-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathREADME
63 lines (45 loc) · 2.29 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
=== Checking Out ===
You can get your own clone of Scripts Pony by doing
"git clone https://github.com/mit-scripts/scripts-pony.git". Doing this in
~/Scripts/turbogears/ is mildly recommended.
=== Install ===
To install your own instance of Scripts Pony, make a symbolic link
from somewhere in your web_scripts directory to your checkout of
Scripts Pony, and make sure that daemon.scripts can write in your checkout.
ln -s "$(pwd)/web_scripts" ~/web_scripts/pony
add consult
fsr sa . daemon.scripts write
You will also need to give daemon.scripts write access to ~/.local/bin and ~/.local/lib:
mkdir ~/.local/lib
fs sa ~/.local/lib daemon.scripts write
mkdir ~/.local/bin
fs sa ~/.local/bin daemon.scripts write
Pony will try to use your username+scripts-pony database on
sql.mit.edu. Go to sql.mit.edu and create this database, and
be sure the login info in your ~/.my.conf is accurate.
Then ssh into scripts.mit.edu, cd into ~/Scripts/turbogears/scripts-pony, and run:
python setup.py develop --user
paster setup-app development.ini
=== Mail and Cron ===
To correctly process incoming mail, you need to be signed up for
mail_scripts and Pony needs the following in ~/mail_scripts/procmailrc:
:0w
* ^Delivered-To:.*pony\+.*@.*
| /mit/locker/Scripts/turbogears/scripts-pony/handle_mail.py
To periodically check DNS automatically for tickets blocking on DNS,
you need to be signed up for cron_scripts and load a crontab that
contains:
2,17,32,49 * * * * /mit/locker/Scripts/turbogears/scripts-pony/check_dns.py
=== Authentication and Authorization ===
Scripts Pony authenticates with ~/Private/scripts-pony.keytab,
if that exists. If not, it uses no authentication (but can still
do reads).
Scripts Pony's LDAP user needs the following ACI on
ou=VirtualHosts,dc=scripts,dc=mit,dc=edu in order to make changes in
LDAP:
(target="ldap:///ou=VirtualHosts,dc=scripts,dc=mit,dc=edu")(targetattr="scriptsVhostDirectory || scriptsVhostAlias || scriptsVhostCertificate || scriptsVhostCertificateKeyFile")(version 3.0;acl "pony";allow (add, write, delete) userdn="ldap:///uid=daemon/scripts-pony.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu";)
This assumes that the user in LDAP looks like:
dn: uid=daemon/scripts-pony.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
uid: daemon/scripts-pony.mit.edu
objectClass: account
objectClass: top