mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-04 19:29:49 -06:00
Code Issues Packages Projects Releases Wiki Activity

streamline configuration

Browse Source
This commit is contained in:
Willy Kloucek
2021-10-14 16:10:43 +02:00
parent ce136b4940
commit de3fefd4dd
7 changed files with 63 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
deployments/examples/cs3_users_ocis/config/ocis/proxy-config.json
View File

@@ -61,6 +61,10 @@
"endpoint": "/index.php/",
"backend": "http://localhost:9140"
},
{
"endpoint": "/app/",
"backend": "http://localhost:9140"
},
{
"endpoint": "/data",
"backend": "http://localhost:9140"

23
deployments/examples/ocis_keycloak/config/ocis/entrypoint-override.sh
View File

@@ -5,34 +5,23 @@ set -e
ocis server&
sleep 10
# stop builtin idp since we use Keycloak as a replacement
# stop builtin IDP since we use Keycloak as a replacement
ocis kill idp
echo "##################################################"
echo "change default secrets:"
# REVA
REVA_USER_UUID=$(ocis accounts list | grep " | Reva Inter " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o)
echo " Reva user UUID: $REVA_USER_UUID"
ocis accounts update --password $STORAGE_LDAP_BIND_PASSWORD $REVA_USER_UUID
ocis accounts update --password $STORAGE_LDAP_BIND_PASSWORD bc596f3c-c955-4328-80a0-60d018b4ad57 # REVA
echo "default secrets changed"
echo "##################################################"
echo "##################################################"
echo "delete demo users" # demo users are provided by keycloak
echo "delete demo users" # users are provided by keycloak
set +e # accounts can only delete once, so it will fail the second time
# IDP
IDP_USER_UUID=$(ocis accounts list | grep "| Kopano IDP " | egrep '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o)
echo " IDP user UUID: $IDP_USER_UUID"
ocis accounts remove $IDP_USER_UUID
ocis accounts remove 4c510ada-c86b-4815-8820-42cdf82c3d51
ocis accounts remove ddc2004c-0977-11eb-9d3f-a793888cd0f8
ocis accounts remove 932b4540-8d16-481e-8ef4-588e4b6b151c
ocis accounts remove 058bff95-6708-4fe5-91e4-9ea3d377588b
ocis accounts remove f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c
# only admin, IDP and REVA user will be created because of ACCOUNTS_DEMO_USERS_AND_GROUPS=false
ocis accounts remove 820ba2a1-3f54-4538-80a4-2d73007e30bf # IDP user
ocis accounts remove ddc2004c-0977-11eb-9d3f-a793888cd0f8 # admin
set -e
echo "##################################################"

1
deployments/examples/ocis_keycloak/docker-compose.yml
View File

@@ -64,6 +64,7 @@ services:
OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose
PROXY_OIDC_INSECURE: "${INSECURE:-false}" # needed if Traefik is using self generated certificates
PROXY_TLS: "false" # do not use SSL between Traefik and oCIS
ACCOUNTS_DEMO_USERS_AND_GROUPS: false # don't generate demo users
# change default secrets
IDP_LDAP_BIND_PASSWORD: ${IDP_LDAP_BIND_PASSWORD:-idp}
STORAGE_LDAP_BIND_PASSWORD: ${STORAGE_LDAP_BIND_PASSWORD:-reva}

4
proxy/config/proxy-example-migration.json
View File

@@ -76,6 +76,10 @@
"endpoint": "/graph/",
"backend": "http://localhost:9120"
},
{
"endpoint": "/app/",
"backend": "http://localhost:9140"
},
{
"endpoint": "/graph-explorer/",
"backend": "http://localhost:9135"

46
proxy/config/proxy-example-regex.json
View File

@@ -12,12 +12,42 @@
"selector_cookie_name": "owncloud-selector",
"default_policy": "oc10",
"matches_policies": [
{"priority": 10, "property": "mail", "match": "marie@example.org", "policy": "ocis"},
{"priority": 20, "property": "mail", "match": "[^@]+@example.org", "policy": "oc10"},
{"priority": 30, "property": "username", "match": "(einstein|feynman)", "policy": "ocis"},
{"priority": 40, "property": "username", "match": ".+", "policy": "oc10"},
{"priority": 50, "property": "id", "match": "4c510ada-c86b-4815-8820-42cdf82c3d51", "policy": "ocis"},
{"priority": 60, "property": "id", "match": "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", "policy": "oc10"}
{
"priority": 10,
"property": "mail",
"match": "marie@example.org",
"policy": "ocis"
},
{
"priority": 20,
"property": "mail",
"match": "[^@]+@example.org",
"policy": "oc10"
},
{
"priority": 30,
"property": "username",
"match": "(einstein|feynman)",
"policy": "ocis"
},
{
"priority": 40,
"property": "username",
"match": ".+",
"policy": "oc10"
},
{
"priority": 50,
"property": "id",
"match": "4c510ada-c86b-4815-8820-42cdf82c3d51",
"policy": "ocis"
},
{
"priority": 60,
"property": "id",
"match": "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c",
"policy": "oc10"
}
],
"unauthenticated_policy": "oc10"
}
@@ -80,6 +110,10 @@
"endpoint": "/data",
"backend": "http://localhost:9140"
},
{
"endpoint": "/app/",
"backend": "http://localhost:9140"
},
{
"endpoint": "/graph/",
"backend": "http://localhost:9120"

4
proxy/config/proxy-example.json
View File

@@ -66,6 +66,10 @@
"endpoint": "/data",
"backend": "http://localhost:9140"
},
{
"endpoint": "/app/",
"backend": "http://localhost:9140"
},
{
"endpoint": "/graph/",
"backend": "http://localhost:9120"

8
proxy/pkg/proxy/proxy.go
View File

@@ -299,10 +299,6 @@ func defaultPolicies() []config.Policy {
Endpoint: "/ocs/v[12].php/cloud/(users?|groups)", // we have `user`, `users` and `groups` in ocis-ocs
Backend: "http://localhost:9110",
},
{
Endpoint: "/app/",
Backend: "http://localhost:9140",
},
{
Endpoint: "/ocs/",
Backend: "http://localhost:9140",
@@ -336,6 +332,10 @@ func defaultPolicies() []config.Policy {
Endpoint: "/data",
Backend: "http://localhost:9140",
},
{
Endpoint: "/app/",
Backend: "http://localhost:9140",
},
{
Endpoint: "/graph/",
Backend: "http://localhost:9120",