Added SSO support for new installs and convertdomain
This commit is contained in:
root
parent
ec55682f70
commit
f81f3ea65c
@ -121,7 +121,7 @@ convert_traefik() {
|
||||
rm -rf /federated/apps/traefik/data/letsencrypt/acme.json
|
||||
|
||||
# Start Traefik
|
||||
docker compose -f /federated/apps/traefik/docker-compose.yml -p traefik up -d &> /dev/null
|
||||
docker-compose -f /federated/apps/traefik/docker-compose.yml -p traefik up -d &> /dev/null
|
||||
|
||||
# Keep trying to see that certificates are generated
|
||||
RETRY="20"
|
||||
@ -134,7 +134,7 @@ convert_traefik() {
|
||||
break
|
||||
else
|
||||
if [ "$RETRY" == 1 ]; then
|
||||
docker compose -f /federated/apps/traefik/docker-compose.yml -p traefik down &> /dev/null
|
||||
docker-compose -f /federated/apps/traefik/docker-compose.yml -p traefik down &> /dev/null
|
||||
failcheck "There was a problem starting service /federated/apps/traefik\nCheck the output of 'docker logs traefik'"
|
||||
fi
|
||||
((RETRY--))
|
||||
@ -497,6 +497,14 @@ fi
|
||||
# Remove configs
|
||||
rm /federated/apps/nextcloud/data/var/www/html/config.sh /federated/apps/nextcloud/data/var/www/html/configs.json
|
||||
|
||||
# Configure SSO to Authelia
|
||||
NEXTCLOUD_CLIENT_SECRET=$(cat /federated/apps/nextcloud/.nextcloud.client.secret)
|
||||
docker exec -u 33 nextcloud /var/www/html/occ user_oidc:provider:delete Authelia -f
|
||||
docker exec -u 33 nextcloud /var/www/html/occ config:system:set allow_local_remote_servers --value=true
|
||||
docker exec -u 33 nextcloud /var/www/html/occ app:enable user_oidc
|
||||
docker exec -u 33 nextcloud /var/www/html/occ config:system:set --value=true --type=boolean user_oidc use_pkce
|
||||
docker exec -u 33 nextcloud /var/www/html/occ user_oidc:provider Authelia --clientid="nextcloud" --clientsecret="$NEXTCLOUD_CLIENT_SECRET" --discoveryuri="https://authelia.$DOMAIN_NEW/.well-known/openid-configuration" --mapping-uid=name --endsessionendpointuri=https://authelia.$DOMAIN_NEW/logout
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
convert_matrix() {
|
||||
@ -534,8 +542,8 @@ convert_matrix() {
|
||||
# Insert our Postgres and LDAP config
|
||||
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
||||
|
||||
web_client_location: https://element.$DOMAIN_NEW/
|
||||
public_baseurl: https://matrix.$DOMAIN_NEW:443/
|
||||
web_client_location: https://element.$DOMAIN/
|
||||
public_baseurl: https://matrix.$DOMAIN_NEW/
|
||||
serve_server_wellknown: true
|
||||
turn_uris: [ "turn:turn.$DOMAIN_NEW?transport=udp", "turn:turn.$DOMAIN_NEW?transport=tcp" ]
|
||||
turn_shared_secret: "$COTURN_MATRIX_SECRET"
|
||||
@ -595,6 +603,7 @@ EOF
|
||||
# sed -i "s#$DOMAIN.crt#$DOMAIN_NEW.crt#g" /federated/apps/matrix/data/matrix/homeserver.yaml
|
||||
# sed -i "s#$DOMAIN.key#$DOMAIN_NEW.key#g" /federated/apps/matrix/data/matrix/homeserver.yaml
|
||||
|
||||
|
||||
# Grab the container IP from docker-compose
|
||||
SERVICE_IP=`grep ipv4_address /federated/apps/matrix/docker-compose.yml | awk '{ print $2 }'`
|
||||
|
||||
@ -606,6 +615,32 @@ EOF
|
||||
# Set admin user as admin in Matrix
|
||||
docker exec postgresql psql -U matrix -c "update users set admin='1' where name='\"@admin:matrix.$DOMAIN_NEW\"'" &> /dev/null
|
||||
|
||||
# Configure SSO to Authelia
|
||||
MATRIX_CLIENT_SECRET=$(cat /federated/apps/matrix/.matrix.client.secret)
|
||||
|
||||
cat >> /federated/apps/matrix/data/matrix/homeserver.yaml <<EOF
|
||||
oidc_providers:
|
||||
- idp_id: authelia
|
||||
idp_name: "Authelia"
|
||||
idp_icon: "mxc://authelia.com/cKlrTPsGvlpKxAYeHWJsdVHI"
|
||||
discover: true
|
||||
issuer: "https://authelia.$DOMAIN_NEW"
|
||||
client_id: "matrix"
|
||||
client_secret: "$MATRIX_CLIENT_SECRET"
|
||||
scopes: ["openid", "profile", "email"]
|
||||
allow_existing_users: true
|
||||
user_mapping_provider:
|
||||
config:
|
||||
subject_claim: "sub"
|
||||
localpart_template: "{{ user.name }}"
|
||||
display_name_template: "{{ user.name }}"
|
||||
email_template: "{{ user.email }}"
|
||||
EOF
|
||||
|
||||
# Restart Matrix for changes to take the above configuration
|
||||
run_command "/federated/bin/stop matrix"
|
||||
run_command "/federated/bin/start matrix"
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
convert_element() {
|
||||
@ -752,10 +787,16 @@ convert_gitea() {
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service_convert "gitea" "nc -z $SERVICE_IP 3000 &> /dev/null"
|
||||
|
||||
# Delete tne current admin and create the admin user with new domain name
|
||||
# Delete the current admin and create the admin user with new domain name
|
||||
docker exec --user 1000 gitea bash -c "gitea admin user delete --id 1"
|
||||
docker exec --user 1000 gitea gitea admin user create --admin --username gitea --password $ADMINPASS --email admin@$DOMAIN_NEW
|
||||
|
||||
# Configure SSO to Authelia
|
||||
GITEA_CLIENT_SECRET=$(cat /federated/apps/gitea/.gitea.client.secret)
|
||||
GITEA_AUTH_ID=$(docker exec --user 1000 gitea gitea admin auth list | tail -1 | awk '{ print $1 }')
|
||||
docker exec --user 1000 gitea gitea admin auth delete --id ${GITEA_AUTH_ID}
|
||||
docker exec --user 1000 gitea gitea admin auth add-oauth --name "Authelia" --provider "openidConnect" --key "gitea" --secret "$GITEA_CLIENT_SECRET" --auto-discover-url "https://authelia.$DOMAIN_NEW/.well-known/openid-configuration" --skip-local-2fa "true" --scopes "openid email profile" --group-claim-name "groups" --admin-group "admin" --restricted-group "guest"
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
convert_caddy() {
|
||||
@ -842,6 +883,8 @@ convert_wordpress() {
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD wordpress -e \"update wp_users set user_email='admin@$DOMAIN_NEW' where ID='1';\""
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD wordpress -e \"update wp_usermeta set meta_value='admin@$DOMAIN_NEW' where meta_value='admin@$DOMAIN';\""
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD wordpress -e \"update wp_users set display_name='admin@$DOMAIN_NEW' where ID='1';\""
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD wordpress -e \"update wp_options set option_value = '$ORG_NEW Blog' where option_name = 'blogname';\""
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD wordpress -e \"update wp_options set option_value = 'admin@$DOMAIN_NEW' where option_name = 'admin_email';\""
|
||||
|
||||
# Grab the container IP from docker-compose
|
||||
SERVICE_IP=`grep ipv4_address /federated/apps/wordpress/docker-compose.yml | awk '{ print $2 }'`
|
||||
@ -878,6 +921,18 @@ convert_bookstack() {
|
||||
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD bookstack -e \"update users set email='admin@$DOMAIN_NEW' where id = 1;\""
|
||||
|
||||
# Setup external_auth_id for each user in bookstack users table
|
||||
BOOKSTACK_SECRET=$(cat /federated/apps/bookstack/.env | grep "DB_PASS" | awk -F= '{ print $2 }')
|
||||
# for i in $(docker exec pdnsmysql mysql -ubookstack -p${BOOKSTACK_SECRET} bookstack -sN -e "select email from users;"); do
|
||||
# docker exec pdnsmysql mysql -ubookstack -p${BOOKSTACK_SECRET} bookstack -e "update users set external_auth_id = '$i' where email = '$i'";
|
||||
# done
|
||||
|
||||
for i in $(docker exec pdnsmysql mysql -ubookstack -p${BOOKSTACK_SECRET} bookstack -sN -e "select name from users;"); do
|
||||
NAME_LOWERCASE=$(echo "$i" | tr '[:upper:]' '[:lower:]');
|
||||
docker exec pdnsmysql mysql -ubookstack -p${BOOKSTACK_SECRET} bookstack -sN -e "update users set email = '$NAME_LOWERCASE@$DOMAIN_NEW' where name = '$i';";
|
||||
docker exec pdnsmysql mysql -ubookstack -p${BOOKSTACK_SECRET} bookstack -sN -e "update users set external_auth_id = '$NAME_LOWERCASE@$DOMAIN_NEW' where name = '$i';";
|
||||
done
|
||||
|
||||
# Grab the container IP from docker-compose
|
||||
SERVICE_IP=`grep ipv4_address /federated/apps/bookstack/docker-compose.yml | awk '{ print $2 }'`
|
||||
|
||||
@ -922,6 +977,10 @@ convert_espocrm() {
|
||||
#### Convert EspoCRM
|
||||
echo -ne "\n* Converting espocrm.."
|
||||
|
||||
# Grab the SSO client secret for config below before removing espocrm
|
||||
ESPOCRM_CLIENT_SECRET=$(cat /federated/apps/espocrm/.env | grep ESPOCRM_CONFIG_OIDC_CLIENT_SECRET | awk -F= '{ print $2 }')
|
||||
ESPOCRM_IMAGE_VERSION=$(cat /federated/apps/espocrm/.env | grep IMAGE_VERSION | awk -F\" '{ print $2 }')
|
||||
|
||||
rm -rf /federated/apps/espocrm
|
||||
mkdir -p /federated/apps/espocrm/data/var/www/html
|
||||
|
||||
@ -934,6 +993,8 @@ services:
|
||||
container_name: espocrm
|
||||
hostname: espocrm.$DOMAIN_NEW
|
||||
restart: always
|
||||
extra_hosts:
|
||||
- "authelia.$DOMAIN_NEW:$EXTERNALIP"
|
||||
networks:
|
||||
core:
|
||||
ipv4_address: 192.168.0.39
|
||||
@ -955,7 +1016,7 @@ EOF
|
||||
ESPOCRM_SECRET=$(create_password);
|
||||
|
||||
cat > /federated/apps/espocrm/.env <<EOF
|
||||
IMAGE_VERSION="8.0.5-apache"
|
||||
IMAGE_VERSION="$ESPOCRM_IMAGE_VERSION"
|
||||
ESPOCRM_DATABASE_HOST=pdnsmysql.$DOMAIN_NEW
|
||||
ESPOCRM_DATABASE_NAME=espocrm
|
||||
ESPOCRM_DATABASE_USER=espocrm
|
||||
@ -1012,6 +1073,36 @@ chmod 600 /federated/apps/espocrm/.env
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service_convert "espocrm" "nc -z $SERVICE_IP 80 &> /dev/null"
|
||||
|
||||
# Configure SSO to Authelia
|
||||
cat >> /federated/apps/espocrm/.env <<EOF
|
||||
ESPOCRM_CONFIG_AUTHENTICATION_METHOD=Oidc
|
||||
ESPOCRM_CONFIG_OIDC_USERNAME_CLAIM=preferred_username
|
||||
ESPOCRM_CONFIG_OIDC_FALLBACK=true
|
||||
ESPOCRM_CONFIG_OIDC_CLIENT_ID=espocrm
|
||||
ESPOCRM_CONFIG_OIDC_CLIENT_SECRET=$ESPOCRM_CLIENT_SECRET
|
||||
ESPOCRM_CONFIG_OIDC_AUTHORIZATION_ENDPOINT=https://authelia.$DOMAIN_NEW/api/oidc/authorization
|
||||
ESPOCRM_CONFIG_OIDC_TOKEN_ENDPOINT=https://authelia.$DOMAIN_NEW/api/oidc/token
|
||||
ESPOCRM_CONFIG_OIDC_JWKS_ENDPOINT=https://authelia.$DOMAIN_NEW/jwks.json
|
||||
ESPOCRM_CONFIG_OIDC_LOGOUT_URL=https://authelia.$DOMAIN_NEW/logout
|
||||
ESPOCRM_CONFIG_OIDC_CREATE_USER=true
|
||||
ESPOCRM_CONFIG_OIDC_ALLOW_ADMIN_USER=true
|
||||
ESPOCRM_CONFIG_OIDC_SYNC=false
|
||||
ESPOCRM_CONFIG_OIDC_SYNC_TEAMS=false
|
||||
ESPOCRM_CONFIG_OIDC_ALLOW_REGULAR_USER_FALLBACK=false
|
||||
ESPOCRM_CONFIG_OIDC_AUTHORIZATION_PROMPT=consent
|
||||
EOF
|
||||
|
||||
# Add in Scopes after authenticationMethod
|
||||
sed -i "/oidcScopes/{n;N;N;N;d}" /federated/apps/espocrm/data/var/www/html/data/config.php
|
||||
sed -i "/oidcScopes/d" /federated/apps/espocrm/data/var/www/html/data/config.php
|
||||
sed -i "/authenticationMethod/a \ 'oidcScopes' => [\n\ 0 => 'profile',\n\ 1 => 'email',\n\ 2 => 'groups',\n\ 3 => 'openid'\n\ ]," /federated/apps/espocrm/data/var/www/html/data/config.php
|
||||
|
||||
# Set auth method to Oidc only
|
||||
sed -i "s/ESPOCRM_CONFIG_AUTHENTICATION_METHOD=LDAP/#ESPOCRM_CONFIG_AUTHENTICATION_METHOD=LDAP/g" /federated/apps/espocrm/.env
|
||||
|
||||
run_command "/federated/bin/stop espocrm"
|
||||
run_command "/federated/bin/start espocrm"
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
convert_dashboard() {
|
||||
@ -1035,6 +1126,7 @@ convert_roundcube() {
|
||||
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/roundcube/docker-compose.yml
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/roundcube/.env
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/roundcube/data/var/www/html/config/config.inc.php
|
||||
|
||||
# Grab the container IP from docker-compose
|
||||
SERVICE_IP=`grep ipv4_address /federated/apps/roundcube/docker-compose.yml | awk '{ print $2 }'`
|
||||
@ -1044,6 +1136,72 @@ convert_roundcube() {
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
convert_authelia() {
|
||||
#### Convert Authelia
|
||||
echo -ne "\n* Converting authelia.."
|
||||
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/authelia/docker-compose.yml
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/authelia/.env
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/authelia/data/config/configuration.yml
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/authelia/data/config/idproviders.yml
|
||||
|
||||
if [ "${#DOMAIN_ARRAY[@]}" -eq "3" ]; then
|
||||
sed -i "s#dc=federatedcomputer,dc=cloud#dc=$DOMAIN_FIRST,dc=$DOMAIN_MIDDLE,dc=$DOMAIN_LAST#g" /federated/apps/authelia/.env
|
||||
else
|
||||
sed -i "s#dc=federatedcomputer,dc=cloud#dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST#g" /federated/apps/authelia/.env
|
||||
fi
|
||||
|
||||
# Configure SSO to Authelia
|
||||
# Delete the entries in the pdns settings table
|
||||
[[ -d "/federated/apps/pdnsmysql/data/var/lib/mysql/pdnsadmin" ]] && POWERDNS_DB="pdnsadmin" || POWERDNS_DB="pdns"
|
||||
docker exec pdnsmysql mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e "delete from setting where name like '%oidc_oauth%';"
|
||||
|
||||
POWERDNS_CLIENT_SECRET=$(cat /federated/apps/authelia/.powerdns.client.secret)
|
||||
|
||||
# Insert PowerDNS configuration because we need an initial
|
||||
# config for Authelia to run
|
||||
PDNS_MYSQL_COMMAND1="insert into setting (name, value) values (\"oidc_oauth_enabled\", \"True\");insert into setting (name, value) values (\"oidc_oauth_key\", \"powerdns\");"
|
||||
PDNS_MYSQL_COMMAND2="insert into setting (name, value) values (\"oidc_oauth_scope\", \"openid profile groups email\");insert into setting (name, value) values (\"oidc_oauth_api_url\", \"https://authelia.$DOMAIN_NEW/api/oidc/userinfo\");"
|
||||
PDNS_MYSQL_COMMAND3="insert into setting (name, value) values (\"oidc_oauth_auto_configure\", \"True\");insert into setting (name, value) values (\"oidc_oauth_metadata_url\", \"https://authelia.$DOMAIN_NEW/.well-known/openid-configuration\");"
|
||||
PDNS_MYSQL_COMMAND4="insert into setting (name, value) values (\"oidc_oauth_token_url\", \"\");insert into setting (name, value) values (\"oidc_oauth_authorize_url\", \"\");"
|
||||
PDNS_MYSQL_COMMAND5="insert into setting (name, value) values (\"oidc_oauth_logout_url\", \"https://authelia.$DOMAIN_NEW/logout\");insert into setting (name, value) values (\"oidc_oauth_username\", \"preferred_username\");"
|
||||
PDNS_MYSQL_COMMAND6="insert into setting (name, value) values (\"oidc_oauth_email\", \"email\");insert into setting (name, value) values (\"oidc_oauth_firstname\", \"preferred_username\");"
|
||||
PDNS_MYSQL_COMMAND7="insert into setting (name, value) values (\"oidc_oauth_last_name\", \"name\");insert into setting (name, value) values (\"oidc_oauth_account_name_property\", \"preferred_username\");"
|
||||
PDNS_MYSQL_COMMAND8="insert into setting (name, value) values (\"oidc_oauth_account_description_property\", \"name\");insert into setting (name, value) values (\"oidc_oauth_secret\", \"$POWERDNS_CLIENT_SECRET\");"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND1;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND2;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND3;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND4;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND5;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND6;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND7;'"
|
||||
docker exec pdnsmysql bash -c "mysql -uroot -p$MYSQL_ROOTPASSWORD $POWERDNS_DB -e '$PDNS_MYSQL_COMMAND8;'"
|
||||
|
||||
# Grab the container IP from docker-compose
|
||||
SERVICE_IP=`grep ipv4_address /federated/apps/authelia/docker-compose.yml | awk '{ print $2 }'`
|
||||
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
start_service_convert "authelia" "nc -z $SERVICE_IP 9091 &> /dev/null"
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
convert_jitsiopenid() {
|
||||
#### Convert JitsiOpenID
|
||||
echo -ne "\n* Converting jitsiopenid.."
|
||||
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/jitsiopenid/docker-compose.yml
|
||||
sed -i "s#$DOMAIN#$DOMAIN_NEW#g" /federated/apps/jitsiopenid/.env
|
||||
|
||||
# Grab the container IP from docker-compose
|
||||
SERVICE_IP=`grep ipv4_address /federated/apps/jitsiopenid/docker-compose.yml | awk '{ print $2 }'`
|
||||
|
||||
# Start service with command to make sure it's up before proceeding
|
||||
run_command "/federated/bin/start jitsiopenid"
|
||||
|
||||
echo -ne "done."
|
||||
}
|
||||
|
||||
usage() {
|
||||
echo "$0: <domain.com> <organization name>"
|
||||
exit 2
|
||||
|
||||
@ -87,8 +87,10 @@ elif [ "$BUNDLE" = "better" ]; then
|
||||
CORE_APPS=("pdnsmysql" "pdns" "pdnsadmin" "traefik" "postgresql" "ldap")
|
||||
EXTRA_APPS=("mail" "collabora" "nextcloud" "autodiscover" "panel" "vaultwarden" "dashboard" "roundcube" "wordpress" "wireguard" "matrix" "element" "jitsi" "espocrm")
|
||||
elif [ "$BUNDLE" = "best" ]; then
|
||||
CORE_APPS=("pdnsmysql" "pdns" "pdnsadmin" "traefik" "postgresql" "ldap")
|
||||
EXTRA_APPS=("mail" "collabora" "nextcloud" "autodiscover" "panel" "vaultwarden" "dashboard" "roundcube" "wordpress" "wireguard" "matrix" "element" "jitsi" "espocrm" "baserow" "bookstack" "gitea" "freescout")
|
||||
# CORE_APPS=("pdnsmysql" "pdns" "pdnsadmin" "traefik" "postgresql" "ldap")
|
||||
# EXTRA_APPS=("mail" "collabora" "nextcloud" "autodiscover" "panel" "vaultwarden" "dashboard" "roundcube" "wordpress" "wireguard" "matrix" "element" "jitsi" "espocrm" "baserow" "bookstack" "gitea" "freescout")
|
||||
CORE_APPS=("pdnsmysql" "pdns" "pdnsadmin" "traefik" "postgresql" "ldap" "mail")
|
||||
EXTRA_APPS=("authelia" "collabora" "nextcloud" "autodiscover" "panel" "vaultwarden" "dashboard" "roundcube" "wordpress" "wireguard" "matrix" "element" "jitsi" "espocrm" "baserow" "bookstack" "gitea" "freescout")
|
||||
else
|
||||
CORE_APPS=("pdnsmysql" "pdns" "pdnsadmin" "traefik" "postgresql" "ldap")
|
||||
EXTRA_APPS=("mail" "collabora" "nextcloud" "autodiscover" "panel" "vaultwarden" "dashboard" "roundcube" "wordpress" "wireguard" "matrix" "element" "jitsi" "espocrm" "baserow" "bookstack" "gitea" "freescout")
|
||||
@ -132,6 +134,12 @@ done
|
||||
|
||||
wait
|
||||
|
||||
# Configure SSO for each app
|
||||
for i in "${EXTRA_APPS[@]}"; do
|
||||
. /federated/lib/$i.sh
|
||||
[[ $(type -t configsso_$i) == function ]] && configsso_$i
|
||||
done
|
||||
|
||||
# Add cron jobs for backup, upgrade, dumpcerts
|
||||
add_cron
|
||||
run_finishtasks
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user