Zentyal Customization (templates, hooks, LDAP)

How to customize Zentyal
(hooks, templates and LDAP)

Zentyal Summit 2011

12th November
Carlos Pérez-Aradros <cperez@zentyal.com>

Linux small business server


Zentyal...
Easy to use
Good integration
Versatile

...but sometimes you need
Some specific customization
Integration with external apps

www.zentyal.com © eBox Technologies S.L. 2011


Customization options
Modify source code
Add new logic or functionality
Breaks on upgrade Upstream!

Templates
Change configuration files written by Zentyal
Hooks
Define custom actions (scripts) on module events
LDAP
Integrate external applications



Customization options
Modify source code
Breaks on upgrade
Templates
Hooks
LDAP



Templates (I)

Zentyal uses templates to write system configurations files

Modify templates to:

Adjust parameters to adapt Zentyal to your requirements

Add/remove configuration options



Templates (II)
Mason as template processor



Templates (III)

Default templates location:
/usr/share/zentyal/stubs/<module>/<template>.mas
Custom templates:
/etc/zentyal/stubs/<module>/<template>.mas



Templates (IV)
Default stub
/usr/share/zentyal/stubs/network/resolv.conf.mas

T

Conf file
/etc/resolv.conf
T

Custom stub
/etc/zentyal/stubs/network/resolv.conf.mas



Templates example: Samba hidden folders
We want to add a hidden folder in File Sharing module (samba)
Zentyal GUI doesn't allow this:



Templates example: Samba hidden folders
Copy and edit default template:

mkdir -p /etc/zentyal/stubs/samba/

cp /usr/share/zentyal/stubs/samba/smb.conf.mas /etc/zentyal/stubs/samba/

Write custom configuration



Hooks (I)
Execute actions (scripts) during Zentyal save changes process

Create hook scripts to:

Watch for changes in any module

Add custom scripts before/after module actions



Hooks (II): paths

Before saving changes /etc/zentyal/pre-save/

After saving changes /etc/zentyal/post-save/

/etc/zentyal/hooks/

Before saving module configuration <module>.presetconf
After saving module configuration <module>.postsetconf
Before restarting the service <module>.preservice

After restarting the service <module>.postservice



one time for each module
Hooks (III)
pre-save
.presetconf

Write conf files

.postsetconf

.preservice

Restart daemons

.postservice
hook
post-save

Zentyal action



Hooks Example: Firewall

We want to block traffic from a specific country (using GeoIP)
Zentyal GUI does not allow this kind of rules

If we add the rule by hand:
Firewall module restart will delete it

Solution:
Add the rule after firewall restart (postservice hook)



Setup GeoIP
sudo apt-get install module-assistant

sudo module-assistant a-i xtables-addons

wget http://sourceforge.net/projects/xtables-
addons/files/Xtables-addons/1.38/xtables-addons-1.38.tar.xz

sudo ./xt_geoip_dl

sudo ./xt_geoip_build *.csv

sudo mkdir /var/geoip && sudo cp -r LE /var/geoip



Create the hook

/etc/zentyal/hooks/firewall.postservice
#!/bin/sh
sudo iptables -I INPUT -m geoip --src-cc KP -j ACCEPT

Don't forget to make it executable!
chmod +x /etc/zentyal/hooks/firewall.postservice



Hooks: Future (3.0)
Users operations hooks
create
modify
delete

Backup
pre-backup
post-backup



LDAP Integration (I)

Zentyal provides great Users and Groups management

LDAP integration:

Central point for users management

Centralized authentication

Distributed: master / slave architecture



LDAP Integration (II)
Integrate third apps with Zentyal Users and Groups



LDAP Integration (II): settings
Users and Groups → LDAP Settings

Server: ldap://localhost:389/ (port 1389 in slaves)
Users DN: ou=Users,<basedn>
Groups DN: ou=Groups,<basedn>



LDAP Integration (III): filters
uid=cperez,ou=Users,dc=zentyal,dc=com
uid: cperez
Base DN: ou=Users,dc=zentyal,dc=com
loginShell: /usr/sbin/nologin
uidNumber: 2002
Filter: (uid=*)
gidNumber: 1901
homeDirectory: /home/cperez
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder cn=developers,ou=Groups,dc=zentyal,dc=com
givenName: Carlos cn: developers
userPassword: {SHA}... gidNumber: 2005
eboxSha1Password: {SHA}... objectClass: posixGroup

eboxMd5Password: {MD5}... memberUid: cperez

eboxDigestPassword: {MD5}... memberUid: jsalamero

eboxRealmPassword: {MD5}... memberUid: ejhernandez

cn:; Carlos Pérez-Aradros Herce memberUid: jacalvo
memberUid: jamor
sn:; Pérez-Aradros Herce
...

c


LDAP Integration example: Wordpress



LDAP Integration example: Wordpress
Look for a LDAP Auth backend



In summary
Modify source code
Breaks on upgrade Upstream!

Templates
Hooks
LDAP



Get help
Zentyal Support Forum
http://forum.zentyal.org
Users and Developers mailing lists
https://lists.zentyal.com/cgi-bin/mailman/listinfo/zentyal-devel
https://lists.zentyal.com/cgi-bin/mailman/listinfo/zentyal-users
IRC
#zentyal at freenode.net
Official support and training
http://www.zentyal.com/en/services/ Contribute!



Further reading...
Zentyal Documentation - Advanced Service Customisation
http://doc.zentyal.org/en/develop.html
Mason Documentation (Templates)
http://www.masonhq.com/docs/manual/Devel.html
xtables addons
http://xtables-addons.sourceforge.net/
Openldap filters doc
http://www.zytrax.com/books/ldap/apa/search.html


Zentyal Customization (templates, hooks, LDAP)

More Related Content

Similar to Zentyal Customization (templates, hooks, LDAP)

Recently uploaded

Zentyal Customization (templates, hooks, LDAP)