mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-03 02:39:52 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3666 from wkloucek/reenable-parallel-deployment-in-ci

Browse Source 
reenable parallel deployment in ci
This commit is contained in:
Jörn Friedrich Dreyer
2022-05-09 11:12:10 +00:00
committed by GitHub
parent b9abdabf25 43d74f276b
commit b795aabd37
17 changed files with 188 additions and 161 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
.drone.star
View File

@@ -110,9 +110,7 @@ config = {
"suites": [
"apiShareManagement",
],
# The tests fail after the storage config changes
# They will be fixed later.
"skip": True,
"skip": False,
"earlyFail": True,
"cron": "nightly",
},
@@ -120,9 +118,7 @@ config = {
"suites": [
"apiWebdavOperations",
],
# The tests fail after the storage config changes
# They will be fixed later.
"skip": True,
"skip": False,
"earlyFail": True,
"cron": "nightly",
},
@@ -1641,7 +1637,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
if not testing_parallel_deploy:
user = "0:0"
environment = {
"OCIS_URL": "https://ocis-server:9200",
"OCIS_URL": OCIS_URL,
"GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed
"STORAGE_USERS_DRIVER": "%s" % (storage),
"STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root",
@@ -1667,41 +1663,37 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
else:
user = "33:33"
environment = {
"GRAPH_IDENTITY_BACKEND": "cs3",
"GRAPH_LDAP_SERVER_WRITE_ENABLED": "false",
# Keycloak IDP specific configuration
"PROXY_OIDC_ISSUER": "https://keycloak/auth/realms/owncloud",
"LDAP_IDP": "https://keycloak/auth/realms/owncloud",
"WEB_OIDC_AUTHORITY": "https://keycloak/auth/realms/owncloud",
"WEB_OIDC_CLIENT_ID": "ocis-web",
"OCIS_OIDC_ISSUER": "https://keycloak/auth/realms/owncloud",
"WEB_OIDC_METADATA_URL": "https://keycloak/auth/realms/owncloud/.well-known/openid-configuration",
"AUTH_BEARER_OIDC_ISSUER": "https://keycloak",
"WEB_OIDC_CLIENT_ID": "ocis-web",
"WEB_OIDC_SCOPE": "openid profile email owncloud",
# external ldap is supposed to be read only
"GRAPH_IDENTITY_BACKEND": "ldap",
"GRAPH_LDAP_SERVER_WRITE_ENABLED": "false",
# LDAP bind
"LDAP_URI": "ldaps://openldap",
"LDAP_INSECURE": "true",
"LDAP_BIND_DN": "cn=admin,dc=owncloud,dc=com",
"LDAP_BIND_PASSWORD": "admin",
# LDAP user settings
"PROXY_AUTOPROVISION_ACCOUNTS": "true", # automatically create users when they login
"PROXY_ACCOUNT_BACKEND_TYPE": "cs3", # proxy should get users from CS3APIS (which gets it from LDAP)
"PROXY_USER_OIDC_CLAIM": "ocis.user.uuid", # claim was added in Keycloak
"PROXY_USER_CS3_CLAIM": "userid", # equals STORAGE_LDAP_USER_SCHEMA_UID
"LDAP_GROUP_BASE_DN": "ou=testgroups,dc=owncloud,dc=com",
"LDAP_GROUP_BASE_DN": "ou=TestGroups,dc=owncloud,dc=com",
"LDAP_GROUP_OBJECTCLASS": "groupOfUniqueNames",
"LDAP_GROUPFILTER": "(objectclass=owncloud)",
"LDAP_GROUP_SCHEMA_DISPLAYNAME": "cn",
"LDAP_GROUP_SCHEMA_ID": "cn",
"LDAP_GROUP_SCHEMA_MAIL": "mail",
"LDAP_GROUP_SCHEMA_MEMBER": "cn",
"LDAP_USER_BASE_DN": "ou=testusers,dc=owncloud,dc=com",
"LDAP_GROUPFILTER": "(objectclass=owncloud)",
"LDAP_LOGIN_ATTRIBUTES": "uid",
"LDAP_USER_BASE_DN": "ou=TestUsers,dc=owncloud,dc=com",
"LDAP_USER_OBJECTCLASS": "posixAccount",
"LDAP_USERFILTER": "(objectclass=owncloud)",
"LDAP_USER_SCHEMA_USERNAME": "cn",
"LDAP_USER_SCHEMA_DISPLAYNAME": "displayname",
"LDAP_USER_SCHEMA_MAIL": "mail",
"LDAP_USER_SCHEMA_ID": "ownclouduuid",
"LDAP_LOGIN_ATTRIBUTES": "uid,mail",
"LDAP_USER_SCHEMA_MAIL": "mail",
"LDAP_USER_SCHEMA_USERNAME": "cn",
"LDAP_USERFILTER": "(objectclass=owncloud)",
# ownCloudSQL storage driver
"STORAGE_USERS_DRIVER": "owncloudsql",
"STORAGE_USERS_OWNCLOUDSQL_DATADIR": "/mnt/data/files",
@@ -1721,14 +1713,12 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on =
"SHARING_USER_OWNCLOUDSQL_DB_NAME": "owncloud",
# General oCIS config
# OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services
"OCIS_RUN_EXTENSIONS": "settings,storage-system,graph,graph-explorer,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,auth-bearer,auth-machine,storage-users,storage-shares,storage-publiclink,app-provider,sharing,proxy,nats,ocdav",
"OCIS_RUN_EXTENSIONS": "app-registry,app-provider,audit,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav",
"OCIS_LOG_LEVEL": "info",
"OCIS_URL": OCIS_URL,
"OCIS_BASE_DATA_PATH": "/mnt/data/ocis",
"OCIS_CONFIG_DIR": "/etc/ocis",
"PROXY_ENABLE_BASIC_AUTH": "true",
"IDM_CREATE_DEMO_USERS": True,
"IDM_ADMIN_PASSWORD": "admin", # override the random admin password from `ocis init`
}
wait_for_ocis = {
"name": "wait-for-ocis-server",

69
deployments/examples/oc10_ocis_parallel/config/ocis/proxy.yaml Normal file → Executable file
View File

@@ -6,45 +6,60 @@ policy_selector:
policies:
- name: ocis
routes:
- endpoint: "/"
- endpoint: /
backend: http://localhost:9100
- endpoint: "/.well-known/"
- endpoint: /.well-known/
backend: http://localhost:9130
- endpoint: /konnect/
backend: http://localhost:9130
- endpoint: /signin/
backend: http://localhost:9130
- endpoint: /archiver
backend: http://localhost:9140
- type: regex
endpoint: "/ocs/v[12].php/cloud/user/signing-key"
endpoint: /ocs/v[12].php/cloud/(users?|groups)
backend: http://localhost:9110
- endpoint: "/ocs/"
- endpoint: /ocs/
backend: http://localhost:9140
- type: query
endpoint: "/remote.php/?preview=1"
endpoint: /remote.php/?preview=1
backend: http://localhost:9115
- endpoint: "/remote.php/"
- method: REPORT
endpoint: /remote.php/dav/
backend: http://localhost:9115
- type: query
endpoint: /dav/?preview=1
backend: http://localhost:9115
- type: query
endpoint: /webdav/?preview=1
backend: http://localhost:9115
- endpoint: /remote.php/
service: com.owncloud.web.ocdav
- endpoint: /dav/
service: com.owncloud.web.ocdav
- endpoint: /webdav/
service: com.owncloud.web.ocdav
- endpoint: /status.php
service: com.owncloud.web.ocdav
- endpoint: /index.php/
service: com.owncloud.web.ocdav
- endpoint: /apps/
service: com.owncloud.web.ocdav
- endpoint: /data
backend: http://localhost:9140
- endpoint: "/dav/"
- endpoint: /app/
backend: http://localhost:9140
- endpoint: "/webdav/"
backend: http://localhost:9140
- endpoint: "/status.php"
backend: http://localhost:9140
- endpoint: "/index.php/"
backend: http://localhost:9140
- endpoint: "/index.php/login"
backend: http://localhost:9100
- endpoint: "/login"
backend: http://localhost:9100
- endpoint: "/data"
backend: http://localhost:9140
- endpoint: "/graph/"
- endpoint: /graph/
backend: http://localhost:9120
- endpoint: "/app/"
backend: http://localhost:9140
- endpoint: "/archiver"
backend: http://localhost:9140
- endpoint: "/graph-explorer/"
- endpoint: /graph-explorer
backend: http://localhost:9135
- endpoint: "/api/v0/settings"
- endpoint: /api/v0/accounts
backend: http://localhost:9181
- endpoint: /accounts.js
backend: http://localhost:9181
- endpoint: /api/v0/settings
backend: http://localhost:9190
- endpoint: "/settings.js"
- endpoint: /settings.js
backend: http://localhost:9190
- name: oc10
routes:

