Fixes (#283)

* make readme of owncloud more clear
* clarify setup.sh
* make user23 an admin by default
* remove hard depenency on reg
* add completed message
* set more attributes on startup

Signed-off-by: Felix Bartels <felix@host-consultants.de>

* use cn instead of uid
* add config for owncloud phoenix ui and openid plugin
* add override for experimental feature endpoint
* import kweb-calendar.cfg
* experimental endpoint is yes/no
* grapi also needs the ability to run insecure
* grapi needs to resolve the domain, therefore needs to be in the web network

.editorconfig

@@ -27,3 +27,9 @@ indent_size = 4
 
 [*.ldif]
 indent_style = space
+
+[*.json]
+indent_style = space
+
+[*.php]
+indent_style = space

.gitignore

@@ -8,3 +8,4 @@ dive.log
 *.env
 docker-compose.override.yml
 build.tags
+kopano-calendar-*/

docker-compose.yml

@@ -231,11 +231,13 @@ services:
     environment:
       - SERVICE_TO_START=grapi
       - TZ=${TZ}
-      - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=false
+      - KCCONF_GRAPI_INSECURE=${INSECURE}
+      - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=no
     env_file:
       - kopano_grapi.env
     networks:
       - kopano-net
+      - web-net
 
   kopano_kapi:
     image: ${docker_repo:-zokradonh}/kopano_core:${CORE_VERSION:-latest}

ldap_demo/README.md

@@ -17,4 +17,4 @@ Additionally the ldap tree is also prepared for multiserver installations (also
 $ docker-compose -f examples/kopano-multiserver.yml up
 ```
 
-Demo users created in the demo ldap all have a password that is identical to the username, e.g. the password for `user1` user `user1`.
+Demo users created in the demo ldap all have a password that is identical to the username, e.g. the password for `user1` user `user1`. The user `user23 is setup to be an admin within Kopano.`

ldap_demo/bootstrap/ldif/demo-users.ldif

@@ -4281,6 +4281,7 @@ objectClass: kopano-user
 uidNumber: 23
 userPassword:: dXNlcjIz
 kopanoAccount: 1
+kopanoAdmin: 1
 uid: user23
 mail: user23@{{ LDAP_DOMAIN }}
 kopanoAliases: Katarina@{{ LDAP_DOMAIN }}

owncloud/.gitignore

@@ -0,0 +1,2 @@
+openidconnect
+phoenix

owncloud/99-ldap.sh

@@ -22,6 +22,10 @@ occ ldap:set-config s01 ldapBase ${LDAP_SEARCH_BASE}
 occ ldap:set-config s01 ldapUserFilter "(|(objectclass=kopano-user))"
 occ ldap:set-config s01 ldapLoginFilter "(&(|(objectclass=kopano-user))(uid=%uid))"
 occ ldap:set-config s01 ldapGroupFilter "(&(|(objectclass=kopano-group)))"
+occ ldap:set-config s01 ldapEmailAttribute "mail"
+occ ldap:set-config s01 ldapExpertUUIDUserAttr "entryuuid"
+occ ldap:set-config s01 ldapUserDisplayName "cn"
+occ ldap:set-config s01 ldapUserFilter "(|(objectclass=posixAccount))"
 occ ldap:set-config s01 ldapConfigurationActive 1
 
 /usr/bin/occ user:sync -m disable "OCA\User_LDAP\User_Proxy"

owncloud/README.md

@@ -10,9 +10,9 @@ Example:
 COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml:owncloud/owncloud.yml
 ```
 
-2. run `owncloud.sh` to create the required runtime variables in your `.env` file.
+2. change into the owncloud folder and run `owncloud.sh` to create the required runtime variables in your `.env` file.
 
-3. run `docker-compose up -d` and you will be able to log into `https://your-fqdn/owncloud`.
+3. change back into the root of the checkout and run `docker-compose up -d` and you will be able to log into `https://your-fqdn/owncloud`.
 
 ## Further tweaks
 

owncloud/config.json

@@ -0,0 +1,29 @@
+{
+  "server": "https://kopano.demo:2015/owncloud/",
+  "theme": "owncloud",
+  "version": "0.1.0",
+  "openIdConnect": {
+    "authority": "https://kopano.demo:2015/",
+    "client_id": "owncloud",
+    "client_secret": "owncloud",
+    "response_type": "id_token token",
+    "scope": "openid profile email"
+  },
+  "apps": [
+    "files"
+  ],
+  "menu": {
+    "items": [
+      {
+        "name": "Kopano Meet",
+        "url": "https://kopano.demo:2015/meet",
+        "iconMaterial": "hearing"
+      },
+      {
+        "name": "Kopano Webapp",
+        "url": "https://kopano.demo:2015/webapp/",
+        "iconMaterial": "transform"
+      }
+    ]
+  }
+}

