[nycbug-talk] ipad remote storage question
Edward Capriolo
edlinuxguru at gmail.com
Fri May 20 17:12:25 EDT 2011
On Thu, May 19, 2011 at 9:39 AM, Isaac Levy <ike at blackskyresearch.net>wrote:
> On May 18, 2011, at 7:50 PM, Marc Spitzer wrote:
>
> > On Wed, May 18, 2011 at 7:47 PM, Joe Dunn <me at joedunn.com> wrote:
> >> I'm not sure but wouldn't this is a good use for cfengine
> >>
> >> have a ipad_users (array of users) in a slist and then have that dump
> into a
> >> ipad_users.conf which is included in apache.
> >>
> >> When you have the next batch of users just add them to that list and it
> will
> >> generate automagically.
> >>
> >> There is probably a better, cleaner way but this comes to find as a
> >> solution.
> >>
> >> Joe
> >
> > hmm had not thought of that, will look into it.
> >
> > marc
>
>
> Thinking out loud, in 2 parts:
>
> Part 1:
> --
> htpasswd will create files with lines like the following:
>
> marc:$11111blahblahhash0000000000
> joe:$11111blahblahhash0000000000
>
> A single file, 400 + users no big deal.
> I like standalone files- they work even when distributed auth does not,
> (and can be generated from LDAP via script/cron/trigger even.)
>
> Could be tied to some other mgmt tool- whatever can pass the textual data.
> htpasswd has a man page, which you can point the next guy at, etc...
>
>
>
> Part 2:
> --
> Then, the htpasswd file can be used to generate the <location></location>
> stanzas, htpasswd util can be used to remove user logins, etc...
>
> htpasswd files are easy to parse from a shell script/template, when a new
> user is added/removed:
>
> (stole confs from a google hit, dunno if they work, but the shell script
> should)
>
> http://www.serverwatch.com/tutorials/article.php/10825_2176771_2/Enabling-WebDAV-on-Apache.htm
>
> --
> #!/bin/sh
>
> # one could use sed and a template config to be cleaner,
> # but this is a simple email thought for Marc so I'll
> # be silly and just do inline junk.
>
> DAVUSERCONF='/path/to/apache_includes'
>
> echo '' > $DAVUSERCONF
> # clears the file lazy style, then,
>
> for i in `cat /path/to/htpass_file | awk 'BEGIN { FS = ":" } {print $1}'` ;
> do
>
> echo "<Location /path/to/userdirs/$i>" >> $DAVUSERCONF
> echo ' DAV On' >> $DAVUSERCONF
> echo ' AuthType Basic' >> $DAVUSERCONF
> echo ' AuthName "WebDAV Restricted"' >> $DAVUSERCONF
> echo ' AuthUserFile /path/to/htpass_file' >> $DAVUSERCONF
> echo ' <LimitExcept GET HEAD OPTIONS>' >> $DAVUSERCONF
> echo ' Require user webdav' >> $DAVUSERCONF
> echo ' </LimitExcept>' >> $DAVUSERCONF
> echo '</Location>' >> $DAVUSERCONF
>
> done
>
> /path/to/apachectl graceful
>
> --
>
> Run that however you want- only when adding/removing users, from some
> periodic job or straight cron, whatever floats your boat.
>
> Hope the jist is conveyed- not sure if this appeals to you, but it does
> keep the user management tied to a single file- the htpass. Perhaps a few
> 15 line shell scripts to maintain...
>
> Best,
> .ike
>
>
>
>
>
>
> PS, a version I'd run from cron, (assuming cron failures email someone
> useful or log/notify), which will exit neatly on failure, using my favorite
> 3 lines:
> --
> #!/bin/sh
>
> shout() { echo "$0: $*" >&2; }
> barf() { shout "$*"; exit 100; }
> safe() { "$@" || barf "cannot $*"; }
>
> # one could use sed and a template config to be cleaner,
> # but this is a simple email thought for Marc so I'll
> # be silly and just do inline junk.
>
> DAVUSERCONF='/path/to/apache_includes'
> safe mkdir -p $DAVUSERCONF
>
> printf '' > $DAVUSERCONF
> # clears the file lazy style, then,
>
> for i in `safe cat /path/to/htpass_file | awk 'BEGIN { FS = ":" } {print
> $1}'` ; do
>
> echo "<Location /path/to/userdirs/$i>" >> $DAVUSERCONF
> echo ' DAV On' >> $DAVUSERCONF
> echo ' AuthType Basic' >> $DAVUSERCONF
> echo ' AuthName "WebDAV Restricted"' >> $DAVUSERCONF
> echo ' AuthUserFile /path/to/htpass_file' >> $DAVUSERCONF
> echo ' <LimitExcept GET HEAD OPTIONS>' >> $DAVUSERCONF
> echo ' Require user webdav' >> $DAVUSERCONF
> echo ' </LimitExcept>' >> $DAVUSERCONF
> echo '</Location>' >> $DAVUSERCONF
>
> done
>
> safe /path/to/apachectl graceful
>
> exit 0
>
> --
>
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
I have a similar script when I want to create SVN repo's for each smaller
project I run at www.jointhegrid.com. Not exactly what you want but neat
anyway.
http://www.edwardcapriolo.com/roller/edwardcapriolo/entry/svn_creation_script
Edward
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20110520/93f865a8/attachment.htm>
More information about the talk
mailing list