115
deployments/examples/oc10_ocis_parallel/docker-compose.yml
View File

@@ -43,88 +43,94 @@ services:
driver: "local"
restart: always
ocis-init-volumes:
image: busybox
entrypoint:
- /bin/sh
# prepare the oCIS config volume for oCIS
command: ["-c", "chown -R 33:33 /etc/ocis /var/lib/ocis"]
volumes:
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
ocis:
image: owncloud/ocis:${OCIS_DOCKER_TAG:-latest}
networks:
ocis-net:
user: "33:33" # equals the user "www-data" for oC10
entrypoint:
- /bin/sh
# run ocis init to initialize a configuration file with random secrets
# it will fail on subsequent runs, because the config file already exists
# therefore we ignore the error and then start the ocis server
command: ["-c", "ocis init || true; ocis server"]
#entrypoint:
# - /bin/sh
# - /entrypoint-override.sh
environment:
# Keycloak IDP specific configuration
PROXY_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud}
WEB_OIDC_AUTHORITY: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud}
WEB_OIDC_CLIENT_ID: ocis-web
OCIS_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud}
WEB_OIDC_METADATA_URL: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud}/.well-known/openid-configuration
STORAGE_OIDC_ISSUER: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}
STORAGE_LDAP_IDP: https://${KEYCLOAK_DOMAIN:-keycloak.owncloud.test}/auth/realms/${KEYCLOAK_REALM:-owncloud}
WEB_OIDC_CLIENT_ID: ocis-web
WEB_OIDC_SCOPE: openid profile email owncloud
# external ldap is supposed to be read only
GRAPH_IDENTITY_BACKEND: ldap
GRAPH_LDAP_SERVER_WRITE_ENABLED: "false"
# LDAP bind
STORAGE_LDAP_URI: "ldaps://openldap"
STORAGE_LDAP_INSECURE: "true"
STORAGE_LDAP_BIND_DN: "cn=admin,dc=owncloud,dc=com"
STORAGE_LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin}
LDAP_URI: "ldaps://openldap"
LDAP_INSECURE: "true"
LDAP_BIND_DN: "cn=admin,dc=owncloud,dc=com"
LDAP_BIND_PASSWORD: ${LDAP_ADMIN_PASSWORD:-admin}
# LDAP user settings
PROXY_AUTOPROVISION_ACCOUNTS: "true" # automatically create users when they login
PROXY_ACCOUNT_BACKEND_TYPE: cs3 # proxy should get users from CS3APIS (which gets it from LDAP)
PROXY_USER_OIDC_CLAIM: ocis.user.uuid # claim was added in Keycloak
PROXY_USER_CS3_CLAIM: userid # equals STORAGE_LDAP_USER_SCHEMA_UID
STORAGE_LDAP_GROUP_BASE_DN: "dc=owncloud,dc=com"
STORAGE_LDAP_GROUP_SCHEMA_DISPLAYNAME: "cn"
STORAGE_LDAP_GROUP_SCHEMA_GID_NUMBER: "gidnumber"
STORAGE_LDAP_GROUP_SCHEMA_ID: "cn"
STORAGE_LDAP_GROUP_SCHEMA_MAIL: "mail"
STORAGE_LDAP_GROUP_SCHEMA_MEMBER: "cn"
STORAGE_LDAP_GROUP_OBJECTCLASS: "groupOfUniqueNames"
STORAGE_LDAP_GROUPFILTER: "(objectclass=owncloud)"
STORAGE_LDAP_USER_BASE_DN: "dc=owncloud,dc=com"
STORAGE_LDAP_USER_SCHEMA_USERNAME: "cn"
STORAGE_LDAP_USER_SCHEMA_DISPLAYNAME: "displayname"
STORAGE_LDAP_USER_SCHEMA_GID_NUMBER: "gidnumber"
STORAGE_LDAP_USER_SCHEMA_MAIL: "mail"
STORAGE_LDAP_USER_SCHEMA_UID_NUMBER: "uidnumber"
STORAGE_LDAP_USER_SCHEMA_ID: "ownclouduuid"
STORAGE_LDAP_LOGIN_ATTRIBUTES: "uid,mail"
LDAP_GROUP_BASE_DN: "ou=groups,dc=owncloud,dc=com"
LDAP_GROUP_OBJECTCLASS: "groupOfUniqueNames"
LDAP_GROUP_SCHEMA_DISPLAYNAME: "cn"
LDAP_GROUP_SCHEMA_ID: "cn"
LDAP_GROUP_SCHEMA_MAIL: "mail"
LDAP_GROUP_SCHEMA_MEMBER: "cn"
LDAP_GROUPFILTER: "(objectclass=owncloud)"
LDAP_LOGIN_ATTRIBUTES: "uid"
LDAP_USER_BASE_DN: "ou=users,dc=owncloud,dc=com"
LDAP_USER_OBJECTCLASS: "posixAccount"
LDAP_USER_SCHEMA_DISPLAYNAME: "displayname"
LDAP_USER_SCHEMA_ID: "ownclouduuid"
LDAP_USER_SCHEMA_MAIL: "mail"
LDAP_USER_SCHEMA_USERNAME: "cn"
LDAP_USERFILTER: "(objectclass=owncloud)"
# ownCloudSQL storage driver
STORAGE_USERS_DRIVER: owncloudsql
STORAGE_SYSTEM_DRIVER: ocis # keep system data on ocis storage since this are only small files atm
STORAGE_USERS_DRIVER_OWNCLOUDSQL_DATADIR: /mnt/data/files
STORAGE_USERS_DRIVER_OWNCLOUDSQL_UPLOADINFO_DIR: /tmp
STORAGE_USERS_DRIVER_OWNCLOUDSQL_SHARE_FOLDER: "/Shares"
STORAGE_USERS_DRIVER_OWNCLOUDSQL_LAYOUT: "{{.Username}}"
STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBUSERNAME: owncloud
STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBPASSWORD: owncloud
STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBHOST: oc10-db
STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBPORT: 3306
STORAGE_USERS_DRIVER_OWNCLOUDSQL_DBNAME: owncloud
STORAGE_USERS_DRIVER_OWNCLOUDSQL_REDIS_ADDR: redis:6379 # TODO: redis is not yet supported
STORAGE_USERS_DRIVER: "owncloudsql"
STORAGE_USERS_OWNCLOUDSQL_DATADIR: "/mnt/data/files"
STORAGE_USERS_OWNCLOUDSQL_SHARE_FOLDER: "/Shares"
STORAGE_USERS_OWNCLOUDSQL_LAYOUT: "{{.Username}}"
STORAGE_USERS_OWNCLOUDSQL_DB_USERNAME: "owncloud"
STORAGE_USERS_OWNCLOUDSQL_DB_PASSWORD: "owncloud"
STORAGE_USERS_OWNCLOUDSQL_DB_HOST: "oc10-db"
STORAGE_USERS_OWNCLOUDSQL_DB_PORT: 3306
STORAGE_USERS_OWNCLOUDSQL_DB_NAME: "owncloud"
# ownCloudSQL sharing driver
STORAGE_SHARING_USER_DRIVER: owncloudsql
STORAGE_SHARING_USER_SQL_USERNAME: owncloud
STORAGE_SHARING_USER_SQL_PASSWORD: owncloud
STORAGE_SHARING_USER_SQL_HOST: oc10-db
STORAGE_SHARING_USER_SQL_PORT: 3306
STORAGE_SHARING_USER_SQL_NAME: owncloud
SHARING_USER_DRIVER: "owncloudsql"
SHARING_USER_OWNCLOUDSQL_DB_USERNAME: "owncloud"
SHARING_USER_OWNCLOUDSQL_DB_PASSWORD: "owncloud"
SHARING_USER_OWNCLOUDSQL_DB_HOST: "oc10-db"
SHARING_USER_OWNCLOUDSQL_DB_PORT: 3306
SHARING_USER_OWNCLOUDSQL_DB_NAME: "owncloud"
# ownCloud storage readonly
OCIS_STORAGE_READ_ONLY: "false" # TODO: conflict with OWNCLOUDSQL -> https://github.com/owncloud/ocis/issues/2303
# General oCIS config
# OCIS_RUN_EXTENSIONS specifies to start all extensions except glauth, idp and accounts. These are replaced by external services
OCIS_RUN_EXTENSIONS: settings,storage-system,graph,graph-explorer,ocs,store,thumbnails,web,webdav,frontend,gateway,users,groups,auth-basic,auth-bearer,auth-machine,storage-users,storage-shares,storage-publiclink,app-provider,sharing,proxy,nats
OCIS_RUN_EXTENSIONS: app-registry,app-provider,audit,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav
OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose
OCIS_URL: https://${CLOUD_DOMAIN:-cloud.owncloud.test}
PROXY_TLS: "false" # do not use SSL between Traefik and oCIS
# change default secrets
OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4}
STORAGE_TRANSFER_SECRET: ${STORAGE_TRANSFER_SECRET:-replace-me-with-a-transfer-secret}
OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please}
# INSECURE: needed if oCIS / Traefik is using self generated certificates
OCIS_INSECURE: "${INSECURE:-false}"
# basic auth (not recommended, but needed for eg. WebDav clients that do not support OpenID Connect)
PROXY_ENABLE_BASIC_AUTH: "${PROXY_ENABLE_BASIC_AUTH:-false}"
# demo users
ACCOUNTS_DEMO_USERS_AND_GROUPS: "${DEMO_USERS:-false}" # deprecated, remove after switching to LibreIDM
IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}"
volumes:
- ./config/ocis/proxy.yaml:/etc/ocis/proxy.yaml
- ocis-config:/etc/ocis
- ocis-data:/var/lib/ocis
# shared volume with oC10
- oc10-data:/mnt/data
@@ -339,6 +345,7 @@ services:
volumes:
certs:
ocis-config:
ocis-data:
keycloak-postgres-data:
oc10-mysql-data:

