From ec16cdfe920a6014958eec7456dc435b713b1fb1 Mon Sep 17 00:00:00 2001 From: Gael Date: Thu, 31 Jul 2025 06:16:36 +0200 Subject: [PATCH] Quelques appels restants + script de migration --- bin/ldap/ldap_sauve.sh | 1 - bin/ldap/tests/nc_orphans.sh | 1 - bin/manageAgora.sh | 1 - bin/manageCastopod.sh | 1 - bin/manageCloud.sh | 1 - bin/manageWiki.sh | 1 - bin/manageWp.sh | 1 - bin/migGestionMotsDePasse.sh | 63 ++++++++++++++++++++++ bin/migVersProdX.sh | 1 - bin/nextcloud_maintenance.sh | 1 - bin/postfix-superviz.sh | 1 - bin/verifExistenceMails.sh | 1 - dockers/castopod/first.sh | 1 - dockers/cloud/first.sh | 1 - dockers/cloud/up.sh | 102 ----------------------------------- dockers/mattermost/first.sh | 1 - dockers/sympa/first.sh | 1 - 17 files changed, 63 insertions(+), 117 deletions(-) create mode 100644 bin/migGestionMotsDePasse.sh delete mode 100644 dockers/cloud/up.sh diff --git a/bin/ldap/ldap_sauve.sh b/bin/ldap/ldap_sauve.sh index ca138be..9c63893 100755 --- a/bin/ldap/ldap_sauve.sh +++ b/bin/ldap/ldap_sauve.sh @@ -7,6 +7,5 @@ setKazVars FILE_LDIF=/home/sauve/ldap.ldif . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh docker exec -u 0 -i ${ldapServName} slapcat -F /opt/bitnami/openldap/etc/slapd.d -b ${ldap_root} | gzip >${FILE_LDIF}.gz diff --git a/bin/ldap/tests/nc_orphans.sh b/bin/ldap/tests/nc_orphans.sh index 3881502..ece655e 100755 --- a/bin/ldap/tests/nc_orphans.sh +++ b/bin/ldap/tests/nc_orphans.sh @@ -5,7 +5,6 @@ KAZ_ROOT=/kaz setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh . $KAZ_BIN_DIR/getPasswords.sh ldapServ nextcloudDB LDAP_IP=$(docker inspect -f '{{.NetworkSettings.Networks.ldapNet.IPAddress}}' ldapServ) diff --git a/bin/manageAgora.sh b/bin/manageAgora.sh index 3e4c5ec..6d5af9c 100755 --- a/bin/manageAgora.sh +++ b/bin/manageAgora.sh @@ -7,7 +7,6 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) . $KAZ_ROOT/bin/.commonFunctions.sh setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh #GLOBAL VARS PRG=$(basename $0) diff --git a/bin/manageCastopod.sh b/bin/manageCastopod.sh index 5464d2a..dce9ba8 100755 --- a/bin/manageCastopod.sh +++ b/bin/manageCastopod.sh @@ -7,7 +7,6 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) . $KAZ_ROOT/bin/.commonFunctions.sh setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh #GLOBAL VARS PRG=$(basename $0) diff --git a/bin/manageCloud.sh b/bin/manageCloud.sh index 32bbd40..ea173b6 100755 --- a/bin/manageCloud.sh +++ b/bin/manageCloud.sh @@ -7,7 +7,6 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) . $KAZ_ROOT/bin/.commonFunctions.sh setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh #GLOBAL VARS PRG=$(basename $0) diff --git a/bin/manageWiki.sh b/bin/manageWiki.sh index 69c0bf6..3f7d693 100755 --- a/bin/manageWiki.sh +++ b/bin/manageWiki.sh @@ -7,7 +7,6 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) . $KAZ_ROOT/bin/.commonFunctions.sh setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh #GLOBAL VARS PRG=$(basename $0) diff --git a/bin/manageWp.sh b/bin/manageWp.sh index 155466b..b404a2c 100755 --- a/bin/manageWp.sh +++ b/bin/manageWp.sh @@ -7,7 +7,6 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) . $KAZ_ROOT/bin/.commonFunctions.sh setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh #GLOBAL VARS PRG=$(basename $0) diff --git a/bin/migGestionMotsDePasse.sh b/bin/migGestionMotsDePasse.sh new file mode 100644 index 0000000..4b761db --- /dev/null +++ b/bin/migGestionMotsDePasse.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) +. $KAZ_ROOT/bin/.commonFunctions.sh +setKazVars +. $DOCKERS_ENV +. $KAZ_ROOT/secret/SetAllPass.sh + +newenvfile=$KAZ_KEY_DIR/env-mattermostAdmin +touch $newenvfile +echo "mattermost_user=$mattermost_user" >> $newenvfile +echo "mattermost_pass=$mattermost_pass" >> $newenvfile +echo "mattermost_token=$mattermost_token" >> $newenvfile + + +echo "EMAIL_CONTACT=$EMAIL_CONTACT" >> $DOCKERS_ENV + + +newenvfile=$KAZ_KEY_DIR/env-paheko +touch $newenvfile +echo "API_USER=$paheko_API_USER" >> $newenvfile +echo "API_PASSWORD=$paheko_API_PASSWORD" >> $newenvfile + + + +newenvfile=$KAZ_KEY_DIR/env-mail +touch $newenvfile +echo "service_mail=$service_mail" >> $newenvfile +echo "service_password=$service_password" >> $newenvfile + + +newenvfile=$KAZ_KEY_DIR/env-borg +# touch $newenvfile à priori il existe déjà +echo "BORG_REPO=$BORG_REPO" >> $newenvfile +echo "BORG_PASSPHRASE=$BORG_PASSPHRASE" >> $newenvfile +echo "VOLUME_SAUVEGARDES=$VOLUME_SAUVEGARDES" >> $newenvfile +echo "MAIL_RAPPORT=$MAIL_RAPPORT" >> $newenvfile +echo "BORGMOUNT=$BORGMOUNT" >> $newenvfile + + +newenvfile=$KAZ_KEY_DIR/env-traefik +touch $newenvfile +echo "DASHBOARD_USER=$traefik_DASHBOARD_USER" >> $newenvfile +echo "DASHBOARD_PASSWORD=$traefik_DASHBOARD_PASSWORD" >> $newenvfile + + + +##################### +# Castopod +# A COPIER DANS UN FICHIER DE CONF !! castopodAdmin + +newenvfile=$KAZ_KEY_DIR/env-castopodAdmin +touch $newenvfile +echo "ADMIN_USER=$castopod_ADMIN_USER" >> $newenvfile +echo "ADMIN_MAIL=$castopod_ADMIN_MAIL" >> $newenvfile +echo "ADMIN_PASSWORD=$castopod_ADMIN_PASSWORD" >> $newenvfile + + +# creation dossier pour les env des orgas +mkdir $KAZ_KEY_DIR/orgas + + +echo "C'est parfait, vous pouvez git pull puis supprimer SetAllPass.sh" \ No newline at end of file diff --git a/bin/migVersProdX.sh b/bin/migVersProdX.sh index a85ca32..9d6803e 100755 --- a/bin/migVersProdX.sh +++ b/bin/migVersProdX.sh @@ -9,7 +9,6 @@ KAZ_ROOT=$(cd "$(dirname $0)/.."; pwd) setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh . $KAZ_ROOT/secret/env-kaz diff --git a/bin/nextcloud_maintenance.sh b/bin/nextcloud_maintenance.sh index 6c940b4..3e3561f 100755 --- a/bin/nextcloud_maintenance.sh +++ b/bin/nextcloud_maintenance.sh @@ -4,7 +4,6 @@ KAZ_ROOT=/kaz . $KAZ_ROOT/bin/.commonFunctions.sh setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh URL_AGORA=https://$matterHost.$domain/api/v4 EQUIPE=kaz diff --git a/bin/postfix-superviz.sh b/bin/postfix-superviz.sh index 4b7b952..39f6efa 100755 --- a/bin/postfix-superviz.sh +++ b/bin/postfix-superviz.sh @@ -6,7 +6,6 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd) setKazVars . $DOCKERS_ENV -. $KAZ_ROOT/secret/SetAllPass.sh URL_AGORA=$(echo $matterHost).$(echo $domain) MAX_QUEUE=50 diff --git a/bin/verifExistenceMails.sh b/bin/verifExistenceMails.sh index d87ff63..52adb2d 100755 --- a/bin/verifExistenceMails.sh +++ b/bin/verifExistenceMails.sh @@ -12,7 +12,6 @@ setKazVars cd $(dirname $0)/.. . "${DOCKERS_ENV}" -. "${KAZ_KEY_DIR}/SetAllPass.sh" DOCK_DIR=$KAZ_COMP_DIR diff --git a/dockers/castopod/first.sh b/dockers/castopod/first.sh index 4e8a6a0..09fd422 100755 --- a/dockers/castopod/first.sh +++ b/dockers/castopod/first.sh @@ -6,7 +6,6 @@ setKazVars cd $(dirname $0) . "${DOCKERS_ENV}" -. "${KAZ_KEY_DIR}/SetAllPass.sh" "${KAZ_BIN_DIR}/gestContainers.sh" --install -M -castopod diff --git a/dockers/cloud/first.sh b/dockers/cloud/first.sh index cab49a8..2a6a38f 100755 --- a/dockers/cloud/first.sh +++ b/dockers/cloud/first.sh @@ -4,7 +4,6 @@ KAZ_ROOT=$(cd $(dirname $0)/../..; pwd) . "${KAZ_ROOT}/bin/.commonFunctions.sh" setKazVars . "${DOCKERS_ENV}" -. $KAZ_ROOT/secret/SetAllPass.sh ${KAZ_BIN_DIR}/gestContainers.sh --install -M -cloud diff --git a/dockers/cloud/up.sh b/dockers/cloud/up.sh deleted file mode 100644 index 88cbf09..0000000 --- a/dockers/cloud/up.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/bash - -KAZ_ROOT=$(cd $(dirname $0)/../..; pwd) -. "${KAZ_ROOT}/bin/.commonFunctions.sh" -setKazVars -. "${DOCKERS_ENV}" -. $KAZ_ROOT/secret/SetAllPass.sh - - -#"${KAZ_BIN_DIR}/initCloud.sh" - -docker exec -ti -u 33 nextcloudServ /var/www/html/occ app:enable user_ldap -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:delete-config s01 -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:create-empty-config -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapAgentName cn=cloud,ou=applications,${ldap_root} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapAgentPassword ${ldap_LDAP_CLOUD_PASSWORD} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapAgentPassword ${ldap_LDAP_CLOUD_PASSWORD} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapBase ${ldap_root} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapBaseGroups ${ldap_root} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapBaseUsers ou=users,${ldap_root} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapExpertUsernameAttr identifiantKaz -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapHost ${ldapServName} -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapPort 389 -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapTLS 0 -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapLoginFilter "(&(objectclass=nextcloudAccount)(|(cn=%uid)(identifiantKaz=%uid)))" -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapQuotaAttribute nextcloudQuota -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserFilter "(&(objectclass=nextcloudAccount)(nextcloudEnabled=TRUE))" -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserFilterObjectclass nextcloudAccount -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapEmailAttribute mail -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserDisplayName cn -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapUserFilterMode 1 -docker exec -ti -u 33 nextcloudServ /var/www/html/occ ldap:set-config s01 ldapConfigurationActive 1 - -# Dans le mariadb, pour permettre au ldap de reprendre la main : delete from oc_users where uid<>'admin'; -# docker exec -i nextcloudDB mysql --user= --password= <<< "delete from oc_users where uid<>'admin';" - -# Doc : https://help.nextcloud.com/t/migration-to-ldap-keeping-users-and-data/13205 - -# Exemple de table/clés : -# +-------------------------------+----------------------------------------------------------+ -# | Configuration | s01 | -# +-------------------------------+----------------------------------------------------------+ -# | hasMemberOfFilterSupport | 0 | -# | homeFolderNamingRule | | -# | lastJpegPhotoLookup | 0 | -# | ldapAgentName | cn=cloud,ou=applications,dc=kaz,dc=sns | -# | ldapAgentPassword | *** | -# | ldapAttributesForGroupSearch | | -# | ldapAttributesForUserSearch | | -# | ldapBackgroundHost | | -# | ldapBackgroundPort | | -# | ldapBackupHost | | -# | ldapBackupPort | | -# | ldapBase | ou=users,dc=kaz,dc=sns | -# | ldapBaseGroups | ou=users,dc=kaz,dc=sns | -# | ldapBaseUsers | ou=users,dc=kaz,dc=sns | -# | ldapCacheTTL | 600 | -# | ldapConfigurationActive | 1 | -# | ldapConnectionTimeout | 15 | -# | ldapDefaultPPolicyDN | | -# | ldapDynamicGroupMemberURL | | -# | ldapEmailAttribute | mail | -# | ldapExperiencedAdmin | 0 | -# | ldapExpertUUIDGroupAttr | | -# | ldapExpertUUIDUserAttr | | -# | ldapExpertUsernameAttr | uid | -# | ldapExtStorageHomeAttribute | | -# | ldapGidNumber | gidNumber | -# | ldapGroupDisplayName | cn | -# | ldapGroupFilter | | -# | ldapGroupFilterGroups | | -# | ldapGroupFilterMode | 0 | -# | ldapGroupFilterObjectclass | | -# | ldapGroupMemberAssocAttr | | -# | ldapHost | ldap | -# | ldapIgnoreNamingRules | | -# | ldapLoginFilter | (&(|(objectclass=nextcloudAccount))(cn=%uid)) | -# | ldapLoginFilterAttributes | | -# | ldapLoginFilterEmail | 0 | -# | ldapLoginFilterMode | 0 | -# | ldapLoginFilterUsername | 1 | -# | ldapMatchingRuleInChainState | unknown | -# | ldapNestedGroups | 0 | -# | ldapOverrideMainServer | | -# | ldapPagingSize | 500 | -# | ldapPort | 389 | -# | ldapQuotaAttribute | nextcloudQuota | -# | ldapQuotaDefault | | -# | ldapTLS | 0 | -# | ldapUserAvatarRule | default | -# | ldapUserDisplayName | cn | -# | ldapUserDisplayName2 | | -# | ldapUserFilter | (&(objectclass=nextcloudAccount)(nextcloudEnabled=TRUE)) | -# | ldapUserFilterGroups | | -# | ldapUserFilterMode | 1 | -# | ldapUserFilterObjectclass | nextcloudAccount | -# | ldapUuidGroupAttribute | auto | -# | ldapUuidUserAttribute | auto | -# | turnOffCertCheck | 0 | -# | turnOnPasswordChange | 0 | -# | useMemberOfToDetectMembership | 1 | -# +-------------------------------+----------------------------------------------------------+ diff --git a/dockers/mattermost/first.sh b/dockers/mattermost/first.sh index 46b81be..8700697 100755 --- a/dockers/mattermost/first.sh +++ b/dockers/mattermost/first.sh @@ -6,7 +6,6 @@ setKazVars cd $(dirname $0) . "${DOCKERS_ENV}" -. "${KAZ_KEY_DIR}/SetAllPass.sh" "${KAZ_BIN_DIR}/gestContainers.sh" --install -M -agora diff --git a/dockers/sympa/first.sh b/dockers/sympa/first.sh index 8d97699..3ec056c 100755 --- a/dockers/sympa/first.sh +++ b/dockers/sympa/first.sh @@ -6,7 +6,6 @@ setKazVars cd $(dirname $0) . "${DOCKERS_ENV}" -. "${KAZ_KEY_DIR}/SetAllPass.sh" DockerServName="${sympaServName}"