From 556311a60799d954a9134511070246697d776398 Mon Sep 17 00:00:00 2001
From: Victor LABORIE <vlaborie@evolix.fr>
Date: Wed, 11 Oct 2017 15:17:58 +0200
Subject: [PATCH] evoadmin-mail: fix default config and evoadmin user

---
 webapps/evoadmin-mail/tasks/user.yml          | 39 ++++++++++++-
 webapps/evoadmin-mail/tasks/web.yml           |  9 ---
 webapps/evoadmin-mail/templates/conf.php.j2   | 56 +++++++++++++++++++
 .../templates/config.local.php.j2             |  8 ---
 .../evoadmin-mail/templates/connect.php.j2    | 28 ++++++++++
 .../evoadmin-mail/templates/evoadmin.ldif.j2  | 12 ++++
 6 files changed, 134 insertions(+), 18 deletions(-)
 create mode 100644 webapps/evoadmin-mail/templates/conf.php.j2
 delete mode 100644 webapps/evoadmin-mail/templates/config.local.php.j2
 create mode 100644 webapps/evoadmin-mail/templates/connect.php.j2
 create mode 100644 webapps/evoadmin-mail/templates/evoadmin.ldif.j2

diff --git a/webapps/evoadmin-mail/tasks/user.yml b/webapps/evoadmin-mail/tasks/user.yml
index efbebf72..cf260c4f 100644
--- a/webapps/evoadmin-mail/tasks/user.yml
+++ b/webapps/evoadmin-mail/tasks/user.yml
@@ -40,11 +40,48 @@
 
 - name: "Change perms on evoadminmail document root"
   file:
-    dest: "{{ evoadminmail_document_root}}"
+    dest: "{{ evoadminmail_document_root }}"
     owner: "www-{{ evoadminmail_username }}"
     group: "{{ evoadminmail_username }}"
     recurse: yes
 
+- name: "Copy connect.php"
+  template:
+    src: connect.php.j2
+    dest: "{{ evoadminmail_document_root }}/evoadmin/htdocs/connect.php"
+    owner: "www-{{ evoadminmail_username }}"
+    group: "{{ evoadminmail_username }}"
+  when: ldap_admin_password is defined 
+
+- name: "Copy conf.php"
+  template:
+    src: conf.php.j2
+    dest: "{{ evoadminmail_document_root }}/evoadmin/htdocs/config/conf.php"
+    owner: "www-{{ evoadminmail_username }}"
+    group: "{{ evoadminmail_username }}"
+
+- name: create a password for evoadmin user
+  command: "apg -n 1 -m 16 -M lcN"
+  register: evoadminmail_admin_password
+  changed_when: False
+
+- name: upload ldif for evoadmin user
+  template:
+    src: evoadmin.ldif.j2
+    dest: /root/evolinux_evoadminmail_admin.ldif
+    mode: "0640"
+
+- name: inject config
+  command: slapadd -l /root/evolinux_evoadminmail_admin.ldif
+
+- name: create log file
+  file:
+    dest: /var/log/evoadmin-mail.log
+    state: touch
+    owner: "www-{{ evoadminmail_username }}"
+    group: "adm"
+    mode: "0640"
+
 - include: remount_usr_rw.yml
   when: evoadminmail_scripts_dir | search ("/usr")
 
diff --git a/webapps/evoadmin-mail/tasks/web.yml b/webapps/evoadmin-mail/tasks/web.yml
index 95eabe1d..e7d915a3 100644
--- a/webapps/evoadmin-mail/tasks/web.yml
+++ b/webapps/evoadmin-mail/tasks/web.yml
@@ -28,12 +28,3 @@
   changed_when: "'Disabling site' in cmd_a2dissite.stdout"
   notify: reload apache2
   when: not evoadminmail_enable_vhost
-
-#- name: Copy config file for evoadmin
-#  template:
-#    src: config.local.php.j2
-#    dest: "{{ evoadminmail_document_root}}/conf/config.local.php"
-#    mode: "0644"
-#    owner: evoadmin
-#    group: evoadmin
-#    force: no
diff --git a/webapps/evoadmin-mail/templates/conf.php.j2 b/webapps/evoadmin-mail/templates/conf.php.j2
new file mode 100644
index 00000000..b534d0d0
--- /dev/null
+++ b/webapps/evoadmin-mail/templates/conf.php.j2
@@ -0,0 +1,56 @@
+<?php
+
+// Email pour les notifications
+$conf['admin']['mail'] = 'evoadminmail_contact_email or general_alert_email | mandatory';
+// login des superadmins
+// Note: utile uniquement si domaines/driver=ldap, laisser vide sinon...
+$conf['admin']['logins'] = array('evoadmin');
+// What do you want?
+// 0 = nothing...
+// 1 = only mail accounts
+// 2 = only samba accounts
+// 3 = mail and samba accounts
+$conf['admin']['what'] = 1;
+// use hook.php instead of hook-dist.php
+$conf['admin']['use_hook'] = false;
+// enable quota
+$conf['admin']['quota'] = true;
+
+// compatibilite LDAP
+$conf['evoadmin']['version'] = 3;
+$conf['url']['webroot'] = '/evoadmin';
+
+$conf['domaines']['onlyone'] = false;
+$conf['domaines']['driver'] = 'ldap';
+$conf['domaines']['file']['all'] = array('example.com');
+$conf['domaines']['file']['gid'] = 1000;
+// Pack Mail "virtuel"... attention
+// uniquement possible si $conf['admin']['what']=1 !!
+$conf['domaines']['ldap']['virtual'] = true;
+
+// Mode cluster
+// Uniquement en mode mail seul et des utilisateurs virtuels
+$conf['evoadmin']['cluster'] = false;
+
+// auth SMTP by default ?
+$conf['evoadmin']['useauthsmtp'] = false;
+
+// Si comptes virtuels
+$conf['unix']['uid'] = 5000;
+
+// Si pas virtuel
+$conf['unix']['minuid'] = 1000;
+$conf['unix']['mingid'] = 1000;
+
+$conf['html']['title'] = "Interface d'administration XXX";
+
+// gestion des logs
+$conf['log']['priority'] = PEAR_LOG_DEBUG;
+$conf['log']['name'] = '/var/log/evoadmin-mail.log';
+$conf['log']['software'] = 'evoadminmail';
+$conf['log']['enabled'] = true;
+
+// samba
+$conf['samba']['dn'] = 'DOMAINNAME';
+$conf['samba']['sid'] = 'S-1-5-21-XXX-XXX-XXX';
+$conf['samba']['admin_default'] = false;
diff --git a/webapps/evoadmin-mail/templates/config.local.php.j2 b/webapps/evoadmin-mail/templates/config.local.php.j2
deleted file mode 100644
index 3e159bcd..00000000
--- a/webapps/evoadmin-mail/templates/config.local.php.j2
+++ /dev/null
@@ -1,8 +0,0 @@
-<?php
-
-$localconf['admin']['mail'] = '{{ evoadmin_contact_email or general_alert_email | mandatory }}';
-$localconf['debug'] = FALSE;
-// Add local users that should be superadmin
-$localconf['superadmin'] = array();
-$localconf['script_path'] = '{{ evoadmin_scripts_dir }}';
-$localconf['cluster'] = FALSE;
diff --git a/webapps/evoadmin-mail/templates/connect.php.j2 b/webapps/evoadmin-mail/templates/connect.php.j2
new file mode 100644
index 00000000..5c393ca2
--- /dev/null
+++ b/webapps/evoadmin-mail/templates/connect.php.j2
@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Secrete parameters
+ *
+ * $Id: connect-dist.php,v 1.3 2007-05-22 21:12:23 reg Exp $
+ *
+ * @author Gregory Colpart <reg@evolix.fr>
+ * @version 1.0
+ */
+
+define("LDAP_URI","ldap://127.0.0.1");
+$ldap_servers = array('ldap://127.0.0.1');
+define("LDAP_BASE","{{ ldap_suffix }}");
+define("LDAP_ADMIN_DN","cn=admin,{{ ldap_suffix }}");
+define("LDAP_ADMIN_PASS","{{ ldap_admin_password.stdout }}");
+
+define("SUDOBIN","/usr/bin/sudo");
+define("SUDOSCRIPT","/usr/share/scripts/evoadmin.sh");
+define("SUDOPASS","xxxxxx");
+
+define('SERVEUR','localhost');
+define('SERVEURPORT',3306);
+define('BASE','horde');
+define('NOM', 'horde');
+define('PASSE', 'xxxx');
+
+?>
diff --git a/webapps/evoadmin-mail/templates/evoadmin.ldif.j2 b/webapps/evoadmin-mail/templates/evoadmin.ldif.j2
new file mode 100644
index 00000000..389fdff9
--- /dev/null
+++ b/webapps/evoadmin-mail/templates/evoadmin.ldif.j2
@@ -0,0 +1,12 @@
+dn: uid=evoadmin,{{ ldap_suffix }}
+uid: evoadmin
+cn: Evoadmin ADM
+uidNumber: 4242
+gidNumber: 4242
+homeDirectory: /dev/null
+isAdmin: TRUE
+mailacceptinggeneralid: evoadmin@{{ ansible_fqdn }}
+objectClass: mailAccount
+objectClass: organizationalRole
+objectClass: posixAccount
+userPassword: {{ evoadminmail_admin_password.stdout }}