add S3 resources, ok

This commit is contained in:
vfebvre 2023-09-05 17:05:09 +02:00
parent 666c1b3097
commit 4b0ab40b0d
4 changed files with 65 additions and 28 deletions

View File

@ -34,16 +34,16 @@ data:
su -s /bin/sh -c "/var/www/html/occ app:install user_ldap" www-data su -s /bin/sh -c "/var/www/html/occ app:install user_ldap" www-data
su -s /bin/sh -c "/var/www/html/occ app:update user_ldap" www-data su -s /bin/sh -c "/var/www/html/occ app:update user_ldap" www-data
su -s /bin/sh -c "/var/www/html/occ app:enable user_ldap" www-data su -s /bin/sh -c "/var/www/html/occ app:enable user_ldap" www-data
su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data #su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
## test if backend ldap is activated and create empty config if not ## test if backend ldap is activated and create empty config if not
# #
#touch /tmp/nxt-ldap.txt touch /tmp/nxt-ldap.txt
#su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data chown www-data: /tmp/nxt-ldap.txt
#if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data
# su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then
# #sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
#fi fi
# Configurez LDAP (configuration minimale) # Configurez LDAP (configuration minimale)
@ -67,11 +67,6 @@ data:
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass '${NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass '${NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS}'" www-data
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupMemberAssocAttr '${NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupMemberAssocAttr '${NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO}'" www-data
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilter "${ldapGroupFilter}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "${ldapGroupFilterObjectclass}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupMemberAssocAttr "${ldapGroupMemberAssocAttr}"
# Lancez le processus principal de Nextcloud normalement ça ne marche pas ça ! donc plutot poststart. # Lancez le processus principal de Nextcloud normalement ça ne marche pas ça ! donc plutot poststart.
#exec /entrypoint.sh "$@" #exec /entrypoint.sh "$@"

View File

@ -71,7 +71,6 @@ spec:
# Partie minio S3 # Partie minio S3
- name: OBJECTSTORE_S3_HOST - name: OBJECTSTORE_S3_HOST
value: minio:$(MINIO_SERVICE_PORT) value: minio:$(MINIO_SERVICE_PORT)
# value: $(MINIO_SERVICE_NAME):$(MINIO_SERVICE_PORT)
- name: OBJECTSTORE_S3_BUCKET - name: OBJECTSTORE_S3_BUCKET
value: nextcloud-minio value: nextcloud-minio
- name: OBJECTSTORE_S3_KEY # 15 - name: OBJECTSTORE_S3_KEY # 15
@ -82,7 +81,29 @@ spec:
value: "true" value: "true"
- name: OBJECTSTORE_S3_SSL # 18 - name: OBJECTSTORE_S3_SSL # 18
value: "true" value: "true"
##################################
# # Partie AWS S3 => fonctionnelle sur scaleway
# - name: OBJECTSTORE_S3_BUCKET
# value: nextcloud-cadoles
# - name: OBJECTSTORE_S3_HOST
# value: s3.fr-par.scw.cloud
# - name: OBJECTSTORE_S3_PORT
# value: "443"
# - name: OBJECTSTORE_S3_REGION
# value: fr-par
# - name: OBJECTSTORE_S3_KEY
# value: MyAPIKey
# - name: OBJECTSTORE_S3_SECRET
# value: MyAPISecret
# - name: OBJECTSTORE_S3_USEPATH_STYLE
# value: "false"
# - name: OBJECTSTORE_S3_SSL
# value: "true"
# - name: OBJECTSTORE_S3_AUTOCREATE
# value: "true"
# - name: OBJECTSTORE_S3_OBJECT_PREFIX
# value: nxt_
# Mise en place SMTP # Mise en place SMTP
- name: MAIL_FROM_ADDRESS - name: MAIL_FROM_ADDRESS
value: "nextcloud" value: "nextcloud"
@ -109,7 +130,8 @@ spec:
- name: NEXTCLOUD_DATA_DIR - name: NEXTCLOUD_DATA_DIR
value: "/var/www/html/data" value: "/var/www/html/data"
##ADD LDAP CONF
# ADD LDAP CONF
- name: NEXTCLOUD_LDAP_HOST - name: NEXTCLOUD_LDAP_HOST
value: ldaps://ldap.cadoles.com value: ldaps://ldap.cadoles.com
- name: NEXTCLOUD_LDAP_BASE - name: NEXTCLOUD_LDAP_BASE
@ -117,23 +139,23 @@ spec:
- name: NEXTCLOUD_LDAP_DN - name: NEXTCLOUD_LDAP_DN
value: cn=reader,o=gouv,c=fr value: cn=reader,o=gouv,c=fr
- name: NEXTCLOUD_LDAP_PASSWD - name: NEXTCLOUD_LDAP_PASSWD
value: "phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae" value: phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae
- name: NEXTCLOUD_LDAP_BASE_GROUPS - name: NEXTCLOUD_LDAP_BASE_GROUPS
value: ou=groups,ou=cadoles,o=gouv,c=fr value: ou=groups,ou=cadoles,o=gouv,c=fr
- name: NEXTCLOUD_LDAP_BASE_USERS - name: NEXTCLOUD_LDAP_BASE_USERS
value: ou=users,ou=cadoles,o=gouv,c=fr value: ou=users,ou=cadoles,o=gouv,c=fr
- name: NEXTCLOUD_LDAP_ACTIVE_CONF - name: NEXTCLOUD_LDAP_ACTIVE_CONF
value: "1" value: '1'
- name: NEXTCLOUD_LDAP_ADMIN_EXP - name: NEXTCLOUD_LDAP_ADMIN_EXP
value: "0" value: '0'
- name: NEXTCLOUD_LDAP_EXP_UUID - name: NEXTCLOUD_LDAP_EXP_UUID
value: cn value: cn
- name: NEXTCLOUD_LDAP_LOGIN_FILTER - name: NEXTCLOUD_LDAP_LOGIN_FILTER
value: (&(objectClass=person)(cn=%uid)) value: (&(objectClass=person)(uid=%uid))
- name: NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR - name: NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR
value: uid value: uid
- name: NEXTCLOUD_LDAP_PORT - name: NEXTCLOUD_LDAP_PORT
value: "636" value: '636'
- name: NEXTCLOUD_LDAP_USR_FILTR - name: NEXTCLOUD_LDAP_USR_FILTR
value: (|(objectclass=person)) value: (|(objectclass=person))
- name: NEXTCLOUD_LDAP_OBJ_FILTR - name: NEXTCLOUD_LDAP_OBJ_FILTR
@ -149,25 +171,25 @@ spec:
- name: NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO - name: NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO
value: gidNumber value: gidNumber
livenessProbe: # vérifie si c'est planté ou non livenessProbe:
httpGet: httpGet:
path: /status.php path: /status.php
port: 80 # en reférence à ingress.yaml ? port: 80
httpHeaders: httpHeaders:
- name: Host - name: Host
value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml value: nxt.cadoles.fr
initialDelaySeconds: 50 initialDelaySeconds: 50
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5
successThreshold: 1 successThreshold: 1
failureThreshold: 6 failureThreshold: 6
readinessProbe: # vérifie si c'est ok pour envoyer des requête ou non readinessProbe:
httpGet: httpGet:
path: /status.php path: /status.php
port: 80 # en référence à ingress.yaml ? port: 80
httpHeaders: httpHeaders:
- name: Host - name: Host
value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml value: nxt.cadoles.fr
initialDelaySeconds: 50 initialDelaySeconds: 50
periodSeconds: 10 periodSeconds: 10
timeoutSeconds: 5 timeoutSeconds: 5

View File

@ -22,3 +22,22 @@
- op: replace - op: replace
path: /spec/template/spec/containers/0/env/18/value #OBJECTSTORE_S3_SSL path: /spec/template/spec/containers/0/env/18/value #OBJECTSTORE_S3_SSL
value: "true" value: "true"
# Partie AWS S3
- name: OBJECTSTORE_S3_BUCKET
value: nextcloud-cadoles
- name: OBJECTSTORE_S3_HOST
value: s3.fr-par.swc.cloud
- name: OBJECTSTORE_S3_PORT
value: "443"
- name: OBJECTSTORE_S3_REGION
value: fr-par
- name: OBJECTSTORE_S3_KEY # 15
value: SCWGDBJ75JYMY2XVRG9A
- name: OBJECTSTORE_S3_SECRET
value: fd3bfcc2-cd39-453b-acea-5c5f3a241960
- name: OBJECTSTORE_S3_USEPATH_STYLE
value: "true"
- name: OBJECTSTORE_S3_SSL # 18
value: "true"

View File

@ -8,5 +8,6 @@ resources:
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop - https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
#- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop # Nextcloud ne fonctionne pas avec la couche sentinelle #- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop # Nextcloud ne fonctionne pas avec la couche sentinelle
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop - https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
- https://forge.cadoles.com/vfebvre/openldap-kustom?ref=develop #- https://forge.cadoles.com/vfebvre/openldap-kustom?ref=develop
#- ./lb => déplacé dans dev/ car propre à l'environnement cible #- ./lb => déplacé dans dev/ car propre à l'environnement cible
- https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml