louis.depres/SioTP
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: louis.depres:v1
Branches Tags
louis.depres:master
louis.depres:v2.0.11 louis.depres:v2.0.10 louis.depres:v2.0.9 louis.depres:v2.0.8 louis.depres:V2.0.7 louis.depres:V2.0.6-b louis.depres:V2.0.6 louis.depres:v2.0.4 louis.depres:v2.0.3 louis.depres:v.2.0.5 louis.depres:v2.0.2 louis.depres:v2.0.1 louis.depres:v2.0.0 louis.depres:v0.12.6 louis.depres:v0.1.15 louis.depres:v1 louis.depres:v0.5b louis.depres:v0.5 louis.depres:v0.1.5c louis.depres:v0.1.5b louis.depres:v0.1.5 louis.depres:v1.0.0 louis.depres:v0.1 louis.depres:v0.1.0
..
compare: louis.depres:V2.0.6
Branches Tags
louis.depres:master
louis.depres:v2.0.11 louis.depres:v2.0.10 louis.depres:v2.0.9 louis.depres:v2.0.8 louis.depres:V2.0.7 louis.depres:V2.0.6-b louis.depres:V2.0.6 louis.depres:v2.0.4 louis.depres:v2.0.3 louis.depres:v.2.0.5 louis.depres:v2.0.2 louis.depres:v2.0.1 louis.depres:v2.0.0 louis.depres:v0.12.6 louis.depres:v0.1.15 louis.depres:v1 louis.depres:v0.5b louis.depres:v0.5 louis.depres:v0.1.5c louis.depres:v0.1.5b louis.depres:v0.1.5 louis.depres:v1.0.0 louis.depres:v0.1 louis.depres:v0.1.0

14 Commits
v1 ... V2.0.6

Author SHA1 Message Date
Louis
62052834f9 Debut Ansible 2022-10-11 08:11:15 +02:00
louis
6a287b8ee7 Fin Python 2022-09-30 14:38:24 +02:00
louis
20f4f4f183 Log 2022-09-29 11:50:14 +02:00
louis
bef3ed97e7 Creatusr v2 2022-09-29 09:47:20 +02:00
louis
72aba346b9 Python V1 2022-09-28 17:50:16 +02:00
Louis
7a35ccf29e LDAP 2022-09-27 10:55:55 +02:00
root
e016dc6130 Nagios 2 2022-09-26 11:45:51 +02:00
root
0f66776b09 Nagios 2022-09-21 16:25:13 +02:00
root
9081a57724 Vagrant 2022-09-14 17:29:38 +02:00
Louis Déprés
fb96e78a4b Haproxy 2022-09-14 15:41:48 +02:00
Louis Depres
012407dd2e Scipt Install 2022-05-20 10:20:14 +02:00
Louis Depres
7bdf92ee3f Push Installation WordPress 2022-05-12 08:36:23 +02:00
“Louis
cf5a0c494f Merge branch 'master' of https://gitea.lyc-lecastel.fr/louis.depres/SioTP 2022-04-07 11:01:51 +02:00
“Louis
12f3bb7c25 Lynis 2022-04-07 11:01:33 +02:00
31 changed files with 13206 additions and 0 deletions
Expand all files Collapse all files

32
Sio1/AP22/installation.sh Executable file
View File

@ -0,0 +1,32 @@
glpirel="9.5.7"
dest=/var/www/html
apt update
apt install -y mariadb-server
apt install -y apache2 php php-mysql php-gd php-ldap php-mbstring php-curl php-xml php-imap php-apcu php-cas
wget -nc "https://github.com/glpi-project/glpi/releases/download/${glpirel}/glpi-${glpirel}.tgz"
tar xvfz glpi-${glpirel}.tgz -C ${dest}
cd ${dest}/glpi
chown -R www-data:www-data lib config plugins files
chown www-data:www-data ${dest}/glpi
cd ${dest}/glpi/plugins
wget -nc https://github.com/fusioninventory/fusioninventory-for-glpi/releases/download/glpi9.5%2B4.0/fusioninventory-9.5+4.0.tar.bz2
bzip2 -d fusioninventory-9.5+4.0.tar.bz2
tar xvf fusioninventory-9.5+4.0.tar
chown -R www-data:www-data ${dest}/glpi/plugins
mkdir ${dest}/ficlients
cd ${dest}/ficlients
#wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/2.5.2/fusioninventory-agent_windows-x86_2.5.2.exe
#wget -nc https://github.com/fusioninventory/fusioninventory-agent/releases/download/2.5.2/fusioninventory-agent_windows-x64_2.5.2.exe
wget -nc https://github.com/glpi-project/glpi-agent/releases/download/1.2/GLPI-Agent-1.2-x64.msi
chmod -R 755 ${dest}/ficlients
systemctl restart apache2

22
Sio1/AP22/installationword.sh Executable file
View File

@ -0,0 +1,22 @@
apt update
apt install -y mariadb-server
apt install -y apache2 php php-mysql php-gd php-ldap php-mbstring php-curl php-xml php-imap php-apcu php-cas
sudo systemctl restart apache2
sudo nano /etc/apache2/sites-available/wordpress.conf
sudo a2enmod rewrite
sudo apache2ctl configtest
sudo systemctl restart apache2
cd /tmp
wget -O https://fr.wordpress.org/latest-fr_FR.tar.gz
tar xzvf latest-fr_FR.tar.gz
touch /tmp/wordpress/.htaccess
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
mkdir /tmp/wordpress/wp-content/upgrade
sudo cp -a /tmp/wordpress/. /var/www/wordpress
sudo chown -R www-data:www-data /var/www/wordpress
wget https://api.wordpress.org/secret-key/1.1/salt/
sudo nano /var/www/wordpress/wp-config.php
cd /var/www/wordpress/
cp -r wordpress/ /var/www/html/
sudo find /var/www/html/wordpress/ -type d -exec chmod 750 {} \;
sudo find /var/www/html/wordpress/ -type f -exec chmod 640 {} \;

7464
Sio1/SISR1/lynis.log Normal file
View File

File diff suppressed because it is too large Load Diff

422
Sio2/CYBER/10-Nagios/cgi.cfg Normal file
View File

@ -0,0 +1,422 @@
#################################################################
#
# CGI.CFG - Sample CGI Configuration File for Nagios 4.4.6
#
#
#################################################################
# MAIN CONFIGURATION FILE
# This tells the CGIs where to find your main configuration file.
# The CGIs will read the main and host config files for any other
# data they might need.
main_config_file=/etc/nagios4/nagios.cfg
# PHYSICAL HTML PATH
# This is the path where the HTML files for Nagios reside. This
# value is used to locate the logo images needed by the statusmap
# and statuswrl CGIs.
physical_html_path=/usr/share/nagios4/htdocs
# URL HTML PATH
# This is the path portion of the URL that corresponds to the
# physical location of the Nagios HTML files (as defined above).
# This value is used by the CGIs to locate the online documentation
# and graphics. If you access the Nagios pages with an URL like
# http://www.myhost.com/nagios, this value should be '/nagios'
# (without the quotes).
url_html_path=/nagios4
# CONTEXT-SENSITIVE HELP
# This option determines whether or not a context-sensitive
# help icon will be displayed for most of the CGIs.
# Values: 0 = disables context-sensitive help
# 1 = enables context-sensitive help
show_context_help=0
# PENDING STATES OPTION
# This option determines what states should be displayed in the web
# interface for hosts/services that have not yet been checked.
# Values: 0 = leave hosts/services that have not been check yet in their original state
# 1 = mark hosts/services that have not been checked yet as PENDING
use_pending_states=1
# AUTHENTICATION USAGE
# This option controls whether or not the CGIs will use any
# authentication when displaying host and service information, as
# well as committing commands to Nagios for processing.
#
# Read the HTML documentation to learn how the authorization works!
#
# NOTE: It is a really *bad* idea to disable authorization, unless
# you plan on removing the command CGI (cmd.cgi)! Failure to do
# so will leave you wide open to kiddies messing with Nagios and
# possibly hitting you with a denial of service attack by filling up
# your drive by continuously writing to your command file!
#
# Setting this value to 0 will cause the CGIs to *not* use
# authentication (bad idea), while any other value will make them
# use the authentication functions (the default).
use_authentication=1
# x509 CERT AUTHENTICATION
# When enabled, this option allows you to use x509 cert (SSL)
# authentication in the CGIs. This is an advanced option and should
# not be enabled unless you know what you're doing.
use_ssl_authentication=0
# DEFAULT USER
# Setting this variable will define a default user name that can
# access pages without authentication. This allows people within a
# secure domain (i.e., behind a firewall) to see the current status
# without authenticating. You may want to use this to avoid basic
# authentication if you are not using a secure server since basic
# authentication transmits passwords in the clear.
#
# Important: Do not define a default username unless you are
# running a secure web server and are sure that everyone who has
# access to the CGIs has been authenticated in some manner! If you
# define this variable, anyone who has not authenticated to the web
# server will inherit all rights you assign to this user!
#default_user_name=guest
# SYSTEM/PROCESS INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# have access to viewing the Nagios process information as
# provided by the Extended Information CGI (extinfo.cgi). By
# default, *no one* has access to this unless you choose to
# not use authorization. You may use an asterisk (*) to
# authorize any user who has authenticated to the web server.
authorized_for_system_information=nagiosadmin
# CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view ALL configuration information (hosts, commands, etc).
# By default, users can only view configuration information
# for the hosts and services they are contacts for. You may use
# an asterisk (*) to authorize any user who has authenticated
# to the web server.
authorized_for_configuration_information=nagiosadmin
# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands to Nagios via the
# command CGI (cmd.cgi). Users in this list can also change
# the program mode to active or standby. By default, *no one*
# has access to this unless you choose to not use authorization.
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.
authorized_for_system_commands=nagiosadmin
# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored. By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
# GLOBAL HOST/SERVICE COMMAND ACCESS
# These two options are comma-delimited lists of all usernames that
# can issue host or service related commands via the command
# CGI (cmd.cgi) for all hosts and services that are being monitored.
# By default, users can only issue commands for hosts or services
# that they are contacts for (unless you you choose to not use
# authorization). You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin
# READ-ONLY USERS
# A comma-delimited list of usernames that have read-only rights in
# the CGIs. This will block any service or host commands normally shown
# on the extinfo CGI pages. It will also block comments from being shown
# to read-only users.
#authorized_for_read_only=user1,user2
# STATUSMAP BACKGROUND IMAGE
# This option allows you to specify an image to be used as a
# background in the statusmap CGI. It is assumed that the image
# resides in the HTML images path (i.e. /usr/local/nagios/share/images).
# This path is automatically determined by appending "/images"
# to the path specified by the 'physical_html_path' directive.
# Note: The image file may be in GIF, PNG, JPEG, or GD2 format.
# However, I recommend that you convert your image to GD2 format
# (uncompressed) but ONLY IF YOU WILL USE THE LEGACY MAP EXCLUSIVELY,
# as this will cause less CPU load when the CGI generates the image.
#statusmap_background_image=smbackground.gd2
# STATUSMAP TRANSPARENCY INDEX COLOR
# These options set the r,g,b values of the background color used the statusmap CGI,
# so normal browsers that can't show real png transparency set the desired color as
# a background color instead (to make it look pretty).
# Defaults to white: (R,G,B) = (255,255,255).
#color_transparency_index_r=255
#color_transparency_index_g=255
#color_transparency_index_b=255
# DEFAULT STATUSMAP LAYOUT METHOD
# This option allows you to specify the default layout method
# the statusmap CGI should use for drawing hosts. If you do
# not use this option, the default for the legacy map is to use
# user-defined coordinates and the default for the new map is "6"
# (Circular Balloon).
# Valid options for the legacy map are as follows:
# 0 = User-defined coordinates
# 1 = Depth layers
# 2 = Collapsed tree
# 3 = Balanced tree
# 4 = Circular
# 5 = Circular (Marked Up)
# Valid options for the new map are as follows:
# 0 = User-defined coordinates
# 1 = Depth Layers (Horizontal)
# 2 = Collapsed tree (Horizontal)
# 3 = Balanced tree (Horizontal)
# 4 = DON'T USE
# 5 = Circular Markup
# 6 = Circular Balloon
# 7 = Balanced tree (Vertical)
# 8 = Collapsed tree (Vertical)
# 9 = Depth Layers (Vertical)
# 10 = Force Map
#default_statusmap_layout=6
# DEFAULT STATUSWRL LAYOUT METHOD
# This option allows you to specify the default layout method
# the statuswrl (VRML) CGI should use for drawing hosts. If you
# do not use this option, the default is to use user-defined
# coordinates. Valid options are as follows:
# 0 = User-defined coordinates
# 2 = Collapsed tree
# 3 = Balanced tree
# 4 = Circular
default_statuswrl_layout=4
# STATUSWRL INCLUDE
# This option allows you to include your own objects in the
# generated VRML world. It is assumed that the file
# resides in the HTML path (i.e. /usr/local/nagios/share).
#statuswrl_include=myworld.wrl
# PING SYNTAX
# This option determines what syntax should be used when
# attempting to ping a host from the WAP interface (using
# the statuswml CGI. You must include the full path to
# the ping binary, along with all required options. The
# $HOSTADDRESS$ macro is substituted with the address of
# the host before the command is executed.
# Please note that the syntax for the ping binary is
# notorious for being different on virtually ever *NIX
# OS and distribution, so you may have to tweak this to
# work on your system.
ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$
# REFRESH RATE
# This option allows you to specify the refresh rate in seconds
# of various CGIs (status, statusmap, extinfo, and outages).
refresh_rate=90
# PAGE TOUR
# Enable page tour for helpful tips and tricks on various pages
#enable_page_tour=1
# DEFAULT PAGE LIMIT
# This option allows you to specify the default number of results
# displayed on the status.cgi. This number can be adjusted from
# within the UI after the initial page load. Setting this to 0
# will show all results.
result_limit=100
# ESCAPE HTML TAGS
# This option determines whether HTML tags in host and service
# status output is escaped in the web interface. If enabled,
# your plugin output will not be able to contain clickable links.
escape_html_tags=1
# SOUND OPTIONS
# These options allow you to specify an optional audio file
# that should be played in your browser window when there are
# problems on the network. The audio files are used only in
# the status CGI. Only the sound for the most critical problem
# will be played. Order of importance (higher to lower) is as
# follows: unreachable hosts, down hosts, critical services,
# warning services, and unknown services. If there are no
# visible problems, the sound file optionally specified by
# 'normal_sound' variable will be played.
#
#
# <varname>=<sound_file>
#
# Note: All audio files must be placed in the /media subdirectory
# under the HTML path (i.e. /usr/local/nagios/share/media/).
#host_unreachable_sound=hostdown.wav
#host_down_sound=hostdown.wav
#service_critical_sound=critical.wav
#service_warning_sound=warning.wav
#service_unknown_sound=warning.wav
#normal_sound=noproblem.wav
# URL TARGET FRAMES
# These options determine the target frames in which notes and
# action URLs will open.
action_url_target=_blank
notes_url_target=_blank
# LOCK AUTHOR NAMES OPTION
# This option determines whether users can change the author name
# when submitting comments, scheduling downtime. If disabled, the
# author names will be locked into their contact name, as defined in Nagios.
# Values: 0 = allow editing author names
# 1 = lock author names (disallow editing)
lock_author_names=1
# SPLUNK INTEGRATION OPTIONS
# These options allow you to enable integration with Splunk
# in the web interface. If enabled, you'll be presented with
# "Splunk It" links in various places in the CGIs (log file,
# alert history, host/service detail, etc). Useful if you're
# trying to research why a particular problem occurred.
# For more information on Splunk, visit http://www.splunk.com/
# This option determines whether the Splunk integration is enabled
# Values: 0 = disable Splunk integration
# 1 = enable Splunk integration
#enable_splunk_integration=1
# This option should be the URL used to access your instance of Splunk
#splunk_url=http://127.0.0.1:8000/
# NAVIGATION BAR SEARCH OPTIONS
# The following options allow to configure the navbar search. Default
# is to search for hostnames. With enabled navbar_search_for_addresses,
# the navbar search queries IP addresses as well. It's also possible
# to enable search for aliases by setting navbar_search_for_aliases=1.
navbar_search_for_addresses=1
navbar_search_for_aliases=1
# DEFAULTS FOR CHECKBOXES FOR ACKNOWLEDGEMENTS
# Enabling ack_no_sticky will default the "Sticky Acknowledgement" to
# be unchecked.
# Enabling ack_no_send will default the "Send Notification" to
# be unchecked.
#ack_no_sticky=0
#ack_no_send=0
# SHOW ONLY HARD STATES IS TACTICAL OVERVIEW
# This option controls whether only HARD states are counted on the
# Tactical Overview, or if both HARD and SOFT states are counted.
# Set to 1 to show only HARD states. Defaults to 0 (HARD+SOFT).
#tac_cgi_hard_only=0
# COMMAND COMMENTS
# These options control whether or not comments are required, optional,
# or not allowed for specific commands. The format for each line is:
# cmd-name=req,def-comment
#
# cmd-name is "CMT_" plus a command such as ADD_HOST_COMMENT
# req 0 = not allowed, 1 = optional, 2 = required
# def-comment optional default comment that will be put in the input field
#
# The following examples override the default comment requirements in
# some way.
#CMT_ADD_HOST_COMMENT=1
#CMT_ACKNOWLEDGE_HOST_PROBLEM=2,"Problem is being looked into"
#CMT_SCHEDULE_SVC_CHECK=1
#CMT_SCHEDULE_HOST_DOWNTIME=0

32
Sio2/CYBER/10-Nagios/gwsio5.cfg Normal file
View File

@ -0,0 +1,32 @@
###############################################################################
# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
#
# NOTE: This config file is intended to serve as an *extremely* simple
# example of how you can create configuration entries to monitor
# the local (Linux) machine.
#
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
# Define a host for the local machine
define host {
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name gwsio5
alias gwsio5
address 192.168.0.1
# hostgroup_name linux-servers
}

188
Sio2/CYBER/10-Nagios/localhost.cfg Normal file
View File

@ -0,0 +1,188 @@
###############################################################################
# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
#
# NOTE: This config file is intended to serve as an *extremely* simple
# example of how you can create configuration entries to monitor
# the local (Linux) machine.
#
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
# Define a host for the local machine
define host {
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name localhost
alias localhost
address 127.0.0.1
}
###############################################################################
#
# HOST GROUP DEFINITION
#
###############################################################################
# Define an optional hostgroup for Linux machines
define hostgroup {
hostgroup_name linux-servers ; The name of the hostgroup
alias Linux Servers ; Long name of the group
members localhost, srv, gwsio5, ns ; Comma separated list of hosts that belong to this group
}
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Define a service to "ping" the local machine
define service {
use local-service ; Name of service template to use
hostgroup_name linux-servers
service_description PING
check_command check_ping!100.0,20%!500.0,60%
notifications_enabled 1
}
# Define a service to check the disk space of the root partition
# on the local machine. Warning if < 20% free, critical if
# < 10% free space on partition.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Root Partition
check_command check_local_disk!20%!10%!/
}
# Define a service to check the number of currently logged in
# users on the local machine. Warning if > 20 users, critical
# if > 50 users.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Current Users
check_command check_local_users!20!50
}
# Define a service to check the number of currently running procs
# on the local machine. Warning if > 250 processes, critical if
# > 400 processes.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Total Processes
check_command check_local_procs!250!400!RSZDT
}
# Define a service to check the load on the local machine.
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Current Load
check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}
# Define a service to check the swap usage the local machine.
# Critical if less than 10% of swap is free, warning if less than 20% is free
define service {
use local-service ; Name of service template to use
host_name localhost
service_description Swap Usage
check_command check_local_swap!20%!10%
}
# Define a service to check SSH on the local machine.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service {
use local-service ; Name of service template to use
# host_name localhost
hostgroup_name linux-servers
service_description SSH
check_command check_ssh
notifications_enabled 1
}
# Define a service to check HTTP on the local machine.
# Disable notifications for this service by default, as not all users may have HTTP enabled.
define service {
use local-service ; Name of service template to use
#host_name localhost
hostgroup_name linux-servers
service_description HTTP
check_command check_http
notifications_enabled 1
}
define service {
use generic-service ;Use generic-service template
hostgroup_name linux-servers ; S'applique au groupe en question
service_description chk-lin-load ; Nom du service
check_command check_lin_load!public!--v2c!netsl!3,2,2!3,2,2 ; Command
}
define service {
use generic-service ;Use generic-service template
hostgroup_name linux-servers ; S'applique au groupe en question
service_description chk-lin-mem ; Nom du service
check_command check_lin_mem!public!--v2c!70%,80%!90%,95% ; Command
}
define service{
use generic-service
hostgroup_name linux-servers
service_description chk-dns-ext
check_command check_dns_ext
}

1391
Sio2/CYBER/10-Nagios/nagios.cfg Normal file
View File

File diff suppressed because it is too large Load Diff

28
Sio2/CYBER/10-Nagios/nagios4-cgi.conf Normal file
View File

@ -0,0 +1,28 @@
ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4
ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4
Alias /nagios4/stylesheets /etc/nagios4/stylesheets
Alias /nagios4 /usr/share/nagios4/htdocs
<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
Options FollowSymLinks
DirectoryIndex index.php index.html
AllowOverride AuthConfig
AuthDigestDomain "nagios4"
AuthDigestProvider file
AuthUserFile "/etc/nagios4/htdigest.users"
AuthGroupFile "/etc/group"
AuthName "Restricted Nagios4 Access"
AuthType Digest
Require valid-user
</DirectoryMatch>
<Directory /usr/share/nagios4/htdocs>
Options +ExecCGI
</Directory>
<Directory /usr/lib/cgi-bin/nagios4>
Options +ExecCGI
AddHandler cgi-script .cgi
</Directory>

31
Sio2/CYBER/10-Nagios/srv.cfg Normal file
View File

@ -0,0 +1,31 @@
###############################################################################
# LOCALHOST.CFG - SAMPLE OBJECT CONFIG FILE FOR MONITORING THIS MACHINE
#
#
# NOTE: This config file is intended to serve as an *extremely* simple
# example of how you can create configuration entries to monitor
# the local (Linux) machine.
#
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
# Define a host for the local machine
define host {
use linux-server ; Name of host template to use
; This host definition will inherit all variables that are defined
; in (or inherited by) the linux-server host template definition.
host_name srv
alias srv
address 192.168.0.25
}

46
Sio2/SISR/10-haproxy/haproxy.cfg Normal file
View File

@ -0,0 +1,46 @@
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend rserve_frontend
bind 192.168.0.44:80
# mode tcp
# option tcplog
# timeout client 1m
default_backend rserve_backend
backend rserve_backend
server rserve1 172.16.1.1:80 check
server rserve2 172.16.1.2:80 check

131
Sio2/SISR/20-ldap/doku.php Normal file
View File

@ -0,0 +1,131 @@
<?php
/**
* DokuWiki mainscript
*
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
* @author Andreas Gohr <andi@splitbrain.org>
*
* @global Input $INPUT
*/
// update message version - always use a string to avoid localized floats!
use dokuwiki\Extension\Event;
$updateVersion = "53";
// xdebug_start_profiling();
if(!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__).'/');
// define all DokuWiki globals here (needed within test requests but also helps to keep track)
global $ACT, $INPUT, $QUERY, $ID, $REV, $DATE_AT, $IDX,
$DATE, $RANGE, $HIGH, $TEXT, $PRE, $SUF, $SUM, $INFO, $JSINFO;
if(isset($_SERVER['HTTP_X_DOKUWIKI_DO'])) {
$ACT = trim(strtolower($_SERVER['HTTP_X_DOKUWIKI_DO']));
} elseif(!empty($_REQUEST['idx'])) {
$ACT = 'index';
} elseif(isset($_REQUEST['do'])) {
$ACT = $_REQUEST['do'];
} else {
$ACT = 'show';
}
// load and initialize the core system
require_once(DOKU_INC.'inc/init.php');
//import variables
$INPUT->set('id', str_replace("\xC2\xAD", '', $INPUT->str('id'))); //soft-hyphen
$QUERY = trim($INPUT->str('q'));
$ID = getID();
$REV = $INPUT->int('rev');
$DATE_AT = $INPUT->str('at');
$IDX = $INPUT->str('idx');
$DATE = $INPUT->int('date');
$RANGE = $INPUT->str('range');
$HIGH = $INPUT->param('s');
if(empty($HIGH)) $HIGH = getGoogleQuery();
if($INPUT->post->has('wikitext')) {
$TEXT = cleanText($INPUT->post->str('wikitext'));
}
$PRE = cleanText(substr($INPUT->post->str('prefix'), 0, -1));
$SUF = cleanText($INPUT->post->str('suffix'));
$SUM = $INPUT->post->str('summary');
//parse DATE_AT
if($DATE_AT) {
$date_parse = strtotime($DATE_AT);
if($date_parse) {
$DATE_AT = $date_parse;
} else { // check for UNIX Timestamp
$date_parse = @date('Ymd',$DATE_AT);
if(!$date_parse || $date_parse === '19700101') {
msg(sprintf($lang['unable_to_parse_date'], hsc($DATE_AT)));
$DATE_AT = null;
}
}
}
//check for existing $REV related to $DATE_AT
if($DATE_AT) {
$pagelog = new \dokuwiki\ChangeLog\PageChangeLog($ID);
$rev_t = $pagelog->getLastRevisionAt($DATE_AT);
if($rev_t === '') { //current revision
$REV = null;
$DATE_AT = null;
} else if ($rev_t === false) { //page did not exist
$rev_n = $pagelog->getRelativeRevision($DATE_AT,+1);
msg(
sprintf(
$lang['page_nonexist_rev'],
dformat($DATE_AT),
wl($ID, array('rev' => $rev_n)),
dformat($rev_n)
)
);
$REV = $DATE_AT; //will result in a page not exists message
} else {
$REV = $rev_t;
}
}
//make infos about the selected page available
$INFO = pageinfo();
// handle debugging
if($conf['allowdebug'] && $ACT == 'debug') {
html_debug();
exit;
}
//send 404 for missing pages if configured or ID has special meaning to bots
if(!$INFO['exists'] &&
($conf['send404'] || preg_match('/^(robots\.txt|sitemap\.xml(\.gz)?|favicon\.ico|crossdomain\.xml)$/', $ID)) &&
($ACT == 'show' || (!is_array($ACT) && substr($ACT, 0, 7) == 'export_'))
) {
header('HTTP/1.0 404 Not Found');
}
//prepare breadcrumbs (initialize a static var)
if($conf['breadcrumbs']) breadcrumbs();
// check upstream
checkUpdateMessages();
$tmp = array(); // No event data
Event::createAndTrigger('DOKUWIKI_STARTED', $tmp);
//close session
session_write_close();
//do the work (picks up what to do from global env)
act_dispatch();
$tmp = array(); // No event data
Event::createAndTrigger('DOKUWIKI_DONE', $tmp);
// xdebug_dump_function_profile(1);

180
Sio2/SISR/20-ldap/dokuwiki.php Normal file
View File

@ -0,0 +1,180 @@
<?php
/**
* This is DokuWiki's Main Configuration file
*
* All the default values are kept here, you should not modify it but use
* a local.php file instead to override the settings from here.
*
* This is a piece of PHP code so PHP syntax applies!
*
* For help with the configuration and a more detailed explanation of the various options
* see https://www.dokuwiki.org/config
*/
/* Basic Settings */
$conf['title'] = 'DokuWiki'; //what to show in the title
$conf['start'] = 'start'; //name of start page
$conf['lang'] = 'fr'; //your language
$conf['template'] = 'dokuwiki'; //see lib/tpl directory
$conf['tagline'] = ''; //tagline in header (if template supports it)
$conf['sidebar'] = 'sidebar'; //name of sidebar in root namespace (if template supports it)
$conf['license'] = 'cc-by-nc-sa'; //see conf/license.php
$conf['savedir'] = './data'; //where to store all the files
$conf['basedir'] = ''; //absolute dir from serveroot - blank for autodetection
$conf['baseurl'] = ''; //URL to server including protocol - blank for autodetect
$conf['cookiedir'] = ''; //path to use in cookies - blank for basedir
$conf['dmode'] = 0755; //set directory creation mode
$conf['fmode'] = 0644; //set file creation mode
$conf['allowdebug'] = 0; //allow debug output, enable if needed 0|1
/* Display Settings */
$conf['recent'] = 20; //how many entries to show in recent
$conf['recent_days'] = 7; //How many days of recent changes to keep. (days)
$conf['breadcrumbs'] = 10; //how many recent visited pages to show
$conf['youarehere'] = 0; //show "You are here" navigation? 0|1
$conf['fullpath'] = 0; //show full path of the document or relative to datadir only? 0|1
$conf['typography'] = 1; //smartquote conversion 0=off, 1=doublequotes, 2=all quotes
$conf['dformat'] = '%Y/%m/%d %H:%M'; //dateformat accepted by PHPs strftime() function
$conf['signature'] = ' --- //[[@MAIL@|@NAME@]] @DATE@//'; //signature see wiki page for details
$conf['showuseras'] = 'loginname'; // 'loginname' users login name
// 'username' users full name
// 'email' e-mail address (will be obfuscated as per mailguard)
// 'email_link' e-mail address as a mailto: link (obfuscated)
$conf['toptoclevel'] = 1; //Level starting with and below to include in AutoTOC (max. 5)
$conf['tocminheads'] = 3; //Minimum amount of headlines that determines if a TOC is built
$conf['maxtoclevel'] = 3; //Up to which level include into AutoTOC (max. 5)
$conf['maxseclevel'] = 3; //Up to which level create editable sections (max. 5)
$conf['camelcase'] = 0; //Use CamelCase for linking? (I don't like it) 0|1
$conf['deaccent'] = 1; //deaccented chars in pagenames (1) or romanize (2) or keep (0)?
$conf['useheading'] = 0; //use the first heading in a page as its name
$conf['sneaky_index']= 0; //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
$conf['hidepages'] = ''; //Regexp for pages to be skipped from RSS, Search and Recent Changes
/* Authentication Settings */
$conf['useacl'] = 0; //Use Access Control Lists to restrict access?
$conf['autopasswd'] = 1; //autogenerate passwords and email them to user
$conf['authtype'] = 'authplain'; //which authentication backend should be used
$conf['passcrypt'] = 'bcrypt'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411,bcrypt)
$conf['defaultgroup']= 'user'; //Default groups new Users are added to
$conf['superuser'] = '!!not set!!'; //The admin can be user or @group or comma separated list user1,@group1,user2
$conf['manager'] = '!!not set!!'; //The manager can be user or @group or comma separated list user1,@group1,user2
$conf['profileconfirm'] = 1; //Require current password to confirm changes to user profile
$conf['rememberme'] = 1; //Enable/disable remember me on login
$conf['disableactions'] = ''; //comma separated list of actions to disable
$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
$conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
$conf['remote'] = 0; //Enable/disable remote interfaces
$conf['remoteuser'] = '!!not set!!'; //user/groups that have access to remote interface (comma separated). leave empty to allow all users
$conf['remotecors'] = ''; //enable Cross-Origin Resource Sharing (CORS) for the remote interfaces. Asterisk (*) to allow all origins. leave empty to deny.
/* Antispam Features */
$conf['usewordblock']= 1; //block spam based on words? 0|1
$conf['relnofollow'] = 1; //use rel="ugc nofollow" for external links?
$conf['indexdelay'] = 60*60*24*5; //allow indexing after this time (seconds) default is 5 days
$conf['mailguard'] = 'hex'; //obfuscate email addresses against spam harvesters?
//valid entries are:
// 'visible' - replace @ with [at], . with [dot] and - with [dash]
// 'hex' - use hex entities to encode the mail address
// 'none' - do not obfuscate addresses
$conf['iexssprotect']= 1; // check for JavaScript and HTML in uploaded files 0|1
/* Editing Settings */
$conf['usedraft'] = 1; //automatically save a draft while editing (0|1)
$conf['htmlok'] = 0; //may raw HTML be embedded? This may break layout and XHTML validity 0|1
$conf['phpok'] = 0; //may PHP code be embedded? Never do this on the internet! 0|1
$conf['locktime'] = 15*60; //maximum age for lockfiles (defaults to 15 minutes)
$conf['cachetime'] = 60*60*24; //maximum age for cachefile in seconds (defaults to a day)
/* Link Settings */
// Set target to use when creating links - leave empty for same window
$conf['target']['wiki'] = '';
$conf['target']['interwiki'] = '';
$conf['target']['extern'] = '';
$conf['target']['media'] = '';
$conf['target']['windows'] = '';
/* Media Settings */
$conf['mediarevisions'] = 1; //enable/disable media revisions
$conf['refcheck'] = 1; //check for references before deleting media files
$conf['gdlib'] = 2; //the GDlib version (0, 1 or 2) 2 tries to autodetect
$conf['im_convert'] = ''; //path to ImageMagicks convert (will be used instead of GD)
$conf['jpg_quality'] = '70'; //quality of compression when scaling jpg images (0-100)
$conf['fetchsize'] = 0; //maximum size (bytes) fetch.php may download from extern, disabled by default
/* Notification Settings */
$conf['subscribers'] = 0; //enable change notice subscription support
$conf['subscribe_time'] = 24*60*60; //Time after which digests / lists are sent (in sec, default 1 day)
//Should be smaller than the time specified in recent_days
$conf['notify'] = ''; //send change info to this email (leave blank for nobody)
$conf['registernotify'] = ''; //send info about newly registered users to this email (leave blank for nobody)
$conf['mailfrom'] = ''; //use this email when sending mails
$conf['mailreturnpath'] = ''; //use this email as returnpath for bounce mails
$conf['mailprefix'] = ''; //use this as prefix of outgoing mails
$conf['htmlmail'] = 1; //send HTML multipart mails
$conf['dontlog'] = 'debug'; //logging facilites that should be disabled
/* Syndication Settings */
$conf['sitemap'] = 0; //Create a google sitemap? How often? In days.
$conf['rss_type'] = 'rss1'; //type of RSS feed to provide, by default:
// 'rss' - RSS 0.91
// 'rss1' - RSS 1.0
// 'rss2' - RSS 2.0
// 'atom' - Atom 0.3
// 'atom1' - Atom 1.0
$conf['rss_linkto'] = 'diff'; //what page RSS entries link to:
// 'diff' - page showing revision differences
// 'page' - the revised page itself
// 'rev' - page showing all revisions
// 'current' - most recent revision of page
$conf['rss_content'] = 'abstract'; //what to put in the items by default?
// 'abstract' - plain text, first paragraph or so
// 'diff' - plain text unified diff wrapped in <pre> tags
// 'htmldiff' - diff as HTML table
// 'html' - the full page rendered in XHTML
$conf['rss_media'] = 'both'; //what should be listed?
// 'both' - page and media changes
// 'pages' - page changes only
// 'media' - media changes only
$conf['rss_update'] = 5*60; //Update the RSS feed every n seconds (defaults to 5 minutes)
$conf['rss_show_summary'] = 1; //Add revision summary to title? 0|1
$conf['rss_show_deleted'] = 1; //Show deleted items 0|1
/* Advanced Settings */
$conf['updatecheck'] = 1; //automatically check for new releases?
$conf['userewrite'] = 0; //this makes nice URLs: 0: off 1: .htaccess 2: internal
$conf['useslash'] = 0; //use slash instead of colon? only when rewrite is on
$conf['sepchar'] = '_'; //word separator character in page names; may be a
// letter, a digit, '_', '-', or '.'.
$conf['canonical'] = 0; //Should all URLs use full canonical http://... style?
$conf['fnencode'] = 'url'; //encode filenames (url|safe|utf-8)
$conf['autoplural'] = 0; //try (non)plural form of nonexisting files?
$conf['compression'] = 'gz'; //compress old revisions: (0: off) ('gz': gnuzip) ('bz2': bzip)
// bz2 generates smaller files, but needs more cpu-power
$conf['gzip_output'] = 0; //use gzip content encodeing for the output xhtml (if allowed by browser)
$conf['compress'] = 1; //Strip whitespaces and comments from Styles and JavaScript? 1|0
$conf['cssdatauri'] = 512; //Maximum byte size of small images to embed into CSS, won't work on IE<8
$conf['send404'] = 0; //Send a HTTP 404 status for non existing pages?
$conf['broken_iua'] = 0; //Platform with broken ignore_user_abort (IIS+CGI) 0|1
$conf['xsendfile'] = 0; //Use X-Sendfile (1 = lighttpd, 2 = standard)
$conf['renderer_xhtml'] = 'xhtml'; //renderer to use for main page generation
$conf['readdircache'] = 0; //time cache in second for the readdir operation, 0 to deactivate.
$conf['search_nslimit'] = 0; //limit the search to the current X namespaces
$conf['search_fragment'] = 'exact'; //specify the default fragment search behavior
$conf['trustedproxy'] = '^(::1|[fF][eE]80:|127\.|10\.|192\.168\.|172\.((1[6-9])|(2[0-9])|(3[0-1]))\.)';
//Regexp of trusted proxy address when reading IP using HTTP header
// if blank, do not trust any proxy (including local IP)
/* Feature Flags */
$conf['defer_js'] = 1; // Defer javascript to be executed after the page's HTML has been parsed. Setting will be removed in the next release.
/* Network Settings */
$conf['dnslookups'] = 1; //disable to disallow IP to hostname lookups
$conf['jquerycdn'] = 0; //use a CDN for delivering jQuery?
// Proxy setup - if your Server needs a proxy to access the web set these
$conf['proxy']['host'] = '';
$conf['proxy']['port'] = '';
$conf['proxy']['user'] = '';
$conf['proxy']['pass'] = '';
$conf['proxy']['ssl'] = 0;
$conf['proxy']['except'] = '';

682
Sio2/SISR/20-ldap/install.php Normal file
View File

@ -0,0 +1,682 @@
<?php
/*><div style="width:60%; margin: auto; background-color: #fcc;
border: 1px solid #faa; padding: 0.5em 1em;">
<h1 style="font-size: 120%">No PHP Support</h1>
It seems this server has no PHP support enabled. You will need to
enable PHP before you can install and run DokuWiki. Contact your hosting
provider if you're unsure what this means.
</div>*/
/**
* Dokuwiki installation assistance
*
* @author Chris Smith <chris@jalakai.co.uk>
*/
if (!defined('DOKU_INC')) define('DOKU_INC', dirname(__FILE__) . '/');
if (!defined('DOKU_CONF')) define('DOKU_CONF', DOKU_INC . 'conf/');
if (!defined('DOKU_LOCAL')) define('DOKU_LOCAL', DOKU_INC . 'conf/');
// load and initialize the core system
require_once(DOKU_INC . 'inc/init.php');
require_once(DOKU_INC . 'inc/pageutils.php');
// check for error reporting override or set error reporting to sane values
if (!defined('DOKU_E_LEVEL')) {
error_reporting(E_ALL ^ E_NOTICE);
} else {
error_reporting(DOKU_E_LEVEL);
}
// language strings
require_once(DOKU_INC . 'inc/lang/en/lang.php');
if (isset($_REQUEST['l']) && !is_array($_REQUEST['l'])) {
$LC = preg_replace('/[^a-z\-]+/', '', $_REQUEST['l']);
}
if (empty($LC)) $LC = 'en';
if ($LC && $LC != 'en') {
require_once(DOKU_INC . 'inc/lang/' . $LC . '/lang.php');
}
// initialise variables ...
$error = array();
// begin output
header('Content-Type: text/html; charset=utf-8');
?>
<!DOCTYPE html>
<html lang="<?php echo $LC?>" dir="<?php echo $lang['direction']?>">
<head>
<meta charset="utf-8" />
<title><?php echo $lang['i_installer']?></title>
<style>
body { width: 90%; margin: 0 auto; font: 84% Verdana, Helvetica, Arial, sans-serif; }
img { border: none }
br.cl { clear:both; }
code { font-size: 110%; color: #800000; }
fieldset { border: none }
label { display: block; margin-top: 0.5em; }
select.text, input.text { width: 30em; margin: 0 0.5em; }
a {text-decoration: none}
</style>
<script>
function acltoggle(){
var cb = document.getElementById('acl');
var fs = document.getElementById('acldep');
if(!cb || !fs) return;
if(cb.checked){
fs.style.display = '';
}else{
fs.style.display = 'none';
}
}
window.onload = function(){
acltoggle();
var cb = document.getElementById('acl');
if(cb) cb.onchange = acltoggle;
};
</script>
</head>
<body style="">
<h1 style="float:left">
<img src="lib/exe/fetch.php?media=wiki:dokuwiki-128.png"
style="vertical-align: middle;" alt="" height="64" width="64" />
<?php echo $lang['i_installer']?>
</h1>
<div style="float:right; margin: 1em;">
<?php langsel()?>
</div>
<br class="cl" />
<div style="float: right; width: 34%;">
<?php
if (file_exists(DOKU_INC . 'inc/lang/' . $LC . '/install.html')) {
include(DOKU_INC . 'inc/lang/' . $LC . '/install.html');
} else {
print "<div lang=\"en\" dir=\"ltr\">\n";
include(DOKU_INC . 'inc/lang/en/install.html');
print "</div>\n";
}
?>
<a style="
background: transparent
url(data/dont-panic-if-you-see-this-in-your-logs-it-means-your-directory-permissions-are-correct.png)
left top no-repeat;
display: block; width:380px; height:73px; border:none; clear:both;"
target="_blank"
href="http://www.dokuwiki.org/security#web_access_security"></a>
</div>
<div style="float: left; width: 58%;">
<?php
try {
if (! (check_functions() && check_permissions())) {
echo '<p>' . $lang['i_problems'] . '</p>';
print_errors();
print_retry();
} elseif (!check_configs()) {
echo '<p>' . $lang['i_modified'] . '</p>';
print_errors();
} elseif (check_data($_REQUEST['d'])) {
// check_data has sanitized all input parameters
if (!store_data($_REQUEST['d'])) {
echo '<p>' . $lang['i_failure'] . '</p>';
print_errors();
} else {
echo '<p>' . $lang['i_success'] . '</p>';
}
} else {
print_errors();
print_form($_REQUEST['d']);
}
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
?>
</div>
<div style="clear: both">
<a href="http://dokuwiki.org/"><img src="lib/tpl/dokuwiki/images/button-dw.png" alt="driven by DokuWiki" /></a>
<a href="http://php.net"><img src="lib/tpl/dokuwiki/images/button-php.gif" alt="powered by PHP" /></a>
</div>
</body>
</html>
<?php
/**
* Print the input form
*
* @param array $d submitted entry 'd' of request data
*/
function print_form($d)
{
global $lang;
global $LC;
include(DOKU_CONF . 'license.php');
if (!is_array($d)) $d = array();
$d = array_map('hsc', $d);
if (!isset($d['acl'])) $d['acl'] = 1;
if (!isset($d['pop'])) $d['pop'] = 1;
?>
<form action="" method="post">
<input type="hidden" name="l" value="<?php echo $LC ?>" />
<fieldset>
<label for="title"><?php echo $lang['i_wikiname']?>
<input type="text" name="d[title]" id="title" value="<?php echo $d['title'] ?>" style="width: 20em;" />
</label>
<fieldset style="margin-top: 1em;">
<label for="acl">
<input type="checkbox" name="d[acl]" id="acl" <?php echo(($d['acl'] ? ' checked="checked"' : ''));?> />
<?php echo $lang['i_enableacl']?></label>
<fieldset id="acldep">
<label for="superuser"><?php echo $lang['i_superuser']?></label>
<input class="text" type="text" name="d[superuser]" id="superuser"
value="<?php echo $d['superuser'] ?>" />
<label for="fullname"><?php echo $lang['fullname']?></label>
<input class="text" type="text" name="d[fullname]" id="fullname"
value="<?php echo $d['fullname'] ?>" />
<label for="email"><?php echo $lang['email']?></label>
<input class="text" type="text" name="d[email]" id="email" value="<?php echo $d['email'] ?>" />
<label for="password"><?php echo $lang['pass']?></label>
<input class="text" type="password" name="d[password]" id="password" />
<label for="confirm"><?php echo $lang['passchk']?></label>
<input class="text" type="password" name="d[confirm]" id="confirm" />
<label for="policy"><?php echo $lang['i_policy']?></label>
<select class="text" name="d[policy]" id="policy">
<option value="0" <?php echo ($d['policy'] == 0) ? 'selected="selected"' : '' ?>><?php
echo $lang['i_pol0']?></option>
<option value="1" <?php echo ($d['policy'] == 1) ? 'selected="selected"' : '' ?>><?php
echo $lang['i_pol1']?></option>
<option value="2" <?php echo ($d['policy'] == 2) ? 'selected="selected"' : '' ?>><?php
echo $lang['i_pol2']?></option>
</select>
<label for="allowreg">
<input type="checkbox" name="d[allowreg]" id="allowreg" <?php
echo(($d['allowreg'] ? ' checked="checked"' : ''));?> />
<?php echo $lang['i_allowreg']?>
</label>
</fieldset>
</fieldset>
<fieldset>
<p><?php echo $lang['i_license']?></p>
<?php
array_push($license, array('name' => $lang['i_license_none'], 'url' => ''));
if (empty($d['license'])) $d['license'] = 'cc-by-sa';
foreach ($license as $key => $lic) {
echo '<label for="lic_' . $key . '">';
echo '<input type="radio" name="d[license]" value="' . hsc($key) . '" id="lic_' . $key . '"' .
(($d['license'] === $key) ? ' checked="checked"' : '') . '>';
echo hsc($lic['name']);
if ($lic['url']) echo ' <a href="' . $lic['url'] . '" target="_blank"><sup>[?]</sup></a>';
echo '</label>';
}
?>
</fieldset>
<fieldset>
<p><?php echo $lang['i_pop_field']?></p>
<label for="pop">
<input type="checkbox" name="d[pop]" id="pop" <?php
echo(($d['pop'] ? ' checked="checked"' : ''));?> />
<?php echo $lang['i_pop_label']?>
<a href="http://www.dokuwiki.org/popularity" target="_blank"><sup>[?]</sup></a>
</label>
</fieldset>
</fieldset>
<fieldset id="process">
<button type="submit" name="submit"><?php echo $lang['btn_save']?></button>
</fieldset>
</form>
<?php
}
function print_retry()
{
global $lang;
global $LC;
?>
<form action="" method="get">
<fieldset>
<input type="hidden" name="l" value="<?php echo $LC ?>" />
<button type="submit"><?php echo $lang['i_retry'];?></button>
</fieldset>
</form>
<?php
}
/**
* Check validity of data
*
* @author Andreas Gohr
*
* @param array $d
* @return bool ok?
*/
function check_data(&$d)
{
static $form_default = array(
'title' => '',
'acl' => '1',
'superuser' => '',
'fullname' => '',
'email' => '',
'password' => '',
'confirm' => '',
'policy' => '0',
'allowreg' => '0',
'license' => 'cc-by-sa'
);
global $lang;
global $error;
if (!is_array($d)) $d = array();
foreach ($d as $k => $v) {
if (is_array($v))
unset($d[$k]);
else $d[$k] = (string)$v;
}
//autolowercase the username
$d['superuser'] = isset($d['superuser']) ? strtolower($d['superuser']) : "";
$ok = false;
if (isset($_REQUEST['submit'])) {
$ok = true;
// check input
if (empty($d['title'])) {
$error[] = sprintf($lang['i_badval'], $lang['i_wikiname']);
$ok = false;
}
if (isset($d['acl'])) {
if (empty($d['superuser']) || ($d['superuser'] !== cleanID($d['superuser']))) {
$error[] = sprintf($lang['i_badval'], $lang['i_superuser']);
$ok = false;
}
if (empty($d['password'])) {
$error[] = sprintf($lang['i_badval'], $lang['pass']);
$ok = false;
} elseif (!isset($d['confirm']) || $d['confirm'] != $d['password']) {
$error[] = sprintf($lang['i_badval'], $lang['passchk']);
$ok = false;
}
if (empty($d['fullname']) || strstr($d['fullname'], ':')) {
$error[] = sprintf($lang['i_badval'], $lang['fullname']);
$ok = false;
}
if (empty($d['email']) || strstr($d['email'], ':') || !strstr($d['email'], '@')) {
$error[] = sprintf($lang['i_badval'], $lang['email']);
$ok = false;
}
} else {
// Since default = 1, browser won't send acl=0 when user untick acl
$d['acl'] = '0';
}
}
$d = array_merge($form_default, $d);
return $ok;
}
/**
* Writes the data to the config files
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param array $d
* @return bool
*/
function store_data($d)
{
global $LC;
$ok = true;
$d['policy'] = (int) $d['policy'];
// create local.php
$now = gmdate('r');
$output = <<<EOT
<?php
/**
* Dokuwiki's Main Configuration File - Local Settings
* Auto-generated by install script
* Date: $now
*/
EOT;
// add any config options set by a previous installer
$preset = __DIR__ . '/install.conf';
if (file_exists($preset)) {
$output .= "# preset config options\n";
$output .= file_get_contents($preset);
$output .= "\n\n";
$output .= "# options selected in installer\n";
@unlink($preset);
}
$output .= '$conf[\'title\'] = \'' . addslashes($d['title']) . "';\n";
$output .= '$conf[\'lang\'] = \'' . addslashes($LC) . "';\n";
$output .= '$conf[\'license\'] = \'' . addslashes($d['license']) . "';\n";
if ($d['acl']) {
$output .= '$conf[\'useacl\'] = 1' . ";\n";
$output .= "\$conf['superuser'] = '@admin';\n";
}
if (!$d['allowreg']) {
$output .= '$conf[\'disableactions\'] = \'register\'' . ";\n";
}
$ok = $ok && fileWrite(DOKU_LOCAL . 'local.php', $output);
if ($d['acl']) {
// hash the password
$phash = new \dokuwiki\PassHash();
$pass = $phash->hash_bcrypt($d['password']);
// create users.auth.php
$output = <<<EOT
# users.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Userfile
#
# Auto-generated by install script
# Date: $now
#
# Format:
# login:passwordhash:Real Name:email:groups,comma,separated
EOT;
// --- user:bcryptpasswordhash:Real Name:email:groups,comma,seperated
$output = $output . "\n" . join(':', [
$d['superuser'],
$pass,
$d['fullname'],
$d['email'],
'admin,user',
]) . "\n";
$ok = $ok && fileWrite(DOKU_LOCAL . 'users.auth.php', $output);
// create acl.auth.php
$output = <<<EOT
# acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
#
# Auto-generated by install script
# Date: $now
EOT;
if ($d['policy'] == 2) {
$output .= "* @ALL 0\n";
$output .= "* @user 8\n";
} elseif ($d['policy'] == 1) {
$output .= "* @ALL 1\n";
$output .= "* @user 8\n";
} else {
$output .= "* @ALL 8\n";
}
$ok = $ok && fileWrite(DOKU_LOCAL . 'acl.auth.php', $output);
}
// enable popularity submission
if (isset($d['pop']) && $d['pop']) {
@touch(DOKU_INC . 'data/cache/autosubmit.txt');
}
// disable auth plugins til needed
$output = <<<EOT
<?php
/*
* Local plugin enable/disable settings
*
* Auto-generated by install script
* Date: $now
*/
\$plugins['authad'] = 0;
\$plugins['authldap'] = 0;
\$plugins['authmysql'] = 0;
\$plugins['authpgsql'] = 0;
EOT;
$ok = $ok && fileWrite(DOKU_LOCAL . 'plugins.local.php', $output);
return $ok;
}
/**
* Write the given content to a file
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @param string $filename
* @param string $data
* @return bool
*/
function fileWrite($filename, $data)
{
global $error;
global $lang;
if (($fp = @fopen($filename, 'wb')) === false) {
$filename = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $filename);
$error[] = sprintf($lang['i_writeerr'], $filename);
return false;
}
if (!empty($data)) {
fwrite($fp, $data);
}
fclose($fp);
return true;
}
/**
* check installation dependent local config files and tests for a known
* unmodified main config file
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @return bool
*/
function check_configs()
{
global $error;
global $lang;
$ok = true;
$config_files = array(
'local' => DOKU_LOCAL . 'local.php',
'users' => DOKU_LOCAL . 'users.auth.php',
'auth' => DOKU_LOCAL . 'acl.auth.php'
);
// configs shouldn't exist
foreach ($config_files as $file) {
if (file_exists($file) && filesize($file)) {
$file = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}/', $file);
$error[] = sprintf($lang['i_confexists'], $file);
$ok = false;
}
}
return $ok;
}
/**
* Check other installation dir/file permission requirements
*
* @author Chris Smith <chris@jalakai.co.uk>
*
* @return bool
*/
function check_permissions()
{
global $error;
global $lang;
$dirs = array(
'conf' => DOKU_LOCAL,
'data' => DOKU_INC . 'data',
'pages' => DOKU_INC . 'data/pages',
'attic' => DOKU_INC . 'data/attic',
'media' => DOKU_INC . 'data/media',
'media_attic' => DOKU_INC . 'data/media_attic',
'media_meta' => DOKU_INC . 'data/media_meta',
'meta' => DOKU_INC . 'data/meta',
'cache' => DOKU_INC . 'data/cache',
'locks' => DOKU_INC . 'data/locks',
'index' => DOKU_INC . 'data/index',
'tmp' => DOKU_INC . 'data/tmp'
);
$ok = true;
foreach ($dirs as $dir) {
if (!file_exists("$dir/.") || !is_writable($dir)) {
$dir = str_replace($_SERVER['DOCUMENT_ROOT'], '{DOCUMENT_ROOT}', $dir);
$error[] = sprintf($lang['i_permfail'], $dir);
$ok = false;
}
}
return $ok;
}
/**
* Check the availability of functions used in DokuWiki and the PHP version
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @return bool
*/
function check_functions()
{
global $error;
global $lang;
$ok = true;
if (version_compare(phpversion(), '5.6.0', '<')) {
$error[] = sprintf($lang['i_phpver'], phpversion(), '5.6.0');
$ok = false;
}
if (ini_get('mbstring.func_overload') != 0) {
$error[] = $lang['i_mbfuncoverload'];
$ok = false;
}
try {
random_bytes(1);
} catch (\Exception $th) {
// If an appropriate source of randomness cannot be found, an Exception will be thrown by PHP 7+
$error[] = $lang['i_urandom'];
$ok = false;
}
if (ini_get('mbstring.func_overload') != 0) {
$error[] = $lang['i_mbfuncoverload'];
$ok = false;
}
$funcs = explode(' ', 'addslashes call_user_func chmod copy fgets ' .
'file file_exists fseek flush filesize ftell fopen ' .
'glob header ignore_user_abort ini_get mkdir ' .
'ob_start opendir parse_ini_file readfile realpath ' .
'rename rmdir serialize session_start unlink usleep ' .
'preg_replace file_get_contents htmlspecialchars_decode ' .
'spl_autoload_register stream_select fsockopen pack xml_parser_create');
if (!function_exists('mb_substr')) {
$funcs[] = 'utf8_encode';
$funcs[] = 'utf8_decode';
}
if (!function_exists('mail')) {
if (strpos(ini_get('disable_functions'), 'mail') !== false) {
$disabled = $lang['i_disabled'];
} else {
$disabled = "";
}
$error[] = sprintf($lang['i_funcnmail'], $disabled);
}
foreach ($funcs as $func) {
if (!function_exists($func)) {
$error[] = sprintf($lang['i_funcna'], $func);
$ok = false;
}
}
return $ok;
}
/**
* Print language selection
*
* @author Andreas Gohr <andi@splitbrain.org>
*/
function langsel()
{
global $lang;
global $LC;
$dir = DOKU_INC . 'inc/lang';
$dh = opendir($dir);
if (!$dh) return;
$langs = array();
while (($file = readdir($dh)) !== false) {
if (preg_match('/^[\._]/', $file)) continue;
if (is_dir($dir . '/' . $file) && file_exists($dir . '/' . $file . '/lang.php')) {
$langs[] = $file;
}
}
closedir($dh);
sort($langs);
echo '<form action="">';
echo $lang['i_chooselang'];
echo ': <select name="l" onchange="submit()">';
foreach ($langs as $l) {
$sel = ($l == $LC) ? 'selected="selected"' : '';
echo '<option value="' . $l . '" ' . $sel . '>' . $l . '</option>';
}
echo '</select> ';
echo '<button type="submit">' . $lang['btn_update'] . '</button>';
echo '</form>';
}
/**
* Print global error array
*
* @author Andreas Gohr <andi@splitbrain.org>
*/
function print_errors()
{
global $error;
if (!empty($error)) {
echo '<ul>';
foreach ($error as $err) {
echo "<li>$err</li>";
}
echo '</ul>';
}
}

372
Sio2/SISR/20-ldap/labo51.lan.ldif Normal file
View File

@ -0,0 +1,372 @@
dn: dc=labo51,dc=lan
o: labo51
dc: labo51
structuralObjectClass: organization
entryUUID: fa4724a4-cf8e-103c-8b56-5b76801a304f
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923132546Z
ou: labo51
description: labo51
objectClass: top
objectClass: dcObject
objectClass: organization
objectClass: gosaDepartment
objectClass: gosaAcl
gosaAclEntry: 0:subtree:Y249YWRtaW4sb3U9YWNscm9sZXMsZGM9bGFibzUxLGRjPWxhbg==
:dWlkPWZkLWFkbWluLG91PXBlb3BsZSxkYz1sYWJvNTEsZGM9bGFu
entryCSN: 20220923133315.145750Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: cn=admin,dc=labo51,dc=lan
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9azJpYVFLcGRSYis3MEVqMjVoR0V1aXpudGtGdDRyVEc=
structuralObjectClass: organizationalRole
entryUUID: fa477026-cf8e-103c-8b57-5b76801a304f
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923132546Z
entryCSN: 20220923132546.893074Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923132546Z
dn: ou=fusiondirectory,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: fusiondirectory
structuralObjectClass: organizationalUnit
entryUUID: fa2072e0-cf8f-103c-9ee5-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133256Z
entryCSN: 20220923133256.134250Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133256Z
dn: cn=config,ou=fusiondirectory,dc=labo51,dc=lan
fdLanguage: fr_FR
fdTheme: breezy
fdTimezone: Europe/Paris
fdLdapSizeLimit: 200
fdModificationDetectionAttribute: entryCSN
fdLogging: TRUE
fdSchemaCheck: TRUE
fdEnableSnapshots: TRUE
fdSnapshotBase: ou=snapshots,dc=labo51,dc=lan
fdPasswordDefaultHash: ssha
fdForcePasswordDefaultHash: FALSE
fdHandleExpiredAccounts: FALSE
fdLoginAttribute: uid
fdForceSSL: FALSE
fdWarnSSL: TRUE
fdSessionLifeTime: 1800
fdHttpAuthActivated: FALSE
fdHttpHeaderAuthActivated: FALSE
fdHttpHeaderAuthHeaderName: AUTH_USER
fdSslKeyPath: /etc/ssl/private/fd.key
fdSslCertPath: /etc/ssl/certs/fd.cert
fdSslCaCertPath: /etc/ssl/certs/ca.cert
fdCasActivated: FALSE
fdCasServerCaCertPath: /etc/ssl/certs/ca.cert
fdCasHost: localhost
fdCasPort: 443
fdCasContext: /cas
fdAccountPrimaryAttribute: uid
fdCnPattern: %givenName% %sn%
fdStrictNamingRules: TRUE
fdUserRDN: ou=people
fdAclRoleRDN: ou=aclroles
fdRestrictRoleMembers: FALSE
fdSplitPostalAddress: FALSE
fdDisplayErrors: FALSE
fdLdapStats: FALSE
fdDebugLevel: 0
fdListSummary: TRUE
fdAclTabOnObjects: FALSE
fdDisplayHookOutput: FALSE
structuralObjectClass: fusionDirectoryConf
cn: config
entryUUID: fa2105f2-cf8f-103c-9ee6-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133256Z
fdDashboardNumberOfDigit: 3
fdDashboardPrefix: PC
fdDashboardExpiredAccountsDays: 15
fdOGroupRDN: ou=groups
fdForceSaslPasswordAsk: FALSE
objectClass: fusionDirectoryConf
objectClass: fdDashboardPluginConf
objectClass: fusionDirectoryPluginsConf
objectClass: fdPasswordRecoveryConf
fdPasswordRecoveryActivated: FALSE
fdPasswordRecoveryEmail: to.be@chang.ed
fdPasswordRecoveryValidity: 10
fdPasswordRecoverySalt: SomethingSecretAndVeryLong
fdPasswordRecoveryUseAlternate: FALSE
fdPasswordRecoveryLoginAttribute: uid
fdPasswordRecoveryMailSubject:: W0Z1c2lvbkRpcmVjdG9yeV0gTGllbiBkZSByw6lpbml0
aWFsaXNhdGlvbiBkdSBtb3QgZGUgcGFzc2U=
fdPasswordRecoveryMailBody:: Qm9uam91ciwKClZvaWNpIHZvcyBpbmZvcm1hdGlvbnMgOgo
tIElkZW50aWZpYW504oCvOiAlcwotIExpZW7igK86ICVzCgpDZSBsaWVuIGVzdCBzZXVsZW1lbn
QgdmFsaWRlIHBlbmRhbnQgMTAgbWludXRlcw==
fdPasswordRecoveryMail2Subject:: W0Z1c2lvbkRpcmVjdG9yeV0gUsOpaW5pdGlhbGlzYXR
pb24gZHUgbW90IGRlIHBhc3NlIHLDqXVzc2ll4oCvIQ==
fdPasswordRecoveryMail2Body:: Qm9uam91ciwKClZvdHJlIG1vdCBkZSBwYXNzZSBhIMOpdM
OpIGNoYW5nw6kuIApWb3RyZSBpZGVudGlmaWFudCBkZSBjb25uZXhpb24gZXN0IHRvdWpvdXJzI
CVzLg==
fusionConfigMd5: a757b5932e118edd99c930ce5cb6399b
fdGroupRDN: ou=groups
fdMinId: 100
fdUidNumberBase: 1100
fdGidNumberBase: 1100
fdIdAllocationMethod: traditional
fdShells: /bin/ash
fdShells: /bin/bash
fdShells: /bin/csh
fdShells: /bin/sh
fdShells: /bin/ksh
fdShells: /bin/tcsh
fdShells: /bin/dash
fdShells: /bin/zsh
fdShells: /sbin/nologin
fdShells: /bin/false
fdShells: /usr/bin/git-shell
fdDefaultShell: /bin/ash
entryCSN: 20220927084251.846088Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084251Z
dn: ou=aclroles,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: aclroles
structuralObjectClass: organizationalUnit
entryUUID: 05717270-cf90-103c-9ee8-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.120052Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: cn=admin,ou=aclroles,dc=labo51,dc=lan
objectClass: top
objectClass: gosaRole
cn: admin
description: Donne tous les droits sur tous les objets
gosaAclTemplate: 0:all;cmdrw
structuralObjectClass: gosaRole
entryUUID: 0571e12e-cf90-103c-9ee9-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.122882Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: ou=people,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: people
structuralObjectClass: organizationalUnit
entryUUID: 0573d402-cf90-103c-9eea-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.135652Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: uid=fd-admin,ou=people,dc=labo51,dc=lan
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
cn: System Administrator
sn: Administrator
givenName: System
uid: fd-admin
userPassword:: e1NTSEF9WFlPYlZ4bi96eEhkUkFZaWluZjRLaFZNeUJaa1hTQTM=
structuralObjectClass: inetOrgPerson
entryUUID: 0574800a-cf90-103c-9eeb-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133315Z
entryCSN: 20220923133315.140056Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133315Z
dn: cn=manager,ou=aclroles,dc=labo51,dc=lan
cn: manager
description: Donner tous les droits aux utilisateurs sur cette branche
objectClass: top
objectClass: gosaRole
gosaAclTemplate: 0:user/user;cmdrw,user/posixAccount;cmdrw
structuralObjectClass: gosaRole
entryUUID: 06db8bc8-cf90-103c-9eec-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133317Z
entryCSN: 20220923133317.493099Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133317Z
dn: cn=editowninfos,ou=aclroles,dc=labo51,dc=lan
cn: editowninfos
description:: UGVybWV0IGF1eCB1dGlsaXNhdGV1cnMgZCfDqWRpdGVyIGxldXJzIHByb3ByZX
MgaW5mb3JtYXRpb25zIChvbmdsZXRzIGfDqW7DqXJpcXVlIGV0IHBvc2l4LCDDoCBuJ3V0aWxpc
2VyIHF1ZSBzdXIgbGEgYmFzZSk=
objectClass: top
objectClass: gosaRole
gosaAclTemplate: 0:user/user;srw,user/posixAccount;srw
structuralObjectClass: gosaRole
entryUUID: 06dc1dcc-cf90-103c-9eed-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133317Z
entryCSN: 20220923133317.496837Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133317Z
dn: cn=editownpwd,ou=aclroles,dc=labo51,dc=lan
cn: editownpwd
description:: UGVybWV0IGF1eCB1dGlsaXNhdGV1cnMgZGUgY2hhbmdlciBsZXVyIG1vdCBkZS
BwYXNzZSAow6AgbuKAmXV0aWxpc2VyIHF1ZSBzdXIgbGEgYmFzZSk=
objectClass: top
objectClass: gosaRole
gosaAclTemplate: 0:user/user;s#userPassword;rw
structuralObjectClass: gosaRole
entryUUID: 06dc87d0-cf90-103c-9eee-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133317Z
entryCSN: 20220923133317.499552Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133317Z
dn: ou=recovery,ou=fusiondirectory,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: recovery
structuralObjectClass: organizationalUnit
entryUUID: 867ca16e-cf90-103c-9ef1-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133651Z
entryCSN: 20220923133651.619426Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133651Z
dn: ou=locks,ou=fusiondirectory,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: locks
structuralObjectClass: organizationalUnit
entryUUID: 89251e00-cf90-103c-9ef2-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133656Z
entryCSN: 20220923133656.079063Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133656Z
dn: ou=snapshots,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: snapshots
structuralObjectClass: organizationalUnit
entryUUID: d945fb3e-cf90-103c-9ef3-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923133910Z
entryCSN: 20220923133910.512170Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923133910Z
dn: uid=dpaul,ou=people,dc=labo51,dc=lan
cn: Paul Dubois
sn: Dubois
givenName: Paul
description: Polo
uid: dpaul
preferredLanguage: fr_FR
userPassword:: e1NTSEF9RkgrNnNtUnNxMGw3KzFDODB2MXNTQzJQVXJSZEttS0g=
structuralObjectClass: inetOrgPerson
entryUUID: 27e0f56e-cf91-103c-9ef4-cd38c1c99b59
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923134122Z
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
homeDirectory: /home/paul
gecos: Paul Dubois
loginShell: /bin/ash
uidNumber: 1101
gidNumber: 1002
shadowLastChange: 19262
entryCSN: 20220927084325.025161Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084325Z
dn: cn=fd-admin,dc=labo51,dc=lan
objectClass: posixGroup
cn: fd-admin
description: Groupe de l'utilisateur fd-admin
gidNumber: 1001
structuralObjectClass: posixGroup
entryUUID: ee847b00-cf91-103c-8113-87fb8d81eb6d
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220923134655Z
entryCSN: 20220923134655.650648Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220923134655Z
dn: cn=dpaul,dc=labo51,dc=lan
objectClass: posixGroup
cn: dpaul
description: Groupe de l'utilisateur dpaul
gidNumber: 1002
structuralObjectClass: posixGroup
entryUUID: 8474bbca-d28a-103c-8c1d-dbb4971e905b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927083124Z
entryCSN: 20220927083124.720185Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927083124Z
dn: uid=louis,ou=people,dc=labo51,dc=lan
cn: louis depres
sn: depres
givenName: louis
uid: louis
preferredLanguage: fr_FR
userPassword:: e1NTSEF9b2dhU25CWlNEWkFUekVIVXJsSXR4NFFEbGM2QURCNVk=
structuralObjectClass: inetOrgPerson
entryUUID: 4dee1eb4-d28c-103c-8125-f3f3a5e1910b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927084412Z
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
homeDirectory: /home/louis
gecos: louis depres
loginShell: /bin/ash
uidNumber: 1102
gidNumber: 1101
shadowLastChange: 19262
entryCSN: 20220927084412.248333Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084412Z
dn: ou=groups,dc=labo51,dc=lan
objectClass: organizationalUnit
ou: groups
structuralObjectClass: organizationalUnit
entryUUID: 4defab8a-d28c-103c-8128-f3f3a5e1910b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927084412Z
entryCSN: 20220927084412.244637Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084412Z
dn: cn=louis,ou=groups,dc=labo51,dc=lan
objectClass: posixGroup
cn: louis
description: Groupe de l'utilisateur louis
gidNumber: 1101
structuralObjectClass: posixGroup
entryUUID: 4defde70-d28c-103c-8129-f3f3a5e1910b
creatorsName: cn=admin,dc=labo51,dc=lan
createTimestamp: 20220927084412Z
entryCSN: 20220927084412.245939Z#000000#000#000000
modifiersName: cn=admin,dc=labo51,dc=lan
modifyTimestamp: 20220927084412Z

