miaou-install-from_import-sympa

sympa/doc/migration.md

@@ -52,3 +52,8 @@ Future:     debian13, sympa 6.2.76
 * CONTAINER=sympa3
 * miaou-create "$CONTAINER"
 * miaou/miaou-install-sympa "$CONTAINER"
+
+## miaou-install-from-import-sympa
+
+* CONTAINER=sympa3
+* miaou/miaou-install-from-import-sympa $CONTAINER ~/Downloads/listes.artcode.re-2025-11-14.sympa

sympa/miaou/miaou-install-from-import-sympa

@@ -31,10 +31,9 @@ function parse_options {
 
 		shift 1 # Move to the next argument
 	done
-	[[ -n $CONTAINER ]] || [[ -n $IMPORT_FILE ]] (usage && exit 1)
+	[[ -z $CONTAINER ]] && [[ ! -f $IMPORT_FILE ]] && (usage && exit 1) || true
 }
 
-
 function assert_fake_sympa {
 	[[ $(fqdn) == 'topcode' ]] && [[ -d /opt/miaou-incus ]]
 }
@@ -45,6 +44,22 @@ function install_fake_additional {
 	echo 'install fake additional...'
 	miaou-push $CONTAINER $HOME/.ssh/id_ed25519 /root/.ssh/
 	miaou-push $CONTAINER $HOME/.ssh/id_ed25519.pub /root/.ssh/
+
+	local sympa_domain=$(miaou-exec $CONTAINER -- grep ^domain /etc/sympa/sympa/sympa.conf | cut -f2)
+	echo sympa_domain=$sympa_domain
+	local sympa_authenticity_key_host=$(ssh-keygen -lF $sympa_domain | grep "^$sympa_domain ED25519" | head -1)
+	[[ -z $sympa_authenticity_key_host ]] &&
+		echo "fake additional has failed due to unknown machine: $sympa_domain. please connect once like: \`ssh $sympa_domain\` then retry" &&
+		exit 11
+
+	miaou-exec $CONTAINER -- bash <<EOF
+ssh-keyscan -t ed25519 -H $sympa_domain >> /root/.ssh/known_hosts
+EOF
+	local sympa_authenticity_key_container=$(miaou-exec $CONTAINER -- ssh-keygen -lF $sympa_domain | grep "^$sympa_domain ED25519" | head -1)
+	[[ "$sympa_authenticity_key_host" != "$sympa_authenticity_key_container" ]] &&
+		echo "authenticity key for machine: $sympa_domain mismatched!. please compare like: \`ssh-keygen -lF $sympa_domain\` both from host and container" &&
+		exit 12
+
 	miaou-recipe "$CONTAINER" "$BASEDIR"/../recipe/sympa_ldap_auth_remote.recipe
 	echo 'install fake additional...OK'
 }
@@ -55,6 +70,12 @@ set -Eue
 parse_options $*
 
 "$BASEDIR"/miaou-install-sympa "$CONTAINER"
-# TODO: import from file...
 
-install_fake_additional 
+import_base=$(basename $IMPORT_FILE)
+echo "copy import file: $import_base"
+miaou-push $CONTAINER $IMPORT_FILE /root/
+
+echo "launch the import process"
+miaou-exec $CONTAINER -- /opt/miaou-sympa/tools/sympa_import.bash "/root/$import_base"
+
+install_fake_additional

sympa/recipe/sympa_ldap_auth_remote.recipe

@@ -1,18 +1,36 @@
 #!/usr/bin/env miaou-recipe
 
-# changes in /etc/sympa/auth.conf
-if grep -q '.*host 192.168.1.254:389.*' /etc/sympa/auth.conf; then
-	/opt/miaou-bash/tools/append_or_replace '.*host 192.168.1.254:389.*' "\thost 127.0.0.1:3890" /etc/sympa/auth.conf
-	echo 'sympa auth from LDAP local 127.0.0.1:3890 is now active'
-else
-	echo 'sympa auth from LDAP local 127.0.0.1:3890 already enabled'
-fi
-
-# start SSH port translation if needed
-if ! ss -tln | grep -q 127.0.0.1:3890; then
-	ssh -fN listes.artcode.re -L 3890:192.168.1.254:389
-	echo 'SSH port translation 3890 is now active!'
-	systemctl restart wwsympa.socket
-else
-	echo 'SSH already enabled!'
-fi
+# CONSTANTS
+
+LDAP_SERVER=192.168.1.254
+LOCAL_PORT=3890
+
+# FUNCTIONS
+
+function tweak_sympa_auth {
+	if grep -q ".*host $LDAP_SERVER.*" /etc/sympa/auth.conf; then
+		/opt/miaou-bash/tools/append_or_replace ".*host $LDAP_SERVER:389.*" "\thost 127.0.0.1:$LOCAL_PORT" /etc/sympa/auth.conf
+		echo "sympa auth from LDAP local 127.0.0.1:$LOCAL_PORT is now active"
+	else
+		echo "sympa auth from LDAP local 127.0.0.1:$LOCAL_PORT already enabled"
+	fi
+}
+
+function ssh_port_translation {
+	if ! ss -tln | grep -q 127.0.0.1:$LOCAL_PORT; then
+
+		local sympa_domain=$(grep ^domain /etc/sympa/sympa/sympa.conf | cut -f2)
+
+		ssh -fN $sympa_domain -L $LOCAL_PORT:$LDAP_SERVER:389
+		echo "SSH port translation $LOCAL_PORT is now listening!"
+		systemctl restart wwsympa.socket
+	else
+		echo 'SSH listener already enabled!'
+	fi
+}
+
+# MAIN
+
+set -Eue
+tweak_sympa_auth
+ssh_port_translation