diff --git a/docker/volume/openldap/envole/changepasswod.sh b/.env.local similarity index 100% rename from docker/volume/openldap/envole/changepasswod.sh rename to .env.local diff --git a/docker/envole.sh b/docker/envole.sh index ecd1b9c..22cb8f0 100755 --- a/docker/envole.sh +++ b/docker/envole.sh @@ -3,6 +3,8 @@ #1 : action = default up #2 : service = optionnel +cd /usr/share/envole/docker + # Fusionner l'ensemble des fichier .env en un seul rm -f ./.env.local cat ./env/.env* >> ./.env.local @@ -194,6 +196,104 @@ createdatabase(){ fi } +function upmariadb { + if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]] + then + Title "MARIADB" + upservice $MARIADB_SERVICE_NAME + createdatabase + fi +} + +function upopenldap { + if [[ $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]] + then + Title ${OPENLDAP_SERVICE_NAME^^} + + mkdir -p ./volume/openldap/data + chmod a+wr ./volume/openldap/data + + upservice $OPENLDAP_SERVICE_NAME + $PODCOMPOSEBIN exec $OPENLDAP_SERVICE_NAME /envole/init.sh + echo + fi +} + +function upkeycloak { + if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]] + then + Title ${KEYCLOAK_SERVICE_NAME^^} + upservice $KEYCLOAK_SERVICE_NAME + echo + fi +} + +function upninegate { + if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]] + then + Title ${NINEGATE_SERVICE_NAME^^} + upservice ${NINEGATE_SERVICE_NAME} + chmod -R a+wr ./volume/ninegate/data + echo + fi +} + +function upnineboard { + if [[ $NINEBOARD_ACTIVATE == 1 && $NINEBOARD_LOCAL == 1 ]] + then + Title ${NINEBOARD_SERVICE_NAME^^} + upservice ${NINEBOARD_SERVICE_NAME} + chmod -R a+wr ./volume/nineboard/data + echo + fi +} + +function upnextcloud { + if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]] + then + Title ${NEXTCLOUD_SERVICE_NAME^^} + upservice ${NEXTCLOUD_SERVICE_NAME} + echo + fi + +} + +function upwordpress { + if [[ $WORDPRESS_ACTIVATE == 1 && $WORDPRESS_LOCAL == 1 ]] + then + Title ${WORDPRESS_SERVICE_NAME^^} + upservice ${WORDPRESS_SERVICE_NAME} + echo + fi +} + +function upadminer { + if [[ $ADMINER_ACTIVATE == 1 && $ADMINER_LOCAL == 1 ]] + then + Title ${ADMINER_SERVICE_NAME^^} + $PODCOMPOSEBIN up -d ${ADMINER_SERVICE_NAME} + echo + fi +} + +function upphpldapadmin { + if [[ $PHPLDAPADMIN_ACTIVATE == 1 && $PHPLDAPADMIN_LOCAL == 1 ]] + then + Title ${PHPLDAPADMIN_SERVICE_NAME^^} + $PODCOMPOSEBIN up -d ${PHPLDAPADMIN_SERVICE_NAME} + echo + fi +} + +function upnineapache { + if [[ $NINEAPACHE_ACTIVATE == 1 && $NINEAPACHE_LOCAL == 1 ]] + then + Title ${NINEAPACHE_SERVICE_NAME^^} + $PODCOMPOSEBIN up -d ${NINEAPACHE_SERVICE_NAME} + echo + fi +} + #=========================================================================================================================================== #== UP ===================================================================================================================================== #=========================================================================================================================================== @@ -221,96 +321,42 @@ up(){ fi # MARIADB - if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]] + upmariadb + + # OPENLDAP + upopenldap + + # KEYCLOAK + upkeycloak + + # NINEGATE + upninegate + + # NINEBOARD + upnineboard + + # NEXTCLOUD + upnextcloud + + # WORDPRESS + upwordpress + + # ADMINER + upadminer + + # PHPLDAPADMIN + upphpldapadmin + + # NINEAPACHE + upnineapache + else + env ${1} + if [[ $1 != "mariadb" ]] then - Title "MARIADB" - upservice $MARIADB_SERVICE_NAME createdatabase fi - # OPENLDAP - if [[ $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]] - then - Title ${OPENLDAP_SERVICE_NAME^^} - - mkdir -p ./volume/openldap/data - chmod a+wr ./volume/openldap/data - - upservice $OPENLDAP_SERVICE_NAME - $PODCOMPOSEBIN exec $OPENLDAP_SERVICE_NAME /envole/init.sh - echo - fi - - # CAS - if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]] - then - Title ${KEYCLOAK_SERVICE_NAME^^} - upservice $KEYCLOAK_SERVICE_NAME - echo - fi - - # NINEGATE - if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]] - then - Title ${NINEGATE_SERVICE_NAME^^} - upservice ${NINEGATE_SERVICE_NAME} - chmod -R a+wr ./volume/ninegate/data - echo - fi - - # NINEBOARD - if [[ $NINEBOARD_ACTIVATE == 1 && $NINEBOARD_LOCAL == 1 ]] - then - Title ${NINEBOARD_SERVICE_NAME^^} - upservice ${NINEBOARD_SERVICE_NAME} - chmod -R a+wr ./volume/nineboard/data - echo - fi - - # NEXTCLOUD - if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]] - then - Title ${NEXTCLOUD_SERVICE_NAME^^} - upservice ${NEXTCLOUD_SERVICE_NAME} - echo - fi - - # WORDPRESS - if [[ $WORDPRESS_ACTIVATE == 1 && $WORDPRESS_LOCAL == 1 ]] - then - Title ${WORDPRESS_SERVICE_NAME^^} - upservice ${WORDPRESS_SERVICE_NAME} - echo - fi - - # ADMINER - if [[ $ADMINER_ACTIVATE == 1 && $ADMINER_LOCAL == 1 ]] - then - Title ${ADMINER_SERVICE_NAME^^} - $PODCOMPOSEBIN up -d ${ADMINER_SERVICE_NAME} - echo - fi - - # PHPLDAPADMIN - if [[ $PHPLDAPADMIN_ACTIVATE == 1 && $PHPLDAPADMIN_LOCAL == 1 ]] - then - Title ${PHPLDAPADMIN_SERVICE_NAME^^} - $PODCOMPOSEBIN up -d ${PHPLDAPADMIN_SERVICE_NAME} - echo - fi - - # NINEAPACHE - if [[ $NINEAPACHE_ACTIVATE == 1 && $NINEAPACHE_LOCAL == 1 ]] - then - Title ${NINEAPACHE_SERVICE_NAME^^} - $PODCOMPOSEBIN up -d ${NINEAPACHE_SERVICE_NAME} - echo - fi - else - env ${1} - createdatabase - Title ${1^^} - $PODCOMPOSEBIN up -d $1 + up${1} fi } @@ -494,12 +540,8 @@ else EchoRouge "envole.sh logs monservice > LOGS de monservice" EchoRouge "envole.sh iswait monservice > monservice est-il en cours de construction" EchoRouge "envole.sh env monservice > regeneration du fichier d'environnement de monservice" - - - - - - + EchoRouge "envole.sh regen > lance destroyall puis up sur l'ensemble des service" + EchoRouge "envole.sh regen monservice > lance destroy monservice puis up monservice" fi echo diff --git a/docker/volume/openldap/envole/changepassword.sh b/docker/volume/openldap/envole/changepassword.sh new file mode 100755 index 0000000..950ecd6 --- /dev/null +++ b/docker/volume/openldap/envole/changepassword.sh @@ -0,0 +1 @@ +ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "uid=$1,ou=users,ou=ninegate,dc=envole,dc=org" \ No newline at end of file diff --git a/docker/volume/openldap/envole/init.sh b/docker/volume/openldap/envole/init.sh index e6369f2..454eb53 100755 --- a/docker/volume/openldap/envole/init.sh +++ b/docker/volume/openldap/envole/init.sh @@ -1,24 +1,10 @@ #!/bin/bash -if [[ "${MASTERIDENTITY}" == "SQL" ]] +if [[ ! -f /bitnami/openldap/.isinit ]] then - # Modification compte cn=admin pour changer son password si besoin - # slappasswd -h {SHA} -s ${LDAP_PASSWORD} > /tmp/cnpwd.txt - # haspassword=`cat /tmp/cnpwd.txt` - # echo "dn: ${LDAP_USER}" > /tmp/cnadmin.ldif - # echo "changetype: modify" >> /tmp/cnadmin.ldif - # echo "replace: userPassword" >> /tmp/cnadmin.ldif - # echo "userPassword: ${haspassword}" >> /tmp/cnadmin.ldif - # ldapmodify -Y EXTERNAL -H ldapi:/// -f '/tmp/cnadmin.ldif' - - # Modification compte uid=admin pour changer son password si besoin - # slappasswd -h {SHA} -s ${ADMIN_PASSWORD} > /tmp/uidpwd.txt - # haspassword=`cat /tmp/uidpwd.txt` - # echo "dn: uid=${ADMIN_USER},${LDAP_BASEUSER}" > /tmp/uidpwd.ldif - # echo "changetype: modify" >> /tmp/uidpwd.ldif - # echo "replace: userPassword" >> /tmp/uidpwd.ldif - # echo "userPassword: ${haspassword}" >> /tmp/uidpwd.ldif - # ldapmodify -Y EXTERNAL -H ldapi:/// -f '/tmp/uidpwd.ldif' + echo "" + echo "Initialisation annuaire" + echo "" # Suppression de l'entrée users généré automatiquement par l'image docker bitnami/openldap ldapdelete ou=users,${LDAP_BASEDN} -r -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} 2>/dev/null @@ -26,5 +12,7 @@ then # Integration du ldif de base ldapadd -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -f '/envole/ldif/cadoles.ldif' 2>/dev/null + /envole/changepassword.sh admin ${ADMIN_PASSWORD} -fi \ No newline at end of file + touch /bitnami/openldap/.isinit +fi diff --git a/docker/volume/openldap/envole/ldif/cadoles.ldif b/docker/volume/openldap/envole/ldif/cadoles.ldif index 19b08fb..238d144 100755 --- a/docker/volume/openldap/envole/ldif/cadoles.ldif +++ b/docker/volume/openldap/envole/ldif/cadoles.ldif @@ -61,7 +61,6 @@ givenname: Administrateur mail: admin@no-reply.fr siren: 0000000A niveau01: envole -parger: 1 userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2 diff --git a/misc/tools/e-reconfigure.sh b/misc/tools/e-reconfigure.sh index dd45dac..b16e18b 100755 --- a/misc/tools/e-reconfigure.sh +++ b/misc/tools/e-reconfigure.sh @@ -24,6 +24,8 @@ done Title "Restart apache" service apache2 restart -chmod +x $container_path_web/usr/share/envole/docker/envole.sh -$RunCmd "cd /usr/share/envole/docker && ./envole.sh" web - +if [[ "$1" != "refresh" ]] +then + chmod +x $container_path_web/usr/share/envole/docker/envole.sh + $RunCmd "envole $1 $2" web +fi diff --git a/tmp/.env. b/tmp/.env. new file mode 100644 index 0000000..e69de29 diff --git a/tmpl/envole-nineboard.env b/tmpl/envole-nineboard.env index e0e872b..22bf40c 100644 --- a/tmpl/envole-nineboard.env +++ b/tmpl/envole-nineboard.env @@ -6,14 +6,16 @@ APP_SECRET=%%getVar("nineboard_secret","changeme") APP_ALIAS=nineboard/ %if %%getVar("activer_ninegate", "non") == "oui" -APP_MASTERIDENTITY=NINEGATE +APP_MASTERIDENTITY=Ninegate APP_MASTERURL=${NINEGATE_URL} APP_MASTERKEY=%%getVar("ninegate_secret","") %else %if %%getVar("activer_openldap", "non") == "oui" APP_MASTERIDENTITY=LDAP -%end if -%end if - LDAP_MODEL=${LDAP_TEMPLATE} +LDAP_FILTERGROUP=${LDAP_GROUP_FILTER} +LDAP_FILTERUSER=${LDAP_USER_FILTER} +%end if +%end if +