owncloud/konnectd.config.php

@@ -0,0 +1,16 @@
+<?php
+$CONFIG = [
+  'loglevel' => 0,
+  'debug' => true,
+  'openid-connect' => [
+      'provider-url' => 'https://kopano.demo:2015',
+      'client-id' => 'ownCloud',
+      'client-secret' => 'ownCloud',
+      'loginButtonName' => 'kopano',
+      'autoRedirectOnLoginPage' => false,
+      'redirect-url' => 'https://kopano.demo:2015/owncloud/index.php/apps/openidconnect/redirect',
+      'mode' => 'email',
+      'search-attribute' => 'email',
+      'use-token-introspection-endpoint' => false
+  ],
+];

owncloud/owncloud-phoenix.yml

@@ -0,0 +1,8 @@
+version: "3.5"
+services:
+  owncloud:
+    volumes:
+      - ./owncloud/openidconnect/:/mnt/data/apps/openidconnect/
+      - ./owncloud/phoenix/:/mnt/data/apps/phoenix/
+      - ./owncloud/konnectd.config.php:/mnt/data/config/konnectd.config.php
+      - ./owncloud/config.json:/mnt/data/apps/phoenix/config.json

owncloud/owncloud.sh

@@ -4,8 +4,7 @@ set -euo pipefail
 IFS=$'\n\t'
 
 if ! command -v reg > /dev/null; then
-	echo "Please install reg in order to run this script."
-	exit 1
+	echo "Please install reg to list available tags. You can only press enter when being asked for a tag."
 fi
 
 if [ ! -e ../.env ]; then
@@ -33,7 +32,7 @@ random_string() {
 	hexdump -n 16 -v -e '/1 "%02X"' /dev/urandom
 }
 
-docker_tag_search () {
+docker_tag_search() {
 	image="$1"
 	results=$(reg tags "$image" 2> /dev/null)
 	echo "$results" | xargs -n1 | sort --version-sort -ru
@@ -63,7 +62,7 @@ selectWithDefault() {
 	[[ -n $index ]] && printf %s "${@: index:1}"
 }
 
-update_env_file () {
+update_env_file() {
 	varname="$1"
 	varvalue="$2"
 	if ! grep -q "$varname" ../.env; then
@@ -73,7 +72,7 @@ update_env_file () {
 	fi
 }
 
-tag_question () {
+tag_question() {
 	containername="$1"
 	value_default="$2"
 	description="$3"
@@ -94,6 +93,8 @@ update_env_file OWNCLOUD_ADMIN_USERNAME admin
 update_env_file OWNCLOUD_ADMIN_PASSWORD "$(random_string)"
 update_env_file MARIADB_ROOT_PASSWORD "$(random_string)"
 
+echo "Setup complete"
+
 if [ -e "$tmpfile" ]; then
 	rm "$tmpfile"
 fi

setup-update-tag.sh

@@ -4,8 +4,7 @@ set -euo pipefail
 IFS=$'\n\t'
 
 if ! command -v reg > /dev/null; then
-	echo "Please install reg in order to run this script."
-	exit 1
+	echo "Please install reg to list available tags. You can only press enter when being asked for a tag."
 fi
 
 if [ ! -e ./.env ]; then

setup.sh

@@ -92,7 +92,7 @@ if [ ! -e ./.env ]; then
 
 	value_default="kopano.demo"
 	read -r -p "FQDN to be used (for reverse proxy).
-	Hint: use port 2015 in case port 443 is already in use on the system.
+	Hint: use $value_default:2015 (with your actual FQDN) in case port 443 is already in use on the system (it has to be 443 or 2015, other ports will not work).
 	[$value_default]: " new_value
 	FQDN=${new_value:-$value_default}
 

web/kweb-calendar.cfg

@@ -0,0 +1,2 @@
+staticpwa /calendar /usr/share/kopano-calendar/calendar-webapp
+root /var/www/

web/kweb-override.yml

@@ -0,0 +1,10 @@
+version: "3.5"
+services:
+  web:
+    volumes:
+      - ./web/kweb-calendar.cfg:/etc/kweb-extras/kweb-calendar.cfg
+      - ./kopano-calendar-0.20.0/:/usr/share/kopano-calendar/
+      - ./kopano-calendar-0.20.0/config.json.in:/var/www/api/config/v1/kopano/calendar/config.json
+  kopano_grapi:
+    environment:
+      - KCCONF_GRAPI_ENABLE_EXPERIMENTAL_ENDPOINTS=yes

web/kweb.cfg

@@ -220,4 +220,6 @@
 		try_duration 30s
 	}
 	folderish /owncloud
+
+	import /etc/kweb-extras/*
 }