16
Sio2/SISR/20-ldap/local.php Normal file
View File

@ -0,0 +1,16 @@
<?php
$conf['title'] = 'labo2 ps wiki';
$conf['lang'] = 'fr';
$conf['license'] = 'cc-by-sa';
$conf['useacl'] = 1;
$conf['authtype'] = 'authldap';
$conf['superuser'] = '@admin';
$conf['disableactions'] = 'register';
$conf['plugin']['authldap']['server'] = 'ldap://localhost:389';
$conf['plugin']['authldap']['usertree'] = 'ou=people,dc=labo51,dc=lan';
$conf['plugin']['authldap']['grouptree'] = 'ou=groups,dc=labo51,dc=lan';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))';
$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(memberUID=%{user}))';
$conf['plugin']['authldap']['version'] = 3;
$conf['plugin']['authldap']['debug'] = 1;
$conf['plugin']['authldap']['passcrypt'] = 'ssha';

23
Sio2/SISR/30-python/creatusr.py Executable file
View File

@ -0,0 +1,23 @@
#!/usr/bin/python3
import sys
try:
user = open("user.txt", "r")
except:
print ("Fichier utilisateur inconnu")
else:
line = user.readline ()
maligne = line.rstrip()
# print (line)
while maligne:
(login, complet) = maligne.split(":")
print (login)
print (complet)
line = user.readline()
maligne = line.rstrip()
#print (line)
user.close()

39
Sio2/SISR/30-python/creatusr2.py Executable file
View File

@ -0,0 +1,39 @@
#!/usr/bin/python3
import sys
#print "Nom du programme : ", sys.argv[0]
#print "Nombre d'arguments: ", len(sys.argv)
#print "Les arguments sont : " , str(sys.argv)
if len(sys.argv) !=2:
msg = "Usage : " + sys.argv[0] + " <fichier.txt>"
print (msg, file=sys.stderr)
sys.exit(1)
filename = sys.argv[1]
try:
file = open(filename , "r")
except:
msg = "Erreur ouverture fichier " + filename
print (msg ,file=sys.stderr)
else:
line = file.readline ()
maligne = line.rstrip()
while maligne:
(login, complet) = maligne.split(":")
print (login)
print (complet)
commande = "useradd --create-home --home-dir /home"+ login + " --shell /bin/bash --comment \"" + complet + "\" " + login
print (commande)
print (" ")
line = file.readline()
maligne = line.rstrip()
#print (line)
file.close()

41
Sio2/SISR/30-python/creatusr3.py Executable file
View File

@ -0,0 +1,41 @@
#!/usr/bin/python3
import sys
#print "Nom du programme : ", sys.argv[0]
#print "Nombre d'arguments: ", len(sys.argv)
#print "Les arguments sont : " , str(sys.argv)
if len(sys.argv) !=2:
msg = "Usage : " + sys.argv[0] + " <fichier.txt>"
print (msg, file=sys.stderr)
sys.exit(1)
filename = sys.argv[1]
try:
file = open(filename , "r")
except:
msg = "Erreur ouverture fichier " + filename
print (msg ,file=sys.stderr)
else:
line = file.readline ()
maligne = line.rstrip()
while maligne:
(login, complet) = maligne.split(":")
print (login)
print (complet)
cmd = ('getent passwd', login)
res=subprocess.run(cmd.split(),stdout=subprocess.PIPE)
commande = "useradd --create-home --home-dir /home"+ login + " --shell /bin/bash --comment \"" + complet + "\" " + login
print (commande)
print (" ")
line = file.readline()
maligne = line.rstrip()
#print (line)
file.close()

44
Sio2/SISR/30-python/creatusr4.py Normal file
View File

@ -0,0 +1,44 @@
#!/usr/bin/python3
# ne marche pas
import sys
import os
import pwd
import subprocess
#print ("Nom du programme : ", sys.argv[0])
#print ("Nombre d'arguments: ", len(sys.argv))
#print ("Les arguments sont : " , str(sys.argv))
if len(sys.argv) != 2:
msg= ("Usage : " + sys.argv[0] + " <fichier.txt>")
print(msg ,file=sys.stderr)
sys.exit(1)
filename = sys.argv[1]
try:
file= open(filename , "r")
except:
msg = ("Erreur ouverture fichier " + filename)
print(msg ,file=sys.stderr)
else:
line = file.readline()
linee = line.rstrip()
while linee:
(login, complet) = linee.split(":")
cmd="getent passwd " + login
res= subprocess.run(cmd.split(),stdout=subprocess.PIPE)
res2= (res.stdout.decode("utf8"))
if not res2 :
commande = "useradd --create-home --home-dir /home/"+ login + " --shell /bin/bash --comment \"" + complet + "\" " + login
res3= os.system(commande)
else :
print("Utilisateur " + login + " existant" )
line = file.readline()
linee = line.rstrip()
file.close()

28
Sio2/SISR/30-python/log.py Executable file
View File

@ -0,0 +1,28 @@
#!/usr/bin/python3
import sys
import re
volip = {}
cpthit = {}
regexp = "^(\S+) (\S+) (\S+) \[([^]]+)\] \"(\w+) (\S+).*\" (\d+) (\S+)"
for line in sys.stdin: # on lit sur lentrée standard
line = line.rstrip () # on enleve le retour ligne
res = re.match (regexp, line)
if res:
(host, rfc931, user, date, request, url, status, byte) = res.groups()
host = res.group (1)
byte = int(res.group (8))
#print ('host : ', host, ' byte : ', byte)
if host not in volip:
volip[host] = byte
cpthit[host] = 1
else:
volip[host] = volip[host] + byte
cpthit[host] = cpthit[host] + 1
for addr in sorted(volip.keys()):
print ("VOLUME : ", addr, " : ", volip[addr],";;; HIT : ", cpthit[addr])
#for hit in sorted(cpthit.keys()):
# print (hit, " : ", cpthit[hit])

2
Sio2/SISR/30-python/prog.py Executable file
View File

@ -0,0 +1,2 @@
#!/usr/bin/python3
print ("Bonjour.")

4
Sio2/SISR/30-python/prog1.py Executable file
View File

@ -0,0 +1,4 @@
#!/usr/bin/python3
rayon=float(input("Saisir le rayon : "))
peri=(2*3.141592*rayon)
print ("Le périmètre vaut : ", peri, "cm")

30
Sio2/SISR/30-python/prog2.py Executable file
View File

@ -0,0 +1,30 @@
#!/usr/bin/python3
tableau=[]
nb=int(input("Combien de nombre dans le tableau : "))
for i in range (nb):
valeur=int(input("Saisir un nombre : "))
tableau.append(valeur)
min = tableau[0]
max = tableau[0]
moy = 0
for valeur in tableau:
if valeur < min:
min = valeur
if valeur > max:
max = valeur
moy = moy + valeur
moy = moy/nb
for valeur in tableau:
print (valeur)
print ("La moyenne est : ", moy)
print ("Le plus petit élément est : ", min)
print ("Le plus grand élément est : ", max)

14
Sio2/SISR/30-python/prog3.py Executable file
View File

@ -0,0 +1,14 @@
#!/usr/bin/python3
phrase = str(input("Entrez votre phrase : "))
tabmots = phrase.split(" ")
cptmots = {}
for mot in tabmots:
if not mot in cptmots:
cptmots[mot] = 1
else:
cptmots[mot] = cptmots[mot] + 1
for mot in cptmots.keys():
print(mot, ":", cptmots[mot])

1816
Sio2/SISR/30-python/resul.txt Normal file
View File

File diff suppressed because it is too large Load Diff

4
Sio2/SISR/30-python/user.txt Normal file
View File

@ -0,0 +1,4 @@
lucien:Lucien Dubois
claudine:Claudine Dupont
robert:Robert Dupond
anthony:Anthony Arnoux

6
Sio2/SISR/40-ansible/hosts Normal file
View File

@ -0,0 +1,6 @@
[adm]
infra
[web]
web1
web2

1
Sio2/SISR/40-ansible/index.html Normal file
View File

@ -0,0 +1 @@
coucou les loulous

24
Sio2/SISR/40-ansible/rsyslog.yml Normal file
View File

@ -0,0 +1,24 @@
---
- hosts: infra
tasks:
- name: decommente le chargement du module imudp dans rsyslog.conf
replace:
path: /etc/rsyslog.conf
regexp: '^#module\(load="imudp"\)'
replace: 'module(load="imudp")'
backup: true
notify: Restart Rsyslog
- name: decommente le chargement du module imudp dans rsyslog.conf
replace:
path: /etc/rsyslog.conf
regexp: '^#input\(type="imudp" port="514"\)'
replace: 'input(type="imudp" port="514")'
backup: true
notify: Restart Rsyslog
handlers:
- name: Restart Rsyslog
service:
name: rsyslog
state: restarted

23
Sio2/SISR/40-ansible/web.yml Normal file
View File

@ -0,0 +1,23 @@
---
- hosts: all
tasks:
- name: 1. installe Apache
apt:
name: apache2
state: present
- name: 2. installe PHP pour Apache
apt:
name: php
state: present
- name: 3. installe php-mbstring
apt:
name: php-mbstring
state: present
- name: 4. installe index.html
copy:
src: index.html
dest: /var/www/html/index.html
mode: 0664

70
Sio2/Vagrantfile vendored Normal file
View File

@ -0,0 +1,70 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://vagrantcloud.com/search.
config.vm.box = "debian/bullseye64"
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# NOTE: This will enable public access to the opened port
config.vm.network "forwarded_port", guest: 80, host: 2080
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine and only allow access
# via 127.0.0.1 to disable public access
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "../data", "/vagrant_data"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
config.vm.provider "virtualbox" do |vb|
# # Display the VirtualBox GUI when booting the machine
# vb.gui = true
#
# # Customize the amount of memory on the VM:
vb.memory = "1024"
end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
# documentation for more information about their specific syntax and use.
config.vm.provision "shell", inline: <<-SHELL
apt-get update
apt-get install -y apache2 nano
SHELL
end