Browse Source
chg: [nextcloud] change to admin password are supported
chg: [nextcloud] change to admin password are supported
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>lokavaluto/dev/master
Valentin Lab
5 years ago
4 changed files with 152 additions and 48 deletions
-
30nextcloud/actions/occ
-
39nextcloud/hooks/init
-
16nextcloud/hooks/postgres_database-relation-joined
-
115nextcloud/lib/common
@ -1,3 +1,118 @@ |
|||
# -*- mode: shell-script -*- |
|||
|
|||
## This place is not accessible from container on purpose: container |
|||
## don't need that. This should be stored in /var/lib/compose/ in a |
|||
## project, service directory a little like relation data. |
|||
PASSWORD_FILE="$SERVICE_CONFIGSTORE/etc/$SERVICE_NAME/pass" |
|||
|
|||
|
|||
has_user() { |
|||
local user="$1" |
|||
if ! out=$(occ user:info "$user"); then |
|||
if [ "$out" == "user not found" ]; then |
|||
return 1 |
|||
else |
|||
if [ -n "$out" ]; then |
|||
err "Command 'occ user:info $user' failed with this output:" |
|||
echo "$out" | prefix " | " >&2 |
|||
else |
|||
err "Command 'occ user:info $user' failed with no output." |
|||
fi |
|||
return 2 |
|||
fi |
|||
fi |
|||
return 0 |
|||
} |
|||
|
|||
|
|||
set_admin_user_password() { |
|||
local user="$1" password="$2" errlvl |
|||
|
|||
[ -z "$password" ] && { |
|||
err "Refusing to set admin user an empty password." |
|||
return 3 |
|||
} |
|||
|
|||
has_user "$user" |
|||
errlvl=$? |
|||
[[ "$errlvl" -gt 1 ]] && { |
|||
err "'has_user $user' failed. Bailing out." |
|||
return "$errlvl" |
|||
} |
|||
if [[ "$errlvl" == 1 ]]; then |
|||
info "User $user not found. Creating it in default 'admin' group." |
|||
( |
|||
occ_docker_run_opts=("-e" "OC_PASS=$password") |
|||
occ user:add --group=admin --password-from-env --display-name="$user" "$user" |
|||
) || return 1 |
|||
else |
|||
info "User $user found. Resetting password." |
|||
( |
|||
occ_docker_run_opts=("-e" "OC_PASS=$password") |
|||
occ user:resetpassword "$user" "--password-from-env" |
|||
) || { |
|||
err "'occ user:resetpassword' failed," \ |
|||
"common reason include password too simple." |
|||
return 1 |
|||
} |
|||
fi |
|||
## XXXvlab: DRY violation: init does the same thing |
|||
mkdir -p "$(dirname "$PASSWORD_FILE")" |
|||
p0 "$user" "$password" > "$PASSWORD_FILE" |
|||
} |
|||
|
|||
|
|||
get_admin_user_password() { |
|||
if [ -e "$PASSWORD_FILE" ]; then |
|||
cat "$PASSWORD_FILE" |
|||
else |
|||
return 1 |
|||
fi |
|||
} |
|||
|
|||
|
|||
create_occ_if_not_exists() { |
|||
|
|||
if ! [ -e "$SERVICE_DATASTORE/var/www/html/occ" ]; then |
|||
## Here we use a nasty trick to launch only the initialisation |
|||
## part of the ``entrypoint.sh``. By setting 'apache' as first |
|||
## call argument, we satisfy the big first 'if' condition |
|||
## triggering the installation if necessary, and will fail to |
|||
## launch any apache |
|||
|
|||
## Last, we do not want the relation web-proxy to run in this |
|||
## bare-minimum nextcloud run AND we will use occ to set some info |
|||
## in this very same relation. |
|||
|
|||
## Note also that ``init`` is required as it sets |
|||
## NEXTCLOUD_ADMIN_{USER,PASSWORD} that is required to trigger |
|||
## a full installation |
|||
|
|||
export COMPOSE_IGNORE_ORPHANS=true |
|||
compose --debug --without-relation="$SERVICE_NAME":web-proxy run \ |
|||
--rm --entrypoint /entrypoint.sh "$SERVICE_NAME" apache >&2 || true |
|||
if ! [ -e "$SERVICE_DATASTORE/var/www/html/occ" ]; then |
|||
err "Expected last command to create /var/www/html/occ" |
|||
return 1 |
|||
fi |
|||
fi |
|||
} |
|||
|
|||
|
|||
occ() { |
|||
|
|||
create_occ_if_not_exists || return 1 |
|||
|
|||
## occ.batch will require /var/www/html to be populated ('occ' is |
|||
## supposed to exist). For that we need to make sure nextcloud have |
|||
## be ran and setup prior to running this next command. |
|||
export COMPOSE_IGNORE_ORPHANS=true |
|||
compose --debug -q --no-init --no-relations run \ |
|||
"${occ_docker_run_opts[@]}" \ |
|||
-v "$HOST_CHARM_STORE/${CHARM_REL_PATH#${CHARM_STORE}/}/src/occ.batch:/var/www/html/occ.batch" \ |
|||
-T --rm -u www-data "$SERVICE_NAME" /var/www/html/occ.batch "$@" | cat |
|||
|
|||
return "${PIPESTATUS[0]}" |
|||
} |
|||
|
|||
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue