sindominio
/
lowry
10
0
Fork 4
Code Issues 8 Pull Requests 1 Releases Wiki Activity
Nuestro burocrata preferido: Sam Lowry https://lowry.sindominio.net
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 Commits
9 Branches
0 Tags
7.5 MiB
 
 
 
 
 
 
Branch: locked
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'locked'
${ noResults }
lowry/main.go

119 lines
2.9 KiB
Raw Permalink Blame History

package main
import (
"bufio"
"log"
"os"
"sort"
"strings"
"time"
"0xacab.org/sindominio/lowry/db"
"0xacab.org/sindominio/lowry/ldap"
"0xacab.org/sindominio/lowry/mail"
"0xacab.org/sindominio/lowry/server"
"github.com/namsral/flag"
)
var (
inviteExpireDuration = time.Hour * 24 * 30 // 30 days
accountExpireDuration = time.Hour * 24 * 90 // 90 days
accountBlockDuration = time.Hour * 24 * 6 * 30 // ~ 6 months
)
func main() {
var (
ldapaddr = flag.String("ldapaddr", "localhost:389", "LDAP server address and port")
domain = flag.String("domain", "", "LDAP domain components")
ldappass = flag.String("ldappass", "", "Password of the LDAP `admin' user")
homepath = flag.String("homepath", "/home/", "Path to the user homes")
smtpaddr = flag.String("smtpaddr", "localhost:25", "The address of the smtp server to send email")
email = flag.String("email", "", "The email address to send notifications from")
emailpass = flag.String("emailpass", "", "The password of the email address")
httpaddr = flag.String("httpaddr", ":8080", "Web server address and port")
dbpath = flag.String("dbpath", "bolt.db", "The path to store the lowry status database")
ro = flag.Bool("ro", false, "Read-Only mode")
)
flag.String(flag.DefaultConfigFlagname, "/etc/lowry.conf", "Path to configuration file")
flag.Parse()
m := mail.Init(*email, *emailpass, *smtpaddr, *domain)
l := ldap.Ldap{
Addr: *ldapaddr,
Domain: *domain,
Pass: *ldappass,
HomePath: *homepath,
RO: *ro,
}
err := l.Init()
if err != nil {
log.Fatal(err)
}
go lockUsers(l)
ldb, err := db.Init(*dbpath)
if err != nil {
log.Fatal(err)
}
defer ldb.Close()
go cleanInvites(ldb)
log.Fatal(server.Serve(*httpaddr, &l, m, ldb))
}
func lockUsers(l ldap.Ldap) {
for {
users, err := l.ListUsers()
if err != nil {
log.Printf("Error listing users for locking: %v", err)
time.Sleep(time.Minute * 61)
continue
}
for _, u := range users {
// TODO: add deleted flag
if u.Locked != ldap.Unlocked ||
u.LastLogin.Add(accountBlockDuration).After(time.Now()) {
continue
}
err = l.ChangeLocked(u.Name, ldap.Blocked)
if err != nil {
log.Printf("Error changing locked for user %s: %v", u.Name, err)
}
if u.Role == ldap.Sindominante {
err = l.ChangeRole(u.Name, ldap.Amiga)
if err != nil {
log.Printf("Error changing role for blocked user %s: %v", u.Name, err)
}
}
}
time.Sleep(time.Minute * 61)
}
}
func cleanInvites(ldb *db.DB) {
for {
ldb.ExpireInvites(inviteExpireDuration)
ldb.ExpireAccounts(accountExpireDuration)
time.Sleep(time.Minute * 60)
}
}
func readUserList(listPath string) []string {
f, err := os.Open(listPath)
if err != nil {
log.Fatal(err)
}
defer f.Close()
list := []string{}
scanner := bufio.NewScanner(f)
for scanner.Scan() {
user := strings.TrimSpace(scanner.Text())
list = append(list, user)
}
sort.Strings(list)
return list
}