Distribution EOLE » Modules » eSBL » conf-esbl

<?xml version="1.0" encoding="utf-8"?>

<creole>

    <files>

        <file name='/etc/sudoers.d/supervision' source='supervision.sudoers'  mode='0440'/>

        <file name='/etc/tmpreaper.conf'/>

        <service_access service='cupsd'>

            <port service_accesslist='cupsd'>631</port>

        </service_access>

        <service_access service='webmin'>

            <port service_accesslist='webmin'>10000</port>

        </service_access>

        <service_restriction service='webmin'>

            <ip interface='eth0' netmask='netmask_ssh_eth0' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth0</ip>

            <ip interface='eth1' netmask='netmask_ssh_eth1' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth1</ip>

            <ip interface='eth2' netmask='netmask_ssh_eth2' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth2</ip>

            <ip interface='eth3' netmask='netmask_ssh_eth3' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth3</ip>

            <ip interface='eth4' netmask='netmask_ssh_eth4' netmask_type='SymLinkOption' ip_type='SymLinkOption'>ip_ssh_eth4</ip>

        </service_restriction>

    </files>

    <containers>

        <container name='fichier' id='12'>

            <package>cifs-utils</package>

            <package>tdb-tools</package>

            <file name='/etc/pam.d/common-session' source='common-session.esbl'/>

            <file name='/etc/pam.d/samba' redefine='True' source='samba.esbl'/>

            <file name='/etc/tmpreaper.conf'/>

            <file name='/etc/cron.daily/eq_smb_menage' mode='0755'/>

            <file filelist='clamav' name='/etc/cron.d/scan_clamav' mode='0644' rm='True'/>

            <file filelist='clamav' name='/etc/logrotate.d/scan-clamav' source='scan-clamav-logrotate' mode='0644' rm='True'/>

            <file name='/etc/cron.d/tdb' source='tdb_cron'/>

            <file name='/etc/cron.d/group_win' source='group_win_cron'/>

        </container>

    </containers>

    <variables>

        <family name='general'>

            <variable name='eole_module' redefine='True' >

                <value>esbl</value>

            </variable>

            <variable name='numero_etab' description="Identifiant de l'établissement (nom court du service ex: DR-RA)" redefine='True'/>

            <variable name='libelle_etab' description="Nom du service(ex: DREAL Rhône Alpes)" redefine='True' hidden='True' mode='expert' />

            <variable name='nom_academie' description='Nom utilise pour annuaire' redefine='True' hidden='True'>

                <value>domaine</value>

            </variable>

            <variable name='proxy_client_adresse' description='Adresse ou nom du proxy (saisir le proxy local -  ex: proxy.NomDuService.i2)' redefine='True' />

            <!-- pour Compatibilite V1 sera a supprimer -->

            <variable name='type_serv'  type='string' description='pour compatibilite V1' hidden='True' mode='expert' >

                <value>esbl</value>

            </variable>

            <variable name='type_version'  type='string' description='pour compatibilite V1' hidden='True' mode='expert' >

                <value>-v2</value>

            </variable>

            <variable name='site_V1'  type='string' description='site equidomaine' hidden='True' mode='expert' >

                <value>equidomaine.cete-mediterranee.i2</value>

            </variable>

            <variable name='date_cd'  type='string' description='pour compatibilite V1' hidden='True' mode='expert' >

                <value>30/01/2012</value>

            </variable>

            <!-- Compatibilite V1 -->

            <!-- Integration dans un domaine Active Directory  -->

            <variable name='smb_active_directory'  type='oui/non' description='Intégration dans un domaine Active Directory'>

                <value>non</value>

            </variable>

            <variable name='smb_ad_nom_long_controleur'  type='string' description='Nom long du contrôleur du domaine Active Directory'/>

            <variable name='smb_ad_realm'  type='string' description='Nom long du domaine de compte Active Directory'/>

            <!--  -->

            <variable name='nombre_interfaces' redefine='True' mode='expert'/>

            <!-- Utilisation d'une variable temporaire pendant la phase de migration des serveurs V1 vers V2 -->

            <!-- le nombre et nom des variables étant désormais figés durant toute cette phase -->

            <variable name='serveur_metier' type='string' description="serveur_ftp_hors_eole pour télécharger les paquets ne pouvant être publiés sur le site de l'E.N. (Arkeia ...)" hidden='True' multi='True'>

                <value>debmiroir-01.ac.centre-serveur.i2</value>

                <value>equidomaine.cete-mediterranee.i2</value>

            </variable>

        </family>

        <family name='services'>

            <variable name='activer_webmin' type='oui/non' mode='expert' description="Activer webmin">

                <value>non</value>

            </variable>

        </family>

        <family name='applications web'>

            <variable name='web_url' redefine='True' auto_freeze='False'/>

        </family>

        <family name='Interface-0'>

            <variable name='eth0_method' redefine='True' hidden='True'>

                <value>statique</value>

            </variable>

        </family>

        <family name='systeme' mode='expert'>

            <!-- fichier /etc/sudoers -->

            <variable name='activer_ajout_sudoers' type='oui/non' description="Ajout de spécifications supplémentaires" exists='False'>

                <value>non</value>

            </variable>

            <variable name='user_sudoers' type='string' description="Nom du compte autorisé" exists='False' multi='True'/>

            <variable name='machines_sudoers' type='string' description="Ensemble des machines autorisées ( ex ALL=NOPASSWD : )" exists='False'/>

            <variable name='command_sudoers' type='string' description="Commande autorisée" exists='False'/>

        </family>

        <family name='eole sso'>

            <variable name='eolesso_dossier' type='string' description="Sous répertoire pour l'url du SSO" exists='False'>

                <value>cas</value>

            </variable>

        </family>

        <family name='samba'>

            <variable name='smb_netbios_name' redefine='True' description="Nom Netbios du serveur" auto_freeze='False'/>

            <variable name='smb_workgroup' redefine='True' auto_freeze='False'/>

            <variable name='smb_password_server' type='string' description="Peut permettre de préciser le(s) contrôleur(s) pour l'authentification">

                <value>*</value>

            </variable>

            <variable name='smb_guest' redefine='True' hidden='True'>

                <value>non</value>

            </variable>

            <!--  variable definie dans 20_client_annuaire.xml presente dans global_smb.tmpl

            eole-client-annuaire susceptible d'être installé si le serveur fait office de contrôleur de domaine  -->

            <variable name='adresse_ip_ldap' type='string' description="Adresse IP ou nom DNS du serveur LDAP" exists='False'/>

            <variable name='ldap_base_dn' type='string' description="DN LDAP" exists='False'/>

            <!-- a supprimer - variable presente dans global_smb.tmpl-->

            <variable name='activer_esu' type='oui/non' description="activer esu" exists='False' hidden='True'/>

            <!-- -->

            <variable name='smb_lanman_auth' redefine='True'>

                <value>no</value>

            </variable>

                        <variable name='smb_socket_options' redefine='True'>

                            <value>TCP_NODELAY</value>

                        </variable>

            <variable name='smb_activer_hide_files' redefine='True'>

                <value>non</value>

            </variable>

            <variable name='smb_name_resolve_order' redefine='True'>

                <value>hosts wins bcast</value>

            </variable>

            <variable name='smb_activer_partages_diffusion' type='oui/non' description="Activer le partage diffusion">

                <value>oui</value>

            </variable>

            <variable name='smb_activer_partages_dossiers' type='oui/non' description="Activer le partage dossiers">

                <value>oui</value>

            </variable>

            <variable name='smb_activer_partages_echanges' type='oui/non' description="Activer le partage echanges">

                <value>oui</value>

            </variable>

            <variable name='smb_activer_partages_individuels' type='oui/non' description="Activer le partage individuel">

                <value>oui</value>

            </variable>

            <variable name='smb_activer_partages_locaux' type='oui/non' description="Activer la gestion de partages gérés localement">

                <value>oui</value>

            </variable>

            <variable name='smb_trash_non_perso' type='oui/non' description='Changer le nom par défaut du répertoire contenant la corbeille'>

