Merge pull request #18 from NethServer:removeLdapSettings

Fix LDAP_DOMAIN setting and update mail server event handlers

imageroot/actions/configure-module/10EnvSOGo

@@ -16,7 +16,6 @@ data = json.load(sys.stdin)
 # Setup configuration from user input.
 agent.set_env("MAIL_SERVER", data["mail_server"])
 agent.set_env("ADMIN_USERS", data.get("admin_users","administrator").lower())
-agent.set_env("LDAP_DOMAIN", data["ldap_domain"])
 agent.set_env("MAIL_DOMAIN",data.get("mail_domain",""))
 agent.set_env("WOWORKERSCOUNT",data.get("workers_count","3"))
 agent.set_env("AUXILIARYACCOUNT",data.get("auxiliary_account",True))

imageroot/actions/configure-module/30bind-user-domains

@@ -1,16 +1,20 @@
 #!/usr/bin/env python3
 
 #
-# Copyright (C) 2023 Nethesis S.r.l.
+# Copyright (C) 2024 Nethesis S.r.l.
 # SPDX-License-Identifier: GPL-3.0-or-later
 #
 
 import agent
-import json
 import os
-import sys
 
-request = json.load(sys.stdin)
+rdb = agent.redis_connect()
 
-# Bind the new domain, overriding previous values (unbind)
-agent.bind_user_domains([request["ldap_domain"]])
+providers = agent.list_service_providers(rdb, 'imap', 'tcp', {
+    'module_uuid': os.environ['MAIL_SERVER']
+})
+
+if providers:
+    user_domain = providers[0]['user_domain']
+    agent.bind_user_domains([user_domain])
+    agent.set_env('LDAP_DOMAIN', user_domain)

imageroot/actions/configure-module/validate-input.json

@@ -6,7 +6,6 @@
     "examples": [
         {
             "mail_server": "f38f9911-8341-452e-8941-d889385a59a8",
-            "ldap_domain": "ad.domain.org",
             "admin_users": "Administrator,user1",
             "mail_domain": "domain.org",
             "lets_encrypt": false,
@@ -22,9 +21,6 @@
         "mail_server": {
             "type": "string"
         },
-        "ldap_domain": {
-            "type": "string"
-        },
         "admin_users": {
             "type": "string"
         },
@@ -54,7 +50,6 @@
     },
     "required": [
         "mail_server",
-        "ldap_domain",
         "admin_users",
         "mail_domain",
         "lets_encrypt",
@@ -64,4 +59,4 @@
         "activesync",
         "dav"
     ]
-}
+}

imageroot/actions/get-configuration/20read

@@ -24,7 +24,6 @@ config["lets_encrypt"] = os.getenv("TRAEFIK_LETS_ENCRYPT") == "True"
 config["mail_server"] = os.getenv("MAIL_SERVER", "") # the value is the Mail module UUID!
 config["mail_domain"] = os.getenv("MAIL_DOMAIN", "") # the value is the mail domain of user to force domain identity : [email protected] !
 config["admin_users"] = os.getenv("ADMIN_USERS", "administrator")
-config["ldap_domain"] = os.getenv("LDAP_DOMAIN", "")
 config["workers_count"] = os.getenv("WOWORKERSCOUNT", "3")
 config["auxiliary_account"] = os.getenv("AUXILIARYACCOUNT") == "True"
 config["activesync"] = os.getenv("ACTIVESYNC") == "True"

imageroot/actions/get-configuration/validate-output.json

@@ -10,7 +10,6 @@
             "mail_server": "f38f9911-8341-452e-8941-d889385a59a8",
             "mail_domain": "rocky9-pve4.org",
             "admin_users": "",
-            "ldap_domain": "rocky9-pve4.org",
             "workers_count": "20",
             "auxiliary_account": true,
             "activesync": true,
@@ -58,9 +57,6 @@
         "admin_users": {
             "type": "string"
         },
-        "ldap_domain": {
-            "type": "string"
-        },
         "workers_count": {
             "type": "string"
         },
@@ -124,12 +120,11 @@
         "mail_server",
         "mail_domain",
         "admin_users",
-        "ldap_domain",
         "workers_count",
         "auxiliary_account",
         "activesync",
         "dav",
         "mail_server_URL",
         "user_domains_list"
     ]
-}
+}

imageroot/bin/discover-service

@@ -41,7 +41,7 @@ if len(smtp) != 1:
 
 imap_port = imap[0]['port']
 imap_server = imap[0]['host']
-user_domain = os.getenv('MAIL_DOMAIN', imap[0]['user_domain'])
+
 
 smtp_port = smtp[0]['port']
 smtp_server = smtp[0]['host']

imageroot/events/mail-settings-changed/10bind_user_domain

@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+
+#
+# Copyright (C) 2022 Nethesis S.r.l.
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+
+import json
+import sys
+import agent
+import os
+
+event = json.load(sys.stdin)
+
+if event['module_uuid'] == os.getenv('MAIL_SERVER', ''):
+   # Update user domain in redis because the mail server might have changed its user_domain
+   rdb = agent.redis_connect()
+
+   providers = agent.list_service_providers(rdb, 'imap', 'tcp', {
+      'module_uuid': os.environ['MAIL_SERVER']
+   })
+
+   if providers:
+      user_domain = providers[0]['user_domain']
+      agent.bind_user_domains([user_domain])
+      agent.set_env('LDAP_DOMAIN', user_domain)

imageroot/events/mail-settings-changed/80Restart

@@ -0,0 +1,17 @@
+#!/usr/bin/env python3
+
+#
+# Copyright (C) 2024 Nethesis S.r.l.
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+
+import json
+import sys
+import agent
+import os
+
+event = json.load(sys.stdin)
+
+if event['module_uuid'] == os.getenv('MAIL_SERVER', ''):
+   # Restart to apply changed settings
+   agent.run_helper("systemctl", "--user", "try-restart", "sogo.service").check_returncode()

imageroot/systemd/user/sogo-app.service

@@ -18,8 +18,8 @@ Restart=always
 TimeoutStopSec=70
 ExecStartPre=/usr/bin/bash -c "/bin/mkdir -p {config,backups}"
 ExecStartPre=/bin/rm -f %t/sogo-app.pid %t/sogo-app.ctr-id
-ExecStartPre=/usr/local/bin/runagent discover-ldap
 ExecStartPre=/usr/local/bin/runagent discover-service
+ExecStartPre=/usr/local/bin/runagent discover-ldap
 ExecStartPre=/usr/local/bin/runagent expand-configuration
 ExecStartPre=/usr/local/bin/runagent reveal-master-secret
 ExecStartPost=/usr/bin/bash -c "while ! /usr/bin/podman exec sogo-app /usr/bin/curl  http://127.0.0.1:20001/SOGo ; do sleep 3 ; done"

ui/public/i18n/en/translation.json

@@ -35,9 +35,6 @@
     "choose_mail_server": "Select a domain",
     "choose_the_mail_server_to_use": "Choose the domain suffix used for both identifying and initializing the user account and their mail address preferences",
     "mail_server_is_not_valid": "This mail server cannot be used by SOGo webmail",
-    "ldap_domain": "LDAP domain",
-    "choose_ldap_domain": "Choose the LDAP domain used for user authentication",
-    "choose_the_ldap_domain_to_authenticate_users": "Choose the LDAP user domain to authenticate users from an internal/external samba or openldap directory",
     "adminList": "Administrator list",
     "Write_administrator_list": "Write one administrator per line",
     "dav_tips":"Dav allows to synchronize calendars and adressbooks",

ui/src/views/Settings.vue

@@ -90,28 +90,6 @@
                 {{ $t("settings.choose_the_mail_server_to_use") }}
               </template>
             </NsComboBox>
-            <NsComboBox
-              v-model.trim="ldap_domain"
-              :autoFilter="true"
-              :autoHighlight="true"
-              :title="$t('settings.ldap_domain')"
-              :label="$t('settings.choose_ldap_domain')"
-              :options="user_domains_list"
-              :userInputLabel="core.$t('settings.choose_ldap_domain')"
-              :acceptUserInput="false"
-              :showItemType="true"
-              :invalid-message="$t(error.ldap_domain)"
-              :disabled="loading.getConfiguration || loading.configureModule"
-              tooltipAlignment="start"
-              tooltipDirection="top"
-              ref="ldap_domain"
-            >
-              <template slot="tooltip">
-                {{
-                  $t("settings.choose_the_ldap_domain_to_authenticate_users")
-                }}
-              </template>
-            </NsComboBox>
             <!-- advanced options -->
             <cv-accordion ref="accordion" class="maxwidth mg-bottom">
               <cv-accordion-item :open="toggleAccordion[0]">
@@ -274,7 +252,6 @@ export default {
       isActivesyncEnabled: true,
       isDavEnabled: true,
       isAuxiliaryAccountEnabled: true,
-      ldap_domain: "",
       mail_server: "",
       mail_domain: "",
       admin_users: "",
@@ -292,7 +269,6 @@ export default {
         lets_encrypt: "",
         http2https: "",
         mail_server: "",
-        ldap_domain: "",
         admin_users: "",
         workers_count: "",
       },
@@ -376,7 +352,6 @@ export default {
         } else {
           this.mail_server = "";
         }
-        this.ldap_domain = config.ldap_domain;
         // if mail_server_URL is empty, set default value
         if (this.mail_server_URL.length === 0) {
           // we want to avoid to save the form, there is no users set in the mail domain
@@ -414,14 +389,6 @@ export default {
         }
         isValidationOk = false;
       }
-      if (!this.ldap_domain) {
-        this.error.ldap_domain = "common.required";
-
-        if (isValidationOk) {
-          this.focusElement("ldap_domain");
-        }
-        isValidationOk = false;
-      }
       if (this.admin_users) {
         // test if the admin_users is valid
         const admin_users = this.admin_users.split("\n");
@@ -499,7 +466,6 @@ export default {
             dav: this.isDavEnabled,
             mail_server: mail_server_tmp,
             mail_domain: mail_domain_tmp,
-            ldap_domain: this.ldap_domain,
             admin_users: this.admin_users.split("\n").join(",").toLowerCase().trim(),
             workers_count: this.workers_count.toString(),
             auxiliary_account: this.isAuxiliaryAccountEnabled,