-
Hannes Riebl authoredHannes Riebl authored
README.txt 3.46 KiB
This is the textgrid account creation tool
Installation:
-------------
1) Install required packages
Required debian/ubuntu packages:
smarty and sqlite3 php5-ldap
$ sudo apt-get install sqlite3 php5-sqlite php5-ldap
$ sudo apt-get install smarty
Required pear (http://pear.php.net) packages:
Auth, Mail, Mail_Mime, Net_SMTP
$ sudo apt-get install php-pear
$ sudo pear install Auth Mail Mail_Mime Net_SMTP
Be sure to have the de_DE.utf8 locale available or change it in include/tgSqliteDB.class.php!
2) Put source into your Webserver path (possibly /var/www)
3) Configure
---------
The ini file template and the sqlite sql files are located in subdir install.
a) ini file
Copy the ini file to a location outside webroot and edit the parameters.
The default is /var/textgrid/tgaccount/tgaccount.ini . This really needs
to be outside webroot, as the http server will handout .ini files plaintext
to a requester. So your LDAP password would be world readable.
$ cp install/tgaccount.ini.tmpl /var/textgrid/tgaccount/tgaccount.ini
If put to a different location than /var/textgrid/tgaccount/tgaccount.ini
you need to edit include/config.inc.php
b) database
setup the sqlite database in a place outside webroot. Same problem here,
a database inside webroot may be served to a requester by apache, so your
user data would be world readable.
create table structure:
$ cat install/tgaccount.sqlite.sql | sqlite3 /var/textgrid/tgaccount/tgaccount.sqlite
insert mailtemplates
$ cat install/mailtemplates.sqlite.sql | sqlite3 /var/textgrid/tgaccount/tgaccount.sqlite
change user rights, so www-data is allowed to write the database
$ chown www-data:www-data /var/textgrid/tgaccount/tgaccount.sqlite
note that the directory where the database is stored must also be writable by www-data
$ chown www-data:www-data /var/textgrid/tgaccount/
4) LDAP TLS
--------
The textgrid LDAP now only allows TLS with a certificate signed by the DAASI CA. If you want
to connect to textgrid LDAP you need to install the ca certificate and edit /etc/hosts
add to /etc/hosts
134.76.20.91 textgrid-users
edit /etc/ldap/ldap.conf and add/change the line
TLS_CACERT /etc/ssl/certs/daasi-ca.pem
Download the DAASI ca certificate from
http://daasi.de/downloads/daasi-zertifikat/
and copy the certificate to /etc/ssl/certs/daasi-ca.pem
5) Typo3 frontend
--------------
to access the tgaccount tool from the typo3 tgaccount extension you need to set an
htaccess password:
$ htpasswd -c /var/textgrid/tgaccount/.htpass textgrid
set password and user in the typo3 extension
Changing mailtemplates:
-----------------------
One possibility to change the mailtemplate is to edit the file in install/mailtemplates.sqlite.sql
and then first drop the existing data from mailtemplates:
$ sqlite3 /var/textgrid/tgaccount/tgaccount.sqlite
sqlite> delete from mail_template;
sqlite> .quit
and fill in the new data afterwards:
$ cat install/mailtemplates.sqlite.sql | sqlite3 /var/textgrid/tgaccount/tgaccount.sqlite
Further notes:
--------------
The Homepage of included pwgen class is: http://code.google.com/p/pwgen-php/ the license of
this class is GPL2.
The tgaccount tool is under the LGPL3 license. http://www.gnu.org/licenses/lgpl-3.0.txt