From 1d5d61b4a763bd04e91e1c95ae118bd308f5d706 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:41:12 +0100
Subject: [PATCH 01/22] Add full_backup_retention

---
 manifests/multinode.pp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index f1f5987..3913f46 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -291,6 +291,11 @@ MACAddressPolicy=none'
     if $customer_config['twofactor_enforced_excluded_groups'] {
     $twofactor_enforced_excluded_groups = $customer_config['twofactor_enforced_excluded_groups']
     }
+    if $customer_config['full_backup_retention'] {
+      $full_backup_retention = $customer_config['full_backup_retention']
+    } else {
+      $full_backup_retention = hiera('full_backup_retention')
+    }
 
     # Secrets from local.eyaml
     $admin_password = safe_hiera("${customer}_admin_password")
@@ -315,6 +320,7 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
+      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 7e0f744e5d56e218a21a40ccce4c2ac0bd6b841d Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:47:16 +0100
Subject: [PATCH 02/22] Set expiration for multinode

---
 manifests/app_type.pp | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 3ef7a6c..7738499 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,6 +18,7 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
+    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]
@@ -33,6 +34,7 @@ define sunetdrive::app_type (
     $dbhost = 'proxysql_proxysql_1'
     $dbname = 'nextcloud'
     $dbuser = 'nextcloud'
+    $full_backup_retention = hiera('full_backup_retention')
     $instanceid = safe_hiera('instanceid')
     $mysql_user_password = safe_hiera('mysql_user_password')
     $passwordsalt = safe_hiera('passwordsalt')
@@ -88,13 +90,13 @@ define sunetdrive::app_type (
   $drive_email_template_text_left = $config['drive_email_template_text_left']
   $drive_email_template_plain_text_left = $config['drive_email_template_plain_text_left']
   $drive_email_template_url_left = $config['drive_email_template_url_left']
-  $full_backup_retention = hiera('full_backup_retention')
   $lb_servers = hiera_hash($environment)['lb_servers']
   $document_servers = hiera_hash($environment)['document_servers']
 
   # Calculate some values
-  $expiration_days_min = $full_backup_retention * 31
-  $expiration_days_max = $full_backup_retention * 31 + 93
+  $expiration_months = max(12, $full_backup_retention)
+  $expiration_days_min = $expiration_months * 31
+  $expiration_days_max = $expiration_months * 31 + 93
 
   unless $is_multinode{
     user { 'www-data': ensure => present, system => true }

From ca8f0d5b89d7c8daa3098d0c7d0361acf93561ef Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 13:14:37 +0100
Subject: [PATCH 03/22] Multinode: Double book keeping

Unfortunatly we must do the same calcultions for multinode
---
 manifests/app_type.pp                | 1 -
 manifests/multinode.pp               | 5 ++++-
 templates/application/config.php.erb | 2 +-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7738499..7e52592 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,7 +18,6 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
-    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]
diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index 3913f46..f973dc9 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -296,6 +296,10 @@ MACAddressPolicy=none'
     } else {
       $full_backup_retention = hiera('full_backup_retention')
     }
+    # Calculate some values
+    $expiration_months = max(12, $full_backup_retention)
+    $expiration_days_min = $expiration_months * 31
+    $expiration_days_max = $expiration_months * 31 + 93
 
     # Secrets from local.eyaml
     $admin_password = safe_hiera("${customer}_admin_password")
@@ -320,7 +324,6 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
-      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,
diff --git a/templates/application/config.php.erb b/templates/application/config.php.erb
index 23080bc..cb30831 100644
--- a/templates/application/config.php.erb
+++ b/templates/application/config.php.erb
@@ -238,6 +238,6 @@ $CONFIG = array (
   'updatechecker' => false,
   'version' => '<%= @nextcloud_version_string %>',
 <% if @environment == 'test' -%>
-  'versions_retention_obligation' => '<%= @expiration_days_min %>,<%= @expiration_days_max %>',
+  'versions_retention_obligation' => '<%= @expiration_days_min %>, <%= @expiration_days_max %>',
 <% end -%>
 );

From 9c1e10ff4ce05dddd94c04c5d50d92f21a496e14 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:41:12 +0100
Subject: [PATCH 04/22] Add full_backup_retention

---
 manifests/multinode.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index f973dc9..fb47699 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,6 +324,7 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
+      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 61daa44afaff55e083a73af5eb22fd8d24c07c46 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:47:16 +0100
Subject: [PATCH 05/22] Set expiration for multinode

---
 manifests/app_type.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7e52592..7738499 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,6 +18,7 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
+    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]

From ec95b0754f433a769db6b565e6292c609d093111 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 13:14:37 +0100
Subject: [PATCH 06/22] Multinode: Double book keeping

Unfortunatly we must do the same calcultions for multinode
---
 manifests/app_type.pp  | 1 -
 manifests/multinode.pp | 1 -
 2 files changed, 2 deletions(-)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7738499..7e52592 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,7 +18,6 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
-    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]
diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index fb47699..f973dc9 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,7 +324,6 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
-      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 2ba22cd30bdb5004368148f7b39a23c23caa4d99 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 15:16:33 +0100
Subject: [PATCH 07/22] SATOSA: Always have alwayshttps

---
 templates/satosa/docker-compose.yml.erb | 2 --
 1 file changed, 2 deletions(-)

diff --git a/templates/satosa/docker-compose.yml.erb b/templates/satosa/docker-compose.yml.erb
index 4a237f2..8728a6b 100644
--- a/templates/satosa/docker-compose.yml.erb
+++ b/templates/satosa/docker-compose.yml.erb
@@ -12,7 +12,6 @@ services:
     volumes:
       - "/etc/satosa:/etc/satosa"
       - "/etc/dehydrated:/etc/dehydrated"
-<% if @dehydrated_status == "present" -%>
   alwayshttps:
     environment:
       - "ACME_URL=http://acme-c.sunet.se"
@@ -22,4 +21,3 @@ services:
     pull_policy: "always"
     ports:
       - "80:80"
-<% end -%>

From 250396dbb49ccbdcece1b549e6b1979b8062ad72 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:41:12 +0100
Subject: [PATCH 08/22] Add full_backup_retention

---
 manifests/multinode.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index f973dc9..fb47699 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,6 +324,7 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
+      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 0a415b5129834fb55594c19fd1e83bee0f6f9b16 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:47:16 +0100
Subject: [PATCH 09/22] Set expiration for multinode

---
 manifests/app_type.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7e52592..7738499 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,6 +18,7 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
+    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]

From 1868c2a0b781be919c062a758b00494176b2aa6a Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 13:14:37 +0100
Subject: [PATCH 10/22] Multinode: Double book keeping

Unfortunatly we must do the same calcultions for multinode
---
 manifests/app_type.pp  | 1 -
 manifests/multinode.pp | 1 -
 2 files changed, 2 deletions(-)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7738499..7e52592 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,7 +18,6 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
-    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]
diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index fb47699..f973dc9 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,7 +324,6 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
-      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 8027abaa8293b47576d6ddf1c120d4f7cce0ef4d Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Mon, 20 Jan 2025 08:45:55 +0100
Subject: [PATCH 11/22] Run as root user

---
 templates/mariadb_backup/listusers.erb.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/mariadb_backup/listusers.erb.sh b/templates/mariadb_backup/listusers.erb.sh
index ec8d794..ad519da 100644
--- a/templates/mariadb_backup/listusers.erb.sh
+++ b/templates/mariadb_backup/listusers.erb.sh
@@ -13,7 +13,7 @@ dexec="docker exec ${container}"
 
 password=$(${dexec} env | grep MYSQL_ROOT_PASSWORD | awk -F '=' '{print $2}')
 
-mysql="${dexec} mysql -p${password}"
+mysql="${dexec} mysql -p${password} -u root"
 
 if [[ "$(${mysql} -NB -e 'select exists(select * from information_schema.TABLES where TABLE_SCHEMA = "nextcloud" and TABLE_NAME = "oc_global_scale_users")')" == "1" ]]
 then

From 20709f5dbad72e1ad487bd41286f066a2e1c7c59 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:41:12 +0100
Subject: [PATCH 12/22] Add full_backup_retention

---
 manifests/multinode.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index f973dc9..fb47699 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,6 +324,7 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
+      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 28a94fca51358607784e86aec1fe4f671548ee6e Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:47:16 +0100
Subject: [PATCH 13/22] Set expiration for multinode

---
 manifests/app_type.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7e52592..7738499 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,6 +18,7 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
+    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]

From 9ac653170025a205d8f363515f5c4cdff07c5128 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 13:14:37 +0100
Subject: [PATCH 14/22] Multinode: Double book keeping

Unfortunatly we must do the same calcultions for multinode
---
 manifests/app_type.pp  | 1 -
 manifests/multinode.pp | 1 -
 2 files changed, 2 deletions(-)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7738499..7e52592 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,7 +18,6 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
-    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]
diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index fb47699..f973dc9 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,7 +324,6 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
-      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 19015d906114f9e9f17f8c8b2e17748356285a65 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Mon, 20 Jan 2025 09:00:14 +0100
Subject: [PATCH 15/22] Only run this on monitor hosts, as it takes a long time

---
 facts.d/nc_versions.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/facts.d/nc_versions.sh b/facts.d/nc_versions.sh
index 38ce14f..f466f89 100755
--- a/facts.d/nc_versions.sh
+++ b/facts.d/nc_versions.sh
@@ -1,5 +1,9 @@
 #!/bin/bash
 
+if ! [[ $(hostname) =~ monitor ]]; then
+  exit 0
+fi
+
 repo="/var/cache/cosmos/repo"
 common="${repo}/global/overlay/etc/hiera/data/common.yaml"
 

From 7a977b79a27bbebfea895577f750c8392d14679e Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:41:12 +0100
Subject: [PATCH 16/22] Add full_backup_retention

---
 manifests/multinode.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index f973dc9..fb47699 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,6 +324,7 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
+      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 9ee8f6ea5d54ae3a6fa6059ff9cd67c49778461e Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 12:47:16 +0100
Subject: [PATCH 17/22] Set expiration for multinode

---
 manifests/app_type.pp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7e52592..7738499 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,6 +18,7 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
+    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]

From 0e154b0e53243bb614a64db8156f88e4d6b1e79c Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Thu, 16 Jan 2025 13:14:37 +0100
Subject: [PATCH 18/22] Multinode: Double book keeping

Unfortunatly we must do the same calcultions for multinode
---
 manifests/app_type.pp  | 1 -
 manifests/multinode.pp | 1 -
 2 files changed, 2 deletions(-)

diff --git a/manifests/app_type.pp b/manifests/app_type.pp
index 7738499..7e52592 100644
--- a/manifests/app_type.pp
+++ b/manifests/app_type.pp
@@ -18,7 +18,6 @@ define sunetdrive::app_type (
     $dbhost = $config[ 'dbhost' ]
     $dbname = $config[ 'dbname' ]
     $dbuser = $config[ 'dbuser' ]
-    $full_backup_retention = $config[ 'full_backup_retention' ]
     $instanceid = $config[ 'instanceid' ]
     $mysql_user_password = $config[ 'mysql_user_password' ]
     $passwordsalt = $config[ 'passwordsalt' ]
diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index fb47699..f973dc9 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -324,7 +324,6 @@ MACAddressPolicy=none'
       drive_email_template_plain_text_left => hiera($environment)['drive_email_template_plain_text_left'],
       drive_email_template_text_left       => hiera($environment)['drive_email_template_text_left'],
       drive_email_template_url_left        => hiera($environment)['drive_email_template_url_left'],
-      full_backup_retention                => $full_backup_retention,
       mariadb_dir                          => "/opt/multinode/${customer}/mariadb-${customer}",
       mycnf_path                           => 'sunetdrive/multinode/my.cnf.erb',
       mysql_root_password                  => $mysql_root_password,

From 09deca0172188ad031220633424ac0fde860504b Mon Sep 17 00:00:00 2001
From: Lars Delhage <lasse@nohup.se>
Date: Mon, 20 Jan 2025 11:53:25 +0100
Subject: [PATCH 19/22] Remove recursive for mysql db dir

---
 manifests/db_type.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/db_type.pp b/manifests/db_type.pp
index 440a3e9..23e4660 100644
--- a/manifests/db_type.pp
+++ b/manifests/db_type.pp
@@ -18,7 +18,7 @@ define sunetdrive::db_type(
   $mariadb_dir = '/etc/mariadb'
   $mycnf_path = 'sunetdrive/mariadb/my.cnf.erb'
   $server_id = 1000 + Integer($facts['networking']['hostname'][-1])
-  ensure_resource('file',$mariadb_dir, { ensure => directory, recurse => true } )
+  ensure_resource('file',$mariadb_dir, { ensure => directory } )
   $dirs = ['datadir', 'init', 'conf', 'backups', 'scripts' ]
   $dirs.each |$dir| {
     ensure_resource('file',"${mariadb_dir}/${dir}", { ensure => directory, recurse => true } )

From 602fb12a7ffdac9c4afdc5ce69bf82605ca46b50 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Mon, 3 Feb 2025 15:10:28 +0100
Subject: [PATCH 20/22] Allow long running check for scriptherder

---
 manifests/sitemonitornaemon.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/sitemonitornaemon.pp b/manifests/sitemonitornaemon.pp
index e0abcd4..82f2406 100644
--- a/manifests/sitemonitornaemon.pp
+++ b/manifests/sitemonitornaemon.pp
@@ -47,7 +47,7 @@ class sunetdrive::sitemonitornaemon() {
   }
   nagioscfg::service {'check_scriptherder':
     hostgroup_name => ['sunetdrive::nrpe'],
-    check_command  => 'check_nrpe_1arg_to30!check_scriptherder',
+    check_command  => 'check_nrpe_1arg_to300!check_scriptherder',
     description    => 'Scriptherder Status',
     contact_groups => ['naemon-admins'],
   }

From f2774b9c384a8f22f738616f64d96734d0d262f7 Mon Sep 17 00:00:00 2001
From: Micke Nordin <kano@sunet.se>
Date: Mon, 10 Feb 2025 10:25:36 +0100
Subject: [PATCH 21/22] Containers changed names

---
 manifests/multinode.pp                                       | 4 ++--
 manifests/script.pp                                          | 2 +-
 templates/script/create_folders_in_singlenode_buckets.erb.sh | 2 +-
 templates/script/listusers.erb.sh                            | 2 +-
 templates/scriptreceiver/create_bucket.erb.sh                | 4 ++--
 templates/scriptreceiver/list_files_for_user.erb.sh          | 2 +-
 templates/scriptreceiver/list_users.erb.sh                   | 2 +-
 7 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/manifests/multinode.pp b/manifests/multinode.pp
index f973dc9..5c4dff0 100644
--- a/manifests/multinode.pp
+++ b/manifests/multinode.pp
@@ -213,7 +213,7 @@ MACAddressPolicy=none'
   }
 #  if $nodenumber == '2' {
 #    cron { 'add_back_bucket_for_karin_nordgren':
-#      command => '(/usr/local/bin/occ nextcloud-kmh_app_1 files_external:list karin_nordgren@kmh.se  &&  /home/script/bin/create_bucket.sh nextcloud-kmh_app_1 karin_nordgren@kmh.se karin-nordgren-drive-sunet-se) || /bin/true',
+#      command => '(/usr/local/bin/occ nextcloud-kmh-app-1 files_external:list karin_nordgren@kmh.se  &&  /home/script/bin/create_bucket.sh nextcloud-kmh-app-1 karin_nordgren@kmh.se karin-nordgren-drive-sunet-se) || /bin/true',
 #      user    => 'root',
 #      minute  =>  '*/10',
 #    }
@@ -222,7 +222,7 @@ MACAddressPolicy=none'
     $customer_config_full = hiera_hash($customer)
     $customer_config = $customer_config_full[$environment]
     cron { "multinode_cron_${customer}":
-      command => "/opt/nextcloud/cron.sh nextcloud-${customer}_app_1",
+      command => "/opt/nextcloud/cron.sh nextcloud-${customer}-app-1",
       require => File['/opt/nextcloud/cron.sh'],
       user    => 'root',
       minute  =>  '*/10',
diff --git a/manifests/script.pp b/manifests/script.pp
index daa22bc..56a910d 100644
--- a/manifests/script.pp
+++ b/manifests/script.pp
@@ -388,7 +388,7 @@ class sunetdrive::script (
     $singlenodes.each | $singlenode| {
       $multinode = hiera_hash('multinode_mapping')[$singlenode]['server']
       $multinodeserver = "${multinode}.${site_name}"
-      $nccontainer = "nextcloud-${singlenode}_app_1"
+      $nccontainer = "nextcloud-${singlenode}-app-1"
 
       sunet::scriptherder::cronjob { "backup${singlenode}db":
         ensure => absent,
diff --git a/templates/script/create_folders_in_singlenode_buckets.erb.sh b/templates/script/create_folders_in_singlenode_buckets.erb.sh
index 27e1fb7..904ab58 100644
--- a/templates/script/create_folders_in_singlenode_buckets.erb.sh
+++ b/templates/script/create_folders_in_singlenode_buckets.erb.sh
@@ -5,7 +5,7 @@ shift
 include_userbuckets="${1}"
 shift
 environment="<%= @environment %>"
-container="nextcloud-${customer}_app_1"
+container="nextcloud-${customer}-app-1"
 
 yq="/usr/local/bin/yq"
 if ! [[ -x ${yq} ]]; then
diff --git a/templates/script/listusers.erb.sh b/templates/script/listusers.erb.sh
index c261e31..d065ee1 100644
--- a/templates/script/listusers.erb.sh
+++ b/templates/script/listusers.erb.sh
@@ -4,7 +4,7 @@ customer="${1}"
 multinode="${2}" 
 environment="<%= @environment %>"
 location="${customer}-${environment}"
-userjson=$(ssh "script@${multinode}" "sudo /home/script/bin/list_users.sh nextcloud-${customer}_app_1") 
+userjson=$(ssh "script@${multinode}" "sudo /home/script/bin/list_users.sh nextcloud-${customer}-app-1") 
 project="statistics"
 bucket="drive-server-coms"
 base_dir="${project}:${bucket}"
diff --git a/templates/scriptreceiver/create_bucket.erb.sh b/templates/scriptreceiver/create_bucket.erb.sh
index b5b970a..c18c0b5 100755
--- a/templates/scriptreceiver/create_bucket.erb.sh
+++ b/templates/scriptreceiver/create_bucket.erb.sh
@@ -11,7 +11,7 @@ function usage {
 	exit 1
 }
 
-if ! [[ ${container} == 'nextcloud_app_1' ]] && ! [[ ${container} =~ ^nextcloud-[a-z]*_app_1$ ]]; then
+if ! [[ ${container} == 'nextcloud_app_1' ]] && ! [[ ${container} =~ ^nextcloud-[a-z]*-app-1$ ]]; then
 	usage
 fi
 if ! [[ ${bucket} =~ ^[a-zA-Z0-9]+ ]]; then
@@ -26,7 +26,7 @@ echo "$(date): Start executing create_bucket.sh ${1} ${2} ${3}"
 
 rclone_config="/opt/nextcloud/rclone.conf"
 if [[ "${container}" != "nextcloud_app_1" ]]; then
-  customer=$(echo "${container}" | sed -e 's/^nextcloud-//' -e 's/_app_1$//')
+  customer=$(echo "${container}" | sed -e 's/^nextcloud-//' -e 's/-app-1$//')
   rclone_config="/opt/multinode/${customer}/rclone.conf"
 fi
 
diff --git a/templates/scriptreceiver/list_files_for_user.erb.sh b/templates/scriptreceiver/list_files_for_user.erb.sh
index b6e6214..4e71834 100644
--- a/templates/scriptreceiver/list_files_for_user.erb.sh
+++ b/templates/scriptreceiver/list_files_for_user.erb.sh
@@ -9,7 +9,7 @@ function usage {
 	exit 1
 }
 
-if ! [[ ${container} == 'nextcloud_app_1' ]] && ! [[ ${container} =~ ^nextcloud-[a-z]*_app_1$ ]]; then
+if ! [[ ${container} == 'nextcloud_app_1' ]] && ! [[ ${container} =~ ^nextcloud-[a-z]*-app-1$ ]]; then
 	usage
 fi
 
diff --git a/templates/scriptreceiver/list_users.erb.sh b/templates/scriptreceiver/list_users.erb.sh
index f69f3b8..3216870 100644
--- a/templates/scriptreceiver/list_users.erb.sh
+++ b/templates/scriptreceiver/list_users.erb.sh
@@ -2,7 +2,7 @@
 
 container=${1}
 
-if ! [[ ${container} == 'nextcloud_app_1' ]] && ! [[ ${container} =~ ^nextcloud-[a-z]*_app_1$ ]]; then
+if ! [[ ${container} == 'nextcloud_app_1' ]] && ! [[ ${container} =~ ^nextcloud-[a-z]*-app-1$ ]]; then
 	echo "Usage: ${0} <nextcloud container name>"
 	echo "Example : ${0} nextcloud_app_1"
 	exit 1

From 2a273c649dd49c410fe02a4c078d8e25aa583114 Mon Sep 17 00:00:00 2001
From: Lars Delhage <lasse@sunet.se>
Date: Thu, 13 Feb 2025 13:45:10 +0100
Subject: [PATCH 22/22] Enable pretty URLs
 (https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html\#pretty-urls)

---
 templates/application/config.php.erb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/templates/application/config.php.erb b/templates/application/config.php.erb
index cb30831..1db97bb 100644
--- a/templates/application/config.php.erb
+++ b/templates/application/config.php.erb
@@ -64,6 +64,7 @@ $CONFIG = array (
   'gss.mode' => '<%= @gss_mode %>',
   'gss.user.discovery.module' => '\\OCA\\GlobalSiteSelector\\UserDiscoveryModules\\ManualUserMapping',
   'gss.username_format' => 'sanitize',
+  'htaccess.RewriteBase' => '/',
   'installed' => true,
   'instanceid' => '<%= @instanceid %>',
   'integrity.check.disabled' => true,
@@ -105,7 +106,7 @@ $CONFIG = array (
       'legacy_auth' => false,
     ),
   ),
-  'overwrite.cli.url' => 'https://<%= @site_name %>',
+  'overwrite.cli.url' => 'https://<%= @site_name %>/',
   'overwritehost' => '<%= @site_name %>',
   'overwriteprotocol' => 'https',
   'passwordsalt' => '<%= @passwordsalt %>',