adminconf/printscan-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add cupsd.conf and TODOs in setup.sh

Browse Source
This commit is contained in:
Alexandre CATTEAU 2022-03-11 12:54:43 +01:00
parent dddf240da8
commit 524c6e99a9
3 changed files with 107 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -18,3 +18,4 @@ Version 3.1 implementation works roughly as follows:
Files in this repository cover all the SBC setup. Files in this repository cover all the SBC setup.
#### Installation #### Installation
* `setup.sh` is a script automating the installation and configuration of required software * `setup.sh` is a script automating the installation and configuration of required software
* `cupsd.conf` is the config file for CUPS, set by setup script

102
cupsd.conf Normal file
View File

@ -0,0 +1,102 @@
LogLevel debug
PageLogFormat
MaxLogSize 0
# Allow remote access
Port 631
Listen /var/run/cups/cups.sock
Browsing On
BrowseLocalProtocols dnssd
DefaultAuthType Basic
WebInterface Yes
<Location />
# Allow remote administration...
Order allow,deny
Allow @LOCAL
</Location>
<Location /admin>
# Allow remote administration...
Order allow,deny
Allow @LOCAL
</Location>
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
# Allow remote access to the configuration files...
Order allow,deny
Allow @LOCAL
</Location>
<Location /admin/log>
AuthType Default
Require user @SYSTEM
Order allow,deny
# Allow remote access to the log files...
Order allow,deny
Allow @LOCAL
</Location>
<Policy default>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy authenticated>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default

8
setup.sh
View File

@ -33,7 +33,7 @@ add_users() {
usermod -a -G lp saned usermod -a -G lp saned
} }
get_conf() { get_conf() { # TODO
echo "Getting configuration" echo "Getting configuration"
sudo -H -u $user mkdir $sync_directory_path sudo -H -u $user mkdir $sync_directory_path
cp $run_directory_path/conf-sync.sh $sync_directory_path/ cp $run_directory_path/conf-sync.sh $sync_directory_path/
@ -42,7 +42,7 @@ get_conf() {
sudo -H -u $user $sync_directory_path/conf-sync.sh sudo -H -u $user $sync_directory_path/conf-sync.sh
} }
set_conf() { set_conf() { # TODO
echo "Setting configuration" echo "Setting configuration"
ln -s $sync_directory_path/conf-sync-server.timer $systemd_units_path/conf-sync.timer ln -s $sync_directory_path/conf-sync-server.timer $systemd_units_path/conf-sync.timer
ln -s $sync_directory_path/*.service $systemd_units_path/ ln -s $sync_directory_path/*.service $systemd_units_path/
@ -53,10 +53,10 @@ set_conf() {
set_cups_conf() { set_cups_conf() {
echo "Setting CUPS configuration" echo "Setting CUPS configuration"
mv $cups_conf_path/cupsd.conf $cups_conf_path/cupsd.conf.orig mv $cups_conf_path/cupsd.conf $cups_conf_path/cupsd.conf.orig
ln -s $sync_directory_path/cupsd.conf $cups_conf_path/cupsd.conf ln -s $sync_directory_path/cupsd.conf $cups_conf_path/cupsd.conf # TODO
} }
set_sane_conf() { set_sane_conf() { # TODO
echo $printscan_container_ip >> /etc/sane.d/saned.conf echo $printscan_container_ip >> /etc/sane.d/saned.conf
systemctl enable saned.socket systemctl enable saned.socket
} }