svg

misc/images/app/app-docker/Dockerfile

@@ -0,0 +1,11 @@
+ARG PHP_PKG_VERSION="8.1.20-r0"
+ARG ADDITIONAL_PACKAGES="tree \
+                         php81-gd=${PHP_PKG_VERSION} \
+                         php81-sodium=${PHP_PKG_VERSION} \
+                         php81-fileinfo=${PHP_PKG_VERSION} \
+                         php81-pdo=${PHP_PKG_VERSION} \
+                         php81-pdo_pgsql=${PHP_PKG_VERSION} \
+                         php81-intl=${PHP_PKG_VERSION} \
+                         php81-pecl-redis=5.3.7-r0"
+
+FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone

misc/images/hydra-dispatcher/Dockerfile

@@ -0,0 +1 @@
+FROM cadoles/hydra-dispatcher-v1:v0.0.0-111-g2e60bdb

misc/images/hydra-dispatcher/hydra/providers.yml

@@ -0,0 +1,43 @@
+hydra:
+  apps:
+    - id: ninesql
+      title: 
+        fr: NINE SQL
+        en: NINE SQL
+      description: 
+        fr: Authentification via NINESQL
+        en: Authentication by NINESQL
+      icon_url: https://127.0.0.1:8000/medias/icons/icon_bdd.png
+      login_url: http://127.0.0.1:8000/hydra/loginsql
+      consent_url: http://127.0.0.1:8000/hydra/consent
+      logout_url: http://127.0.0.1:8000/hydra/logoutsql
+      attributes_rewrite_rules:
+        username: 
+          - consent.session.id_token.username
+        email: 
+          - consent.session.id_token.email
+        firstname:
+          - consent.session.id_token.firstname
+        lastname:
+          - consent.session.id_token.lastname
+
+    - id: nineldap
+      title: 
+        fr: NINE LDAP
+        en: NINE LDAP
+      description: 
+        fr: Authentification via NINELDAP
+        en: Authentication by NINELDAP
+      icon_url: https://127.0.0.1:8000/medias/icons/icon_phpldapadmin.png
+      login_url: http://127.0.0.1:8000/hydra/loginldap
+      consent_url: http://127.0.0.1:8000/hydra/consent
+      logout_url: http://127.0.0.1:8000/hydra/logoutldap
+      attributes_rewrite_rules:
+        username: 
+          - consent.session.id_token.username
+        email: 
+          - consent.session.id_token.email
+        firstname:
+          - consent.session.id_token.firstname
+        lastname:
+          - consent.session.id_token.lastname

misc/images/hydra-dispatcher/templates/base.html.twig

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        {% block head %}
+            <title>{% block title %}{{ 'view.base.title'|trans({}, 'view', app.request.session.get('_locale')) }}{% endblock %}</title>
+            <meta charset="UTF-8">
+            <meta name="viewport" content="width=device-width, initial-scale=1.0">
+            {% block stylesheets %}
+                {{ encore_entry_link_tags('app', null, 'appConfig') }}
+                {{ encore_entry_link_tags('theme', null, 'themeConfig') }}
+            {% endblock %}
+        {% endblock %}
+    </head>
+    <body>
+        {% block body %}
+            {% block body_content %}{% endblock %}
+            {% block javascripts %}
+                {{ encore_entry_script_tags('app', null, 'appConfig') }}
+                {{ encore_entry_script_tags('theme', null, 'themeConfig') }}
+            {% endblock %}
+        {% endblock %}
+    </body>
+</html>

misc/images/hydra-dispatcher/templates/error.html.twig

@@ -0,0 +1,16 @@
+{% extends 'base.html.twig' %}
+
+{% block stylesheets %}
+    {{ parent() }}
+{% endblock %}
+
+{% block title %}{{ 'view.error.title'|trans({}, 'view') }}{% endblock %}
+
+{% block body_content %}
+<section class="grid place-items-center h-screen">
+    <div class="container px-5 py-2 mx-auto lg:px-32">
+        <p>{{ 'view.error.text'|trans({}, 'view') }} {{statusCode}}</p>
+        <p>{{message}}</p>
+    </div>
+</section>
+{% endblock %}

misc/images/hydra-dispatcher/templates/form/error_theme.html.twig

@@ -0,0 +1,13 @@
+{% form_theme form _self %}
+
+{% block form_errors %}
+    {% if errors is defined and errors.count > 0 %}
+    <div class="bg-red-400 mb-5 p-5 rounded">
+        <p id="{{form.vars.id}}" >
+        {% for error in errors %}
+        {{ error.message | trans({}, 'form', app.request.session.get('_locale')) }}<br />
+        {% endfor %}
+        </p>
+    </div>
+    {% endif %}
+{% endblock form_errors %}

misc/images/hydra-dispatcher/templates/login.html.twig

@@ -0,0 +1,88 @@
+{% extends 'base.html.twig' %}
+
+{% form_theme form 'form/error_theme.html.twig' %}
+
+{% block stylesheets %}
+    {{ parent() }}
+{% endblock %}
+
+{% block title %}{{ 'view.login.title'|trans({}, 'view', app.request.session.get('_locale')) }}{% endblock %}
+
+{% block body_content %}
+    {% set lang = app.request.session.get('_locale') is defined  and app.request.session.get('_locale') is not null ? app.request.session.get('_locale') : app.request.server.get('DEFAULT_LOCALE') %}
+
+    <div class="container mx-auto">
+        <div id="headercontainer">
+            <div id="langcontainer" class="flex justify-around">
+                {% for locale in locales %}
+                    <a href="{{ asset(path('locale_change', {'locale':locale })) }}" title="{{locale}}" aria-label="{{locale}}"><img class="w-10" src="{{ asset('flags/'~ locale ~'.svg') }}"/></a>
+                {% endfor %}
+            </div>
+
+            <div id="titlecontainer" class="text-center p-5">
+                {% if loginRequestInfo.client.logo_uri is not empty %}
+                    <img class="mx-auto" style="width:150px" src="{{ loginRequestInfo.client.logo_uri }}" alt="user image" />
+                {% endif %}
+                <h1 class="font-medium leading-tight text-5xl">{{ loginRequestInfo.client.client_name }}</h1>
+            </div>
+            
+            <div id="subtitlecontainer">
+                <h2 class="font-medium leading-tight text-3xl mt-0 mb-5 text-center">{{ 'view.login.call_to_action'|trans({}, 'view', app.request.session.get('_locale')) }}</h2>
+            </div>
+
+            <div id="flashcontainer">
+                {% block flash %}
+                    {% for type, alert in {error: 'bg-red-400', danger: 'bg-red-400', warning: 'bg-yellow-400', info: 'bg-blue-400', success: 'bg-green-400'} %}
+                        {% for message in app.session.flashBag.get(type) %}
+                        <div class="rounded mb-5 p-5 {{alert}}">
+                            <p role="{{ alert is same as('success') ? 'status' : (alert is same as('danger') or alert is same as ('warning'))? 'alert' : '' }}">		
+                                {{ message|raw }}
+                            </p>
+                        </div>
+                        {% endfor %}
+                    {% endfor %}
+                {% endblock %}
+            </div>
+        </div>
+
+        <div id="maincontainer">
+            {{ form_start(form) }}
+
+            <div id="formerrorcontainer">
+                {{ form_errors(form.app) }}
+            </div>
+
+            <div id="choicecontainer">
+            {% for choice in form.app.vars.choices %}
+                {% set choice_id = form.app.vars.full_name ~ '[' ~ choice.value ~ ']' %}
+                {% set label_id = form.app.vars.full_name ~ '-label-' ~ choice.value %}
+                <div class="choicelogin last:mb-0 mb-5">
+                    <input aria-labelledby="{{label_id}}" type="submit" class="hidden" id="{{ choice_id }}" value="{{ choice.value }}" name="{{form.app.vars.full_name}}" />
+                    
+                    <label for="{{ choice_id }}" class="app-item flex flex-row w-full cursor-pointer rounded-lg bg-white shadow-lg">
+                        {% if choice.data.iconUrl %}
+                        <div class="choiceloginlogo w-full h-auto object-cover w-24 rounded-t-lg rounded-r-none rounded-l-lg bg-contain bg-no-repeat bg-center ml-5 mr-2" style="background-image:url('{{ choice.data.iconUrl }}')"></div>
+                        {% endif %}
+
+                        <div class="choicelogintitle p-6 flex flex-col justify-start w-full">
+                            <h5 class="text-gray-900 text-xl font-medium mb-2">{{ choice.label }}</h5>
+                            <p class="text-gray-700 text-base mb-4">
+                                {{ choice.data.description(lang) }}
+                            </p>
+                        </div>
+                    </label>
+                </div>
+            {% endfor %}
+            </div>
+
+            {% do form.app.setRendered %}
+
+            <div id="submitcontainer">
+                {{form_row(form.submit, {'attr' : {'class' : 'btnlogin w-full px-7 py-5 mt-5 bg-sky-500 text-white font-medium text-sm cursor-pointer leading-snug uppercase rounded shadow-md hover:bg-sky-700 hover:shadow-lg focus:bg-sky-900 focus:shadow-lg focus:outline-none focus:ring-0 active:bg-sky-900 active:shadow-lg transition duration-150 ease-in-out'}})}}
+            </div>
+
+            {{ form_rest(form) }}
+            {{ form_end(form) }}
+        </div>
+    </div>
+{% endblock %}

misc/images/hydra-dispatcher/theme.css

@@ -0,0 +1,59 @@
+body {
+    background-color: #fff !important;
+}
+
+.place-items-center {
+    place-items: normal;
+}
+
+#langcontainer{
+    display:none;
+}
+
+.container {
+    max-width: 1100px;
+}
+
+input[type="radio"]:checked ~ .app-item {
+    --tw-shadow: 0 10px 15px -3px rgb(22 78 99 / 0.3), 0 4px 6px -4px rgb(22 78 99 / 0.3);
+    background-color: rgba(240, 240, 240, 0.507);
+}
+
+#choicecontainer {
+    display: flex;
+    flex-wrap: wrap;
+}
+
+.choicelogin {
+    flex: 1 1 33.333333%;
+    padding: 10px;
+    height: 350px;
+}
+
+.app-item {
+    height:100%;
+    display: flex;
+    flex-wrap: wrap;    
+    text-align: center;
+    background-color: #ecf0f1;
+}
+
+.app-item > * {
+    flex: 1 1 100%;
+}
+
+.object-cover {
+    height:130px;
+    margin-top:30px;
+}
+
+h2{
+    font-size: 18px !important;
+}
+h5 {
+    font-size:30px !important;
+}
+
+#submitcontainer {
+    display:none;
+}

misc/images/hydra/clients.d/nineskeletor.json

@@ -0,0 +1,19 @@
+{
+	"client_id": "nineskeletor",
+	"client_name": "Nineskeletor",
+	"client_secret": "changeme",
+	"grant_types": [
+		"authorization_code",
+		"refresh_token"
+	],
+	"jwks": {},
+	"metadata": {},
+	"token_endpoint_auth_method": "client_secret_post",
+	"post_logout_redirect_uris": ["https://127.0.0.1:8000"],
+	"redirect_uris": ["https://127.0.0.1:8000/oauth2/callback"],
+	"response_types": [
+		"code"
+	],
+	"logo_uri": "https://127.0.0.1:8000/minio/logo",
+	"scope": "openid"
+}

misc/images/minio/nginx.conf

@@ -0,0 +1,67 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    # include /etc/nginx/conf.d/*.conf;
+
+    upstream minio {
+        server minio1:9000;
+        server minio2:9000;
+        server minio3:9000;
+        server minio4:9000;
+    }
+
+    server {
+        listen       9000;
+        server_name  localhost;
+
+         # To allow special characters in headers
+         ignore_invalid_headers off;
+         # Allow any size file to be uploaded.
+         # Set to a value such as 1000m; to restrict file size to a specific value
+         client_max_body_size 0;
+         # To disable buffering
+         proxy_buffering off;
+
+        location / {
+            proxy_set_header Host $http_host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+
+            proxy_connect_timeout 300;
+            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
+            proxy_http_version 1.1;
+            proxy_set_header Connection "";
+            chunked_transfer_encoding off;
+
+            proxy_pass http://minio;
+        }
+    }
+}

misc/images/postgres/init-user-db.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+set -e
+set -u
+
+function create_user_and_database() {
+	local database=$1
+	echo "  Creating user and database '$database'"
+	psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
+	    CREATE USER $database;
+	    CREATE DATABASE $database;
+	    GRANT ALL PRIVILEGES ON DATABASE $database TO $database;
+EOSQL
+}
+
+if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
+	echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES"
+	for db in $(echo $POSTGRES_MULTIPLE_DATABASES | tr ',' ' '); do
+		create_user_and_database $db
+	done
+	echo "Multiple databases created"
+fi

misc/images/redis-sentinel/Dockerfile

@@ -0,0 +1,19 @@
+FROM redis:6-alpine
+ 
+ENV SENTINEL_QUORUM 2
+ENV SENTINEL_DOWN_AFTER 1000
+ENV SENTINEL_FAILOVER 1000
+ 
+RUN mkdir -p /redis
+ 
+WORKDIR /redis
+ 
+COPY sentinel.conf .
+COPY sentinel-entrypoint.sh /usr/local/bin/
+ 
+RUN chown redis:redis /redis/* && \
+    chmod +x /usr/local/bin/sentinel-entrypoint.sh
+ 
+EXPOSE 26379
+ 
+ENTRYPOINT ["sentinel-entrypoint.sh"]

misc/images/redis-sentinel/sentinel-entrypoint.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+ 
+sed -i "s/\$SENTINEL_QUORUM/$SENTINEL_QUORUM/g" /redis/sentinel.conf
+sed -i "s/\$SENTINEL_DOWN_AFTER/$SENTINEL_DOWN_AFTER/g" /redis/sentinel.conf
+sed -i "s/\$SENTINEL_FAILOVER/$SENTINEL_FAILOVER/g" /redis/sentinel.conf
+ 
+redis-server /redis/sentinel.conf --sentinel

misc/images/redis-sentinel/sentinel.conf

@@ -0,0 +1,9 @@
+port 26379
+
+dir /tmp
+
+sentinel resolve-hostnames yes
+sentinel monitor redismaster redis-master 6379 $SENTINEL_QUORUM
+sentinel down-after-milliseconds redismaster $SENTINEL_DOWN_AFTER
+sentinel parallel-syncs redismaster 1
+sentinel failover-timeout redismaster $SENTINEL_FAILOVER

misc/k8s/kustomization/base/resources/app/kustomization.yaml

@@ -3,4 +3,4 @@ kind: Kustomization
 
 resources:
 - app-service.yaml
-- app-deployment.yaml
+- app-deployment.yaml

misc/k8s/kustomization/base/resources/phpldapadmin/kustomization.yaml

@@ -4,4 +4,3 @@ kind: Kustomization
 resources:
 - phpldapadmin-deployment.yaml
 - phpldapadmin-service.yaml
-

misc/k8s/kustomization/base/resources/sftpbrowser/kustomization.yaml

@@ -3,4 +3,4 @@ kind: Kustomization
 
 resources:
 - sftpbrowser-deployment.yaml
-- sftpbrowser-service.yaml
+- sftpbrowser-service.yaml

misc/k8s/kustomization/base/resources/sftpbrowser/sftpbrowser-deployment.yaml

@@ -19,10 +19,14 @@ spec:
         image: reg.cadoles.com/afornerot/sftpbrowser
         imagePullPolicy: "Always"
         env:
+            - name: APACHE_ALIAS
+              value: 'sftpbrowser'          
             - name: SFTP_HOST
-              value: ${SFTP_SERVICE_NAME}
+              value: $(SFTP_SERVICE_NAME)
             - name: SFTP_PORT
               value: "22"
+            - name: SFTP_FOLDER
+              value: ""
             - name: SFTP_USER
               valueFrom:
                 secretKeyRef: 

misc/k8s/kustomization/overlays/dev/resources/ingress.yaml

@@ -33,7 +33,7 @@ spec:
             name: sftpbrowser
             port:
               number: 8080  
-      - path: /pouet
+      - path: /
         pathType: Prefix
         backend:
           service: