#!/bin/bash echo "Restore domain controller settings." #---------------------------------------------------------------------- # New volumes. #---------------------------------------------------------------------- if [ -z "$(ls /var/lib/samba/private)" ]; then echo "New volumes." if [ $(ls /root/packages/samba-backup-* | wc -w) -ne 1 ]; then echo "There must be one backup file." exit 0 fi samba-tool domain backup restore \ --backup-file=$(ls /root/packages/samba-backup-*) \ --newservername=$(hostname) \ --targetdir=/root/packages/restore \ --host-ip=$SMB_HOSTIP mv /root/packages/restore/etc/* /etc/samba/ rmdir /root/packages/restore/etc mv /root/packages/restore/private/* /var/lib/samba/private/ rmdir /root/packages/restore/private mv /root/packages/restore/state/sysvol /var/lib/samba/ mv /root/packages/restore/state/bind-dns /var/lib/samba/ mv /root/packages/restore/state/*.tdb /var/lib/samba/ rmdir /root/packages/restore/state rm /root/packages/restore/gencache.tdb rm /root/packages/restore/backup.txt rmdir /root/packages/restore sed -i "/binddns dir/d" /etc/samba/smb.conf sed -i "/cache directory/d" /etc/samba/smb.conf sed -i "/lock directory/d" /etc/samba/smb.conf sed -i "/private dir/d" /etc/samba/smb.conf sed -i "/state directory/d" /etc/samba/smb.conf sed -i "s/--current-ip [0-9]\{1,3\}.[0-9]\{1,3\}.[0-9]\{1,3\}.[0-9]\{1,3\}/--current-ip $SMB_HOSTIP/" /etc/samba/smb.conf sed -i "s@/root/packages/restore/state/sysvol@/var/lib/samba/sysvol@g" /etc/samba/smb.conf # Change the DNS back end to internal. if [ -e /var/lib/samba/bind-dns/named.conf ]; then samba_upgradedns --dns-backend=samba_internal sed -i "/server services/d" /etc/samba/smb.conf fi fi #---------------------------------------------------------------------- # Volumes is left. #---------------------------------------------------------------------- if [ ! -e /root/packages/configured ]; then echo "New container." # Register CA certificates. cp -a /root/packages/cert/ca.crt /usr/local/share/ca-certificates/ && \ update-ca-certificates # Authentication sttings. sed -i "s/^\(passwd: \+\)[a-z ]\+$/\1compat winbind/" /etc/nsswitch.conf sed -i "s/^\(group: \+\)[a-z ]\+$/\1compat winbind/" /etc/nsswitch.conf # Copy krb5.conf mv --backup=numbered /etc/krb5.conf /etc/krb5.conf.bak cp /var/lib/samba/private/krb5.conf /etc/ # Suppress apache warning. echo "ServerName localhost" | tee /etc/apache2/conf-available/fqdn.conf a2enconf fqdn # Setup phpLdapAdmin. if [ -e /root/packages/phpLDAPadmin-1.2.3.tar.gz ]; then a2dismod php8.1 a2enmod php7.3 if [ $(grep "ldap server require strong auth" /etc/samba/smb.conf -c) -ne 0 ]; then sed -i "/ldap server require strong auth/d" /etc/samba/smb.conf fi sed -i "/\[global\]/a \\\tldap server require strong auth = no" /etc/samba/smb.conf tar zxf /root/packages/phpLDAPadmin-1.2.3.tar.gz -C /var/www/ mv /var/www/phpLDAPadmin-1.2.3 /var/www/phpldapadmin cp /etc/phpldapadmin/apache.conf /etc/phpldapadmin/apache.conf.bak sed -i "s@/usr/share/phpldapadmin/htdocs@/var/www/phpldapadmin@g" /etc/phpldapadmin/apache.conf cp /var/www/phpldapadmin/config/config.php.example /var/www/phpldapadmin//config/config.php sed -i "$ i\$servers->setValue('server','host','ldap://127.0.0.1');" /var/www/phpldapadmin/config/config.php sed -i "$ i\$servers->setValue('login','bind_id','administrator@${SMB_REALM,,}');" /var/www/phpldapadmin/config/config.php sed -i "$ i\$config->custom->appearance['hide_template_warning'] = true;" /var/www/phpldapadmin/config/config.php sed -i "s/\$servers->setValue('server','name','My LDAP Server');/\$servers->setValue('server','name','$SMB_DOMAIN');/" /var/www/phpldapadmin/config/config.php # Customize phpLDAPadmin # for PHP7.0 sed -i "s/password_hash/password_hash_custom/g" /var/www/phpldapadmin/lib/* sed -i '2567d; 2568d; 2569i \\t\tforeach ($dn as $key => $rdn) {\n\t\t\t$a[$key] = preg_replace_callback('\''/\\\\\\([0-9A-Fa-f]{2})/'\'', function ($m) { return '\'\''.chr(hexdec('\''\\\\1'\'')).'\'\''; }, $rdn\'');\n\t\t}' /var/www/phpldapadmin/lib/functions.php sed -i '2574c \\t\treturn preg_replace_callback('\''/\\\\\\([0-9A-Fa-f]{2})/'\'', function ($m) { return'\'\''.chr(hexdec('\''\\\\1'\'')).'\'\''; }, $dn);' /var/www/phpldapadmin/lib/functions.php sed -i '1119d; 1120d; 1121i \\t\t\tforeach ($dn as $key => $rdn) {\n\t\t\t\t$a[$key] = preg_replace_callback('\''/\\\\\\([0-9A-Fa-f]{2})/'\'', function ($m) { return '\'\''.chr(hexdec('\''\\\\1'\'')).'\'\''; }, $rdn\'');\n\t\t\t}' /var/www/phpldapadmin/lib/ds_ldap.php sed -i '1126c \\t\t\treturn preg_replace_callback('\''/\\\\\\([0-9A-Fa-f]{2})/'\'', function ($m) { return'\'\''.chr(hexdec('\''\\\\1'\'')).'\'\''; }, $dn);' /var/www/phpldapadmin/lib/ds_ldap.php # for PHP7.3 sed -i '54c function my_autoload($className) {' /var/www/phpldapadmin/lib/functions.php sed -i '777c spl_autoload_register("my_autoload");' /var/www/phpldapadmin/lib/functions.php sed -i '1083c \\t\t$CACHE[$sortby] = __create_function('\''$a, $b'\'',$code);' /var/www/phpldapadmin/lib/functions.php sed -i '1091a function __create_function($arg, $body) {\n\tstatic $cache = array();\n\tstatic $maxCacheSize = 64;\n\tstatic $sorter;\n\n\tif ($sorter === NULL) {\n\t\t$sorter = function($a, $b) {\n\t\t\tif ($a->hits == $b->hits) {\n\t\t\t\treturn 0;\n\t\t\t}\n\n\t\t\treturn ($a->hits < $b->hits) ? 1 : -1;\n\t\t};\n\t}\n\n\t$crc = crc32($arg . "\\\\x00" . $body);\n\n\tif (isset($cache[$crc])) {\n\t\t++$cache[$crc][1];\n\t\treturn $cache[$crc][0];\n\t}\n\n\tif (sizeof($cache) >= $maxCacheSize) {\n\t\tuasort($cache, $sorter);\n\t\tarray_pop($cache);\n\t}\n\n\t$cache[$crc] = array($cb = eval('\''return function('\''.$arg.'\''){'\''.$body.'\''};'\''), 0);\n\treturn $cb;\n}\n' /var/www/phpldapadmin/lib/functions.php fi # Mark as configured. touch /root/packages/configured fi #---------------------------------------------------------------------- # Container and Volumes is left. #---------------------------------------------------------------------- echo "Setting to do every time" # Resolver settings. cp /etc/resolv.conf /root/packages/resolv.conf sed -i "s/nameserver 127.0.0.11/nameserver 127.0.0.1/" /root/packages/resolv.conf cat /root/packages/resolv.conf > /etc/resolv.conf