Fixes (#283)

* make readme of owncloud more clear * clarify setup.sh * make user23 an admin by default * remove hard depenency on reg * add completed message * set more attributes on startup Signed-off-by: Felix Bartels <felix@host-consultants.de> * use cn instead of uid * add config for owncloud phoenix ui and openid plugin * add override for experimental feature endpoint * import kweb-calendar.cfg * experimental endpoint is yes/no * grapi also needs the ability to run insecure * grapi needs to resolve the domain, therefore needs to be in the web network
2025-06-07 16:06:14 +00:00 · 2019-11-12 22:23:38 +01:00 · 2019-11-12 22:23:38 +01:00 · d531ac4b1c
commit d531ac4b1c
parent 9bb7f04670
17 changed files with 95 additions and 12 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -27,3 +27,9 @@ indent_size = 4

 [*.ldif]
 indent_style = space
+
+[*.json]
+indent_style = space
+
+[*.php]
+indent_style = space
--- a/.gitignore
+++ b/.gitignore
@ -8,3 +8,4 @@ dive.log
 *.env
 docker-compose.override.yml
 build.tags
+kopano-calendar-*/
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -231,11 +231,13 @@ services:
    environment:
      - SERVICE_TO_START=grapi
      - TZ=${TZ}
-      - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=false
+      - KCCONF_GRAPI_INSECURE=${INSECURE}
+      - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=no
    env_file:
      - kopano_grapi.env
    networks:
      - kopano-net
+      - web-net

  kopano_kapi:
    image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}
--- a/ldap_demo/README.md
+++ b/ldap_demo/README.md
@ -17,4 +17,4 @@ Additionally the ldap tree is also prepared for multiserver installations (also
 $ docker-compose -f examples/kopano-multiserver.yml up
 ```

-Demo users created in the demo ldap all have a password that is identical to the username, e.g. the password for `user1` user `user1`.
+Demo users created in the demo ldap all have a password that is identical to the username, e.g. the password for `user1` user `user1`. The user `user23 is setup to be an admin within Kopano.`
--- a/ldap_demo/bootstrap/ldif/demo-users.ldif
+++ b/ldap_demo/bootstrap/ldif/demo-users.ldif
@ -4281,6 +4281,7 @@ objectClass: kopano-user
 uidNumber: 23
 userPassword:: dXNlcjIz
 kopanoAccount: 1
+kopanoAdmin: 1
 uid: user23
 mail: user23@{{ LDAP_DOMAIN }}
 kopanoAliases: Katarina@{{ LDAP_DOMAIN }}
--- a/owncloud/.gitignore
+++ b/owncloud/.gitignore
@ -0,0 +1,2 @@
+openidconnect
+phoenix
--- a/owncloud/99-ldap.sh
+++ b/owncloud/99-ldap.sh
@ -22,6 +22,10 @@ occ ldap:set-config s01 ldapBase ${LDAP_SEARCH_BASE}
 occ ldap:set-config s01 ldapUserFilter "(|(objectclass=kopano-user))"
 occ ldap:set-config s01 ldapLoginFilter "(&(|(objectclass=kopano-user))(uid=%uid))"
 occ ldap:set-config s01 ldapGroupFilter "(&(|(objectclass=kopano-group)))"
+occ ldap:set-config s01 ldapEmailAttribute "mail"
+occ ldap:set-config s01 ldapExpertUUIDUserAttr "entryuuid"
+occ ldap:set-config s01 ldapUserDisplayName "cn"
+occ ldap:set-config s01 ldapUserFilter "(|(objectclass=posixAccount))"
 occ ldap:set-config s01 ldapConfigurationActive 1

 /usr/bin/occ user:sync -m disable "OCA\User_LDAP\User_Proxy"
--- a/owncloud/README.md
+++ b/owncloud/README.md
@ -10,9 +10,9 @@ Example:
 COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml:owncloud/owncloud.yml
 ```

-2. run `owncloud.sh` to create the required runtime variables in your `.env` file.
+2. change into the owncloud folder and run `owncloud.sh` to create the required runtime variables in your `.env` file.

-3. run `docker-compose up -d` and you will be able to log into `https://your-fqdn/owncloud`.
+3. change back into the root of the checkout and run `docker-compose up -d` and you will be able to log into `https://your-fqdn/owncloud`.

 ## Further tweaks

--- a/owncloud/config.json
+++ b/owncloud/config.json
@ -0,0 +1,29 @@
+{
+  "server": "https://kopano.demo:2015/owncloud/",
+  "theme": "owncloud",
+  "version": "0.1.0",
+  "openIdConnect": {
+    "authority": "https://kopano.demo:2015/",
+    "client_id": "owncloud",
+    "client_secret": "owncloud",
+    "response_type": "id_token token",
+    "scope": "openid profile email"
+  },
+  "apps": [
+    "files"
+  ],
+  "menu": {
+    "items": [
+      {
+        "name": "Kopano Meet",
+        "url": "https://kopano.demo:2015/meet",
+        "iconMaterial": "hearing"
+      },
+      {
+        "name": "Kopano Webapp",
+        "url": "https://kopano.demo:2015/webapp/",
+        "iconMaterial": "transform"
+      }
+    ]
+  }
+}
--- a/owncloud/konnectd.config.php
+++ b/owncloud/konnectd.config.php
@ -0,0 +1,16 @@
+<?php
+$CONFIG = [
+  'loglevel' => 0,
+  'debug' => true,
+  'openid-connect' => [
+      'provider-url' => 'https://kopano.demo:2015',
+      'client-id' => 'ownCloud',
+      'client-secret' => 'ownCloud',
+      'loginButtonName' => 'kopano',
+      'autoRedirectOnLoginPage' => false,
+      'redirect-url' => 'https://kopano.demo:2015/owncloud/index.php/apps/openidconnect/redirect',
+      'mode' => 'email',
+      'search-attribute' => 'email',
+      'use-token-introspection-endpoint' => false
+  ],
+];
--- a/owncloud/owncloud-phoenix.yml
+++ b/owncloud/owncloud-phoenix.yml
@ -0,0 +1,8 @@
+version: "3.5"
+services:
+  owncloud:
+    volumes:
+      - ./owncloud/openidconnect/:/mnt/data/apps/openidconnect/
+      - ./owncloud/phoenix/:/mnt/data/apps/phoenix/
+      - ./owncloud/konnectd.config.php:/mnt/data/config/konnectd.config.php
+      - ./owncloud/config.json:/mnt/data/apps/phoenix/config.json
--- a/owncloud/owncloud.sh
+++ b/owncloud/owncloud.sh
@ -4,8 +4,7 @@ set -euo pipefail
 IFS=$'\n\t'

 if ! command -v reg > /dev/null; then
-	echo "Please install reg in order to run this script."
-	exit 1
+	echo "Please install reg to list available tags. You can only press enter when being asked for a tag."
 fi

 if [ ! -e ../.env ]; then
@ -94,6 +93,8 @@ update_env_file OWNCLOUD_ADMIN_USERNAME admin
 update_env_file OWNCLOUD_ADMIN_PASSWORD "$(random_string)"
 update_env_file MARIADB_ROOT_PASSWORD "$(random_string)"

+echo "Setup complete"
+
 if [ -e "$tmpfile" ]; then
 	rm "$tmpfile"
 fi
--- a/setup-update-tag.sh
+++ b/setup-update-tag.sh
@ -4,8 +4,7 @@ set -euo pipefail
 IFS=$'\n\t'

 if ! command -v reg > /dev/null; then
-	echo "Please install reg in order to run this script."
-	exit 1
+	echo "Please install reg to list available tags. You can only press enter when being asked for a tag."
 fi

 if [ ! -e ./.env ]; then
--- a/setup.sh
+++ b/setup.sh
@ -92,7 +92,7 @@ if [ ! -e ./.env ]; then

 	value_default="kopano.demo"
 	read -r -p "FQDN to be used (for reverse proxy).
-	Hint: use port 2015 in case port 443 is already in use on the system.
+	Hint: use $value_default:2015 (with your actual FQDN) in case port 443 is already in use on the system (it has to be 443 or 2015, other ports will not work).
 	[$value_default]: " new_value
 	FQDN=${new_value:-$value_default}

--- a/web/kweb-calendar.cfg
+++ b/web/kweb-calendar.cfg
@ -0,0 +1,2 @@
+staticpwa /calendar /usr/share/kopano-calendar/calendar-webapp
+root /var/www/
--- a/web/kweb-override.yml
+++ b/web/kweb-override.yml
@ -0,0 +1,10 @@
+version: "3.5"
+services:
+  web:
+    volumes:
+      - ./web/kweb-calendar.cfg:/etc/kweb-extras/kweb-calendar.cfg
+      - ./kopano-calendar-0.20.0/:/usr/share/kopano-calendar/
+      - ./kopano-calendar-0.20.0/config.json.in:/var/www/api/config/v1/kopano/calendar/config.json
+  kopano_grapi:
+    environment:
+      - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=yes
--- a/web/kweb.cfg
+++ b/web/kweb.cfg
@ -220,4 +220,6 @@
 		try_duration 30s
 	}
 	folderish /owncloud
+
+	import /etc/kweb-extras/*
 }