[debian-lan-devel] [SCM] Debian-LAN development and packaging branch, master, updated. 0.8-3-gefcd4a3
Andreas B. Mundt
andi at debian.org
Sun Mar 17 21:13:11 UTC 2013
The following commit has been merged in the master branch:
commit b1e21e71a7049ac190ebd8337ed8fa0f2eac200d
Author: Andreas B. Mundt <andi at debian.org>
Date: Sun Mar 17 21:46:30 2013 +0100
Implement print infrastructure: CUPS server and clients.
New classes CUPS_SERVER and CUPS_CLIENT. Configure a CUPS server on
the 'mainserver'. Make sure the web interface is accessible from the
network. Configure all clients as CUPS clients.
Note: Kerberos not available yet, cf. #663995.
diff --git a/fai/config/class/50-host-classes b/fai/config/class/50-host-classes
index 7813a8f..9fc492b 100755
--- a/fai/config/class/50-host-classes
+++ b/fai/config/class/50-host-classes
@@ -40,10 +40,11 @@ FLAVOR="LVM8_A DISKLESS_SERVER" ## simple diskless, default for testing in a vm
#FLAVOR="RAIDLVM7BAK_A RAID DISKLESS_SERVER" ## diskless, RAID1, backup disk
## Setup with graphical user management tool GOsa. Remove GOSA class if it is not needed:
-MAINSERVER_A="$FLAVOR LOG_SERVER PROXY NTP_SERVER DNS_SERVER NFS_SERVER MAIL_SERVER \
-LDAP_CLIENT LDAP_SERVER KERBEROS_CLIENT KERBEROS_KDC KDC_LDAP SERVER_A GOSA"
+MAINSERVER_A="$FLAVOR CUPS_SERVER LOG_SERVER PROXY NTP_SERVER DNS_SERVER NFS_SERVER \
+MAIL_SERVER LDAP_CLIENT LDAP_SERVER KERBEROS_CLIENT KERBEROS_KDC KDC_LDAP SERVER_A GOSA"
-WORKSTATION_A="LVM5_A LOG_CLIENT LDAP_CLIENT NFS_CLIENT KERBEROS_CLIENT CLIENT_A"
+WORKSTATION_A="LVM5_A CUPS_CLIENT LOG_CLIENT LDAP_CLIENT NFS_CLIENT KERBEROS_CLIENT \
+CLIENT_A"
# Use a list of classes for your machine:
case $HOSTNAME in
diff --git a/fai/config/files/var/www/index.html/GOSA b/fai/config/files/var/www/index.html/GOSA
index 952824f..b5b77eb 100644
--- a/fai/config/files/var/www/index.html/GOSA
+++ b/fai/config/files/var/www/index.html/GOSA
@@ -6,6 +6,8 @@
<li><a href="https://www.intern/gosa">GOsa System Administration</a></li>
<li><a href="https://syslog.intern/munin">Munin System Monitoring</a></li>
<li><a href="https://syslog.intern/icinga">ICINGA System Monitoring</a></li>
+<li><a href="https://print.intern:631">CUPS Print-Server</a></li>
+<li><a href="http://aptcache.intern:3142/acng-report.html">Apt-Cacher NG</a></li>
</ul>
For more information, take a look at the
<a href="http://wiki.debian.org/DebianLAN">Debian-LAN Wiki</a>.
diff --git a/fai/config/package_config/CUPS_CLIENT b/fai/config/package_config/CUPS_CLIENT
new file mode 100644
index 0000000..f498806
--- /dev/null
+++ b/fai/config/package_config/CUPS_CLIENT
@@ -0,0 +1,2 @@
+PACKAGES aptitude
+cups-client
diff --git a/fai/config/package_config/CUPS_SERVER b/fai/config/package_config/CUPS_SERVER
new file mode 100644
index 0000000..f25a4ad
--- /dev/null
+++ b/fai/config/package_config/CUPS_SERVER
@@ -0,0 +1,3 @@
+PACKAGES aptitude
+cups
+cups-pdf
diff --git a/fai/config/scripts/CUPS_CLIENT/10-config b/fai/config/scripts/CUPS_CLIENT/10-config
new file mode 100755
index 0000000..49319ca
--- /dev/null
+++ b/fai/config/scripts/CUPS_CLIENT/10-config
@@ -0,0 +1,9 @@
+#!/bin/bash
+#
+# Configure CUPS client
+#
+
+set -e
+
+ainsl -a /etc/cups/client.conf 'ServerName print.intern'
+ainsl -a /etc/cups/client.conf 'Encryption Always'
diff --git a/fai/config/scripts/CUPS_SERVER/10-config b/fai/config/scripts/CUPS_SERVER/10-config
new file mode 100755
index 0000000..bb0c573
--- /dev/null
+++ b/fai/config/scripts/CUPS_SERVER/10-config
@@ -0,0 +1,38 @@
+#!/usr/sbin/cfagent -f
+
+control:
+ any::
+ actionsequence = ( editfiles )
+ EditFileSize = ( 30000 )
+
+editfiles:
+ any::
+ { ${target}/etc/cups/cupsd.conf
+ ## Allow remote access:
+ BeginGroupIfNoSuchLine 'Port 631'
+ HashCommentLinesStarting 'Listen localhost:631'
+ LocateLineMatching '#.*Listen localhost:631'
+ InsertLine '# Allow remote access'
+ InsertLine 'Port 631'
+ InsertLine 'ServerAlias print.intern'
+
+ LocateLineMatching 'BrowseAllow all'
+ InsertLine 'BrowseRemoteProtocols cups dnssd'
+ InsertLine 'BrowseAddress @LOCAL'
+
+ LocateLineMatching '<Location />'
+ LocateLineMatching ' Order allow,deny'
+ InsertLine ' # Allow remote access'
+ InsertLine ' Allow all'
+
+ LocateLineMatching '<Location /admin>'
+ LocateLineMatching ' Order allow,deny'
+ InsertLine ' # Allow remote access'
+ InsertLine ' Allow all'
+
+ LocateLineMatching '<Location /admin/conf>'
+ LocateLineMatching ' Order allow,deny'
+ InsertLine ' # Allow remote access'
+ InsertLine ' Allow all'
+ EndGroup
+ }
diff --git a/fai/config/scripts/DNS_SERVER/10-zones b/fai/config/scripts/DNS_SERVER/10-zones
index 8e26269..d0c45e2 100755
--- a/fai/config/scripts/DNS_SERVER/10-zones
+++ b/fai/config/scripts/DNS_SERVER/10-zones
@@ -92,7 +92,7 @@ wpad CNAME mainserver.intern.
db CNAME mainserver.intern.
backup CNAME mainserver.intern.
ssh CNAME mainserver.intern.
-ltsp CNAME mainserver.intern.
+print CNAME mainserver.intern.
domain CNAME mainserver.intern.
ldap CNAME mainserver.intern.
kerberos CNAME mainserver.intern.
diff --git a/fai/config/scripts/PROXY/10-config b/fai/config/scripts/PROXY/10-config
index 67f5ec6..393aeb0 100755
--- a/fai/config/scripts/PROXY/10-config
+++ b/fai/config/scripts/PROXY/10-config
@@ -25,4 +25,12 @@ editfiles:
LocateLineMatching "http_access allow localhost"
InsertLine "http_access allow localnet"
EndGroup
+
+ ## Allow CUPS access:
+ BeginGroupIfNoSuchLine 'acl SSL_ports port 631.*'
+ LocateLineMatching 'acl SSL_ports port 443.*'
+ InsertLine 'acl SSL_ports port 631 # cups'
+ LocateLineMatching 'acl Safe_ports port 443.*'
+ InsertLine 'acl Safe_ports port 631 # cups'
+ EndGroup
}
--
Debian-LAN development and packaging
More information about the debian-lan-devel
mailing list