Automatically configure LDAP and shares

parent 604514a6
......@@ -5,3 +5,6 @@ NC_ADMIN_PASSWORD=verystrongpassword
NC_DOMAIN=your.domain.example.com
ACME_SERVER=172.16.1.50
INSTITUTE_NAME=
FUSS_SERVER_FQDN=my.fuss.bz.it
LDAP_BASE_DN="dc=example,dc=com"
FUSS_AUTHORIZED_GROUP=nextcloud
......@@ -60,9 +60,66 @@ run_as 'php /var/www/html/occ config:system:set skeletondirectory --value /var/w
# Check if ldap has to be configured
if [ -z "$(run_as 'php /var/www/html/occ ldap:show-config')" ]; then
echo Configure LDAP oAuth for FUSS Server
run_as 'php /var/www/html/occ ldap:create-empty-config'
run_as "php /var/www/html/occ ldap:set-config s01 ldapHost 'ldaps://${FUSS_SERVER_FQDN}''"
run_as "php /var/www/html/occ ldap:set-config s01 ldapBase ${LDAP_BASE_DN}"
run_as "php /var/www/html/occ ldap:set-config s01 ldapBaseGroups ${LDAP_BASE_DN}"
run_as "php /var/www/html/occ ldap:set-config s01 ldapBaseUsers ${LDAP_BASE_DN}"
run_as "php /var/www/html/occ ldap:set-config s01 ldapGidNumber gidNumber"
run_as "php /var/www/html/occ ldap:set-config s01 ldapGroupDisplayName cn"
run_as "php /var/www/html/occ ldap:set-config s01 ldapGroupFilter '(&(|(objectclass=posixGroup)))'"
run_as "php /var/www/html/occ ldap:set-config s01 ldapGroupFilterMode 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapLoginFilter '(&(|(objectclass=posixAccount))(uid=%uid))'"
run_as "php /var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass posixGroup"
run_as "php /var/www/html/occ ldap:set-config s01 ldapLoginFilterEmail 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapLoginFilterMode 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapLoginFilterUsername 1"
run_as "php /var/www/html/occ ldap:set-config s01 ldapNestedGroups 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapPort 636"
run_as "php /var/www/html/occ ldap:set-config s01 ldapTLS 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUserAvatarRule default"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUserDisplayName gecos"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUserFilter '(|(objectclass=posixAccount))'"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUserFilterMode 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUserFilterObjectclass posixAccount"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUuidGroupAttribute auto"
run_as "php /var/www/html/occ ldap:set-config s01 ldapUuidUserAttribute auto"
run_as "php /var/www/html/occ ldap:set-config s01 turnOffCertCheck 1"
run_as "php /var/www/html/occ ldap:set-config s01 turnOnPasswordChange 0"
run_as "php /var/www/html/occ ldap:set-config s01 ldapConfigurationActive 1"
fi
# Check if remote share needs to be configured
if [ "No admin mounts configured" = "$(run_as 'php /var/www/html/occ files_external:list')" ]; then
echo Configure remote homes for FUSS Server
cat > /tmp/fe_conf.txt <<EOF
{
"mount_id": 3,
"mount_point": "\/FUSS_home",
"storage": "\\OCA\\Files_External\\Lib\\Storage\\SMB",
"authentication_type": "password::sessioncredentials",
"configuration": {
"host": "${FUSS_SERVER_FQDN}",
"share": "homes",
"root": "",
"domain": "",
"show_hidden": false
},
"options": {
"enable_sharing": false
},
"applicable_users": [],
"applicable_groups": [
"${FUSS_AUTHORIZED_GROUP}"
]
}
EOF
run_as "php /var/www/html/occ files_external:import /tmp/fe_conf.txt"
rm /tmp/fe_conf.txt
fi
# Start cron
/usr/sbin/cron
# Run the server
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment