add S3 resources, ok

This commit is contained in:
vfebvre 2023-09-05 17:05:09 +02:00
parent 666c1b3097
commit 4b0ab40b0d
4 changed files with 65 additions and 28 deletions

View File

@ -34,16 +34,16 @@ data:
su -s /bin/sh -c "/var/www/html/occ app:install user_ldap" www-data
su -s /bin/sh -c "/var/www/html/occ app:update user_ldap" www-data
su -s /bin/sh -c "/var/www/html/occ app:enable user_ldap" www-data
su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
#su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
## test if backend ldap is activated and create empty config if not
#
#touch /tmp/nxt-ldap.txt
#su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data
#if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then
# su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
# #sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q
#fi
touch /tmp/nxt-ldap.txt
chown www-data: /tmp/nxt-ldap.txt
su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data
if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then
su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
fi
# Configurez LDAP (configuration minimale)
@ -66,11 +66,6 @@ data:
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilter '${NEXTCLOUD_LDAP_GROUP_FILTR}'" www-data
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass '${NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS}'" www-data
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupMemberAssocAttr '${NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO}'" www-data
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilter "${ldapGroupFilter}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "${ldapGroupFilterObjectclass}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupMemberAssocAttr "${ldapGroupMemberAssocAttr}"
# Lancez le processus principal de Nextcloud normalement ça ne marche pas ça ! donc plutot poststart.
#exec /entrypoint.sh "$@"

View File

@ -71,7 +71,6 @@ spec:
# Partie minio S3
- name: OBJECTSTORE_S3_HOST
value: minio:$(MINIO_SERVICE_PORT)
# value: $(MINIO_SERVICE_NAME):$(MINIO_SERVICE_PORT)
- name: OBJECTSTORE_S3_BUCKET
value: nextcloud-minio
- name: OBJECTSTORE_S3_KEY # 15
@ -82,7 +81,29 @@ spec:
value: "true"
- name: OBJECTSTORE_S3_SSL # 18
value: "true"
##################################
# # Partie AWS S3 => fonctionnelle sur scaleway
# - name: OBJECTSTORE_S3_BUCKET
# value: nextcloud-cadoles
# - name: OBJECTSTORE_S3_HOST
# value: s3.fr-par.scw.cloud
# - name: OBJECTSTORE_S3_PORT
# value: "443"
# - name: OBJECTSTORE_S3_REGION
# value: fr-par
# - name: OBJECTSTORE_S3_KEY
# value: MyAPIKey
# - name: OBJECTSTORE_S3_SECRET
# value: MyAPISecret
# - name: OBJECTSTORE_S3_USEPATH_STYLE
# value: "false"
# - name: OBJECTSTORE_S3_SSL
# value: "true"
# - name: OBJECTSTORE_S3_AUTOCREATE
# value: "true"
# - name: OBJECTSTORE_S3_OBJECT_PREFIX
# value: nxt_
# Mise en place SMTP
- name: MAIL_FROM_ADDRESS
value: "nextcloud"
@ -109,7 +130,8 @@ spec:
- name: NEXTCLOUD_DATA_DIR
value: "/var/www/html/data"
##ADD LDAP CONF
# ADD LDAP CONF
- name: NEXTCLOUD_LDAP_HOST
value: ldaps://ldap.cadoles.com
- name: NEXTCLOUD_LDAP_BASE
@ -117,23 +139,23 @@ spec:
- name: NEXTCLOUD_LDAP_DN
value: cn=reader,o=gouv,c=fr
- name: NEXTCLOUD_LDAP_PASSWD
value: "phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae"
value: phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae
- name: NEXTCLOUD_LDAP_BASE_GROUPS
value: ou=groups,ou=cadoles,o=gouv,c=fr
- name: NEXTCLOUD_LDAP_BASE_USERS
value: ou=users,ou=cadoles,o=gouv,c=fr
- name: NEXTCLOUD_LDAP_ACTIVE_CONF
value: "1"
value: '1'
- name: NEXTCLOUD_LDAP_ADMIN_EXP
value: "0"
value: '0'
- name: NEXTCLOUD_LDAP_EXP_UUID
value: cn
- name: NEXTCLOUD_LDAP_LOGIN_FILTER
value: (&(objectClass=person)(cn=%uid))
value: (&(objectClass=person)(uid=%uid))
- name: NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR
value: uid
- name: NEXTCLOUD_LDAP_PORT
value: "636"
value: '636'
- name: NEXTCLOUD_LDAP_USR_FILTR
value: (|(objectclass=person))
- name: NEXTCLOUD_LDAP_OBJ_FILTR
@ -149,25 +171,25 @@ spec:
- name: NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO
value: gidNumber
livenessProbe: # vérifie si c'est planté ou non
livenessProbe:
httpGet:
path: /status.php
port: 80 # en reférence à ingress.yaml ?
port: 80
httpHeaders:
- name: Host
value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml
value: nxt.cadoles.fr
initialDelaySeconds: 50
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
readinessProbe: # vérifie si c'est ok pour envoyer des requête ou non
readinessProbe:
httpGet:
path: /status.php
port: 80 # en référence à ingress.yaml ?
port: 80
httpHeaders:
- name: Host
value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml
value: nxt.cadoles.fr
initialDelaySeconds: 50
periodSeconds: 10
timeoutSeconds: 5
@ -201,7 +223,7 @@ spec:
name: minio-certs
readOnly: true
# MOUNT-TRY-multi-instance
# MOUNT-TRY-multi-instance
# - name: nextcloud-config-volume # monte le fichier de configuration dans
# mountPath: /var/www/html/config # les instances supplémentaire
# readOnly: false # via le configmap ConfigMaps-php.yaml

View File

@ -22,3 +22,22 @@
- op: replace
path: /spec/template/spec/containers/0/env/18/value #OBJECTSTORE_S3_SSL
value: "true"
# Partie AWS S3
- name: OBJECTSTORE_S3_BUCKET
value: nextcloud-cadoles
- name: OBJECTSTORE_S3_HOST
value: s3.fr-par.swc.cloud
- name: OBJECTSTORE_S3_PORT
value: "443"
- name: OBJECTSTORE_S3_REGION
value: fr-par
- name: OBJECTSTORE_S3_KEY # 15
value: SCWGDBJ75JYMY2XVRG9A
- name: OBJECTSTORE_S3_SECRET
value: fd3bfcc2-cd39-453b-acea-5c5f3a241960
- name: OBJECTSTORE_S3_USEPATH_STYLE
value: "true"
- name: OBJECTSTORE_S3_SSL # 18
value: "true"

View File

@ -8,5 +8,6 @@ resources:
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
#- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop # Nextcloud ne fonctionne pas avec la couche sentinelle
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
- https://forge.cadoles.com/vfebvre/openldap-kustom?ref=develop
#- https://forge.cadoles.com/vfebvre/openldap-kustom?ref=develop
#- ./lb => déplacé dans dev/ car propre à l'environnement cible
- https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml