[Modcfgldap-devel] Re: mod_cfg_ldap
Status: Beta
Brought to you by:
abrenk
Menu
▾
▴
[Modcfgldap-devel] Re: mod_cfg_ldap
|
From: Turbo F. <tu...@ba...> - 2004-04-05 08:12:38
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [I sent this privatly to Andreas, but just to introduce my self to the list, incase there's more than the two of us, here's the mail again] Hi, I'm looking at your mod_cfg_ldap module, and I have some questions and thoughts if you don't mind... HISTORY: I'm the author of the LDAPv3 HOWTO (http://www.bayour.com/LDAPv3-HOWTO.html), and phpQLAdmin (http://phpqladmin.bayour.com/). I took over phpQLAdmin about a year ago, and it's now more of a ISP tool than a pure 'mail (server) administration' tool. A couple of months ago, I added 'web server administration' (in addition to Bind9/LDAP sdb administration which was added about a year ago). I made my own schema and a perl script that extracts all vhosts information, which could be cron-autogenerated (and included from the main httpd.conf file). This was never the perfect solution, but that was what was easiest to do... Now, looking at mod_cfg_ldap I see that much of this (but not all) can be done with mod_cfg_ldap instead of (re-)loading the configuration regularly. - ----- s n i p ----- [papadoc.pts/5]$ ./create_websrv_cfg.pl <VirtualHost 192.168.1.4> ServerName testing.bayour.com DocumentRoot /var/www/testing/ ErrorLog /var/log/apache/testing-error.log TransferLog /var/log/apache/testing-trans.log ServerAdmin tu...@ba... </VirtualHost> - ----- s n i p ----- This will be created from an object that looks like: - ----- s n i p ----- dn: cn=testing.bayour.com,ou=WEB,dc=bayour,dc=com cn: testing.bayour.com objectClass: phpqladminwebsrv webServerName: testing.bayour.com webServerIP: 192.168.1.4 webServerURL: http://testing.bayour.com/ webServerAdmin: tu...@ba... webDocumentRoot: /var/www/testing/ webLogError: /var/log/apache/testing-error.log webLogTransfer: /var/log/apache/testing-trans.log - ----- s n i p ----- As you can see, I'm using my own attributes/objectclasses here (just as a reference on how 'far' I've got). It is possible to add options (such as 'RewriteEngine on' and 'RewriteRule ..' etc) which would then be added to the 'webOptions' attribute. Now, this is (partly) what differs from you module. I see _ALL_ information in ALL of the LDAP server belonging to ONE server. NOTE: Now, only ONE webserver allowed in the LDAP server is obviously wrong to, but I've started to think on how to solve this (and I have some vage ideas). That is, ALL of these objects would be loaded into one web server... After all, the point is to have MULTIPLE vhosts in ONE server... This is where mod_cfg_ldap fails. I think. I'm currently only reading the source for it... - ----- s n i p ----- int count = ldap_count_entries (ld, res); if (count > 1) { ap_log_error (APLOG_MARK, APLOG_WARNING, 0, s, "cfg_ldap: more than one entry for %s", hostname); return vhost; } - ----- s n i p ----- This, and the fact that all attributes (but 'apacheServerAlias'), is SINGLE-VALUE attributes leads me to think that mod_cfg_ldap will only allow ONE vhost per server... I would be very happy to 'put my code where my mouth is' and participate in this project. We have mutual goals - mine is to have EVERYTHING in LDAP, but your's can't be much 'worse' :) Let's cooperate on this... NOTE: In the phpQLAdmin demo site you can view the Web server configurator by 1. logging in as 'demo1:demo1' 2. tick in 'Advanced mode' (left frame) 3. click on 'Main branch' (left frame) 4. click on 'Webserver Administration' (right frame) Other than this, feel free to do whatever you want in the demo. The database will be autogenerated every now and then... The (developer/latest) schema can (always) be found at the URL http://phpqladmin.bayour.com/phpQLAdmin.schema.txt. The interesting OIDs (in reagards to mod_cfg_ldap) is 1.3.6.1.4.1.8767.3.2.5.*. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.6 <http://mailcrypt.sourceforge.net/> iD8DBQFAcRTxmlWzPKccHgARAgd8AJ4jquSFYWQbi2TVIZhUplh1h7Wo0gCdFoJf vj2Ivr3Cc2Ne4bdT55GgVzk= =fPkm -----END PGP SIGNATURE----- |
