ldap_gravatar: Initial version of role
This commit is contained in:
parent
b841119e1a
commit
015de5a8df
2 changed files with 97 additions and 0 deletions
72
roles/ldap_gravatar/files/gravatar-update.py
Executable file
72
roles/ldap_gravatar/files/gravatar-update.py
Executable file
|
|
@ -0,0 +1,72 @@
|
||||||
|
#!/usr/bin/python3
|
||||||
|
|
||||||
|
import urllib
|
||||||
|
import syslog
|
||||||
|
import hashlib
|
||||||
|
|
||||||
|
import ldap3
|
||||||
|
import requests
|
||||||
|
|
||||||
|
|
||||||
|
def ldap_connect():
|
||||||
|
server = ldap3.Server("ldapi:///var/run/ldapi")
|
||||||
|
conn = ldap3.Connection(
|
||||||
|
server,
|
||||||
|
authentication=ldap3.SASL,
|
||||||
|
sasl_mechanism=ldap3.EXTERNAL,
|
||||||
|
sasl_credentials="",
|
||||||
|
client_strategy=ldap3.SYNC,
|
||||||
|
)
|
||||||
|
conn.bind()
|
||||||
|
conn.search(
|
||||||
|
search_base="",
|
||||||
|
search_filter="(objectClass=*)",
|
||||||
|
search_scope=ldap3.BASE,
|
||||||
|
attributes=["namingContexts"],
|
||||||
|
)
|
||||||
|
basedn = conn.response[0]["attributes"]["namingContexts"][0]
|
||||||
|
return (conn, basedn)
|
||||||
|
|
||||||
|
|
||||||
|
def get_users(conn, basedn):
|
||||||
|
conn.search(
|
||||||
|
search_base=basedn,
|
||||||
|
search_filter="(&(mail=*)(objectClass=inetOrgPerson))",
|
||||||
|
attributes=["mail", "jpegPhoto"],
|
||||||
|
)
|
||||||
|
for result in conn.response:
|
||||||
|
yield (result["dn"], result["attributes"])
|
||||||
|
|
||||||
|
|
||||||
|
def get_avatar(emails):
|
||||||
|
for email in emails:
|
||||||
|
mailhash = hashlib.md5(email.encode("utf-8").lower()).hexdigest()
|
||||||
|
url = f"https://gravatar.com/avatar/{mailhash}.jpg?d=404&size=80"
|
||||||
|
req = requests.get(url)
|
||||||
|
if req.status_code == 200:
|
||||||
|
return req.content
|
||||||
|
elif req.status_code == 404:
|
||||||
|
continue
|
||||||
|
raise ValueError(f"Invalid response from gravatar {req.status_code}")
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
def update_avatar(conn, dn, image):
|
||||||
|
if image is None:
|
||||||
|
syslog.syslog(syslog.LOG_INFO, f"Removing jpegPhoto from user '{dn}'")
|
||||||
|
data = (ldap3.MODIFY_REPLACE, [])
|
||||||
|
else:
|
||||||
|
syslog.syslog(syslog.LOG_INFO, f"Updating jpegPhoto for user '{dn}'")
|
||||||
|
data = (ldap3.MODIFY_REPLACE, [image])
|
||||||
|
conn.modify(dn, {"jpegPhoto": [data]})
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == "__main__":
|
||||||
|
syslog.openlog()
|
||||||
|
(conn, basedn) = ldap_connect()
|
||||||
|
for (dn, user) in get_users(conn, basedn):
|
||||||
|
image = get_avatar(user["mail"])
|
||||||
|
if len(user["jpegPhoto"]) == 1 and user["jpegPhoto"][0] == image:
|
||||||
|
continue
|
||||||
|
update_avatar(conn, dn, image)
|
||||||
|
syslog.closelog()
|
||||||
25
roles/ldap_gravatar/tasks/main.yml
Normal file
25
roles/ldap_gravatar/tasks/main.yml
Normal file
|
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: install dependencies
|
||||||
|
package:
|
||||||
|
name: "{{ item }}"
|
||||||
|
state: installed
|
||||||
|
with_items:
|
||||||
|
- python3-ldap3
|
||||||
|
- python3-requests
|
||||||
|
|
||||||
|
- name: install script
|
||||||
|
copy:
|
||||||
|
src: gravatar-update.py
|
||||||
|
dest: /usr/local/sbin/gravatar-update
|
||||||
|
mode: 755
|
||||||
|
owner: root
|
||||||
|
group: "{{ ansible_wheel }}"
|
||||||
|
|
||||||
|
- name: install cron job
|
||||||
|
cron:
|
||||||
|
name: gravatar-update
|
||||||
|
hour: "05"
|
||||||
|
minute: "10"
|
||||||
|
job: /usr/local/sbin/gravatar-update
|
||||||
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue