I got interrested in Gibbon in Building the Education Team and installed it on NethServer, here is what I did:
EDIT 10.9.2018:
Update to version 16.0.01
# Install php5.6 and mysql
yum -y install http://mirror.de-labrusse.fr/NethServer/7/x86_64/nethserver-stephdl-1.0.6-1.ns7.sdl.noarch.rpm
yum -y install http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum -y install unzip nethserver-mysql nethserver-php-scl
# Get Gibbon, move it to html folder and set rights
wget https://github.com/GibbonEdu/core/archive/v16.0.01.zip
unzip v16.0.01.zip
mv core-16.0.01 /var/www/html/gibbon
chown apache:apache -R /var/www/html/gibbon
# Create database and user
mysql
create database gibbon character set utf8 collate utf8_bin;
grant all privileges on gibbon.* to gibbon@localhost identified by 'SECRET';
exit;
Great effort. Am I correct that the NethServer http module is a dependency too?
Now step 2: hack gibbon to get users from NS account provider…
On the other side, we might want to wonder how a school would enter new students. Unless there is a ‘mass erolment’ option I think most schools will prepare a CVS and import those into DAD/Samba4/LDAP.
Do we have any school sysadmins in our community? @FMFREAK, care to comment on this?
@mrmarkuz: There is a module to generate and store secrets in /var/lib/nethserver/secrets. It might be a good idea to use that to create the mysql database with.
I have asked the Gibbon devs before of AD/LDAP support could be added. They tried but have cancelled the feature request: not enough expertise with AD/LDAP
row 26:
In the meantime, filtering the Gibbon website for user export feature…
In the first video (Gibbon training day session2) at timestamp 38m05sec there is a question about AD/LDAP and why they didn’t manage to get it running.
I found an import function so at least we are able to import csv files, which will help on migrating scenarios and maybe we can use it in combination with the export script /etc/e-smith/events/actions/nethserver-sssd-export-accounts. It creates users.tsv which may be converted to a CSV easily with something like this:
The result may be imported to Gibbon with a default password which has to be changed at first login.
I spent quite some time watching the Gibbon support video’s on youtube… They are enlightening! It gives quite some ideas to get users from NS accountprovider to Gibbbon.
I understood the CSV import option is always a complete set of users. You can not add a delta of new users. You always need to import the complete set of users and the import will ignore the already existing users.
I also saw that the format is very basic. Although there are many options you can add, it is nothing more than a preconfigured CSV.
Besides that Gibbon has plenty of opportunities to create custom fields through the webinterface. I am getting quite excited about this application!
It’s also for adding some new users as far as I understand.
I watched the video part about why not implementing AD/LDAP. He complains about too much different implementations. There are 3 (LDAP, AD, Apple Open Directory) and if you do a google search you’ll easily find code snippets how to implement those in PHP. I am not a PHP dev and maybe it’s really complex but it seems it’s just not their goal.
To “hack” it, we would have to change the login procedure into asking some directory server instead of its mysql database. Horde or roundcube are written in PHP too, maybe we can do some copy/paste…
Maybe for the education server we use gibbon as user base (because it saves much more info about a user) and sync to Nethserver? Just an idea…or a hook in Nethserver when creating a user to sync to gibbon immediately…
Then… if it it turns out doable, we could do a PR so it gets adopted in Gibbon. It would be a LOT better to read from LDAP/AD natively then create some work around exporting users and importing them in Gibbon… (although several applications DO exactly that to fill the local database with LDAP /AD users.)
What I also was think about is using RADIUS… The application (in this case, Gibbon) just asks if a user X with password Y exists in the user source and if that user is allowed to do Z… The only thing RADIUS does is say yes or no… (after checking with the user source)
@robb
On our Secondary school in the Netherlands we have Magister. Because there is no connection possible between Magister and our Active Directory we have to use a CSV. We put that in a program called ADManager.
The problem to make international OSS for schools, is that every country has its own laws. But maybe Gibbon is a good starting point to make a country based School program.
I updated the howto to gibbon version 16.0.01 and adapted the LDAP user export script to create a gibbon importable csv /var/lib/nethserver/backup/gibbon.csv. It’s just a starting point and has to be improved…
create_gibbon_csv.pl
#!/usr/bin/perl
use strict;
use warnings;
use JSON;
use NethServer::Password;
my $users = decode_json(`/usr/libexec/nethserver/list-users`) or die("Can't read user list");
my $generator = NethServer::Password->new('', {length => 8});
my $base_dir = '/var/lib/nethserver/backup/';
my $out_users = $base_dir . 'gibbon.csv';
if ( ! -d $base_dir ) {
mkdir $base_dir;
}
open(my $fh, '>:utf8', $out_users) or die "Could not open file '$out_users': $!";
foreach (keys(%$users)) {
my $password = $generator->generate();
my $key = $_;
$key =~ s/(@.*)//; # strip domain
print $fh "'','surname','".$key."','".$key."','".$users->{$_}->{'gecos'}."','','F','".$key."','','','','Student'\n";
}
close $fh;
But in gibbon there are families, staff and users which can be Teacher, Support Staff, Student or Parent. None of these mappings are prefilled in Nethserver AD/LDAP. Maybe we can use Nethserver groups like Staff, Students and Parents.
Gibbon user import is now able to sync or do a complete import from CSV.
THANK YOU @mrmarkuz
I will give it a go soon. I am in the process of getting Linuxschools Karoshi server migrated to NethServer. As soon the NethServer instance is up and running I will install Gibbon and try the user import/export script. It would be HUGE to have this available.
It’s just an example script now, one has to change delimiter to ' and set a default password for all users in the Gibbon web UI. In general it would be interesting how to do a smart mapping of nethserver accounts to gibbon staff, member, students and so on.
php5.6 will be deprecated as of Januari 1st 2019 http://php.net/supported-versions.php
I suggest to use at least 7.1. I tested an install of Gibbon with php7.1-scl and that works fine.
I tried to install Gibbon in a vhost. Since vhosts are available in NS, and intended as default for webapps, I think it would be a good idea to have gibbon installed there. BUT… It is probably my lack of knowledge, but I fail to end up at a webinterface when gibbon is extracted in the assigned vhost (at /var/lib/nethserver/vhost/gibbon/)
Maybe this needs a separate topic, but it would be great to get some explanation how vhosts work and how to get them to work.