2
extensions/auth-basic/pkg/config/config.go
View File

@@ -81,7 +81,7 @@ type LDAPProvider struct {
UserObjectClass string `yaml:"user_object_filter" env:"LDAP_USER_OBJECTCLASS;AUTH_BASIC_LDAP_USER_OBJECTCLASS"`
GroupObjectClass string `yaml:"group_object_class" env:"LDAP_GROUP_OBJECTCLASS;AUTH_BASIC_LDAP_GROUP_OBJECTCLASS"`
LoginAttributes []string `yaml:"login_attributes" env:"LDAP_LOGIN_ATTRIBUTES;AUTH_BASIC_LDAP_LOGIN_ATTRIBUTES"`
IDP string `yaml:"idp" env:"OCIS_URL;AUTH_BASIC_IDP_URL"`
IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BASIC_IDP_URL"`
UserSchema LDAPUserSchema `yaml:"user_schema"`
GroupSchema LDAPGroupSchema `yaml:"group_schema"`
}

2
extensions/auth-bearer/pkg/config/config.go
View File

@@ -57,7 +57,7 @@ type GRPCConfig struct {
}
type OIDC struct {
Issuer string `yaml:"issuer" env:"OCIS_URL;AUTH_BEARER_OIDC_ISSUER"`
Issuer string `yaml:"issuer" env:"OCIS_URL;OCIS_OIDC_ISSUER;AUTH_BEARER_OIDC_ISSUER"`
Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;AUTH_BEARER_OIDC_INSECURE"`
IDClaim string `yaml:"id_claim" env:"AUTH_BEARER_OIDC_ID_CLAIM"`
UIDClaim string `yaml:"uid_claim" env:"AUTH_BEARER_OIDC_UID_CLAIM"`

2
extensions/graph-explorer/pkg/config/config.go
View File

@@ -26,7 +26,7 @@ type Config struct {
// GraphExplorer defines the available graph-explorer configuration.
type GraphExplorer struct {
ClientID string `yaml:"client_id" env:"GRAPH_EXPLORER_CLIENT_ID"`
Issuer string `yaml:"issuer" env:"OCIS_URL;GRAPH_EXPLORER_ISSUER"`
Issuer string `yaml:"issuer" env:"OCIS_URL;OCIS_OIDC_ISSUER;GRAPH_EXPLORER_ISSUER"`
GraphURLBase string `yaml:"graph_url_base" env:"OCIS_URL;GRAPH_EXPLORER_GRAPH_URL_BASE"`
GraphURLPath string `yaml:"graph_url_path" env:"GRAPH_EXPLORER_GRAPH_URL_PATH"`
}

2
extensions/groups/pkg/config/config.go
View File

@@ -80,7 +80,7 @@ type LDAPDriver struct {
UserObjectClass string `yaml:"user_object_class" env:"LDAP_USER_OBJECTCLASS;GROUPS_LDAP_USER_OBJECTCLASS"`
GroupObjectClass string `yaml:"group_object_class" env:"LDAP_GROUP_OBJECTCLASS;GROUPS_LDAP_GROUP_OBJECTCLASS"`
LoginAttributes []string `yaml:"login_attributes" env:"LDAP_LOGIN_ATTRIBUTES;GROUPS_LDAP_LOGIN_ATTRIBUTES"`
IDP string `yaml:"idp" env:"OCIS_URL;GROUPS_IDP_URL"`
IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;GROUPS_IDP_URL"`
UserSchema LDAPUserSchema `yaml:"user_schema"`
GroupSchema LDAPGroupSchema `yaml:"group_schema"`
}

2
extensions/idp/pkg/config/config.go
View File

@@ -66,7 +66,7 @@ type Settings struct {
// don't change the order of elements in this struct
// it needs to match github.com/libregraph/lico/bootstrap.Settings
Iss string `yaml:"iss" env:"OCIS_URL;IDP_ISS"`
Iss string `yaml:"iss" env:"OCIS_URL;OCIS_OIDC_ISSUER;IDP_ISS"`
IdentityManager string `yaml:"identity_manager" env:"IDP_IDENTITY_MANAGER"`

2
extensions/ocs/pkg/config/config.go
View File

@@ -34,5 +34,5 @@ type Config struct {
// is based in the combination of IDP hostname + UserID. For more information see:
// https://github.com/cs3org/reva/blob/4fd0229f13fae5bc9684556a82dbbd0eced65ef9/pkg/storage/utils/decomposedfs/node/node.go#L856-L865
type IdentityManagement struct {
Address string `yaml:"address" env:"OCIS_URL;OCS_IDM_ADDRESS"`
Address string `yaml:"address" env:"OCIS_URL;OCIS_OIDC_ISSUER;OCS_IDM_ADDRESS"`
}

2
extensions/proxy/pkg/config/config.go
View File

@@ -83,7 +83,7 @@ type AuthMiddleware struct {
// OIDC is the config for the OpenID-Connect middleware. If set the proxy will try to authenticate every request
// with the configured oidc-provider
type OIDC struct {
Issuer string `yaml:"issuer" env:"OCIS_URL;PROXY_OIDC_ISSUER"`
Issuer string `yaml:"issuer" env:"OCIS_URL;OCIS_OIDC_ISSUER;PROXY_OIDC_ISSUER"`
Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;PROXY_OIDC_INSECURE"`
UserinfoCache UserinfoCache `yaml:"user_info_cache"`
}

1
extensions/sharing/pkg/revaconfig/config.go
View File

@@ -41,6 +41,7 @@ func SharingConfigFromStruct(cfg *config.Config) map[string]interface{} {
"janitor_run_interval": cfg.UserSharingDrivers.SQL.JanitorRunInterval,
},
"owncloudsql": map[string]interface{}{
"gateway_addr": cfg.Reva.Address,
"storage_mount_id": cfg.UserSharingDrivers.OwnCloudSQL.UserStorageMountID,
"db_username": cfg.UserSharingDrivers.OwnCloudSQL.DBUsername,
"db_password": cfg.UserSharingDrivers.OwnCloudSQL.DBPassword,

2
extensions/storage-users/pkg/config/config.go
View File

@@ -129,7 +129,7 @@ type OwnCloudSQLDriver struct {
DBHost string `yaml:"db_host" env:"STORAGE_USERS_OWNCLOUDSQL_DB_HOST"`
DBPort int `yaml:"db_port" env:"STORAGE_USERS_OWNCLOUDSQL_DB_PORT"`
DBName string `yaml:"db_name" env:"STORAGE_USERS_OWNCLOUDSQL_DB_NAME"`
UsersProviderEndpoint string `yaml:"users_provider_endpoint" env:"STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT"`
UsersProviderEndpoint string `yaml:"users_provider_endpoint" env:"STORAGE_USERS_OWNCLOUDSQL_USERS_PROVIDER_ENDPOINT"`
}
type Events struct {

19
extensions/storage-users/pkg/config/defaults/defaultconfig.go
View File

@@ -45,15 +45,16 @@ func DefaultConfig() *config.Config {
Driver: "ocis",
Drivers: config.Drivers{
OwnCloudSQL: config.OwnCloudSQLDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "owncloud"),
ShareFolder: "/Shares",
UserLayout: "{{.Username}}",
UploadInfoDir: filepath.Join(defaults.BaseDataPath(), "storage", "uploadinfo"),
DBUsername: "owncloud",
DBPassword: "owncloud",
DBHost: "",
DBPort: 3306,
DBName: "owncloud",
Root: filepath.Join(defaults.BaseDataPath(), "storage", "owncloud"),
ShareFolder: "/Shares",
UserLayout: "{{.Username}}",
UploadInfoDir: filepath.Join(defaults.BaseDataPath(), "storage", "uploadinfo"),
DBUsername: "owncloud",
DBPassword: "owncloud",
DBHost: "",
DBPort: 3306,
DBName: "owncloud",
UsersProviderEndpoint: "localhost:9144",
},
S3NG: config.S3NGDriver{
Root: filepath.Join(defaults.BaseDataPath(), "storage", "users"),

2
extensions/users/pkg/config/config.go
View File

@@ -84,7 +84,7 @@ type LDAPDriver struct {
UserObjectClass string `yaml:"user_object_class" env:"LDAP_USER_OBJECTCLASS;USERS_LDAP_USER_OBJECTCLASS"`
GroupObjectClass string `yaml:"group_object_class" env:"LDAP_GROUP_OBJECTCLASS;USERS_LDAP_GROUP_OBJECTCLASS"`
LoginAttributes []string `yaml:"login_attributes" env:"LDAP_LOGIN_ATTRIBUTES;USERS_LDAP_LOGIN_ATTRIBUTES"`
IDP string `yaml:"idp" env:"OCIS_URL;USERS_IDP_URL"`
IDP string `yaml:"idp" env:"OCIS_URL;OCIS_OIDC_ISSUER;USERS_IDP_URL"`
UserSchema LDAPUserSchema `yaml:"user_schema"`
GroupSchema LDAPGroupSchema `yaml:"group_schema"`
}

2
extensions/web/pkg/config/config.go
View File

@@ -44,7 +44,7 @@ type WebConfig struct {
// OIDC defines the available oidc configuration
type OIDC struct {
MetadataURL string `json:"metadata_url,omitempty" yaml:"metadata_url" env:"WEB_OIDC_METADATA_URL"`
Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;WEB_OIDC_AUTHORITY"`
Authority string `json:"authority,omitempty" yaml:"authority" env:"OCIS_URL;OCIS_OIDC_ISSUER;WEB_OIDC_AUTHORITY"`
ClientID string `json:"client_id,omitempty" yaml:"client_id" env:"WEB_OIDC_CLIENT_ID"`
ResponseType string `json:"response_type,omitempty" yaml:"response_type" env:"WEB_OIDC_RESPONSE_TYPE"`
Scope string `json:"scope,omitempty" yaml:"scope" env:"WEB_OIDC_SCOPE"`

10
ocis/pkg/command/natsserver.go
View File

@@ -10,11 +10,11 @@ import (
"github.com/urfave/cli/v2"
)
// NatsServerCommand is the entrypoint for the nats server command.
func NatsServerCommand(cfg *config.Config) *cli.Command {
// NatsCommand is the entrypoint for the Nats command.
func NatsCommand(cfg *config.Config) *cli.Command {
return &cli.Command{
Name: "nats-server",
Usage: "start nats server",
Name: cfg.Nats.Service.Name,
Usage: subcommandDescription(cfg.Nats.Service.Name),
Category: "extensions",
Before: func(c *cli.Context) error {
if err := parser.ParseConfig(cfg); err != nil {
@@ -29,5 +29,5 @@ func NatsServerCommand(cfg *config.Config) *cli.Command {
}
func init() {
register.AddCommand(NatsServerCommand)
register.AddCommand(NatsCommand)
}

73
tests/parallelDeployAcceptance/drone/ocis/proxy.yaml
View File

@@ -6,47 +6,60 @@ policy_selector:
policies:
- name: ocis
routes:
- endpoint: "/"
- endpoint: /
backend: http://localhost:9100
- endpoint: "/.well-known/"
- endpoint: /.well-known/
backend: http://localhost:9130
- endpoint: /konnect/
backend: http://localhost:9130
- endpoint: /signin/
backend: http://localhost:9130
- endpoint: /archiver
backend: http://localhost:9140
- type: regex
endpoint: "/ocs/v[12].php/cloud/user/signing-key"
endpoint: /ocs/v[12].php/cloud/(users?|groups)
backend: http://localhost:9110
- endpoint: "/ocs/"
- endpoint: /ocs/
backend: http://localhost:9140
- type: query
endpoint: "/remote.php/?preview=1"
endpoint: /remote.php/?preview=1
backend: http://localhost:9115
- endpoint: "/remote.php/"
service: "ocdav"
- endpoint: "/dav/"
service: "ocdav"
- endpoint: "/webdav/"
service: "ocdav"
- endpoint: "/status.php"
service: "ocdav"
- endpoint: "/index.php/"
service: "ocdav"
- endpoint: "/apps/"
service: "ocdav"
- endpoint: "/index.php/login"
backend: http://localhost:9100
- endpoint: "/login"
backend: http://localhost:9100
- endpoint: "/data"
- method: REPORT
endpoint: /remote.php/dav/
backend: http://localhost:9115
- type: query
endpoint: /dav/?preview=1
backend: http://localhost:9115
- type: query
endpoint: /webdav/?preview=1
backend: http://localhost:9115
- endpoint: /remote.php/
service: com.owncloud.web.ocdav
- endpoint: /dav/
service: com.owncloud.web.ocdav
- endpoint: /webdav/
service: com.owncloud.web.ocdav
- endpoint: /status.php
service: com.owncloud.web.ocdav
- endpoint: /index.php/
service: com.owncloud.web.ocdav
- endpoint: /apps/
service: com.owncloud.web.ocdav
- endpoint: /data
backend: http://localhost:9140
- endpoint: "/graph/"
- endpoint: /app/
backend: http://localhost:9140
- endpoint: /graph/
backend: http://localhost:9120
- endpoint: "/app/"
backend: http://localhost:9140
- endpoint: "/archiver"
backend: http://localhost:9140
- endpoint: "/graph-explorer/"
- endpoint: /graph-explorer
backend: http://localhost:9135
- endpoint: "/api/v0/settings"
- endpoint: /api/v0/accounts
backend: http://localhost:9181
- endpoint: /accounts.js
backend: http://localhost:9181
- endpoint: /api/v0/settings
backend: http://localhost:9190
- endpoint: "/settings.js"
- endpoint: /settings.js
backend: http://localhost:9190
- name: oc10
routes: