diff --git a/.gitignore b/.gitignore index 8ade3b0..43d3625 100644 --- a/.gitignore +++ b/.gitignore @@ -52,3 +52,6 @@ DEADJOE /state /dockers/paheko/config/config.local.php /dockers/traefik/conf/conf.local.yml +/dockers/ldap/ldifs/ +/dockers/web/autoconfig.yml +/dockers/jirafeau/config/config.local.php diff --git a/dockers/cloud/up.sh b/dockers/cloud/up.sh new file mode 100644 index 0000000..88cbf09 --- /dev/null +++ b/dockers/cloud/up.sh @@ -0,0 +1,102 @@ +#!/bin/bash + +KAZ_ROOT=$(cd $(dirname $0)/../..; pwd) +. "${KAZ_ROOT}/bin/.commonFunctions.sh" +setKazVars +. "${DOCKERS_ENV}" +. $KAZ_ROOT/secret/SetAllPass.sh + + +#"${KAZ_BIN_DIR}/initCloud.sh" + +docker exec -ti -u 33 nextcloudServ /var/www/html/occ app:enable user_ldap +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:delete-config s01 +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:create-empty-config +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapAgentName cn=cloud,ou=applications,${ldap_root} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapAgentPassword ${ldap_LDAP_CLOUD_PASSWORD} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapAgentPassword ${ldap_LDAP_CLOUD_PASSWORD} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapBase ${ldap_root} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapBaseGroups ${ldap_root} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapBaseUsers ou=users,${ldap_root} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapExpertUsernameAttr identifiantKaz +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapHost ${ldapServName} +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapPort 389 +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapTLS 0 +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapLoginFilter "(&(objectclass=nextcloudAccount)(|(cn=%uid)(identifiantKaz=%uid)))" +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapQuotaAttribute nextcloudQuota +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserFilter "(&(objectclass=nextcloudAccount)(nextcloudEnabled=TRUE))" +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserFilterObjectclass nextcloudAccount +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapEmailAttribute mail +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserDisplayName cn +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserFilterMode 1 +docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapConfigurationActive 1 + +# Dans le mariadb, pour permettre au ldap de reprendre la main : delete from oc_users where uid<>'admin'; +# docker exec -i nextcloudDB mysql --user= --password= <<< "delete from oc_users where uid<>'admin';" + +# Doc : https://help.nextcloud.com/t/migration-to-ldap-keeping-users-and-data/13205 + +# Exemple de table/clés : +# +-------------------------------+----------------------------------------------------------+ +# | Configuration | s01 | +# +-------------------------------+----------------------------------------------------------+ +# | hasMemberOfFilterSupport | 0 | +# | homeFolderNamingRule | | +# | lastJpegPhotoLookup | 0 | +# | ldapAgentName | cn=cloud,ou=applications,dc=kaz,dc=sns | +# | ldapAgentPassword | *** | +# | ldapAttributesForGroupSearch | | +# | ldapAttributesForUserSearch | | +# | ldapBackgroundHost | | +# | ldapBackgroundPort | | +# | ldapBackupHost | | +# | ldapBackupPort | | +# | ldapBase | ou=users,dc=kaz,dc=sns | +# | ldapBaseGroups | ou=users,dc=kaz,dc=sns | +# | ldapBaseUsers | ou=users,dc=kaz,dc=sns | +# | ldapCacheTTL | 600 | +# | ldapConfigurationActive | 1 | +# | ldapConnectionTimeout | 15 | +# | ldapDefaultPPolicyDN | | +# | ldapDynamicGroupMemberURL | | +# | ldapEmailAttribute | mail | +# | ldapExperiencedAdmin | 0 | +# | ldapExpertUUIDGroupAttr | | +# | ldapExpertUUIDUserAttr | | +# | ldapExpertUsernameAttr | uid | +# | ldapExtStorageHomeAttribute | | +# | ldapGidNumber | gidNumber | +# | ldapGroupDisplayName | cn | +# | ldapGroupFilter | | +# | ldapGroupFilterGroups | | +# | ldapGroupFilterMode | 0 | +# | ldapGroupFilterObjectclass | | +# | ldapGroupMemberAssocAttr | | +# | ldapHost | ldap | +# | ldapIgnoreNamingRules | | +# | ldapLoginFilter | (&(|(objectclass=nextcloudAccount))(cn=%uid)) | +# | ldapLoginFilterAttributes | | +# | ldapLoginFilterEmail | 0 | +# | ldapLoginFilterMode | 0 | +# | ldapLoginFilterUsername | 1 | +# | ldapMatchingRuleInChainState | unknown | +# | ldapNestedGroups | 0 | +# | ldapOverrideMainServer | | +# | ldapPagingSize | 500 | +# | ldapPort | 389 | +# | ldapQuotaAttribute | nextcloudQuota | +# | ldapQuotaDefault | | +# | ldapTLS | 0 | +# | ldapUserAvatarRule | default | +# | ldapUserDisplayName | cn | +# | ldapUserDisplayName2 | | +# | ldapUserFilter | (&(objectclass=nextcloudAccount)(nextcloudEnabled=TRUE)) | +# | ldapUserFilterGroups | | +# | ldapUserFilterMode | 1 | +# | ldapUserFilterObjectclass | nextcloudAccount | +# | ldapUuidGroupAttribute | auto | +# | ldapUuidUserAttribute | auto | +# | turnOffCertCheck | 0 | +# | turnOnPasswordChange | 0 | +# | useMemberOfToDetectMembership | 1 | +# +-------------------------------+----------------------------------------------------------+ diff --git a/dockers/jirafeau/reload.sh b/dockers/jirafeau/reload.sh new file mode 100755 index 0000000..65dd815 --- /dev/null +++ b/dockers/jirafeau/reload.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# limitation du filter.sh +docker exec jirafeauServ bash -c "cp /var/jirafeauData/*/20241109/*.json /var/jirafeau/lib/locales/" +docker exec jirafeauServ bash -c "cp /var/jirafeauData/*/20241109/*.php /var/jirafeau/" +docker exec jirafeauServ bash -c "mv /var/jirafeau/settings.php /var/jirafeau/lib/" +docker exec jirafeauServ bash -c "mv /var/jirafeau/functions.js.php /var/jirafeau/lib/" diff --git a/dockers/postfix/reload.sh b/dockers/postfix/reload.sh new file mode 100755 index 0000000..298c833 --- /dev/null +++ b/dockers/postfix/reload.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +# limitation du filter.sh +docker exec -it mailServ bash -c "cp /home/filter/config/filter-20241109.sh /home/filter/filter.sh"