I am running the latest release of Webmin (at time of writing) on Ubuntu Linux 20.04.1 LTS across a cluster of several machines behind a private network that talk to each other via the Webmin Servers Index module.
I love what the developers of Webmin have done to add features for managing a cluster of Webmin servers, but at least for some actions it seems like these features are only usable in a Web browser.
I successfully used the Cluster Users & Groups module today to sync user accounts from our primary Webmin system (that also has Virtualmin installed) to the three other servers in our cluster. Our list of user accounts frequently changes as new e-mail accounts are added to the virtual servers created by Virtualmin, and thus new Linux users are added to the system to support these accounts. But remembering to go into the Cluster Users & Groups module to synchronize user changes across servers on a regular basis is not ideal and does not fit well in a system administrator’s role of automating server management processes.
So, does Webmin or Virtualmin have a command-line alternative to syncing users across servers via the Cluster Users & Groups module? If not, is there a way to script the triggering of whatever Webmin does in the user interface to fire off this synchronization?
The idea behind that module is that there will be a single authoritative system. Modifications must be made on that one system and automatically deployed.
But, more importantly, the Cluster modules are not integrated into Virtualmin, and they aren’t very actively maintained (the world in which they were developed is long past…while they still work as they did back then, best practices today look very different). The recommended way to have users distributed across many Virtualmin servers is generally LDAP.
I thought about moving to LDAP for centralized user management across servers but we have about 150 domains on our Virtualmin system right now and Virtualmin, as far as I know anyways, doesn’t really have a good way to move existing users from Unix file storage to LDAP (please correct me if I am wrong here).
Thus, I thought the Cluster Users & Groups module would serve a similar purpose without having to set up and manage a central LDAP server. I did read in the Webmin documentation that updates are supposed to be deployed automatically, but so far I have not seen this in action, probably because of what you said regarding the module not being very well integrated into Virtualmin. So far I have had to run a manual sync of users from my Virtualmin system to the other Webmin systems in the cluster because that was not ran automatically.
Ah, I see. And, no, I don’t know of any easy way to migrate into LDAP from native users.
And, I don’t know of any existing CLI for running the Cluster User and Group sync (I checked, didn’t see anything). It would be easy(ish) to write one, if you have any scripting experience (it’s Perl, but pretty old school Perl…so if you’re comfortable with any kind of shell scripting, it shouldn’t be a huge reach to understand what these old Webmin modules are doing), using the
webmin command as the runner and loading up the
cluster-useradmin-lib.pl as a library. This is the CGI that gets called…reproducing the same function calls using arguments provided on the command line would be easy(ish). webmin/sync.cgi at master · webmin/webmin · GitHub
There are several examples of webmin commands in webmin/bin at master · webmin/webmin · GitHub , if you wanted to make the CLI behave the same as other Webmin CLI commands (at least, the new ones…we still have a bunch of old standalone CLIs that haven’t been ported).
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.