remove ldap and add sociallogin

This commit is contained in:
Sebastian Hugentobler 2021-08-22 16:44:51 +02:00
parent f566463fe2
commit 3b450ed3f9
Signed by: shu
GPG Key ID: BB32CF3CA052C2F0
3 changed files with 52 additions and 153 deletions

View File

@ -1,103 +1,104 @@
FROM alpine:3.14 AS builder
ENV NC_VERSION=21.0.2
ENV NC_SHA256_SUM=5e5b38109a3485db5fd2d248f24478eabe6c0790ec10b030acbbee207d5511fe
ENV NC_VERSION=22.1.0
ENV NC_SHA256_SUM=4820808f799146853604e1fa27d7f292449018a44dc73bf928a97b02028318ba
RUN wget https://download.nextcloud.com/server/releases/nextcloud-$NC_VERSION.tar.bz2
RUN echo "$NC_SHA256_SUM nextcloud-$NC_VERSION.tar.bz2" | sha256sum -c - || exit 1
RUN mkdir -p /var/lib/nextcloud
RUN tar xjf nextcloud-$NC_VERSION.tar.bz2 -C /var/lib/nextcloud --strip 1
ENV TFA_VERSION=v6.0.0
ENV TFA_SHA256_SUM=29f64c5d825ac6967d514ce0ecadc19f9b4f8f9669019db1ffa96348acbfd820
RUN wget https://github.com/nextcloud/twofactor_totp/releases/download/$TFA_VERSION/twofactor_totp.tar.gz
RUN echo "$TFA_SHA256_SUM twofactor_totp.tar.gz" | sha256sum -c - || exit 1
ENV TFA_VERSION=v6.1.0
ENV TFA_SHA256_SUM=e640d59af3f595ad987cf7bd0e1ce4d043541e5817482a613eacd6b123d0b8ad
RUN wget https://github.com/nextcloud/twofactor_totp/archive/refs/tags/$TFA_VERSION.tar.gz
RUN echo "$TFA_SHA256_SUM $TFA_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/twofactor_totp
RUN tar xzf twofactor_totp.tar.gz -C /var/lib/nextcloud/apps/twofactor_totp --strip 1
RUN tar xzf $TFA_VERSION.tar.gz -C /var/lib/nextcloud/apps/twofactor_totp --strip 1
ENV U2F_VERSION=v6.1.0
ENV U2F_SHA256_SUM=40bd5ccd3560358b0fc8d5ad0e541bc7f7b9229abbc4c55457dc3e9bf2c7c062
RUN wget https://github.com/nextcloud/twofactor_u2f/releases/download/$U2F_VERSION/twofactor_u2f.tar.gz
RUN echo "$U2F_SHA256_SUM twofactor_u2f.tar.gz" | sha256sum -c - || exit 1
ENV U2F_VERSION=v6.2.0
ENV U2F_SHA256_SUM=a52b5513696134b7d4a8d21d24c23c4c49d90dd0a5d8ea68ddca52bc927c22f1
RUN wget https://github.com/nextcloud/twofactor_u2f/archive/refs/tags/$U2F_VERSION.tar.gz
RUN echo "$U2F_SHA256_SUM $U2F_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/twofactor_u2f
RUN tar xzf twofactor_u2f.tar.gz -C /var/lib/nextcloud/apps/twofactor_u2f --strip 1
RUN tar xzf $U2F_VERSION.tar.gz -C /var/lib/nextcloud/apps/twofactor_u2f --strip 1
ENV POLLS_VERSION=2.0.2
ENV POLLS_SHA256_SUM=4b4e734e106d8b413deeb65023b049ee747c0323860493cc7a47f84634cf0d95
ENV POLLS_VERSION=3.1.0
ENV POLLS_SHA256_SUM=16273dc0cd018429f27371ae024c1b0fbd12c16d785dff18dcc2b131a490cbb7
RUN wget https://github.com/nextcloud/polls/releases/download/v$POLLS_VERSION/polls-$POLLS_VERSION.tar.gz
RUN echo "$POLLS_SHA256_SUM polls-$POLLS_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/polls
RUN tar xzf polls-$POLLS_VERSION.tar.gz -C /var/lib/nextcloud/apps/polls --strip 1
ENV CONTACTS_VERSION=v3.5.1
ENV CONTACTS_SHA256_SUM=d83f6af637e436b4e16fcba8c4d4e3b878082a77f4b552738abfe1aad0b0aae7
RUN wget https://github.com/nextcloud/contacts/releases/download/$CONTACTS_VERSION/contacts.tar.gz
RUN echo "$CONTACTS_SHA256_SUM contacts.tar.gz" | sha256sum -c - || exit 1
ENV CONTACTS_VERSION=v4.0.1
ENV CONTACTS_SHA256_SUM=bab5bdec9b0a7cd34c13ca52937326cba993bd9d81126156689ec74a4703756d
RUN wget https://github.com/nextcloud/contacts/archive/refs/tags/$CONTACTS_VERSION.tar.gz
RUN echo "$CONTACTS_SHA256_SUM $CONTACTS_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/contacts
RUN tar xzf contacts.tar.gz -C /var/lib/nextcloud/apps/contacts --strip 1
RUN tar xzf $CONTACTS_VERSION.tar.gz -C /var/lib/nextcloud/apps/contacts --strip 1
ENV CALENDAR_VERSION=v2.2.2
ENV CALENDAR_SHA256_SUM=5080aad2e23179de454885bc27f3911d6c45c48b81d0f3163e9c84c97f00e008
RUN wget https://github.com/nextcloud/calendar/releases/download/$CALENDAR_VERSION/calendar.tar.gz
RUN echo "$CALENDAR_SHA256_SUM calendar.tar.gz" | sha256sum -c - || exit 1
ENV CALENDAR_VERSION=v2.3.2
ENV CALENDAR_SHA256_SUM=1dcadd5a431907a3135aa31837a0c60b01455f84db86b74731454aeda86ee85e
RUN wget https://github.com/nextcloud/calendar/archive/refs/tags/$CALENDAR_VERSION.tar.gz
RUN echo "$CALENDAR_SHA256_SUM $CALENDAR_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/calendar
RUN tar xzf calendar.tar.gz -C /var/lib/nextcloud/apps/calendar --strip 1
RUN tar xzf $CALENDAR_VERSION.tar.gz -C /var/lib/nextcloud/apps/calendar --strip 1
ENV TASKS_VERSION=v0.13.6
ENV TASKS_SHA256_SUM=98bbe7be9e0315af247572da6ef2c6f67ee1387065ca69a56988ee0a77367f11
ENV TASKS_VERSION=v0.14.1
ENV TASKS_SHA256_SUM=0326d6b80d7bddf7f015bff5c75725897b26575300b2c2b15c8710e8f4d20d41
RUN wget https://github.com/nextcloud/tasks/releases/download/$TASKS_VERSION/tasks.tar.gz
RUN echo "$TASKS_SHA256_SUM tasks.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/tasks
RUN tar xzf tasks.tar.gz -C /var/lib/nextcloud/apps/tasks --strip 1
ENV NOTES_VERSION=v4.0.4
ENV NOTES_SHA256_SUM=83c547a1024de1a0d31b9a1b2374124882c9e85ca0bc0c9d8ced0d08db4e0397
ENV NOTES_VERSION=v4.1.1
ENV NOTES_SHA256_SUM=10800e6d42f8d4976cd80247e7fa6a8f61bca8e2fe8d3c14472d4987b38d003d
RUN wget https://github.com/nextcloud/notes/releases/download/$NOTES_VERSION/notes.tar.gz
RUN echo "$NOTES_SHA256_SUM notes.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/notes
RUN tar xzf notes.tar.gz -C /var/lib/nextcloud/apps/notes --strip 1
ENV NEWS_VERSION=15.4.5
ENV NEWS_SHA256_SUM=01564de929fdba032b9de236e46f9b53eac580b205f1789101870758a4a372c6
ENV NEWS_VERSION=16.0.1
ENV NEWS_SHA256_SUM=b2ce381307e91759ff2b95a636afec62851246cd01a705ef22330884d31ef6d2
RUN wget https://github.com/nextcloud/news/releases/download/$NEWS_VERSION/news.tar.gz
RUN echo "$NEWS_SHA256_SUM news.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/news
RUN tar xzf news.tar.gz -C /var/lib/nextcloud/apps/news --strip 1
ENV EMAIL_VERSION=v1.9.5
ENV EMAIL_SHA256_SUM=949089ac8f1cfe4d710091baef43ebdc4941e42f2687971d8dbad801a7117b66
RUN wget https://github.com/nextcloud/mail/releases/download/$EMAIL_VERSION/mail.tar.gz
RUN echo "$EMAIL_SHA256_SUM mail.tar.gz" | sha256sum -c - || exit 1
ENV EMAIL_VERSION=v1.10.3
ENV EMAIL_SHA256_SUM=1d03d78936f04286d03432b26b916fd9a9f94b76169e2402aac42ff9f3c9da96
RUN wget https://github.com/nextcloud/mail/archive/refs/tags/$EMAIL_VERSION.tar.gz
RUN echo "$EMAIL_SHA256_SUM $EMAIL_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/mail
RUN tar xzf mail.tar.gz -C /var/lib/nextcloud/apps/mail --strip 1
RUN tar xzf $EMAIL_VERSION.tar.gz -C /var/lib/nextcloud/apps/mail --strip 1
ENV ELEMENT_VERSION=v0.7.11
ENV ELEMENT_SHA256_SUM=1037a7ceddff2337b96af49e219267bce772082cebe38a526c56bb9ab2d96ad7
RUN wget https://github.com/gary-kim/riotchat/releases/download/$ELEMENT_VERSION/riotchat.tar.gz
RUN echo "$ELEMENT_SHA256_SUM riotchat.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/riotchat
RUN tar xzf riotchat.tar.gz -C /var/lib/nextcloud/apps/riotchat --strip 1
ENV MASTODON_INTEGRATION_VERSION=1.0.0
ENV MASTODON_INTEGRATION_SHA256_SUM=7555d2c5343f3095ddaff9639215e34c6ba7aad0b2ca57926dcab052417bc3e4
ENV MASTODON_INTEGRATION_VERSION=1.0.1
ENV MASTODON_INTEGRATION_SHA256_SUM=fabfd6078be4a0b0cc7066624705cb1781724839a1a0c1a67c6410a3fda0810d
RUN wget https://github.com/nextcloud/integration_mastodon/releases/download/v$MASTODON_INTEGRATION_VERSION/integration_mastodon-$MASTODON_INTEGRATION_VERSION.tar.gz
RUN echo "$MASTODON_INTEGRATION_SHA256_SUM integration_mastodon-$MASTODON_INTEGRATION_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/integration_mastodon
RUN tar xzf integration_mastodon-$MASTODON_INTEGRATION_VERSION.tar.gz -C /var/lib/nextcloud/apps/integration_mastodon --strip 1
ENV GITHUB_INTEGRATION_VERSION=1.0.0
ENV GITHUB_INTEGRATION_SHA256_SUM=1b35808e885d4fac350d44bf842d35245ee731d0e80f54ec5f04a4bf0592e382
ENV GITHUB_INTEGRATION_VERSION=1.0.1
ENV GITHUB_INTEGRATION_SHA256_SUM=4dc38c2d83455cfcd1695c3daeaae5050edfeb8b16c1460140952d652fb156bd
RUN wget https://github.com/nextcloud/integration_github/releases/download/v$GITHUB_INTEGRATION_VERSION/integration_github-$GITHUB_INTEGRATION_VERSION.tar.gz
RUN echo "$GITHUB_INTEGRATION_SHA256_SUM integration_github-$GITHUB_INTEGRATION_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/integration_github
RUN tar xzf integration_github-$GITHUB_INTEGRATION_VERSION.tar.gz -C /var/lib/nextcloud/apps/integration_github --strip 1
ENV GITLAB_INTEGRATION_VERSION=1.0.0
ENV GITLAB_INTEGRATION_SHA256_SUM=a940870f78ee68c1b3ef0767aaf882ee5f863023b459467312058fa61fe11075
ENV GITLAB_INTEGRATION_VERSION=1.0.1
ENV GITLAB_INTEGRATION_SHA256_SUM=569c6b902f72bd3c637397b6419e498a305f3c048533d90de4701777d6c4e7eb
RUN wget https://github.com/nextcloud/integration_gitlab/releases/download/v$GITLAB_INTEGRATION_VERSION/integration_gitlab-$GITLAB_INTEGRATION_VERSION.tar.gz
RUN echo "$GITLAB_INTEGRATION_SHA256_SUM integration_gitlab-$GITLAB_INTEGRATION_VERSION.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/integration_gitlab
RUN tar xzf integration_gitlab-$GITLAB_INTEGRATION_VERSION.tar.gz -C /var/lib/nextcloud/apps/integration_gitlab --strip 1
ENV SOCIAL_LOGIN_VERSION=v4.8.3
ENV SOCIAL_LOGIN_SHA256_SUM=1aee365291749b1126b1c2661877e79e5fe957527090eec1393d97d16f4774f1
RUN wget https://github.com/zorn-v/nextcloud-social-login/releases/download/$SOCIAL_LOGIN_VERSION/release.tar.gz
RUN echo "$SOCIAL_LOGIN_SHA256_SUM release.tar.gz" | sha256sum -c - || exit 1
RUN mkdir /var/lib/nextcloud/apps/sociallogin
RUN tar xzf release.tar.gz -C /var/lib/nextcloud/apps/sociallogin --strip 1
FROM thallian/php8-fpm:latest
COPY --from=builder /var/lib/nextcloud /var/lib/nextcloud
@ -113,7 +114,6 @@ RUN apk add --no-cache \
php8-pecl-apcu \
php8-opcache \
php8-pcntl \
#php7-imagick \
php8-ctype \
php8-curl \
php8-dom \
@ -136,8 +136,7 @@ RUN apk add --no-cache \
php8-intl \
php8-exif \
php8-bcmath \
php8-gmp \
php8-ldap
php8-gmp
RUN chown -R nginx:nginx /var/lib/nextcloud
RUN rm /etc/nginx/http.d/default.conf

View File

@ -1,4 +1,4 @@
[Nextcloud](https://nextcloud.com/) with ldap authentication (needs a postgres database).
[Nextcloud](https://nextcloud.com/) with postgres backend.
Seperately installed apps are not persistent because there is no possibility of
setting the app_path with occ.
@ -71,50 +71,6 @@ Username for SMTP authentication.
## MAIL_SMTP_PASSWORD
Password for SMTP authentication.
## LDAP_HOST
Ldap host.
## LDAP_PORT
- default: 389
Ldap port.
## LDAP_TLS
Whether the ldap connection should use tls.
## LDAP_BIND_USER
Bind DN to use when connecting to the ldap host.
## LDAP_BIND_PASSWORD
Password to use when connecting to the ldap host.
## LDAP_LOGIN_FILTER
Ldap filter to see if a user is allowed to login. `%uid` is replaces with the username.
## LDAP_USER_DISPLAY_NAME
Ldap attribute for the display name.
## LDAP_USER_FILTER
Ldap filter to find valid users.
## LDAP_BASE_DN
Base DN of the ldap host.
## LDAP_BASE_USER_DN
Base DN when searching for users.
## LDAP_BASE_GROUP_DN
Base DN when looking for groups.
## LDAP_GROUP_FILTER
Ldap filter to find valid groups.
## LDAP_EMAIL_ATTRIBUTE
Ldap attribute for the email.
## LDAP_UID_ATTRIBUTE
Ldap attribute for the user id.
## ASSUME_HTTPS
- default: on
The value of `fastcgi_param HTTPS`.

View File

@ -21,7 +21,6 @@ if [ ! -f /var/lib/nextcloud/data/.installed ]; then
fi
s6-setuidgid nginx ./occ config:app:set --value cron core backgroundjobs_mode
s6-setuidgid nginx ./occ app:enable user_ldap
s6-setuidgid nginx ./occ app:enable files_sharing
s6-setuidgid nginx ./occ app:enable text
s6-setuidgid nginx ./occ app:enable files_pdfviewer
@ -38,7 +37,7 @@ s6-setuidgid nginx ./occ app:enable news
s6-setuidgid nginx ./occ app:enable tasks
s6-setuidgid nginx ./occ app:enable notes
s6-setuidgid nginx ./occ app:enable mail
s6-setuidgid nginx ./occ app:enable riotchat
s6-setuidgid nginx ./occ app:enable sociallogin
s6-setuidgid nginx ./occ app:enable integration_mastodon
s6-setuidgid nginx ./occ app:enable integration_github
s6-setuidgid nginx ./occ app:enable integration_gitlab
@ -75,58 +74,3 @@ s6-setuidgid nginx ./occ config:system:set --value "${MAIL_SMTP_PORT:-587}" mail
s6-setuidgid nginx ./occ config:system:set --value "$MAIL_SMTP_NAME" mail_smtpname
s6-setuidgid nginx ./occ config:system:set --value "$MAIL_SMTP_PASSWORD" mail_smtppassword
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BASE_DN" user_ldap ldap_base
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BASE_GROUP_DN" user_ldap ldap_base_groups
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_EMAIL_ATTRIBUTE" user_ldap ldap_email_attr
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_USER_FILTER" user_ldap ldap_userlist_filter
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_LOGIN_FILTER" user_ldap ldap_login_filter
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_TLS" user_ldap ldap_tls
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_HOST" user_ldap ldap_host
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BIND_USER" user_ldap ldap_dn
s6-setuidgid nginx ./occ config:app:set --value "$(php -r 'echo base64_encode(getenv("LDAP_BIND_PASSWORD"));')" user_ldap ldap_agent_password
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_GROUP_FILTER" user_ldap ldap_group_filter
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_USER_DISPLAY_NAME" user_ldap ldap_display_name
s6-setuidgid nginx ./occ config:app:set --value "${LDAP_PORT:-389}" user_ldap ldap_port
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BASE_USER_DN" user_ldap ldap_base_users
s6-setuidgid nginx ./occ config:app:set --value "$LDAP_UID_ATTRIBUTE" user_ldap ldap_expert_username_attr
s6-setuidgid nginx ./occ config:app:set --value "yes" user_ldap enabled
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_host
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_user_display_name_2
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_gid_number
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_userfilter_objectclass
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_userfilter_groups
s6-setuidgid nginx ./occ config:app:set --value "authentication" user_ldap types
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_user_filter_mode
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_group_filter_mode
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_groupfilter_objectclass
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_turn_off_cert_check
s6-setuidgid nginx ./occ config:app:set --value "uniqueMember" user_ldap ldap_group_member_assoc_attribute
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_login_filter_mode
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_loginfilter_email
s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap ldap_loginfilter_username
s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap ldap_loginfilter_attributes
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_quota_attr
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_quota_def
s6-setuidgid nginx ./occ config:app:set --value "600" user_ldap ldap_cache_ttl
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_override_main_server
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_attributes_for_user_search
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_attributes_for_group_search
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_experienced_admin
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap home_folder_naming_rule
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap has_memberof_filter_support
s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap use_memberof_to_detect_membership
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_expert_uuid_user_attr
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_expert_uuid_group_attr
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap last_jpegPhoto_lookup
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_nested_groups
s6-setuidgid nginx ./occ config:app:set --value "500" user_ldap ldap_paging_size
s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_turn_on_pwd_change
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_dynamic_group_member_url
s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_default_ppolicy_dn
s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap ldap_configuration_active