initial debian packaging

This commit is contained in:
Serghei Mihai 2015-03-24 00:43:52 +01:00
commit 8b8b511237
18 changed files with 633 additions and 0 deletions

5
changelog Normal file
View File

@ -0,0 +1,5 @@
uauth (0.0.1-1) unstable; urgency=low
* source package automatically created by stdeb 0.8.2
-- Serghei Mihai <smihai@entrouvert.com> Tue, 24 Mar 2015 00:42:56 +0100

1
compat Normal file
View File

@ -0,0 +1 @@
9

24
control Normal file
View File

@ -0,0 +1,24 @@
Source: u-auth
Maintainer: Serghei Mihai <smihai@entrouvert.com>
Section: python
Priority: optional
Build-Depends: python-setuptools (>= 0.6b3), python-all (>= 2.6.6-3), debhelper (>= 9)
Standards-Version: 3.9.1
X-Python-Version: >= 2.7
Package: python-u-auth
Architecture: all
Depends: ${misc:Depends}, ${python:Depends},
python-requests,
python-gadjo, python-ldap,
python-django (>=1.7),
python-unidecode, python-django-mellon
Description: Captive portal in the Cloud (Python-module)
Package: u-auth
Architecture: all
Depends: ${misc:Depends},
python-u-auth (= ${binary:Version}),
gunicorn
Recommends: nginx, postgresql
Description: Captive potail in the Cloud

24
debian_config.py Normal file
View File

@ -0,0 +1,24 @@
# This file is sourced by "execfile" from u-auth.settings
import os
from django.conf import global_settings
DEBUG = False
TEMPLATE_DEBUG = False
PROJECT_NAME = 'u-auth'
EMAIL_SUBJECT_PREFIX = '[%s] ' % PROJECT_NAME
ETC_DIR = '/etc/%s' % PROJECT_NAME
VAR_DIR = '/var/lib/%s' % PROJECT_NAME
# collecstatic destination
STATIC_ROOT = os.path.join(VAR_DIR, 'collectstatic')
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECRET_KEY = file('/etc/%s/secret' % PROJECT_NAME).read()
execfile(os.path.join(ETC_DIR, 'settings.py'))

58
nginx-example.conf Normal file
View File

@ -0,0 +1,58 @@
server {
listen 443;
server_name u-auth.example.org;
ssl on;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
access_log /var/log/nginx/u-auth.example.org-access.log combined;
error_log /var/log/nginx/u-auth.example.org-error.log;
location ~ ^/static/(.+)$ {
root /;
try_files /var/lib/u-auth/static/$1
/var/lib/u-auth/collectstatic/$1
=404;
}
location ~ ^/media/(.+)$ {
alias /var/lib/u-auth/media/$1;
}
location / {
proxy_pass http://unix:/var/run/u-auth/u-auth.sock;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Forwarded-Protocol ssl;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name u-auth.example.org;
access_log /var/log/nginx/u-auth.example.org-access.log combined;
error_log /var/log/nginx/u-auth.example.org-error.log;
location ~ ^/static/(.+)$ {
root /;
try_files /var/lib/u-auth/static/$1
/var/lib/u-auth/collectstatic/$1
=404;
}
location ~ ^/media/(.+)$ {
alias /var/lib/u-auth/media/$1;
}
location / {
proxy_pass http://unix:/var/run/u-auth/u-auth.sock;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

1
python-u-auth.dirs Normal file
View File

@ -0,0 +1 @@
/usr/lib/u-auth

2
python-u-auth.docs Normal file
View File

@ -0,0 +1,2 @@
COPYING
README

2
python-u-auth.install Normal file
View File

@ -0,0 +1,2 @@
usr/bin/manage.py /usr/lib/u-auth
usr/lib/python2*/*-packages

7
rules Executable file
View File

@ -0,0 +1,7 @@
#!/usr/bin/make -f
# This file was automatically generated by stdeb 0.8.2 at
# Tue, 24 Mar 2015 00:42:56 +0100
%:
dh $@ --with python2

