Difference between revisions of "stoney storage: OpenLDAP directory data organisation"
[checked revision] | [checked revision] |
(→Storage SSL-Certificates) |
(→Storage) |
||
Line 7: | Line 7: | ||
= Storage = | = Storage = | ||
The following LDIF shows the '''storage''' LDAP entry for the stoney storage service: | The following LDIF shows the '''storage''' LDAP entry for the stoney storage service: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: top | |
+ | ou: storage | ||
+ | description: The sub tree for the Nextcloud based stoney storage service. | ||
+ | </source> | ||
== Storage - Configuration == | == Storage - Configuration == | ||
The sub tree for the configuration of the storage storage service: | The sub tree for the configuration of the storage storage service: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | ou: configuration | |
+ | description: The sub tree for the configuration of the Nextcloud based stoney storage service. | ||
+ | </source> | ||
=== Storage - Configuration - Provisioning daemon === | === Storage - Configuration - Provisioning daemon === | ||
Line 24: | Line 29: | ||
The sub tree for the configuration of the '''prov-storage-nextcloud''' daemon: | The sub tree for the configuration of the '''prov-storage-nextcloud''' daemon: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=prov-storage-nextcloud,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: sstServiceConfigurationObjectClass | |
− | + | ou: prov-storage-nextcloud | |
− | + | description: The sub tree for the configuration of the prov-storage-nextcloud daemon. | |
+ | sstIsActive: TRUE | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 58: | Line 65: | ||
=== Storage - Configuration - Resellers === | === Storage - Configuration - Resellers === | ||
The sub tree for the reseller specific storage storage service settings: | The sub tree for the reseller specific storage storage service settings: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | ou: reseller | |
+ | description: The sub tree for the reseller specific configuration of the Nextcloud based stoney storage service. | ||
+ | </source> | ||
The sub tree for the specific storage storage service settings for the reseller Reseller Ltd. with the uid 4000000. | The sub tree for the specific storage storage service settings for the reseller Reseller Ltd. with the uid 4000000. | ||
− | + | <source lang="ldif"> | |
− | + | dn: uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: sstReseller | |
− | + | objectclass: sstServiceConfigurationObjectClass | |
− | + | uid: 4000000 | |
− | + | o: Reseller Ltd. | |
− | + | description: The sub tree for the specific storage storage service settings for the reseller Reseller Ltd. with the uid 4000000. | |
− | + | sstIsActive: TRUE | |
− | + | sstIsCompany: TRUE | |
− | + | sstIsDefault: TRUE | |
+ | sstBelongsToResellerUID: 4000000 | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 140: | Line 151: | ||
==== Storage - Configuration - Reseller - Account defaults ==== | ==== Storage - Configuration - Reseller - Account defaults ==== | ||
− | The sub tree for the storage account defaults for the storage storage service for the reseller Reseller Ltd. with the uid 4000000: | + | The sub tree for the storage account defaults for the storage storage service for the reseller Reseller Ltd. with the uid 4000000: |
− | + | <source lang="ldif"> | |
− | + | dn: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: sstStorage | |
− | + | ou: defaults | |
− | + | description: The sub tree for the default settings of the storage storage service for the reseller Reseller Ltd. with the uid 4000000. | |
− | + | loginShell: /bin/sh | |
− | + | shadowMax: 99999 | |
− | + | shadowWarning: 7 | |
− | + | shadowFlag: 134539460 | |
− | + | sstStorageWarningDays: 1 | |
− | + | sstStorageWarningNumbers: 0 | |
− | + | sstStorageWarningOn: FALSE | |
− | + | sstNotificationWarningLevel: 85 | |
− | + | sstNotificationWarningMedium: mail | |
− | + | sstStorageSize: 0 | |
− | + | sstIncrementSize: 0 | |
− | + | sstStorageIntervalHourly: 0 | |
− | + | sstStorageIntervalDaily: 7 | |
− | + | sstStorageIntervalWeekly: 4 | |
− | + | sstStorageIntervalMonthly: 3 | |
− | + | sstStorageIntervalYearly: 0 | |
− | + | sstUseSelfcare: FALSE | |
− | + | sstUseSSH: TRUE | |
+ | sstIsActive: TRUE | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 392: | Line 405: | ||
==== Storage - Configuration - Reseller - Notification settings ==== | ==== Storage - Configuration - Reseller - Notification settings ==== | ||
The sub tree stores the notification information for the storage storage service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. The idea is, that the reseller can receive notifications for a customer and react on the received information (for example, when the quota has been reached): | The sub tree stores the notification information for the storage storage service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. The idea is, that the reseller can receive notifications for a customer and react on the received information (for example, when the quota has been reached): | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: sstNotificationObjectClass | |
