func ConfigureLdapClient(conf LdapConfig) (*mozldap.Client, error) {
// check if ldap email was entered
if govalidator.IsEmail(conf.Username) {
conf.Username = "******" + conf.Username + ",o=com,dc=" + conf.Dc
}
// instantiate an ldap client
ldapClient, err := mozldap.NewTLSClient(
conf.Uri,
conf.Username,
conf.Password,
conf.ClientCertFile,
conf.ClientKeyFile,
conf.CaCertFile,
&tls.Config{
InsecureSkipVerify: conf.Insecure,
},
)
return &ldapClient, err
}
func main() {
var (
err error
conf conf
cli mozldap.Client
)
flag.Usage = func() {
fmt.Fprintf(os.Stderr, "%s - Manage users in various SaaS based on a LDAP source\n"+
"Usage: %s -c config.yaml\n",
os.Args[0], os.Args[0])
flag.PrintDefaults()
}
flag.Parse()
if *drynotif {
*dryrun = true
}
// safeguard, remove in prod
*dryrun = true
*drynotif = true
// load the local configuration file
fd, err := ioutil.ReadFile(*config)
if err != nil {
log.Fatal(err)
}
err = yaml.Unmarshal(fd, &conf)
if err != nil {
log.Fatalf("error: %v", err)
}
// infinite loop, wake up at the cron period
for {
if !*once {
cexpr, err := cronexpr.Parse(conf.Cron)
if err != nil {
log.Fatal("failed to parse cron string %q: %v", conf.Cron, err)
}
// sleep until the next run is scheduled to happen
nrun := cexpr.Next(time.Now())
waitduration := nrun.Sub(time.Now())
log.Printf("[info] next run will start at %v (in %v)", nrun, waitduration)
time.Sleep(waitduration)
}
// instanciate an ldap client
if conf.Ldap.TLSCert != "" && conf.Ldap.TLSKey != "" {
cli, err = mozldap.NewTLSClient(
conf.Ldap.Uri,
conf.Ldap.Username,
conf.Ldap.Password,
conf.Ldap.TLSCert,
conf.Ldap.TLSKey,
conf.Ldap.CACert,
&tls.Config{InsecureSkipVerify: conf.Ldap.Insecure})
} else {
cli, err = mozldap.NewClient(
conf.Ldap.Uri,
conf.Ldap.Username,
conf.Ldap.Password,
conf.Ldap.CACert,
&tls.Config{InsecureSkipVerify: conf.Ldap.Insecure},
conf.Ldap.Starttls)
}
if err != nil {
log.Fatal(err)
}
defer cli.Close()
log.Printf("connected %s on %s:%d, tls:%v starttls:%v\n", cli.BaseDN, cli.Host, cli.Port, cli.UseTLS, cli.UseStartTLS)
conf.Ldap.cli = cli
// Channel where modules publish their notifications
// which are aggregated and sent by the main program
notifchan := make(chan modules.Notification)
notifdone := make(chan bool)
go processNotifications(conf, notifchan, notifdone)
// store the value of dryrun and the ldap client
// in the configuration of each module
for i := range conf.Modules {
conf.Modules[i].DryRun = *dryrun
conf.Modules[i].LdapCli = cli
conf.Modules[i].Notify.Channel = notifchan
}
// run each module in the order it appears in the configuration
for _, modconf := range conf.Modules {
if *runmod != "all" && *runmod != modconf.Name {
continue
}
if _, ok := modules.Available[modconf.Name]; !ok {
log.Printf("[warning] %s module not registered, skipping it", modconf.Name)
continue
}
log.Println("[info] invoking module", modconf.Name)
run := modules.Available[modconf.Name].NewRun(modconf)
err = run.Run()
if err != nil {
log.Printf("[error] %s module failed with error: %v", modconf.Name, err)
}
}
// Modules are done, close the notification channel to tell the goroutine
// that it can aggregate and send them, and wait for notifdone to come back
close(notifchan)
<-notifdone
if *once {
break
}
}
}