Pb fin de lignes windows ...

This reverts commit 3bf952b57f.

bin/container.sh

@@ -180,59 +180,59 @@ saveComposes () {
 	    ;;
 	    sympa)
        		echo "save sympa"
-		. $KAZ_BIN_DIR/getPasswords.sh sympaDB
+		. $KAZ_KEY_DIR/env-sympaDB
-		saveDB ${sympaDBName} "${sympaDB_MYSQL_USER}" "${sympaDB_MYSQL_PASSWORD}" "${sympaDB_MYSQL_DATABASE}" sympa mysql
+		saveDB ${sympaDBName} "${DB_MYSQL_USER}" "${DB_MYSQL_PASSWORD}" "${DB_MYSQL_DATABASE}" sympa mysql
 		;;
 	    web)
 		# rien à faire (fichiers)
 		;;
 	    etherpad)
 		echo "save pad"
-		. $KAZ_BIN_DIR/getPasswords.sh etherpadDB
+		. $KAZ_KEY_DIR/env-etherpadDB
-		saveDB ${etherpadDBName} "${etherpadDB_MYSQL_USER}" "${etherpadDB_MYSQL_PASSWORD}" "${etherpadDB_MYSQL_DATABASE}" etherpad mysql
+		saveDB ${etherpadDBName} "${DB_MYSQL_USER}" "${DB_MYSQL_PASSWORD}" "${DB_MYSQL_DATABASE}" etherpad mysql
 		;;
 	    framadate)
 		echo "save date"
-		. $KAZ_BIN_DIR/getPasswords.sh framadateDB
+		. $KAZ_KEY_DIR/env-framadateDB
-		saveDB ${framadateDBName} "${framadateDB_MYSQL_USER}" "${framadateDB_MYSQL_PASSWORD}" "${framadateDB_MYSQL_DATABASE}" framadate mysql
+		saveDB ${framadateDBName} "${DB_MYSQL_USER}" "${DB_MYSQL_PASSWORD}" "${DB_MYSQL_DATABASE}" framadate mysql
 		;;
 	    cloud)
 		echo "save cloud"
-		. $KAZ_BIN_DIR/getPasswords.sh nextcloudDB
+		. $KAZ_KEY_DIR/env-nextcloudDB
-		saveDB ${nextcloudDBName} "${nextcloudDB_MYSQL_USER}" "${nextcloudDB_MYSQL_PASSWORD}" "${nextcloudDB_MYSQL_DATABASE}" nextcloud mysql
+		saveDB ${nextcloudDBName} "${DB_MYSQL_USER}" "${DB_MYSQL_PASSWORD}" "${DB_MYSQL_DATABASE}" nextcloud mysql
 		;;
 	    paheko)
 		# rien à faire (fichiers)
 		;;		
 	    mattermost)
 		echo "save mattermost"
-		. $KAZ_BIN_DIR/getPasswords.sh mattermostDB
+		. $KAZ_KEY_DIR/env-mattermostDB
-		saveDB matterPG "${mattermostDB_POSTGRES_USER}" "${mattermostDB_POSTGRES_PASSWORD}" "${mattermostDB_POSTGRES_DB}" mattermost postgres
+		saveDB matterPG "${DB_POSTGRES_USER}" "${DB_POSTGRES_PASSWORD}" "${DB_POSTGRES_DB}" mattermost postgres
 		;;
 	    mobilizon)
 		echo "save mobilizon"
-		. $KAZ_BIN_DIR/getPasswords.sh mobilizonDB
+		. $KAZ_KEY_DIR/env-mobilizonDB
-		saveDB ${mobilizonDBName} "${mobilizonDB_POSTGRES_USER}" "${mobilizonDB_POSTGRES_PASSWORD}" "${mobilizonDB_POSTGRES_DB}" mobilizon postgres
+		saveDB ${mobilizonDBName} "${DB_POSTGRES_USER}" "${DB_POSTGRES_PASSWORD}" "${DB_POSTGRES_DB}" mobilizon postgres
 		;;
 	    peertube)
 		echo "save peertube"
-		. $KAZ_BIN_DIR/getPasswords.sh peertubeDB
+		. $KAZ_KEY_DIR/env-peertubeDB
-		saveDB ${peertubeDBName} "${peertubeDB_POSTGRES_USER}" "${peertubeDB_POSTGRES_PASSWORD}" "${peertubeDB_PEERTUBE_DB_HOSTNAME}" peertube postgres
+		saveDB ${peertubeDBName} "${DB_POSTGRES_USER}" "${DB_POSTGRES_PASSWORD}" "${DB_PEERTUBE_DB_HOSTNAME}" peertube postgres
 		;;
 	    mastodon)
 		echo "save mastodon"
-		. $KAZ_BIN_DIR/getPasswords.sh mastodonDB
+		. $KAZ_KEY_DIR/env-mastodonDB
-		saveDB ${mastodonDBName} "${mastodonDB_POSTGRES_USER}" "${mastodonDB_POSTGRES_PASSWORD}" "${mastodonDB_POSTGRES_DB}" mastodon postgres
+		saveDB ${mastodonDBName} "${DB_POSTGRES_USER}" "${DB_POSTGRES_PASSWORD}" "${DB_POSTGRES_DB}" mastodon postgres
 		;;
 	    roundcube)
 		echo "save roundcube"
-		. $KAZ_BIN_DIR/getPasswords.sh roundcubeDB
+		. $KAZ_KEY_DIR/env-roundcubeDB
-		saveDB ${roundcubeDBName} "${roundcubeDB_MYSQL_USER}" "${roundcubeDB_MYSQL_PASSWORD}" "${roundcubeDB_MYSQL_DATABASE}" roundcube mysql
+		saveDB ${roundcubeDBName} "${DB_MYSQL_USER}" "${DB_MYSQL_PASSWORD}" "${DB_MYSQL_DATABASE}" roundcube mysql
 		;;	
 	    vaultwarden)
 		echo "save vaultwarden"
-		. $KAZ_BIN_DIR/getPasswords.sh vaultwardenDB
+		. $KAZ_KEY_DIR/env-vaultwardenDB
-		saveDB ${vaultwardenDBName} "${vaultwardenDB_MYSQL_USER}" "${vaultwardenDB_MYSQL_PASSWORD}" "${vaultwardenDB_MYSQL_DATABASE}" vaultwarden mysql
+		saveDB ${vaultwardenDBName} "${DB_MYSQL_USER}" "${DB_MYSQL_PASSWORD}" "${DB_MYSQL_DATABASE}" vaultwarden mysql
 		;;
 	    dokuwiki)
 		# rien à faire (fichiers)

bin/createDBUsers.sh

@@ -36,13 +36,14 @@ framadateUpdate(){
     if [ ! -f "${DOCK_LIB}/volumes/framadate_dateConfig/_data/config.php" ]; then
 	return 0
     fi
-	.$KAZ_BIN_DIR/getPasswords.sh framadateDB framadateServ
+	. $KAZ_KEY_DIR/env-framadateDB 
+    . $KAZ_KEY_DIR/env-framadateServ
     
     checkDockerRunning "${framadateServName}" "Framadate" &&
-	${SIMU} docker exec -ti "${framadateServName}" bash -c -i "htpasswd -bc /var/framadate/admin/.htpasswd ${framadateServ_HTTPD_USER} ${framadateServ_HTTPD_PASSWORD}"
+	${SIMU} docker exec -ti "${framadateServName}" bash -c -i "htpasswd -bc /var/framadate/admin/.htpasswd ${HTTPD_USER} ${HTTPD_PASSWORD}"
     ${SIMU} sed -i \
-	    -e "s/^#*const DB_USER[ ]*=.*$/const DB_USER= '${framadateDB_MYSQL_USER}';/g" \
+	    -e "s/^#*const DB_USER[ ]*=.*$/const DB_USER= '${DB_MYSQL_USER}';/g" \
-	    -e "s/^#*const DB_PASSWORD[ ]*=.*$/const DB_PASSWORD= '${framadateDB_MYSQL_PASSWORD}';/g" \
+	    -e "s/^#*const DB_PASSWORD[ ]*=.*$/const DB_PASSWORD= '${DB_MYSQL_PASSWORD}';/g" \
 	    "${DOCK_LIB}/volumes/framadate_dateConfig/_data/config.php"
 }
 
@@ -51,8 +52,8 @@ jirafeauUpdate(){
     if [ ! -f "${DOCK_LIB}/volumes/jirafeau_fileConfig/_data/config.local.php" ]; then
 	return 0
     fi
-	. $KAZ_BIN_DIR/getPasswords.sh jirafeauServ
+	. $KAZ_KEY_DIR/env-jirafeauServ
-    SHA=$(echo -n "${jirafeauServ_HTTPD_PASSWORD}" | sha256sum | cut -d \  -f 1)
+    SHA=$(echo -n "${_HTTPD_PASSWORD}" | sha256sum | cut -d \  -f 1)
     ${SIMU} sed -i \
 	    -e "s/'admin_password'[ ]*=>[ ]*'[^']*'/'admin_password' => '${SHA}'/g" \
 	    "${DOCK_LIB}/volumes/jirafeau_fileConfig/_data/config.local.php"

bin/createUser.sh

@@ -39,7 +39,9 @@ cd "${KAZ_ROOT}"
 . "${DOCKERS_ENV}"
 
 
-. $KAZ_BIN_DIR/getPasswords.sh ldapServ sympaServ paheko
+. $KAZ_KEY_DIR/env-ldapServ 
+. $KAZ_KEY_DIR/env-sympaServ 
+. $KAZ_KEY_DIR/env-paheko
 
 # DOCK_DIR="${KAZ_COMP_DIR}" # ???
 
@@ -73,7 +75,7 @@ URL_LISTE="${sympaHost}.${domain}"
 URL_AGORA="${matterHost}.${domain}"
 URL_MDP="${ldapUIHost}.${domain}"
 # URL_PAHEKO="kaz-${pahekoHost}.${domain}"
-URL_PAHEKO="${httpProto}://${paheko_API_USER}:${paheko_API_PASSWORD}@kaz-paheko.${domain}"
+URL_PAHEKO="${httpProto}://${API_USER}:${API_PASSWORD}@kaz-paheko.${domain}"
 
 availableProxyComposes=($(getList "${KAZ_CONF_DIR}/container-proxy.list"))
 
@@ -208,7 +210,7 @@ for i in "${CMD_LOGIN}" "${CMD_SYMPA}" "${CMD_ORGA}" "${CMD_PROXY}" "${CMD_FIRST
 done
 
 echo "numero,nom,quota_disque,action_auto" > "${TEMP_PAHEKO}"
-echo "curl \"https://${paheko_API_USER}:${paheko_API_PASSWORD}@kaz-paheko.kaz.bzh/api/user/import\" -T \"${TEMP_PAHEKO}\"" >> "${CMD_PAHEKO}"
+echo "curl \"https://${API_USER}:${API_PASSWORD}@kaz-paheko.kaz.bzh/api/user/import\" -T \"${TEMP_PAHEKO}\"" >> "${CMD_PAHEKO}"
 
 echo "on récupère tous les emails (secours/alias/kaz) sur le ldap"
 FILE_LDIF=/home/sauve/ldap.ldif
@@ -396,9 +398,9 @@ nextcloudEnabled: TRUE\n\
 nextcloudQuota: ${QUOTA} GB\n\
 mobilizonEnabled: TRUE\n\
 agoraEnabled: TRUE\n\
-userPassword: {CRYPT}${pass}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}\" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}" | tee -a "${CMD_LOGIN}"
+userPassword: {CRYPT}${pass}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=${LDAP_ADMIN_USERNAME},${ldap_root}\" -x -w ${LDAP_ADMIN_PASSWORD}" | tee -a "${CMD_LOGIN}"
     fi
-#userPassword: {CRYPT}\$6\$${pass}\n\n\" | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=${ldapServ_LDAP_CONFIG_ADMIN_USERNAME},${ldap_root}\" -x -w ${ldapServ_LDAP_CONFIG_ADMIN_PASSWORD}" | tee -a "${CMD_LOGIN}"
+#userPassword: {CRYPT}\$6\$${pass}\n\n\" | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=${LDAP_CONFIG_ADMIN_USERNAME},${ldap_root}\" -x -w ${LDAP_CONFIG_ADMIN_PASSWORD}" | tee -a "${CMD_LOGIN}"
 
     CREATE_ORGA_SERVICES=""
 
@@ -490,8 +492,8 @@ userPassword: {CRYPT}${pass}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=$
 
 	# TODO : vérif existance user
 	# 			# le user existe t-il déjà sur le wp ?
-	#			. $KAZ_BIN_DIR/getPasswords.sh wpServ
+	#			. $KAZ_KEY_DIR/env-wpServ
-	# 			curl -o "${TEMP_USER_WP}" -X GET "${httpProto}://${wpServ_WORDPRESS_ADMIN_USER}:${wpServ_WORDPRESS_ADMIN_PASSWORD}@${URL_WP_ORGA}/ocs/v1.php/cloud/users?search=${IDENT_KAZ}"
+	# 			curl -o "${TEMP_USER_WP}" -X GET "${httpProto}://${WORDPRESS_ADMIN_USER}:${WORDPRESS_ADMIN_PASSWORD}@${URL_WP_ORGA}/ocs/v1.php/cloud/users?search=${IDENT_KAZ}"
 	# 			nb_user_wp_orga=$(grep "<element>${IDENT_KAZ}</element>" "${TEMP_USER_WP}" | wc -l)
 	# 			if [ "${nb_user_wp_orga}" != "0" ];then
 	# 				(
@@ -627,13 +629,13 @@ userPassword: {CRYPT}${pass}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=$
     # docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=https://listes.kaz.sns/sympasoap --trusted_application=SOAP_USER --trusted_application_password=SOAP_PASSWORD --proxy_vars="USER_EMAIL=contact1@kaz.sns" --service=which
     if [[ "${mode}" = "dev" ]]; then
 	echo "# DEV, on teste l'inscription à sympa"| tee -a "${CMD_SYMPA}"
-	LISTMASTER=$(echo ${sympaServ_LISTMASTERS} | cut -d',' -f1)
+	LISTMASTER=$(echo ${LISTMASTERS} | cut -d',' -f1)
-	echo "docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${sympaServ_SOAP_USER} --trusted_application_password=${sympaServ_SOAP_PASSWORD} --proxy_vars=\"USER_EMAIL=${LISTMASTER}\" --service=add --service_parameters=\"${NL_LIST},${EMAIL_SOUHAITE}\""  | tee -a "${CMD_SYMPA}"
+	echo "docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${SOAP_USER} --trusted_application_password=${SOAP_PASSWORD} --proxy_vars=\"USER_EMAIL=${LISTMASTER}\" --service=add --service_parameters=\"${NL_LIST},${EMAIL_SOUHAITE}\""  | tee -a "${CMD_SYMPA}"
     else
 	echo "# PROD, on inscrit à sympa"| tee -a "${CMD_SYMPA}"
-	LISTMASTER=$(echo ${sympaServ_LISTMASTERS} | cut -d',' -f1)
+	LISTMASTER=$(echo ${LISTMASTERS} | cut -d',' -f1)
-	echo "docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${sympaServ_SOAP_USER} --trusted_application_password=${sympaServ_SOAP_PASSWORD} --proxy_vars=\"USER_EMAIL=${LISTMASTER}\" --service=add --service_parameters=\"${NL_LIST},${EMAIL_SOUHAITE}\""  | tee -a "${CMD_SYMPA}"
+	echo "docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${SOAP_USER} --trusted_application_password=${SOAP_PASSWORD} --proxy_vars=\"USER_EMAIL=${LISTMASTER}\" --service=add --service_parameters=\"${NL_LIST},${EMAIL_SOUHAITE}\""  | tee -a "${CMD_SYMPA}"
-	echo "docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${sympaServ_SOAP_USER} --trusted_application_password=${sympaServ_SOAP_PASSWORD} --proxy_vars=\"USER_EMAIL=${LISTMASTER}\" --service=add --service_parameters=\"${NL_LIST},${EMAIL_SECOURS}\""  | tee -a "${CMD_SYMPA}"
+	echo "docker exec -i sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${SOAP_USER} --trusted_application_password=${SOAP_PASSWORD} --proxy_vars=\"USER_EMAIL=${LISTMASTER}\" --service=add --service_parameters=\"${NL_LIST},${EMAIL_SECOURS}\""  | tee -a "${CMD_SYMPA}"
     fi
 
     if [ "${service[ADMIN_ORGA]}" == "O" ]; then
@@ -645,7 +647,7 @@ userPassword: {CRYPT}${pass}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=$
     ###################
 
     # TODO : problème si 2 comptes partagent le même email souhaité (cela ne devrait pas arriver)
-    curl -s "https://${paheko_API_USER}:${paheko_API_PASSWORD}@kaz-paheko.kaz.bzh/api/sql" -d "SELECT numero,nom,quota_disque from users WHERE email='${EMAIL_SOUHAITE}'" | jq '.results[] | .numero,.nom,.quota_disque ' | tr \\n ',' | sed 's/,$/,Aucune\n/' >> "${TEMP_PAHEKO}"
+    curl -s "https://${API_USER}:${API_PASSWORD}@kaz-paheko.kaz.bzh/api/sql" -d "SELECT numero,nom,quota_disque from users WHERE email='${EMAIL_SOUHAITE}'" | jq '.results[] | .numero,.nom,.quota_disque ' | tr \\n ',' | sed 's/,$/,Aucune\n/' >> "${TEMP_PAHEKO}"
 
     ####################
     # Inscription MAIL #

bin/gestUsers.sh

@@ -8,7 +8,10 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd)
 setKazVars
 
 . $DOCKERS_ENV
-. $KAZ_BIN_DIR/getPasswords.sh ldapServ nextcloudServ sympaServ paheko
+. $KAZ_KEY_DIR/env-ldapServ 
+. $KAZ_KEY_DIR/env-nextcloudServ 
+. $KAZ_KEY_DIR/env-sympaServ 
+. $KAZ_KEY_DIR/env-paheko
 
 VERSION="18-05-2025"
 PRG=$(basename $0)
@@ -20,11 +23,11 @@ LOG=$RACINE".log"
 URL_NC=$(echo $cloudHost).$(echo $domain)
 URL_AGORA=$(echo $matterHost).$(echo $domain)
 URL_LISTE=$(echo $sympaHost).$(echo $domain)
-URL_PAHEKO="$httpProto://${paheko_API_USER}:${paheko_API_PASSWORD}@kaz-paheko.$(echo $domain)"
+URL_PAHEKO="$httpProto://${API_USER}:${API_PASSWORD}@kaz-paheko.$(echo $domain)"
 NL_LIST=infos@listes.kaz.bzh
 URL_AGORA_API=${URL_AGORA}/api/v4
 EQUIPE=kaz
-LISTMASTER=$(echo ${sympaServ_LISTMASTERS} | cut -d',' -f1)
+LISTMASTER=$(echo ${LISTMASTERS} | cut -d',' -f1)
 
 
 #### Test du serveur sur lequel s' execute le script ####
@@ -94,8 +97,8 @@ searchEmail() {
 			fi
 		done
 		ldapsearch -H ldap://${LDAP_IP} \
-		-x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+		-x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-		-w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+		-w "${LDAP_ADMIN_PASSWORD}" \
 		-b "${ldap_root}" "(&(objectclass=${SEARCH_OBJECT_CLASS})(cn=*${RMAIL}*))" cn | grep ^cn | sed -e 's/^cn: //' >$TFILE_EMAILS
 		COMPTEUR_LIGNE=0
 		while read LIGNE
@@ -186,12 +189,12 @@ infoEmail() {
 					printKazMsg " DETAILS DU COMPTE DANS NEXTCLOUD PRINCIPAL"
 					echo -e ""
 					#TEMP_USER_NC=$(mktemp /tmp/$RACINE.XXXXXXXXX.TEMP_USER_NC)
-					#curl -s -o $TEMP_USER_NC -X GET -H 'OCS-APIRequest:true' $httpProto://admin:$nextcloudServ_NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users?search=$CHOIX_MAIL
+					#curl -s -o $TEMP_USER_NC -X GET -H 'OCS-APIRequest:true' $httpProto://admin:$NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users?search=$CHOIX_MAIL
 					#cat $TEMP_USER_NC | grep -i "element" | sed -e s/[\<\>\/]//g | sed -e s/element//g
 					echo -ne "${NC}"
 					echo -ne " - Nextcloud enable : "
 					echo -ne "${GREEN}"
-					ldapsearch -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i nextcloudEnabled | cut -c 18-30
+					ldapsearch -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i nextcloudEnabled | cut -c 18-30
 					echo -ne "${NC}"
 					echo -e "${NC} ------------------------------------------------"
 					printKazMsg " DETAILS DU COMPTE DANS LDAP ET PAHEKO"
@@ -207,11 +210,11 @@ infoEmail() {
 					echo -ne "${NC}"
 					echo -n " - Quota Mail (Ldap) : " 
 					echo -ne "${GREEN}"
-					ldapsearch -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i mailquota | cut -c 11-60
+					ldapsearch -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i mailquota | cut -c 11-60
 					echo -ne "${NC}"
 					echo -n " - Quota Nextcloud (Ldap) : "
 					echo -ne "${GREEN}"
-					ldapsearch -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i nextcloudquota | cut -c 17-60
+					ldapsearch -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i nextcloudquota | cut -c 17-60
 					echo -ne "${NC}"
 					echo -n " - Mail de secours (Paheko ): "
 					echo -ne "${GREEN}"
@@ -219,11 +222,11 @@ infoEmail() {
 					echo -ne "${NC}"
 					echo -n " - Mail de secours (Ldap): "
 					echo -ne "${GREEN}"
-					ldapsearch -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i maildeSecours | sed -e 's/mailDeSecours://'
+					ldapsearch -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i maildeSecours | sed -e 's/mailDeSecours://'
 					echo -ne "${NC}"
 					echo -n " - Alias (Ldap) : "
 					echo -ne "${GREEN}"
-					LDAP_ALIAS=$(ldapsearch -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i alias | cut -c 11-60)
+					LDAP_ALIAS=$(ldapsearch -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" -b "cn=${CHOIX_MAIL},ou=users,${ldap_root}" | grep -i alias | cut -c 11-60)
 					echo -ne "${NC}"
 					echo -ne "${GREEN}"
 					for ldap_alias in ${LDAP_ALIAS}
@@ -243,8 +246,8 @@ infoEmail() {
                 			echo "------------------------------------------------"
 					echo  " Alias : ${CHOIX_MAIL} "
 					echo ""
-					for INFOALIAS in $(ldapsearch -H ldap://${LDAP_IP} -x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+					for INFOALIAS in $(ldapsearch -H ldap://${LDAP_IP} -x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-                		        -w "${ldapServ_LDAP_ADMIN_PASSWORD}" -b "${ldap_root}" "(&(objectclass=PostfixBookMailForward)(cn=*${CHOIX_MAIL}*))" mail \
+                		        -w "${LDAP_ADMIN_PASSWORD}" -b "${ldap_root}" "(&(objectclass=PostfixBookMailForward)(cn=*${CHOIX_MAIL}*))" mail \
 					| grep ^mail: | sed -e 's/^mail://')
 					do
 						echo -ne "=====> ${GREEN}  " 
@@ -311,12 +314,12 @@ searchDestroy() {
 						fi
 						echo -e "${NC}"
 						echo -e "Recherche de ${GREEN} ${REP_SEARCH_DESTROY} ${NC} dans nextcloud"
-						USER_NEXTCLOUD_SUPPR=$(curl -s -X GET -H 'OCS-APIRequest:true' $httpProto://admin:$nextcloudServ_NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users?search=${REP_SEARCH_DESTROY} | grep element | sed -s 's/[ \<\>\/]//g' | sed  's/element//g')
+						USER_NEXTCLOUD_SUPPR=$(curl -s -X GET -H 'OCS-APIRequest:true' $httpProto://admin:$NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users?search=${REP_SEARCH_DESTROY} | grep element | sed -s 's/[ \<\>\/]//g' | sed  's/element//g')
 						if [ ! -z ${USER_NEXTCLOUD_SUPPR} ]
 						then
 							printKazMsg "le user trouvé est : ${USER_NEXTCLOUD_SUPPR}"
 							echo -e "${RED} Suppresion de ${USER_NEXTCLOUD_SUPPR}"
-							curl -H 'OCS-APIREQUEST: true' -X DELETE $httpProto://admin:$nextcloudServ_NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users/${USER_NEXTCLOUD_SUPPR} >/dev/null 2>&1
+							curl -H 'OCS-APIREQUEST: true' -X DELETE $httpProto://admin:$NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users/${USER_NEXTCLOUD_SUPPR} >/dev/null 2>&1
 							if [ "$?" -eq "0" ]
                         				then
 								printKazMsg "Suppresion ok"
@@ -331,7 +334,7 @@ searchDestroy() {
 							echo -e "${RED} suppression de ${REP_SEARCH_DESTROY} dans la liste info de sympa"
 							echo -e "${NC}"
 							echo ""
-							docker exec -ti sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${sympaServ_SOAP_USER} --trusted_application_password=${sympaServ_SOAP_PASSWORD} --proxy_vars=USER_EMAIL=${LISTMASTER} --service=del --service_parameters="${NL_LIST},${REP_SEARCH_DESTROY}"
+							docker exec -ti sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${SOAP_USER} --trusted_application_password=${SOAP_PASSWORD} --proxy_vars=USER_EMAIL=${LISTMASTER} --service=del --service_parameters="${NL_LIST},${REP_SEARCH_DESTROY}"
 							echo -e "${NC}"
 							echo ""
 							echo  -e "${RED} suppression de ${REP_SEARCH_DESTROY} dans le serveur de mail"
@@ -348,7 +351,7 @@ searchDestroy() {
                                                 echo  -e "${RED} suppression de ${REP_SEARCH_DESTROY} dans le ldap"
                                                 echo -e "${NC}"
                                                 echo ""
-						ldapdelete -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" "cn=${REP_SEARCH_DESTROY},ou=users,${ldap_root}"
+						ldapdelete -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" "cn=${REP_SEARCH_DESTROY},ou=users,${ldap_root}"
 						if [ "$?" -eq "0" ]
 						then
 							printKazMsg "Suppresion ok"
@@ -381,8 +384,8 @@ gestPassword() {
 		# MAIL_SECOURS=$(jq .results[].email_secours $FICMAILSECOURS | sed -e 's/\"//g')
 
 		MAIL_SECOURS=$(ldapsearch -H ldap://${LDAP_IP} \
-                -x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+                -x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-                -w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+                -w "${LDAP_ADMIN_PASSWORD}" \
                 -b "${ldap_root}" "(&(objectclass=inetOrgPerson)(cn=*${CHOIX_MAIL}*))" | grep ^mailDeSecours | sed -e 's/^mailDeSecours: //')
 		if [ "$MAIL_SECOURS" = "" ]
                 then
@@ -409,19 +412,19 @@ gestPassword() {
 		fi
 		if [ "$SEARCH_RESET_INPUT" = "o" ] || [ "$SEARCH_RESET_INPUT" = "O" ]
 		then
-			USER_NEXTCLOUD_MODIF=$(curl -s -X GET -H 'OCS-APIRequest:true' $httpProto://admin:$nextcloudServ_NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users?search=${COMPTE_A_MODIFIER} | grep element | sed -e 's/[ \<\>\/]//g' -e 's/element//g')
+			USER_NEXTCLOUD_MODIF=$(curl -s -X GET -H 'OCS-APIRequest:true' $httpProto://admin:$NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users?search=${COMPTE_A_MODIFIER} | grep element | sed -e 's/[ \<\>\/]//g' -e 's/element//g')
 			echo -e "$GREEN Compte à modifier = $RED ${COMPTE_A_MODIFIER}  ${NC}"
 			echo -e "$GREEN Mail de secours = $RED ${MAIL_SECOURS}  ${NC}"
 			echo -e "$GREEN Compte $RED $(searchMattermost $COMPTE_A_MODIFIER)  ${NC}"
 			echo -e "$GREEN Compte Nextcloud $RED ${USER_NEXTCLOUD_MODIF} ${NC}"
 			echo -e "$GREEN Le mot de passe sera = $RED ${PASSWORD} ${NC}"
 			docker exec -ti mattermostServ bin/mmctl user change-password $(searchMattermost $COMPTE_A_MODIFIER) -p $PASSWORD >/dev/null 2>&1
-			curl -H 'OCS-APIREQUEST: true' -X PUT $httpProto://admin:$nextcloudServ_NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users/${USER_NEXTCLOUD_MODIF} -d key=password -d value=${PASSWORD} >/dev/null 2>&1
+			curl -H 'OCS-APIREQUEST: true' -X PUT $httpProto://admin:$NEXTCLOUD_ADMIN_PASSWORD@$URL_NC/ocs/v1.php/cloud/users/${USER_NEXTCLOUD_MODIF} -d key=password -d value=${PASSWORD} >/dev/null 2>&1
 			pass=$(mkpasswd -m sha512crypt ${PASSWORD})
 			echo -e "\n\ndn: cn=${COMPTE_A_MODIFIER},ou=users,${ldap_root}\n\
 changeType: modify\n\
 replace: userPassword\n\
-userPassword: {CRYPT}${pass}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}"
+userPassword: {CRYPT}${pass}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}"
 			echo -e "Envoi d'un message dans mattermost pour la modification du mot de passe"
 			docker exec -ti mattermostServ bin/mmctl post create kaz:Creation-Comptes --message "Le mot de passe du compte ${COMPTE_A_MODIFIER} a été modifié" >/dev/null 2>&1
 			if [ $ADRESSE_SEC == "OUI" ]
@@ -469,8 +472,8 @@ createMail() {
 		if [[ ${EMAIL_SOUHAITE} =~ ${regexMail} ]] 
 		then
 			ldapsearch -H ldap://${LDAP_IP} \
-                        -x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+                        -x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-                        -w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+                        -w "${LDAP_ADMIN_PASSWORD}" \
                         -b "${ldap_root}" "(&(objectclass=inetOrgPerson)(cn=${EMAIL_SOUHAITE}))" cn | grep ^cn | sed -e 's/^cn: //' >$TFILE_EMAILS
 	        	if grep -q "^${EMAIL_SOUHAITE}$" "${TFILE_EMAILS}"
 			then
@@ -568,7 +571,7 @@ nextcloudEnabled: ${TRUE_KAZ}\n\
 nextcloudQuota: ${QUOTA} GB\n\
 mobilizonEnabled: ${TRUE_KAZ}\n\
 agoraEnabled: ${TRUE_KAZ}\n\
-userPassword: {CRYPT}${LDAPPASS}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}\" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}" >${TFILE_CREATE_MAIL}
+userPassword: {CRYPT}${LDAPPASS}\n\n' | ldapmodify -c -H ldap://${LDAP_IP} -D \"cn=${LDAP_ADMIN_USERNAME},${ldap_root}\" -x -w ${LDAP_ADMIN_PASSWORD}" >${TFILE_CREATE_MAIL}
 # on execute le fichier avec les données ldap pour créer l' entrée dans l' annuaire
 bash ${TFILE_CREATE_MAIL} >/dev/null
 # on colle le compte et le mot de passe dans le fichier 
@@ -614,12 +617,12 @@ createAlias() {
 		if [[ ${AMAIL} =~ ${regexMail} ]] 
 		then
 			RESU_ALIAS=$(ldapsearch -H ldap://${LDAP_IP} \
-			-x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+			-x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-			-w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+			-w "${LDAP_ADMIN_PASSWORD}" \
 			-b "${ldap_root}" "(&(objectclass=PostfixBookMailForward)(cn=*${AMAIL}*))" | grep ^cn | sed -e 's/^cn: //')
 			RESU_ALIAS_IS_MAIL=$(ldapsearch -H ldap://${LDAP_IP} \
- 	                -x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+ 	                -x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-			-w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+			-w "${LDAP_ADMIN_PASSWORD}" \
              		-b "${ldap_root}" "(&(objectclass=inetOrgPerson)(cn=*${AMAIL}*))" cn | grep ^cn | sed -e 's/^cn: //')
 
 	        	if echo ${RESU_ALIAS} | grep -q "^${AMAIL}$" || echo ${RESU_ALIAS_IS_MAIL} | grep -q "^${AMAIL}$"
@@ -694,7 +697,7 @@ changeType: add\n\
 objectClass: organizationalRole\n\
 objectClass: PostfixBookMailForward\n\
 mailAlias: ${AMAIL}\n\
-${LDAPALAISMAIL}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}
+${LDAPALAISMAIL}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${LDAP_ADMIN_PASSWORD}
 			fait=1
 			printKazMsg "Création de ${AMAIL}"
 			sleep 3			
@@ -726,8 +729,8 @@ delAlias() {
                 if [[ ${RALIAS} =~ ${regexMail} ]]
                 then
                 	RESU_ALIAS=$(ldapsearch -H ldap://${LDAP_IP} \
-                        -x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+                        -x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-                        -w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+                        -w "${LDAP_ADMIN_PASSWORD}" \
                         -b "${ldap_root}" "(&(objectclass=PostfixBookMailForward)(cn=${RALIAS}))" cn | grep ^cn | sed -e 's/^cn: //')
 			if [ ! -z ${RESU_ALIAS} ]
 			then
@@ -737,7 +740,7 @@ delAlias() {
 					read -p "suppression de ${RESU_ALIAS} ? (o/n): " REPDELALIAS
 					case "${REPDELALIAS}" in
 					o | O )
-                        			ldapdelete -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${ldapServ_LDAP_ADMIN_PASSWORD}" "cn=${RESU_ALIAS},ou=mailForwardings,${ldap_root}"
+                        			ldapdelete -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w "${LDAP_ADMIN_PASSWORD}" "cn=${RESU_ALIAS},ou=mailForwardings,${ldap_root}"
 						printKazMsg "suppression ${RESU_ALIAS} effectuée"
 						sleep 2
 						faitdel=1
@@ -773,8 +776,8 @@ modifyAlias()
 	ACHANGE=0
 	searchEmail alias
 	LISTE_MAIL_ALIAS=$(ldapsearch -H ldap://${LDAP_IP} \
-        -x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+        -x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-        -w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+        -w "${LDAP_ADMIN_PASSWORD}" \
         -b "${ldap_root}" "(&(objectclass=PostfixBookMailForward)(cn=*${CHOIX_MAIL}*))" \
 	| grep -i ^mail: | sed -e 's/^mail: /_/' | tr -d [:space:] | sed -s 's/_/ /g')
 	echo "-------------------------------------------------------------------"
@@ -849,8 +852,8 @@ modifyAlias()
 				echo "mail: ${key}" >>${FIC_MODIF_LDIF}
 			done
 			echo "-" >>${FIC_MODIF_LDIF}
-		 	ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+		 	ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-			-x -w ${ldapServ_LDAP_ADMIN_PASSWORD} \
+			-x -w ${LDAP_ADMIN_PASSWORD} \
 			-f ${FIC_MODIF_LDIF} >/dev/null
 		else
 			printKazMsg "Pas de changement"
@@ -876,8 +879,8 @@ updateUser() {
 		for attribut in mailDeSecours mailAlias mailQuota nextcloudQuota
 		do
 			ATTRIB+=([${attribut}]=$(ldapsearch -H ldap://${LDAP_IP} \
-	               	-x -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+	               	-x -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-                	-w "${ldapServ_LDAP_ADMIN_PASSWORD}" \
+                	-w "${LDAP_ADMIN_PASSWORD}" \
                 	-b "${ldap_root}" "(&(objectclass=inetOrgPerson)(cn=*${CHOIX_MAIL}*))" \
 			 | grep ^"${attribut}": | sed -e 's/^'${attribut}': //' | tr -s '[:space:]' ' ' ))
 			# si l' attribut est mailDesecours on l' attrape et on on le stocke pour pouvoir l' enlever de sympa
@@ -1060,15 +1063,15 @@ updateUser() {
 					done
 					cat ${FIC_MODIF_LDIF}
 					sleep 3
-					ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" \
+					ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" \
-					-x -w ${ldapServ_LDAP_ADMIN_PASSWORD} \
+					-x -w ${LDAP_ADMIN_PASSWORD} \
 					-f ${FIC_MODIF_LDIF}
 					if [ ! -z ${MAILDESECOURS} ]
 					then
 						# suppression du mail de secours de la liste infos
-						docker exec -ti sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${sympaServ_SOAP_USER} --trusted_application_password=${sympaServ_SOAP_PASSWORD} --proxy_vars=USER_EMAIL=${LISTMASTER} --service=del --service_parameters="${NL_LIST},${MAILDESECOURSACTUEL}"
+						docker exec -ti sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${SOAP_USER} --trusted_application_password=${SOAP_PASSWORD} --proxy_vars=USER_EMAIL=${LISTMASTER} --service=del --service_parameters="${NL_LIST},${MAILDESECOURSACTUEL}"
 						# ajout de l' adresse  de la nouvelle adresse de secours
-						docker exec -ti sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${sympaServ_SOAP_USER} --trusted_application_password=${sympaServ_SOAP_PASSWORD} --proxy_vars=USER_EMAIL=${LISTMASTER} --service=add --service_parameters="${NL_LIST},${MAILDESECOURS}"
+						docker exec -ti sympaServ /usr/lib/sympa/bin/sympa_soap_client.pl --soap_url=${httpProto}://${URL_LISTE}/sympasoap --trusted_application=${SOAP_USER} --trusted_application_password=${SOAP_PASSWORD} --proxy_vars=USER_EMAIL=${LISTMASTER} --service=add --service_parameters="${NL_LIST},${MAILDESECOURS}"
 					fi
 					updateUser
 				fi