214
schema/radius.ldif Normal file
View File

@ -0,0 +1,214 @@
# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
# CRC32 283edc8d
# Put this file to /etc/ldap/schema/ and then execute the following
# comand to add this schema:
# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/radius.ldif
dn: cn=radius,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: radius
olcAttributeTypes: {0}( 1.3.6.1.4.1.3317.4.3.1.1 NAME 'radiusArapFeatures' D
ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SIN
GLE-VALUE )
olcAttributeTypes: {1}( 1.3.6.1.4.1.3317.4.3.1.2 NAME 'radiusArapSecurity' D
ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SIN
GLE-VALUE )
olcAttributeTypes: {2}( 1.3.6.1.4.1.3317.4.3.1.3 NAME 'radiusArapZoneAccess'
DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S
INGLE-VALUE )
olcAttributeTypes: {3}( 1.3.6.1.4.1.3317.4.3.1.44 NAME 'radiusAuthType' DESC
'checkItem: Auth-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466
.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {4}( 1.3.6.1.4.1.3317.4.3.1.4 NAME 'radiusCallbackId' DES
C 'replyItem: Callback-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1
466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {5}( 1.3.6.1.4.1.3317.4.3.1.5 NAME 'radiusCallbackNumber'
DESC 'replyItem: Callback-Number' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6
.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {6}( 1.3.6.1.4.1.3317.4.3.1.6 NAME 'radiusCalledStationId
' DESC 'checkItem: Called-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.
3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {7}( 1.3.6.1.4.1.3317.4.3.1.7 NAME 'radiusCallingStationI
d' DESC 'checkItem: Calling-Station-Id' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {8}( 1.3.6.1.4.1.3317.4.3.1.8 NAME 'radiusClass' DESC 're
plyItem: Class' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121
.1.26 )
olcAttributeTypes: {9}( 1.3.6.1.4.1.3317.4.3.1.45 NAME 'radiusClientIPAddres
s' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
olcAttributeTypes: {10}( 1.3.6.1.4.1.3317.4.3.1.9 NAME 'radiusFilterId' DESC
'replyItem: Filter-Id' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466
.115.121.1.26 )
olcAttributeTypes: {11}( 1.3.6.1.4.1.3317.4.3.1.10 NAME 'radiusFramedAppleTa
lkLink' DESC 'replyItem: Framed-AppleTalk-Link' EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {12}( 1.3.6.1.4.1.3317.4.3.1.11 NAME 'radiusFramedAppleTa
lkNetwork' DESC 'replyItem: Framed-AppleTalk-Network' EQUALITY caseIgnoreIA
5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {13}( 1.3.6.1.4.1.3317.4.3.1.12 NAME 'radiusFramedAppleTa
lkZone' DESC 'replyItem: Framed-AppleTalk-Zone' EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {14}( 1.3.6.1.4.1.3317.4.3.1.13 NAME 'radiusFramedCompres
sion' DESC 'replyItem: Framed-Compression' EQUALITY caseIgnoreIA5Match SYNT
AX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {15}( 1.3.6.1.4.1.3317.4.3.1.14 NAME 'radiusFramedIPAddre
ss' DESC 'replyItem: Framed-IP-Address' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {16}( 1.3.6.1.4.1.3317.4.3.1.15 NAME 'radiusFramedIPNetma
sk' DESC 'replyItem: Framed-IP-Netmask' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {17}( 1.3.6.1.4.1.3317.4.3.1.16 NAME 'radiusFramedIPXNetw
ork' DESC 'replyItem: Framed-IPX-Network' EQUALITY caseIgnoreIA5Match SYNTA
X 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {18}( 1.3.6.1.4.1.3317.4.3.1.17 NAME 'radiusFramedMTU' DE
SC 'replyItem: Framed-MTU' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1
466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {19}( 1.3.6.1.4.1.3317.4.3.1.18 NAME 'radiusFramedProtoco
l' DESC 'replyItem: Framed-Protocol' EQUALITY caseIgnoreIA5Match SYNTAX 1.3
.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {20}( 1.3.6.1.4.1.3317.4.3.1.19 NAME 'radiusFramedRoute'
DESC 'replyItem: Framed-Route' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4
.1.1466.115.121.1.26 )
olcAttributeTypes: {21}( 1.3.6.1.4.1.3317.4.3.1.20 NAME 'radiusFramedRouting
' DESC 'replyItem: Framed-Routing' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6
.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {22}( 1.3.6.1.4.1.3317.4.3.1.46 NAME 'radiusGroupName' DE
SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {23}( 1.3.6.1.4.1.3317.4.3.1.47 NAME 'radiusHint' DESC ''
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VA
LUE )
olcAttributeTypes: {24}( 1.3.6.1.4.1.3317.4.3.1.48 NAME 'radiusHuntgroupName
' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
)
olcAttributeTypes: {25}( 1.3.6.1.4.1.3317.4.3.1.21 NAME 'radiusIdleTimeout'
DESC 'replyItem: Idle-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4
.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {26}( 1.3.6.1.4.1.3317.4.3.1.22 NAME 'radiusLoginIPHost'
DESC 'replyItem: Login-IP-Host' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.
4.1.1466.115.121.1.26 )
olcAttributeTypes: {27}( 1.3.6.1.4.1.3317.4.3.1.23 NAME 'radiusLoginLATGroup
' DESC 'replyItem: Login-LAT-Group' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.
6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {28}( 1.3.6.1.4.1.3317.4.3.1.24 NAME 'radiusLoginLATNode'
DESC 'replyItem: Login-LAT-Node' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.
1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {29}( 1.3.6.1.4.1.3317.4.3.1.25 NAME 'radiusLoginLATPort'
DESC 'replyItem: Login-LAT-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.
1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {30}( 1.3.6.1.4.1.3317.4.3.1.26 NAME 'radiusLoginLATServi
ce' DESC 'replyItem: Login-LAT-Service' EQUALITY caseIgnoreIA5Match SYNTAX
1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {31}( 1.3.6.1.4.1.3317.4.3.1.27 NAME 'radiusLoginService'
DESC 'replyItem: Login-Service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1
.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {32}( 1.3.6.1.4.1.3317.4.3.1.28 NAME 'radiusLoginTCPPort'
DESC 'replyItem: Login-TCP-Port' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.
1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {33}( 1.3.6.1.4.1.3317.4.3.1.29 NAME 'radiusPasswordRetry
' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
olcAttributeTypes: {34}( 1.3.6.1.4.1.3317.4.3.1.30 NAME 'radiusPortLimit' DE
SC 'replyItem: Port-Limit' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1
466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {35}( 1.3.6.1.4.1.3317.4.3.1.49 NAME 'radiusProfileDn' DE
SC '' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
SINGLE-VALUE )
olcAttributeTypes: {36}( 1.3.6.1.4.1.3317.4.3.1.31 NAME 'radiusPrompt' DESC
'' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
VALUE )
olcAttributeTypes: {37}( 1.3.6.1.4.1.3317.4.3.1.50 NAME 'radiusProxyToRealm'
DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S
INGLE-VALUE )
olcAttributeTypes: {38}( 1.3.6.1.4.1.3317.4.3.1.51 NAME 'radiusReplicateToRe
alm' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.
26 SINGLE-VALUE )
olcAttributeTypes: {39}( 1.3.6.1.4.1.3317.4.3.1.52 NAME 'radiusRealm' DESC '
' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-V
ALUE )
olcAttributeTypes: {40}( 1.3.6.1.4.1.3317.4.3.1.32 NAME 'radiusServiceType'
DESC 'replyItem: Service-Type' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4
.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {41}( 1.3.6.1.4.1.3317.4.3.1.33 NAME 'radiusSessionTimeou
t' DESC 'replyItem: Session-Timeout' EQUALITY caseIgnoreIA5Match SYNTAX 1.3
.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {42}( 1.3.6.1.4.1.3317.4.3.1.34 NAME 'radiusTerminationAc
tion' DESC 'replyItem: Termination-Action' EQUALITY caseIgnoreIA5Match SYNT
AX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {43}( 1.3.6.1.4.1.3317.4.3.1.35 NAME 'radiusTunnelAssignm
entId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.
1.26 )
olcAttributeTypes: {44}( 1.3.6.1.4.1.3317.4.3.1.36 NAME 'radiusTunnelMediumT
ype' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.
26 )
olcAttributeTypes: {45}( 1.3.6.1.4.1.3317.4.3.1.37 NAME 'radiusTunnelPasswor
d' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE )
olcAttributeTypes: {46}( 1.3.6.1.4.1.3317.4.3.1.38 NAME 'radiusTunnelPrefere
