add example to run owncloud along with Kopano (#211)

* add example to run owncloud along with Kopano
* move ownloud files into dedicated folder
* add readme
* add script for ldap auto configuration

owncloud/99-ldap.sh

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+echo "Configuring LDAP for kopano-docker"
+
+set -x
+
+occ app:enable user_ldap
+occ ldap:show-config
+
+if [[ "$(occ ldap:show-config)" == "" ]]; then
+	su -c "php occ ldap:create-empty-config" www-data
+fi
+
+ldapHost=${LDAP_SERVER%:*}
+ldapPort=${LDAP_SERVER##*:}
+
+occ ldap:set-config s01 ldapHost ${ldapHost}
+occ ldap:set-config s01 ldapPort ${ldapPort}
+occ ldap:set-config s01 ldapAgentName ${LDAP_BIND_DN}
+occ ldap:set-config s01 ldapAgentPassword ${LDAP_BIND_PW}
+occ ldap:set-config s01 ldapBase ${LDAP_SEARCH_BASE}
+occ ldap:set-config s01 ldapUserFilter "(|(objectclass=kopano-user))"
+occ ldap:set-config s01 ldapLoginFilter "(&(|(objectclass=kopano-user))(uid=%uid))"
+occ ldap:set-config s01 ldapGroupFilter "(&(|(objectclass=kopano-group)))"
+occ ldap:set-config s01 ldapConfigurationActive 1
+
+/usr/bin/occ user:sync -m disable "OCA\User_LDAP\User_Proxy"
+
+cat << EOF >| /etc/cron.d/sync
+*/10  *  *  *  * root /usr/bin/occ user:sync -m disable 'OCA\User_LDAP\User_Proxy'
+EOF
+
+true

owncloud/README.md

@@ -0,0 +1,14 @@
+# Running kopano-docker together with Owncloud
+
+To have a demo environment that runs both Kopano and Owncloud perform the following modifications. This setup uses the official images from https://hub.docker.com/r/owncloud/server.
+
+1. Add the `owncloud.yml` to the `COMPOSE_FILE` variable in your `.env` file.
+
+Example:
+```
+COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml:owncloud/owncloud.yml
+```
+
+2. run `owncloud.sh` to create the required runtime variables in your `.env` file.
+
+3. run `docker-compose up -d` and you will be able to log into `https://your-fqdn/owncloud`.

owncloud/owncloud.sh

@@ -0,0 +1,96 @@
+#!/bin/bash
+
+set -euo pipefail
+IFS=$'\n\t'
+
+if ! command -v reg > /dev/null; then
+	echo "Please install reg in order to run this script."
+	exit 1
+fi
+
+if [ ! -e ../.env ]; then
+	echo "please run setup.sh first"
+	exit 1
+fi
+
+# this is a kind of ugly hack to be able to source the env file
+# this is sadly needed since postfix in https://github.com/tomav/docker-mailserver/ cannot deal with quoted values
+tmpfile=$(mktemp /tmp/kopano-docker-env.XXXXXX)
+cp ../.env "$tmpfile"
+sed -i '/LDAP_QUERY_FILTER/s/^/#/g' "$tmpfile"
+sed -i '/SASLAUTHD_LDAP_FILTER/s/^/#/g' "$tmpfile"
+# shellcheck disable=SC1090
+source "$tmpfile"
+
+fqdn_to_dn() {
+	printf 'dc=%s' "$1" | sed -E 's/\./,dc=/g'
+}
+
+random_string() {
+	hexdump -n 16 -v -e '/1 "%02X"' /dev/urandom
+}
+
+docker_tag_search () {
+	image="$1"
+	results=$(reg tags "$image" 2> /dev/null)
+	echo "$results" | xargs -n1 | sort --version-sort -ru
+}
+
+# function from https://stackoverflow.com/a/42790579/4754613
+selectWithDefault() {
+
+	local item i=0 numItems=$#
+
+	# Print numbered menu items, based on the arguments passed.
+	for item; do         # Short for: for item in "$@"; do
+		printf '%s\n' "$((++i))) $item"
+	done >&2 # Print to stderr, as `select` does.
+
+	# Prompt the user for the index of the desired item.
+	while :; do
+		printf %s "${PS3-#? }" >&2 # Print the prompt string to stderr, as `select` does.
+		read -r index
+		# Make sure that the input is either empty or that a valid index was entered.
+		[[ -z $index ]] && break  # empty input
+		(( index >= 1 && index <= numItems )) 2>/dev/null || { echo "Invalid selection. Please try again." >&2; continue; }
+		break
+	done
+
+	# Output the selected item, if any.
+	[[ -n $index ]] && printf %s "${@: index:1}"
+}
+
+update_env_file () {
+	varname="$1"
+	varvalue="$2"
+	if ! grep -q "$varname" ../.env; then
+		echo "$varname=$varvalue" >> ../.env
+	else
+		sed -i "/$varname/c $varname=$varvalue" ../.env
+	fi
+}
+
+tag_question () {
+	containername="$1"
+	value_default="$2"
+	description="$3"
+	echo "Which tag do you want to use for $description? [$value_default]"
+	echo "Available tags in $containername: "
+	set +e # do not exit when new_value is empty
+	# shellcheck disable=SC2046
+	new_value=$(selectWithDefault $(docker_tag_search "$containername"))
+	set -e
+	return_value=${new_value:-$value_default}
+}
+
+tag_question owncloud/server "${OWNCLOUD_VERSION:-latest}" "Owncloud"
+update_env_file OWNCLOUD_VERSION "$return_value"
+update_env_file OWNCLOUD_DB_USERNAME owncloud
+update_env_file OWNCLOUD_DB_PASSWORD "$(random_string)"
+update_env_file OWNCLOUD_ADMIN_USERNAME admin
+update_env_file OWNCLOUD_ADMIN_PASSWORD "$(random_string)"
+update_env_file MARIADB_ROOT_PASSWORD "$(random_string)"
+
+if [ -e "$tmpfile" ]; then
+	rm "$tmpfile"
+fi

owncloud/owncloud.yml

@@ -0,0 +1,87 @@
+# based on https://github.com/owncloud/docs/blob/4a04cd16a10a853bfab630e8a6450f722ac6ea86/modules/admin_manual/examples/installation/docker/docker-compose.yml
+version: "3.5"
+
+volumes:
+  oc_files:
+  oc_mysql:
+  oc_backup:
+  oc_redis:
+
+services:
+  owncloud:
+    image: owncloud/server:${OWNCLOUD_VERSION:-latest}
+    restart: always
+    depends_on:
+      - oc_db
+      - oc_redis
+      - ldap
+      - web
+    environment:
+      - OWNCLOUD_DOMAIN=${FQDN}
+      - OWNCLOUD_DB_TYPE=mysql
+      - OWNCLOUD_DB_NAME=owncloud
+      - OWNCLOUD_DB_USERNAME=${OWNCLOUD_DB_USERNAME}
+      - OWNCLOUD_DB_PASSWORD=${OWNCLOUD_DB_PASSWORD}
+      - OWNCLOUD_DB_HOST=oc_db
+      - OWNCLOUD_ADMIN_USERNAME=${OWNCLOUD_ADMIN_USERNAME}
+      - OWNCLOUD_ADMIN_PASSWORD=${OWNCLOUD_ADMIN_PASSWORD}
+      - OWNCLOUD_MYSQL_UTF8MB4=true
+      - OWNCLOUD_REDIS_ENABLED=true
+      - OWNCLOUD_REDIS_HOST=oc_redis
+      - OWNCLOUD_SUB_URL=/owncloud
+      - LDAP_SERVER=${LDAP_SERVER}
+      - LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE}
+      - LDAP_BIND_DN=${LDAP_BIND_DN}
+      - LDAP_BIND_PW=${LDAP_BIND_PW}
+    healthcheck:
+      test: ["CMD", "/usr/bin/healthcheck"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+    volumes:
+      - oc_files:/mnt/data
+      - ./owncloud/99-ldap.sh:/etc/owncloud.d/99-ldap.sh
+    networks:
+      - web-net
+      - owncloud-net
+      - ldap-net
+
+  oc_db:
+    image: webhippie/mariadb:latest
+    restart: always
+    environment:
+      - MARIADB_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD}
+      - MARIADB_USERNAME=${OWNCLOUD_DB_USERNAME}
+      - MARIADB_PASSWORD=${OWNCLOUD_DB_PASSWORD}
+      - MARIADB_DATABASE=owncloud
+      - MARIADB_MAX_ALLOWED_PACKET=128M
+      - MARIADB_INNODB_LOG_FILE_SIZE=64M
+    healthcheck:
+      test: ["CMD", "/usr/bin/healthcheck"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+    volumes:
+      - oc_mysql:/var/lib/mysql
+      - oc_backup:/var/lib/backup
+    networks:
+      - owncloud-net
+
+  oc_redis:
+    image: webhippie/redis:latest
+    restart: always
+    environment:
+      - REDIS_DATABASES=1
+    healthcheck:
+      test: ["CMD", "/usr/bin/healthcheck"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+    volumes:
+      - oc_redis:/var/lib/redis
+    networks:
+      - owncloud-net
+
+networks:
+  owncloud-net:
+    driver: bridge

web/kweb.cfg

@@ -205,4 +205,11 @@
 		transparent
 		keepalive 100
 	}
+	proxy /owncloud/ owncloud:8080 {
+		transparent
+		keepalive 0
+		fail_timeout 10s
+		try_duration 30s
+	}
+	folderish /owncloud
 }