mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2025-04-04 00:17:06 +00:00
247 lines
7.5 KiB
Bash
Executable File
247 lines
7.5 KiB
Bash
Executable File
#!/bin/bash
|
|
#####
|
|
##### This file is part of Mail-in-a-Box-LDAP which is released under the
|
|
##### terms of the GNU Affero General Public License as published by the
|
|
##### Free Software Foundation, either version 3 of the License, or (at
|
|
##### your option) any later version. See file LICENSE or go to
|
|
##### https://github.com/downtownallday/mailinabox-ldap for full license
|
|
##### details.
|
|
#####
|
|
|
|
|
|
# setup MiaB-LDAP with a remote Nextcloud running on the same
|
|
# host under Docker exposed as localhost:8000
|
|
#
|
|
# to use:
|
|
# on a fresh Ubuntu:
|
|
# 1. checkout or copy the MiaB-LDAP code to ~/mailinabox
|
|
# 2. cd ~/mailinabox
|
|
# 3. sudo tests/system-setup/remote-nextcloud-docker.sh
|
|
#
|
|
# when complete you should have a working MiaB-LDAP and Nextcloud
|
|
#
|
|
# You can access MiaB-LDAP using your browser to the Ubuntu system in
|
|
# the normal way, (eg: https://<ubuntu-box>/admin).
|
|
#
|
|
# Nextcloud is running under Docker on the ubuntu box, so to access it
|
|
# you'll first need to ssh into the ubuntu box with port-forrwarding
|
|
# enabled.
|
|
#
|
|
# eg: ssh -L 8000:localhost:8000 user@<ubuntu-box>
|
|
#
|
|
# Then, in your browser visit http://localhost:8000/.
|
|
#
|
|
# See setup-defaults.sh for usernames and passwords.
|
|
#
|
|
|
|
|
|
# ensure working directory
|
|
if [ ! -d "tests/system-setup" ]; then
|
|
echo "This script must be run from the MiaB root directory"
|
|
exit 1
|
|
fi
|
|
|
|
# load helper scripts
|
|
. "tests/lib/all.sh" "tests/lib" || die "Could not load lib scripts"
|
|
. "tests/system-setup/setup-defaults.sh" || die "Could not load setup-defaults"
|
|
. "tests/system-setup/setup-funcs.sh" || die "Could not load setup-funcs"
|
|
|
|
# ensure running as root
|
|
if [ "$EUID" != "0" ]; then
|
|
die "This script must be run as root (sudo)"
|
|
fi
|
|
|
|
|
|
|
|
init() {
|
|
H1 "INIT"
|
|
init_test_system
|
|
init_miab_testing "$@" || die "Initialization failed"
|
|
}
|
|
|
|
|
|
install_nextcloud_docker() {
|
|
H1 "INSTALL NEXTCLOUD ON DOCKER"
|
|
|
|
# install Docker
|
|
H2 "Install Docker"
|
|
install_docker || die "Could not install Docker! ($?)"
|
|
|
|
# run Nextcloud docker image
|
|
H2 "Start Nextcloud docker container"
|
|
local container_started="true"
|
|
if [ -z "$(docker ps -f NAME=NC -q)" ]; then
|
|
docker run -d --name NC -p 8000:80 \
|
|
--add-host "$PRIMARY_HOSTNAME:$PRIVATE_IP" \
|
|
--env SQLITE_DATABASE=nextclouddb.sqlite \
|
|
--env NEXTCLOUD_ADMIN_USER="$NC_ADMIN_USER" \
|
|
--env NEXTCLOUD_ADMIN_PASSWORD="$NC_ADMIN_PASSWORD" \
|
|
--env NEXTCLOUD_TRUSTED_DOMAINS="127.0.0.1 ::1" \
|
|
--env NEXTCLOUD_UPDATE=1 \
|
|
--env SMTP_HOST="$PRIMARY_HOSTNAME" \
|
|
--env SMTP_SECURE="tls" \
|
|
--env SMTP_PORT=587 \
|
|
--env SMTP_AUTHTYPE="LOGIN" \
|
|
--env SMTP_NAME="$EMAIL_ADDR" \
|
|
--env SMTP_PASSWORD="$EMAIL_PW" \
|
|
--env SMTP_FROM_ADDRESS="$(email_localpart "$EMAIL_ADDR")" \
|
|
--env MAIL_DOMAIN="$(email_domainpart "$EMAIL_ADDR")" \
|
|
nextcloud:latest \
|
|
|| die "Docker run failed!"
|
|
else
|
|
echo "Container already running"
|
|
container_started="false"
|
|
fi
|
|
|
|
# apt-get update
|
|
H2 "docker: apt-get update"
|
|
docker exec NC apt-get update || die "docker: apt-get update failed"
|
|
|
|
# wait for Nextcloud installation to complete
|
|
H2 "Wait for Nextcloud installation to complete"
|
|
wait_for_docker_nextcloud NC installed || die "Giving up"
|
|
|
|
# install and enable Nextcloud apps
|
|
H2 "docker: install Nextcloud calendar app"
|
|
if ! docker exec -u www-data NC ./occ app:install calendar
|
|
then
|
|
$container_started || die "docker: installing calendar app failed"
|
|
fi
|
|
|
|
H2 "docker: install Nextcloud contacts app"
|
|
if ! docker exec -u www-data NC ./occ app:install contacts
|
|
then
|
|
$container_started || die "docker: installing contacts app failed"
|
|
fi
|
|
|
|
H2 "docker: enable user_ldap"
|
|
docker exec -u www-data NC ./occ app:enable user_ldap \
|
|
|| die "docker: enabling user_ldap failed ($?)"
|
|
|
|
# ldap queries from the container use the container's ip address,
|
|
# not the exposed docker port for nextcloud. the variable
|
|
# NC_HOST_SRC_IP is used by the remote-nextcloud mod to configure
|
|
# the firewall allowing ldap queries to reach slapd from the
|
|
# container
|
|
export NC_HOST_SRC_IP=$(get_container_ip)
|
|
[ $? -ne 0 ] && die "Unable to get docker container IP address"
|
|
}
|
|
|
|
get_container_ip() {
|
|
local id
|
|
id=$(docker ps -aqf "name=NC")
|
|
[ $? -ne 0 ] && return 1
|
|
docker exec NC grep "$id" /etc/hosts | awk '{print $1}'
|
|
}
|
|
|
|
connect_nextcloud_to_miab() {
|
|
#
|
|
# integrate Nextcloud with MiaB-LDAP
|
|
#
|
|
# add MiaB-LDAP's ca_certificate.pem to containers's trusted cert
|
|
# list (because setup/ssl.sh created its own self-signed ca)
|
|
H2 "docker: update trusted CA list"
|
|
docker cp \
|
|
$STORAGE_ROOT/ssl/ca_certificate.pem \
|
|
NC:/usr/local/share/ca-certificates/mailinabox.crt \
|
|
|| die "docker: copy ca_certificate.pem failed"
|
|
docker exec NC update-ca-certificates \
|
|
|| die "docker: update-ca-certificates failed"
|
|
|
|
# execute the script that sets up Nextcloud
|
|
H2 "docker: run connect-nextcloud-to-miab.sh"
|
|
docker cp setup/mods.available/connect-nextcloud-to-miab.sh NC:/tmp \
|
|
|| die "docker: cp connect-nextcloud-to-miab.sh failed"
|
|
docker exec NC /tmp/connect-nextcloud-to-miab.sh \
|
|
. \
|
|
"$NC_ADMIN_USER" \
|
|
"$NC_ADMIN_PASSWORD" \
|
|
"$PRIMARY_HOSTNAME" \
|
|
"$LDAP_NEXTCLOUD_PASSWORD" \
|
|
|| die "docker: error running connect-nextcloud-to-miab.sh"
|
|
}
|
|
|
|
|
|
|
|
do_upgrade() {
|
|
# initialize test system
|
|
init "$@"
|
|
|
|
# we install w/o remote nextcloud first so we can add
|
|
# a user w/contacts and ensure the contact exists in the
|
|
# new system
|
|
disable_miab_mod "remote-nextcloud"
|
|
|
|
# install w/o remote Nextcloud
|
|
miab_ldap_install "$@"
|
|
|
|
# install Nextcloud in a Docker container. exports NC_HOST_SRC_IP.
|
|
install_nextcloud_docker
|
|
|
|
H1 "Enable the remote-nextcloud mod"
|
|
enable_miab_mod "remote-nextcloud" \
|
|
|| die "Could not enable remote-nextcloud mod"
|
|
|
|
# re-run setup (miab_ldap_install) to use the remote Nextcloud
|
|
miab_ldap_install
|
|
|
|
# connect the remote Nextcloud to miab
|
|
H1 "Connect Nextcloud to MiaB-LDAP (configure user_ldap)"
|
|
connect_nextcloud_to_miab
|
|
}
|
|
|
|
|
|
do_default() {
|
|
# initialize test system
|
|
init
|
|
|
|
# install Nextcloud in a Docker container. exports NC_HOST_SRC_IP.
|
|
export PRIVATE_IP=$(source setup/functions.sh; get_default_privateip 4)
|
|
install_nextcloud_docker
|
|
|
|
H1 "Enable remote-nextcloud mod"
|
|
enable_miab_mod "remote-nextcloud" \
|
|
|| die "Could not enable remote-nextcloud mod"
|
|
|
|
# run setup to use the remote Nextcloud (doesn't need to be available)
|
|
miab_ldap_install "$@"
|
|
|
|
# connect the remote Nextcloud to miab
|
|
H1 "Connect Nextcloud to MiaB-LDAP (configure user_ldap)"
|
|
connect_nextcloud_to_miab
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
case "$1" in
|
|
upgrade )
|
|
# Runs this sequence:
|
|
# 1. setup w/o remote nextcloud
|
|
# 2. if an additional argument is given, populate the MiaB
|
|
# installation
|
|
# 3. install a remote nextcloud
|
|
# 4. enable remote-nextcloud mod
|
|
# 5. re-run setup
|
|
#
|
|
|
|
shift
|
|
do_upgrade "$@"
|
|
;;
|
|
|
|
"" | default )
|
|
# Runs this sequence:
|
|
# 1. setup w/remote nextcloud
|
|
# 2. install and connect the remote nextcloud
|
|
do_default
|
|
;;
|
|
|
|
* )
|
|
echo "Unknown option $1"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
|