− | + | ou: notifications | |
− | + | description: The sub tree stores the notification information for the storage storage service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. | |
− | + | sstMailTo: Support stepping stone GmbH <support@stepping-stone.ch> | |
− | + | sstNotificationWarning: quota | |
− | + | sstNotificationWarning: schedule | |
+ | sstNotificationWarning: unsuccessful | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 450: | Line 465: | ||
==== Storage - Configuration - Reseller - Account Settings ==== | ==== Storage - Configuration - Reseller - Account Settings ==== | ||
− | The sub tree stores the information about what can be modified in which scope for the storage storage service for the reseller Reseller Ltd. with the uid 4000000: | + | The sub tree stores the information about what can be modified in which scope for the storage storage service for the reseller Reseller Ltd. with the uid 4000000: |
− | + | <source lang="ldif"> | |
− | + | dn: ou=settings,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: sstServiceSettingsObjectClass | |
− | + | ou: settings | |
− | + | description: This sub tree stores the information about what can be modified in which scope. | |
− | + | sstVolumeCapacityDefault: 1073741824 | |
− | + | sstVolumeCapacityMin: 1073741824 | |
− | + | sstVolumeCapacityMax: 536870912000 | |
− | + | sstVolumeCapacityStep: 1073741824 | |
− | + | sstNotificationWarningMediumChange: FALSE | |
− | + | sstNotificationWarningMediumAdd: TRUE | |
− | + | sstQuotaChange: FALSE | |
− | + | sstSendCredentialsTo: owner | |
− | + | sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> | |
+ | preferredLanguage: de-CH | ||
+ | </source> | ||
Human readable format: | Human readable format: | ||
Line 654: | Line 671: | ||
==== Storage - Configuration - Reseller - Templates ==== | ==== Storage - Configuration - Reseller - Templates ==== | ||
This sub tree contains the templates for the storage storage service for the reseller Reseller Ltd. with the uid 4000000: | This sub tree contains the templates for the storage storage service for the reseller Reseller Ltd. with the uid 4000000: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | ou: templates | |
+ | description: This sub tree contains the templates for the storage storage service for the reseller Reseller Ltd. with the uid 4000000. | ||
+ | </source> | ||
===== Storage - Configuration - Reseller - Credentials templates ===== | ===== Storage - Configuration - Reseller - Credentials templates ===== | ||
− | This sub tree contains the credentials templates for the storage storage service: | + | This sub tree contains the credentials templates for the storage storage service: |
− | + | <source lang="ldif"> | |
− | + | dn: ou=credentials,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: sstTemplateSetup | |
− | + | ou: credentials | |
− | + | description: This leaf contains the credential templates for the storage storage service. | |
− | + | sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> | |
− | + | sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/credentials/credentials_mail | |
− | + | sstMailTemplateFormatSource: txt | |
− | + | sstMailTemplateFormatTarget: txt | |
− | + | sstTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/credentials/credentials_attachment | |
− | + | sstTemplateFormatSource: odt | |
+ | sstTemplateFormatTarget: pdf | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 830: | Line 851: | ||
Warns the user when the storage is running out of space (quota). | Warns the user when the storage is running out of space (quota). | ||
− | This sub tree contains the quota templates for the storage storage service: | + | This sub tree contains the quota templates for the storage storage service: |
− | + | <source lang="ldif"> | |
− | + | dn: ou=quota,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | objectclass: sstTemplateSetup | |
− | + | ou: quota | |
− | + | description: This leaf contains the quota templates for the storage storage service. | |
− | + | sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> | |
− | + | sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/quota/quota_mail | |
− | + | sstMailTemplateFormatSource: txt | |
− | + | sstMailTemplateFormatTarget: txt | |
− | + | sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/quota/quota_mail_reseller | |
− | + | sstMailTemplateFormatSource: txt | |
+ | sstMailTemplateFormatTarget: txt | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 997: | Line 1,020: | ||
== Storage - Accounts == | == Storage - Accounts == | ||
The sub tree for the accounts of the stoney storage service: | The sub tree for the accounts of the stoney storage service: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | ou: accounts | |
+ | description: The sub tree for the accounts of the stoney storage service. | ||
+ | </source> | ||
=== Storage - Account example === | === Storage - Account example === | ||
The following example shows the OpenLDAP directory entry for the storage storage account with the uid number 3730083: | The following example shows the OpenLDAP directory entry for the storage storage account with the uid number 3730083: | ||
− | + | <source lang="ldif"> | |
− | + | dn: uid=3730083,ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: account | |
− | + | objectclass: posixAccount | |
− | + | objectclass: shadowAccount | |
− | + | objectclass: sstStorage | |
− | + | objectclass: sstProvisioning | |
− | + | objectclass: sstRelationship | |
− | + | uid: 3730083 | |
− | + | userPassword: {SSHA}E/KLUgeAtApAPQ7mG2GMddCxTE9m9QOS | |
− | + | uidNumber: 3730083 | |
− | + | gidNumber: 3730083 | |
− | + | cn: 3730083.stoney-storage.com | |
− | + | gecos: 3730083.stoney-storage.com | |
− | + | homeDirectory: /var/storage/3/083/730/3730083 | |
− | + | loginShell: /bin/false | |
− | + | shadowFlag: 134539460 | |
− | + | shadowLastChange: 11108 | |
− | + | shadowMax: 99999 | |
− | + | shadowWarning: 7 | |
− | + | sstIsActive: TRUE | |
− | + | sstNotificationWarningOn: TRUE | |
− | + | sstNotificationWarningMedium: mail | |
− | + | sstInformPersonUID: 1000482 | |
− | + | sstQuota: 42949672960 | |
− | + | sstSoftwareVersion: 12.0.1 | |
− | + | sstFileUploadSize: 5368709120 | |
− | + | host: kvm-1185 | |
− | + | sstProvisioningMode: add | |
− | + | sstProvisioningExecutionDate: 0 | |
− | + | sstProvisioningState: 0 | |
− | + | sstBelongsToResellerUID: 4000000 | |
− | + | sstBelongsToCustomerUID: 4000001 | |
+ | sstBelongsToPersonUID: 4000002 | ||
+ | </source> | ||
The following table describes the different attributes: | The following table describes the different attributes: | ||
Line 1,285: | Line 1,312: | ||
== Storage - Groups == | == Storage - Groups == | ||
The sub tree for the groups of the storage storage service: | The sub tree for the groups of the storage storage service: | ||
− | + | <source lang="ldif"> | |
− | + | dn: ou=groups,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | ou: groups | |
+ | description: The sub tree for the groups of the storage storage service. | ||
+ | </source> | ||
=== Storage - Group example === | === Storage - Group example === | ||
− | + | <source lang="ldif"> | |
− | + | dn: cn=3730083,ou=groups,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: posixGroup | |
− | + | objectclass: sstRelationship | |
− | + | cn: 3730083 | |
− | + | gidNumber: 3730083 | |
− | + | sstIsActive: TRUE | |
− | + | sstBelongsToResellerUID: 4000000 | |
− | + | sstBelongsToCustomerUID: 4000001 | |
+ | sstBelongsToPersonUID: 4000002 | ||
+ | </source> | ||
== Storage - SSL-certificates == | == Storage - SSL-certificates == | ||
The leaf entries for SSL-certificates of the storage storage service (where uid=(.+) is a regular expression): | The leaf entries for SSL-certificates of the storage storage service (where uid=(.+) is a regular expression): | ||
− | + | <source lang="ldif"> | |
− | + | dn: uid=(.+),uid=(.+),ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: organizationalUnit | |
− | + | uid: (.+) | |
− | + | sstWebsiteURL: box.stepping-stone.ch | |
− | + | host: kvm-1185 | |
− | + | sstIsActive: TRUE | |
− | + | sstProvisioningMode: add | |
− | + | sstProvisioningExecutionDate: 0 | |
− | + | sstProvisioningState: 0 | |
− | + | sstBelongsToResellerUID: 4000000 | |
− | + | sstBelongsToCustomerUID: 4000001 | |
+ | sstBelongsToPersonUID: 4000002 | ||
+ | </source> | ||
=== Storage - SSL-certificate example === | === Storage - SSL-certificate example === | ||
− | + | <source lang="ldif"> | |
− | + | dn: uid=3732364,uid=3730083,ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org | |
− | + | objectclass: top | |
− | + | objectclass: sstStorageCertificate | |
− | + | objectclass: sstProvisioning | |
− | + | objectclass: sstRelationship | |
− | + | uid: 3732364 | |
− | + | sstWebsiteURL: box.stepping-stone.ch | |
− | + | host: kvm-1185 | |
− | + | sstIsActive: TRUE | |
− | + | sstProvisioningMode: add | |
− | + | sstProvisioningExecutionDate: 0 | |
− | + | sstProvisioningState: 0 | |
− | + | sstBelongsToResellerUID: 4000000 | |
− | + | sstBelongsToCustomerUID: 4000001 | |
+ | sstBelongsToPersonUID: 4000002 | ||
+ | </source> | ||
== Storage Provisioning == | == Storage Provisioning == |
Revision as of 16:54, 1 November 2019
Contents
- 1 Abstract
- 2 Data Organisation
- 3 Storage
- 3.1 Storage - Configuration
- 3.1.1 Storage - Configuration - Provisioning daemon
- 3.1.2 Storage - Configuration - Resellers
- 3.1.2.1 Storage - Configuration - Reseller - Account defaults
- 3.1.2.2 Storage - Configuration - Reseller - Notification settings
- 3.1.2.3 Storage - Configuration - Reseller - Account Settings
- 3.1.2.4 Storage - Configuration - Reseller - Templates
- 3.2 Storage - Accounts
- 3.3 Storage - Groups
- 3.4 Storage - SSL-certificates
- 3.5 Storage Provisioning
- 3.1 Storage - Configuration
- 4 Links
Abstract
This document describes the OpenLDAP directory data organisation for the stoney storage service.
Data Organisation
The following chapters explain the data organisation of the stoney cloud OpenLDAP directory. In this case we are looking at the stoney storage service.
Storage
The following LDIF shows the storage LDAP entry for the stoney storage service:
dn: ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: organizationalUnit objectclass: top ou: storage description: The sub tree for the Nextcloud based stoney storage service.
Storage - Configuration
The sub tree for the configuration of the storage storage service:
dn: ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: configuration description: The sub tree for the configuration of the Nextcloud based stoney storage service.
Storage - Configuration - Provisioning daemon
See the Services description for the naming convention.
The sub tree for the configuration of the prov-storage-nextcloud daemon:
dn: ou=prov-storage-nextcloud,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstServiceConfigurationObjectClass ou: prov-storage-nextcloud description: The sub tree for the configuration of the prov-storage-nextcloud daemon. sstIsActive: TRUE
The following table describes the different attributes:
Attribute | |
|
Description |
description | |
|
The description of the leaf. |
sstIsActive | |
|
Is the entry active? Either true (yes) or false (no). |
Legend:
- x: Mandatory in all cases.
Storage - Configuration - Resellers
The sub tree for the reseller specific storage storage service settings:
dn: ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: reseller description: The sub tree for the reseller specific configuration of the Nextcloud based stoney storage service.
The sub tree for the specific storage storage service settings for the reseller Reseller Ltd. with the uid 4000000.
dn: uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: sstReseller objectclass: sstServiceConfigurationObjectClass uid: 4000000 o: Reseller Ltd. description: The sub tree for the specific storage storage service settings for the reseller Reseller Ltd. with the uid 4000000. sstIsActive: TRUE sstIsCompany: TRUE sstIsDefault: TRUE sstBelongsToResellerUID: 4000000
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
uid | |
|
|
|
A unique integer value with 7 digits or more. For example: 4000000. |
o | |
|
|
|
The company name, for example: stepping stone GmbH. |
description | |
|
|
|
The description of the leaf. |
sstIsActive | |
|
|
|
Is the entry active? Either TRUE (yes) or FALSE (no).
|
sstIsDefault | |
|
|
|
Contains the leaf a default entry? Either TRUE (yes) or FALSE (no). If sstIsDefault is set to TRUE , this entry acts as a fall back configuration. In other words: If a reseller doesn't have his own storage storage service configuration, then this on will be used.
|
sstBelongsToResellerUID | |
|
|
|
Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000. |
Legend:
- x: Mandatory in all cases.
Storage - Configuration - Reseller - Account defaults
The sub tree for the storage account defaults for the storage storage service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstStorage ou: defaults description: The sub tree for the default settings of the storage storage service for the reseller Reseller Ltd. with the uid 4000000. loginShell: /bin/sh shadowMax: 99999 shadowWarning: 7 shadowFlag: 134539460 sstStorageWarningDays: 1 sstStorageWarningNumbers: 0 sstStorageWarningOn: FALSE sstNotificationWarningLevel: 85 sstNotificationWarningMedium: mail sstStorageSize: 0 sstIncrementSize: 0 sstStorageIntervalHourly: 0 sstStorageIntervalDaily: 7 sstStorageIntervalWeekly: 4 sstStorageIntervalMonthly: 3 sstStorageIntervalYearly: 0 sstUseSelfcare: FALSE sstUseSSH: TRUE sstIsActive: TRUE
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
loginShell | |
|
|
|
The path to the login shell. The default is /bin/sh. |
shadowMax | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the maximum number of days the password is valid. The default is 99999, which corresponds to about 273 years. In reality, this means, that the user does not need to change the password. |
shadowWarning | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the number of days before the password expires that the user is warned. The default is 7. |
shadowFlag | |
|
|
|
Related to the /etc/shadow file, this attribute is currently not used and is reserved for future use. The default is set to 134539460.
|
sstVolumeCapacityDefault | |
|
|
|
|
sstVolumeCapacityMin | |
|
|
|
|
sstVolumeCapacityMax | |
|
|
|
|
sstVolumeCapacityStep | |
|
|
|
|
sstQuotaChange | |
|
|
|
Can the user change the quota? Either TRUE (yes) or FALSE (no). Default is FALSE (no).
|
sstStorageWarningDays | |
|
|
|
After how many missed storage days should the user be warned. Possible values are between 0 and 99. Default is 1. |
sstStorageWarningNumbers | |
|
|
|
After how many missed storages should the user be warned. Possible values are between 0 and 99. Default is 0. |
sstStorageWarningOn | |
|
|
|
Does the user want to informed about failed storages (TRUE) or not (FALSE). |
sstNotificationWarningLevel | |
|
|
|
The quota notification level in percent, when the owner of the storage needs to warned. A value between 0 and 100. The default is 85 percent. |
sstNotificationWarningMedium | |
|
|
|
The notification medium, either sms (points to the multi-valued attribute mobileTelephoneNumber ) or mail (points to the multi-valued attribute mail ). Currently, only mail is supported.
|
sstNotificationWarningMediumChange | |
|
|
|
Can a user change the notification warning medium? Either TRUE (yes) or FALSE (no). The default is FALSE (no).
|
sstNotificationWarningMediumAdd | |
|
|
|
Can a user add new notification warning mediums (mobileTelephoneNumber or mail ? Either TRUE (yes) or FALSE (no). The default is TRUE (yes). Currently, only adding new mail addresses are supported.
|
sstStorageIntervalHourly | |
|
|
|
How many hourly storages do we want? The default is 0. |
sstStorageIntervalDaily | |
|
|
|
How many daily storages do we want? The default is 7. |
sstStorageIntervalWeekly | |
|
|
|
How many weekly storages do we want? The default is 4. |
sstStorageIntervalMonthly | |
|
|
|
How many monthly storages do we want? The default is 3. |
sstStorageIntervalYearly | |
|
|
|
How many yearly storages do we want? The default is 0. |
sstIsActive | |
|
|
|
Is the storage account active? Either TRUE (yes) or FALSE (no). Default is TRUE (yes).
|
sstUseSelfcare | |
|
|
|
Can the Self-Service interface be used with the credentials of the storage account? Either TRUE (yes) or FALSE (no). Default is FALSE (no).
|
sstUseSSH | |
|
|
|
Is the ssh service active for the storage account? Either TRUE (yes) or FALSE (no). Default is TRUE (yes).
|
Legend:
- x: Mandatory in all cases.
Storage - Configuration - Reseller - Notification settings
The sub tree stores the notification information for the storage storage service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. The idea is, that the reseller can receive notifications for a customer and react on the received information (for example, when the quota has been reached):
dn: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstNotificationObjectClass ou: notifications description: The sub tree stores the notification information for the storage storage service for the reseller Reseller Ltd. with the uid 4000000. This information is used independently of the notification settings of the users. sstMailTo: Support stepping stone GmbH <support@stepping-stone.ch> sstNotificationWarning: quota sstNotificationWarning: schedule sstNotificationWarning: unsuccessful
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstMailTo | |
|
|
|
|
sstNotificationWarning | |
|
|
|
This multi-valued attribute will be used to turn single notifications on or off. The attribute sstStorageWarningOn must be set to TRUE Possible values are quota, schedule and unsuccessful (the names correspond with the template dn).
|
Legend:
- x: Mandatory in all cases.
Storage - Configuration - Reseller - Account Settings
The sub tree stores the information about what can be modified in which scope for the storage storage service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=settings,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstServiceSettingsObjectClass ou: settings description: This sub tree stores the information about what can be modified in which scope. sstVolumeCapacityDefault: 1073741824 sstVolumeCapacityMin: 1073741824 sstVolumeCapacityMax: 536870912000 sstVolumeCapacityStep: 1073741824 sstNotificationWarningMediumChange: FALSE sstNotificationWarningMediumAdd: TRUE sstQuotaChange: FALSE sstSendCredentialsTo: owner sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> preferredLanguage: de-CH
Human readable format:
- sstVolumeCapacityDefault: 1 Gibibyte (GiB)
- sstVolumeCapacityMin: 1 Gibibyte (GiB)
- sstVolumeCapacityMax: 500 Gibibyte (GiB)
- sstVolumeCapacityStep: 1 Gibibyte (GiB)
The following table describes how to calculate the sstVolumeCapacity* attributes:
Size | Calculation | Value |
|
1 | 1 |
|
210 | 1 024 |
|
220 | 1 048 576 |
|
230 | 1 073 741 824 |
|
5 x 230 | 5 368 709 120 |
|
10 x 230 | 10 737 418 240 |
|
100 x 230 | 107 374 182 400 |
|
500 x 230 | 536 870 912 000 |
|
240 | 1 099 511 627 776 |
|
250 | 1 125 899 906 842 624 |
|
260 | 1 152 921 504 606 846 976 |
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstVolumeCapacityDefault | |
|
|
|
|
sstVolumeCapacityMin | |
|
|
|
|
sstVolumeCapacityMax | |
|
|
|
|
sstVolumeCapacityStep | |
|
|
|
|
sstNotificationWarningMediumChange | |
|
|
|
Can a user change the notification warning medium? Either TRUE (yes) or FALSE (no). The default is FALSE (no).
|
sstNotificationWarningMediumAdd | |
|
|
|
Can a user add new notification warning mediums (mobileTelephoneNumber or mail ? Either TRUE (yes) or FALSE (no). The default is TRUE (yes). Currently, only adding new mail addresses are supported.
|
sstQuotaChange | |
|
|
|
Can the user change the quota? Either TRUE (yes) or FALSE (no). Default is FALSE (no).
|
sstSendCredentialsTo | |
|
|
|
To whom do we send the access data or credentials. At least one entry must exist. Possible values:
|
sstMailFrom | |
|
|
|
The mail address, from which the credentials are to be sent from. In the example from above, this value is Support stepping stone GmbH <support@stepping-stone.ch>. |
preferredLanguage | |
|
|
|
The notification language, which will be used to used in the mails, that are sent to the reseller, according to RFC 1766 (ISO 3166-1-alpha-2 code-ISO 639-1 Code. For example de-CH or en-GB.
|
Legend:
- x: Mandatory in all cases.
Storage - Configuration - Reseller - Templates
This sub tree contains the templates for the storage storage service for the reseller Reseller Ltd. with the uid 4000000:
dn: ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: templates description: This sub tree contains the templates for the storage storage service for the reseller Reseller Ltd. with the uid 4000000.
Storage - Configuration - Reseller - Credentials templates
This sub tree contains the credentials templates for the storage storage service:
dn: ou=credentials,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: credentials description: This leaf contains the credential templates for the storage storage service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/credentials/credentials_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/credentials/credentials_attachment sstTemplateFormatSource: odt sstTemplateFormatTarget: pdf
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstMailFrom | |
|
|
|
The mail address, from which the credentials are sent from. For example:
If this attribute does not exist, the
from
must be taken. |
sstMailTo | |
|
|
|
If this multi-valued attribute is set with one or mail address(es), then these recipients will receive the same information as the login user or the owner , depending on the value of sstSendCredentialsTo under ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org . Normally, this attribute is not set for the credentials.
|
sstMailTemplate | |
|
|
|
The template, that is used to create the mail that is sent to either the user logged in (sstSendCredentialsTo: login ) or to the owner of then newly created service (sstSendCredentialsTo: owner . For example:
|
sstMailTemplateFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holder:
Default would normally be |
sstMailTemplateFormatTarget | |
|
|
|
The format of the target. Supported values:
|
sstTemplate | |
|
|
|
The template, that is used to create the attachment that is sent with the mail. For example:
|
sstTemplateFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holders:
The complete path and file name is a string concatenation of the values of the attributes
This gives us:
Default would normally be |
sstTemplateFormatTarget | |
|
|
|
The format of the target. Supported values:
Note to Self-Service developer(s). Please be aware of the following issues when using PHP-Easy-Report:
Default would normally be |
Legend:
- x: Mandatory in all cases.
Storage - Configuration - Reseller - Credentials templates email place holders (txt/html)
Address with an example:
{$company} stepping stone GmbH {$salutation} {$name} {$surname} Mr. Michael Eichenberger {$address} Neufeldstrasse 9 {$country}-{$zip} {$location} CH-3013 Bern
Date with an example:
{$day} 16 {$month} August {$year} 2013
Storage Service with an example:
{$uid} 4000124 {$password} XlWz4Qa#
Optional Values:
{$externalID} 12345
Storage - Configuration - Reseller - Credentials templates LibreOffice place holders (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Storage - Configuration - Reseller - Quota templates
Warns the user when the storage is running out of space (quota).
This sub tree contains the quota templates for the storage storage service:
dn: ou=quota,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit objectclass: sstTemplateSetup ou: quota description: This leaf contains the quota templates for the storage storage service. sstMailFrom: Support stepping stone GmbH <support@stepping-stone.ch> sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/quota/quota_mail sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.tombstone.ch/templates/services/storage/quota/quota_mail_reseller sstMailTemplateFormatSource: txt sstMailTemplateFormatTarget: txt
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
ou | |
|
|
|
|
description | |
|
|
|
|
sstMailFrom | |
|
|
|
The mail address, from which the quota mails are sent from. For example:
If this attribute does not exist, the
from
must be taken. |
sstMailTo | |
|
|
|
If this multi-valued attribute is set with one or mail address(es), then these recipients will receive the same information as the owner. Normally, this attribute is not set. |
sstMailTemplate | |
|
|
|
The template, that is used to create the mail that is sent to the owner of the service if sstStorageWarningOn: TRUE and sstNotificationWarningMedium: mail . If the mail is not set, you must look for the mail in the owners person entry under uid=<UID>,ou=people,dc=stoney-cloud,dc=org .
