Envole/envole
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Envole:460bdb39933560290bc85e45623aff13483e219e
Branches Tags
Envole:master Envole:withninedocker
..
compare: Envole:master
Branches Tags
Envole:withninedocker Envole:master

28 Commits
460bdb3993 ... master

Author SHA1 Message Date
afornerot
09342b818d svg 2024-03-14 12:18:39 +01:00
afornerot
9b54fe186f pb wordpress 2024-03-13 20:28:49 +01:00
afornerot
f5930cf215 pb wordpress 2024-03-13 19:13:53 +01:00
afornerot
eae3fc7bdc no cron 2024-03-13 17:38:34 +01:00
afornerot
e75880feee cron nextcloud at the end of init 2024-03-13 17:18:54 +01:00
afornerot
efd3e17b22 demo command 2024-03-13 16:41:50 +01:00
afornerot
3e5dfcd49e wordpress 2024-03-06 08:48:50 +01:00
afornerot
02bf178c36 svg 2024-03-01 21:13:08 +01:00
afornerot
c6662c5588 svg 2024-03-01 21:12:48 +01:00
afornerot
7fdd0f976b svg 2024-03-01 16:47:21 +01:00
afornerot
088095765f svg 2024-03-01 16:14:12 +01:00
afornerot
67a4d1144b svg 2024-03-01 16:02:12 +01:00
afornerot
047723fa92 svg 2024-03-01 15:49:55 +01:00
afornerot
a70ea666c8 svg 2024-02-29 17:49:17 +01:00
afornerot
1565667565 svg 2024-02-29 17:48:20 +01:00
afornerot
d7f3c79c91 svg 2024-02-29 17:16:39 +01:00
afornerot
82a7598c15 svg 2024-02-29 16:46:23 +01:00
afornerot
2270317594 docker nineboard 2023-11-17 17:17:51 +01:00
afornerot
d9556193dd docker nineboard 2023-11-17 16:40:41 +01:00
afornerot
8161f214dd etude envole 9 2023-11-17 11:25:53 +01:00
afornerot
dafb495bd5 etude envole 9 2023-11-17 11:24:57 +01:00
afornerot
ed82be0d81 etude envole 9 2023-11-17 11:23:31 +01:00
afornerot
38246db061 etude envole 9 2023-11-17 11:23:06 +01:00
afornerot
1ce4847113 etude envole 9 2023-11-17 11:17:28 +01:00
afornerot
a6f4949e1e svg 2023-11-15 11:48:03 +01:00
afornerot
021dcbd10c svg 2023-11-13 16:40:30 +01:00
afornerot
3a25b38d29 eolisation 2023-11-10 11:54:58 +01:00
afornerot
4476f45280 eolisation 2023-11-10 11:33:16 +01:00
93 changed files with 2049 additions and 366 deletions
Expand all files Collapse all files

0
docker/volume/openldap/envole/changepasswod.sh → .env.local
View File

4
docker/.vscode/settings.json → .vscode/settings.json vendored
View File

@ -1,13 +1,13 @@
{
"markdown-pdf.stylesRelativePathFile": true,
"markdown-pdf.styles": [
"./misc/tools/cadoles_theme.css"
"tools/cadoles_theme.css"
],
"markdown-pdf.breaks": true,
"markdown-pdf.outputDirectory": "./",
"markdown.extension.toc.levels": "2..6",
"markdown-pdf.outputDirectoryRelativePathFile": true,
"markdown-pdf.headerTemplate": "<div style=\"font-size: 9px; margin-left: 1cm;\">SHELA</div> <div style=\"font-size: 9px; margin-left: auto; margin-right: 1cm; \"> Cadoles - <span class='date'></span></div>",
"markdown-pdf.headerTemplate": "<div style=\"font-size: 9px; margin-left: 1cm;\">Envole</div> <div style=\"font-size: 9px; margin-left: auto; margin-right: 1cm; \"> Cadoles - <span class='date'></span></div>",
"esbonio.sphinx.confDir": "",
"markdown-pdf.convertOnSave": true,
"markdown-pdf.type": ["pdf","html"],

11
creole/eos-getBool.py Normal file
View File

@ -0,0 +1,11 @@
#!/usr/bin/python
def getBool(var):
try:
if var == "oui":
return 1
else:
return 0
except:
return "error fonction getBool"

100
dicos/90_envole.xml
View File

@ -3,7 +3,15 @@
<containers>
<container name='web'>
<file filelist='envole' name='/etc/apache2/sites-available/envole' source='envole-apache.conf' rm="True"/>
<file filelist='envole' name='/usr/share/envole/docker/.env.local' source='ninegate-env.local' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/env/.env.local' source='envole.env' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/env/.env.zapp.ninegate.local' source='envole-ninegate.env' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/env/.env.zapp.nineboard.local' source='envole-nineboard.env' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/env/.env.zapp.nextcloud.local' source='envole-nextcloud.env' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/env/.env.zapp.phpldapadmin.local' source='envole-phpldapadmin.env' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/volume/keycloak/envole/realm-export.json' source='envole-realm.json' rm='True'/>
<file filelist='envole' name='/usr/share/envole/docker/volume/nextcloud/envole/mount.json' source='envole-nextcloud.mount' rm='True'/>
<service method='apache' servicelist='envole'>envole</service>
</container>
@ -51,7 +59,12 @@
<!-- APPLICATIONS -->
<variable type='oui/non' name='activer_ninegate' description='Activer Ninegate'><value>oui</value></variable>
<variable type='oui/non' name='activer_nineboard' description='Activer Nineboard'><value>non</value></variable>
<variable type='oui/non' name='activer_nextcloud' description='Activer Nextcloud'><value>non</value></variable>
<variable type='oui/non' name='activer_wordpress' description='Activer Wordpress'><value>non</value></variable>
<variable type='oui/non' name='activer_adminer' description='Activer Adminer'><value>non</value></variable>
<variable type='oui/non' name='activer_phpldapadmin' description='Activer Phpldapadmin'><value>non</value></variable>
@ -62,8 +75,12 @@
<variable type='string' name='keycload_userpassword' mandatory='True' description='Password compte admin-keycloak Keycloak'></variable>
<variable type='string' name='envole_adminpassword' mandatory='True' description='Password compte administrateur applicatifs'></variable>
<variable type='string' name='ninegate_secret' mandatory='True' description='Secret key Ninegate'></variable>
<variable type='string' name='nineboard_secret' mandatory='True' description='Secret key Nineboard'></variable>
<!-- NINEGATE -->
<variable name='ninegate_local' type='oui/non' description='Ninegate local'><value>oui</value></variable>
<variable name='ninegate_url' type='string' mandatory='True' description='Ninegate URL'></variable>
<variable type='oui/non' name='ninegate_syncldap' description='Synchroniser les utilisateurs vers annuaire'><value>oui</value></variable>
<variable type='oui/non' name='ninegate_scribegroup' description="Considérer les classes/options comme des groupes de travail"><value>oui</value></variable>
@ -79,12 +96,21 @@
<variable type='oui/non' name='ninegate_forcetheme' description="Forcer l'utilisation d'un thème"><value>non</value></variable>
<variable type='string' name='ninegate_forcethemename' description="Nom du thème"></variable>
<!-- NINEBOARD -->
<variable name='nineboard_local' type='oui/non' description='Nineboard local'><value>oui</value></variable>
<variable name='nineboard_url' type='string' mandatory='True' description='Nineboard URL'></variable>
<!-- NEXTCLOUD -->
<variable name='nextcloud_local' type='oui/non' description='Nextcloud local'><value>oui</value></variable>
<variable name='nextcloud_url' type='string' mandatory='True' description='Nextcloud URL'></variable>
<variable name='nextcloud_samba' type='oui/non' description='Configurer un partage Samba'><value>non</value></variable>
<variable name='nextcloud_samba_host' type='string' mandatory='True' description='Samba host name'></variable>
<variable name='nextcloud_samba_domaine' type='string' mandatory='True' description='Samba domaine name'><value>DOMSCRIBE</value></variable>
<variable name='nextcloud_samba_name' type='string' mandatory='True' description='Samba root name'><value>nextcloud</value></variable>
<!-- WORDPRESS -->
<variable name='wordpress_local' type='oui/non' description='Wordpress local'><value>oui</value></variable>
<variable name='wordpress_url' type='string' mandatory='True' description='Wordpress URL'></variable>
</family>
<separators>
@ -94,8 +120,10 @@
<separator name="activer_openldap">Annuaire</separator>
<separator name="activer_ninegate">Applications</separator>
<separator name="openldap_password">Secrets</separator>
<separator name="ninegate_syncldap">Ninegate Portail</separator>
<separator name="ninegate_local">Ninegate</separator>
<separator name="nineboard_local">Nineboard</separator>
<separator name="nextcloud_local">Nextcloud</separator>
<separator name="wordpress_local">Wordpress</separator>
</separators>
</variables>
@ -109,6 +137,9 @@
<check name='valid_enum' target='envole_modeauth'>
<param>['CAS', 'SQL', 'LDAP']</param>
</check>
<check name='valid_enum' target='ninegate_moderegistration'>
<param>['none', 'byuser', 'byadmin']</param>
</check>
<!-- APACHE -->
<condition name='hidden_if_in' source='activer_apache'>
@ -178,7 +209,9 @@
<target type='variable'>database_rootpassword</target>
<target type='variable'>database_userpassword</target>
<target type='variable'>activer_ninegate</target>
<target type='variable'>activer_nineboard</target>
<target type='variable'>activer_nextcloud</target>
<target type='variable'>activer_wordpress</target>
<target type='variable'>activer_adminer</target>
</condition>
@ -203,6 +236,7 @@
<condition name='hidden_if_in' source='openldap_local'>
<param>oui</param>
<target type='variable'>openldap_ldaptemplate</target>
<target type='variable'>openldap_host</target>
<target type='variable'>openldap_port</target>
<target type='variable'>openldap_tls</target>
@ -210,6 +244,11 @@
<target type='variable'>openldap_user</target>
</condition>
<condition name='hidden_if_in' source='openldap_local'>
<param>non</param>
<target type='variable'>ninegate_syncldap</target>
</condition>
<condition name='hidden_if_not_in' source='openldap_ldaptemplate'>
<param>scribe</param>
@ -217,13 +256,17 @@
<target type='variable'>ninegate_scribemaster</target>
</condition>
<!-- NINEGATE -->
<condition name='hidden_if_in' source='activer_ninegate'>
<param>non</param>
<target type='variable'>ninegate_local</target>
<target type='variable'>ninegate_secret</target>
</condition>
<condition name='hidden_if_in' source='ninegate_local'>
<param>non</param>
<target type='variable'>ninegate_syncldap</target>
<target type='variable'>ninegate_ssosynchrogroup</target>
<target type='variable'>ninegate_ssoreqgroup</target>
@ -241,6 +284,17 @@
<target type='variable'>ninegate_forcethemename</target>
</condition>
<condition name='hidden_if_in' source='ninegate_local'>
<param>oui</param>
<target type='variable'>ninegate_url</target>
</condition>
<condition name='hidden_if_in' source='activer_nineboard'>
<param>non</param>
<target type='variable'>nineboard_secret</target>
</condition>
<condition name='hidden_if_not_in' source='openldap_ldaptemplate'>
<param>scribe</param>
@ -258,18 +312,39 @@
<target type='variable'>ninegate_openldapsubbranchuser</target>
</condition>
<condition name='hidden_if_in' source='ninegate_ssosynchroitem'>
<param>non</param>
<target type='variable'>ninegate_ssoreqitem</target>
</condition>
<condition name='hidden_if_in' source='ninegate_openldapsynchrogroup'>
<param>non</param>
<target type='variable'>ninegate_openldapreqgroup</target>
</condition>
<condition name='hidden_if_in' source='ninegate_forcetheme'>
<param>non</param>
<target type='variable'>ninegate_forcethemename</target>
</condition>
<!-- NINEBOARD -->
<condition name='hidden_if_in' source='activer_nineboard'>
<param>non</param>
<target type='variable'>nineboard_local</target>
</condition>
<condition name='hidden_if_in' source='nineboard_local'>
<param>oui</param>
<target type='variable'>nineboard_url</target>
</condition>
<!-- NEXTCLOUD -->
<condition name='hidden_if_in' source='activer_nextcloud'>
@ -295,7 +370,22 @@
<param>non</param>
<target type='variable'>nextcloud_samba_host</target>
<target type='variable'>nextcloud_samba_domaine</target>
<target type='variable'>nextcloud_samba_name</target>
</condition>
</condition>
<!-- WORDPRESS -->
<condition name='hidden_if_in' source='activer_wordpress'>
<param>non</param>
<target type='variable'>wordpress_local</target>
</condition>
<condition name='hidden_if_in' source='wordpress_local'>
<param>oui</param>
<target type='variable'>wordpress_url</target>
</condition>
</constraints>
</creole>

99
docker/doc/etude.html → doc/202311-POC-Envole9.html
View File

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>etude.md</title>
<title>202311-POC-Envole9.md</title>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<style>
@ -353,7 +353,7 @@ code {
}
</style>
<link rel="stylesheet" href="file:///run/user/1000/gvfs/sftp%3Ahost%3Deolebase.ac-test.fr%2Cuser%3Droot/root/git/envole/src/envole-1.0/doc/misc/tools/cadoles_theme.css" type="text/css">
<link rel="stylesheet" href="file:///home/afornerot/cadoles/envole-project/doc/tools/cadoles_theme.css" type="text/css">
<script src="https://unpkg.com/mermaid/dist/mermaid.min.js"></script>
</head>
<body>
@ -365,8 +365,13 @@ code {
: 'default'
});
</script>
<h1 id="envole">Envole</h1>
<h2 id="introduction">Introduction</h2>
<div class="title">
<p><img src="./tools/logo.png" alt="logo"></p>
</div>
<div class="title">
<p>POC Envole 9</p>
</div>
<h1 id="introduction">Introduction</h1>
<p>Envole est une solution qui propose un ensemble d'applicatifs web fédérés autour d'un annaire afin de gérer l'identité ainsi qu'un SSO afin de gérer l'authentification.</p>
<p>Il s'appuit sur la distrution EOLE pour déployer ses différents composants.</p>
<p>Envole rencontre depuis des années des problèmatiques :</p>
@ -377,8 +382,8 @@ code {
<li>Ou qui empéche le passage d'une application de fonctionner dans une version x d'eole car cette dernière propose une version trop résente de php pour l'application</li>
</ul>
<p>Ce document va chercher à évaluer la possibilité de conteneriser les applications Envole, afin qu'elles puissent fonctionner le moins possible en contrainte avec la version d'Eole</p>
<h2 id="architecture">Architecture</h2>
<h3 id="eolebase">EoleBase</h3>
<h1 id="architecture">Architecture</h1>
<h2 id="eolebase">EoleBase</h2>
<p>La présente étude part du principe qu'Envole ne serait plus installé sur une instance Scribe mais sur une installation EoleBase d'Eole</p>
<p><strong>Avantages</strong></p>
<ul>
@ -399,7 +404,9 @@ code {
<li>Connaitre et renseigner les hosts/ports des service SSO et Annuaire</li>
<li>Avoir un second nom de domaine pour l'accès aux applications Envole</li>
</ul>
<h3 id="paquet-debian">Paquet Debian</h3>
<div class="page-break">
</div>
<h2 id="paquet-debian">Paquet Debian</h2>
<p>Contrairement à la précédente logique Envole, il n'y aurait qu'un seul paquet Debian pour Envole. Il n'installerait pas les sources des applications, mais uniquement</p>
<ul>
<li>le dictionnaire eole de configuration</li>
@ -407,9 +414,9 @@ code {
<li>le dossier de définitions de l'ensemble des conteneurs possible pour Envole</li>
<li>un script qui viendrait monter ou non les conteneurs souhaités par l'administateur</li>
</ul>
<h3 id="poc">POC</h3>
<h2 id="poc">POC</h2>
<p>Afin de s'assurer de la faisabilité d'un tel changement, un POC a été initié, dans le cadre des éléments précédents cités. La première question fut de savoir quelle technologie de conteneurisation serait à utiliser PODMAN ou DOCKER, et dans leur logique de composer PODMAN-COMPOSE ou DOCKER-COMPOSER.</p>
<h3 id="podman-vs-docker-sur-eole">PODMAN vs DOCKER sur Eole</h3>
<h2 id="podman-vs-docker-sur-eole">PODMAN vs DOCKER sur Eole</h2>
<p><strong>PODMAN</strong></p>
<p>Eole a intégré à partir de la 2.9 dans sa distribution podman. Ce qui de prime abord devrait-être la technologie à utiliser, sauf que</p>
<ul>
@ -428,6 +435,8 @@ code {
<li>Par la suite docker se comporte bien mieux que podman. Il est plus souple d'usage, moins verbeux</li>
<li>Mais tout comme podman, un reconfigure vient rendre totalement inopérant le reseau des conteneurs. Il est nécessaire de réinitialiser docker-ce pour rétablir le reseau.</li>
</ul>
<div class="page-break">
</div>
<p><strong>CONCLUSION</strong></p>
<p>Quoi qu'il arrive, une intégration compléte que cela soit avec Podman ou avec Docker, demandera un travail d'intégration d'Eole</p>
<ul>
@ -435,15 +444,15 @@ code {
<li>que l'un ou l'autre ne détruit pas le réseau associé au composer de conteneur</li>
</ul>
<p>Ma préférence va malgrés tout sur Docker, il est plus souple moins verbeux et me semble plus fiable à long terme. Il serait possible de maitenir les deux solutions en parrallèle avec un effort supplémentaire d'intégration et de maintenance.</p>
<h2 id="poc">POC</h2>
<h3 id="sources">Sources</h3>
<h1 id="poc">POC</h1>
<h2 id="sources">Sources</h2>
<p>Les sources du POC sont disponible ici<br>
https://forge.cadoles.com/Envole/envole</p>
<p>Elles sont pour l'instant hébergé à Cadoles pour des raisons de simplicité de mise en oeuvre, mais à terme elles seront bien stockées chez Eole</p>
<h3 id="repository">Repository</h3>
<h2 id="repository">Repository</h2>
<p>Certaines images sont hébergées elles aussi sur un repository public de Cadoles. Là aussi pour des raisons de simplicité de mise en oevre, mais à terme Eole devra fournir un repository propre aux images Envole.</p>
<p>Les images en questions sont celles des applications maintenues par Envole, en l'occurence pour l'instant uniquement Ninegate. Mais à terme pourra aussi y figurer des images d'applications tiers sur lesquelles nous aurions besion d'altérer légèrement le comportement.</p>
<h3 id="installation-du-poc">Installation du POC</h3>
<h2 id="installation-du-poc">Installation du POC</h2>
<p>1- Instancier un eolebase 2.9</p>
<p>2- Installer eole-web</p>
<pre class="hljs"><code><div>apt-get install eole-web
@ -455,6 +464,8 @@ Applications Web &gt; Nom de domaine des applications web = mondomaine.fr
save &amp; quit
Reconfigure
</div></code></pre>
<div class="page-break">
</div>
<p>3- Installer docker &amp; docker-compose</p>
<pre class="hljs"><code><div>apt install git make apt-transport-https ca-certificates curl gnupg-agent software-properties-common
mkdir -p /etc/apt/keyrings
@ -474,6 +485,68 @@ cd /root/git/envole
make install
</div></code></pre>
<p>5- Configurer Envole</p>
<p>Le dictionnaire d'Envole dans genconfig est initalisé pour que l'on y indique un scribe distant.</p>
<p>6- Reconfigure</p>
<div class="page-break">
</div>
<h1 id="compl%C3%A9ment-sur-variables-genconfig">Complément sur variables Genconfig</h1>
<div class="img60">
<p><img src="./img/genconfig.png" alt="genconfig"></p>
</div>
<div class="page-break">
</div>
<p><strong>Maître de l'identité</strong></p>
<ul>
<li><strong>SQL</strong> = c'est un cas bien particulier qui devrait pas vous concerner. C'est le cas où c'est Ninegate qui gére les utilisateurs et les groupes et qui va pousser ces informations dans un annuaire qui doit-être forcement local</li>
<li><strong>LDAP</strong> = c'est le cas classique d'un établissement scolaire. Ninegate synchronisera les utilisateurs et les groupes en fonction d'un annuaire distant. Cela pourrait-être aussi le cas d'usage d'un PIA qui a son propre annuaire. Tout dépendra du modèle d'annuaire déclaré dans le genconfig</li>
<li><strong>SSO</strong> = c'est le cas où il n'y a pas de synchronisation annuaire, mais que les applications se basent sur les attributs SSO pour autocreate et autoupdate les utilisateurs qui se connectent</li>
</ul>
<p><strong>Mode d'Authentification</strong><br>
Il n'y a que Ninegate qui pour l'instant peut faire varier son mode d'authentification<br>
A l'avenir on pourrait implémeter d'autre méthode d'authenfication, l'OPENID ou le SAML par exemple.</p>
<ul>
<li><strong>SQL</strong> = l'authentification se fait par le mécanisme interne à l'application. Pas de SSO dans ce cas.</li>
<li><strong>LDAP</strong> = l'authentification se fait via un bind sur l'annuaire. Pas de SSO dans ce cas.</li>
<li><strong>CAS</strong> = l'authentification se fait via le protocole CAS. Déclarer un serveur CAS dans ce cas est obligatoire. C'est le cas classique d'Envole à l'heure actuelle</li>
</ul>
<p><strong>Server CAS local</strong><br>
Si oui un conteneur Keycloak sera instancié qui sera préparamétré pour utiliser le procotole CAS en lien avec l'annuaire soit local soit distant déclaré dans le genconfig</p>
<p>ATTENTION = une foi instancié le serveur Keycloak ne prendra pas en compte des changement de paramétrage lié à l'annuaire</p>
<p><strong>Base de Données</strong><br>
Si désactivé, l'ensemble des applications nécessitant une base de données ne pourront être activée.</p>
<p>Si distant, Envole ne fera pas le travail de créer les utilisateurs de base de données ainsi que les bases de données applicatives en elles-même. Cela sera à la charge d'un administrateur de réaliser ces tâches.</p>
<p>ATTENTION = une foi instancié les changement de login/password d'accès à la BDD ne seront pas appliqués</p>
<p><strong>Annuaire</strong><br>
Le cas d'un annuaire local n'est utile que si le maître de l'authenfication est local.</p>
<p>ATTENTION = une foi instancié les changement de login/password d'accès à la BDD ne seront pas appliqués</p>
<p><strong>Secrets</strong><br>
L'ensemble des secrets nécessaires. Comme indiqué plus haut un grand nombre d'entre eux ne peuvent être modifié après instanciation du service associé au secret : BDD / Annuaire / Keycloak</p>
<p><strong>Nextcloud</strong><br>
Possiblité d'indiqué un partage Samba pour générer automatiquement un partage externe dans Nextcloud</p>
<div class="page-break">
</div>
<h1 id="conclusion">Conclusion</h1>
<p>Ce POC démontre qu'un modèle conteneriser d'Envole est tout à fait possible. Mais</p>
<p><strong>Ce que le POC à montrer comme problème</strong></p>
<ul>
<li>Des versions trop anciennes que cela soit sur Podman ou Docker</li>
<li>Un problème de variable d'environnement via Podman qui n'accepte pas de surcouche de variables</li>
<li>Des problèmatiques de réseau après reconfigure à résoudre par EOLE</li>
<li>Sur scribe29 : Nextcloud et Roundcube sont préinstallés. Si demain on souhaite mettre Envole sur scribe il faudra enlever cette dépendance.</li>
</ul>
<p><strong>Ce que ne fait pas le POC</strong></p>
<ul>
<li>Changer les secrets après instanciation</li>
<li>Changer la configuration Keycloak après instanciation</li>
</ul>
<p><strong>Ce que le POC n'a pas du tout aborder</strong></p>
<ul>
<li>Comment migrer de la version actuelle d'Envole vers ce modèle</li>
<li>Comment gérer la mise à jour des conteneurs (monté de version des applications)</li>
<li>Comment intégrer les scripts de synchronisation annuaire sur les applications qui n'ont pas de mécanisme interne (poshprofil)</li>
<li>Comment intégrer la sonde statistique</li>
<li>Comment envoyer du mail (service scribe imap/smtp CASsifié sur le scribe et très complexe à utiliser à distance)</li>
</ul>
</body>
</html>

138
docker/doc/etude.md → doc/202311-POC-Envole9.md
View File

@ -1,6 +1,16 @@
# Envole
## Introduction
::: title
![logo](./tools/logo.png)
:::
::: title
POC Envole 9
:::
# Introduction
Envole est une solution qui propose un ensemble d'applicatifs web fédérés autour d'un annaire afin de gérer l'identité ainsi qu'un SSO afin de gérer l'authentification.
@ -15,9 +25,9 @@ Envole rencontre depuis des années des problèmatiques :
Ce document va chercher à évaluer la possibilité de conteneriser les applications Envole, afin qu'elles puissent fonctionner le moins possible en contrainte avec la version d'Eole
## Architecture
# Architecture
### EoleBase
## EoleBase
La présente étude part du principe qu'Envole ne serait plus installé sur une instance Scribe mais sur une installation EoleBase d'Eole
@ -36,7 +46,11 @@ La présente étude part du principe qu'Envole ne serait plus installé sur une
- Avoir un second nom de domaine pour l'accès aux applications Envole
### Paquet Debian
::: page-break
:::
## Paquet Debian
Contrairement à la précédente logique Envole, il n'y aurait qu'un seul paquet Debian pour Envole. Il n'installerait pas les sources des applications, mais uniquement
@ -45,11 +59,11 @@ Contrairement à la précédente logique Envole, il n'y aurait qu'un seul paquet
- le dossier de définitions de l'ensemble des conteneurs possible pour Envole
- un script qui viendrait monter ou non les conteneurs souhaités par l'administateur
### POC
## POC
Afin de s'assurer de la faisabilité d'un tel changement, un POC a été initié, dans le cadre des éléments précédents cités. La première question fut de savoir quelle technologie de conteneurisation serait à utiliser PODMAN ou DOCKER, et dans leur logique de composer PODMAN-COMPOSE ou DOCKER-COMPOSER.
### PODMAN vs DOCKER sur Eole
## PODMAN vs DOCKER sur Eole
**PODMAN**
@ -70,6 +84,10 @@ Eole n'a pas intégré nativement docker. Mais il est tout à fait possible de l
- Par la suite docker se comporte bien mieux que podman. Il est plus souple d'usage, moins verbeux
- Mais tout comme podman, un reconfigure vient rendre totalement inopérant le reseau des conteneurs. Il est nécessaire de réinitialiser docker-ce pour rétablir le reseau.
::: page-break
:::
**CONCLUSION**
Quoi qu'il arrive, une intégration compléte que cela soit avec Podman ou avec Docker, demandera un travail d'intégration d'Eole
@ -78,22 +96,22 @@ Quoi qu'il arrive, une intégration compléte que cela soit avec Podman ou avec
Ma préférence va malgrés tout sur Docker, il est plus souple moins verbeux et me semble plus fiable à long terme. Il serait possible de maitenir les deux solutions en parrallèle avec un effort supplémentaire d'intégration et de maintenance.
## POC
# POC
### Sources
## Sources
Les sources du POC sont disponible ici
https://forge.cadoles.com/Envole/envole
Elles sont pour l'instant hébergé à Cadoles pour des raisons de simplicité de mise en oeuvre, mais à terme elles seront bien stockées chez Eole
### Repository
## Repository
Certaines images sont hébergées elles aussi sur un repository public de Cadoles. Là aussi pour des raisons de simplicité de mise en oevre, mais à terme Eole devra fournir un repository propre aux images Envole.
Les images en questions sont celles des applications maintenues par Envole, en l'occurence pour l'instant uniquement Ninegate. Mais à terme pourra aussi y figurer des images d'applications tiers sur lesquelles nous aurions besion d'altérer légèrement le comportement.
### Installation du POC
## Installation du POC
1- Instancier un eolebase 2.9
@ -109,6 +127,10 @@ save & quit
Reconfigure
```
::: page-break
:::
3- Installer docker & docker-compose
```
apt install git make apt-transport-https ca-certificates curl gnupg-agent software-properties-common
@ -134,6 +156,100 @@ make install
5- Configurer Envole
Le dictionnaire d'Envole dans genconfig est initalisé pour que l'on y indique un scribe distant.
6- Reconfigure
::: page-break
:::
# Complément sur variables Genconfig
::: img60
![genconfig](./img/genconfig.png)
:::
::: page-break
:::
**Maître de l'identité**
- **SQL** = c'est un cas bien particulier qui devrait pas vous concerner. C'est le cas où c'est Ninegate qui gére les utilisateurs et les groupes et qui va pousser ces informations dans un annuaire qui doit-être forcement local
- **LDAP** = c'est le cas classique d'un établissement scolaire. Ninegate synchronisera les utilisateurs et les groupes en fonction d'un annuaire distant. Cela pourrait-être aussi le cas d'usage d'un PIA qui a son propre annuaire. Tout dépendra du modèle d'annuaire déclaré dans le genconfig
- **SSO** = c'est le cas où il n'y a pas de synchronisation annuaire, mais que les applications se basent sur les attributs SSO pour autocreate et autoupdate les utilisateurs qui se connectent
**Mode d'Authentification**
Il n'y a que Ninegate qui pour l'instant peut faire varier son mode d'authentification
A l'avenir on pourrait implémeter d'autre méthode d'authenfication, l'OPENID ou le SAML par exemple.
- **SQL** = l'authentification se fait par le mécanisme interne à l'application. Pas de SSO dans ce cas.
- **LDAP** = l'authentification se fait via un bind sur l'annuaire. Pas de SSO dans ce cas.
- **CAS** = l'authentification se fait via le protocole CAS. Déclarer un serveur CAS dans ce cas est obligatoire. C'est le cas classique d'Envole à l'heure actuelle
**Server CAS local**
Si oui un conteneur Keycloak sera instancié qui sera préparamétré pour utiliser le procotole CAS en lien avec l'annuaire soit local soit distant déclaré dans le genconfig
ATTENTION = une foi instancié le serveur Keycloak ne prendra pas en compte des changement de paramétrage lié à l'annuaire
**Base de Données**
Si désactivé, l'ensemble des applications nécessitant une base de données ne pourront être activée.
Si distant, Envole ne fera pas le travail de créer les utilisateurs de base de données ainsi que les bases de données applicatives en elles-même. Cela sera à la charge d'un administrateur de réaliser ces tâches.
ATTENTION = une foi instancié les changement de login/password d'accès à la BDD ne seront pas appliqués
**Annuaire**
Le cas d'un annuaire local n'est utile que si le maître de l'authenfication est local.
ATTENTION = une foi instancié les changement de login/password d'accès à la BDD ne seront pas appliqués
**Secrets**
L'ensemble des secrets nécessaires. Comme indiqué plus haut un grand nombre d'entre eux ne peuvent être modifié après instanciation du service associé au secret : BDD / Annuaire / Keycloak
**Nextcloud**
Possiblité d'indiqué un partage Samba pour générer automatiquement un partage externe dans Nextcloud
::: page-break
:::
# Conclusion
Ce POC démontre qu'un modèle conteneriser d'Envole est tout à fait possible. Mais
**Ce que le POC à montrer comme problème**
- Des versions trop anciennes que cela soit sur Podman ou Docker
- Un problème de variable d'environnement via Podman qui n'accepte pas de surcouche de variables
- Des problèmatiques de réseau après reconfigure à résoudre par EOLE
- Sur scribe29 : Nextcloud et Roundcube sont préinstallés. Si demain on souhaite mettre Envole sur scribe il faudra enlever cette dépendance.
**Ce que ne fait pas le POC**
- Changer les secrets après instanciation
- Changer la configuration Keycloak après instanciation
**Ce que le POC n'a pas du tout aborder**
- Comment migrer de la version actuelle d'Envole vers ce modèle
- Comment gérer la mise à jour des conteneurs (monté de version des applications)
- Comment intégrer les scripts de synchronisation annuaire sur les applications qui n'ont pas de mécanisme interne (poshprofil)
- Comment intégrer la sonde statistique
- Comment envoyer du mail (service scribe imap/smtp CASsifié sur le scribe et très complexe à utiliser à distance)

BIN
doc/202311-POC-Envole9.pdf Normal file
View File

Binary file not shown.

419
doc/demo.html Normal file
View File

@ -0,0 +1,419 @@
<!DOCTYPE html>
<html>
<head>
<title>demo.md</title>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<style>
/* https://github.com/microsoft/vscode/blob/master/extensions/markdown-language-features/media/markdown.css */
/*---------------------------------------------------------------------------------------------
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License. See License.txt in the project root for license information.
*--------------------------------------------------------------------------------------------*/
body {
font-family: var(--vscode-markdown-font-family, -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", "Ubuntu", "Droid Sans", sans-serif);
font-size: var(--vscode-markdown-font-size, 14px);
padding: 0 26px;
line-height: var(--vscode-markdown-line-height, 22px);
word-wrap: break-word;
}
#code-csp-warning {
position: fixed;
top: 0;
right: 0;
color: white;
margin: 16px;
text-align: center;
font-size: 12px;
font-family: sans-serif;
background-color:#444444;
cursor: pointer;
padding: 6px;
box-shadow: 1px 1px 1px rgba(0,0,0,.25);
}
#code-csp-warning:hover {
text-decoration: none;
background-color:#007acc;
box-shadow: 2px 2px 2px rgba(0,0,0,.25);
}
body.scrollBeyondLastLine {
margin-bottom: calc(100vh - 22px);
}
body.showEditorSelection .code-line {
position: relative;
}
body.showEditorSelection .code-active-line:before,
body.showEditorSelection .code-line:hover:before {
content: "";
display: block;
position: absolute;
top: 0;
left: -12px;
height: 100%;
}
body.showEditorSelection li.code-active-line:before,
body.showEditorSelection li.code-line:hover:before {
left: -30px;
}
.vscode-light.showEditorSelection .code-active-line:before {
border-left: 3px solid rgba(0, 0, 0, 0.15);
}
.vscode-light.showEditorSelection .code-line:hover:before {
border-left: 3px solid rgba(0, 0, 0, 0.40);
}
.vscode-light.showEditorSelection .code-line .code-line:hover:before {
border-left: none;
}
.vscode-dark.showEditorSelection .code-active-line:before {
border-left: 3px solid rgba(255, 255, 255, 0.4);
}
.vscode-dark.showEditorSelection .code-line:hover:before {
border-left: 3px solid rgba(255, 255, 255, 0.60);
}
.vscode-dark.showEditorSelection .code-line .code-line:hover:before {
border-left: none;
}
.vscode-high-contrast.showEditorSelection .code-active-line:before {
border-left: 3px solid rgba(255, 160, 0, 0.7);
}
.vscode-high-contrast.showEditorSelection .code-line:hover:before {
border-left: 3px solid rgba(255, 160, 0, 1);
}
.vscode-high-contrast.showEditorSelection .code-line .code-line:hover:before {
border-left: none;
}
img {
max-width: 100%;
max-height: 100%;
}
a {
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
a:focus,
input:focus,
select:focus,
textarea:focus {
outline: 1px solid -webkit-focus-ring-color;
outline-offset: -1px;
}
hr {
border: 0;
height: 2px;
border-bottom: 2px solid;
}
h1 {
padding-bottom: 0.3em;
line-height: 1.2;
border-bottom-width: 1px;
border-bottom-style: solid;
}
h1, h2, h3 {
font-weight: normal;
}
table {
border-collapse: collapse;
}
table > thead > tr > th {
text-align: left;
border-bottom: 1px solid;
}
table > thead > tr > th,
table > thead > tr > td,
table > tbody > tr > th,
table > tbody > tr > td {
padding: 5px 10px;
}
table > tbody > tr + tr > td {
border-top: 1px solid;
}
blockquote {
margin: 0 7px 0 5px;
padding: 0 16px 0 10px;
border-left-width: 5px;
border-left-style: solid;
}
code {
font-family: Menlo, Monaco, Consolas, "Droid Sans Mono", "Courier New", monospace, "Droid Sans Fallback";
font-size: 1em;
line-height: 1.357em;
}
body.wordWrap pre {
white-space: pre-wrap;
}
pre:not(.hljs),
pre.hljs code > div {
padding: 16px;
border-radius: 3px;
overflow: auto;
}
pre code {
color: var(--vscode-editor-foreground);
tab-size: 4;
}
/** Theming */
.vscode-light pre {
background-color: rgba(220, 220, 220, 0.4);
}
.vscode-dark pre {
background-color: rgba(10, 10, 10, 0.4);
}
.vscode-high-contrast pre {
background-color: rgb(0, 0, 0);
}
.vscode-high-contrast h1 {
border-color: rgb(0, 0, 0);
}
.vscode-light table > thead > tr > th {
border-color: rgba(0, 0, 0, 0.69);
}
.vscode-dark table > thead > tr > th {
border-color: rgba(255, 255, 255, 0.69);
}
.vscode-light h1,
.vscode-light hr,
.vscode-light table > tbody > tr + tr > td {
border-color: rgba(0, 0, 0, 0.18);
}
.vscode-dark h1,
.vscode-dark hr,
.vscode-dark table > tbody > tr + tr > td {
border-color: rgba(255, 255, 255, 0.18);
}
</style>
<style>
/* Tomorrow Theme */
/* http://jmblog.github.com/color-themes-for-google-code-highlightjs */
/* Original theme - https://github.com/chriskempson/tomorrow-theme */
/* Tomorrow Comment */
.hljs-comment,
.hljs-quote {
color: #8e908c;
}
/* Tomorrow Red */
.hljs-variable,
.hljs-template-variable,
.hljs-tag,
.hljs-name,
.hljs-selector-id,
.hljs-selector-class,
.hljs-regexp,
.hljs-deletion {
color: #c82829;
}
/* Tomorrow Orange */
.hljs-number,
.hljs-built_in,
.hljs-builtin-name,
.hljs-literal,
.hljs-type,
.hljs-params,
.hljs-meta,
.hljs-link {
color: #f5871f;
}
/* Tomorrow Yellow */
.hljs-attribute {
color: #eab700;
}
/* Tomorrow Green */
.hljs-string,
.hljs-symbol,
.hljs-bullet,
.hljs-addition {
color: #718c00;
}
/* Tomorrow Blue */
.hljs-title,
.hljs-section {
color: #4271ae;
}
/* Tomorrow Purple */
.hljs-keyword,
.hljs-selector-tag {
color: #8959a8;
}
.hljs {
display: block;
overflow-x: auto;
color: #4d4d4c;
padding: 0.5em;
}
.hljs-emphasis {
font-style: italic;
}
.hljs-strong {
font-weight: bold;
}
</style>
<style>
/*
* Markdown PDF CSS
*/
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe WPC", "Segoe UI", "Ubuntu", "Droid Sans", sans-serif, "Meiryo";
padding: 0 12px;
}
pre {
background-color: #f8f8f8;
border: 1px solid #cccccc;
border-radius: 3px;
overflow-x: auto;
white-space: pre-wrap;
overflow-wrap: break-word;
}
pre:not(.hljs) {
padding: 23px;
line-height: 19px;
}
blockquote {
background: rgba(127, 127, 127, 0.1);
border-color: rgba(0, 122, 204, 0.5);
}
.emoji {
height: 1.4em;
}
code {
font-size: 14px;
line-height: 19px;
}
/* for inline code */
:not(pre):not(.hljs) > code {
color: #C9AE75; /* Change the old color so it seems less like an error */
font-size: inherit;
}
/* Page Break : use <div class="page"/> to insert page break
-------------------------------------------------------- */
.page {
page-break-after: always;
}
</style>
<link rel="stylesheet" href="file:///home/afornerot/cadoles/envole-project/doc/tools/cadoles_theme.css" type="text/css">
<script src="https://unpkg.com/mermaid/dist/mermaid.min.js"></script>
</head>
<body>
<script>
mermaid.initialize({
startOnLoad: true,
theme: document.body.classList.contains('vscode-dark') || document.body.classList.contains('vscode-high-contrast')
? 'dark'
: 'default'
});
</script>
<p># Etape 00 = Etendre l'espace disque<br>
8go de RAM<br>
lvextend -l +100%FREE /dev/mapper/eolebase--vg-root<br>
resize2fs /dev/mapper/eolebase--vg-root</p>
<p># Etape 02 = installer docker et docker-compose<br>
apt install git make apt-transport-https ca-certificates curl gnupg-agent software-properties-common<br>
mkdir -p /etc/apt/keyrings<br>
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg<br>
echo <br>
&quot;deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu <br>
$(lsb_release -cs) stable&quot; | tee /etc/apt/sources.list.d/docker.list &gt; /dev/null<br>
apt update<br>
apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose</p>
<p># Etape 01 = Installer eole-web<br>
apt-get install eole-web</p>
<p># Installer Envole<br>
cd /root<br>
mkdir git<br>
cd /root/git<br>
git clone https://forge.cadoles.com/Envole/envole.git<br>
cd /root/git/envole<br>
make install<br>
cp /root/git/envole/misc/tools/e-reconfigure.sh /usr/bin/e-reconfigure<br>
chmod +x /usr/bin/e-reconfigure<br>
cp /root/git/envole/docker/envole.sh /usr/bin/envole<br>
chmod +x /usr/bin/envole</p>
<p>## A FAIRE A LA MAIN CAR PAS POSSIBLE DE LES SET D'UN COUP<br>
CreoleSet activer_mysql non<br>
CreoleSet web_url eolebase.ac-test.fr<br>
CreoleSet web_redirection /ninegate</p>
<p>CreoleSet cas_host envole.ac_test.fr<br>
CreoleSet openldap_host envole.ac_test.fr<br>
CreoleSet nextcloud_samba_host 192.168.0.26</p>
<p># Définition des secrets<br>
CreoleSet openldap_password changeme<br>
CreoleSet database_rootpassword changeme<br>
CreoleSet database_userpassword changeme<br>
CreoleSet envole_adminpassword changeme<br>
CreoleSet ninegate_secret changeme<br>
CreoleSet keycload_userpassword changeme</p>
<h1 id="activation-des-applications">Activation des applications</h1>
<p>CreoleSet activer_nineboard oui<br>
CreoleSet activer_nextcloud oui<br>
CreoleSet activer_nextcloud oui<br>
CreoleSet activer_wordpress oui<br>
CreoleSet activer_phpldapadmin oui</p>
<p># Appliquer la configuration<br>
reconfigure</p>
<p># Pendant le reconf expliquer qu'il faut que le scribe soit up et avec un password writer connu sur l'annuaire</p>
</body>
</html>

61
doc/demo.md Normal file
View File

@ -0,0 +1,61 @@
# Etape 00 = Etendre l'espace disque
8go de RAM
lvextend -l +100%FREE /dev/mapper/eolebase--vg-root
resize2fs /dev/mapper/eolebase--vg-root
# Etape 02 = installer docker et docker-compose
apt install git make apt-transport-https ca-certificates curl gnupg-agent software-properties-common
mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update
apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose
# Etape 01 = Installer eole-web
apt-get install eole-web
# Installer Envole
cd /root
mkdir git
cd /root/git
git clone https://forge.cadoles.com/Envole/envole.git
cd /root/git/envole
make install
cp /root/git/envole/misc/tools/e-reconfigure.sh /usr/bin/e-reconfigure
chmod +x /usr/bin/e-reconfigure
cp /root/git/envole/docker/envole.sh /usr/bin/envole
chmod +x /usr/bin/envole
## A FAIRE A LA MAIN CAR PAS POSSIBLE DE LES SET D'UN COUP
CreoleSet activer_mysql non
CreoleSet web_url eolebase.ac-test.fr
CreoleSet web_redirection /ninegate
CreoleSet cas_host envole.ac_test.fr
CreoleSet openldap_host envole.ac_test.fr
CreoleSet nextcloud_samba_host 192.168.0.26
# Définition des secrets
CreoleSet openldap_password changeme
CreoleSet database_rootpassword changeme
CreoleSet database_userpassword changeme
CreoleSet envole_adminpassword changeme
CreoleSet ninegate_secret changeme
CreoleSet keycload_userpassword changeme
# Activation des applications
CreoleSet activer_nineboard oui
CreoleSet activer_nextcloud oui
CreoleSet activer_nextcloud oui
CreoleSet activer_wordpress oui
CreoleSet activer_phpldapadmin oui
# Appliquer la configuration
reconfigure
# Pendant le reconf expliquer qu'il faut que le scribe soit up et avec un password writer connu sur l'annuaire

BIN
doc/demo.pdf Normal file
View File

Binary file not shown.

BIN
doc/img/genconfig.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.0 MiB

30
docker/misc/tools/cadoles_theme.css → doc/tools/cadoles_theme.css
View File

@ -3,6 +3,11 @@
src: url("fonts/Roboto/Roboto-Regular.ttf") format('truetype');
}
@font-face {
font-family: "Theboldefont";
src: url("fonts/Theboldfont/THE BOLD FONT - FREE VERSION - 2023.ttf") format('truetype');
}
body {
font-family: "Roboto" !important;
color: #333;
@ -17,7 +22,16 @@ body {
margin-top:30px;
text-align: center;
line-height: 1em;
font-weight: bold
font-weight: bold;
font-family: "Theboldefont" !important;
}
.title img {
width: 80%;
}
h1, h2, h3 {
font-family: "Theboldefont" !important;
}
h1 {
@ -43,12 +57,17 @@ img {
max-width:100%;
margin:auto;
display: block;
text-align:center;
}
.center {
text-align: center;
}
strong {
color: #078eb5;
}
footer img {
width: 32px;
}
@ -120,10 +139,5 @@ table > tbody > tr > td {
padding: 2px;
}
img[alt="schéma declenchement PCA"] { width: 500px; }
img[alt="Type Epique"] { width: 500px; }
img[alt="Type Epique Dependance"] { width: 200px; }
img[alt="Type Scenario"] { width: 500px; }
img[alt="Type Scenario Dependance"] { width: 200px; }
img[alt="Type Tache"] { width: 500px; }
img[alt="Jalon"] { width: 200px; }
.img50 {margin:auto; width:50%}
.img60 {margin:auto; width:60%}

0
docker/misc/tools/fonts/Roboto/LICENSE.txt → doc/tools/fonts/Roboto/LICENSE.txt
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Black.ttf → doc/tools/fonts/Roboto/Roboto-Black.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-BlackItalic.ttf → doc/tools/fonts/Roboto/Roboto-BlackItalic.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Bold.ttf → doc/tools/fonts/Roboto/Roboto-Bold.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-BoldItalic.ttf → doc/tools/fonts/Roboto/Roboto-BoldItalic.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Italic.ttf → doc/tools/fonts/Roboto/Roboto-Italic.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Light.ttf → doc/tools/fonts/Roboto/Roboto-Light.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-LightItalic.ttf → doc/tools/fonts/Roboto/Roboto-LightItalic.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Medium.ttf → doc/tools/fonts/Roboto/Roboto-Medium.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-MediumItalic.ttf → doc/tools/fonts/Roboto/Roboto-MediumItalic.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Regular.ttf → doc/tools/fonts/Roboto/Roboto-Regular.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-Thin.ttf → doc/tools/fonts/Roboto/Roboto-Thin.ttf
View File

0
docker/misc/tools/fonts/Roboto/Roboto-ThinItalic.ttf → doc/tools/fonts/Roboto/Roboto-ThinItalic.ttf
View File

BIN
doc/tools/fonts/Theboldfont/THE BOLD FONT - FREE VERSION - 2023.otf Normal file
View File

Binary file not shown.

BIN
doc/tools/fonts/Theboldfont/THE BOLD FONT - FREE VERSION - 2023.ttf Normal file
View File

Binary file not shown.

41
doc/tools/fonts/Theboldfont/THE BOLD FONT - LICENSE - 2023.rtf Normal file
View File

@ -0,0 +1,41 @@
{\rtf1\ansi\ansicpg1252\cocoartf1504\cocoasubrtf840
{\fonttbl\f0\fswiss\fcharset0 Helvetica;}
{\colortbl;\red255\green255\blue255;\red0\green0\blue0;\red255\green255\blue255;}
{\*\expandedcolortbl;;\csgenericrgb\c0\c0\c0;\cssrgb\c100000\c100000\c100000;}
\paperw11900\paperh16840\margl1440\margr1440\vieww10800\viewh8400\viewkind0
\pard\tx566\tx1133\tx1700\tx2267\tx2834\tx3401\tx3968\tx4535\tx5102\tx5669\tx6236\tx6803\pardirnatural\partightenfactor0
\f0\fs24 \cf0 \
Thank you for downloading \
\b\fs28 THE BOLD FONT.
\b0\fs24 \
\
It is a 100% free font so you can use it as much as you like for whatever you like.\
Of course every donation for my effort would be highly appreciated. You can find a donate button on the DaFont page where you downloaded the font.\
\
Did you know that there is also a
\b PRO
\b0 version available. It comes with lowercase characters and has way more glyphs that the free version. You can get it at:\
\
{\field{\*\fldinst{HYPERLINK "https://the-bold-font.com/"}}{\fldrslt
\b\fs28 WWW.THE-BOLD-FONT.COM }}
\b \
\b0 \
Thank you so much and have fun designing with
\b\fs28 THE BOLD FONT
\b0\fs24 !\
\
\
\pard\pardeftab720\sl380\partightenfactor0
\cf2 \cb3 \expnd0\expndtw0\kerning0
Yours sincerely,\
Sven Pels\
\b\fs28 THE BOLD FONT.\
\b0\fs24 \
Copyright \'a9 2023
\b THE BOLD FONT.
\b0 Sven Pels. All rights reserved.}

BIN
doc/tools/fonts/Theboldfont/THE BOLD FONT - VISUAL - PRO.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
doc/tools/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

19
docker/.gitignore vendored
View File

@ -1,5 +1,6 @@
.env.local
/env/*.local
/tmp
/volume/mariadb/mysql
@ -7,8 +8,8 @@
/volume/nextcloud/html
/volume/nextcloud/app
/volume/ninegate/data/private
/volume/ninegate/data/private
/volume/ninegate/data/private/*
!/volume/ninegate/data/private/.gitkeep
/volume/ninegate/data/public/*
!/volume/ninegate/data/public/avatar
/volume/ninegate/data/public/avatar/*
@ -25,4 +26,18 @@
/volume/ninegate/data/public/icon/*
!/volume/ninegate/data/public/icon/icon_*.png
/volume/nineboard/data/private/*
!/volume/nineboard/data/private/.gitkeep
/volume/nineboard/data/public/*
!/volume/nineboard/data/public/avatar
/volume/nineboard/data/public/avatar/*
!/volume/nineboard/data/public/avatar/admin.jpg
!/volume/nineboard/data/public/avatar/noavatar.png
!/volume/nineboard/data/public/avatar/system.jpg
!/volume/nineboard/data/public/logo
/volume/nineboard/data/public/logo/*
!/volume/nineboard/data/public/logo/logo.png
/volume/openldap/data
/volume/wordpress/data

BIN
docker/doc/etude.pdf
View File

Binary file not shown.

53
docker/docker-compose.yml
View File

@ -9,7 +9,7 @@ services:
test: /envole/check.sh
interval: 1s
timeout: 60s
env_file: ./.env.local
env_file: ./tmp/.env.mariadb
networks:
- envole-network
ports:
@ -26,7 +26,7 @@ services:
test: /envole/check.sh
interval: 1s
timeout: 60s
env_file: ./.env.local
env_file: ./tmp/.env.openldap
networks:
- envole-network
ports:
@ -51,7 +51,7 @@ services:
test: curl --fail http://127.0.0.1:9990 || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
env_file: ./tmp/.env.keycloak
networks:
- envole-network
ports:
@ -66,10 +66,10 @@ services:
container_name: envole-ninegate
restart: always
healthcheck:
test: curl --fail http://localhost || exit 1
test: curl --fail http://localhost/ninegate || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
env_file: ./tmp/.env.ninegate
networks:
- envole-network
ports:
@ -79,14 +79,14 @@ services:
- ./volume/ninegate/data/public:/app/public/uploads
nextcloud:
image: docker.io/library/nextcloud
image: reg.cadoles.com/envole/nextcloud
container_name: envole-nextcloud
restart: always
healthcheck:
test: curl --fail http://localhost || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
env_file: ./tmp/.env.nextcloud
networks:
- envole-network
ports:
@ -98,11 +98,44 @@ services:
- ./volume/nextcloud/envole:/envole
- ./volume/nextcloud/prestart:/docker-entrypoint-hooks.d/before-starting
nineboard:
image: reg.cadoles.com/envole/nineboard
container_name: envole-nineboard
restart: always
healthcheck:
test: curl --fail http://localhost/nineboard || exit 1
interval: 1s
timeout: 60s
env_file: ./tmp/.env.nineboard
networks:
- envole-network
ports:
- "9002:80"
volumes:
- ./volume/nineboard/data/private:/app/uploads
- ./volume/nineboard/data/public:/app/public/uploads
wordpress:
image: reg.cadoles.com/envole/wordpress
container_name: envole-wordpress
restart: always
healthcheck:
test: curl --fail http://localhost/wordpress || exit 1
interval: 1s
timeout: 60s
env_file: ./tmp/.env.wordpress
networks:
- envole-network
ports:
- "9003:80"
volumes:
- ./volume/wordpress/data:/app/public/wp-content
adminer:
image: docker.io/library/adminer
container_name: envole-adminer
restart: always
env_file: ./.env.local
env_file: ./tmp/.env.adminer
networks:
- envole-network
ports:
@ -112,7 +145,7 @@ services:
image: docker.io/osixia/phpldapadmin:latest
container_name: envole-phpldapadmin
restart: always
env_file: ./.env.local
env_file: ./tmp/.env.phpldapadmin
networks:
- envole-network
ports:
@ -126,7 +159,7 @@ services:
test: curl --fail http://localhost || exit 1
interval: 1s
timeout: 60s
env_file: ./.env.local
env_file: ./tmp/.env.nineapache
networks:
- envole-network
ports:

56
docker/env/.env vendored
View File

@ -1,12 +1,18 @@
# == GLOBAL ===============================================================================================================================
# ATTENTION
# si vous souhaiter faire tourner envole sur localhost vous devez ajouter dans votre host = 127.0.0.0 envole.local
# votre localhost devra aussi disposer d'un certificat
# si vous changer le web_url penser à modifier envole.local par votre web_url dans volume/keycloak/envole/realm-export.json
# sinon il vous faudra vous connecter à keycloak pour changer l'url du client envole
# RELEASE SYSTEM = linux ou eole si eole le réseau du compose sera supprimé et regénéré à chaque UP
RELEASE_SYSTEM=linux
# GLOBAL
APP_ENV=PROD
WEB_URL=localhost
WEB_PROTOCOL=http
WEB_URL=envole.local
PROTOCOLE=https
# ADMIN USER
ADMIN_USER=admin
@ -18,7 +24,7 @@ MASTERIDENTITY=SQL
# AUTHENTIFICATION
# SQL or CAS (todo LDAP or OPENID)
MODE_AUTH=SQL
MODE_AUTH=CAS
# MARIADB
MARIADB_SERVICE_NAME=mariadb
@ -30,11 +36,11 @@ MARIADB_PASSWORD=${ADMIN_PASSWORD}
# LDAP
# LDAP_SYNC Si MASTERIDENTITY = SQL permet la synchronisation des utilisateurs SQL vers LDAP
LDAP_SERVICE_NAME=openldap
OPENLDAP_SERVICE_NAME=openldap
LDAP_ACTIVATE=1
LDAP_LOCAL=1
LDAP_TYPE=LDAP
LDAP_HOST=${LDAP_SERVICE_NAME}
LDAP_HOST=${OPENLDAP_SERVICE_NAME}
LDAP_PORT=1389
LDAP_TLS=0
LDAP_BASEDN=dc=envole,dc=org
@ -50,8 +56,12 @@ LDAP_TEMPLATE=
LDAP_USERNAME=uid
LDAP_FIRSTNAME=givenname
LDAP_LASTNAME=sn
LDAP_DISPLAYNAME=displayName
LDAP_EMAIL=mail
LDAP_MEMBER=memberUid
LDAP_USER_FILTER="(&(${LDAP_USERNAME}=*)(objectClass=person)(!(description=Computer)))"
LDAP_LOGIN_FILTER="(&(${LDAP_USERNAME}=%uid)(objectClass=person)(!(description=Computer)))"
LDAP_GROUP_FILTER="(&(objectClass=posixGroup))"
SCRIBE_GROUP=1
SCRIBE_MASTER=1
OPENLDAPREQNIVEAU01=
@ -59,44 +69,60 @@ OPENLDAPSYNCHROGROUP=0
OPENLDAPREQGROUP=
# CAS
# attention si localhost = ajouter keycloak dans votre propre host : le service web doit valider son ticket via le nom du service et votre navigateur doit assi le voir
CAS_SERVICE_NAME=keycloak
KEYCLOAK_SERVICE_NAME=keycloak
CAS_ACTIVATE=1
CAS_LOCAL=1
CAS_USER=${ADMIN_USER}-keycloak
CAS_PASSWORD=${ADMIN_PASSWORD}-keycloak
CAS_HOST=keycloak
CAS_PORT=8443
CAS_HOST=${WEB_URL}
CAS_PORT=443
CAS_PATH=/auth/realms/envole/protocol/cas
CAS_URL=${WEB_PROTOCOL}://${CAS_HOST}:${CAS_PORT}
CAS_URL=${PROTOCOLE}://${CAS_HOST}:${CAS_PORT}
# NINEGATE
NINEGATE_SERVICE_NAME=ninegate
NINEGATE_ACTIVATE=1
NINEGATE_LOCAL=1
NINEGATE_URL=${WEB_PROTOCOL}://${WEB_URL}:9000
NINEGATE_URL=${PROTOCOLE}://${WEB_URL}:9000
# NINEGATE
NEXTCLOUD_SERVICE_NAME=nextcloud
NEXTCLOUD_ACTIVATE=0
NEXTCLOUD_LOCAL=1
NEXTCLOUD_URL=${WEB_PROTOCOL}://${WEB_URL}:9001
NEXTCLOUD_URL=${PROTOCOLE}://${WEB_URL}:9001
NEXTCLOUD_SAMBA=0
# NINEBOARD
NINEBOARD_SERVICE_NAME=nineboard
NINEBOARD_ACTIVATE=1
NINEBOARD_LOCAL=1
NINEBOARD_URL=${PROTOCOLE}://${WEB_URL}:9002
# WORDPRESS
WORDPRESS_SERVICE_NAME=wordpress
WORDPRESS_ACTIVATE=1
WORDPRESS_LOCAL=1
WORDPRESS_URL=${PROTOCOLE}://${WEB_URL}:9003
# ADMINER
ADMINER_SERVICE_NAME=adminer
ADMINER_ACTIVATE=0
ADMINER_LOCAL=1
ADMINER_URL=${WEB_PROTOCOL}://${WEB_URL}:9100/?server=${MARIADB_SERVICE_NAME}&username=${MARIADB_USER}
ADMINER_URL=${PROTOCOLE}://${WEB_URL}:9100/?server=${MARIADB_SERVICE_NAME}&username=${MARIADB_USER}
# PHPLDAPADMIN
PHPLDAPADMIN_SERVICE_NAME=phpldapadmin
PHPLDAPADMIN_ACTIVATE=0
PHPLDAPADMIN_LOCAL=1
PHPLDAPADMIN_URL=${WEB_PROTOCOL}://${WEB_URL}:9101
PHPLDAPADMIN_URL=${PROTOCOLE}://${WEB_URL}:9101
# GENCONFIG
GENCONFIG_ACTIVATE=0
GENCONFIG_URL=${PROTOCOLE}://${WEB_URL}:9102
# NINEAPACHE
NINEAPACHE_SERVICE_NAME=nineapache
NINEAPACHE_ACTIVATE=0
NINEAPACHE_LOCAL=1
NINEAPACHE_URL=${WEB_PROTOCOL}://${WEB_URL}:9102
NINEAPACHE_URL=${PROTOCOLE}://${WEB_URL}:9102

2
docker/env/.env.zapp.keycloak vendored
View File

@ -12,4 +12,4 @@ DB_PASSWORD=${MARIADB_PASSWORD}
KC_HTTPS_CERTIFICATE_FILE=/envole/server.crt.pem
KC_HTTPS_CERTIFICATE_KEY_FILE=/envole/server.key.pem
KEYCLOAK_IMPORT=/envole/realm-export.json
PROXY_ADDRESS_FORWARDING= 'true'

1
docker/env/.env.zapp.nextcloud vendored
View File

@ -8,3 +8,4 @@ MYSQL_PASSWORD=${MARIADB_PASSWORD}
NEXTCLOUD_ADMIN_USER=${ADMIN_USER}
NEXTCLOUD_ADMIN_PASSWORD=${ADMIN_PASSWORD}
NEXTCLOUD_ALIAS=

5
docker/env/.env.zapp.nineboard vendored Normal file
View File

@ -0,0 +1,5 @@
# == NINEBOARD ============================================================================================================================
APP_AUTH=${MODE_AUTH}

12
docker/env/.env.zapp.ninegate vendored
View File

@ -3,7 +3,7 @@
# Activation Widget
ACTIVATE_WIDADMINER=${ADMINER_ACTIVATE}
WIDADMINER_URL=${ADMINER_URL}
WIDADMINER_URL="${ADMINER_URL}"
ACTIVATE_WIDPHPLDAPADMIN=${PHPLDAPADMIN_ACTIVATE}
WIDPHPLDAPADMIN_URL=${PHPLDAPADMIN_URL}
@ -11,3 +11,13 @@ WIDPHPLDAPADMIN_URL=${PHPLDAPADMIN_URL}
ACTIVATE_WIDNEXTCLOUD=${NEXTCLOUD_ACTIVATE}
WIDNEXTCLOUD_URL=${NEXTCLOUD_URL}
ACTIVATE_WIDNINEBOARD=${NINEBOARD_ACTIVATE}
WIDNINEBOARD_URL=${NINEBOARD_URL}
ACTIVATE_WIDWORDPRESS=${WORDPRESS_ACTIVATE}
WIDWORDPRESS_URL=${WORDPRESS_URL}
ACTIVATE_WIDGENCONFIG=${GENCONFIG_ACTIVATE}
WIDGENCONFIG_URL=${GENCONFIG_URL}
INITPWDADMIN=${ADMIN_PASSWORD}

2
docker/env/.env.zapp.phpldapadmin vendored
View File

@ -1,7 +1,7 @@
# == PHPLDAPADMIN =========================================================================================================================
PHPLDAPADMIN_LDAP_HOSTS=ldap://${LDAP_SERVICE_NAME}:${LDAP_PORT}
PHPLDAPADMIN_LDAP_HOSTS=ldap://${LDAP_HOST}:${LDAP_PORT}
PHPLDAPADMIN_HTTPS="false"
PHPLDAPADMIN_SERVER_PATH=

14
docker/env/.env.zapp.wordpress vendored Normal file
View File

@ -0,0 +1,14 @@
# == WORDPRESS ============================================================================================================================
WORDPRESS_DB_HOST=mariadb
WORDPRESS_DB_NAME=wordpress
WORDPRESS_DB_USER=${MARIADB_USER}
WORDPRESS_DB_PASSWORD=${MARIADB_PASSWORD}
WORDPRESS_TITLE=wordpress
WORDPRESS_USER=${ADMIN_USER}
WORDPRESS_PASSWORD=${ADMIN_PASSWORD}
WORDPRESS_EMAIL=${ADMIN_USER}@noreply.fr
WORDPRESS_PROTOCOL=${PROTOCOLE}
WORDPRESS_DOMAINE=${WEB_URL}
WORDPRESS_ALIAS=/wordpress/

437
docker/envole.sh
View File

@ -3,55 +3,106 @@
#1 : action = default up
#2 : service = optionnel
cd /usr/share/envole/docker
# Fusionner l'ensemble des fichier .env en un seul
rm -f ./.env.local
cat ./env/.env* >> ./.env.local
. ./misc/tools/e-ihm.sh
. ./misc/e-ihm.sh
. .env
. ./env/.env
. ./env/.env.local
# Start script
clear
BigTitle "ENVOLE"
# on remplace les valeur reprise dans les autres .env car podman interprète mal
sed -i 's#${WEB_URL}#'${WEB_URL}'#g' ./.env.local
sed -i 's#${WEB_PROTOCOL}#'${WEB_PROTOCOL}'#g' ./.env.local
. ./.env.local
if [[ "$PODCOMPOSEBIN" == "podman-compose" ]]
then
sed -i 's#${WEB_URL}#'${WEB_URL}'#g' ./.env.local
sed -i 's#${WEB_PROTOCOL}#'${WEB_PROTOCOL}'#g' ./.env.local
. ./.env.local
sed -i 's#${ADMIN_PASSWORD}#'${ADMIN_PASSWORD}'#g' ./.env.local
sed -i 's#${ADMIN_USER}#'${ADMIN_USER}'#g' ./.env.local
sed -i 's#${ADMIN_PASSWORD}#'${ADMIN_PASSWORD}'#g' ./.env.local
sed -i 's#${ADMIN_USER}#'${ADMIN_USER}'#g' ./.env.local
sed -i 's#${CAS_HOST}#'${CAS_HOST}'#g' ./.env.local
sed -i 's#${CAS_PORT}#'${CAS_PORT}'#g' ./.env.local
sed -i 's#${CAS_USER}#'${CAS_USER}'#g' ./.env.local
sed -i 's#${CAS_PASSWORD}#'${CAS_PASSWORD}'#g' ./.env.local
sed -i 's#${CAS_HOST}#'${CAS_HOST}'#g' ./.env.local
sed -i 's#${CAS_PORT}#'${CAS_PORT}'#g' ./.env.local
sed -i 's#${CAS_USER}#'${CAS_USER}'#g' ./.env.local
sed -i 's#${CAS_PASSWORD}#'${CAS_PASSWORD}'#g' ./.env.local
sed -i 's#${LDAP_SERVICE_NAME}#'${LDAP_SERVICE_NAME}'#g' ./.env.local
sed -i 's#${LDAP_ADMIN_USERNAME}#'${LDAP_ADMIN_USERNAME}'#g' ./.env.local
sed -i 's#${LDAP_BASEDN}#'${LDAP_BASEDN}'#g' ./.env.local
sed -i 's#${LDAP_PASSWORD}#'${LDAP_PASSWORD}'#g' ./.env.local
sed -i 's#${LDAP_USER}#'${LDAP_USER}'#g' ./.env.local
sed -i 's#${LDAP_PORT}#'${LDAP_PORT}'#g' ./.env.local
sed -i 's#${OPENLDAP_SERVICE_NAME}#'${OPENLDAP_SERVICE_NAME}'#g' ./.env.local
sed -i 's#${LDAP_ADMIN_USERNAME}#'${LDAP_ADMIN_USERNAME}'#g' ./.env.local
sed -i 's#${LDAP_BASEDN}#'${LDAP_BASEDN}'#g' ./.env.local
sed -i 's#${LDAP_PASSWORD}#'${LDAP_PASSWORD}'#g' ./.env.local
sed -i 's#${LDAP_USER}#'${LDAP_USER}'#g' ./.env.local
sed -i 's#${LDAP_PORT}#'${LDAP_PORT}'#g' ./.env.local
sed -i 's#${MARIADB_SERVICE_NAME}#'${MARIADB_SERVICE_NAME}'#g' ./.env.local
sed -i 's#${MARIADB_USER}#'${MARIADB_USER}'#g' ./.env.local
sed -i 's#${MARIADB_PASSWORD}#'${MARIADB_PASSWORD}'#g' ./.env.local
sed -i 's#${MARIADB_SERVICE_NAME}#'${MARIADB_SERVICE_NAME}'#g' ./.env.local
sed -i 's#${MARIADB_USER}#'${MARIADB_USER}'#g' ./.env.local
sed -i 's#${MARIADB_PASSWORD}#'${MARIADB_PASSWORD}'#g' ./.env.local
sed -i 's#${ADMINER_ACTIVATE}#'${ADMINER_ACTIVATE}'#g' ./.env.local
sed -i 's#${ADMINER_URL}#'${ADMINER_URL}'#g' ./.env.local
sed -i 's#${ADMINER_ACTIVATE}#'${ADMINER_ACTIVATE}'#g' ./.env.local
sed -i 's#${ADMINER_URL}#'${ADMINER_URL}'#g' ./.env.local
sed -i 's#${PHPLDAPADMIN_ACTIVATE}#'${PHPLDAPADMIN_ACTIVATE}'#g' ./.env.local
sed -i 's#${PHPLDAPADMIN_URL}#'${PHPLDAPADMIN_URL}'#g' ./.env.local
sed -i 's#${PHPLDAPADMIN_ACTIVATE}#'${PHPLDAPADMIN_ACTIVATE}'#g' ./.env.local
sed -i 's#${PHPLDAPADMIN_URL}#'${PHPLDAPADMIN_URL}'#g' ./.env.local
sed -i 's#${NEXTCLOUD_ACTIVATE}#'${NEXTCLOUD_ACTIVATE}'#g' ./.env.local
sed -i 's#${NEXTCLOUD_URL}#'${NEXTCLOUD_URL}'#g' ./.env.local
sed -i 's#${NEXTCLOUD_ACTIVATE}#'${NEXTCLOUD_ACTIVATE}'#g' ./.env.local
sed -i 's#${NEXTCLOUD_URL}#'${NEXTCLOUD_URL}'#g' ./.env.local
fi
# Include
. ./.env.local
#===========================================================================================================================================
#== ENV ====================================================================================================================================
#===========================================================================================================================================
#1 = service to stop if null all service
destroyall(){
Question_ouinon "Souhaitez-vous supprimer l'ensemble des containers : Attention cela supprimera vraiment tout ?"
if [[ "$?" = 0 ]]
then
destroy $MARIADB_SERVICE_NAME 1
destroy $OPENLDAP_SERVICE_NAME 1
destroy $KEYCLOAK_SERVICE_NAME 1
destroy $NINEGATE_SERVICE_NAME 1
destroy $NINEBOARD_SERVICE_NAME 1
destroy $NEXTCLOUD_SERVICE_NAME 1
destroy $WORDPRESS_SERVICE_NAME 1
destroy $ADMINER_SERVICE_NAME 1
destroy $PHPLDAPADMIN_SERVICE_NAME 1
destroy $NINEAPACHE_SERVICE_NAME 1
fi
}
env() {
rm -rf ./tmp/.env.$1
mkdir -p ./tmp
cat ./env/.env >> ./tmp/.env.$1
if [[ -f ./env/.env.local ]]; then cat ./env/.env.local >> ./tmp/.env.$1; fi
if [[ -f ./env/.env.zapp.$1 ]]; then cat ./env/.env.zapp.$1 >> ./tmp/.env.$1; fi
if [[ -f ./env/.env.zapp.$1.local ]]; then cat ./env/.env.zapp.$1.local >> ./tmp/.env.$1; fi
};
#===========================================================================================================================================
#== ENVALL =================================================================================================================================
#===========================================================================================================================================
envall(){
env $MARIADB_SERVICE_NAME
env $OPENLDAP_SERVICE_NAME
env $KEYCLOAK_SERVICE_NAME
env $NINEGATE_SERVICE_NAME
env $NINEBOARD_SERVICE_NAME
env $NEXTCLOUD_SERVICE_NAME
env $WORDPRESS_SERVICE_NAME
env $ADMINER_SERVICE_NAME
env $PHPLDAPADMIN_SERVICE_NAME
env $NINEAPACHE_SERVICE_NAME
}
#===========================================================================================================================================
#== STOP ===================================================================================================================================
@ -106,6 +157,160 @@ upservice(){
wait_for_container $1
}
function upmariadb {
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
Title "MARIADB"
EchoVert "CONTAINER"
upservice $MARIADB_SERVICE_NAME
Echo
fi
}
function upopenldap {
if [[ $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]]
then
Title ${OPENLDAP_SERVICE_NAME^^}
EchoVert "CONTAINER"
mkdir -p ./volume/openldap/data
chmod a+wr ./volume/openldap/data
upservice $OPENLDAP_SERVICE_NAME
$PODCOMPOSEBIN exec $OPENLDAP_SERVICE_NAME /envole/init.sh
Echo
fi
}
function upkeycloak {
if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
Title ${KEYCLOAK_SERVICE_NAME^^}
# CREATE BDD
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
EchoVert "DATABASE"
Echo ${KEYCLOAK_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $KEYCLOAK_SERVICE_NAME
Echo
fi
EchoVert "CONTAINER"
upservice $KEYCLOAK_SERVICE_NAME
Echo
fi
}
function upninegate {
if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]]
then
Title ${NINEGATE_SERVICE_NAME^^}
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
EchoVert "DATABASE"
Echo ${NINEGATE_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $NINEGATE_SERVICE_NAME
Echo
fi
EchoVert "CONTAINER"
upservice ${NINEGATE_SERVICE_NAME}
chmod -R a+wr ./volume/ninegate/data
Echo
fi
}
function upnineboard {
if [[ $NINEBOARD_ACTIVATE == 1 && $NINEBOARD_LOCAL == 1 ]]
then
Title ${NINEBOARD_SERVICE_NAME^^}
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
EchoVert "DATABASE"
Echo ${NINEBOARD_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $NINEBOARD_SERVICE_NAME
Echo
fi
EchoVert "CONTAINER"
upservice ${NINEBOARD_SERVICE_NAME}
chmod -R a+wr ./volume/nineboard/data
Echo
fi
}
function upnextcloud {
if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]]
then
Title ${NEXTCLOUD_SERVICE_NAME^^}
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
EchoVert "DATABASE"
Echo ${NEXTCLOUD_SERVICE_NAME^^}
Echo
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $NEXTCLOUD_SERVICE_NAME
fi
EchoVert "CONTAINER"
upservice ${NEXTCLOUD_SERVICE_NAME}
Echo
fi
}
function upwordpress {
if [[ $WORDPRESS_ACTIVATE == 1 && $WORDPRESS_LOCAL == 1 ]]
then
Title ${WORDPRESS_SERVICE_NAME^^}
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
EchoVert "DATABASE"
Echo ${WORDPRESS_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $WORDPRESS_SERVICE_NAME
Echo
fi
EchoVert "CONTAINER"
upservice ${WORDPRESS_SERVICE_NAME}
Echo
fi
}
function upadminer {
if [[ $ADMINER_ACTIVATE == 1 && $ADMINER_LOCAL == 1 ]]
then
Title ${ADMINER_SERVICE_NAME^^}
EchoVert "CONTAINER"
$PODCOMPOSEBIN up -d ${ADMINER_SERVICE_NAME}
Echo
fi
}
function upphpldapadmin {
if [[ $PHPLDAPADMIN_ACTIVATE == 1 && $PHPLDAPADMIN_LOCAL == 1 ]]
then
Title ${PHPLDAPADMIN_SERVICE_NAME^^}
EchoVert "CONTAINER"
$PODCOMPOSEBIN up -d ${PHPLDAPADMIN_SERVICE_NAME}
Echo
fi
}
function upnineapache {
if [[ $NINEAPACHE_ACTIVATE == 1 && $NINEAPACHE_LOCAL == 1 ]]
then
Title ${NINEAPACHE_SERVICE_NAME^^}
EchoVert "CONTAINER"
$PODCOMPOSEBIN up -d ${NINEAPACHE_SERVICE_NAME}
Echo
fi
}
#===========================================================================================================================================
#== UP =====================================================================================================================================
#===========================================================================================================================================
@ -122,98 +327,48 @@ up(){
if [[ "$RELEASE_SYSTEM" == "eole" ]]
then
Title "NETWORK"
EchoRouge "ATTENTION SOLUTION DE CONTOURNEMENT POUR LE POC"
EchoRouge "A résoudre si l'on souhaite mettre en production"
# On réinstall docker-ce car le reconf détruit le reseau docker, la reinstall de docker-ce rétablit le reseau
apt-get install docker-ce --reinstall
# ATTENTION A REVOIR car ouvre complétement le firewall
iptables -P INPUT ACCEPT
fi
# MARIADB
if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
then
Title "MARIADB"
upservice $MARIADB_SERVICE_NAME
echo
# CREATE BDD
if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
EchoVert ${CAS_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $CAS_SERVICE_NAME
fi
if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]]
then
EchoVert ${NINEGATE_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $NINEGATE_SERVICE_NAME
fi
if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]]
then
EchoVert ${NEXTCLOUD_SERVICE_NAME^^}
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/init.sh $NEXTCLOUD_SERVICE_NAME
fi
fi
upmariadb
# OPENLDAP
if [[ $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]]
then
Title ${LDAP_SERVICE_NAME^^}
mkdir -p ./volume/openldap/data
chmod a+wr ./volume/openldap/data
upservice $LDAP_SERVICE_NAME
$PODCOMPOSEBIN exec $LDAP_SERVICE_NAME /envole/init.sh
fi
upopenldap
# CAS
if [[ $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
Title ${CAS_SERVICE_NAME^^}
upservice $CAS_SERVICE_NAME
fi
# KEYCLOAK
upkeycloak
# NINEGATE
if [[ $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]]
then
Title ${NINEGATE_SERVICE_NAME^^}
upservice ${NINEGATE_SERVICE_NAME}
echo
fi
upninegate
# NINEBOARD
upnineboard
# NEXTCLOUD
if [[ $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]]
then
Title ${NEXTCLOUD_SERVICE_NAME^^}
upservice ${NEXTCLOUD_SERVICE_NAME}
echo
fi
upnextcloud
# WORDPRESS
upwordpress
# ADMINER
if [[ $ADMINER_ACTIVATE == 1 && $ADMINER_LOCAL == 1 ]]
then
Title ${ADMINER_SERVICE_NAME^^}
$PODCOMPOSEBIN up -d ${ADMINER_SERVICE_NAME}
echo
fi
upadminer
# PHPLDAPADMIN
if [[ $PHPLDAPADMIN_ACTIVATE == 1 && $PHPLDAPADMIN_LOCAL == 1 ]]
then
Title ${PHPLDAPADMIN_SERVICE_NAME^^}
$PODCOMPOSEBIN up -d ${PHPLDAPADMIN_SERVICE_NAME}
echo
fi
upphpldapadmin
# NINEAPACHE
if [[ $NINEAPACHE_ACTIVATE == 1 && $NINEAPACHE_LOCAL == 1 ]]
then
Title ${NINEAPACHE_SERVICE_NAME^^}
$PODCOMPOSEBIN up -d ${NINEAPACHE_SERVICE_NAME}
echo
fi
upnineapache
else
Title ${1^^}
$PODCOMPOSEBIN up -d $1
env ${1}
up${1}
fi
}
@ -225,14 +380,16 @@ destroyall(){
Question_ouinon "Souhaitez-vous supprimer l'ensemble des containers : Attention cela supprimera vraiment tout ?"
if [[ "$?" = 0 ]]
then
destroy mariadb 1
destroy openldap 1
destroy keycloak 1
destroy ninegate 1
destroy nextcloud 1
destroy adminer 1
destroy phpldapadmin 1
destroy nineapache 1
destroy $MARIADB_SERVICE_NAME 1
destroy $OPENLDAP_SERVICE_NAME 1
destroy $KEYCLOAK_SERVICE_NAME 1
destroy $NINEGATE_SERVICE_NAME 1
destroy $NINEBOARD_SERVICE_NAME 1
destroy $NEXTCLOUD_SERVICE_NAME 1
destroy $WORDPRESS_SERVICE_NAME 1
destroy $ADMINER_SERVICE_NAME 1
destroy $PHPLDAPADMIN_SERVICE_NAME 1
destroy $NINEAPACHE_SERVICE_NAME 1
fi
}
@ -261,7 +418,7 @@ destroy(){
fi
fi
if [[ "$1" == "$LDAP_SERVICE_NAME" && $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]]
if [[ "$1" == "$OPENLDAP_SERVICE_NAME" && $LDAP_ACTIVATE == 1 && $LDAP_LOCAL == 1 ]]
then
if [[ -z $2 ]]; then Question_ouinon "Souhaitez-vous supprimer l'annuaire associé à $1 ?";fi
if [[ "$?" = 0 || -z $2 ]]
@ -273,16 +430,15 @@ destroy(){
fi
fi
if [[ "$1" == "$CAS_SERVICE_NAME" && $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
if [[ "$1" == "$KEYCLOAK_SERVICE_NAME" && $CAS_ACTIVATE == 1 && $CAS_LOCAL == 1 ]]
then
if [[ -z $2 ]]; then Question_ouinon "Souhaitez-vous supprimer la BDD associé à $1 ?";fi
if [[ "$?" = 0 || -z $2 ]]
then
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/delete.sh $CAS_SERVICE_NAME
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/delete.sh $KEYCLOAK_SERVICE_NAME
fi
fi
if [[ "$1" == "$NINEGATE_SERVICE_NAME" && $NINEGATE_ACTIVATE == 1 && $NINEGATE_LOCAL == 1 ]]
then
if [[ -z $2 ]]; then Question_ouinon "Souhaitez-vous supprimer la BDD associé à $1 ?";fi
@ -292,6 +448,15 @@ destroy(){
fi
fi
if [[ "$1" == "$NINEBOARD_SERVICE_NAME" && $NINEBOARD_ACTIVATE == 1 && $NINEBOARD_LOCAL == 1 ]]
then
if [[ -z $2 ]]; then Question_ouinon "Souhaitez-vous supprimer la BDD associé à $1 ?";fi
if [[ "$?" = 0 || -z $2 ]]
then
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/delete.sh $NINEBOARD_SERVICE_NAME
fi
fi
if [[ "$1" == "$NEXTCLOUD_SERVICE_NAME" && $NEXTCLOUD_ACTIVATE == 1 && $NEXTCLOUD_LOCAL == 1 ]]
then
if [[ -z $2 ]]; then Question_ouinon "Souhaitez-vous supprimer la BDD associé à $1 ainsi que les fichiers utilisateurs ?";fi
@ -302,13 +467,25 @@ destroy(){
sudo rm -rf volume/nextcloud/html
sudo rm -rf volume/nextcloud/app
fi
fi
fi
if [[ "$1" == "$WORDPRESS_SERVICE_NAME" && $WORDPRESS_ACTIVATE == 1 && $WORDPRESS_LOCAL == 1 ]]
then
if [[ -z $2 ]]; then Question_ouinon "Souhaitez-vous supprimer la BDD associé à $1 ?";fi
if [[ "$?" = 0 || -z $2 ]]
then
$PODCOMPOSEBIN exec $MARIADB_SERVICE_NAME /envole/delete.sh $WORDPRESS_SERVICE_NAME
sudo rm -rf volume/wordpress/data
fi
fi
}
#===========================================================================================================================================
#== MAIN ===================================================================================================================================
#===========================================================================================================================================
envall
if [[ $1 == "up" || $1 == "" ]]
then
up $2
@ -344,7 +521,41 @@ then
wait_for_container $2
elif [[ $1 == "env" ]]
then
EchoVert "Fichier .env.local regénéré"
if [[ -z $2 ]]
then
EchoRouge "Vous devez precisez un service"
EchoRouge "envole.sh env monservice"
else
env $2
EchoVert "Fichier tmp/.env.$1 regénéré"
fi
elif [[ $1 == "regen" ]]
then
if [[ -z $2 ]]
then
destroyall
up
else
destroy $2
up $2
fi
else
EchoRouge "Action possible ="
EchoRouge "envole.sh > UP de l'ensemble des services actifs"
EchoRouge "envole.sh up > UP de l'ensemble des services actifs"
EchoRouge "envole.sh up monservice> UP de monservice"
EchoRouge "envole.sh stop > STOP de l'ensemble des services"
EchoRouge "envole.sh stop monservice> STOP de monservice"
EchoRouge "envole.sh bash monservice> lance un terminel dans le conteneur de monservice"
EchoRouge "envole.sh destroyall> détruit l'ensemble des services avec l'ensemble des BDD et des volumes persistant"
EchoRouge "envole.sh destroy monservice> détruit monservices et si souhaitez sa BDD et ses volumes persistant"
EchoRouge "envole.sh logs > LOGS de l'ensemble des services"
EchoRouge "envole.sh logs monservice > LOGS de monservice"
EchoRouge "envole.sh iswait monservice > monservice est-il en cours de construction"
EchoRouge "envole.sh env monservice > regeneration du fichier d'environnement de monservice"
EchoRouge "envole.sh regen > lance destroyall puis up sur l'ensemble des service"
EchoRouge "envole.sh regen monservice > lance destroy monservice puis up monservice"
fi
echo
echo

