diff --git a/overlays/dev/patches/ConfigMap-ldap-script.yaml b/overlays/dev/patches/ConfigMap-ldap-script.yaml index f6405b8..4329b5b 100644 --- a/overlays/dev/patches/ConfigMap-ldap-script.yaml +++ b/overlays/dev/patches/ConfigMap-ldap-script.yaml @@ -34,16 +34,16 @@ data: su -s /bin/sh -c "/var/www/html/occ app:install user_ldap" www-data su -s /bin/sh -c "/var/www/html/occ app:update user_ldap" www-data su -s /bin/sh -c "/var/www/html/occ app:enable user_ldap" www-data - su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data + #su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data ## test if backend ldap is activated and create empty config if not # - #touch /tmp/nxt-ldap.txt - #su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data - #if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then - # su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data - # #sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q - #fi + touch /tmp/nxt-ldap.txt + chown www-data: /tmp/nxt-ldap.txt + su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data + if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then + su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data + fi # Configurez LDAP (configuration minimale) @@ -66,11 +66,6 @@ data: su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilter '${NEXTCLOUD_LDAP_GROUP_FILTR}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass '${NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupMemberAssocAttr '${NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO}'" www-data - - #sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilter "${ldapGroupFilter}" - #sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "${ldapGroupFilterObjectclass}" - #sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupMemberAssocAttr "${ldapGroupMemberAssocAttr}" - # Lancez le processus principal de Nextcloud normalement ça ne marche pas ça ! donc plutot poststart. #exec /entrypoint.sh "$@" diff --git a/overlays/dev/patches/deployment.yaml b/overlays/dev/patches/deployment.yaml index 62c19b4..13b0222 100644 --- a/overlays/dev/patches/deployment.yaml +++ b/overlays/dev/patches/deployment.yaml @@ -71,7 +71,6 @@ spec: # Partie minio S3 - name: OBJECTSTORE_S3_HOST value: minio:$(MINIO_SERVICE_PORT) -# value: $(MINIO_SERVICE_NAME):$(MINIO_SERVICE_PORT) - name: OBJECTSTORE_S3_BUCKET value: nextcloud-minio - name: OBJECTSTORE_S3_KEY # 15 @@ -82,7 +81,29 @@ spec: value: "true" - name: OBJECTSTORE_S3_SSL # 18 value: "true" - ################################## + +# # Partie AWS S3 => fonctionnelle sur scaleway +# - name: OBJECTSTORE_S3_BUCKET +# value: nextcloud-cadoles +# - name: OBJECTSTORE_S3_HOST +# value: s3.fr-par.scw.cloud +# - name: OBJECTSTORE_S3_PORT +# value: "443" +# - name: OBJECTSTORE_S3_REGION +# value: fr-par +# - name: OBJECTSTORE_S3_KEY +# value: MyAPIKey +# - name: OBJECTSTORE_S3_SECRET +# value: MyAPISecret +# - name: OBJECTSTORE_S3_USEPATH_STYLE +# value: "false" +# - name: OBJECTSTORE_S3_SSL +# value: "true" +# - name: OBJECTSTORE_S3_AUTOCREATE +# value: "true" +# - name: OBJECTSTORE_S3_OBJECT_PREFIX +# value: nxt_ + # Mise en place SMTP - name: MAIL_FROM_ADDRESS value: "nextcloud" @@ -109,7 +130,8 @@ spec: - name: NEXTCLOUD_DATA_DIR value: "/var/www/html/data" - ##ADD LDAP CONF + +# ADD LDAP CONF - name: NEXTCLOUD_LDAP_HOST value: ldaps://ldap.cadoles.com - name: NEXTCLOUD_LDAP_BASE @@ -117,23 +139,23 @@ spec: - name: NEXTCLOUD_LDAP_DN value: cn=reader,o=gouv,c=fr - name: NEXTCLOUD_LDAP_PASSWD - value: "phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae" + value: phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae - name: NEXTCLOUD_LDAP_BASE_GROUPS value: ou=groups,ou=cadoles,o=gouv,c=fr - name: NEXTCLOUD_LDAP_BASE_USERS value: ou=users,ou=cadoles,o=gouv,c=fr - name: NEXTCLOUD_LDAP_ACTIVE_CONF - value: "1" + value: '1' - name: NEXTCLOUD_LDAP_ADMIN_EXP - value: "0" + value: '0' - name: NEXTCLOUD_LDAP_EXP_UUID value: cn - name: NEXTCLOUD_LDAP_LOGIN_FILTER - value: (&(objectClass=person)(cn=%uid)) + value: (&(objectClass=person)(uid=%uid)) - name: NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR value: uid - name: NEXTCLOUD_LDAP_PORT - value: "636" + value: '636' - name: NEXTCLOUD_LDAP_USR_FILTR value: (|(objectclass=person)) - name: NEXTCLOUD_LDAP_OBJ_FILTR @@ -149,25 +171,25 @@ spec: - name: NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO value: gidNumber - livenessProbe: # vérifie si c'est planté ou non + livenessProbe: httpGet: path: /status.php - port: 80 # en reférence à ingress.yaml ? + port: 80 httpHeaders: - name: Host - value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml + value: nxt.cadoles.fr initialDelaySeconds: 50 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 failureThreshold: 6 - readinessProbe: # vérifie si c'est ok pour envoyer des requête ou non + readinessProbe: httpGet: path: /status.php - port: 80 # en référence à ingress.yaml ? + port: 80 httpHeaders: - name: Host - value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml + value: nxt.cadoles.fr initialDelaySeconds: 50 periodSeconds: 10 timeoutSeconds: 5 @@ -201,7 +223,7 @@ spec: name: minio-certs readOnly: true - # MOUNT-TRY-multi-instance +# MOUNT-TRY-multi-instance # - name: nextcloud-config-volume # monte le fichier de configuration dans # mountPath: /var/www/html/config # les instances supplémentaire # readOnly: false # via le configmap ConfigMaps-php.yaml diff --git a/overlays/dev/patches/nextcloud-S3.yaml b/overlays/dev/patches/nextcloud-S3.yaml index 62b77f0..bdc4381 100644 --- a/overlays/dev/patches/nextcloud-S3.yaml +++ b/overlays/dev/patches/nextcloud-S3.yaml @@ -22,3 +22,22 @@ - op: replace path: /spec/template/spec/containers/0/env/18/value #OBJECTSTORE_S3_SSL value: "true" + + + # Partie AWS S3 + - name: OBJECTSTORE_S3_BUCKET + value: nextcloud-cadoles + - name: OBJECTSTORE_S3_HOST + value: s3.fr-par.swc.cloud + - name: OBJECTSTORE_S3_PORT + value: "443" + - name: OBJECTSTORE_S3_REGION + value: fr-par + - name: OBJECTSTORE_S3_KEY # 15 + value: SCWGDBJ75JYMY2XVRG9A + - name: OBJECTSTORE_S3_SECRET + value: fd3bfcc2-cd39-453b-acea-5c5f3a241960 + - name: OBJECTSTORE_S3_USEPATH_STYLE + value: "true" + - name: OBJECTSTORE_S3_SSL # 18 + value: "true" \ No newline at end of file diff --git a/requires/kustomization.yaml b/requires/kustomization.yaml index e0c5711..f1b9ea9 100644 --- a/requires/kustomization.yaml +++ b/requires/kustomization.yaml @@ -8,5 +8,6 @@ resources: - https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop #- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop # Nextcloud ne fonctionne pas avec la couche sentinelle - https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop -- https://forge.cadoles.com/vfebvre/openldap-kustom?ref=develop +#- https://forge.cadoles.com/vfebvre/openldap-kustom?ref=develop #- ./lb => déplacé dans dev/ car propre à l'environnement cible +- https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml