 'start'; //name of start page
$conf['lang'] = 'fr'; //your language
$conf['template'] = 'dokuwiki'; //see lib/tpl directory
$conf['tagline'] = ''; //tagline in header (if template supports it)
$conf['sidebar'] = 'sidebar'; //name of sidebar in root namespace (if template supports it)
$conf['license'] = 'cc-by-nc-sa'; //see conf/license.php
$conf['savedir'] = './data'; //where to store all the files
$conf['basedir'] = ''; //absolute dir from serveroot - blank for autodetection
$conf['baseurl'] = ''; //URL to server including protocol - blank for autodetect
$conf['cookiedir'] = ''; //path to use in cookies - blank for basedir
$conf['dmode'] = 0755; //set directory creation mode
$conf['fmode'] = 0644; //set file creation mode
$conf['allowdebug'] = 0; //allow debug output, enable if needed 0|1
/* Display Settings */
$conf['recent'] = 20; //how many entries to show in recent
$conf['recent_days'] = 7; //How many days of recent changes to keep. (days)
$conf['breadcrumbs'] = 10; //how many recent visited pages to show
$conf['youarehere'] = 0; //show "You are here" navigation? 0|1
$conf['fullpath'] = 0; //show full path of the document or relative to datadir only? 0|1
$conf['typography'] = 1; //smartquote conversion 0=off, 1=doublequotes, 2=all quotes
$conf['dformat'] = '%Y/%m/%d %H:%M'; //dateformat accepted by PHPs strftime() function
$conf['signature'] = ' --- //[[@MAIL@|@NAME@]] @DATE@//'; //signature see wiki page for details
$conf['showuseras'] = 'loginname'; // 'loginname' users login name
// 'username' users full name
// 'email' e-mail address (will be obfuscated as per mailguard)
// 'email_link' e-mail address as a mailto: link (obfuscated)
$conf['toptoclevel'] = 1; //Level starting with and below to include in AutoTOC (max. 5)
$conf['tocminheads'] = 3; //Minimum amount of headlines that determines if a TOC is built
$conf['maxtoclevel'] = 3; //Up to which level include into AutoTOC (max. 5)
$conf['maxseclevel'] = 3; //Up to which level create editable sections (max. 5)
$conf['camelcase'] = 0; //Use CamelCase for linking? (I don't like it) 0|1
$conf['deaccent'] = 1; //deaccented chars in pagenames (1) or romanize (2) or keep (0)?
$conf['useheading'] = 0; //use the first heading in a page as its name
$conf['sneaky_index']= 0; //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
$conf['hidepages'] = ''; //Regexp for pages to be skipped from RSS, Search and Recent Changes
/* Authentication Settings */
$conf['useacl'] = 0; //Use Access Control Lists to restrict access?
$conf['autopasswd'] = 1; //autogenerate passwords and email them to user
$conf['authtype'] = 'authplain'; //which authentication backend should be used
$conf['passcrypt'] = 'bcrypt'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411,bcrypt)
$conf['defaultgroup']= 'user'; //Default groups new Users are added to
$conf['superuser'] = '!!not set!!'; //The admin can be user or @group or comma separated list user1,@group1,user2
$conf['manager'] = '!!not set!!'; //The manager can be user or @group or comma separated list user1,@group1,user2
$conf['profileconfirm'] = 1; //Require current password to confirm changes to user profile
$conf['rememberme'] = 1; //Enable/disable remember me on login
$conf['disableactions'] = ''; //comma separated list of actions to disable
$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
$conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
$conf['remote'] = 0; //Enable/disable remote interfaces
$conf['remoteuser'] = '!!not set!!'; //user/groups that have access to remote interface (comma separated). leave empty to allow all users
$conf['remotecors'] = ''; //enable Cross-Origin Resource Sharing (CORS) for the remote interfaces. Asterisk (*) to allow all origins. leave empty to deny.
/* Antispam Features */
$conf['usewordblock']= 1; //block spam based on words? 0|1
$conf['relnofollow'] = 1; //use rel="ugc nofollow" for external links?
$conf['indexdelay'] = 60*60*24*5; //allow indexing after this time (seconds) default is 5 days
$conf['mailguard'] = 'hex'; //obfuscate email addresses against spam harvesters?
//valid entries are:
// 'visible' - replace @ with [at], . with [dot] and - with [dash]
// 'hex' - use hex entities to encode the mail address
// 'none' - do not obfuscate addresses
$conf['iexssprotect']= 1; // check for JavaScript and HTML in uploaded files 0|1
/* Editing Settings */
$conf['usedraft'] = 1; //automatically save a draft while editing (0|1)
$conf['htmlok'] = 0; //may raw HTML be embedded? This may break layout and XHTML validity 0|1
$conf['phpok'] = 0; //may PHP code be embedded? Never do this on the internet! 0|1
$conf['locktime'] = 15*60; //maximum age for lockfiles (defaults to 15 minutes)
$conf['cachetime'] = 60*60*24; //maximum age for cachefile in seconds (defaults to a day)
/* Link Settings */
// Set target to use when creating links - leave empty for same window
$conf['target']['wiki'] = '';
$conf['target']['interwiki'] = '';
$conf['target']['extern'] = '';
$conf['target']['media'] = '';
$conf['target']['windows'] = '';
/* Media Settings */
$conf['mediarevisions'] = 1; //enable/disable media revisions
$conf['refcheck'] = 1; //check for references before deleting media files
$conf['gdlib'] = 2; //the GDlib version (0, 1 or 2) 2 tries to autodetect
$conf['im_convert'] = ''; //path to ImageMagicks convert (will be used instead of GD)
$conf['jpg_quality'] = '70'; //quality of compression when scaling jpg images (0-100)
$conf['fetchsize'] = 0; //maximum size (bytes) fetch.php may download from extern, disabled by default
/* Notification Settings */
$conf['subscribers'] = 0; //enable change notice subscription support
$conf['subscribe_time'] = 24*60*60; //Time after which digests / lists are sent (in sec, default 1 day)
//Should be smaller than the time specified in recent_days
$conf['notify'] = ''; //send change info to this email (leave blank for nobody)
$conf['registernotify'] = ''; //send info about newly registered users to this email (leave blank for nobody)
$conf['mailfrom'] = ''; //use this email when sending mails
$conf['mailreturnpath'] = ''; //use this email as returnpath for bounce mails
$conf['mailprefix'] = ''; //use this as prefix of outgoing mails
$conf['htmlmail'] = 1; //send HTML multipart mails
$conf['dontlog'] = 'debug'; //logging facilites that should be disabled
/* Syndication Settings */
$conf['sitemap'] = 0; //Create a google sitemap? How often? In days.
$conf['rss_type'] = 'rss1'; //type of RSS feed to provide, by default:
// 'rss' - RSS 0.91
// 'rss1' - RSS 1.0
// 'rss2' - RSS 2.0
// 'atom' - Atom 0.3
// 'atom1' - Atom 1.0
$conf['rss_linkto'] = 'diff'; //what page RSS entries link to:
// 'diff' - page showing revision differences
// 'page' - the revised page itself
// 'rev' - page showing all revisions
// 'current' - most recent revision of page
$conf['rss_content'] = 'abstract'; //what to put in the items by default?
// 'abstract' - plain text, first paragraph or so
// 'diff' - plain text unified diff wrapped in <pre> tags
// 'htmldiff' - diff as HTML table
// 'html' - the full page rendered in XHTML
$conf['rss_media'] = 'both'; //what should be listed?
// 'both' - page and media changes
// 'pages' - page changes only
// 'media' - media changes only
$conf['rss_update'] = 5*60; //Update the RSS feed every n seconds (defaults to 5 minutes)
$conf['rss_show_summary'] = 1; //Add revision summary to title? 0|1
$conf['rss_show_deleted'] = 1; //Show deleted items 0|1
/* Advanced Settings */
$conf['updatecheck'] = 1; //automatically check for new releases?
$conf['userewrite'] = 0; //this makes nice URLs: 0: off 1: .htaccess 2: internal
$conf['useslash'] = 0; //use slash instead of colon? only when rewrite is on
$conf['sepchar'] = '_'; //word separator character in page names; may be a
// letter, a digit, '_', '-', or '.'.
$conf['canonical'] = 0; //Should all URLs use full canonical http://... style?
$conf['fnencode'] = 'url'; //encode filenames (url|safe|utf-8)
$conf['autoplural'] = 0; //try (non)plural form of nonexisting files?
$conf['compression'] = 'gz'; //compress old revisions: (0: off) ('gz': gnuzip) ('bz2': bzip)
// bz2 generates smaller files, but needs more cpu-power
$conf['gzip_output'] = 0; //use gzip content encodeing for the output xhtml (if allowed by browser)
$conf['compress'] = 1; //Strip whitespaces and comments from Styles and JavaScript? 1|0
$conf['cssdatauri'] = 512; //Maximum byte size of small images to embed into CSS, won't work on IE<8
$conf['send404'] = 0; //Send a HTTP 404 status for non existing pages?
$conf['broken_iua'] = 0; //Platform with broken ignore_user_abort (IIS+CGI) 0|1
$conf['xsendfile'] = 0; //Use X-Sendfile (1 = lighttpd, 2 = standard)
$conf['renderer_xhtml'] = 'xhtml'; //renderer to use for main page generation
$conf['readdircache'] = 0; //time cache in second for the readdir operation, 0 to deactivate.
$conf['search_nslimit'] = 0; //limit the search to the current X namespaces
$conf['search_fragment'] = 'exact'; //specify the default fragment search behavior
$conf['trustedproxy'] = '^(::1|[fF][eE]80:|127\.|10\.|192\.168\.|172\.((1[6-9])|(2[0-9])|(3[0-1]))\.)';
//Regexp of trusted proxy address when reading IP using HTTP header
// if blank, do not trust any proxy (including local IP)
/* Feature Flags */
$conf['defer_js'] = 1; // Defer javascript to be executed after the page's HTML has been parsed. Setting will be removed in the next release.
/* Network Settings */
$conf['dnslookups'] = 1; //disable to disallow IP to hostname lookups
$conf['jquerycdn'] = 0; //use a CDN for delivering jQuery?
// Proxy setup - if your Server needs a proxy to access the web set these
$conf['proxy']['host'] = '';
$conf['proxy']['port'] = '';
$conf['proxy']['user'] = '';
$conf['proxy']['pass'] = '';
$conf['proxy']['ssl'] = 0;
$conf['proxy']['except'] = '';

682
Sio2/SISR/20-ldap/install.php Normal file
View File

@ -0,0 +1,682 @@
<?php
/*><div style="width:60%; margin: auto; background-color: #fcc;
border: 1px solid #faa; padding: 0.5em 1em;">
<h1 style="font-size: 120%">No PHP Support</h1>
It seems this server has no PHP support enabled. You will need to
enable PHP before you can install and run DokuWiki. Contact your hosting
provider if you're unsure what this means.
</div>*/
/**
* Dokuwiki installation assistance
*
* @author Chris Smith <chris@jalakai.co.uk>
*/
if (!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__) . '/');
if (!defined('DOKU_CONF')) define('DOKU_CONF', DOKU_INC . 'conf/');
if (!defined('DOKU_LOCAL')) define('DOKU_LOCAL', DOKU_INC . 'conf/');
// load and initialize the core system
require_once(DOKU_INC . 'inc/init.php');
require_once(DOKU_INC . 'inc/pageutils.php');
// check for error reporting override or set error reporting to sane values
if (!defined('DOKU_E_LEVEL')) {
error_reporting(E_ALL ^ E_NOTICE);
} else {
error_reporting(DOKU_E_LEVEL);
}
// language strings
require_once(DOKU_INC . 'inc/lang/en/lang.php');
if (isset($_REQUEST['l']) && !is_array($_REQUEST['l'])) {
$LC = preg_replace('/[^a-z\-]+/', '', $_REQUEST['l']);
}
if (empty($LC)) $LC = 'en';
if ($LC && $LC != 'en') {
require_once(DOKU_INC . 'inc/lang/' . $LC . '/lang.php');
}
// initialise variables ...
$error = array();
// begin output
header('Content-Type: text/html; charset=utf-8');
?>
<!DOCTYPE html>
<html lang="<?php echo $LC?>" dir="<?php echo $lang['direction']?>">
<head>
<meta charset="utf-8" />
<title><?php echo $lang['i_installer']?></title>
<style>
body { width: 90%; margin: 0 auto; font: 84% Verdana, Helvetica, Arial, sans-serif; }
img { border: none }
br.cl { clear:both; }
code { font-size: 110%; color: #800000; }
fieldset { border: none }
label { display: block; margin-top: 0.5em; }
select.text, input.text { width: 30em; margin: 0 0.5em; }
a {text-decoration: none}
</style>
<script>
function acltoggle(){
var cb = document.getElementById('acl');
var fs = document.getElementById('acldep');
if(!cb || !fs) return;
if(cb.checked){
fs.style.display = '';
}else{
fs.style.display = 'none';
}
}
window.onload = function(){
acltoggle();
var cb = document.getElementById('acl');
if(cb) cb.onchange = acltoggle;
};
</script>
</head>
<body style="">
<h1 style="float:left">
<img src="lib/exe/fetch.php?media=wiki:dokuwiki-128.png"
style="vertical-align: middle;" alt="" height="64" width="64" />
<?php echo $lang['i_installer']?>
</h1>
<div style="float:right; margin: 1em;">
<?php langsel()?>
</div>
<br class="cl" />
<div style="float: right; width: 34%;">
<?php
if (file_exists(DOKU_INC . 'inc/lang/' . $LC . '/install.html')) {
include(DOKU_INC . 'inc/lang/' . $LC . '/install.html');
} else {
print "<div lang=\"en\" dir=\"ltr\">\n";
include(DOKU_INC . 'inc/lang/en/install.html');
print "</div>\n";
}
?>
<a style="
background: transparent
url(data/dont-panic-if-you-see-this-in-your-logs-it-means-your-directory-permissions-are-correct.png)
left top no-repeat;
display: block; width:380px; height:73px; border:none; clear:both;"
target="_blank"
href="http://www.dokuwiki.org/security#web_access_security"></a>
</div>
<div style="float: left; width: 58%;">
<?php
try {
if (! (check_functions() && check_permissions())) {
echo '<p>' . $lang['i_problems'] . '</p>';
print_errors();
print_retry();
} elseif (!check_configs()) {
echo '<p>' . $lang['i_modified'] . '</p>';
print_errors();
} elseif (check_data($_REQUEST['d'])) {
// check_data has sanitized all input parameters
if (!store_data($_REQUEST['d'])) {
echo '<p>' . $lang['i_failure'] . '</p>';
print_errors();
} else {
echo '<p>' . $lang['i_success'] . '</p>';
}
} else {
print_errors();
print_form($_REQUEST['d']);
}
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
?>
</div>
<div style="clear: both">
<a href="http://dokuwiki.org/"><img src="lib/tpl/dokuwiki/images/button-dw.png" alt="driven by DokuWiki" /></a>
<a href="http://php.net"><img src="lib/tpl/dokuwiki/images/button-php.gif" alt="powered by PHP" /></a>
</div>
</body>
</html>
<?php
/**
* Print the input form
*
* @param array $d submitted entry 'd' of request data
*/
function print_form($d)
{
global $lang;
global $LC;
include(DOKU_CONF . 'license.php');
if (!is_array($d)) $d = array();
$d = array_map('hsc', $d);
if (!isset($d['acl'])) $d['acl'] = 1;
if (!isset($d['pop'])) $d['pop'] = 1;
?>
<form action="" method="post">
<input type="hidden" name="l" value="<?php echo $LC ?>" />
<fieldset>
<label for="title"><?php echo $lang['i_wikiname']?>
<input type="text" name="d[title]" id="title" value="<?php echo $d['title'] ?>" style="width: 20em;" />
</label>
<fieldset style="margin-top: 1em;">
<label for="acl">
<input type="checkbox" name="d[acl]" id="acl" <?php echo(($d['acl'] ? ' checked="checked"' : ''));?> />
<?php echo $lang['i_enableacl']?></label>
<fieldset id="acldep">
<label for="superuser"><?php echo $lang['i_superuser']?></label>
<input class="text" type="text" name="d[superuser]" id="superuser"
value="<?php echo $d['superuser'] ?>" />
<label for="fullname"><?php echo $lang['fullname']?></label>
<input class="text" type="text" name="d[fullname]" id="fullname"
value="<?php echo $d['fullname'] ?>" />
<label for="email"><?php echo $lang['email']?></label>
<input class="text" type="text" name="d[email]" id="email" value="<?php echo $d['email'] ?>" />
<label for="password"><?php echo $lang['pass']?></label>
<input class="text" type="password" name="d[password]" id="password" />
