Compare commits
merge into: 0k:master
0k:0k/dev/master
0k:backup
0k:bgallet/nextcloud
0k:boris/smtp-extern
0k:charm-codimd-new
0k:cups_service_alpha
0k:dev
0k:dev1
0k:dhcp
0k:element
0k:etherpad-upd
0k:framadate
0k:get-version
0k:lokavaluto/dev/master
0k:master
0k:matomo
0k:new-mailhog-charms
0k:new-monujo-options
0k:nj-collabra-office
0k:nj-keycloak-17.0
0k:nj-organice-charm
0k:nj-vaulwarden-migrate
0k:ntfy-install
0k:odoo_fix_webhook_url
0k:postgres
0k:test
0k:upd-docker
0k:update-latest-synapse
0k:wip
bgallet:0k/dev/master
bgallet:backup
bgallet:bgallet/mattermost
bgallet:boris/docuseal
bgallet:boris/matomo
bgallet:boris/rallly
bgallet:boris/smtp-extern
bgallet:charm-codimd-new
bgallet:cups_service_alpha
bgallet:dev
bgallet:dev1
bgallet:dhcp
bgallet:discourse
bgallet:element
bgallet:etherpad-upd
bgallet:framadate
bgallet:hedgedoc
bgallet:lokavaluto/dev/master
bgallet:master
bgallet:matomo
bgallet:nanoyaml
bgallet:netdata
bgallet:new-mailhog-charms
bgallet:new-monujo-options
bgallet:nextcloud
bgallet:nj-collabra-office
bgallet:nj-keycloak-17.0
bgallet:nj-organice-charm
bgallet:nj-vaulwarden-migrate
bgallet:odoo_fix_webhook_url
bgallet:postgres
bgallet:rallly
bgallet:test
bgallet:upd
bgallet:upd-docker
bgallet:update-latest-synapse
bgallet:wip
pull from: bgallet:nj-collabra-office
bgallet:0k/dev/master
bgallet:backup
bgallet:bgallet/mattermost
bgallet:boris/docuseal
bgallet:boris/matomo
bgallet:boris/rallly
bgallet:boris/smtp-extern
bgallet:charm-codimd-new
bgallet:cups_service_alpha
bgallet:dev
bgallet:dev1
bgallet:dhcp
bgallet:discourse
bgallet:element
bgallet:etherpad-upd
bgallet:framadate
bgallet:hedgedoc
bgallet:lokavaluto/dev/master
bgallet:master
bgallet:matomo
bgallet:nanoyaml
bgallet:netdata
bgallet:new-mailhog-charms
bgallet:new-monujo-options
bgallet:nextcloud
bgallet:nj-collabra-office
bgallet:nj-keycloak-17.0
bgallet:nj-organice-charm
bgallet:nj-vaulwarden-migrate
bgallet:odoo_fix_webhook_url
bgallet:postgres
bgallet:rallly
bgallet:test
bgallet:upd
bgallet:upd-docker
bgallet:update-latest-synapse
bgallet:wip
0k:0k/dev/master
0k:backup
0k:bgallet/nextcloud
0k:boris/smtp-extern
0k:charm-codimd-new
0k:cups_service_alpha
0k:dev
0k:dev1
0k:dhcp
0k:element
0k:etherpad-upd
0k:framadate
0k:get-version
0k:lokavaluto/dev/master
0k:master
0k:matomo
0k:new-mailhog-charms
0k:new-monujo-options
0k:nj-collabra-office
0k:nj-keycloak-17.0
0k:nj-organice-charm
0k:nj-vaulwarden-migrate
0k:ntfy-install
0k:odoo_fix_webhook_url
0k:postgres
0k:test
0k:upd-docker
0k:update-latest-synapse
0k:wip
6 Commits
master
...
