Distribution EOLE

#!/bin/bash

# nom du poste

win_name="pcprof-01.etb1.lan"

salt_timeout="-t360"

veyon_version="4.0.91"

echo "###########################################"

echo "            Installation de veyon          "

echo "###########################################"

echo ""

echo "** Ouverture des ports **"

cat <<EOF > /usr/share/eole/creole/dicos/99_salt.xml

<?xml version="1.0" encoding="utf-8"?>

<creole>

	<!-- Fichiers et services gérés par Creole -->

    <files>

    </files>

	<!-- Conteneurs et configurations spécifiques liées aux conteneurs EOLE -->

    <containers>

        <container name='fichier'>

            <service>salt-master</service>

            <service_access service='salt-master'>

                <port>4505</port>

                <port>4506</port>

            </service_access>

        </container>

    </containers>

	<!-- Déclaration des variables de configurations -->

    <variables>

		<!-- Familles de variables, correspondent aux onglets dans GenConfig -->

    </variables>

	<!-- Déclaration des contraintes sur le traitement des fichiers -->

    <constraints>

    </constraints>

	<!-- Balise d'aide pour affichier des info-bulles dans GenConfig lorsqu'on survolle les variables -->

    <help>

    </help>

</creole>

EOF

echo ""

echo "** Exécution du reconfigure **"

#reconfigure > /dev/null

echo ""

#echo "** unmask sur le service salt-master **"

#systemctl unmask salt-master.service

#echo ""

#

#echo "** Redémarrage du service salt-master **"

#service salt-master start

#echo ""

echo "** Assurez-vous d'avoir installer salt-minion sur le client Windows **"

echo ""

read -p "Appuyer sur [Enter] pour continuer"

echo ""

echo "** Relancer le minion côté client pour forcer l'enregistrement à l'aide de la commande 'salt-minion restart' **"

echo ""

read -p "Appuyer sur [Enter] pour continuer"

echo ""

echo "** Liste des minions potentiels **"

salt-key -L

echo ""

echo "** Acceptation de la clé du minion **"

salt-key -a $win_name

sleep 5

echo ""

echo "** Liste des clés de minions **"

salt-key -L

echo ""

echo "** Test de ping **"

salt $salt_timeout $win_name test.ping

echo ""

echo "** Configuration du dépôt Git pour winrepo dans le fichier /etc/salt/master **"

cat <<EOF >> /etc/salt/master

winrepo_dir_ng: '/srv/salt/win/repo-ng'

winrepo_remotes_ng:

  - 'https://github.com/saltstack/salt-winrepo-ng.git'

EOF

echo ""

echo "** Installation des paquets debian manquants pour cloner winrepo **"

apt install python-pygit2 git

echo ""

echo "** Variable d'environnement pour le proxy **"

export http_proxy=http://10.1.3.1:3128/

export https_proxy=http://10.1.3.1:3128/

echo ""

echo "** Contournement du problème de proxy pour le clone git **"

# en remplacement de la commande salt -l debug -t120 -G 'os:windows' pkg.refresh_db

rm -rf /srv/salt/win/repo-ng/salt-winrepo-ng

#git clone https://github.com/saltstack/salt-winrepo-ng.git /srv/salt/win/repo-ng/salt-winrepo-ng

git clone http://dev-eole.ac-dijon.fr/git/salt-winrepo.git /srv/salt/win/repo-ng/salt-winrepo-ng

echo ""

echo "** Copie des différentes versions de Veyon dans /srv/salt/win/veyon/ **"

mkdir -p /srv/salt/win/veyon/

cp veyon-* /srv/salt/win/veyon/

echo ""

#echo "** Surcharge du fichier SLS fourni par winrepo **"

#cat <<EOF > /srv/salt/win/repo-ng/salt-winrepo-ng/veyon.sls

## both 32-bit (x86) AND a 64-bit (AMD64) installer available

#{% if grains['cpuarch'] == 'AMD64' %}

#{% set arch = 'win64' %}

#{% else %}

#{% set arch = 'win32' %}

#{% endif %}

#

#{% set versions = ['4.0.92', '4.0.91', '4.0.7', '4.0.6'] %}

#

#veyon:

#{% for version in versions %}

#  '{{ version }}':

#    full_name: 'Veyon {{ version }}'

#    source: 'https://github.com/veyon/veyon/releases/download/v{{ version }}/veyon-{{ version }}.0-{{ arch }}-setup.exe'

#    installer: salt://win/veyon/veyon-{{ version }}.0-{{ arch }}-setup.exe

#    install_flags: '/S /Master'

#    uninstaller: '%ProgramFiles%\Veyon\uninstall.exe'

#    uninstall_flags: '/S'

#    msiexec: False

#    locale: en_US

#    reboot: False

#{% endfor %}

#EOF

#echo ""

echo "** Versions supportées **"

salt $salt_timeout $win_name pkg.list_available veyon

echo ""

echo "** Installation de Veyon $veyon_version **"

salt -l debug $salt_timeout $win_name pkg.install 'veyon' version=$veyon_version

echo ""

# sur quel module sommes-nous ?

EOLERELEASE="/etc/eole/release"

. $EOLERELEASE

# scribe-ad

if [ $EOLE_MODULE == "scribe" ] ; then

	ldap_port=$(CreoleGet ldap_port)

	ldap_ip=$(CreoleGet ad_public_address)

	directory_admin=$(CreoleGet ad_user)

	ad_domain=$(CreoleGet ad_domain)

    ad_dc_0="$(echo $ad_domain | cut -d'.' -f2)"

    ad_dc_1="$(echo $ad_domain | cut -d'.' -f1)"

elif [ $EOLE_MODULE == "seth" ] ; then

	directory_admin="administrator"

	echo "Vous êtes sur un seth, configuration non implémentée"

	exit 0

fi

echo "** Construction du script de configuration de Veyon **"

cat <<EOF > config_veyon.bat

echo "Configuration de veyon"

pause

"C:\Program Files\Veyon\veyon-ctl" service stop

"C:\Program Files\Veyon\veyon-ctl" config clear

"C:\Program Files\Veyon\veyon-ctl" config set Authentication/Method 0

"C:\Program Files\Veyon\veyon-ctl" config set NetworkObjectDirectory/Plugin {6f0a491e-c1c6-4338-8244-f823b0bf8670}

"C:\Program Files\Veyon\veyon-ctl" config set AccessControl/UserGroupsBackend {6f0a491e-c1c6-4338-8244-f823b0bf8670}

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/BaseDN  DC=$ad_dc_1,DC=$ad_dc_0

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/BindDN CN=$directory_admin,CN=Users,DC=$ad_dc_1,DC=$ad_dc_0

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/BindPassword motdepassechiffre

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ComputerHostNameAttribute cn

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ComputerRoomAttribute Location

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ComputerRoomMembersByAttribute true

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ComputerTree CN=Computers

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ComputersFilter (objectclass=computer)

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ConnectionSecurity 1

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/GroupTree CN=Users

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ServerHost $ldap_ip

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/ServerPort $ldap_port

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/TLSVerifyMode 1

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/UseBindCredentials true,

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/UserGroupsFilter (objectclass=group)

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/UserTree CN=Users

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/UsersFilter (objectclass=user)

"C:\Program Files\Veyon\veyon-ctl" config set AccessControl/AccessRestrictedToUserGroups true

"C:\Program Files\Veyon\veyon-ctl" config set AccessControl/AuthorizedUserGroups CN=professeurs,CN=Users

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/UserLoginAttribute cn

"C:\Program Files\Veyon\veyon-ctl" config set LDAP/GroupMemberAttribute member

"C:\Program Files\Veyon\veyon-ctl" service start

pause

EOF

echo ""

echo "** Exécuter config_veyon.bat sur le client Windows **"

#FIXME déposer le fichier sur le client et exécuter par salt

echo ""