<label for="confirm"><?php echo $lang['passchk']?></label>
<input class="text" type="password" name="d[confirm]" id="confirm" />
<label for="policy"><?php echo $lang['i_policy']?></label>
<select class="text" name="d[policy]" id="policy">
<option value="0" <?php echo ($d['policy'] == 0) ? 'selected="selected"' : '' ?>><?php
echo $lang['i_pol0']?></option>
<option value="1" <?php echo ($d['policy'] == 1) ? 'selected="selected"' : '' ?>><?php
echo $lang['i_pol1']?></option>
<option value="2" <?php echo ($d['policy'] == 2) ? 'selected="selected"' : '' ?>><?php
echo $lang['i_pol2']?></option>
</select>
<label for="allowreg">
<input type="checkbox" name="d[allowreg]" id="allowreg" <?php
echo(($d['allowreg'] ? ' checked="checked"' : ''));?> />
<?php echo $lang['i_allowreg']?>
</label>
</fieldset>
</fieldset>
<fieldset>
<p><?php echo $lang['i_license']?></p>
<?php
array_push($license, array('name' => $lang['i_license_none'], 'url' => ''));
if (empty($d['license'])) $d['license'] = 'cc-by-sa';
foreach ($license as $key => $lic) {
echo '<label for="lic_' . $key . '">';
echo '<input type="radio" name="d[license]" value="' . hsc($key) . '" id="lic_' . $key . '"' .
(($d['license'] === $key) ? ' checked="checked"' : '') . '>';
echo hsc($lic['name']);
if ($lic['url']) echo ' <a href="' . $lic['url'] . '" target="_blank"><sup>[?]</sup></a>';
echo '</label>';
}
?>
</fieldset>
<fieldset>
<p><?php echo $lang['i_pop_field']?></p>
<label for="pop">
<input type="checkbox" name="d[pop]" id="pop" <?php
echo(($d['pop'] ? ' checked="checked"' : ''));?> />
<?php echo $lang['i_pop_label']?>
<a href="http://www.dokuwiki.org/popularity" target="_blank"><sup>[?]</sup></a>
</label>
</fieldset>
</fieldset>
<fieldset id="process">
<button type="submit" name="submit"><?php echo $lang['btn_save']?></button>
</fieldset>
</form>
<?php
}
function print_retry()
{
global $lang;
global $LC;
?>
<form action="" method="get">
<fieldset>
<input type="hidden" name="l" value="<?php echo $LC ?>" />
<button type="submit"><?php echo $lang['i_retry'];?></button>
</fieldset>
</form>
<?php
}
/**
* Check validity of data
*
* @author Andreas Gohr
*
* @param array $d
* @return bool ok?
*/
function check_data(&$d)
{
static $form_default = array(
'title' => '',
'acl' => '1',
'superuser' => '',
'fullname' => '',
'email' => '',
'password' => '',
'confirm' => '',
'policy' => '0',
'allowreg' => '0',
'license' => 'cc-by-sa'
);
global $lang;
global $error;
if (!is_array($d)) $d = array();
foreach ($d as $k => $v) {
if (is_array($v))
unset($d[$k]);
else $d[$k] = (string)$v;
}
//autolowercase the username
$d['superuser'] = isset($d['superuser']) ? strtolower($d['superuser']) : "";
$ok = false;
if (isset($_REQUEST['submit'])) {
$ok = true;
// check input
if (empty($d['title'])) {
$error[] = sprintf($lang['i_badval'], $lang['i_wikiname']);
$ok = false;
}
if (isset($d['acl'])) {
if (empty($d['superuser']) || ($d['superuser'] !== cleanID($d['superuser']))) {
$error[] = sprintf($lang['i_badval'], $lang['i_superuser']);
$ok = false;
}
if (empty($d['password'])) {
$error[] = sprintf($lang['i_badval'], $lang['pass']);
$ok = false;
} elseif (!isset($d['confirm']) || $d['confirm'] != $d['password']) {
$error[] = sprintf($lang['i_badval'], $lang['passchk']);
$ok = false;
}
if (empty($d['fullname']) || strstr($d['fullname'], ':')) {
$error[] = sprintf($lang['i_badval'], $lang['fullname']);
$ok = false;
}
if (empty($d['email']) || strstr($d['email'], ':') || !strstr($d['email'], '@')) {
$error[] = sprintf($lang['i_badval'], $lang['email']);
$ok = false;
}
} else {
// Since default = 1, browser won't send acl=0 when user untick acl
$d['acl'] = '0';
}
}
$d = array_merge($form_default, $d);
return $ok;
}
/**
* Writes the data to the config files
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param array $d
* @return bool
*/
function store_data($d)
{
global $LC;
$ok = true;
$d['policy'] = (int) $d['policy'];
// create local.php
$now = gmdate('r');
$output = <<<EOT
<?php
/**
* Dokuwiki's Main Configuration File - Local Settings
* Auto-generated by install script
* Date: $now
*/
EOT;
// add any config options set by a previous installer
$preset = __DIR__ . '/install.conf';
if (file_exists($preset)) {
$output .= "# preset config options\n";
$output .= file_get_contents($preset);
$output .= "\n\n";
$output .= "# options selected in installer\n";
@unlink($preset);
}
$output .= '$conf[\'title\'] = \'' . addslashes($d['title']) . "';\n";
$output .= '$conf[\'lang\'] = \'' . addslashes($LC) . "';\n";
$output .= '$conf[\'license\'] = \'' . addslashes($d['license']) . "';\n";
if ($d['acl']) {
$output .= '$conf[\'useacl\'] = 1' . ";\n";
$output .= "\$conf['superuser'] = '@admin';\n";
}
if (!$d['allowreg']) {
$output .= '$conf[\'disableactions\'] = \'register\'' . ";\n";
}
$ok = $ok && fileWrite(DOKU_LOCAL . 'local.php', $output);
if ($d['acl']) {
// hash the password
$phash = new \dokuwiki\PassHash();
$pass = $phash->hash_bcrypt($d['password']);
// create users.auth.php
$output = <<<EOT
# users.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Userfile
#
# Auto-generated by install script
# Date: $now
#
# Format:
# login:passwordhash:Real Name:email:groups,comma,separated
EOT;
// --- user:bcryptpasswordhash:Real Name:email:groups,comma,seperated
$output = $output . "\n" . join(':', [
$d['superuser'],
$pass,
$d['fullname'],
$d['email'],
'admin,user',
]) . "\n";
$ok = $ok && fileWrite(DOKU_LOCAL . 'users.auth.php', $output);
// create acl.auth.php
$output = <<<EOT
# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Auto-generated by install script
# Date: $now
EOT;
if ($d['policy'] == 2) {
$output .= "* @ALL 0\n";
$output .= "* @user 8\n";
} elseif ($d['policy'] == 1) {
$output .= "* @ALL 1\n";
$output .= "* @user 8\n";
} else {
$output .= "* @ALL 8\n";
}
$ok = $ok && fileWrite(DOKU_LOCAL . 'acl.auth.php', $output);
}
// enable popularity submission
if (isset($d['pop']) && $d['pop']) {
@touch(DOKU_INC . 'data/cache/autosubmit.txt');
}
// disable auth plugins til needed
$output = <<<EOT
<?php
/*
* Local plugin enable/disable settings
*
* Auto-generated by install script
* Date: $now
*/
\$plugins['authad'] = 0;
\$plugins['authldap'] = 0;
\$plugins['authmysql'] = 0;
\$plugins['authpgsql'] = 0;
EOT;
$ok = $ok && fileWrite(DOKU_LOCAL . 'plugins.local.php', $output);
return $ok;
}
/**
* Write the given content to a file
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param string $filename
* @param string $data
* @return bool
*/
function fileWrite($filename, $data)
{
global $error;
global $lang;
if (($fp = @fopen($filename, 'wb')) === false) {
$filename = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $filename);
$error[] = sprintf($lang['i_writeerr'], $filename);
return false;
}
if (!empty($data)) {
fwrite($fp, $data);
}
fclose($fp);
return true;
}
/**
* check installation dependent local config files and tests for a known
* unmodified main config file
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @return bool
*/
function check_configs()
{
global $error;
global $lang;
$ok = true;
$config_files = array(
'local' => DOKU_LOCAL . 'local.php',
'users' => DOKU_LOCAL . 'users.auth.php',
'auth' => DOKU_LOCAL . 'acl.auth.php'
);
// configs shouldn't exist
foreach ($config_files as $file) {
if (file_exists($file) && filesize($file)) {
$file = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $file);
$error[] = sprintf($lang['i_confexists'], $file);
$ok = false;
}
}
return $ok;
}
/**
* Check other installation dir/file permission requirements
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @return bool
*/
function check_permissions()
{
global $error;
global $lang;
$dirs = array(
'conf' => DOKU_LOCAL,
'data' => DOKU_INC . 'data',
'pages' => DOKU_INC . 'data/pages',
'attic' => DOKU_INC . 'data/attic',
'media' => DOKU_INC . 'data/media',
'media_attic' => DOKU_INC . 'data/media_attic',
'media_meta' => DOKU_INC . 'data/media_meta',
'meta' => DOKU_INC . 'data/meta',
'cache' => DOKU_INC . 'data/cache',
'locks' => DOKU_INC . 'data/locks',
'index' => DOKU_INC . 'data/index',
'tmp' => DOKU_INC . 'data/tmp'
);
$ok = true;
foreach ($dirs as $dir) {
if (!file_exists("$dir/.") || !is_writable($dir)) {
$dir = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}', $dir);
$error[] = sprintf($lang['i_permfail'], $dir);
$ok = false;
}
}
return $ok;
}
/**
* Check the availability of functions used in DokuWiki and the PHP version
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @return bool
*/
function check_functions()
{
global $error;
global $lang;
$ok = true;
if (version_compare(phpversion(), '5.6.0', '<')) {
$error[] = sprintf($lang['i_phpver'], phpversion(), '5.6.0');
$ok = false;
}
if (ini_get('mbstring.func_overload') != 0) {
$error[] = $lang['i_mbfuncoverload'];
$ok = false;
}
try {
random_bytes(1);
} catch (\Exception $th) {
// If an appropriate source of randomness cannot be found, an Exception will be thrown by PHP 7+
$error[] = $lang['i_urandom'];
$ok = false;
}
if (ini_get('mbstring.func_overload') != 0) {
$error[] = $lang['i_mbfuncoverload'];
$ok = false;
}
$funcs = explode(' ', 'addslashes call_user_func chmod copy fgets ' .
'file file_exists fseek flush filesize ftell fopen ' .
'glob header ignore_user_abort ini_get mkdir ' .
'ob_start opendir parse_ini_file readfile realpath ' .
'rename rmdir serialize session_start unlink usleep ' .
'preg_replace file_get_contents htmlspecialchars_decode ' .
'spl_autoload_register stream_select fsockopen pack xml_parser_create');
if (!function_exists('mb_substr')) {
$funcs[] = 'utf8_encode';
$funcs[] = 'utf8_decode';
}
if (!function_exists('mail')) {
if (strpos(ini_get('disable_functions'), 'mail') !== false) {
$disabled = $lang['i_disabled'];
} else {
$disabled = "";
}
$error[] = sprintf($lang['i_funcnmail'], $disabled);
}
foreach ($funcs as $func) {
if (!function_exists($func)) {
$error[] = sprintf($lang['i_funcna'], $func);
$ok = false;
}
}
return $ok;
}
/**
* Print language selection
*
* @author Andreas Gohr <andi@splitbrain.org>
*/
function langsel()
{
global $lang;
global $LC;
$dir = DOKU_INC . 'inc/lang';
$dh = opendir($dir);
if (!$dh) return;
$langs = array();
while (($file = readdir($dh)) !== false) {
if (preg_match('/^[\._]/', $file)) continue;
if (is_dir($dir . '/' . $file) && file_exists($dir . '/' . $file . '/lang.php')) {
$langs[] = $file;
}
}
closedir($dh);
sort($langs);
echo '<form action="">';
echo $lang['i_chooselang'];
echo ': <select name="l" onchange="submit()">';
foreach ($langs as $l) {
$sel = ($l == $LC) ? 'selected="selected"' : '';
echo '<option value="' . $l . '" ' . $sel . '>' . $l . '</option>';
}
echo '</select> ';
echo '<button type="submit">' . $lang['btn_update'] . '</button>';
echo '</form>';
}
/**
* Print global error array
*
* @author Andreas Gohr <andi@splitbrain.org>
*/
function print_errors()
{
global $error;
if (!empty($error)) {
echo '<ul>';
foreach ($error as $err) {
echo "<li>$err</li>";
}
echo '</ul>';
}
}

372
Sio2/SISR/20-ldap/labo51.lan.ldif Normal file
View File

@ -0,0 +1,372 @@
dn: dc=labo51,dc=lan
o: labo51
dc: labo51
structuralObjectClass: organization
entryUUID: fa4724a4-cf8e-103c-8b56-5b76801a304f
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923132546Z
ou: labo51
description: labo51
objectClass: top
objectClass: dcObject
objectClass: organization
objectClass: gosaDepartment
objectClass: gosaAcl
gosaAclEntry: 0:subtree:Y249YWRtaW4sb3U9YWNscm9sZXMsZGM9bGFibzUxLGRjPWxhbg==
:dWlkPWZkLWFkbWluLG91PXBlb3BsZSxkYz1sYWJvNTEsZGM9bGFu
entryCSN: 20220923133315.145750Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: cn=admin,dc=labo51,dc=lan
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9azJpYVFLcGRSYis3MEVqMjVoR0V1aXpudGtGdDRyVEc=
structuralObjectClass: organizationalRole
entryUUID: fa477026-cf8e-103c-8b57-5b76801a304f
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923132546Z
entryCSN: 20220923132546.893074Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923132546Z
dn: ou=fusiondirectory,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: fusiondirectory
structuralObjectClass: organizationalUnit
entryUUID: fa2072e0-cf8f-103c-9ee5-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133256Z
entryCSN: 20220923133256.134250Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133256Z
dn: cn=config,ou=fusiondirectory,dc=labo51,dc=lan
fdLanguage: fr_FR
fdTheme: breezy
fdTimezone: Europe/Paris
fdLdapSizeLimit: 200
fdModificationDetectionAttribute: entryCSN
fdLogging: TRUE
fdSchemaCheck: TRUE
fdEnableSnapshots: TRUE
fdSnapshotBase: ou=snapshots,dc=labo51,dc=lan
fdPasswordDefaultHash: ssha
fdForcePasswordDefaultHash: FALSE
fdHandleExpiredAccounts: FALSE
fdLoginAttribute: uid
fdForceSSL: FALSE
fdWarnSSL: TRUE
fdSessionLifeTime: 1800
fdHttpAuthActivated: FALSE
fdHttpHeaderAuthActivated: FALSE
fdHttpHeaderAuthHeaderName: AUTH_USER
fdSslKeyPath: /etc/ssl/private/fd.key
fdSslCertPath: /etc/ssl/certs/fd.cert
fdSslCaCertPath: /etc/ssl/certs/ca.cert
fdCasActivated: FALSE
fdCasServerCaCertPath: /etc/ssl/certs/ca.cert
fdCasHost: localhost
fdCasPort: 443
fdCasContext: /cas
fdAccountPrimaryAttribute: uid
fdCnPattern: %givenName% %sn%
fdStrictNamingRules: TRUE
fdUserRDN: ou=people
fdAclRoleRDN: ou=aclroles
fdRestrictRoleMembers: FALSE
fdSplitPostalAddress: FALSE
fdDisplayErrors: FALSE
fdLdapStats: FALSE
fdDebugLevel: 0
fdListSummary: TRUE
fdAclTabOnObjects: FALSE
fdDisplayHookOutput: FALSE
structuralObjectClass: fusionDirectoryConf
cn: config
entryUUID: fa2105f2-cf8f-103c-9ee6-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133256Z
fdDashboardNumberOfDigit: 3
fdDashboardPrefix: PC
fdDashboardExpiredAccountsDays: 15
fdOGroupRDN: ou=groups
fdForceSaslPasswordAsk: FALSE
objectClass: fusionDirectoryConf
objectClass: fdDashboardPluginConf
objectClass: fusionDirectoryPluginsConf
objectClass: fdPasswordRecoveryConf
fdPasswordRecoveryActivated: FALSE
fdPasswordRecoveryEmail: to.be@chang.ed
fdPasswordRecoveryValidity: 10
fdPasswordRecoverySalt: SomethingSecretAndVeryLong
fdPasswordRecoveryUseAlternate: FALSE
fdPasswordRecoveryLoginAttribute: uid
fdPasswordRecoveryMailSubject:: W0Z1c2lvbkRpcmVjdG9yeV0gTGllbiBkZSByw6lpbml0
aWFsaXNhdGlvbiBkdSBtb3QgZGUgcGFzc2U=
fdPasswordRecoveryMailBody:: Qm9uam91ciwKClZvaWNpIHZvcyBpbmZvcm1hdGlvbnMgOgo
tIElkZW50aWZpYW504oCvOiAlcwotIExpZW7igK86ICVzCgpDZSBsaWVuIGVzdCBzZXVsZW1lbn
QgdmFsaWRlIHBlbmRhbnQgMTAgbWludXRlcw==
fdPasswordRecoveryMail2Subject:: W0Z1c2lvbkRpcmVjdG9yeV0gUsOpaW5pdGlhbGlzYXR
pb24gZHUgbW90IGRlIHBhc3NlIHLDqXVzc2ll4oCvIQ==
fdPasswordRecoveryMail2Body:: Qm9uam91ciwKClZvdHJlIG1vdCBkZSBwYXNzZSBhIMOpdM
OpIGNoYW5nw6kuIApWb3RyZSBpZGVudGlmaWFudCBkZSBjb25uZXhpb24gZXN0IHRvdWpvdXJzI
CVzLg==
fusionConfigMd5: a757b5932e118edd99c930ce5cb6399b
fdGroupRDN: ou=groups
fdMinId: 100
fdUidNumberBase: 1100
fdGidNumberBase: 1100
fdIdAllocationMethod: traditional
fdShells: /bin/ash
fdShells: /bin/bash
fdShells: /bin/csh
fdShells: /bin/sh
fdShells: /bin/ksh
fdShells: /bin/tcsh
fdShells: /bin/dash
fdShells: /bin/zsh
fdShells: /sbin/nologin
fdShells: /bin/false
fdShells: /usr/bin/git-shell
fdDefaultShell: /bin/ash
entryCSN: 20220927084251.846088Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084251Z
dn: ou=aclroles,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: aclroles
structuralObjectClass: organizationalUnit
entryUUID: 05717270-cf90-103c-9ee8-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.120052Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: cn=admin,ou=aclroles,dc=labo51,dc=lan
objectClass: top
objectClass: gosaRole
cn: admin
description: Donne tous les droits sur tous les objets
gosaAclTemplate: 0:all;cmdrw
structuralObjectClass: gosaRole
entryUUID: 0571e12e-cf90-103c-9ee9-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.122882Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: ou=people,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: people
structuralObjectClass: organizationalUnit
entryUUID: 0573d402-cf90-103c-9eea-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.135652Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: uid=fd-admin,ou=people,dc=labo51,dc=lan
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
cn: System Administrator
sn: Administrator
givenName: System
uid: fd-admin
userPassword:: e1NTSEF9WFlPYlZ4bi96eEhkUkFZaWluZjRLaFZNeUJaa1hTQTM=
structuralObjectClass: inetOrgPerson
entryUUID: 0574800a-cf90-103c-9eeb-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.140056Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: cn=manager,ou=aclroles,dc=labo51,dc=lan
cn: manager
description: Donner tous les droits aux utilisateurs sur cette branche
objectClass: top
objectClass: gosaRole
gosaAclTemplate: 0:user/user;cmdrw,user/posixAccount;cmdrw
structuralObjectClass: gosaRole
entryUUID: 06db8bc8-cf90-103c-9eec-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133317Z
entryCSN: 20220923133317.493099Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133317Z
dn: cn=editowninfos,ou=aclroles,dc=labo51,dc=lan
cn: editowninfos
description:: UGVybWV0IGF1eCB1dGlsaXNhdGV1cnMgZCfDqWRpdGVyIGxldXJzIHByb3ByZX
MgaW5mb3JtYXRpb25zIChvbmdsZXRzIGfDqW7DqXJpcXVlIGV0IHBvc2l4LCDDoCBuJ3V0aWxpc
2VyIHF1ZSBzdXIgbGEgYmFzZSk=
objectClass: top
objectClass: gosaRole
gosaAclTemplate: 0:user/user;srw,user/posixAccount;srw
structuralObjectClass: gosaRole
entryUUID: 06dc1dcc-cf90-103c-9eed-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133317Z
entryCSN: 20220923133317.496837Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133317Z
dn: cn=editownpwd,ou=aclroles,dc=labo51,dc=lan
cn: editownpwd
description:: UGVybWV0IGF1eCB1dGlsaXNhdGV1cnMgZGUgY2hhbmdlciBsZXVyIG1vdCBkZS
BwYXNzZSAow6AgbuKAmXV0aWxpc2VyIHF1ZSBzdXIgbGEgYmFzZSk=
objectClass: top
objectClass: gosaRole
gosaAclTemplate: 0:user/user;s#userPassword;rw
structuralObjectClass: gosaRole
entryUUID: 06dc87d0-cf90-103c-9eee-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133317Z
entryCSN: 20220923133317.499552Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133317Z
dn: ou=recovery,ou=fusiondirectory,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: recovery
structuralObjectClass: organizationalUnit
entryUUID: 867ca16e-cf90-103c-9ef1-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133651Z
entryCSN: 20220923133651.619426Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133651Z
dn: ou=locks,ou=fusiondirectory,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: locks
structuralObjectClass: organizationalUnit
entryUUID: 89251e00-cf90-103c-9ef2-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133656Z
entryCSN: 20220923133656.079063Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133656Z
dn: ou=snapshots,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: snapshots
structuralObjectClass: organizationalUnit
entryUUID: d945fb3e-cf90-103c-9ef3-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133910Z
entryCSN: 20220923133910.512170Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133910Z
dn: uid=dpaul,ou=people,dc=labo51,dc=lan
cn: Paul Dubois
sn: Dubois
givenName: Paul
description: Polo
uid: dpaul
preferredLanguage: fr_FR
userPassword:: e1NTSEF9RkgrNnNtUnNxMGw3KzFDODB2MXNTQzJQVXJSZEttS0g=
structuralObjectClass: inetOrgPerson
entryUUID: 27e0f56e-cf91-103c-9ef4-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923134122Z
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
homeDirectory: /home/paul
gecos: Paul Dubois
loginShell: /bin/ash
uidNumber: 1101
gidNumber: 1002
shadowLastChange: 19262
entryCSN: 20220927084325.025161Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084325Z
dn: cn=fd-admin,dc=labo51,dc=lan
objectClass: posixGroup
cn: fd-admin
description: Groupe de l'utilisateur fd-admin
gidNumber: 1001
structuralObjectClass: posixGroup
entryUUID: ee847b00-cf91-103c-8113-87fb8d81eb6d
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923134655Z
entryCSN: 20220923134655.650648Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923134655Z
dn: cn=dpaul,dc=labo51,dc=lan
objectClass: posixGroup
cn: dpaul
description: Groupe de l'utilisateur dpaul
gidNumber: 1002
structuralObjectClass: posixGroup
entryUUID: 8474bbca-d28a-103c-8c1d-dbb4971e905b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927083124Z
entryCSN: 20220927083124.720185Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927083124Z
dn: uid=louis,ou=people,dc=labo51,dc=lan
cn: louis depres
sn: depres
givenName: louis
uid: louis
preferredLanguage: fr_FR
userPassword:: e1NTSEF9b2dhU25CWlNEWkFUekVIVXJsSXR4NFFEbGM2QURCNVk=
structuralObjectClass: inetOrgPerson
entryUUID: 4dee1eb4-d28c-103c-8125-f3f3a5e1910b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927084412Z
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
homeDirectory: /home/louis
gecos: louis depres
loginShell: /bin/ash
uidNumber: 1102
gidNumber: 1101
shadowLastChange: 19262
entryCSN: 20220927084412.248333Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084412Z
dn: ou=groups,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: groups
structuralObjectClass: organizationalUnit
entryUUID: 4defab8a-d28c-103c-8128-f3f3a5e1910b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927084412Z
entryCSN: 20220927084412.244637Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084412Z
dn: cn=louis,ou=groups,dc=labo51,dc=lan
objectClass: posixGroup
cn: louis
description: Groupe de l'utilisateur louis
gidNumber: 1101
structuralObjectClass: posixGroup
entryUUID: 4defde70-d28c-103c-8129-f3f3a5e1910b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927084412Z
entryCSN: 20220927084412.245939Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084412Z

16
Sio2/SISR/20-ldap/local.php Normal file
View File

@ -0,0 +1,16 @@
<?php
$conf['title'] = 'labo2 ps wiki';
$conf['lang'] = 'fr';
$conf['license'] = 'cc-by-sa';
$conf['useacl'] = 1;
$conf['authtype'] = 'authldap';
$conf['superuser'] = '@admin';
$conf['disableactions'] = 'register';
$conf['plugin']['authldap']['server'] = 'ldap://localhost:389';
$conf['plugin']['authldap']['usertree'] = 'ou=people,dc=labo51,dc=lan';
$conf['plugin']['authldap']['grouptree'] = 'ou=groups,dc=labo51,dc=lan';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))';
$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{user}))';
$conf['plugin']['authldap']['version'] = 3;
$conf['plugin']['authldap']['debug'] = 1;
$conf['plugin']['authldap']['passcrypt'] = 'ssha';

23
Sio2/SISR/30-python/creatusr.py Executable file
View File

@ -0,0 +1,23 @@
#!/usr/bin/python3
import sys
try:
user = open("user.txt", "r")
except:
print ("Fichier utilisateur inconnu")
else:
line = user.readline ()
maligne = line.rstrip()
# print (line)
while maligne:
(login, complet) = maligne.split(":")
print (login)
print (complet)
line = user.readline()
maligne = line.rstrip()
#print (line)
user.close()

39
Sio2/SISR/30-python/creatusr2.py Executable file
View File

@ -0,0 +1,39 @@
#!/usr/bin/python3
import sys
#print "Nom du programme : ", sys.argv[0]
#print "Nombre d'arguments: ", len(sys.argv)
#print "Les arguments sont : " , str(sys.argv)
if len(sys.argv) !=2:
msg = "Usage : " + sys.argv[0] + " <fichier.txt>"
print (msg, file=sys.stderr)
sys.exit(1)
filename = sys.argv[1]
try:
file = open(filename , "r")
except:
msg = "Erreur ouverture fichier " + filename
print (msg ,file=sys.stderr)
else:
line = file.readline ()
maligne = line.rstrip()
while maligne:
(login, complet) = maligne.split(":")
print (login)
print (complet)
commande = "useradd --create-home --home-dir /home"+ login + " --shell /bin/bash --comment \"" + complet + "\" " + login
print (commande)
print (" ")
line = file.readline()
maligne = line.rstrip()
#print (line)
file.close()

41
Sio2/SISR/30-python/creatusr3.py Executable file
View File

@ -0,0 +1,41 @@
#!/usr/bin/python3
import sys
#print "Nom du programme : ", sys.argv[0]
#print "Nombre d'arguments: ", len(sys.argv)
#print "Les arguments sont : " , str(sys.argv)
if len(sys.argv) !=2:
msg = "Usage : " + sys.argv[0] + " <fichier.txt>"
print (msg, file=sys.stderr)
sys.exit(1)
filename = sys.argv[1]
try:
file = open(filename , "r")
except:
msg = "Erreur ouverture fichier " + filename
print (msg ,file=sys.stderr)
else:
line = file.readline ()
maligne = line.rstrip()
while maligne:
(login, complet) = maligne.split(":")
print (login)
print (complet)
cmd = ('getent passwd', login)
res=subprocess.run(cmd.split(),stdout=subprocess.PIPE)
commande = "useradd --create-home --home-dir /home"+ login + " --shell /bin/bash --comment \"" + complet + "\" " + login
print (commande)
print (" ")
line = file.readline()
maligne = line.rstrip()
#print (line)
file.close()

44
Sio2/SISR/30-python/creatusr4.py Normal file
View File

@ -0,0 +1,44 @@
#!/usr/bin/python3
# ne marche pas
import sys
import os
import pwd
import subprocess
#print ("Nom du programme : ", sys.argv[0])
#print ("Nombre d'arguments: ", len(sys.argv))
#print ("Les arguments sont : " , str(sys.argv))
if len(sys.argv) != 2:
msg= ("Usage : " + sys.argv[0] + " <fichier.txt>")
print(msg ,file=sys.stderr)
sys.exit(1)
filename = sys.argv[1]
try:
file= open(filename , "r")
except:
msg = ("Erreur ouverture fichier " + filename)
print(msg ,file=sys.stderr)
else:
line = file.readline()
linee = line.rstrip()
while linee:
(login, complet) = linee.split(":")
cmd="getent passwd " + login
res= subprocess.run(cmd.split(),stdout=subprocess.PIPE)
res2= (res.stdout.decode("utf8"))
if not res2 :
commande = "useradd --create-home --home-dir /home/"+ login + " --shell /bin/bash --comment \"" + complet + "\" " + login
res3= os.system(commande)
else :
print("Utilisateur " + login + " existant" )
line = file.readline()
linee = line.rstrip()
file.close()

28
Sio2/SISR/30-python/log.py Executable file
View File

@ -0,0 +1,28 @@
#!/usr/bin/python3
import sys
import re
volip = {}
cpthit = {}
regexp = "^(\S+) (\S+) (\S+) \[([^]]+)\] \"(\w+) (\S+).*\" (\d+) (\S+)"
for line in sys.stdin: # on lit sur lentrée standard
line = line.rstrip () # on enleve le retour ligne
res = re.match (regexp, line)
if res:
(host, rfc931, user, date, request, url, status, byte) = res.groups()
host = res.group (1)
byte = int(res.group (8))
#print ('host : ', host, ' byte : ', byte)
if host not in volip:
volip[host] = byte
cpthit[host] = 1
else:
volip[host] = volip[host] + byte
cpthit[host] = cpthit[host] + 1
for addr in sorted(volip.keys()):
print ("VOLUME : ", addr, " : ", volip[addr],";;; HIT : ", cpthit[addr])
#for hit in sorted(cpthit.keys()):
# print (hit, " : ", cpthit[hit])

2
Sio2/SISR/30-python/prog.py Executable file
View File

@ -0,0 +1,2 @@
#!/usr/bin/python3
print ("Bonjour.")

4
Sio2/SISR/30-python/prog1.py Executable file
View File

@ -0,0 +1,4 @@
#!/usr/bin/python3
rayon=float(input("Saisir le rayon : "))
peri=(2*3.141592*rayon)
print ("Le périmètre vaut : ", peri, "cm")

30
Sio2/SISR/30-python/prog2.py Executable file
View File

@ -0,0 +1,30 @@
#!/usr/bin/python3
tableau=[]
nb=int(input("Combien de nombre dans le tableau : "))
for i in range (nb):
valeur=int(input("Saisir un nombre : "))
tableau.append(valeur)
min = tableau[0]
max = tableau[0]
moy = 0
for valeur in tableau:
if valeur < min:
min = valeur
if valeur > max:
max = valeur
moy = moy + valeur
moy = moy/nb
for valeur in tableau:
print (valeur)
print ("La moyenne est : ", moy)
print ("Le plus petit élément est : ", min)
print ("Le plus grand élément est : ", max)

14
Sio2/SISR/30-python/prog3.py Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/python3
phrase = str(input("Entrez votre phrase : "))
tabmots = phrase.split(" ")
cptmots = {}
for mot in tabmots:
if not mot in cptmots:
cptmots[mot] = 1
else:
cptmots[mot] = cptmots[mot] + 1
for mot in cptmots.keys():
print(mot, ":", cptmots[mot])

1816
Sio2/SISR/30-python/resul.txt Normal file
View File

File diff suppressed because it is too large Load Diff

4
Sio2/SISR/30-python/user.txt Normal file
View File

@ -0,0 +1,4 @@
lucien:Lucien Dubois
claudine:Claudine Dupont
robert:Robert Dupond
anthony:Anthony Arnoux

6
Sio2/SISR/40-ansible/hosts Normal file
View File

@ -0,0 +1,6 @@
[adm]
infra
[web]
web1
web2

1
Sio2/SISR/40-ansible/index.html Normal file
View File

@ -0,0 +1 @@
coucou les loulous

24
Sio2/SISR/40-ansible/rsyslog.yml Normal file
View File

@ -0,0 +1,24 @@
---
- hosts: infra
tasks:
- name: decommente le chargement du module imudp dans rsyslog.conf
replace:
path: /etc/rsyslog.conf
regexp: '^#module\(load="imudp"\)'
replace: 'module(load="imudp")'
backup: true
notify: Restart Rsyslog
- name: decommente le chargement du module imudp dans rsyslog.conf
replace:
path: /etc/rsyslog.conf
regexp: '^#input\(type="imudp" port="514"\)'
replace: 'input(type="imudp" port="514")'
backup: true
notify: Restart Rsyslog
handlers:
- name: Restart Rsyslog
service:
name: rsyslog
state: restarted

45
Sio2/SISR/40-ansible/rsyslogcli.yml Normal file
View File

@ -0,0 +1,45 @@
---
- hosts: web
tasks:
- name: decommente forwardtosyslog dans journald.conf
replace:
path: /etc/systemd/journald.conf
regexp: '^#ForwardToSyslog=yes'
replace: 'ForwardToSyslog=yes'
backup: true
notify: Restart journald
- name: modifier RateLimitInterval dans journald.conf
replace:
path: /etc/systemd/journald.conf
regexp: '^#RateLimitIntervalSec=30s'
replace: 'RateLimitIntervalSec=0'
backup: true
notify: Restart journald
- name: modifier RateLimitBurst dans journald.conf
replace:
path: /etc/systemd/journald.conf
regexp: '^#RateLimitBurst=10000'
replace: 'RateLimitBurst=0'
backup: true
notify: Restart journald
- name: deplacer log vers un serveur distant
lineinfile:
path: /etc/rsyslog.conf
line: '*.* @192.168.0.24:514'
backup: true
notify: Restart rsyslog
handlers:
- name: Restart journald
service:
name: systemd-journald.service
state: restarted
- name: Restart rsyslog
service:
name: rsyslog
state: restarted

8567
Sio2/SISR/40-ansible/squid.conf.j2 Normal file
View File

File diff suppressed because it is too large Load Diff

30
Sio2/SISR/40-ansible/squid.yml Normal file
View File

@ -0,0 +1,30 @@
---
- hosts: adm
vars:
- proxy_port: 8080
- proxy_mem: 128
- localnet: "192.168.0.0/24"
tasks:
- name: installation squid
apt:
name: squid
state: present
- name: generation fichier de conf à partir de la template
template:
src: squid.conf.j2
dest: /etc/squid/squid.conf
mode: 0644
backup: true
notify: restart squid
handlers:
- name: restart squid
service:
name: squid
state: restarted
# - name: recuperer fichier de conf squid
# fetch:
# src: /etc/squid/squid.conf
# dest: ./squid.conf

23
Sio2/SISR/40-ansible/web.yml Normal file
View File

@ -0,0 +1,23 @@
---
- hosts: all
tasks:
- name: 1. installe Apache
apt:
name: apache2
state: present
- name: 2. installe PHP pour Apache
apt:
name: php
state: present
- name: 3. installe php-mbstring
apt:
name: php-mbstring
state: present
- name: 4. installe index.html
copy:
src: index.html
dest: /var/www/html/index.html
mode: 0664