146 lines
5.2 KiB
Bash
146 lines
5.2 KiB
Bash
#!/bin/bash
|
|
#
|
|
# Federated Stack NextCloud
|
|
|
|
PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
|
|
|
config_nextcloud() {
|
|
echo -ne "\n* Configuring fstack/nextcloud container.."
|
|
spin &
|
|
SPINPID=$!
|
|
|
|
# if [ ! -d "fstack/nextcloud" ]; then
|
|
mkdir -p fstack/nextcloud/data/root/certs &> /dev/null
|
|
mkdir -p fstack/nextcloud/data/var/www/html &> /dev/null
|
|
cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/nextcloud/data/root/certs/
|
|
# fi
|
|
|
|
DOMAIN_ARRAY=(${DOMAIN//./ })
|
|
DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
|
|
DOMAIN_LAST=${DOMAIN_ARRAY[1]}
|
|
|
|
cat > fstack/nextcloud/docker-compose.yml <<EOF
|
|
version: '3.8'
|
|
|
|
services:
|
|
nextcloud:
|
|
image: nextcloud:latest
|
|
container_name: nextcloud
|
|
hostname: nextcloud.$DOMAIN
|
|
domainname: $DOMAIN
|
|
restart: always
|
|
networks:
|
|
fstack:
|
|
ipv4_address: 172.99.0.15
|
|
ports:
|
|
- "8000:80"
|
|
volumes:
|
|
- ./data/root:/root
|
|
- ./data/var/www/html:/var/www/html
|
|
environment:
|
|
- SQLITE_DATABASE=db1
|
|
- NEXTCLOUD_ADMIN_USER=nextcloud
|
|
- NEXTCLOUD_ADMIN_PASSWORD=$ADMINPASS
|
|
# - NEXTCLOUD_TRUSTED_DOMAINS=northendnetwork.com
|
|
# - VIRTUAL_HOST=nextcloud.northendnetwork.com
|
|
# - NEXTCLOUD_LDAP_HOST=ldap.northendnetwork.com
|
|
|
|
networks:
|
|
fstack:
|
|
external: true
|
|
EOF
|
|
|
|
cat > fstack/nextcloud/data/root/nextcloud.sh <<EOF
|
|
#!/bin/sh
|
|
|
|
./occ app:enable user_ldap
|
|
./occ ldap:create-empty-config
|
|
./occ ldap:set-config s01 ldapHost 'ldaps://ldap.$DOMAIN'
|
|
./occ ldap:set-config s01 ldapAgentName cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
|
|
./occ ldap:set-config s01 ldapAgentPassword $ADMINPASS
|
|
./occ ldap:set-config s01 ldapBase ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
|
|
./occ ldap:set-config s01 ldapBaseGroups ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
|
|
./occ ldap:set-config s01 ldapBaseUsers ou=people,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
|
|
./occ ldap:set-config s01 ldapEmailAttribute mail
|
|
./occ ldap:set-config s01 ldapGidNumber gidNumber
|
|
./occ ldap:set-config s01 ldapGroupDisplayName cn
|
|
./occ ldap:set-config s01 ldapGroupFilter '(&(|(objectclass=inetOrgPerson)))'
|
|
./occ ldap:set-config s01 ldapGroupFilterMode 0
|
|
./occ ldap:set-config s01 ldapGroupFilterObjectclass inetOrgPerson
|
|
./occ ldap:set-config s01 ldapGroupMemberAssocAttr gidNumber
|
|
./occ ldap:set-config s01 ldapLoginFilter '(&(|(objectclass=inetOrgPerson))(uid=%uid))'
|
|
./occ ldap:set-config s01 ldapLoginFilterEmail 0
|
|
./occ ldap:set-config s01 ldapLoginFilterMode 0
|
|
./occ ldap:set-config s01 ldapLoginFilterUsername 1
|
|
./occ ldap:set-config s01 ldapLoginFilterEmail 0
|
|
./occ ldap:set-config s01 ldapMatchingRuleInChainState unknown
|
|
./occ ldap:set-config s01 ldapNestedGroups 0
|
|
./occ ldap:set-config s01 ldapPagingSize 500
|
|
./occ ldap:set-config s01 ldapPort 636
|
|
./occ ldap:set-config s01 ldapTLS 1
|
|
./occ ldap:set-config s01 ldapUserAvatarRule default
|
|
./occ ldap:set-config s01 ldapUserDisplayName cn
|
|
./occ ldap:set-config s01 ldapUserFilter '(|(objectclass=inetOrgPerson))'
|
|
./occ ldap:set-config s01 ldapUserFilterMode 0
|
|
./occ ldap:set-config s01 ldapUserFilterObjectclass inetOrgPerson
|
|
./occ ldap:set-config s01 ldapUuidGroupAttribute auto
|
|
./occ ldap:set-config s01 ldapUuidUserAttribute auto
|
|
./occ ldap:set-config s01 turnOffCertCheck 0
|
|
./occ ldap:set-config s01 turnOnPasswordChange 0
|
|
./occ ldap:set-config s01 useMemberOfToDetectMembership 1
|
|
./occ ldap:set-config s01 ldapConfigurationActive 1
|
|
./occ config:system:delete trusted_domains
|
|
./occ config:system:set trusted_domains 1 --value=*
|
|
EOF
|
|
|
|
chmod +x fstack/nextcloud/data/root/nextcloud.sh
|
|
|
|
kill -9 $SPINPID &> /dev/null
|
|
echo -ne "done."
|
|
}
|
|
|
|
start_nextcloud() {
|
|
echo -ne "\n* Starting fstack/nextcloud service.."
|
|
spin &
|
|
SPINPID=$!
|
|
|
|
if [ $DEBUG ]; then
|
|
# Start fstack/nextcloud with output to console for debug
|
|
docker-compose -f fstack/nextcloud/docker-compose.yml -p nextcloud up
|
|
[ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/nextcloud"
|
|
else
|
|
docker-compose -f fstack/nextcloud/docker-compose.yml -p nextcloud up -d &> /dev/null
|
|
|
|
# Keep trying nextcloud port 8000 to make sure it's up
|
|
# before we proceed
|
|
RETRY="23"
|
|
while [ $RETRY -gt 0 ]; do
|
|
nc -z 172.99.0.15 80 &> /dev/null
|
|
if [ $? -eq 0 ]; then
|
|
break
|
|
else
|
|
if [ "$RETRY" == 1 ]; then
|
|
docker-compose -f fstack/nextcloud/docker-compose.yml -p nextcloud down &> /dev/null
|
|
kill -9 $SPINPID &> /dev/null
|
|
fail "There was a problem starting service fstack/nextcloud\nCheck the output of 'docker logs nextcloud' or turn on\ndebug with -d"
|
|
fi
|
|
((RETRY--))
|
|
sleep 7
|
|
fi
|
|
done
|
|
fi
|
|
|
|
# Set nextcloud.sh executable
|
|
docker exec -it nextcloud mv /root/nextcloud.sh /var/www/html/
|
|
docker exec -it nextcloud chown www-data:root /var/www/html/nextcloud.sh
|
|
docker exec -it nextcloud chmod 755 /var/www/html/nextcloud.sh
|
|
[ $? -ne 0 ] && fail "Couldn't chown nextcloud.sh in fstack/nextcloud container"
|
|
|
|
# Run nextcloud.sh - Setup LDAP, configuration for nextcloud
|
|
docker exec -it -u 33 nextcloud /var/www/html/nextcloud.sh &> /dev/null
|
|
[ $? -ne 0 ] && fail "Couldn't run nextcloud.sh inside fstack/nextcloud container"
|
|
|
|
kill -9 $SPINPID &> /dev/null
|
|
echo -ne "done."
|
|
}
|