nj-collabr
Author | SHA1 | Message | Date |
---|---|---|---|
default | 06b7c5c999 |
[NEW] add collabraoffice support
|
3 years ago |
Valentin Lab | 8db201ab0f |
new: [mailhog] new charm
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | 2b5935e361 |
chg: [peertube] upgrade to ``v4.1.0``
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | c405bf7512 |
chg: [keycloak] upgrade to version ``17.0.1``
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | 366c2810b3 |
new: [postgres] allow relation options ``encoding``, ``lc-collate``, ``lc-ctype``, ``template``
These options are only used upon creation of the database. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
Valentin Lab | c27b9e6f1c |
new: [monujo] support any section in options to transfer in ``config.json``
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org> |
3 years ago |
16 changed files with 227 additions and 79 deletions
-
2apache/build/Dockerfile
-
31collabraoffice/hooks/init
-
15collabraoffice/hooks/web_proxy-relation-joined
-
23collabraoffice/metadata.yml
-
32keycloak/README.rst
-
12keycloak/build/Dockerfile
-
37keycloak/hooks/post_deploy
-
9keycloak/hooks/postgres_database-relation-joined
-
7keycloak/hooks/web_proxy-relation-joined
-
4keycloak/metadata.yml
-
31mailhog/metadata.yml
-
80monujo/lib/common
-
7peertube/build/Dockerfile
-
2peertube/build/docker-compose.yml
-
11postgres/hooks/postgres_database-relation-joined
-
3postgres/lib/common
@ -0,0 +1,31 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
## Init is run on host |
||||
|
## For now it is run every time the script is launched, but |
||||
|
## it should be launched only once after build. |
||||
|
|
||||
|
## Accessible variables are: |
||||
|
## - SERVICE_NAME Name of current service |
||||
|
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any |
||||
|
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service |
||||
|
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service |
||||
|
|
||||
|
|
||||
|
set -e |
||||
|
|
||||
|
admin_user=$(options-get admin.user 2>&1) || { |
||||
|
admin_user="admin" |
||||
|
} |
||||
|
admin_password=$(options-get admin.password 2>&1) || { |
||||
|
admin_password="admin" |
||||
|
} |
||||
|
|
||||
|
init-config-add "\ |
||||
|
$SERVICE_NAME: |
||||
|
environment: |
||||
|
username: \"$admin_user\" |
||||
|
password: \"$admin_password\" |
||||
|
domain: alusage\\.fr |
||||
|
server_name: share\\.alusage\\.fr |
||||
|
extra_params: --o:ssl.enable=false --o:ssl.termination=true |
||||
|
" |
@ -0,0 +1,15 @@ |
|||||
|
#!/bin/bash |
||||
|
|
||||
|
DOMAIN=$(relation-get domain) || exit 1 |
||||
|
echo "$DOMAIN" |
||||
|
echo "${DOMAIN//./\\.}" |
||||
|
set -e |
||||
|
|
||||
|
## XXXnjeudy need <your-dot-escaped-domain> like share\\.example\\.com |
||||
|
|
||||
|
config-add "\ |
||||
|
services: |
||||
|
$MASTER_BASE_SERVICE_NAME: |
||||
|
cap_add: |
||||
|
- MKNOD |
||||
|
" |
@ -0,0 +1,23 @@ |
|||||
|
# from: https://hub.docker.com/r/collabora/code/tags - https://github.com/CollaboraOnline/online/tree/master/docker |
||||
|
docker-image: collabora/code |
||||
|
#data-resources: |
||||
|
# - /var/www/onlyoffice/Data |
||||
|
#config-resources: |
||||
|
# - /etc/onlyoffice/documentserver |
||||
|
|
||||
|
uses: |
||||
|
|
||||
|
## XXXvlab: public access should NOT be necessary, but seem the only way to make |
||||
|
## it work: https://dev.onlyoffice.org/viewtopic.php?t=19272 |
||||
|
web-proxy: |
||||
|
#constraint: required | recommended | optional |
||||
|
#auto: pair | summon | none ## default: pair |
||||
|
constraint: required |
||||
|
auto: summon |
||||
|
solves: |
||||
|
proxy: "Public access" |
||||
|
default-options: |
||||
|
target: !var-expand ${MASTER_BASE_SERVICE_NAME}:9980 |
||||
|
apache-core-rules: !var-expand | |
||||
|
ProxyPassMatch "/cool/(.*)/ws$" wss://${MASTER_BASE_SERVICE_NAME}:9980/cool/$1/ws nocanon |
||||
|
ProxyPass /cool/adminws wss://${MASTER_BASE_SERVICE_NAME}:9980/cool/adminws |
@ -0,0 +1,32 @@ |
|||||
|
Description |
||||
|
=========== |
||||
|
|
||||
|
Using ``keycloak`` version 17.0 |
||||
|
|
||||
|
|
||||
|
Usage |
||||
|
===== |
||||
|
|
||||
|
To start with ``keycloak``, just put this service in your |
||||
|
``compose.yml``:: |
||||
|
|
||||
|
keycloak: |
||||
|
options: |
||||
|
admin-password: CHANGEME |
||||
|
relations: |
||||
|
web-proxy: |
||||
|
frontend: |
||||
|
domain: id.mydomain.fr |
||||
|
|
||||
|
Customize theme |
||||
|
=============== |
||||
|
|
||||
|
You can customize theme by putting your theme in |
||||
|
``/srv/datastore/data/keycloak/opt/keycloak/themes`` |
||||
|
|
||||
|
For example copy the material folder from |
||||
|
https://github.com/MAXIMUS-DeltaWare/material-keycloak-theme and |
||||
|
restart ``keycloak``. |
||||
|
|
||||
|
Then go to your admin console, log in and go to the realm/themes part |
||||
|
to choose you new theme |
@ -0,0 +1,12 @@ |
|||||
|
FROM docker.0k.io/keycloak:17.0.1 as builder |
||||
|
|
||||
|
ENV KC_METRICS_ENABLED=true |
||||
|
ENV KC_FEATURES=token-exchange |
||||
|
ENV KC_DB=postgres |
||||
|
RUN /opt/keycloak/bin/kc.sh build |
||||
|
|
||||
|
FROM docker.0k.io/keycloak:17.0.0 |
||||
|
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/ |
||||
|
WORKDIR /opt/keycloak |
||||
|
ENV KC_LOG_LEVEL=INFO |
||||
|
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"] |
@ -1,37 +0,0 @@ |
|||||
#!/bin/bash |
|
||||
|
|
||||
## Init is run on host |
|
||||
## For now it is run every time the script is launched, but |
|
||||
## it should be launched only once after build. |
|
||||
|
|
||||
## Accessible variables are: |
|
||||
## - SERVICE_NAME Name of current service |
|
||||
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any |
|
||||
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service |
|
||||
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service |
|
||||
|
|
||||
PASSWORD_SET_CONTROL="$SERVICE_CONFIGSTORE/.password-set-control" |
|
||||
|
|
||||
set -e |
|
||||
|
|
||||
if [ -e "$PASSWORD_SET_CONTROL" ]; then |
|
||||
exit 0 |
|
||||
fi |
|
||||
|
|
||||
containers=($(get_running_containers_for_service "$SERVICE_NAME")) |
|
||||
if [ "${#containers[@]}" == 0 ]; then |
|
||||
err "no containers found for service ${DARKYELLOW}$SERVICE_NAME${NORMAL}" |
|
||||
exit 1 |
|
||||
fi |
|
||||
|
|
||||
## It is not possible at first glance to reset password, so we decided |
|
||||
## to set to admin/admin. This means it is important to change the |
|
||||
## admin password as soon as possible. |
|
||||
|
|
||||
## XXXvlab: taking the first container |
|
||||
container_id="${containers[0]}" |
|
||||
docker exec "$container_id" \ |
|
||||
/opt/jboss/keycloak/bin/add-user-keycloak.sh \ |
|
||||
-u "admin" -p "admin" |
|
||||
docker restart "$container_id" |
|
||||
mkdir -p "${PASSWORD_SET_CONTROL%/*}" && touch "$PASSWORD_SET_CONTROL" |
|
@ -1,11 +1,16 @@ |
|||||
#!/bin/bash |
#!/bin/bash |
||||
|
|
||||
|
DOMAIN=$(relation-get domain) || exit 1 |
||||
|
|
||||
set -e |
set -e |
||||
|
|
||||
config-add "\ |
config-add "\ |
||||
services: |
services: |
||||
$MASTER_BASE_SERVICE_NAME: |
$MASTER_BASE_SERVICE_NAME: |
||||
environment: |
environment: |
||||
PROXY_ADDRESS_FORWARDING: \"true\" |
|
||||
|
KC_HOSTNAME: "$DOMAIN" |
||||
|
KC_PROXY: edge |
||||
|
KC_HTTP_ENABLED: \"true\" |
||||
|
KC_HOSTNAME_STRICT: \"false\" |
||||
" |
" |
||||
|
|
@ -0,0 +1,31 @@ |
|||||
|
docker-image: docker.0k.io/mailhog:1.0.1 ## from: mailhog/mailhog:v1.0.1 |
||||
|
data-resources: |
||||
|
- /home/mailhog |
||||
|
|
||||
|
default-options: |
||||
|
|
||||
|
uses: |
||||
|
web-proxy: |
||||
|
#constraint: required | recommended | optional |
||||
|
#auto: pair | summon | none ## default: pair |
||||
|
constraint: recommended |
||||
|
auto: pair |
||||
|
solves: |
||||
|
proxy: "Public access" |
||||
|
default-options: |
||||
|
target: !var-expand ${MASTER_BASE_SERVICE_NAME}:8025 |
||||
|
backup: |
||||
|
constraint: recommended |
||||
|
auto: pair |
||||
|
solves: |
||||
|
backup: "Automatic regular backup" |
||||
|
default-options: |
||||
|
## First pattern matching wins, no pattern matching includes. |
||||
|
## include-patterns are checked first, then exclude-patterns |
||||
|
## Patterns rules: |
||||
|
## - ending / for directory |
||||
|
## - '*' authorized |
||||
|
## - must start with a '/', will start from $SERVICE_DATASTORE |
||||
|
#exclude-patterns: |
||||
|
# - "/var/lib/odoo/sessions/" |
||||
|
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue