f

2024-05-31 14:38:15 +02:00 · 2024-05-31 14:38:15 +02:00 · f648189d1d
commit f648189d1d
parent 81100b7e6f
3 changed files with 41 additions and 40 deletions
--- a/docker-compose/nextcloud_ldap/docker-compose.yml.j2
+++ b/docker-compose/nextcloud_ldap/docker-compose.yml.j2
@ -147,10 +147,3 @@ volumes:
  db-ldap:
  app-ldap:
  data-ldap:
-
-######## Doku ########
-# Telefonregion
-# docker exec --user www-data nextcloud-app-ldap php occ config:system:set default_phone_region --value="DE"
-# https://help.nextcloud.com/t/nextcloud-wont-load-any-mixed-content/13565/3
-# docker exec --user www-data nextcloud-app-ldap php occ config:system:set overwriteprotocol --value="https"
-# docker exec --user www-data nextcloud-app-ldap php occ config:system:set overwrite.cli.url --value="http://nextcloud.mgrote.net"
--- a/docker-compose/nextcloud_ldap/ldap.sh
+++ b/docker-compose/nextcloud_ldap/ldap.sh
@ -5,45 +5,45 @@
 # lldap_bind_user_pass="{{ lookup('keepass', 'nextcloud_lldap_bind_user_pass', 'password') }}"
 # lldap_bind_user_groups=lldap_strict_readonly

-occ app:install user_ldap
-occ app:enable user_ldap
-occ ldap:create-empty-config
+php occ app:install user_ldap
+php occ app:enable user_ldap
+php occ ldap:create-empty-config

 # EDIT: domain
-occ ldap:set-config s01 ldapHost "ldap://ldap.mgrote.net."
-occ ldap:set-config s01 ldapPort 3890
+php occ ldap:set-config s01 ldapHost "ldap://ldap.mgrote.net."
+php occ ldap:set-config s01 ldapPort 3890
 # EDIT: admin user
-occ ldap:set-config s01 ldapAgentName "uid=nextcloud_bind_user,ou=people,dc=mgrote,dc=net"
+php occ ldap:set-config s01 ldapAgentName "uid=nextcloud_bind_user,ou=people,dc=mgrote,dc=net"
 # EDIT: password
-occ ldap:set-config s01 ldapAgentPassword "{{ lookup('keepass', 'nextcloud_lldap_bind_user_pass', 'password') }}"
+php occ ldap:set-config s01 ldapAgentPassword "{{ lookup('keepass', 'nextcloud_lldap_bind_user_pass', 'password') }}"
 # EDIT: Base DN
-occ ldap:set-config s01 ldapBase "dc=mgrote,dc=net"
-occ ldap:set-config s01 ldapBaseUsers "dc=mgrote,dc=net"
-occ ldap:set-config s01 ldapBaseGroups "dc=mgrote,dc=net"
-occ ldap:set-config s01 ldapConfigurationActive 1
-occ ldap:set-config s01 ldapLoginFilter "(&(objectclass=person)(uid=%uid))"
+php occ ldap:set-config s01 ldapBase "dc=mgrote,dc=net"
+php occ ldap:set-config s01 ldapBaseUsers "dc=mgrote,dc=net"
+php occ ldap:set-config s01 ldapBaseGroups "dc=mgrote,dc=net"
+php occ ldap:set-config s01 ldapConfigurationActive 1
+php occ ldap:set-config s01 ldapLoginFilter "(&(objectclass=person)(uid=%uid))"
 # EDIT: nextcloud group, contains the users who can login to Nextcloud
-occ ldap:set-config s01 ldapUserFilter "(&(objectclass=person)(memberOf=cn=nextcloud,ou=groups,dc=mgrote,dc=net))"
-occ ldap:set-config s01 ldapUserFilterMode 0
-occ ldap:set-config s01 ldapUserFilterObjectclass person
-occ ldap:set-config s01 turnOnPasswordChange 0
-occ ldap:set-config s01 ldapCacheTTL 600
-occ ldap:set-config s01 ldapExperiencedAdmin 0
-occ ldap:set-config s01 ldapGidNumber gidNumber
-occ ldap:set-config s01 ldapGroupMemberAssocAttr uniqueMember
-occ ldap:set-config s01 ldapEmailAttribute "mail"
-occ ldap:set-config s01 ldapLoginFilterEmail 0
-occ ldap:set-config s01 ldapLoginFilterUsername 1
-occ ldap:set-config s01 ldapMatchingRuleInChainState unknown
-occ ldap:set-config s01 ldapNestedGroups 0
-occ ldap:set-config s01 ldapPagingSize 500
-occ ldap:set-config s01 ldapTLS 0
-occ ldap:set-config s01 ldapUserAvatarRule default
-occ ldap:set-config s01 ldapUserDisplayName displayname
-occ ldap:set-config s01 ldapUserFilterMode 1
-occ ldap:set-config s01 ldapUuidGroupAttribute auto
-occ ldap:set-config s01 ldapUuidUserAttribute auto
-occ ldap:set-config s01 ldapExpertUsernameAttr user_id
+php occ ldap:set-config s01 ldapUserFilter "(&(objectclass=person)(memberOf=cn=nextcloud,ou=groups,dc=mgrote,dc=net))"
+php occ ldap:set-config s01 ldapUserFilterMode 0
+php occ ldap:set-config s01 ldapUserFilterObjectclass person
+php occ ldap:set-config s01 turnOnPasswordChange 0
+php occ ldap:set-config s01 ldapCacheTTL 600
+php occ ldap:set-config s01 ldapExperiencedAdmin 0
+php occ ldap:set-config s01 ldapGidNumber gidNumber
+php occ ldap:set-config s01 ldapGroupMemberAssocAttr uniqueMember
+php occ ldap:set-config s01 ldapEmailAttribute "mail"
+php occ ldap:set-config s01 ldapLoginFilterEmail 0
+php occ ldap:set-config s01 ldapLoginFilterUsername 1
+php occ ldap:set-config s01 ldapMatchingRuleInChainState unknown
+php occ ldap:set-config s01 ldapNestedGroups 0
+php occ ldap:set-config s01 ldapPagingSize 500
+php occ ldap:set-config s01 ldapTLS 0
+php occ ldap:set-config s01 ldapUserAvatarRule default
+php occ ldap:set-config s01 ldapUserDisplayName displayname
+php occ ldap:set-config s01 ldapUserFilterMode 1
+php occ ldap:set-config s01 ldapUuidGroupAttribute auto
+php occ ldap:set-config s01 ldapUuidUserAttribute auto
+php occ ldap:set-config s01 ldapExpertUsernameAttr user_id


 # diese script als template und als jinja fur l+oakles ausführenr ein templaten, oder vllt direkt als hook script
--- a/docker-compose/nextcloud_ldap/misc.sh
+++ b/docker-compose/nextcloud_ldap/misc.sh
@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Telefonregion
+php occ config:system:set default_phone_region --value="DE"
+
+# https://help.nextcloud.com/t/nextcloud-wont-load-any-mixed-content/13565/3
+php occ config:system:set overwriteprotocol --value="https"
+php occ config:system:set overwrite.cli.url --value="http://nextcloud.mgrote.net"