Merge branch 'main' into stable

manifests/app_type.pp

@@ -113,16 +113,25 @@ define sunetdrive::app_type (
       minute  => '*/5',
     }
     file { '/opt/nextcloud/user-sync.sh':
-      ensure  => file,
-      owner   => 'root',
-      group   => 'root',
-      mode    => '0700',
-      content => template('sunetdrive/application/user-sync.erb.sh'),
+      ensure  => absent,
     }
     -> cron { 'gss_user_sync':
-      command => '/opt/nextcloud/user-sync.sh',
-      user    => 'root',
-      minute  => '*/5',
+      ensure  => absent,
+    }
+    file { '/usr/local/bin/nocc':
+      ensure  => present,
+      force   => true,
+      owner   => 'root',
+      group   => 'root',
+      content => template('sunetdrive/application/nocc.erb'),
+      mode    => '0740',
+    }
+    file { '/etc/sudoers.d/99-nocc':
+      ensure  => file,
+      content => "script ALL=(root) NOPASSWD: /usr/local/bin/nocc\n",
+      mode    => '0440',
+      owner   => 'root',
+      group   => 'root',
     }
     file { '/usr/local/bin/occ':
       ensure  => present,

manifests/multinode.pp

@@ -40,6 +40,21 @@ class sunetdrive::multinode (
   user { 'www-data': ensure => present, system => true }
   sunet::system_user {'mysql': username => 'mysql', group => 'mysql' }
   ensure_resource('file', '/opt/nextcloud' , { ensure => directory, recurse => true } )
+  file { '/usr/local/bin/nocc':
+    ensure  => present,
+    force   => true,
+    owner   => 'root',
+    group   => 'root',
+    content => template('sunetdrive/application/nocc.erb'),
+    mode    => '0740',
+  }
+  file { '/etc/sudoers.d/99-nocc':
+    ensure  => file,
+    content => "script ALL=(root) NOPASSWD: /usr/local/bin/nocc\n",
+    mode    => '0440',
+    owner   => 'root',
+    group   => 'root',
+  }
   file { '/usr/local/bin/occ':
     ensure  => present,
     force   => true,

templates/application/config.php.erb

@@ -1,10 +1,5 @@
 <?php
 $CONFIG = array (
-  'app_install_overwrite' =>
-  array (
-    0 => 'globalsiteselector',
-  ),
-
   'apps_paths' =>
   array (
     0 =>
@@ -48,28 +43,12 @@ $CONFIG = array (
   'gs.enabled' => '<%= @gs_enabled %>',
   'gs.federation' => '<%= @gs_federation %>',
   'gs.trustedHosts' => ['*.sunet.se'],
-  'gss.discovery.manual.mapping.file' => '/var/www/html/mappingfile.json',
-  'gss.discovery.manual.mapping.parameter' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
-  'gss.discovery.manual.mapping.regex' => true,
-  'gss.jwt.key' => '<%= @gss_jwt_key %>',
-  'gss.master.admin' =>
-   array (
-  <%- index = 0 -%>
-  <%- @gss_master_admin.each do |item| -%>
-    <%= index %> => '<%= item %>',
-    <%- index += 1 -%>
-  <%- end -%>
-  ),
-  'gss.master.url' => '<%= @gss_master_url %>',
-  'gss.mode' => '<%= @gss_mode %>',
-  'gss.user.discovery.module' => '\\OCA\\GlobalSiteSelector\\UserDiscoveryModules\\ManualUserMapping',
-  'gss.username_format' => 'sanitize',
+  'htaccess.RewriteBase' => '/',
   'installed' => true,
   'instanceid' => '<%= @instanceid %>',
   'integrity.check.disabled' => true,
   'log_type' => 'file',
   'loglevel' => 1,
-  'lookup_server' => '<%= @lookup_server %>',
   'mail_domain' => '<%= @mail_domain %>',
   'mail_from_address' => '<%= @mail_from_address %>',
   'mail_sendmailmode' => 'smtp',
@@ -105,47 +84,11 @@ $CONFIG = array (
       'legacy_auth' => false,
     ),
   ),
-  'overwrite.cli.url' => 'https://<%= @site_name %>',
+  'overwrite.cli.url' => 'https://<%= @site_name %>/',
   'overwritehost' => '<%= @site_name %>',
   'overwriteprotocol' => 'https',
   'passwordsalt' => '<%= @passwordsalt %>',
-<% if @location == 'gss-test' -%>
-  'redis.cluster' => [
-    'failover_mode' => \RedisCluster::FAILOVER_ERROR,
-    'password' => '<%= @redis_cluster_password %>',
-    'read_timeout' => 0.0,
-    'seeds' => [
-      'redis1.drive.test.sunet.se:6379',
-      'redis2.drive.test.sunet.se:6379',
-      'redis3.drive.test.sunet.se:6379',
-      'redis1.drive.test.sunet.se:6380',
-      'redis2.drive.test.sunet.se:6380',
-      'redis3.drive.test.sunet.se:6380',
-      'redis1.drive.test.sunet.se:6381',
-      'redis2.drive.test.sunet.se:6381',
-      'redis3.drive.test.sunet.se:6381'
-    ],
-    'timeout' => 1.1
-  ],
-<% elsif @location == 'gss-prod' -%>
-  'redis.cluster' => [
-    'failover_mode' => \RedisCluster::FAILOVER_ERROR,
-    'password' => '<%= @redis_cluster_password %>',
-    'read_timeout' => 0.0,
-    'seeds' => [
-      'redis1.drive.sunet.se:6379',
-      'redis2.drive.sunet.se:6379',
-      'redis3.drive.sunet.se:6379',
-      'redis1.drive.sunet.se:6380',
-      'redis2.drive.sunet.se:6380',
-      'redis3.drive.sunet.se:6380',
-      'redis1.drive.sunet.se:6381',
-      'redis2.drive.sunet.se:6381',
-      'redis3.drive.sunet.se:6381'
-    ],
-    'timeout' => 1.1
-  ],
-<% elsif @environment == 'test' && ! @is_multinode -%>
+<% if @environment == 'test' && ! @is_multinode -%>
   'redis.cluster' => [
     'failover_mode' => \RedisCluster::FAILOVER_ERROR,
     'password' => '<%= @redis_cluster_password %>',
@@ -163,7 +106,7 @@ $CONFIG = array (
     ],
     'timeout' => 1.1
   ],
-<% elsif @environment == 'prod' && ! @is_multinode && @location != 'gss-prod' -%>
+<% elsif @environment == 'prod' && ! @is_multinode -%>
   'redis.cluster' => [
     'failover_mode' => \RedisCluster::FAILOVER_ERROR,
     'password' => '<%= @redis_cluster_password %>',

templates/application/nocc.erb

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+if [[ "${1}" =~ ^nextcloud ]]; then
+  container=${1}
+  shift
+else
+  container="nextcloud_app_1"
+fi
+
+
+oc_list=$(env| grep 'OC_')
+if [[ "x${oc_list}" != "x" ]]; then
+        for row in $(echo "${oc_list}"); do
+                MY_VARS="${MY_VARS} -e ${row}"
+        done
+fi
+
+docker exec -ti ${MY_VARS} -u www-data ${container} php --define apc.enable_cli=1 /var/www/html/occ "$@"
+exit 0
+
+