From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key; unprotected) header.d=irif.fr header.i=@irif.fr header.a=rsa-sha256 header.s=dkim-irif header.b=NBM2os10 Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id A6B09A933FC for ; Fri, 25 Oct 2024 16:35:08 +0200 (CEST) Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 49PEZ2VX012680 for ; Fri, 25 Oct 2024 16:35:02 +0200 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 07EC234AAD for ; Fri, 25 Oct 2024 16:35:01 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=irif.fr; h= content-type:content-type:mime-version:user-agent:subject :subject:from:from:message-id:date:date:received:received; s= dkim-irif; t=1729866900; x=1730730901; bh=oj8LUnMq3iQaLnKQWecJat RQzLU3DJ6LX0yWTzghbhg=; b=NBM2os10Mvdll4tgJyobJUuOdVlBUYEWFIeulY VGDcsxKc807B/YsTDeNBc9ZPpuXrKaNf1Cujd1pUwu6WTtWgJZzeFeq2rhIgvoH6 34eMNp7CcRXO8JRQzxywv9IzuLj+Gr/ceFGOmR/xhqYpgiDNjk7MYoDTV/8avNUH y0DkrsmPYoGV14UX/B96ct3yjgwy+tAdiuS/1ojJ5q4MU5wrXSK9HpkUoIm9AVIt 0sEIiouOI/KedypUk7i7RHpytdXbd+G3uc0ZHNkxU2xtq/CgHHkZyPdEdoUym8nF dpALVB/AkpeGh9bSohctYJoLUn71IKQGdzCE21xRUAPYtopA== X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id s5y-8Evbnbal for ; Fri, 25 Oct 2024 16:35:00 +0200 (CEST) Received: from pirx.irif.fr (89-64-88-149.dynamic.chello.pl [89.64.88.149]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 3EA6834931 for ; Fri, 25 Oct 2024 16:34:59 +0200 (CEST) Date: Fri, 25 Oct 2024 16:34:57 +0200 Message-ID: <87frokz1wu.wl-jch@irif.fr> From: Juliusz Chroboczek To: galene@lists.galene.org User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/29.4 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Fri, 25 Oct 2024 16:35:03 +0200 (CEST) X-Miltered: at korolev with ID 671BAC96.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 671BAC96.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 671BAC96.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham Message-ID-Hash: 4XMMKDW5E7GQJR2C3PJHQIJ7WBJXVGZO X-Message-ID-Hash: 4XMMKDW5E7GQJR2C3PJHQIJ7WBJXVGZO X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list Subject: [Galene] Announce: galenectl List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Hi, I've just merged a management utility for Galene into master. It's designed to be easily scriptable but also useful for the command line. 0. Upgrade your Galene instance to current master (Really do. In principle, the management interface has been stable for months, but while developing galenectl I've found and fixed a number of bugs.) 1. Build galenectl and put it somewhere in your path cd galenectl go build mv galenectl ~/bin/ 2. If you haven't done so already, create a server administrator Type galenectl hash-password -type bcrypt then copy the resulting password into your `data/config.json` file, which should look like this: { "writableGroups": true, "users": {"jch": {"password": {"type":"bcrypt","key":"..."}, "permissions": "admin"}}, "publicServer": true } 3. Set up your `~/.config/galene/galenectl.json`. It should look like this: { "server": "https://galene.example.org:8443/", "admin-username": "jch", "admin-password": "topsecret" } 4. Create a group galenectl create-group -group example 5. Create a few users galenectl create-user -group example -user jch -permissions op galenectl create-user -group example -user bob galenectl create-user -group example -wildcard -permissions observe The first user is a group operator. The second has default permissions. The third one is the wildcard user, used for any username other than "jch" and "bob". 6. Set the user's initial passwords galenectl set-password -group example -user jch galenectl set-password -group example -user bob galenectl set-password -group example -wildcard -type wildcard We've set ordinary password for users jch and bob (hashed on the client side, so the server never sees the cleartext password). As to the wildcard user, we've set it to have a wildcard password -- any password will do. Please test, and let me know if any changes are required. As to myself, I'll now implement token management in galenectl, and then setting individual group parameters. -- Juliusz