0
docker/misc/tools/e-ihm.sh → docker/misc/e-ihm.sh
View File

111
docker/misc/tools/bash_loading_animations.sh
View File

@ -1,111 +0,0 @@
#!/usr/bin/env bash
# Source: https://github.com/Silejonu/bash_loading_animations
# shellcheck disable=SC2034 # https://github.com/koalaman/shellcheck/wiki/SC2034
### Loading animations list ###
# The first value of an array is the interval (in seconds) between each frame
## ASCII animations ##
# Will work in any terminal, including the TTY.
BLA_classic=( 0.25 '-' "\\" '|' '/' )
BLA_box=( 0.2 ┤ ┴ ├ ┬ )
BLA_bubble=( 0.6 · o O O o · )
BLA_breathe=( 0.9 '  ()  ' ' (  ) ' '(    )' ' (  ) ' )
BLA_growing_dots=( 0.5 '.  ' '.. ' '...' '.. ' '.  ' '   ' )
BLA_passing_dots=( 0.25 '.  ' '.. ' '...' ' ..' '  .' '   ' )
BLA_metro=( 0.2 '[    ]' '[=   ]' '[==  ]' '[=== ]' '[ ===]' '[  ==]' '[   =]' )
BLA_snake=( 0.4 '[=     ]' '[~<    ]' '[~~=   ]' '[~~~<  ]' '[ ~~~= ]' '[  ~~~<]' '[   ~~~]' '[    ~~]' '[     ~]' '[      ]' )
BLA_filling_bar=( 0.25 '█▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '█████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '██████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒▒' '███████████████████▒▒▒▒▒▒▒▒▒▒▒▒▒' '████████████████████▒▒▒▒▒▒▒▒▒▒▒▒' '█████████████████████▒▒▒▒▒▒▒▒▒▒▒' '██████████████████████▒▒▒▒▒▒▒▒▒▒' '███████████████████████▒▒▒▒▒▒▒▒▒' '████████████████████████▒▒▒▒▒▒▒▒' '█████████████████████████▒▒▒▒▒▒▒' '██████████████████████████▒▒▒▒▒▒' '███████████████████████████▒▒▒▒▒' '████████████████████████████▒▒▒▒' '█████████████████████████████▒▒▒' '██████████████████████████████▒▒' '███████████████████████████████▒' '████████████████████████████████')
## UTF-8 animations ##
# Require Unicode support (will work in most modern terminals, but not in TTY).
# Some animations may not render properly with certain fonts.
BLA_classic_utf8=( 0.25 '—' "\\" '|' '/' )
BLA_bounce=( 0.3 . · ˙ · )
BLA_vertical_block=( 0.25 ▁ ▂ ▃ ▄ ▅ ▆ ▇ █ █ ▇ ▆ ▅ ▄ ▃ ▂ ▁ )
BLA_horizontal_block=( 0.25 ▏ ▎ ▍ ▌ ▋ ▊ ▉ ▉ ▊ ▋ ▌ ▍ ▎ ▏ )
BLA_quarter=( 0.25 ▖ ▘ ▝ ▗ )
BLA_triangle=( 0.45 ◢ ◣ ◤ ◥)
BLA_semi_circle=( 0.1 ◐ ◓ ◑ ◒ )
BLA_rotating_eyes=( 0.4 ◡◡ ⊙⊙ ⊙⊙ ◠◠ )
BLA_firework=( 0.4 '⢀' '⠠' '⠐' '⠈' '*' '*' ' ' )
BLA_braille=( 0.2 ⠁ ⠂ ⠄ ⡀ ⢀ ⠠ ⠐ ⠈ )
BLA_braille_whitespace=( 0.2 ⣾ ⣽ ⣻ ⢿ ⡿ ⣟ ⣯ ⣷ )
BLA_trigram=( 0.25 ☰ ☱ ☳ ☶ ☴ )
BLA_arrow=( 0.15 ▹▹▹▹▹ ▸▹▹▹▹ ▹▸▹▹▹ ▹▹▸▹▹ ▹▹▹▸▹ ▹▹▹▹▸ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ ▹▹▹▹▹ )
BLA_bouncing_ball=( 0.4 '(●     )' '( ●    )' '(  ●   )' '(   ●  )' '(    ● )' '(     ●)' '(    ● )' '(   ●  )' '(  ●   )' '( ●    )' )
BLA_big_dot=( 0.7 ∙∙∙ ●∙∙ ∙●∙ ∙∙● )
BLA_modern_metro=( 0.15 ▰▱▱▱▱▱▱ ▰▰▱▱▱▱▱ ▰▰▰▱▱▱▱ ▱▰▰▰▱▱▱ ▱▱▰▰▰▱▱ ▱▱▱▰▰▰▱ ▱▱▱▱▰▰▰ ▱▱▱▱▱▰▰ ▱▱▱▱▱▱▰ ▱▱▱▱▱▱▱ ▱▱▱▱▱▱▱ ▱▱▱▱▱▱▱ ▱▱▱▱▱▱▱ )
BLA_pong=( 0.35 '▐⠂       ▌' '▐⠈       ▌' '▐ ⠂      ▌' '▐ ⠠      ▌' '▐  ⡀     ▌' '▐  ⠠     ▌' '▐   ⠂    ▌' '▐   ⠈    ▌' '▐    ⠂   ▌' '▐    ⠠   ▌' '▐     ⡀  ▌' '▐     ⠠  ▌' '▐      ⠂ ▌' '▐      ⠈ ▌' '▐       ⠂▌' '▐       ⠠▌' '▐       ⡀▌' '▐      ⠠ ▌' '▐      ⠂ ▌' '▐     ⠈  ▌' '▐     ⠂  ▌' '▐    ⠠   ▌' '▐    ⡀   ▌' '▐   ⠠    ▌' '▐   ⠂    ▌' '▐  ⠈     ▌' '▐  ⠂     ▌' '▐ ⠠      ▌' '▐ ⡀      ▌' '▐⠠       ▌' )
BLA_earth=( 0.45 🌍 🌎 🌏 )
BLA_clock=( 0.2 🕛 🕐 🕑 🕒 🕓 🕔 🕕 🕖 🕗 🕘 🕙 🕚 )
BLA_moon=( 0.8 🌑 🌒 🌓 🌔 🌕 🌖 🌗 🌘 )
BLA_orange_pulse=( 0.35 🔸 🔶 🟠 🟠 🔶 )
BLA_blue_pulse=( 0.35 🔹 🔷 🔵 🔵 🔷 )
BLA_football=( 0.25 ' 👧⚽️       👦' '👧  ⚽️      👦' '👧   ⚽️     👦' '👧    ⚽️    👦' '👧     ⚽️   👦' '👧      ⚽️  👦' '👧       ⚽️👦 ' '👧      ⚽️  👦' '👧     ⚽️   👦' '👧    ⚽️    👦' '👧   ⚽️     👦' '👧  ⚽️      👦' )
BLA_blink=( 0.25 😐 😐 😐 😐 😐 😐 😐 😐 😐 😑 )
BLA_camera=( 0.1 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📷 📸 📷 📸 )
BLA_sparkling_camera=( 0.1 '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📷 ' '📸✨' '📷 ' '📸✨' )
BLA_sick=( 0.9 🤢 🤢 🤮 )
BLA_monkey=( 0.4 🙉 🙈 🙊 🙈 )
BLA_bomb=( 0.25 '💣   ' ' 💣  ' '  💣 ' '   💣' '   💣' '   💣' '   💣' '   💣' '   💥' '    ' '    ' )
declare -a BLA_active_loading_animation
BLA::play_loading_animation_loop() {
while true ; do
for frame in "${BLA_active_loading_animation[@]}" ; do
printf "\r%s" "${frame}"
sleep "${BLA_loading_animation_frame_interval}"
done
done
}
BLA::start_loading_animation() {
BLA_active_loading_animation=( "${@}" )
# Extract the delay between each frame from array BLA_active_loading_animation
BLA_loading_animation_frame_interval="${BLA_active_loading_animation[0]}"
unset "BLA_active_loading_animation[0]"
tput civis # Hide the terminal cursor
BLA::play_loading_animation_loop &
BLA_loading_animation_pid="${!}"
}
BLA::stop_loading_animation() {
kill "${BLA_loading_animation_pid}" &> /dev/null
printf "\n"
tput cnorm # Restore the terminal cursor
}
###############################################################################
################################# USAGE GUIDE #################################
###############################################################################
################## Read below for the explanations on how to ##################
################### show loading animations in your script. ###################
###############################################################################
:<<'EXAMPLES'
## Put these lines at the top of your script:
## (replace /path/to/bash_loading_animations.sh with the appropriate filepath)
# Load in the functions and animations
source /path/to/bash_loading_animations.sh
# Run BLA::stop_loading_animation if the script is interrupted
trap BLA::stop_loading_animation SIGINT
# Show a loading animation for the command "foo"
BLA::start_loading_animation "${BLA_name_of_the_animation[@]}"
foo
BLA::stop_loading_animation
# If foo prints some output in the terminal, you may want to add:
foo 1> /dev/null # hide standard output
# or
foo 2> /dev/null # hide error messages
# or
foo &> /dev/null # hide all output
EXAMPLES

BIN
docker/misc/tools/logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 14 KiB

8
docker/volume/keycloak/envole/realm-export.json
View File

@ -435,16 +435,16 @@
"id": "133d3397-41e7-4ec1-aaf0-a0939da72f58",
"clientId": "envole",
"name": "envole",
"rootUrl": "https://eolebase.ac-test.fr",
"baseUrl": "https://eolebase.ac-test.fr",
"rootUrl": "https://envole.local",
"baseUrl": "https://envole.local",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"secret": "**********",
"redirectUris": [
"http://eolebase.ac-test.fr*",
"https://eolebase.ac-test.fr*"
"http://envole.local*",
"https://envole.local*"
],
"webOrigins": [],
"notBefore": 0,

1
docker/volume/mariadb/envole/nineboard.sql Normal file
View File

@ -0,0 +1 @@
CREATE DATABASE IF NOT EXISTS nineboard;

1
docker/volume/mariadb/envole/wordpress.sql Normal file
View File

@ -0,0 +1 @@
CREATE DATABASE IF NOT EXISTS wordpress;

1
docker/volume/nextcloud/envole/app/user_cas/lib/Service/AppService.php
View File

@ -299,7 +299,6 @@ class AppService
}
$serviceBasedUrl = $this->getServiceBasedUrl();
$this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'MON SERVICE BASE = '.$serviceBasedUrl);
# Initialize client
if ($this->casUseProxy) {

39
docker/volume/nextcloud/prestart/prestart.sh
View File

@ -52,6 +52,10 @@ echo "== FILES EXTERNAL"
run_as 'php occ app:install files_external'
run_as 'php occ app:update files_external'
run_as 'php occ app:enable files_external'
if [[ "${NEXTCLOUD_SAMBA}" == "1" ]]
then
run_as 'php occ files_external:import /envole/mount.json -q'
fi
echo
echo "== FILES MINDMAP"
@ -85,6 +89,41 @@ then
run_as 'php occ app:install user_ldap'
run_as 'php occ app:update user_ldap'
run_as 'php occ app:enable user_ldap'
run_as 'php occ config:app:set user_ldap bgjRefreshInterval --value=300 -q'
run_as 'php occ config:app:set user_ldap cleanUpJobChunkSize --value=300 -q'
run_as 'php occ config:app:set user_ldap background_sync_interval --value=300 -q'
run_as 'php occ ldap:show-config s01' > /tmp/nextcloud-ldap.txt
if grep -q "Invalid configID" /tmp/nextcloud-ldap.txt;then run_as 'php occ ldap:create-empty-config -q'; fi
run_as 'php occ ldap:set-config s01 ldapHost "${LDAP_HOST}"'
run_as 'php occ ldap:set-config s01 ldapPort "${LDAP_PORT}"'
run_as 'php occ ldap:set-config s01 ldapTLS "${LDAP_TLS}"'
run_as 'php occ ldap:set-config s01 ldapAgentName "${LDAP_USER}"'
run_as 'php occ ldap:set-config s01 ldapAgentPassword "${LDAP_PASSWORD}"'
run_as 'php occ ldap:set-config s01 ldapBase "${LDAP_BASEDN}"'
run_as 'php occ ldap:set-config s01 ldapBaseGroups "${LDAP_BASEGROUP}"'
run_as 'php occ ldap:set-config s01 ldapBaseUsers "${LDAP_BASEUSER}"'
run_as 'php occ ldap:set-config s01 ldapConfigurationActive "1"'
run_as 'php occ ldap:set-config s01 ldapExperiencedAdmin "0"'
run_as 'php occ ldap:set-config s01 ldapExpertUUIDUserAttr "${LDAP_USERNAME}"'
run_as 'php occ ldap:set-config s01 ldapLoginFilter "${LDAP_LOGIN_FILTER}"'
run_as 'php occ ldap:set-config s01 ldapUserFilter "${LDAP_USER_FILTER}"'
run_as 'php occ ldap:set-config s01 ldapGroupFilter "${LDAP_GROUP_FILTER}"'
run_as 'php occ ldap:set-config s01 ldapUserDisplayName "${LDAP_DISPLAYNAME}"'
run_as 'php occ ldap:set-config s01 ldapCacheTTL "300"'
run_as 'php occ ldap:set-config s01 ldapPagingSize "0"'
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "${ldapGroupFilterObjectclass}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupMemberAssocAttr "${ldapGroupMemberAssocAttr}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapUserFilterObjectclass "${ldapUserFilterObjectclass}"
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapEmailAttribute "${ldapEmailAttribute}"
else
run_as 'php occ app:disable user_ldap'
fi

0
docker/volume/nineboard/data/private/.gitkeep Normal file
View File

BIN
docker/volume/nineboard/data/public/avatar/admin.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.9 KiB

BIN
docker/volume/nineboard/data/public/avatar/system.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
docker/volume/nineboard/data/public/logo/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.2 KiB

0
docker/volume/ninegate/data/private/.gitkeep Normal file
View File

1
docker/volume/openldap/envole/changepassword.sh Executable file
View File

@ -0,0 +1 @@
ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "uid=$1,ou=users,ou=ninegate,dc=envole,dc=org"

26
docker/volume/openldap/envole/init.sh
View File

@ -1,24 +1,10 @@
#!/bin/bash
if [[ "${MASTERIDENTITY}" == "SQL" ]]
if [[ ! -f /bitnami/openldap/.isinit ]]
then
# Modification compte cn=admin pour changer son password si besoin
# slappasswd -h {SHA} -s ${LDAP_PASSWORD} > /tmp/cnpwd.txt
# haspassword=`cat /tmp/cnpwd.txt`
# echo "dn: ${LDAP_USER}" > /tmp/cnadmin.ldif
# echo "changetype: modify" >> /tmp/cnadmin.ldif
# echo "replace: userPassword" >> /tmp/cnadmin.ldif
# echo "userPassword: ${haspassword}" >> /tmp/cnadmin.ldif
# ldapmodify -Y EXTERNAL -H ldapi:/// -f '/tmp/cnadmin.ldif'
# Modification compte uid=admin pour changer son password si besoin
# slappasswd -h {SHA} -s ${ADMIN_PASSWORD} > /tmp/uidpwd.txt
# haspassword=`cat /tmp/uidpwd.txt`
# echo "dn: uid=${ADMIN_USER},${LDAP_BASEUSER}" > /tmp/uidpwd.ldif
# echo "changetype: modify" >> /tmp/uidpwd.ldif
# echo "replace: userPassword" >> /tmp/uidpwd.ldif
# echo "userPassword: ${haspassword}" >> /tmp/uidpwd.ldif
# ldapmodify -Y EXTERNAL -H ldapi:/// -f '/tmp/uidpwd.ldif'
echo ""
echo "Initialisation annuaire"
echo ""
# Suppression de l'entrée users généré automatiquement par l'image docker bitnami/openldap
ldapdelete ou=users,${LDAP_BASEDN} -r -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} 2>/dev/null
@ -26,5 +12,7 @@ then
# Integration du ldif de base
ldapadd -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -f '/envole/ldif/cadoles.ldif' 2>/dev/null
/envole/changepassword.sh admin ${ADMIN_PASSWORD}
fi
touch /bitnami/openldap/.isinit
fi

1
docker/volume/openldap/envole/ldif/cadoles.ldif
View File

@ -61,7 +61,6 @@ givenname: Administrateur
mail: admin@no-reply.fr
siren: 0000000A
niveau01: envole
parger: 1
userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2

3
envole.mk
View File

@ -3,4 +3,5 @@
#
# Override plugin destination
docker_REC_DIR = $(DESTDIR)/usr/share/envole/docker
docker_REC_DIR := $(DESTDIR)/usr/share/envole/docker
creole_DATA_DIR := $(DESTDIR)/usr/share/creole/funcs

2
eole.mk
View File

@ -157,7 +157,7 @@ install:: install-dirs install-files install-lang
# $3 = destination directory
define fc_install_file
if [ -d $2 ]; then \
for file in `ls -1 $2/`; do \
for file in `ls -A1 $2/`; do \
$1 $2/$$file $3 || true; \
done; \
fi

22
misc/apache/envole.conf Normal file
View File

@ -0,0 +1,22 @@
ProxyPass /auth http://envole.local:8080/auth retry=0 keepalive=On
ProxyPassReverse /auth http://envole.local:8080/auth retry=0
ProxyPass /ninegate http://envole.local:9000/ninegate retry=0 keepalive=On
ProxyPassReverse /ninegate http://envole.local:9000/ninegate retry=0
ProxyPass /wssninegate ws://envole.local:9000/wssninegate retry=0 keepalive=On
ProxyPassReverse /wssninegate ws://envole.local:9000/wssninegate retry=0
ProxyPass /nextcloud http://envole.local:9001 retry=0 keepalive=On
ProxyPassReverse /nextcloud http://envole.local:9001 retry=0
ProxyPass /adminer http://envole.local:9100 retry=0 keepalive=On
ProxyPassReverse /adminer http://envole.local:9100 retry=0
ProxyPass /phpldapadmin http://envole.local:9101/phpldapadmin retry=0 keepalive=On
ProxyPassReverse /phpldapadmin http://envole.local:9101/phpldapadmin retry=0
ProxyPass /nineapache http://envole.local:9102 retry=0 keepalive=On
ProxyPassReverse /nineapache http://envole.local:9102 retry=0

3
misc/nextcloud/containers/nextcloud/Dockerfile Executable file
View File

@ -0,0 +1,3 @@
FROM nextcloud:apache
RUN apt-get update && apt-get install -y procps smbclient && rm -rf /var/lib/apt/lists/*

9
misc/nextcloud/docker-compose.yml Executable file
View File

@ -0,0 +1,9 @@
version: '3'
services:
nextcloud:
build:
context: ./containers/nextcloud
image: reg.cadoles.com/envole/nextcloud
container_name: nextcloud

0
docker/misc/nineapache7/containers/nineapache/Dockerfile → misc/nineapache7/containers/nineapache/Dockerfile
View File

0
docker/misc/nineapache7/containers/nineapache/apache.conf → misc/nineapache7/containers/nineapache/apache.conf
View File

0
docker/misc/nineapache7/containers/nineapache/apache2.sh → misc/nineapache7/containers/nineapache/apache2.sh
View File

0
docker/misc/nineapache7/containers/nineapache/index.php → misc/nineapache7/containers/nineapache/index.php
View File

0
docker/misc/nineapache7/containers/nineapache/php.local.ini → misc/nineapache7/containers/nineapache/php.local.ini
View File

0
docker/misc/nineapache7/containers/nineapache/ssl.conf → misc/nineapache7/containers/nineapache/ssl.conf
View File

0
docker/misc/nineapache7/docker-compose.yml → misc/nineapache7/docker-compose.yml
View File

0
docker/misc/nineapache8/containers/nineapache/Dockerfile → misc/nineapache8/containers/nineapache/Dockerfile
View File

0
docker/misc/nineapache8/containers/nineapache/apache.conf → misc/nineapache8/containers/nineapache/apache.conf
View File

0
docker/misc/nineapache8/containers/nineapache/apache2.sh → misc/nineapache8/containers/nineapache/apache2.sh
View File

0
docker/misc/nineapache8/containers/nineapache/index.php → misc/nineapache8/containers/nineapache/index.php
View File

0
docker/misc/nineapache8/containers/nineapache/php.local.ini → misc/nineapache8/containers/nineapache/php.local.ini
View File

0
docker/misc/nineapache8/containers/nineapache/ssl.conf → misc/nineapache8/containers/nineapache/ssl.conf
View File

0
docker/misc/nineapache8/docker-compose.yml → misc/nineapache8/docker-compose.yml
View File

186
misc/tools/e-ihm.sh Executable file
View File

@ -0,0 +1,186 @@
#!/bin/bash
TPUT=/usr/bin/tput
#test si TPUT est utilisable
if [ ! "$TERM" = "" ] && $TPUT hpa 60 >/dev/null 2>&1 && $TPUT setaf 1 >/dev/null 2>&1; then
FANCYTTY=1
else
FANCYTTY=0
fi
Pause() {
if [ "$ModeTxt" == "yes" ];then
echo
elif [ "$ModeEad" == "yes" ];then
echo "<br>"
else
[ $FANCYTTY = 1 ] && $TPUT setaf 6
echo " Appuyez sur Entrée pour continuer ..."
[ $FANCYTTY = 1 ] && $TPUT sgr0
read BiDon
fi
}
Echo() {
if [ "$ModeEad" != "yes" ];
then
echo "$1"
else
echo "$1<br>"
fi
}
EchoColor() {
if [ "$ModeTxt" = "yes" ];then
echo "$1"
elif [ "$ModeEad" = "yes" ];then
echo "<FONT color=\"$3\"> $1 </FONT><br>"
else
[ "$FANCYTTY" = 1 ] && $TPUT setaf $2
echo "$1"
[ "$FANCYTTY" = 1 ] && $TPUT sgr0
fi
}
EchoRouge() {
EchoColor "$1" "1" "red"
}
EchoVert() {
EchoColor "$1" "2" "green"
}
EchoOrange() {
EchoColor "$1" "3" "orange"
}
EchoBleu() {
EchoColor "$1" "4" "blue"
}
EchoMagenta() {
EchoColor "$1" "5" "magenta"
}
EchoCyan() {
EchoColor "$1" "6" "cyan"
}
EchoBlanc() {
EchoColor "$1" "7" "white"
}
EchoGras() {
if [ "$ModeTxt" == "yes" ];then
echo "$1"
elif [ "$ModeEad" == "yes" ];then
echo "<b> $1 </b><br>"
else
[ $FANCYTTY = 1 ] && $TPUT bold
echo "$1"
[ $FANCYTTY = 1 ] && $TPUT sgr0
fi
}
Clear() {
if [ "$ModeEad" != "yes" -a "$ModeTxt" != "yes" ];then
clear
fi
}
Question_ouinon() {
#attention, il faut synchroniser les modifications avec /usr/share/pyshared/pyeole/ihm.py
question=$1
[ "$2" = "" ] && interactive='True' || interactive=$2
[ "$3" = "" ] && default="non" || default=$3
[ "$4" = "" ] && level="info" || level=$4
[ "$5" = "" ] && default_uninteractive=$default || default_uninteractive=$5
[ ! "$interactive" = "True" ] && [ ! "$interactive" = "False" ] && echo "Question_ouinon : interactive doit être True ou False" && exit 1
[ ! "$default" = "oui" ] && [ ! "$default" = "non" ] && echo "Question_ouinon : default doit etre oui ou non" && exit 1
[ ! "$default_uninteractive" = "oui" ] && [ ! "$default_uninteractive" = "non" ] && echo "Question_ouinon : default_uninteractive doit etre oui ou non" && exit 1
[ ! "$level" = "info" ] && [ ! "$level" = "warn" ] && [ ! "$level" = "err" ] && echo "Question_ouinon : level doit etre info, warn ou err" && exit 1
#non interactive
if [ "$interactive" = "False" ]; then
Rep=default_uninteractive
else
question="$question [oui/non]"
if [ $level = "info" ]; then
echo "$question"
elif [ $level = "warn" ]; then
EchoOrange "$question"
else
EchoRouge "$question"
fi
echo -n "[$default] : "
read Rep
#passe en minuscule
Rep=`echo $Rep | tr A-Z a-z`
fi
if [ "$default" = "non" ]; then
if [ "$Rep" = "oui" -o "$Rep" = "o" -o "$Rep" = "yes" -o "$Rep" = "y" ];then
return 0
else
return 1
fi
else
if [ "$Rep" = "non" -o "$Rep" = "n" -o "$Rep" = "no" ];then
return 1
else
return 0
fi
fi
}
EchoStart() {
for i in $(eval echo "{1..30}")
do
ligne+="="
done
clear
}
BigTitle(){
size=`tput cols`
nb=${#1}
nbchar=$(($size - $nb - 4))
ligne=""
for i in $(eval echo "{1..$size}")
do
ligne+="="
done
finligne=""
for i in $(eval echo "{1..$nbchar}")
do
finligne+="="
done
echo
EchoVert $ligne
EchoVert "== $1 $finligne"
EchoVert $ligne
echo
}
Title(){
size=`tput cols`
nb=${#1}
nbchar=$(($size - $nb - 4))
ligne=""
for i in $(eval echo "{1..$size}")
do
ligne+="="
done
finligne=""
for i in $(eval echo "{1..$nbchar}")
do
finligne+="="
done
echo
EchoCyan "== $1 $finligne"
echo
}

31
misc/tools/e-reconfigure.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
. /usr/share/envole/docker/misc/e-ihm.sh
RunCmd=CreoleRun
clear
BigTitle "RECONFIGURE ENVOLE"
container_path_web=$(CreoleGet container_path_web non)
Title "Rafraichissement creoled"
service creoled restart
Title "Generation templates"
FILES="/usr/share/eole/creole/distrib/envole*"
for f in $FILES
do
if [ -f "$f" ]
then
EchoVert $(basename $f)
CreoleCat -t $(basename $f)
fi
done
Title "Restart apache"
service apache2 restart
if [[ "$1" != "refresh" ]]
then
chmod +x $container_path_web/usr/share/envole/docker/envole.sh
$RunCmd "envole $1 $2" web
fi

67
misc/wordpress/containers/volume/entrypoint.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
set -eo pipefail
cd /app/public
if [[ ! -f /app/public/wp-config.php ]]
then
wp config create \
--allow-root \
--dbhost="${WORDPRESS_DB_HOST}" \
--dbname="${WORDPRESS_DB_NAME}" \
--dbuser="${WORDPRESS_DB_USER}" \
--dbpass="${WORDPRESS_DB_PASSWORD}" \
--dbcharset="utf8mb4" \
--locale="fr_FR"
fi
wp core multisite-install \
--allow-root \
--url="${WORDPRESS_PROTOCOL}://${WORDPRESS_DOMAINE}" \
--title="${WORDPRESS_TITLE}" \
--admin_user="${WORDPRESS_USER}" \
--admin_password="${WORDPRESS_PASSWORD}" \
--admin_email="${WORDPRESS_EMAIL}" \
--skip-email
wp config set --allow-root DB_HOST ${WORDPRESS_DB_HOST}
wp config set --allow-root DB_NAME ${WORDPRESS_DB_NAME}
wp config set --allow-root DB_USER ${WORDPRESS_DB_USER}
wp config set --allow-root DB_PASSWORD ${WORDPRESS_DB_PASSWORD}
wp config set --allow-root WP_HOME ${WORDPRESS_PROTOCOL}://${WORDPRESS_DOMAINE}${WORDPRESS_ALIAS}
wp config set --allow-root WP_SITEURL ${WORDPRESS_PROTOCOL}://${WORDPRESS_DOMAINE}${WORDPRESS_ALIAS}
wp config set --allow-root WP_ALLOW_MULTISITE true
wp config set --allow-root MULTISITE true
wp config set --allow-root SUBDOMAIN_INSTALL false
wp config set --allow-root DOMAIN_CURRENT_SITE ${WORDPRESS_DOMAINE}
wp config set --allow-root PATH_CURRENT_SITE ${WORDPRESS_ALIAS}
wp config set --allow-root FORCE_ADMIN_SSL false
wp config set --allow-root SITE_ID_CURRENT_SITE 1
wp config set --allow-root BLOG_ID_CURRENT_SITE 1
# On fait croire à WP qu'il est en https
if grep -qF "_SERVER['HTTPS']='on'" "wp-config.php"; then
if [[ "${WORDPRESS_PROTOCOL}" == "https" ]]
then
echo "FORCE HTTPS already set"
fi
else
if [[ "${WORDPRESS_PROTOCOL}" == "https" ]]
then
echo "FORCE HTTPS set"
head -n 1 "wp-config.php" > "wp-config.tmp"
echo "\$_SERVER['HTTPS']='on';" >> "wp-config.tmp"
tail -n +2 "wp-config.php" >> "wp-config.tmp"
mv "wp-config.tmp" "wp-config.php"
fi
fi
# Mise à jour theme / plugin / network
wp theme update --allow-root --all
wp plugin update --allow-root --all
wp core update-db --network
exec $@

25
misc/wordpress/containers/wordpress/Dockerfile Executable file
View File

@ -0,0 +1,25 @@
FROM reg.cadoles.com/envole/nineapache:8.1
# Paquet necessaire pour wordpress
RUN apk add php81-mysqli
# Installation de wp-cli
COPY wp-cli.phar /usr/local/bin/wp
RUN chmod +x /usr/local/bin/wp
# Configuration apache
RUN cd /app/public
COPY apache.conf /etc/apache2/conf.d/zapp.conf
# Installation des sources wordpress
RUN wp core download --path=/app/public --locale=fr_FR
RUN chown -R apache:apache /app/public
RUN find /app/public -type d -exec chmod 755 {} +
RUN find /app/public -type f -exec chmod 644 {} +
RUN mkdir /docker
COPY entrypoint.sh /docker/entrypoint.sh
RUN chmod +x /docker/entrypoint.sh
# CMD
CMD /docker/entrypoint.sh && /etc/apache2/apache2.sh

24
misc/wordpress/containers/wordpress/apache.conf Normal file
View File

@ -0,0 +1,24 @@
LoadModule rewrite_module modules/mod_rewrite.so
ServerName nineapache.local
DocumentRoot "/app/public"
Alias /wordpress /app/public
<Directory "/app/public">
Options FollowSymLinks
AllowOverride Limit Options FileInfo
DirectoryIndex index.php
Require all granted
RewriteEngine On
RewriteBase /wordpress/
RewriteRule ^index\.php$ - [L]
# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
RewriteRule ^([_0-9a-zA-Z-]+/)?(.*\.php)$ $2 [L]
RewriteRule . index.php [L]
</Directory>

89
misc/wordpress/containers/wordpress/entrypoint.sh Executable file
View File

@ -0,0 +1,89 @@
#!/bin/bash
set -eo pipefail
cd /app/public
if [[ ! -f /app/public/wp-config.php ]]
then
wp config create \
--allow-root \
--dbhost="${WORDPRESS_DB_HOST}" \
--dbname="${WORDPRESS_DB_NAME}" \
--dbuser="${WORDPRESS_DB_USER}" \
--dbpass="${WORDPRESS_DB_PASSWORD}" \
--dbcharset="utf8mb4" \
--locale="fr_FR"
fi
wp config set --allow-root DB_HOST ${WORDPRESS_DB_HOST}
wp config set --allow-root DB_NAME ${WORDPRESS_DB_NAME}
wp config set --allow-root DB_USER ${WORDPRESS_DB_USER}
wp config set --allow-root DB_PASSWORD ${WORDPRESS_DB_PASSWORD}
wp config set --allow-root WP_HOME ${WORDPRESS_PROTOCOL}://${WORDPRESS_DOMAINE}${WORDPRESS_ALIAS}
wp config set --allow-root WP_SITEURL ${WORDPRESS_PROTOCOL}://${WORDPRESS_DOMAINE}${WORDPRESS_ALIAS}
wp config set --allow-root WP_ALLOW_MULTISITE true
wp config set --allow-root MULTISITE true
wp config set --allow-root SUBDOMAIN_INSTALL false
wp config set --allow-root DOMAIN_CURRENT_SITE ${WORDPRESS_DOMAINE}
wp config set --allow-root PATH_CURRENT_SITE ${WORDPRESS_ALIAS}
wp config set --allow-root FORCE_ADMIN_SSL false
wp config set --allow-root SITE_ID_CURRENT_SITE 1
wp config set --allow-root BLOG_ID_CURRENT_SITE 1
# On fait croire à WP qu'il est en https
if grep -qF "_SERVER['HTTPS']='on'" "wp-config.php"; then
if [[ "${WORDPRESS_PROTOCOL}" == "https" ]]
then
echo "FORCE HTTPS already set"
fi
else
if [[ "${WORDPRESS_PROTOCOL}" == "https" ]]
then
echo "FORCE HTTPS set"
head -n 1 "wp-config.php" > "wp-config.tmp"
echo "\$_SERVER['HTTPS']='on';" >> "wp-config.tmp"
tail -n +2 "wp-config.php" >> "wp-config.tmp"
mv "wp-config.tmp" "wp-config.php"
fi
fi
# Install multisite
wp core multisite-install \
--allow-root \
--url="${WORDPRESS_PROTOCOL}://${WORDPRESS_DOMAINE}" \
--title="${WORDPRESS_TITLE}" \
--admin_user="${WORDPRESS_USER}" \
--admin_password="${WORDPRESS_PASSWORD}" \
--admin_email="${WORDPRESS_EMAIL}" \
--skip-email
# Switch language
echo "== Switch languange"
wp language core install fr_FR
wp site switch-language fr_FR
# Install plugin
#if [[ "${MODE_AUTH}" == "CAS" && "${CAS_ACTIVATE}" == "1" ]]
#then
# wp plugin install wp-cassify
# wp plugin activate wp-cassify --network
#else
# wp plugin delete wp-cassify
#fi
# Mise à jour theme / plugin / network
wp theme install twentytwentyfour --allow-root
wp theme update --allow-root --all
wp plugin update --allow-root --all
wp language core update
wp language theme update --all
wp language plugin update --all
# Mise à jour du network
wp core update-db --network
exec $@

BIN
misc/wordpress/containers/wordpress/wp-cli.phar Normal file
View File

Binary file not shown.

52
misc/wordpress/docker-compose.yml Executable file
View File

@ -0,0 +1,52 @@
version: '3'
services:
mariadb:
image: mariadb
container_name: wordpress-mariadb
restart: always
ports:
- "3306:3306"
environment:
MYSQL_ROOT_PASSWORD: changeme
MYSQL_DATABASE: wordpress
MYSQL_USER: user
MYSQL_PASSWORD: changeme
volumes:
- mariadb-data:/var/lib/mysql
wordpress:
build:
context: ./containers/wordpress
image: reg.cadoles.com/envole/wordpress
container_name: wordpress-app
restart: always
depends_on:
- mariadb
ports:
- "9003:80"
environment:
- WORDPRESS_DB_HOST=mariadb
- WORDPRESS_DB_NAME=wordpress
- WORDPRESS_DB_USER=user
- WORDPRESS_DB_PASSWORD=changeme
- WORDPRESS_TITLE=wordpress
- WORDPRESS_USER=admin
- WORDPRESS_PASSWORD=changeme
- WORDPRESS_EMAIL=admin@noreply.fr
- WORDPRESS_PROTOCOL=https
- WORDPRESS_DOMAINE=eolebase.ac-test.fr
- WORDPRESS_ALIAS=/wordpress/
#volumes:
# - ./containers/data:/app/public/wp-content/plugins/wp-cas
adminer:
image: docker.io/library/adminer
container_name: wordpress-adminer
restart: always
ports:
- 9100:8080
volumes:
mariadb-data:

6
postservice/99-envole Normal file
View File

@ -0,0 +1,6 @@
#!/bin/bash
RunCmd=CreoleRun
container_path_web=$(CreoleGet container_path_web non)
chmod +x $container_path_web/usr/share/envole/docker/envole.sh
$RunCmd "cd /usr/share/envole/docker && ./envole.sh" web

10
tmpl/envole-apache.conf
View File

@ -1,3 +1,5 @@
ProxyPass /auth http://0.0.0.0:8080/auth retry=0 keepalive=On
ProxyPassReverse /auth http://0.0.0.0:8080/auth retry=0
ProxyPass /ninegate http://0.0.0.0:9000/ninegate retry=0 keepalive=On
ProxyPassReverse /ninegate http://0.0.0.0:9000/ninegate retry=0
@ -7,6 +9,14 @@ ProxyPassReverse /wssninegate ws://0.0.0.0:9000/wssninegate retry=0
ProxyPass /nextcloud http://0.0.0.0:9001 retry=0 keepalive=On
ProxyPassReverse /nextcloud http://0.0.0.0:9001 retry=0
ProxyPass /nineboard http://0.0.0.0:9002/nineboard retry=0 keepalive=On
ProxyPassReverse /nineboard http://0.0.0.0:9002/nineboard retry=0
ProxyPass /wssnineboard ws://0.0.0.0:9002/wssnineboard retry=0 keepalive=On
ProxyPassReverse /wssnineboard ws://0.0.0.0:9002/wssnineboard retry=0
ProxyPass /wordpress http://0.0.0.0:9003/wordpress retry=0 keepalive=On
ProxyPassReverse /wordpress http://0.0.0.0:9003/wordpress retry=0
ProxyPass /adminer http://0.0.0.0:9100 retry=0 keepalive=On
ProxyPassReverse /adminer http://0.0.0.0:9100 retry=0

7
tmpl/envole-nextcloud.env
View File

@ -1,7 +1,6 @@
#-- LOCAL
#-- LOCAL ---------------------------------------------------------------------------------------------------------------------------------
NEXTCLOUD_ACTIVATE=1
NEXTCLOUD_ALIAS=/nextcloud
NEXTCLOUD_URL=${WEB_PROTOCOL}://${WEB_URL}/nextcloud
NEXTCLOUD_URL=${PROTOCOLE}://${WEB_URL}/nextcloud
NEXTCLOUD_SAMBA=%%getBool(%%getVar("nextcloud_samba", "non"))

27
tmpl/envole-nextcloud.mount Normal file
View File

@ -0,0 +1,27 @@
[
{
"mount_id": 1,
"mount_point": "\/Envole",
"storage": "\\OCA\\Files_External\\Lib\\Storage\\SMB",
"authentication_type": "password::userprovided",
"configuration": {
"check_acl": true,
"domain": "%%getVar('nextcloud_samba_domaine','')",
"host": "%%getVar('nextcloud_samba_host','')",
"root": "",
"share": "%%getVar('nextcloud_samba_name','')",
"show_hidden": false,
"timeout": ""
},
"options": {
"enable_sharing": false,
"encoding_compatibility": false,
"encrypt": true,
"filesystem_check_changes": 1,
"previews": true,
"readonly": false
},
"applicable_users": [],
"applicable_groups": []
}
]

21
tmpl/envole-nineboard.env Normal file
View File

@ -0,0 +1,21 @@
#-- LOCAL ---------------------------------------------------------------------------------------------------------------------------------
APP_WEBURL=${WEB_URL}
APP_SECRET=%%getVar("nineboard_secret","changeme")
APP_ALIAS=nineboard/
%if %%getVar("activer_ninegate", "non") == "oui"
APP_MASTERIDENTITY=Ninegate
APP_MASTERURL=${NINEGATE_URL}
APP_MASTERKEY=%%getVar("ninegate_secret","")
%else
%if %%getVar("activer_openldap", "non") == "oui"
APP_MASTERIDENTITY=LDAP
LDAP_MODEL=${LDAP_TEMPLATE}
LDAP_FILTERGROUP=${LDAP_GROUP_FILTER}
LDAP_FILTERUSER=${LDAP_USER_FILTER}
%end if
%end if

9
tmpl/envole-ninegate.env Normal file
View File

@ -0,0 +1,9 @@
#-- LOCAL ---------------------------------------------------------------------------------------------------------------------------------
ALIAS=ninegate/
WEBURL=${WEB_URL}
APP_SECRET=%%getVar("ninegate_secret","changeme")
FORCE_THEME=%%getBool(%%getVar("ninegate_forcetheme", "non"))
FORCE_THEMENAME=%%getVar("ninegate_forcethemename", "")

2
tmpl/envole-phpldapadmin.env
View File

@ -1,7 +1,7 @@
#-- LOCAL
PHPLDAPADMIN_ACTIVATE=1
PHPLDAPADMIN_LDAP_HOSTS=ldap://${LDAP_HOST}:${LDAP_PORT}
PHPLDAPADMIN_URL=/phpldapadmin
PHPLDAPADMIN_SERVER_PATH=${PHPLDAPADMIN_URL}

18
tmpl/envole-realm.json
View File

@ -435,16 +435,16 @@
"id": "133d3397-41e7-4ec1-aaf0-a0939da72f58",
"clientId": "envole",
"name": "envole",
"rootUrl": "https://eolebase.ac-test.fr",
"baseUrl": "https://eolebase.ac-test.fr",
"rootUrl": "https://%%getVar("web_url", 'localhost')",
"baseUrl": "https://%%getVar("web_url", 'localhost')",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
"clientAuthenticatorType": "client-secret",
"secret": "**********",
"redirectUris": [
"http://eolebase.ac-test.fr*",
"https://eolebase.ac-test.fr*"
"http://%%getVar("web_url", 'localhost')*",
"https://%%getVar("web_url", 'localhost')*"
],
"webOrigins": [],
"notBefore": 0,
@ -1594,7 +1594,7 @@
"true"
],
"usersDn": [
"ou=users,ou=ninegate,dc=envole,dc=org"
"%%getVar("openldap_basedn", 'dc=envole,dc=org')"
],
"cachePolicy": [
"DEFAULT"
@ -1612,13 +1612,13 @@
"uid"
],
"bindCredential": [
"changeme"
"%%getVar("openldap_password", '')"
],
"changedSyncPeriod": [
"-1"
],
"bindDn": [
"cn=admin,dc=envole,dc=org"
"cn=%%getVar("openldap_user", 'admin'),%%getVar("openldap_basedn", 'dc=envole,dc=org')"
],
"lastSync": [
"1698698495"
@ -1630,7 +1630,7 @@
"entryUUID"
],
"connectionUrl": [
"ldap://openldap:1389"
"ldap://%%getVar("openldap_host", 'openldap'):%%getVar("openldap_port", '1389')"
],
"allowKerberosAuthentication": [
"false"
@ -1645,7 +1645,7 @@
"false"
],
"searchScope": [
"1"
"2"
],
"useTruststoreSpi": [
"ldapsOnly"

109
tmpl/envole.env
View File

@ -1,45 +1,90 @@
#-- LOCAL
#-- LOCAL ---------------------------------------------------------------------------------------------------------------------------------
# GLOBAL
RELEASE_SYSTEM=eole
WEB_URL=eolebase.ac-test.fr
WEB_PROTOCOL=https
WEB_URL=%%getVar('web_url','')
PROTOCOLE=https
MASTERIDENTITY=%%getVar('envole_masteridentity','')
MODE_AUTH=%%getVar('envole_modeauth','')
MASTERIDENTITY=LDAP
MODE_AUTH=CAS
LDAP_ACTIVATE=1
LDAP_LOCAL=0
LDAP_HOST=scribe.ac-test.fr
LDAP_PORT=389
LDAP_USER="cn=reader,o=gouv,c=fr"
LDAP_PASSWORD="uom1eiyighievuli7phahphoh2jieChaebah9owu4aeph0maitiYeiph"
LDAP_BASEDN="o=gouv,c=fr"
LDAP_SYNC=0
LDAP_BASEUSER="o=gouv,c=fr"
LDAP_BASENIVEAU01="o=gouv,c=fr"
LDAP_BASENIVEAU02="o=gouv,c=fr"
LDAP_BASEGROUP="o=gouv,c=fr"
LDAP_TEMPLATE=scribe
SCRIBE_GROUP=1
SCRIBE_MASTER=1
# ANNUAIRE
LDAP_ACTIVATE=%%getBool(%%getVar("activer_openldap", "non"))
LDAP_LOCAL=%%getBool(%%getVar("openldap_local", "non"))
LDAP_HOST=%%getVar("openldap_host", 'openldap')
LDAP_PORT=%%getVar("openldap_port", '1389')
LDAP_TLS=%%getBool(%%getVar("openldap_tls", "non"))
LDAP_BASEDN="%%getVar("openldap_basedn", 'dc=envole,dc=org')"
LDAP_ADMIN_USERNAME=%%getVar("openldap_user", 'admin')
LDAP_USER="cn=%%getVar("openldap_user", 'admin'),%%getVar("openldap_basedn", 'dc=envole,dc=org')"
LDAP_PASSWORD="%%getVar("openldap_password", '')"
# SYNCHRONISATION ANNUAIRE<>NINEGATE
LDAP_SYNC=%%getBool(%%getVar("ninegate_syncldap", "non"))
%if %%getVar("ninegate_syncldap", "non") == "non"
LDAP_TEMPLATE=%%getVar("openldap_ldaptemplate", '')
%if %%getVar("openldap_ldaptemplate", '') == "scribe"
SCRIBE_GROUP=%%getBool(%%getVar("ninegate_scribegroup", "non"))
SCRIBE_MASTER=%%getBool(%%getVar("ninegate_scribemaster", "non"))
LDAP_BASEUSER="%%getVar("openldap_basedn","")"
LDAP_BASENIVEAU01="%%getVar("openldap_basedn","")"
LDAP_BASENIVEAU02="%%getVar("openldap_basedn","")"
LDAP_BASEGROUP="%%getVar("openldap_basedn","")"
%end if
%if %%getVar("openldap_ldaptemplate", '') == "open"
OPENLDAPREQNIVEAU01=%%getVar("ninegate_openldapreqniveau01","")
OPENLDAPSYNCHROGROUP=%%getBool(%%getVar("ninegate_openldapsynchrogroup", "non"))
OPENLDAPREQGROUP=%%getVar(%%ninegate_openldapreqgroup,"")
LDAP_BASENIVEAU01="%%ldap_base_dn"
LDAP_BASENIVEAU02="%%ldap_base_dn"
LDAP_BASEUSER="%%getVar(%%ninegate_openldapsubbranchuser,%%getVar(%%ldap_base_dn,""))"
LDAP_BASEGROUP="%%getVar(%%ninegate_openldapsubbranchgroup,%%getVar(%%ldap_base_dn,""))"
%end if
%end if
# CAS
%if %%getVar("envole_modeauth", '') == "CAS"
CAS_ACTIVATE=1
CAS_LOCAL=0
CAS_HOST=scribe.ac-test.fr
CAS_PORT=443
CAS_PATH=/sso
CAS_URL=${WEB_PROTOCOL}://${CAS_HOST}:${CAS_PORT}
%else
CAS_ACTIVATE=0
%end if
CAS_LOCAL=%%getBool(%%getVar("cas_local", "non"))
CAS_HOST=%%getVar("cas_host", %%getVar("web_url"))
CAS_PORT=%%getVar("cas_port", "443")
CAS_PATH=%%getVar("cas_path", "/auth/realms/envole/protocol/cas")
CAS_URL=https://%%getVar("cas_host", %%getVar("web_url")):%%getVar("cas_port", "443")
CAS_PASSWORD=%%getVar("keycload_userpassword", "")
NINEGATE_ACTIVATE=1
NINEGATE_URL=/ninegate
# NINEGATE
NINEGATE_ACTIVATE=%%getBool(%%getVar("activer_ninegate", "non"))
NINEGATE_LOCAL=%%getBool(%%getVar("ninegate_local", "non"))
NINEGATE_URL=%%getVar("ninegate_url", "/ninegate")
ADMINER_ACTIVATE=1
ADMINER_URL=/adminer
# NINEBOARD
NINEBOARD_ACTIVATE=%%getBool(%%getVar("activer_nineboard", "non"))
NINEBOARD_LOCAL=%%getBool(%%getVar("nineboard_local", "non"))
NINEBOARD_URL=%%getVar("nineboard_url", "/nineboard")
# NEXTCLOUD
NEXTCLOUD_ACTIVATE=%%getBool(%%getVar("activer_nextcloud", "non"))
NEXTCLOUD_LOCAL=%%getBool(%%getVar("nextcloud_local", "non"))
NEXTCLOUD_URL=%%getVar("nextcloud_url", "/nextcloud")
# WORDPRESS
WORDPRESS_ACTIVATE=%%getBool(%%getVar("activer_wordpress", "non"))
WORDPRESS_LOCAL=%%getBool(%%getVar("wordpress_local", "non"))
WORDPRESS_URL=%%getVar("wordpress_url", "/wordpress")
NINEAPACHE_ACTIVATE=1
NINEAPACHE_URL=/nineapache
# ADMINER
ADMINER_ACTIVATE=%%getBool(%%getVar("activer_adminer", "non"))
ADMINER_LOCAL=1
ADMINER_URL="${PROTOCOLE}://${WEB_URL}/adminer/?server=${MARIADB_SERVICE_NAME}&username=${MARIADB_USER}"
# PHPLDAPADMIN
PHPLDAPADMIN_ACTIVATE=%%getBool(%%getVar("activer_phpldapadmin", "non"))
PHPLDAPADMIN_LOCAL=1
PHPLDAPADMIN_URL=/phpldapadmin
# GENCONFIG
GENCONFIG_ACTIVATE=%%getBool(%%getVar("activer_genconfig", "non"))
GENCONFIG_URL=/genconfig