aboutsummaryrefslogtreecommitdiffstats
path: root/figures
diff options
context:
space:
mode:
Diffstat (limited to 'figures')
-rw-r--r--figures/Makefile8
-rw-r--r--figures/ldap.tex151
-rw-r--r--figures/network.tex18
3 files changed, 117 insertions, 60 deletions
diff --git a/figures/Makefile b/figures/Makefile
index 0b2fd5a..7c3783b 100644
--- a/figures/Makefile
+++ b/figures/Makefile
@@ -18,17 +18,17 @@ png: $(PNG)
%.svg: %.pdf
- inkscape $*-cropped.pdf --export-plain-svg=$@
+ inkscape $*-trimmed.pdf --export-plain-svg=$@
%.png: %.pdf
-# inkscape $^ --export-area-drawing --export-png=$@
- convert -density 120 -quality 85 $*-cropped.pdf $@
+# inkscape $*-trimmed.pdf --export-area-drawing --export-png=$@
+ convert -density 120 -quality 85 $*-trimmed.pdf $@
%.pdf: %.tex
pdflatex -shell-escape $^
clean:
- rm -rf *.aux *.log *.auxlock network-cropped* ldap-cropped* $(PDF) $(SVG) $(PNG)
+ rm -f *.aux *.log *.auxlock network-trimmed* ldap-trimmed* $(PDF) $(SVG) $(PNG)
wc: $(PDF)
diff --git a/figures/ldap.tex b/figures/ldap.tex
index 123ab83..1d435eb 100644
--- a/figures/ldap.tex
+++ b/figures/ldap.tex
@@ -5,49 +5,73 @@
\usepackage{array}
\usepackage{ae}
\usepackage{tikz}
-\usetikzlibrary{trees,calc,external}
+\usetikzlibrary{trees,fit,shapes,calc,external}
+\tikzset{external/force remake}
\tikzexternalize
\def\dn#1{\texttt{#1}}
-\newenvironment{entry}[1]
- {\begin{minipage}[t][0pt][t]{10cm}
- \texttt{#1}
- \\[.1\baselineskip] \phantom{cn=}%
- \begin{tabular}[!t]{@{}>{\ttfamily\bgroup}l<{\egroup}@{:~}%
- >{\sffamily\bgroup}l<{\egroup}@{}}%
- }
- { \end{tabular}
- \end{minipage}}
-
-\tikzset{
- ldaptree/.style = {
- grow via three points={one child at (1cm,-1.5\baselineskip) and two children at (1cm,-1.5\baselineskip) and (1cm,-3\baselineskip)},
- growth parent anchor=south west,
- edge from parent path={($(\tikzparentnode.south west)+(2.5ex,0)$) |- (\tikzchildnode.west)},
- },
- every node/.style = {anchor=west},
- dn/.style = {font=\ttfamily}
+\newenvironment{entry}[1]{%
+ \begin{tabular}[t]{@{}l@{}}
+ \dn{#1}
+ \\[.1\baselineskip] \phantom{cn=}%
+ \begin{tabular}{@{}>{\ttfamily\bgroup}l<{\egroup:}@{~}%
+ >{\sffamily\bgroup}l<{\egroup}@{}}%
+}{%
+ \end{tabular}
+ \end{tabular}
+}
+
+\tikzstyle{ldaptree} = [%
+ anchor=west,
+ grow via three points={one child at (1cm,-1.5\baselineskip) and two children at (1cm,-1.5\baselineskip) and (1cm,-3\baselineskip)},
+ growth parent anchor=south west,
+ edge from parent path={($(\tikzparentnode.south west)+(2.5ex,0)$) |- (\tikzchildnode.mid west)
+},
+ edge from parent/.style = {draw=black!20}
+]
+
+
+\tikzstyle{entry} = [line width=1pt,dashed,rounded corners]
+\tikzstyle{manager} = [entry,fill=red!30,draw=red]
+\tikzstyle{service} = [entry,fill=blue!30,draw=blue]
+\tikzstyle{vdomain} = [entry,fill=green!30,draw=green]
+\tikzstyle{valias} = [vdomain]
+\tikzstyle{vuser} = [vdomain]
+\tikzstyle{dn} = [font=\ttfamily]
+\tikzstyle{ACL} = [line width=1.5pt,fill=none,solid]
+
+\pgfdeclarelayer{background}
+\pgfdeclarelayer{foreground}
+\pgfsetlayers{background,main,foreground}
+
+
+\def\noSSHA{%
+ \tikz[baseline,anchor=text,inner sep=0,outer sep=0]
+ \node [anchor=text,service,ACL,cross out,draw opacity=.75]
+ {\{SSHA\}xxxxxx};
}
\thispagestyle{empty}
\begin{document}
-\tikzsetnextfilename{ldap-cropped}
+
+\centering
+\tikzsetnextfilename{ldap-trimmed}
\begin{tikzpicture}[ldaptree]
\node[dn] { {o=mailhosting,dc=fripost,dc=org} }
child {
node[dn] { ou=managers }
child {
- node {
+ node[manager] (gustav) {
\begin{entry}{cn=gustav}
userPassword & \{SSHA\}xxxxxx
\end{entry}
}
}
child [missing] {}
- child[dn] {
- node {
+ child {
+ node[manager] (ljo) {
\begin{entry}{cn=ljo}
userPassword & \dots
\end{entry}
@@ -61,7 +85,7 @@
child {
node[dn] { ou=services }
child {
- node {
+ node[service] (SMTP) {
\begin{entry}{cn=SMTP}
userPassword & \{SSHA\}xxxxxx
\end{entry}
@@ -69,7 +93,7 @@
}
child [missing] {}
child {
- node {
+ node[service] (SASLauth) {
\begin{entry}{cn=SASLauth}
userPassword & \dots
\end{entry}
@@ -81,17 +105,16 @@
child [missing] {}
child [missing] {}
child {
- node[dn] { ou=virtual }
+ node[dn] (virtual) { ou=virtual }
child {
- node {
+ node[vdomain] {
\begin{entry}{dc=fripost.org}
isActive & TRUE
\end{entry}
- }
- child [missing] {}
- child
+ } [every child node/.style={yshift=-\baselineskip}]
+ child
{
- node {
+ node[valias] {
\begin{entry}{mailTarget=user@fripost.org}
mailLocalAddress & user-alias \\
isActive & TRUE
@@ -99,23 +122,22 @@
}
}
child [missing] {}
- child [missing] {}
child
- { node { \dn{mailTarget=\dots} }
+ { node[valias] { \dn{mailTarget=\dots} }
}
+ child [missing] {}
child
{
- node {
+ node[vuser] (user-fripost-org) {
\begin{entry}{uid=user}
- userPassword & \{SSHA\}xxxxxx \\
+ userPassword & \noSSHA \\
isactive & TRUE
\end{entry}
}
}
child [missing] {}
- child [missing] {}
child
- { node { \dn{uid=\dots} }
+ { node[vuser] { \dn{uid=\dots} }
}
}
child [missing] {}
@@ -129,16 +151,15 @@
child [missing] {}
child [missing] {}
child {
- node {
+ node[vdomain] (example-org) {
\begin{entry}{dc=example.org}
owner & \texttt{uid=user,dc=fripost.org,ou=virtual,\dots} \\
isActive & TRUE
\end{entry}
- }
- child [missing] {}
+ } [every child node/.style={yshift=-\baselineskip}]
child
{
- node {
+ node[valias] {
\begin{entry}{mailTarget=user@fripost.org}
mailLocalAddress & user \\
isActive & TRUE
@@ -146,15 +167,57 @@
}
}
child [missing] {}
- child [missing] {}
child
- { node { \dn{mailTarget=\dots} }
+ { node[valias] { \dn{mailTarget=\dots} }
}
child
- { node { \dn{uid=\dots} }
+ { node[vuser] (example-org-uid-etc) { \dn{uid=\dots} }
}
}
};
+
+\begin{pgfonlayer}{background}
+ \node[fit=(example-org)(example-org-uid-etc),inner sep=3pt,
+ fill=yellow!50, opacity=.3, rounded corners, draw, dashed]
+ (example-org-fit) {};
+
+ \node[fit=(virtual)(example-org-fit),inner sep=3pt,
+ fill=yellow!50, opacity=.3, rounded corners, draw, dashed]
+ (virtual-fit) {};
+\end{pgfonlayer}
+\tikzset{trim left=0,trim right=(virtual-fit.east)}
+
+\draw[->,manager,ACL]
+ (gustav.north east)
+ .. controls +(0:5cm) and +(45:4cm) ..
+ (virtual-fit.north east)
+ node[pos=.3,above,sloped] {read, write};
+\draw[->,manager,ACL]
+ (ljo.north east)
+ .. controls +(0:5cm) and +(45:4cm) ..
+ (virtual-fit.north east);
+
+\draw[->,vuser,ACL]
+ (user-fripost-org.north east)
+ .. controls +(45:3cm) and +(45:3cm) ..
+ (example-org-fit.north east)
+ node[pos=.5,above,sloped] {read, write};
+
+\draw[->,vuser,ACL]
+ (user-fripost-org.north west)
+ .. controls +(135:1cm) and +(180:3cm) ..
+ ($(user-fripost-org.mid west)+(2em,-\baselineskip)$)
+ node[pos=.5,above,sloped] {write};
+
+\draw[->,service,ACL]
+ (SMTP.north west)
+ .. controls +(180:6cm) and +(180:5cm) ..
+ (virtual-fit.west)
+ node[pos=.45,above,sloped] {read};
+\draw[->,service,ACL]
+ (SASLauth.north west)
+ .. controls +(180:5cm) and +(180:4cm) ..
+ (virtual-fit.west);
\end{tikzpicture}
\end{document}
diff --git a/figures/network.tex b/figures/network.tex
index 6cebbf8..8be726a 100644
--- a/figures/network.tex
+++ b/figures/network.tex
@@ -6,11 +6,7 @@
\usepackage{ae}
\usepackage{tikz}
\usetikzlibrary{shadows,positioning,calc,fit,fadings,external}
-
-\tikzset{%
- external/optimize command away=\withCurrentBoundingBox
-}
-\def\withCurrentBoundingBox{\pgfusepath{use as bounding box}}
+\tikzset{external/force remake}
\tikzexternalize
\newcommand{\machine}[2][]{
@@ -73,8 +69,8 @@
\centering
\vspace*{\fill}
-\tikzsetnextfilename{network-cropped}
-\begin{tikzpicture}
+\tikzsetnextfilename{network-trimmed}
+\begin{tikzpicture}[trim left=10cm, trim right=10cm]
\begin{scope}[node distance=5pt]
% The member's machine
@@ -116,7 +112,6 @@
\machine[gnu]{ (MSA) (MTA) }
\end{scope}
- \withCurrentBoundingBox
\begin{pgfonlayer}{background}
\begin{scope}
@@ -181,8 +176,8 @@
(SMTP-client.north)
.. controls +(0,5cm) and +(-5cm,0) ..
($0.5*(SMTP-server)+0.5*(LDAP-consumer)+(0,1.5cm)$)
- node[pos=1,above,proto] {ESMTPSA}
- node[pos=1,below,what] {\texttt{sendmail}}
+ node[pos=.5,above,proto] {ESMTPSA}
+ node[pos=.5,below,what] {\texttt{sendmail}}
.. controls +(5cm,0) and +(0,5cm) ..
(MSA.north)
node[pos=0.985,above,port] {587};
@@ -208,8 +203,7 @@
.. controls +(30:8cm) and +(0,-2.5cm) ..
(LDAP-producer.south)
node[pos=0.5,above,proto] {LDAP \textnormal{(over \texttt{SSH})}}
- node[pos=0.15,above,what] {auth. bind to}
- node[pos=0.15,below,what] {mod. password}
+ node[pos=0.15,below,what] {mod. \texttt{userPassword}}
node[pos=0.96,above,port] {389};
\draw[->,route] (MSA) edge