                <value>non</value>

            </variable>

            <variable name='smb_trash_racine_non_perso' type='string' description="Nom du répertoire contenant la corbeille s'il doit être différent de 'perso'"/>

            <variable name='smb_usershare_max_shares' redefine='True'>

                <value>100</value>

            </variable>

        </family>

        <family name='cups' mode='expert'>

            <variable name='cups_eth' type='oui/non' description='Autoriser les connexions pour administrer les imprimantes' exists='False'>

                <value>non</value>

            </variable>

            <variable name='ip_cups_eth' type='ip' description="Adresse IP réseau autorisé" multi='True' mandatory='True' exists='False'/>

            <variable name='netmask_cups_eth' type='netmask' description="Masque du sous réseau" mandatory='True' exists='False'/>

        </family>

        <family name='ftp' mode='expert'>

            <variable name='ftp_maxstorefilesize' redefine='True'>

                <value>500</value>

            </variable>

        </family>

        <separators>

            <separator name='smb_trash_non_perso'>Répertoire différent de 'perso' pour la corbeille</separator>

            <separator name='cups_eth'>Autoriser l'accès distant pour administrer les imprimantes</separator>

            <separator name='activer_ajout_ftp'>Ajout d'accès Ftp</separator>

            <!-- agu - debut -->

            <separator name="smb_activer_partages">Activer partages</separator>

            <separator name='activer_ajout_sudoers'>Ajout de ligne supplémentaire dans le fichier /etc/sudoers</separator>

            <!-- agu - fin -->

        </separators>

    </variables>

    <constraints>

        <auto name='calc_val' target='home_path' >

            <param>/data/</param>

        </auto>

        <fill name='calc_val' target='libelle_etab'>

            <param type='eole' name='valeur'>numero_etab</param>

        </fill>

        <fill name='calc_val' target='smb_hide_files'>

        </fill>

        <check name='valid_enum' target='smb_name_resolve_order'>

            <param>['hosts wins bcast', 'wins hosts bcast lmhosts', 'bcast wins hosts lmhosts', 'wins bcast hosts lmhosts']</param>

            <param name='checkval'>False</param>

        </check>

        <condition name='disabled_if_in' source='activer_clam'>

            <param>non</param>

            <target type='filelist'>clamav</target>

        </condition>

        <condition name='disabled_if_in' source='smb_active_directory'>

            <param>non</param>

            <target type='variable'>smb_ad_nom_long_controleur</target>

            <target type='variable'>smb_ad_realm</target>

        </condition>

        <condition name='disabled_if_in' source='smb_active_directory'>

            <param>oui</param>

            <target type='variable'>smb_ad_nom_long_controleur</target>

        </condition>

        <condition name='disabled_if_in' source='smb_trash'>

            <param>non</param>

            <target type='variable'>smb_trash_non_perso</target>

            <target type='variable'>smb_trash_racine_non_perso</target>

        </condition>

        <condition name='disabled_if_in' source='smb_trash_non_perso'>

            <param>non</param>

            <target type='variable'>smb_trash_racine_non_perso</target>

        </condition>

        <condition name='disabled_if_in' source='activer_ajout_sudoers'>

            <param>non</param>

            <target type='variable'>user_sudoers</target>

            <target type='variable'>machines_sudoers</target>

            <target type='variable'>command_sudoers</target>

        </condition>

        <group master='user_sudoers'>

            <slave>machines_sudoers</slave>

            <slave>command_sudoers</slave>

        </group>

        <condition name='disabled_if_in' source='cups_eth'>

            <param>non</param>

            <target type='variable'>ip_cups_eth</target>

            <target type='variable'>netmask_cups_eth</target>

        </condition>

        <group master='ip_cups_eth'>

            <slave>netmask_cups_eth</slave>

        </group>

        <condition name='disabled_if_in' source='activer_webmin'>

            <param>non</param>

            <target type='service_accesslist'>webmin</target>

        </condition>

    </constraints>

    <help>

        <variable name='activer_ajout_sudoers'>Permet d'ajouter des entrées dans le fichier /etc/sudoers</variable>

    </help>

</creole>

<!-- vim: ts=4 sw=4 expandtab

-->