diff --git a/manifests/app_type.pp b/manifests/app_type.pp index 7e52592..d8096b1 100644 --- a/manifests/app_type.pp +++ b/manifests/app_type.pp @@ -113,16 +113,25 @@ define sunetdrive::app_type ( minute => '*/5', } file { '/opt/nextcloud/user-sync.sh': - ensure => file, - owner => 'root', - group => 'root', - mode => '0700', - content => template('sunetdrive/application/user-sync.erb.sh'), + ensure => absent, } -> cron { 'gss_user_sync': - command => '/opt/nextcloud/user-sync.sh', - user => 'root', - minute => '*/5', + ensure => absent, + } + file { '/usr/local/bin/nocc': + ensure => present, + force => true, + owner => 'root', + group => 'root', + content => template('sunetdrive/application/nocc.erb'), + mode => '0740', + } + file { '/etc/sudoers.d/99-nocc': + ensure => file, + content => "script ALL=(root) NOPASSWD: /usr/local/bin/nocc\n", + mode => '0440', + owner => 'root', + group => 'root', } file { '/usr/local/bin/occ': ensure => present, diff --git a/manifests/multinode.pp b/manifests/multinode.pp index 5c4dff0..ed3def2 100644 --- a/manifests/multinode.pp +++ b/manifests/multinode.pp @@ -40,6 +40,21 @@ class sunetdrive::multinode ( user { 'www-data': ensure => present, system => true } sunet::system_user {'mysql': username => 'mysql', group => 'mysql' } ensure_resource('file', '/opt/nextcloud' , { ensure => directory, recurse => true } ) + file { '/usr/local/bin/nocc': + ensure => present, + force => true, + owner => 'root', + group => 'root', + content => template('sunetdrive/application/nocc.erb'), + mode => '0740', + } + file { '/etc/sudoers.d/99-nocc': + ensure => file, + content => "script ALL=(root) NOPASSWD: /usr/local/bin/nocc\n", + mode => '0440', + owner => 'root', + group => 'root', + } file { '/usr/local/bin/occ': ensure => present, force => true, diff --git a/templates/application/config.php.erb b/templates/application/config.php.erb index cb30831..575ac05 100644 --- a/templates/application/config.php.erb +++ b/templates/application/config.php.erb @@ -1,10 +1,5 @@ - array ( - 0 => 'globalsiteselector', - ), - 'apps_paths' => array ( 0 => @@ -48,28 +43,12 @@ $CONFIG = array ( 'gs.enabled' => '<%= @gs_enabled %>', 'gs.federation' => '<%= @gs_federation %>', 'gs.trustedHosts' => ['*.sunet.se'], - 'gss.discovery.manual.mapping.file' => '/var/www/html/mappingfile.json', - 'gss.discovery.manual.mapping.parameter' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6', - 'gss.discovery.manual.mapping.regex' => true, - 'gss.jwt.key' => '<%= @gss_jwt_key %>', - 'gss.master.admin' => - array ( - <%- index = 0 -%> - <%- @gss_master_admin.each do |item| -%> - <%= index %> => '<%= item %>', - <%- index += 1 -%> - <%- end -%> - ), - 'gss.master.url' => '<%= @gss_master_url %>', - 'gss.mode' => '<%= @gss_mode %>', - 'gss.user.discovery.module' => '\\OCA\\GlobalSiteSelector\\UserDiscoveryModules\\ManualUserMapping', - 'gss.username_format' => 'sanitize', + 'htaccess.RewriteBase' => '/', 'installed' => true, 'instanceid' => '<%= @instanceid %>', 'integrity.check.disabled' => true, 'log_type' => 'file', 'loglevel' => 1, - 'lookup_server' => '<%= @lookup_server %>', 'mail_domain' => '<%= @mail_domain %>', 'mail_from_address' => '<%= @mail_from_address %>', 'mail_sendmailmode' => 'smtp', @@ -105,47 +84,11 @@ $CONFIG = array ( 'legacy_auth' => false, ), ), - 'overwrite.cli.url' => 'https://<%= @site_name %>', + 'overwrite.cli.url' => 'https://<%= @site_name %>/', 'overwritehost' => '<%= @site_name %>', 'overwriteprotocol' => 'https', 'passwordsalt' => '<%= @passwordsalt %>', -<% if @location == 'gss-test' -%> - 'redis.cluster' => [ - 'failover_mode' => \RedisCluster::FAILOVER_ERROR, - 'password' => '<%= @redis_cluster_password %>', - 'read_timeout' => 0.0, - 'seeds' => [ - 'redis1.drive.test.sunet.se:6379', - 'redis2.drive.test.sunet.se:6379', - 'redis3.drive.test.sunet.se:6379', - 'redis1.drive.test.sunet.se:6380', - 'redis2.drive.test.sunet.se:6380', - 'redis3.drive.test.sunet.se:6380', - 'redis1.drive.test.sunet.se:6381', - 'redis2.drive.test.sunet.se:6381', - 'redis3.drive.test.sunet.se:6381' - ], - 'timeout' => 1.1 - ], -<% elsif @location == 'gss-prod' -%> - 'redis.cluster' => [ - 'failover_mode' => \RedisCluster::FAILOVER_ERROR, - 'password' => '<%= @redis_cluster_password %>', - 'read_timeout' => 0.0, - 'seeds' => [ - 'redis1.drive.sunet.se:6379', - 'redis2.drive.sunet.se:6379', - 'redis3.drive.sunet.se:6379', - 'redis1.drive.sunet.se:6380', - 'redis2.drive.sunet.se:6380', - 'redis3.drive.sunet.se:6380', - 'redis1.drive.sunet.se:6381', - 'redis2.drive.sunet.se:6381', - 'redis3.drive.sunet.se:6381' - ], - 'timeout' => 1.1 - ], -<% elsif @environment == 'test' && ! @is_multinode -%> +<% if @environment == 'test' && ! @is_multinode -%> 'redis.cluster' => [ 'failover_mode' => \RedisCluster::FAILOVER_ERROR, 'password' => '<%= @redis_cluster_password %>', @@ -163,7 +106,7 @@ $CONFIG = array ( ], 'timeout' => 1.1 ], -<% elsif @environment == 'prod' && ! @is_multinode && @location != 'gss-prod' -%> +<% elsif @environment == 'prod' && ! @is_multinode -%> 'redis.cluster' => [ 'failover_mode' => \RedisCluster::FAILOVER_ERROR, 'password' => '<%= @redis_cluster_password %>', diff --git a/templates/application/nocc.erb b/templates/application/nocc.erb new file mode 100755 index 0000000..7985878 --- /dev/null +++ b/templates/application/nocc.erb @@ -0,0 +1,21 @@ +#!/bin/bash + +if [[ "${1}" =~ ^nextcloud ]]; then + container=${1} + shift +else + container="nextcloud_app_1" +fi + + +oc_list=$(env| grep 'OC_') +if [[ "x${oc_list}" != "x" ]]; then + for row in $(echo "${oc_list}"); do + MY_VARS="${MY_VARS} -e ${row}" + done +fi + +docker exec -ti ${MY_VARS} -u www-data ${container} php --define apc.enable_cli=1 /var/www/html/occ "$@" +exit 0 + +