Drive/sunetdrive
7
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'main' into stable

Browse source
This commit is contained in:
Micke Nordin 2024-11-12 16:05:20 +01:00
parent a5580567af ce745ff6b0
commit 25d97470da
Signed by untrusted user: Micke
GPG key ID: 0DA0A7A5708FE257
7 changed files with 105 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
manifests/app_type.pp
View file

@ -15,7 +15,6 @@ define sunetdrive::app_type (
# The config used # The config used
$config = $override_config $config = $override_config
# Other settings # Other settings
$admin_password = $config[ 'admin_password' ]
$dbhost = $config[ 'dbhost' ] $dbhost = $config[ 'dbhost' ]
$dbname = $config[ 'dbname' ] $dbname = $config[ 'dbname' ]
$dbuser = $config[ 'dbuser' ] $dbuser = $config[ 'dbuser' ]
@ -31,7 +30,6 @@ define sunetdrive::app_type (
$config = hiera_hash($environment) $config = hiera_hash($environment)
$skeletondirectory = $config['skeletondirectory'] $skeletondirectory = $config['skeletondirectory']
# Other settings # Other settings
$admin_password = safe_hiera('admin_password')
$dbhost = 'proxysql_proxysql_1' $dbhost = 'proxysql_proxysql_1'
$dbname = 'nextcloud' $dbname = 'nextcloud'
$dbuser = 'nextcloud' $dbuser = 'nextcloud'
@ -143,6 +141,14 @@ define sunetdrive::app_type (
content => template('sunetdrive/application/upgrade23-25.erb.sh'), content => template('sunetdrive/application/upgrade23-25.erb.sh'),
mode => '0744', mode => '0744',
} }
file { '/usr/local/bin/remount_user_bucket_as_project.sh':
ensure => present,
force => true,
owner => 'root',
group => 'root',
content => template('sunetdrive/application/remount_user_bucket_as_project.sh'),
mode => '0744',
}
file { '/opt/rotate/conf.d/nextcloud.conf': file { '/opt/rotate/conf.d/nextcloud.conf':
ensure => file, ensure => file,
force => true, force => true,

9
templates/application/complete_reinstall.erb.sh
View file

@ -3,7 +3,6 @@
config_php='/var/www/html/config/config.php' config_php='/var/www/html/config/config.php'
dbhost="<%= @dbhost %>" dbhost="<%= @dbhost %>"
mysql_user_password="<%= @mysql_user_password %>" mysql_user_password="<%= @mysql_user_password %>"
admin_password="<%= @admin_password %>"
location="<%= @location %>" location="<%= @location %>"
bucket="<%= @s3_bucket %>" bucket="<%= @s3_bucket %>"
@ -14,6 +13,9 @@ if [[ "${user_input}" == "IKnowWhatIAmDoing" ]]; then
echo "WARNING: This will delete everything in the database and reinstall Nextcloud." echo "WARNING: This will delete everything in the database and reinstall Nextcloud."
echo "You have 10 seconds to abort by hitting CTRL/C" echo "You have 10 seconds to abort by hitting CTRL/C"
sleep 10s sleep 10s
echo "Setting temp admin password"
apt update && apt install -y apg
admin_password="$(apg -m 40 | head -1)"
echo "Ok, proceeding." echo "Ok, proceeding."
echo "Dropping database in 3 seconds" echo "Dropping database in 3 seconds"
sleep 3s sleep 3s
@ -48,6 +50,11 @@ EOF
instanceid=$(grep -E "^ 'instanceid'" ${config_php} | awk -F "'" '{print $4}') instanceid=$(grep -E "^ 'instanceid'" ${config_php} | awk -F "'" '{print $4}')
secret=$(grep -E "^ 'secret'" ${config_php} | awk -F "'" '{print $4}') secret=$(grep -E "^ 'secret'" ${config_php} | awk -F "'" '{print $4}')
passwordsalt=$(grep -E "^ 'passwordsalt'" ${config_php} | awk -F "'" '{print $4}') passwordsalt=$(grep -E "^ 'passwordsalt'" ${config_php} | awk -F "'" '{print $4}')
echo "Now delete the admin user:"
echo " occ user:delete admin"
echo "and then create a new admin user:"
echo " /usr/local/bin/add_admin_user <username> <email address>"
echo ""
echo "Please use edit-secrets to add these variables to all Nextcloud servers:" echo "Please use edit-secrets to add these variables to all Nextcloud servers:"
echo "instanceid: DEC::PKCS7[${instanceid}]!" echo "instanceid: DEC::PKCS7[${instanceid}]!"
echo "secret: DEC::PKCS7[${secret}]!" echo "secret: DEC::PKCS7[${secret}]!"

2
templates/application/docker-compose_nextcloud.yml.erb
View file

@ -9,8 +9,6 @@ services:
<%- if @hostnet -%> <%- if @hostnet -%>
network_mode: host network_mode: host
<%- end -%> <%- end -%>
environment:
- NC_PASS=<%= @admin_password%>
volumes: volumes:
- /opt/nextcloud/000-default.conf:/etc/apache2/sites-enabled/000-default.conf - /opt/nextcloud/000-default.conf:/etc/apache2/sites-enabled/000-default.conf
- /opt/nextcloud/mpm_prefork.conf:/etc/apache2/mods-available/mpm_prefork.conf - /opt/nextcloud/mpm_prefork.conf:/etc/apache2/mods-available/mpm_prefork.conf

79
templates/application/remount_user_bucket_as_project.sh Executable file
View file

@ -0,0 +1,79 @@
#!/bin/bash
mountid="${1}"
user="${2}"
container="${3}"
if [[ -z ${mountid} ]] || [[ -z ${user} ]]; then
echo "We need a valid mount id and user to proceed"
echo "Usage: ${0} <mountid> <user> [<container>]"
exit
fi
if [[ -z ${container} ]]; then
container="nextcloud_app_1"
fi
occ="/usr/local/bin/occ"
function get_config {
${occ} files_external:config ${mountid} ${1} | tr -d '\n\t\r'
}
echo "Gathering information, hang tight."
echo -n "."
bucket="$(get_config bucket)"
echo -n "."
hostname="$(get_config hostname)"
echo -n "."
key="$(get_config key)"
echo -n "."
region="$(get_config region)"
echo -n "."
secret="$(get_config secret)"
jsonfile="/tmp/${user}-user-bucket.json"
mount_point="${user/@/-}"
mount_point="${mount_point/./-}-user-bucket"
echo "This will remount the user bucket with mountid ${mountid} for ${user} as project bucket with mountpoint ${mount_point}."
read -r -p "Press enter to continue"
echo '
[
{
"mount_point": "\/'${mount_point}'",
"storage": "\\OCA\\Files_External\\Lib\\Storage\\AmazonS3",
"authentication_type": "amazons3::accesskey",
"configuration": {
"bucket": "'${bucket}'",
"hostname": "'${hostname}'",
"key": "'${key}'",
"legacy_auth": false,
"port": "443",
"region": "'${region}'",
"secret": "'${secret}'",
"storageClass": "",
"useMultipartCopy": false,
"use_path_style": true,
"use_ssl": true
},
"options": {
"encrypt": true,
"previews": true,
"enable_sharing": true,
"filesystem_check_changes": 0,
"encoding_compatibility": false,
"readonly": false
},
"applicable_users": [
],
"applicable_groups": ["admin"]
}
]
' > "${jsonfile}"
docker cp ${jsonfile} ${container}:/${jsonfile}
${occ} files_external:import /${jsonfile}
docker exec ${container} rm /${jsonfile}
rm ${jsonfile}
${occ} files_external:delete ${mountid}

2
templates/mariadb_backup/check_replication.erb
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
result="$(docker exec mariadb_backup_mariadb_backup_1 mysql -p<%= @mysql_root_password %> -BN -e 'show status like "slave_running"')" result="$(docker exec -u root mariadb_backup_mariadb_backup_1 mysql -p<%= @mysql_root_password %> -BN -e 'show status like "slave_running"')"
if [[ "${result}" == "Slave_running ON" ]]; then if [[ "${result}" == "Slave_running ON" ]]; then
echo "OK: Replica running" echo "OK: Replica running"
exit 0 exit 0

9
templates/multinode/complete_reinstall.erb.sh
View file

@ -3,10 +3,12 @@
config_php='/var/www/html/config/config.php' config_php='/var/www/html/config/config.php'
dbhost="<%= @dbhost %>" dbhost="<%= @dbhost %>"
mysql_user_password="<%= @mysql_user_password %>" mysql_user_password="<%= @mysql_user_password %>"
admin_password="<%= @admin_password %>"
location="<%= @location %>" location="<%= @location %>"
bucket="<%= @s3_bucket %>" bucket="<%= @s3_bucket %>"
customer="<%= @customer %>" customer="<%= @customer %>"
echo "Setting temp admin password"
apt update && apt install -y apg
admin_password="$(apg -m 40 | head -1)"
/usr/bin/mysql -e "drop database nextcloud" -u nextcloud -p"${mysql_user_password}" -h "${dbhost}" >/dev/null 2>&1 /usr/bin/mysql -e "drop database nextcloud" -u nextcloud -p"${mysql_user_password}" -h "${dbhost}" >/dev/null 2>&1
/usr/bin/mysql -e "create database nextcloud" -u nextcloud -p"${mysql_user_password}" -h "${dbhost}" >/dev/null 2>&1 /usr/bin/mysql -e "create database nextcloud" -u nextcloud -p"${mysql_user_password}" -h "${dbhost}" >/dev/null 2>&1
@ -35,6 +37,11 @@ EOF
instanceid=$(grep -E "^ 'instanceid'" ${config_php} | awk -F "'" '{print $4}') instanceid=$(grep -E "^ 'instanceid'" ${config_php} | awk -F "'" '{print $4}')
secret=$(grep -E "^ 'secret'" ${config_php} | awk -F "'" '{print $4}') secret=$(grep -E "^ 'secret'" ${config_php} | awk -F "'" '{print $4}')
passwordsalt=$(grep -E "^ 'passwordsalt'" ${config_php} | awk -F "'" '{print $4}') passwordsalt=$(grep -E "^ 'passwordsalt'" ${config_php} | awk -F "'" '{print $4}')
echo "Now delete the admin user:"
echo " occ <container> user:delete admin"
echo "and then create a new admin user:"
echo " /usr/local/bin/add_admin_user <username> <email address> <container>"
echo ""
echo "${customer}_instanceid: DEC::PKCS7[${instanceid}]!" echo "${customer}_instanceid: DEC::PKCS7[${instanceid}]!"
echo "${customer}_secret: DEC::PKCS7[${secret}]!" echo "${customer}_secret: DEC::PKCS7[${secret}]!"
echo "${customer}_passwordsalt: DEC::PKCS7[${passwordsalt}]!" echo "${customer}_passwordsalt: DEC::PKCS7[${passwordsalt}]!"

3
templates/multinode/docker-compose_nextcloud.yml.erb
View file

@ -15,8 +15,7 @@ services:
- <%= @nextcloud_log_path %>:/var/www/html/data/nextcloud.log - <%= @nextcloud_log_path %>:/var/www/html/data/nextcloud.log
- <%= @audit_log_path %>:/var/www/html/data/audit.log - <%= @audit_log_path %>:/var/www/html/data/audit.log
- <%= @rclone_conf_path %>:/rclone.conf - <%= @rclone_conf_path %>:/rclone.conf
environment:
- NC_PASS=<%= @admin_password%>
networks: networks:
- default - default
- proxysql_proxysql - proxysql_proxysql