For example:
|
sstMailTemplateFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holder:
Default would normally be |
sstMailTemplateFormatTarget | |
|
|
|
The format of the target. Supported values:
|
sstMailTemplateReseller | |
|
|
|
The path and name to a template file, that is used to inform one or more people if the multi-valued attribute sstMailTo is set in the notifications sub tree of the reseller
and if <code>sstNotificationWarning is set to
This way, the support organisation will be pre-informed for when the customer should call or write. The information the recipients will receive, is the same as the owner, but will formatted according to:
|
sstMailTemplateResellerFormatSource | |
|
|
|
The format of the source template. Supported values:
Place holder:
The complete path and file name is a string concatenation of the values of the attributes
This gives us:
Default would normallb be |
sstMailTemplateResellerFormatTarget | |
|
|
|
The format of the target. Supported values:
Default would normallb be |
Legend:
- x: Mandatory in all cases.
- x1: Must exist, if
sstMailTo
is set.
Storage - Configuration - Reseller - Quota templates email place holders (txt/html)
An example:
{$salutation} Mr. {$surname} Eichenberger {$uid} 3723707 {$percent} 98 {$quota} 100 {$storage_size} 40 {$snapshot_size} 48
Optional Values:
{$externalID} 12345
Storage - Configuration - Reseller - Quota templates LibreOffice place holders (odt)
LibreOffice (odt) templates have the same place holders as the E-Mail (text/html) templates. The only thing that changes, are the definitions. Instead of {$placeholder}
we have {{placeholder}}
.
Storage - Accounts
The sub tree for the accounts of the stoney storage service:
dn: ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: accounts description: The sub tree for the accounts of the stoney storage service.
Storage - Account example
The following example shows the OpenLDAP directory entry for the storage storage account with the uid number 3730083:
dn: uid=3730083,ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: account objectclass: posixAccount objectclass: shadowAccount objectclass: sstStorage objectclass: sstProvisioning objectclass: sstRelationship uid: 3730083 userPassword: {SSHA}E/KLUgeAtApAPQ7mG2GMddCxTE9m9QOS uidNumber: 3730083 gidNumber: 3730083 cn: 3730083.stoney-storage.com gecos: 3730083.stoney-storage.com homeDirectory: /var/storage/3/083/730/3730083 loginShell: /bin/false shadowFlag: 134539460 shadowLastChange: 11108 shadowMax: 99999 shadowWarning: 7 sstIsActive: TRUE sstNotificationWarningOn: TRUE sstNotificationWarningMedium: mail sstInformPersonUID: 1000482 sstQuota: 42949672960 sstSoftwareVersion: 12.0.1 sstFileUploadSize: 5368709120 host: kvm-1185 sstProvisioningMode: add sstProvisioningExecutionDate: 0 sstProvisioningState: 0 sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002
The following table describes the different attributes:
Attribute | |
|
|
|
Description |
uid | |
|
|
|
The unique identifier (uid). This attribute is created by the Self-Service interface by reading (and incrementing) the next free uid from "cn=nextfreeuid,ou=administration,dc=stoney-cloud,dc=org". |
userPassword | |
|
|
|
Identifies the entry's password and encryption method in the following format: {encryption method}encrypted password . For example: {SSHA}zBiT1dHAZh/8zbCeyocRVWhdP0j9xJ3U. This password will be automatically set through the Self-Service interface. Afterwords, the password can be changed by the user (including the reseller and customer). The initial password is stored in clear text and is encrypted by the provisioning daemon.
|
uidNumber | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the user's login ID. Is the same as the uid. For example: 3730083. |
gidNumber | |
|
|
|
Group ID number. Is the same as the uid. For example: 3730083. |
cn | |
|
|
|
Consists of the uid and the domain stoney-storage.com. For example: 3730083.stoney-storage.com. |
gecos | |
|
|
|
Named for historical reasons, the GECOS field is mandatory and is used to store extra information (such as the user's full name). Utilities such as finger or getent access this field to provide additional user information. For a personal account, this entry would consist of givenName and surname , for example Michael Eichenberger . These values are taken from the owners entry (ou=people). For a service account, the attribute sstDisplayName from the corresponding service would be used for the content of this attribute. Please be aware, that this attribute is a IA5String (OID=1.3.6.1.4.1.1466.115.121.1.26) IA5 (almost ASCII) character set (7-bit). Does NOT allow extended characters e.g. é, Ø, å etc. The Self-Service interface automatically creates the content of this attribute. Consists of the uid and the domain stoney-storage.com. For example: 3730083.stoney-storage.com.
You can use: |
homeDirectory | |
|
|
|
The directory path corresponds with the 7 digit account uid. The following example describes, how the directory structure is built up for the account with the uid 3730083.
|
loginShell | |
|
|
|
The path to the login shell. The default is /bin/false and can no be changed. |
shadowFlag | |
|
|
|
Related to the /etc/shadow file, this attribute is currently not used and is reserved for future use. The default is set to 134539460 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org" entry. |
shadowLastChange | |
|
|
|
Related to the /etc/shadow file, this attribute specifies number of days between January 1, 1970, and the date that the password was last modified. Must be set to the day, that the password was set (must be updated, when the password is changed). This attribute is created by the Self-Service interface. |
shadowMax | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the maximum number of days the password is valid. The default is 99999, which corresponds to about 273 years. In reality, this means, that the user does not need to change the password. This attribute is created by the Self-Service interface. The value is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org" entry. |
shadowWarning | |
|
|
|
Related to the /etc/shadow file, this attribute specifies the number of days before the password expires that the user is warned. The default is 7 and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org" entry. |
sstIsActive | |
|
|
|
Is the storage account active? Either TRUE (yes) or FALSE (no). Default is TRUE (yes) and is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstNotificationWarningOn | |
|
|
|
Are the users notification warnings turned on or not? Either TRUE (yes) or FALSE (no). Default is TRUE (yes) and is taken from the "ou=settings,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstNotificationWarning | |
|
|
|
This multi-valued attribute will be used to turn single notifications on or off. The attribute sstStorageWarningOn must be set to TRUE Possible values are quota, schedule and unsuccessful (the names correspond with the template dn).
|
sstNotificationWarningMedium | |
|
|
|
The notification medium, either sms (points to the multi-valued attribute mobileTelephoneNumber ) or mail (points to the multi-valued attribute mail ). Currently, only mail is supported. This is the default is taken from the "ou=defaults,uid=<UID>,ou=reseller,ou=configuration,ou=storage,ou=services,dc=stoney-cloud,dc=org" entry.
|
sstSoftwareVersion | |
|
|
|
TBD |
sstFileUploadSize | |
|
|
|
TBD |
sstUseSSH | |
|
|
|
TBD |
host | |
|
|
|
TBD |
sstProvisioningMode | |
|
|
|
The provisioning mode, either add , modify or delete . For a new account, this attribute must be set to add . See Provisioning for details.
|
sstProvisioningExecutionDate | |
|
|
|
The date the provisioning shall occur in the form of [YYYY][MM][DD] (ISO 8601). For a new account, this attribute must be set to 0. See Provisioning for details. |
sstProvisioningReturnValue | |
|
|
|
The provisioning return value written by the prov-storage-nextcloud daemon. 0 means success, >0 means failure. See the prov-storage-nextcloud Exit Codes for detailed information. |
sstProvisioningState | |
|
|
|
The provisioning state, either 0 or in the form of [YYYY][MM][DD]T[hh][mm][ss] (ISO 8601). For a new account, this attribute must be set to 0. See Provisioning for details. |
sstBelongsToResellerUID | |
|
|
|
Stores the reseller UID the leaf belongs to. |
sstBelongsToCustomerUID | |
|
|
|
Stores the customer UID the leaf belongs to. |
sstBelongsToPersonUID | |
|
|
|
Stores the person UID the leaf belongs to. |
Legend:
- x: Mandatory in all cases.
- x1: Only show, if the number is larger than zero.
- x2: Only show, if
sstStorageWarningOn
is set toTRUE
. - x3: Either
sstBelongsToPersonUID
orsstBelongsToServiceUID
must bei set.
Storage - Groups
The sub tree for the groups of the storage storage service:
dn: ou=groups,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit ou: groups description: The sub tree for the groups of the storage storage service.
Storage - Group example
dn: cn=3730083,ou=groups,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: posixGroup objectclass: sstRelationship cn: 3730083 gidNumber: 3730083 sstIsActive: TRUE sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002
Storage - SSL-certificates
The leaf entries for SSL-certificates of the storage storage service (where uid=(.+) is a regular expression):
dn: uid=(.+),uid=(.+),ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: organizationalUnit uid: (.+) sstWebsiteURL: box.stepping-stone.ch host: kvm-1185 sstIsActive: TRUE sstProvisioningMode: add sstProvisioningExecutionDate: 0 sstProvisioningState: 0 sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002
Storage - SSL-certificate example
dn: uid=3732364,uid=3730083,ou=accounts,ou=storage,ou=services,dc=stoney-cloud,dc=org objectclass: top objectclass: sstStorageCertificate objectclass: sstProvisioning objectclass: sstRelationship uid: 3732364 sstWebsiteURL: box.stepping-stone.ch host: kvm-1185 sstIsActive: TRUE sstProvisioningMode: add sstProvisioningExecutionDate: 0 sstProvisioningState: 0 sstBelongsToResellerUID: 4000000 sstBelongsToCustomerUID: 4000001 sstBelongsToPersonUID: 4000002
Storage Provisioning
See the OpenLDAP provisioning page for the overview of the provisioning functionality and stoney storage: prov-storage-nextcloud the actual storage provisioning.