forked from 0k/0k-charms
Browse Source
chg: [nextcloud] change to admin password are supported
chg: [nextcloud] change to admin password are supported
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>0k/dev/master
Valentin Lab
5 years ago
4 changed files with 152 additions and 48 deletions
-
30nextcloud/actions/occ
-
39nextcloud/hooks/init
-
16nextcloud/hooks/postgres_database-relation-joined
-
115nextcloud/lib/common
@ -1,3 +1,118 @@ |
|||||
# -*- mode: shell-script -*- |
# -*- mode: shell-script -*- |
||||
|
|
||||
|
## This place is not accessible from container on purpose: container |
||||
|
## don't need that. This should be stored in /var/lib/compose/ in a |
||||
|
## project, service directory a little like relation data. |
||||
|
PASSWORD_FILE="$SERVICE_CONFIGSTORE/etc/$SERVICE_NAME/pass" |
||||
|
|
||||
|
|
||||
|
has_user() { |
||||
|
local user="$1" |
||||
|
if ! out=$(occ user:info "$user"); then |
||||
|
if [ "$out" == "user not found" ]; then |
||||
|
return 1 |
||||
|
else |
||||
|
if [ -n "$out" ]; then |
||||
|
err "Command 'occ user:info $user' failed with this output:" |
||||
|
echo "$out" | prefix " | " >&2 |
||||
|
else |
||||
|
err "Command 'occ user:info $user' failed with no output." |
||||
|
fi |
||||
|
return 2 |
||||
|
fi |
||||
|
fi |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
|
||||
|
set_admin_user_password() { |
||||
|
local user="$1" password="$2" errlvl |
||||
|
|
||||
|
[ -z "$password" ] && { |
||||
|
err "Refusing to set admin user an empty password." |
||||
|
return 3 |
||||
|
} |
||||
|
|
||||
|
has_user "$user" |
||||
|
errlvl=$? |
||||
|
[[ "$errlvl" -gt 1 ]] && { |
||||
|
err "'has_user $user' failed. Bailing out." |
||||
|
return "$errlvl" |
||||
|
} |
||||
|
if [[ "$errlvl" == 1 ]]; then |
||||
|
info "User $user not found. Creating it in default 'admin' group." |
||||
|
( |
||||
|
occ_docker_run_opts=("-e" "OC_PASS=$password") |
||||
|
occ user:add --group=admin --password-from-env --display-name="$user" "$user" |
||||
|
) || return 1 |
||||
|
else |
||||
|
info "User $user found. Resetting password." |
||||
|
( |
||||
|
occ_docker_run_opts=("-e" "OC_PASS=$password") |
||||
|
occ user:resetpassword "$user" "--password-from-env" |
||||
|
) || { |
||||
|
err "'occ user:resetpassword' failed," \ |
||||
|
"common reason include password too simple." |
||||
|
return 1 |
||||
|
} |
||||
|
fi |
||||
|
## XXXvlab: DRY violation: init does the same thing |
||||
|
mkdir -p "$(dirname "$PASSWORD_FILE")" |
||||
|
p0 "$user" "$password" > "$PASSWORD_FILE" |
||||
|
} |
||||
|
|
||||
|
|
||||
|
get_admin_user_password() { |
||||
|
if [ -e "$PASSWORD_FILE" ]; then |
||||
|
cat "$PASSWORD_FILE" |
||||
|
else |
||||
|
return 1 |
||||
|
fi |
||||
|
} |
||||
|
|
||||
|
|
||||
|
create_occ_if_not_exists() { |
||||
|
|
||||
|
if ! [ -e "$SERVICE_DATASTORE/var/www/html/occ" ]; then |
||||
|
## Here we use a nasty trick to launch only the initialisation |
||||
|
## part of the ``entrypoint.sh``. By setting 'apache' as first |
||||
|
## call argument, we satisfy the big first 'if' condition |
||||
|
## triggering the installation if necessary, and will fail to |
||||
|
## launch any apache |
||||
|
|
||||
|
## Last, we do not want the relation web-proxy to run in this |
||||
|
## bare-minimum nextcloud run AND we will use occ to set some info |
||||
|
## in this very same relation. |
||||
|
|
||||
|
## Note also that ``init`` is required as it sets |
||||
|
## NEXTCLOUD_ADMIN_{USER,PASSWORD} that is required to trigger |
||||
|
## a full installation |
||||
|
|
||||
|
export COMPOSE_IGNORE_ORPHANS=true |
||||
|
compose --debug --without-relation="$SERVICE_NAME":web-proxy run \ |
||||
|
--rm --entrypoint /entrypoint.sh "$SERVICE_NAME" apache >&2 || true |
||||
|
if ! [ -e "$SERVICE_DATASTORE/var/www/html/occ" ]; then |
||||
|
err "Expected last command to create /var/www/html/occ" |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
} |
||||
|
|
||||
|
|
||||
|
occ() { |
||||
|
|
||||
|
create_occ_if_not_exists || return 1 |
||||
|
|
||||
|
## occ.batch will require /var/www/html to be populated ('occ' is |
||||
|
## supposed to exist). For that we need to make sure nextcloud have |
||||
|
## be ran and setup prior to running this next command. |
||||
|
export COMPOSE_IGNORE_ORPHANS=true |
||||
|
compose --debug -q --no-init --no-relations run \ |
||||
|
"${occ_docker_run_opts[@]}" \ |
||||
|
-v "$HOST_CHARM_STORE/${CHARM_REL_PATH#${CHARM_STORE}/}/src/occ.batch:/var/www/html/occ.batch" \ |
||||
|
-T --rm -u www-data "$SERVICE_NAME" /var/www/html/occ.batch "$@" | cat |
||||
|
|
||||
|
return "${PIPESTATUS[0]}" |
||||
|
} |
||||
|
|
||||
|
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue