monit-sympa/sympa/recipe/sympa_ldap_auth_remote.recipe

#!/usr/bin/env miaou-recipe

# CONSTANTS

LDAP_SERVER=192.168.1.254
LOCAL_PORT=3890

# FUNCTIONS

function tweak_sympa_auth {
	if grep -q ".*host $LDAP_SERVER.*" /etc/sympa/auth.conf; then
		/opt/miaou-bash/tools/append_or_replace ".*host $LDAP_SERVER:389.*" "\thost 127.0.0.1:$LOCAL_PORT" /etc/sympa/auth.conf
		echo "sympa auth from LDAP local 127.0.0.1:$LOCAL_PORT is now active"
	else
		echo "sympa auth from LDAP local 127.0.0.1:$LOCAL_PORT already enabled"
	fi
}

function ssh_port_translation {
	if ! ss -tln | grep -q 127.0.0.1:$LOCAL_PORT; then

		local sympa_domain=$(grep ^domain /etc/sympa/sympa/sympa.conf | cut -f2)

		ssh -fN $sympa_domain -L $LOCAL_PORT:$LDAP_SERVER:389
		echo "SSH port translation $LOCAL_PORT is now listening!"
		systemctl restart wwsympa.socket
	else
		echo 'SSH listener already enabled!'
	fi
}

# MAIN

set -Eue
tweak_sympa_auth
ssh_port_translation