bin/getPasswords.sh

@@ -1,94 +0,0 @@
-#!/bin/bash
-#Ki: Gael
-#Kan: 2025
-#Koi: gestion mots de passe
-
-KAZ_ROOT=/kaz
-
-. "${KAZ_ROOT}/bin/.commonFunctions.sh"
-QUIET=1
-
-usage() {
-echo "getPasswords.sh [OPTIONS] [envname ...] 
-Récupère les variables d'environnement présentes dans /kaz/secret/env-envname et crée des variables à partir de ces noms là.
-Les variables sont du type envname_NOMVARIABLE=valeur
-On peut passer plusieurs fichiers env, à partir du moment ou ils sont tous dans le même répertoire !
-OPTIONS 
- -h|--help            Cette aide :-)
- -n|--simu            SIMULATION
- -d foldername        prend les envfiles dans un sous dossier /kaz/secret/foldername/ (pour les orgas !) 
-                      Les variables seront du type foldername-envname_NOMVARIABLE=valeur
- -e varname           Affiche le contenu d'une variable en particulier
-"
-}
-
-if [ ! -d "${KAZ_KEY_DIR}/tmp" ]; then
-    mkdir "${KAZ_KEY_DIR}/tmp"
-fi
-
-for ARG in "$@"; do
-    if [ -n "${DIRECTORYARG}" ]; then # après un -d
-        SUBDIRECTORY="${ARG}"
-        unset DIRECTORYARG
-    elif  [ -n "${ECHOVARARG}" ]; then # après un -e
-        VARTOECHO="${ARG}"
-        unset ECHOVARARG
-        QUIET="/dev/null"  # pour ne pas avoir d'autres bruits ...
-    else
-
-      case "${ARG}" in
-          '-d' | '--directory' | '-f' | '--folder' | '--foldername')
-              DIRECTORYARG="ON ATTEND UN REPERTOIRE APRES CA" ;;
-          '-h' | '--help' )
-            usage && exit ;;
-          '-n' | '--simu')
-            SIMU="echo" ;;
-          '-e' | '--echo')
-            ECHOVARARG="ON ATTEND UNE UN NOM DE VARIABLE APRES CA" ;;
-            '-q' )
-            QUIET="/dev/null" ;;
-          *)
-            ENVFILES="${ENVFILES} ${ARG%}";;
-      esac
-    fi
-done
-
-getVars () {
-    # $1 : filename
-    grep "^[^#]*=" $1 | sed 's/\([^=]*\).*/\1/' | sort -u
-}
-
-NB_FILES=$(echo "${ENVFILES}" | wc -w )
-
-if [[ $NB_FILES = 0 ]]; then
-    usage
-    exit 1
-fi
-
-for ENVFILE in $ENVFILES; do
-    FILENAME="$KAZ_KEY_DIR/env-$ENVFILE"
-    VARSUFFIX="$ENVFILE"_
-    if [ -n "${SUBDIRECTORY}" ]; then
-      FILENAME="$KAZ_KEY_DIR/orgas/$SUBDIRECTORY/env-$ENVFILE"
-      VARSUFFIX="${SUBDIRECTORY}-${ENVFILE}_"
-    fi
-
-    if ! [ -f "$FILENAME" ]; then
-      echo "$FILENAME does not exist."  >& $QUIET
-      continue
-    fi
-
-    . $FILENAME # on récupère les variables
-    vars=$(getVars $FILENAME)
-    for var in $vars; do
-      $SIMU declare $VARSUFFIX$var=${!var}
-      unset $var
-    done
-    unset FILENAME VARSUFFIX vars
-done
-
-if [ -n "$VARTOECHO" ]; then
-  echo ${!VARTOECHO}
-fi
-
-unset ENVFILES KAZ_ROOT SUBDIRECTORY SIMU QUIET NB_FILES VARTOECHO

bin/install.sh

@@ -123,6 +123,8 @@ export DebugLog="${KAZ_ROOT}/log/log-install-$(date +%y-%m-%d-%T)-"
     if [[ " ${DOCKERS_LIST[*]} " =~ " traefik " ]]; then
       # on initialise traefik :-(
       ${KAZ_COMP_DIR}/traefik/first.sh
+      # on démarre traefik (plus lancé dans container.sh)
+      docker-compose -f ${KAZ_COMP_DIR}/traefik/docker-compose.yml up -d
     fi
 
     if [[ " ${DOCKERS_LIST[*]} " =~ " etherpad " ]]; then

bin/interoPaheko.sh

@@ -7,9 +7,9 @@ setKazVars
 
 . $DOCKERS_ENV
 
-. $KAZ_BIN_DIR/getPasswords.sh paheko
+. $KAZ_KEY_DIR/env-paheko
 
-URL_PAHEKO="$httpProto://${paheko_API_USER}:${paheko_API_PASSWORD}@kaz-paheko.$(echo $domain)"
+URL_PAHEKO="$httpProto://${API_USER}:${API_PASSWORD}@kaz-paheko.$(echo $domain)"
 
 PRG=$(basename $0)
 RACINE=$(echo $PRG | awk '{print $1}')

bin/ldap/ldapvi.sh

@@ -5,7 +5,7 @@ KAZ_ROOT=/kaz
 setKazVars
 
 . $DOCKERS_ENV
-. $KAZ_BIN_DIR/getPasswords.sh ldapServ
+. $KAZ_KEY_DIR/env-ldapServ
 
 LDAP_IP=$(docker inspect -f '{{.NetworkSettings.Networks.ldapNet.IPAddress}}' ldapServ)
 
@@ -20,4 +20,4 @@ EDITOR=${EDITOR:-vi}
 EDITOR=${EDITOR:-vi}
 export EDITOR=${EDITOR}
 
-ldapvi -h $LDAP_IP -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -w ${ldapServ_LDAP_ADMIN_PASSWORD} --discover
+ldapvi -h $LDAP_IP -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -w ${LDAP_ADMIN_PASSWORD} --discover

bin/ldap/migrate_to_ldap.sh

@@ -8,12 +8,13 @@ KAZ_ROOT=/kaz
 setKazVars
 
 . $DOCKERS_ENV
-. $KAZ_BIN_DIR/getPasswords.sh ldapServ paheko
+. $KAZ_KEY_DIR/env-ldapServ 
+. $KAZ_KEY_DIR/env-paheko
 
 ACCOUNTS=/kaz/dockers/postfix/config/postfix-accounts.cf
 
 LDAP_IP=$(docker inspect -f '{{.NetworkSettings.Networks.ldapNet.IPAddress}}' ldapServ)
-URL_GARRADIN="$httpProto://${paheko_API_USER}:${paheko_API_PASSWORD}@kaz-paheko.$(echo $domain)"
+URL_GARRADIN="$httpProto://${API_USER}:${API_PASSWORD}@kaz-paheko.$(echo $domain)"
 # docker exec -i nextcloudDB mysql --user=${nextcloud_MYSQL_USER} --password=${nextcloud_MYSQL_PASSWORD} ${nextcloud_MYSQL_DATABASE} <<< "select * from oc_accounts;" > /tmp/oc_accounts
 
 ERRORS="/tmp/ldap-errors.log"
@@ -126,7 +127,7 @@ replace: agoraEnabled\n\
 agoraEnabled: TRUE\n\
 -\n\
 replace: mobilizonEnabled\n\
-mobilizonEnabled: TRUE\n\n" | tee /tmp/ldap/${mail}.ldif | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}
+mobilizonEnabled: TRUE\n\n" | tee /tmp/ldap/${mail}.ldif | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${LDAP_ADMIN_PASSWORD}
 done
 
 #replace: nextcloudEnabled\n\
@@ -164,7 +165,7 @@ do
 			echo -e "dn: cn=${mail},ou=users,${ldap_root}\n\
 changeType: modify
 replace: mailAlias\n\
-$LIST\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}
+$LIST\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${LDAP_ADMIN_PASSWORD}
 		else
 			echo "Alias vers un mail externe, go fichier"
 			echo $line >> ${ALIASES_WITHLDAP}
@@ -185,7 +186,7 @@ replace: mailAlias\n\
 mailAlias: ${src}\n\
 -\n\
 replace: mail\n\
-mail: ${dst}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}
+mail: ${dst}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${LDAP_ADMIN_PASSWORD}
 		fi
 	else
 		echo "Forward vers plusieurs adresses, on met dans le fichier"
@@ -215,7 +216,7 @@ replace: mailAlias\n\
 mailAlias: ${src}\n\
 -\n\
 replace: mail\n\
-${LIST}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${ldapServ_LDAP_ADMIN_PASSWORD}
+${LIST}\n\n" | ldapmodify -c -H ldap://${LDAP_IP} -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -x -w ${LDAP_ADMIN_PASSWORD}
 
 	fi
 done

bin/ldap/tests/nc_orphans.sh

@@ -5,16 +5,17 @@ KAZ_ROOT=/kaz
 setKazVars
 
 . $DOCKERS_ENV
-. $KAZ_BIN_DIR/getPasswords.sh ldapServ nextcloudDB
+. $KAZ_KEY_DIR/env-ldapServ 
+. $KAZ_KEY_DIR/env-nextcloudDB
 
 LDAP_IP=$(docker inspect -f '{{.NetworkSettings.Networks.ldapNet.IPAddress}}' ldapServ)
 
-docker exec -i nextcloudDB mysql --user=${nextcloudDB_MYSQL_USER} --password=${nextcloudDB_MYSQL_PASSWORD} ${nextcloudDB_MYSQL_DATABASE} <<< "select uid from oc_users;" > /tmp/nc_users.txt
+docker exec -i nextcloudDB mysql --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} ${MYSQL_DATABASE} <<< "select uid from oc_users;" > /tmp/nc_users.txt
 
 OLDIFS=${IFS}
 IFS=$'\n'
 for line in `cat /tmp/nc_users.txt`; do
-	result=$(ldapsearch -h $LDAP_IP -D "cn=${ldapServ_LDAP_ADMIN_USERNAME},${ldap_root}" -w ${ldapServ_LDAP_ADMIN_PASSWORD} -b $ldap_root -x "(identifiantKaz=${line})" | grep numEntries)
+	result=$(ldapsearch -h $LDAP_IP -D "cn=${LDAP_ADMIN_USERNAME},${ldap_root}" -w ${LDAP_ADMIN_PASSWORD} -b $ldap_root -x "(identifiantKaz=${line})" | grep numEntries)
 	echo "${line} ${result}" | grep -v "numEntries: 1" | grep -v "^uid"
 done
 IFS=${OLDIFS}

bin/manageAgora.sh

@@ -83,7 +83,7 @@ Init(){
 
     # creation compte admin
     _getPasswords
-    ${SIMU} curl -i -d "{\"email\":\"${mattermostServ_MM_ADMIN_EMAIL}\",\"username\":\"${mattermost_user}\",\"password\":\"${mattermost_pass}\",\"allow_marketing\":true}" "${MATTER_URL}/api/v4/users"
+    ${SIMU} curl -i -d "{\"email\":\"${MM_ADMIN_EMAIL}\",\"username\":\"${mattermost_user}\",\"password\":\"${mattermost_pass}\",\"allow_marketing\":true}" "${MATTER_URL}/api/v4/users"
 
     MM_TOKEN=$(_getMMToken ${MATTER_URL})
 
@@ -118,10 +118,10 @@ _getPasswords(){
     # récupération des infos du compte admin
     if [ -n "$AGORACOMMUN" ] ; then 
         . $KAZ_KEY_DIR/env-mattermostAdmin
-        . $KAZ_BIN_DIR/getPasswords.sh mattermostServ
+        . $KAZ_KEY_DIR/env-mattermostServ
     else
         . $KAZ_KEY_DIR/orgas/${ORGA}/env-mattermostAdmin
-        . $KAZ_BIN_DIR/getPasswords.sh -d ${ORGA} mattermostServ
+        . $KAZ_KEY_DIR/orgas/$ORGA/env-mattermostServ
     fi
 }
 

bin/manageCloud.sh

@@ -143,14 +143,14 @@ setOfficeUrl(){
 }
 
 initLdap(){
-    . $KAZ_BIN_DIR/getPasswords.sh ldapServ
+    . $KAZ_KEY_DIR/env-ldapServ
     # $1 Nom du cloud
     echo "${CYAN}  *** Installation LDAP pour $1${NC}" >& $QUIET
     occCommand "app:enable user_ldap" "${DockerServName}"
     occCommand "ldap:delete-config s01" "${DockerServName}"
     occCommand "ldap:create-empty-config" "${DockerServName}"
     occCommand "ldap:set-config s01 ldapAgentName cn=cloud,ou=applications,${ldap_root}" "${DockerServName}"
-    occCommand "ldap:set-config s01 ldapAgentPassword ${ldapServ_LDAP_CLOUD_PASSWORD}" "${DockerServName}"
+    occCommand "ldap:set-config s01 ldapAgentPassword ${LDAP_CLOUD_PASSWORD}" "${DockerServName}"
     occCommand "ldap:set-config s01 ldapBase ${ldap_root}" "${DockerServName}"
     occCommand "ldap:set-config s01 ldapBaseGroups ${ldap_root}" "${DockerServName}"
     occCommand "ldap:set-config s01 ldapBaseUsers ou=users,${ldap_root}" "${DockerServName}"

bin/manageWiki.sh

@@ -54,7 +54,11 @@ Init(){
     PLG_DIR="${VOL_PREFIX}wikiPlugins/_data"
     CONF_DIR="${VOL_PREFIX}wikiConf/_data"
 
-    . $KAZ_BIN_DIR/getPasswords.sh dokuwiki
+    if [ -n "$WIKICOMMUN" ]; then 
+        . $KAZ_KEY_DIR/env-dokuwiki
+    else
+        . $KAZ_KEY_DIR/orgas/$ORGA/env-dokuwiki
+    fi
 
     ${SIMU} checkDockerRunning "${DockerServName}" "${NOM}" || exit
 
@@ -68,11 +72,11 @@ Init(){
             -d "l=fr" \
             -d "d[title]=${NOM}" \
             -d "d[acl]=true" \
-            -d "d[superuser]=${dokuwiki_WIKI_ROOT}" \
+            -d "d[superuser]=${WIKI_ROOT}" \
             -d "d[fullname]=Admin"\
-            -d "d[email]=${dokuwiki_WIKI_EMAIL}" \
+            -d "d[email]=${WIKI_EMAIL}" \
-            -d "d[password]=${dokuwiki_WIKI_PASSWORD}" \
+            -d "d[password]=${WIKI_PASSWORD}" \
-            -d "d[confirm]=${dokuwiki_WIKI_PASSWORD}" \
+            -d "d[confirm]=${WIKI_PASSWORD}" \
             -d "d[policy]=1" \
             -d "d[allowreg]=false" \
             -d "d[license]=0" \

bin/manageWp.sh

@@ -60,11 +60,18 @@ Init(){
     echo "\n  *** Premier lancement de WP" >& $QUIET
 
     ${SIMU} waitUrl "${WP_URL}"
-    . $KAZ_BIN_DIR/getPasswords.sh wpServ
+
+
+    if [ -n "$WIKICOMMUN" ]; then 
+        . $KAZ_KEY_DIR/env-wpServ
+    else
+        . $KAZ_KEY_DIR/orgas/$ORGA/env-wpServ
+    fi
+
     ${SIMU} curl -X POST \
-        -d "user_name=${wpServ_WORDPRESS_ADMIN_USER}" \
+        -d "user_name=${WORDPRESS_ADMIN_USER}" \
-        -d "admin_password=${wpServ_WORDPRESS_ADMIN_PASSWORD}" \
+        -d "admin_password=${WORDPRESS_ADMIN_PASSWORD}" \
-        -d "admin_password2=${wpServ_WORDPRESS_ADMIN_PASSWORD}" \
+        -d "admin_password2=${WORDPRESS_ADMIN_PASSWORD}" \
         -d "pw_weak=true" \
         -d "admin_email=admin@kaz.bzh" \
         -d "blog_public=0" \

bin/scriptBorg.sh

@@ -17,9 +17,13 @@ KAZ_ROOT=$(cd "$(dirname $0)"/..; pwd)
 . $KAZ_ROOT/bin/.commonFunctions.sh
 setKazVars
 . $DOCKERS_ENV
-. $KAZ_BIN_DIR/getPasswords.sh borg
+. ${KAZ_KEY_DIR}/env-borg
-
+# Si la variable SCRIPTBORG est renseignée avec un fichier on le source 
-VERSION="V-10-03-2025"
+if [ ! -z ${SCRIPTBORG} ]
+then
+	[ -f ${SCRIPTBORG} ] && . ${SCRIPTBORG}
+fi
+VERSION="V-07-08-2025"
 PRG=$(basename $0)
 RACINE=$(echo $PRG | awk '{print $1}')
 #IFS=' '

bin/secretGen.sh

@@ -114,11 +114,12 @@ crossVarComplete(){
 	else
 		echo "Remplissage $FILENAME" >& $SORTIESTANDARD
 
+		. $$DIR/env-$envname
+
 		varnames=$(grep -Eo '@@crossvar@@[^@]*@@cv@@' $FILENAME | sed -e 's/@@crossvar@@//' -e 's/@@cv@@//')
 		for varname in $varnames; do 
 			envname=${varname%%_*}
-			value=$(/$KAZ_BIN_DIR/getPasswords.sh -e $varname $envname -d $ORGA)
+			$SIMU sed -i "s/@@crossvar@@$varname@@cv@@/${!varname}/"  $DIR/*; 
-			$SIMU sed -i "s/@@crossvar@@$varname@@cv@@/${value}/"  $DIR/*; 
 		
 		done
 

config/container-proxy.list.tmpl

@@ -1,2 +1,2 @@
-proxy
+# proxy
-#traefik
+traefik

config/container-withMail.list.tmpl

@@ -4,7 +4,7 @@ dokuwiki
 paheko
 gitea
 jirafeau
-mattermost
+#mattermost
 roundcube
 mobilizon
 vaultwarden

config/dockers.tmpl.env

@@ -101,7 +101,7 @@ snappymailHost=snappymail
 ########################################
 # ports internes
 
-matterPort=8000
+matterPort=8065
 imapsyncPort=8080
 apikaz=5000
 

config/orgaTmpl/docker-compose.yml

@@ -218,6 +218,7 @@ services:
 #}}
 #{{spip
   spip:
+    container_name: ${orga}-${spipServName}
     image: ipeos/spip:4.4
     restart: ${restartPolicy}
     depends_on:

config/orgaTmpl/orga-gen.sh

@@ -194,9 +194,12 @@ for ARG in "$@"; do
 	'-wp' | '-word'* )
 	    wp="off"
 	    ;;
-        '-pod' | '-casto'* )
+	'-pod' | '-casto'* )
-            castopod="off"
+		castopod="off"
-            ;;
+		;;
+	'-spip' )
+		spip="off"
+		;;
 	'+paheko' )
 	    paheko="on"
 	    ;;	    
@@ -413,7 +416,7 @@ if [[ -n "${STAGE_DEFAULT}${STAGE_CREATE}" ]]; then
     ln -sf ../../config/orgaTmpl/orga-rm.sh
     ln -sf ../../config/orgaTmpl/init-paheko.sh    
     #ln -sf ../../config/orgaTmpl/initdb.d/
-    ln -sf ../../config/orgaTmpl/app/
+    #ln -sf ../../config/orgaTmpl/app/
     ln -sf ../../config/orgaTmpl/wiki-conf/
     ln -sf ../../config/orgaTmpl/reload.sh
     ln -sf ../../config/orgaTmpl/init-db.sh
@@ -444,11 +447,6 @@ fi
 
 if [[ -n "${STAGE_DEFAULT}${STAGE_CREATE}" ]]; then
 
-
-    # ########## create network 
-	## GAEL bizarre, je pense que c'est déjà fait qque part, mais chez moi ça veut pas ... 
-    docker network create "${ORGA}-orgaNet"
-
     # ########## create volume
     ./init-volume.sh
 fi

config/orgaTmpl/secret.tmpl/env-mattermostServ

@@ -1,9 +1,5 @@
-
 MM_ADMIN_EMAIL=@@globalvar@@matterHost@@gv@@@@@globalvar@@domain@@gv@@
 MM_ADMIN_USER=@@user@@mattermost2@@u@@
 MM_ADMIN_PASSWORD=@@pass@@mattermost2@@p@@
-
-
-MM_SQLSETTINGS_DRIVERNAME=postgres
 MM_SQLSETTINGS_DATASOURCE=postgres://@@user@@mattermost@@u@@:@@pass@@mattermost@@p@@@postgres:5432/@@db@@mattermost@@d@@?sslmode=disable&connect_timeout=10
 

config/orgaTmpl/wiki-conf/acl.auth.php

@@ -0,0 +1,10 @@
+# acl.auth.php
+# <?php exit()?>
+# Don't modify the lines above
+#
+# Access Control Lists
+#
+# Auto-generated by install script
+# Date: Sat, 13 Feb 2021 17:42:28 +0000
+*	@ALL	1
+*	@user	8

config/orgaTmpl/wiki-conf/local.php

@@ -0,0 +1,26 @@
+<?php
+/*
+ * Dokuwiki's Main Configuration File - Local Settings
+ * Auto-generated by config plugin
+ * Run for user: felix
+ * Date: Sun, 28 Feb 2021 15:56:13 +0000
+ */
+
+$conf['title'] = 'Kaz';
+$conf['template'] = 'docnavwiki';
+$conf['license'] = 'cc-by-sa';
+$conf['useacl'] = 1;
+$conf['superuser'] = '@admin';
+$conf['manager'] = '@manager';
+$conf['disableactions'] = 'register';
+$conf['remoteuser'] = '';
+$conf['mailfrom'] = 'dokuwiki@kaz.bzh';
+$conf['updatecheck'] = 0;
+$conf['userewrite'] = '1';
+$conf['useslash'] = 1;
+$conf['plugin']['ckgedit']['scayt_auto'] = 'on';
+$conf['plugin']['ckgedit']['scayt_lang'] = 'French/fr_FR';
+$conf['plugin']['ckgedit']['other_lang'] = 'fr';
+$conf['plugin']['smtp']['smtp_host'] = 'smtp.kaz.bzh';
+$conf['plugin']['todo']['CheckboxText'] = 0;
+$conf['plugin']['wrap']['restrictionType'] = '1';

config/orgaTmpl/wiki-conf/users.auth.php

@@ -0,0 +1,13 @@
+# users.auth.php
+# <?php exit()?>
+# Don't modify the lines above
+#
+# Userfile
+#
+# Auto-generated by install script
+# Date: Sat, 13 Feb 2021 17:42:28 +0000
+#
+# Format:
+# login:passwordhash:Real Name:email:groups,comma,separated
+
+admin:$2y$10$GYvFgViXeEUmDViplHEs7eoYV8tmbfsS8wA1vfHQ.tWgW14o9aTjy:admin:contact@kaz.bzh:admin,user

dockers/mattermost/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
 
   app:
-    image: mattermost/mattermost-team-edition:10.9.1
+    image: mattermost/mattermost-team-edition:10.11.1
     container_name: ${mattermostServName}
     restart: ${restartPolicy}
     volumes:
@@ -39,12 +39,12 @@ services:
       - "traefik.http.routers.${mattermostServName}.rule=Host(`${matterHost}.${domain}`)"
       - "traefik.http.services.${mattermostServName}.loadbalancer.server.port=${matterPort}"
       - "traefik.docker.network=mattermostNet"
-    healthcheck:
+#    healthcheck:
-      test: ["CMD", "curl", "-f", "http://app:${matterPort}"]
+#      test: ["CMD", "curl", "-f", "http://app:${matterPort}"]
-      interval: 20s
+#      interval: 20s
-      retries: 10
+#      retries: 10
-      start_period: 20s
+#      start_period: 20s
-      timeout: 10s
+#      timeout: 10s
 
   postgres:
     image: postgres:17-alpine

dockers/mattermost/first.sh

@@ -10,3 +10,7 @@ cd $(dirname $0)
 "${KAZ_BIN_DIR}/gestContainers.sh" --install -M -agora
 
 
+docker exec ${mattermostServName} mmctl auth login https://${matterHost}.${domain} --name local-server --username ${mattermost_MM_ADMIN_USER} --password ${mattermost_MM_ADMIN_PASSWORD}
+docker exec ${mattermostServName} mmctl channel create --team kaz --name "une-question--un-soucis" --display-name "Une question ? Un souci ?"
+docker exec ${mattermostServName} mmctl channel create --team kaz --name "cafe-du-commerce--ouvert-2424h" --display-name "Café du commerce"
+docker exec ${mattermostServName} mmctl channel create --team kaz --name "creation-comptes" --display-name "Création comptes"

dockers/roundcube/docker-compose.yml

@@ -1,7 +1,7 @@
 services:
 
   app:
-    image: roundcube/roundcubemail:1.6.9-apache
+    image: roundcube/roundcubemail
     container_name: ${roundcubeServName}
     restart: ${restartPolicy}
     depends_on:

dockers/spip/docker-compose.yml

@@ -1,5 +1,5 @@
 services:
-  db:
+    db:
     image: mariadb:11.4
     container_name: ${spipDBName}
     restart: ${restartPolicy}

dockers/traefik/docker-compose.tmpl.yml.dist

@@ -1,6 +1,6 @@
 services:
   reverse-proxy:
-    image: traefik:v3.4.1
+    image: traefik:v3.5.1
     container_name: ${traefikServName}
     restart: ${restartPolicy}
     # Enables the web UI and tells Traefik to listen to docker
@@ -23,6 +23,7 @@ services:
       - TRAEFIK_ENTRYPOINTS_websecure_HTTP_TLS_CERTRESOLVER=letsencrypt
       - TRAEFIK_ENTRYPOINTS_websecure_HTTP_MIDDLEWARES=hsts@file,test-ipallowlist@file
       - TRAEFIK_ENTRYPOINTS_websecure_TRANSPORT_RESPONDINGTIMEOUTS_READTIMEOUT=600
+      - TRAEFIK_ENTRYPOINTS_websecure_TRANSPORT_RESPONDINGTIMEOUTS_IDLETIMEOUT=600
       - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_EMAIL=admin@${domain}
       - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_CASERVER=${acme_server}
       - TRAEFIK_CERTIFICATESRESOLVERS_letsencrypt_ACME_STORAGE=/letsencrypt/acme.json
@@ -226,13 +227,13 @@ networks:
 }}
 {{peertube
   peertubeNet:
-    external:true
+    external: true
-    name:peertubeNet
+    name: peertubeNet
 }}
 {{spip
   spipNet:
-    external:true
+    external: true
-    name:spipNet
+    name: spipNet
 }}
 
 

dockers/traefik/proxy-gen.sh

@@ -4,7 +4,7 @@ KAZ_ROOT=$(cd "$(dirname $0)/../.."; pwd)
 . "${KAZ_ROOT}/bin/.commonFunctions.sh"
 setKazVars
 . "${DOCKERS_ENV}"
-. $KAZ_BIN_DIR/getPasswords.sh traefik
+. $KAZ_KEY_DIR/env-traefik
 
 printKazMsg "\n  *** Proxy update config"
 
@@ -16,5 +16,5 @@ PASSFILE=conf/passfile
 cd $(dirname $0)
 
 [[ -f "${DOCKER_TMPL}" ]] || cp "${DOCKER_DIST}" "${DOCKER_TMPL}"
-[[ -f "${PASSFILE}" ]] || printf "${traefik_DASHBOARD_USER}:$( echo ${traefik_DASHBOARD_PASSWORD} | openssl passwd -apr1 -stdin)\n" >> ${PASSFILE}
+[[ -f "${PASSFILE}" ]] || printf "${DASHBOARD_USER}:$( echo ${DASHBOARD_PASSWORD} | openssl passwd -apr1 -stdin)\n" >> ${PASSFILE}
 "${APPLY_TMPL}" -time "${DOCKER_TMPL}" "${DOCKER_CONF}"

secret.tmpl/SetAllPass.sh

@@ -1,66 +0,0 @@
-#!/bin/bash
-
-# Attention à cause des scripts pas de ["'/] dans les mot de passe
-
-
-# A COPIER DANS UN FICHIER DE CONF !! ->  mattermostAdmin
-# pour envoyer des messages sur l'agora avec mmctl
-mattermost_user="admin-mattermost"
-mattermost_pass="--clean_val--"
-mattermost_token="xxx-private"
-
-
-##################
-# A DEPLACER DANS DOCKER ENV
-#qui envoi le mail d'inscription ?
-EMAIL_CONTACT="toto@kaz.bzh"
-
-
-# A COPIER DANS UN FICHIER DE CONF !! ->  paheko
-##################
-# Paheko
-paheko_API_USER="admin-api"
-paheko_API_PASSWORD="--clean_val--"
-
-
-
-# A virer dans koffre
-##################
-#Compte sur outlook.com
-outlook_user="kaz-user@outlook.fr"
-outlook_pass="--clean_val--"
-
-
-# A COPIER DANS UN FICHIER DE CONF !! ->  mail
-service_mail=admin-kaz@kaz.bzh
-service_password="--clean_val--"
-
-##################
-#Borg
-
-# A COPIER DANS UN FICHIER DE CONF !! ->  borg
-BORG_REPO="/mnt/backup-nas1/BorgRepo"
-BORG_PASSPHRASE="--clean_val--"
-VOLUME_SAUVEGARDES="/mnt/backup-nas1"
-MAIL_RAPPORT="a@${domain};b@${domain};c@${domain}"
-BORGMOUNT="/mnt/disk-nas1/tmp/repo_mount"
-
-
-#####################
-#Traefik
-
-# A COPIER DANS UN FICHIER DE CONF !! ->  traefik
-traefik_DASHBOARD_USER="admin"
-traefik_DASHBOARD_PASSWORD="--clean_val--"
-
-
-
-#####################
-# Castopod
-# A COPIER DANS UN FICHIER DE CONF !! castopodAdmin
-
-castopod_ADMIN_USER=adminKaz
-castopod_ADMIN_MAIL=admin@${domain}
-castopod_ADMIN_PASSWORD="--clean_val--"
-
-

secret.tmpl/env-borg

@@ -1,17 +1,17 @@
-VOLUME_SAUVEGARDES=
+borg_VOLUME_SAUVEGARDES=
-BORG_REPO=
+borg_BORG_REPO=
-BORG_PASSPHRASE=@@token@@borg@@t@@
+borg_BORG_PASSPHRASE=@@token@@borg@@t@@
-BORGLOG="/var/log/borg"
+borg_BORGLOG="/var/log/borg"
-BORG_FIC_DEL="/tmp/sauvegarde_supp.txt"
+borg_BORG_FIC_DEL="/tmp/sauvegarde_supp.txt"
-BORG_EXCLUDE_BACKUP=
+borg_BORG_EXCLUDE_BACKUP=
-MAIL_RAPPORT=a@@@globalvar@@domain@@gv@@;b@@@globalvar@@domain@@gv@@;c@@@globalvar@@domain@@gv@@
+borg_MAIL_RAPPORT=a@@@globalvar@@domain@@gv@@;b@@@globalvar@@domain@@gv@@;c@@@globalvar@@domain@@gv@@
-LISTREPSAUV=
+borg_LISTREPSAUV=
-BORGMOUNT="/mnt/repo_borg"
+borg_BORGMOUNT="/mnt/repo_borg"
-MAILOK=
+borg_MAILOK=
-MAILWARNING=
+borg_MAILWARNING=
-MAILDETAIL=
+borg_MAILDETAIL=
-BACKUPS_KEEP="4m"
+borg_BACKUPS_KEEP="4m"
-NB_BACKUPS_JOUR=90
+borg_NB_BACKUPS_JOUR=90
-NB_BACKUPS_SEM=30
+borg_NB_BACKUPS_SEM=30
-NB_BACKUPS_MOIS=12
+borg_NB_BACKUPS_MOIS=12
-BORGSCRIPTS=/root/borgscripts
+borg_BORGSCRIPTS=/root/borgscripts

secret.tmpl/env-castopodDB

@@ -2,3 +2,6 @@ MYSQL_ROOT_PASSWORD=@@pass@@castopod@@p@@
 MYSQL_USER=@@user@@castopod1@@u@@
 MYSQL_PASSWORD=@@pass@@castopod1@@p@@
 MYSQL_DATABASE=@@db@@castopod1@@d@@
+CP_DATABASE_NAME=@@db@@castopod1@@d@@
+CP_DATABASE_USERNAME=@@user@@castopod1@@u@@
+CP_DATABASE_PASSWORD=@@pass@@castopod1@@p@@

secret.tmpl/env-mattermostDB

@@ -1,9 +1,4 @@
-
-MYSQL_ROOT_PASSWORD=@@pass@@mattermostroot@@p@@
-MYSQL_DATABASE=@@db@@mattermost@@d@@
-MYSQL_USER=@@user@@mattermost@@u@@
-MYSQL_PASSWORD=@@pass@@mattermost@@p@@
-
 POSTGRES_USER=@@user@@mattermost@@u@@
 POSTGRES_PASSWORD=@@pass@@mattermost@@p@@
 POSTGRES_DB=@@db@@mattermost@@d@@
+

secret.tmpl/env-mattermostServ

@@ -1,9 +1,5 @@
-
 MM_ADMIN_EMAIL=@@globalvar@@matterHost@@gv@@@@@globalvar@@domain@@gv@@
 MM_ADMIN_USER=@@user@@mattermost2@@u@@
 MM_ADMIN_PASSWORD=@@pass@@mattermost2@@p@@
-
-
-MM_SQLSETTINGS_DRIVERNAME=postgres
 MM_SQLSETTINGS_DATASOURCE=postgres://@@user@@mattermost@@u@@:@@pass@@mattermost@@p@@@postgres:5432/@@db@@mattermost@@d@@?sslmode=disable&connect_timeout=10