nce' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.
26 )
olcAttributeTypes: {47}( 1.3.6.1.4.1.3317.4.3.1.39 NAME 'radiusTunnelPrivate
GroupId' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12
1.1.26 )
olcAttributeTypes: {48}( 1.3.6.1.4.1.3317.4.3.1.40 NAME 'radiusTunnelServerE
ndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12
1.1.26 )
olcAttributeTypes: {49}( 1.3.6.1.4.1.3317.4.3.1.41 NAME 'radiusTunnelType' D
ESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {50}( 1.3.6.1.4.1.3317.4.3.1.42 NAME 'radiusVSA' DESC ''
EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
olcAttributeTypes: {51}( 1.3.6.1.4.1.3317.4.3.1.43 NAME 'radiusTunnelClientE
ndpoint' DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.12
1.1.26 )
olcAttributeTypes: {52}( 1.3.6.1.4.1.3317.4.3.1.53 NAME 'radiusSimultaneousU
se' DESC 'checkItem: Simultaneous-Use' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )
olcAttributeTypes: {53}( 1.3.6.1.4.1.3317.4.3.1.54 NAME 'radiusLoginTime' DE
SC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SING
LE-VALUE )
olcAttributeTypes: {54}( 1.3.6.1.4.1.3317.4.3.1.55 NAME 'radiusUserCategory'
DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S
INGLE-VALUE )
olcAttributeTypes: {55}( 1.3.6.1.4.1.3317.4.3.1.56 NAME 'radiusStripUserName
' DESC '' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE )
olcAttributeTypes: {56}( 1.3.6.1.4.1.3317.4.3.1.57 NAME 'dialupAccess' DESC
'' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-
VALUE )
olcAttributeTypes: {57}( 1.3.6.1.4.1.3317.4.3.1.58 NAME 'radiusExpiration' D
ESC 'checkItem: Expiration' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.
1466.115.121.1.26 SINGLE-VALUE )
olcAttributeTypes: {58}( 1.3.6.1.4.1.3317.4.3.1.59 NAME 'radiusCheckItem' DE
SC 'checkItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.14
66.115.121.1.26 )
olcAttributeTypes: {59}( 1.3.6.1.4.1.3317.4.3.1.60 NAME 'radiusReplyItem' DE
SC 'replyItem: $GENERIC$' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.14
66.115.121.1.26 )
olcAttributeTypes: {60}( 1.3.6.1.4.1.3317.4.3.1.61 NAME 'radiusNASIpAddress'
DESC '' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 S
INGLE-VALUE )
olcAttributeTypes: {61}( 1.3.6.1.4.1.3317.4.3.1.62 NAME 'radiusReplyMessage'
DESC 'replyItem: Reply-Message' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1
.4.1.1466.115.121.1.26 )
olcObjectClasses: {0}( 1.3.6.1.4.1.3317.4.3.2.1 NAME 'radiusprofile' DESC ''
SUP top AUXILIARY MUST cn MAY ( radiusArapFeatures $ radiusArapSecurity $
radiusArapZoneAccess $ radiusAuthType $ radiusCallbackId $ radiusCallbackNu
mber $ radiusCalledStationId $ radiusCallingStationId $ radiusClass $ radiu
sClientIPAddress $ radiusFilterId $ radiusFramedAppleTalkLink $ radiusFrame
dAppleTalkNetwork $ radiusFramedAppleTalkZone $ radiusFramedCompression $ r
adiusFramedIPAddress $ radiusFramedIPNetmask $ radiusFramedIPXNetwork $ rad
iusFramedMTU $ radiusFramedProtocol $ radiusCheckItem $ radiusReplyItem $ r
adiusFramedRoute $ radiusFramedRouting $ radiusIdleTimeout $ radiusGroupNam
e $ radiusHint $ radiusHuntgroupName $ radiusLoginIPHost $ radiusLoginLATGr
oup $ radiusLoginLATNode $ radiusLoginLATPort $ radiusLoginLATService $ rad
iusLoginService $ radiusLoginTCPPort $ radiusLoginTime $ radiusPasswordRetr
y $ radiusPortLimit $ radiusPrompt $ radiusProxyToRealm $ radiusRealm $ rad
iusReplicateToRealm $ radiusServiceType $ radiusSessionTimeout $ radiusStri
pUserName $ radiusTerminationAction $ radiusTunnelClientEndpoint $ radiusPr
ofileDn $ radiusSimultaneousUse $ radiusTunnelAssignmentId $ radiusTunnelMe
diumType $ radiusTunnelPassword $ radiusTunnelPreference $ radiusTunnelPriv
ateGroupId $ radiusTunnelServerEndpoint $ radiusTunnelType $ radiusUserCate
gory $ radiusVSA $ radiusExpiration $ dialupAccess $ radiusNASIpAddress $ r
adiusReplyMessage ) )
olcObjectClasses: {1}( 1.3.6.1.4.1.3317.4.3.2.2 NAME 'radiusObjectProfile' D
ESC 'A Container Objectclass to be used for creating radius profile object'
SUP top STRUCTURAL MUST cn MAY ( uid $ userPassword $ description ) )

17
settings.py Normal file
View File

@ -0,0 +1,17 @@
DEBUG = False
TEMPLATE_DEBUG = False
ALLOWED_HOSTS = [
'*',
]
LANGUAGE_CODE = 'fr-fr'
TIME_ZONE = 'Europe/Paris'
# LDAP_CONF = {
# 'url': 'ldap://localhost',
# 'bind_dn': 'cn=admin,dc=dev,dc=entrouvert,dc=org',
# 'options': {},
# 'bind_passwd': 'changeme',
# 'dn': 'ou=users,dc=dev,dc=entrouvert,dc=org',
# }

1
source/format Normal file
View File

@ -0,0 +1 @@
3.0 (quilt)

25
u-auth-manage Normal file
View File

@ -0,0 +1,25 @@
#!/bin/sh
NAME=u-auth
MANAGE=/usr/lib/$NAME/manage.py
# load Debian default configuration
export COMBO_SETTINGS_FILE=/usr/lib/$NAME/debian_config.py
# check user
if test x$1 = x"--forceuser"
then
shift
elif test $(id -un) != "$NAME"
then
echo "error: must use $0 with user ${NAME}"
exit 1
fi
if test $# -eq 0
then
python ${MANAGE} help
exit 1
fi
python ${MANAGE} "$@"

7
u-auth.dirs Normal file
View File

@ -0,0 +1,7 @@
/etc/u-auth
/usr/lib/u-auth
/var/lib/u-auth/collectstatic
/var/lib/u-auth/static
/var/lib/u-auth/templates
/var/lib/u-auth/media
/var/log/u-auth

3
u-auth.docs Normal file
View File

@ -0,0 +1,3 @@
COPYING
README
debian/nginx-example.conf

193
u-auth.init Normal file
View File

@ -0,0 +1,193 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: u-auth
# Required-Start: $network $local_fs
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Captive portal in the Cloud
# Description: Captive portal in the Cloud
### END INIT INFO
# Author: Entr'ouvert <info@entrouvert.com>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="Captive portal in the Cloud"
NAME=u-auth
DAEMON=/usr/bin/gunicorn
RUN_DIR=/run/$NAME
PIDFILE=$RUN_DIR/$NAME.pid
LOG_DIR=/var/log/$NAME
SCRIPTNAME=/etc/init.d/$NAME
BIND=unix:$RUN_DIR/$NAME.sock
WORKERS=5
TIMEOUT=30
UAUTH_SETTINGS_FILE=/usr/lib/$NAME/debian_config.py
MANAGE_SCRIPT="/usr/bin/$NAME-manage"
USER=$NAME
GROUP=$NAME
# Exit if the package is not installed
[ -x $MANAGE_SCRIPT ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
DAEMON_ARGS=${DAEMON_ARGS:-"--pid $PIDFILE \
--user $USER --group $GROUP \
--daemon \
--access-logfile $LOG_DIR/gunicorn-access.log \
--log-file $LOG_DIR/gunicorn-error.log \
--bind=$BIND \
--workers=$WORKERS \
--worker-class=sync \
--timeout=$TIMEOUT \
--name $NAME \
$NAME.wsgi:application"}
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# Create /run directory
if [ ! -d $RUN_DIR ]; then
install -d -m 755 -o $USER -g $GROUP $RUN_DIR
fi
# environment for wsgi
export UAUTH_SETTINGS_FILE
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name `basename $DAEMON`
return 0
}
do_migrate() {
log_action_msg "Applying migrations (migrate_schemas).."
su $USER -p -c "$MANAGE_SCRIPT migrate_schemas"
log_action_msg "done"
}
do_collectstatic() {
log_action_msg "Collect static files (collectstatic).."
su $USER -p -c "$MANAGE_SCRIPT collectstatic --noinput"
log_action_msg "done"
}
case "$1" in
start)
log_daemon_msg "Starting $DESC " "$NAME"
do_migrate
do_collectstatic
do_start
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
status)
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
;;
reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
log_daemon_msg "Reloading $DESC" "$NAME"
do_collectstatic
do_migrate
do_reload
log_end_msg $?
;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_migrate
do_collectstatic
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2
exit 3
;;
esac

4
u-auth.install Normal file
View File

@ -0,0 +1,4 @@
debian/u-auth-manage /usr/bin
debian/settings.py /etc/u-auth
debian/debian_config.py /usr/lib/u-auth
debian/schema /usr/lib/u-auth

45
u-auth.postinst Normal file
View File

@ -0,0 +1,45 @@
#! /bin/sh
set -e
NAME="u-auth"
USER=$NAME
GROUP=$NAME
CONFIG_DIR="/etc/$NAME"
case "$1" in
configure)
# make sure the administrative user exists
if ! getent passwd $USER >/dev/null; then
adduser --disabled-password --quiet --system \
--no-create-home --home /var/lib/$NAME \
--gecos "$NAME user" --group $USER
fi
# ensure dirs ownership
chown $USER:$GROUP /var/log/$NAME
chown $USER:$GROUP /var/lib/$NAME/collectstatic
chown $USER:$GROUP /var/lib/$NAME/static
chown $USER:$GROUP /var/lib/$NAME/media
# create a secret file
SECRET_FILE=$CONFIG_DIR/secret
if [ ! -f $SECRET_FILE ]; then
echo -n "Generating Django secret..." >&2
cat /dev/urandom | tr -dc [:alnum:]-_\!\%\^:\; | head -c70 > $SECRET_FILE
chown root:$GROUP $SECRET_FILE
chmod 0440 $SECRET_FILE
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0