From 979398e398e45c08bd50dc78b72a63341f5339b8 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 09:05:22 +0200 Subject: [PATCH 01/30] Initial __nextcloud type This type should work, but there are still many things to do here to work nice and well. Things that currently not work (well): - not all parameters work for now - nextcloud installations in subfolders (e.g. slashes in the object id) --- type/__nextcloud/explorer/config | 28 +++ type/__nextcloud/explorer/installdir | 16 ++ type/__nextcloud/explorer/version | 19 ++ type/__nextcloud/explorer/webroot | 34 +++ type/__nextcloud/gencode-remote | 209 ++++++++++++++++++ type/__nextcloud/manifest | 132 +++++++++++ type/__nextcloud/map-conf-changes.sh | 196 ++++++++++++++++ type/__nextcloud/parameter/boolean | 1 + .../parameter/default/database-type | 1 + type/__nextcloud/parameter/default/group | 1 + type/__nextcloud/parameter/default/mode | 1 + type/__nextcloud/parameter/default/user | 1 + type/__nextcloud/parameter/optional | 13 ++ type/__nextcloud/parameter/optional_multiple | 1 + type/__nextcloud/parameter/required | 2 + 15 files changed, 655 insertions(+) create mode 100755 type/__nextcloud/explorer/config create mode 100755 type/__nextcloud/explorer/installdir create mode 100755 type/__nextcloud/explorer/version create mode 100755 type/__nextcloud/explorer/webroot create mode 100755 type/__nextcloud/gencode-remote create mode 100755 type/__nextcloud/manifest create mode 100755 type/__nextcloud/map-conf-changes.sh create mode 100644 type/__nextcloud/parameter/boolean create mode 100644 type/__nextcloud/parameter/default/database-type create mode 100644 type/__nextcloud/parameter/default/group create mode 100644 type/__nextcloud/parameter/default/mode create mode 100644 type/__nextcloud/parameter/default/user create mode 100644 type/__nextcloud/parameter/optional create mode 100644 type/__nextcloud/parameter/optional_multiple create mode 100644 type/__nextcloud/parameter/required diff --git a/type/__nextcloud/explorer/config b/type/__nextcloud/explorer/config new file mode 100755 index 0000000..998264e --- /dev/null +++ b/type/__nextcloud/explorer/config @@ -0,0 +1,28 @@ +#!/bin/sh -e +# __nextcloud/explorer/config + +# Checks the nextcloud configuration + + +# Get the installdir +user="$( cat "$__object/parameter/user" )" +installdir="$( "$__type_explorer/installdir" )" + +# Check if the tools are available +if [ -d "$installdir" ]; then + cd "$installdir" + + # if those files exist, everything should be good + if [ -f "occ" ] && [ -f "config/config.php" ]; then + # dump out config instead of fuzz every possible option through + # `occ config:system:get`. Or parse through the whole json or + # yaml-like output of `occ config:list system --private`. + php -r 'require("lib/private/Config.php"); $config = new OC\Config("config/"); + function printv($key, $value) {printf("%s = %s\n", $key, $value);} + foreach($config->getKeys() as $key){ + $value = $config->getValue($key); + if(is_array($value)) foreach($value as $n => $in) printv($n."|".$key, $in); + else printv($key, $value); + };' + fi +fi diff --git a/type/__nextcloud/explorer/installdir b/type/__nextcloud/explorer/installdir new file mode 100755 index 0000000..7b34f2e --- /dev/null +++ b/type/__nextcloud/explorer/installdir @@ -0,0 +1,16 @@ +#!/bin/sh -e +# __nextcloud/explorer/installdir + +# Detects the directory nextcloud should be installed to. + + +# by parameter or auto-detection +webroot="$( "$__type_explorer/webroot" )" +if [ -z "$webroot" ]; then + echo "no installdir given and no webroot directory found" >&2 + echo "no place to install found; set it via --webroot" >&2 + exit 1 +fi + +# assemble directory with the object id +printf "%s/%s\n" "$webroot" "$__object_id" diff --git a/type/__nextcloud/explorer/version b/type/__nextcloud/explorer/version new file mode 100755 index 0000000..fc79206 --- /dev/null +++ b/type/__nextcloud/explorer/version @@ -0,0 +1,19 @@ +#!/bin/sh -e +# __nextcloud/explorer/version + +# Check the currently installed version. Outputs nothing if nothing found. + + +# Get the install directory +installdir="$( "$__type_explorer/installdir" )" + +# Check if the installation directory exists +if [ -d "$installdir" ]; then + cd "$installdir" + + # if those files exist, everything should be good + if [ -f "occ" ] && [ -f "version.php" ]; then + # detect php version with the version file + php -r 'require("version.php"); print($OC_VersionString);' + fi +fi diff --git a/type/__nextcloud/explorer/webroot b/type/__nextcloud/explorer/webroot new file mode 100755 index 0000000..7eab286 --- /dev/null +++ b/type/__nextcloud/explorer/webroot @@ -0,0 +1,34 @@ +#!/bin/sh -e +# __nextcloud/explorer/webroot + +# Detects the webroot if any + + +# Just check if there is some directory and echo + exit on success +# +# Arguments: +# 1: the directory to check +check_dir() { + if [ -d "$1" ]; then + echo "$1" + exit + fi +} + + +# Check the user choice +parameter="$__object/parameter/webroot" +if [ -f "$parameter" ]; then + cat "$parameter" + exit +fi + +# Maybe checking standard webserver configs .. + +# Check if there are default directories +check_dir "/srv/www" +check_dir "/var/www/html" +check_dir "/var/www" + + +# do nothing if no webroot found diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote new file mode 100755 index 0000000..60d9b42 --- /dev/null +++ b/type/__nextcloud/gencode-remote @@ -0,0 +1,209 @@ +#!/bin/sh -e +# __nextcloud/gencode-remote + +# Install if not installed + +# Legacy: +# curl -sS -L '$nextcloud_uri' | tar xj --strip-components=1 nextcloud/ + + +# Call the nextcloud occ script as the designed user. Maybe this can be a bit +# more effictive with user switching, but currently the easiest way of doing +# it. +# +# All arguments are directly passed to occ (injection alarm ;-) ) +occ() { + # su creates a new shell, so it does not affect the current session + # will not use -q as it supresses errors, too + cat << SHELL +su -s /bin/sh -l "$user" -- -e <> "$__messages_out" + +# Apply some misc to the installation folder. +elif [ "$install" ]; then + cat << REMOTE +chown '$user':'$group' -R '$installdir' +REMOTE +fi + + +# Check if the nextcloud application needs to be installed. +# This checks the state of the configuration, not of the directory. +if ! grep -q -F "installed = 1" "$__object/explorer/config"; then + # argument construction + occ_install_args="" + + # Database + db_setup() { + if ! [ -f "$__object/parameter/db-host" ]; then + echo "no hostname given! can't proceed." >&2 + exit 3 + fi + occ_install_args="$occ_install_args --database '$1'" + occ_install_args="$occ_install_args --database-host '$(cat "$__object/parameter/db-host")'" + + db_name="$__object/parameter/database-name" + if [ -f "$db_name" ]; then + occ_install_args="$occ_install_args --database-name '$(cat "$db_name")'" + fi + db_user="$__object/parameter/database-user" + if [ -f "$db_user" ]; then + occ_install_args="$occ_install_args --database-user '$(cat "$db_user")'" + fi + db_pass="$__object/parameter/database-password" + if [ -f "$db_pass" ]; then + occ_install_args="$occ_install_args --database-pass '$(cat "$db_pass")'" + fi + db_prefix="$__object/parameter/database-prefix" + if [ -f "$db_prefix" ]; then + occ_install_args="$occ_install_args --database-table-prefix '$(cat "$db_prefix")'" + fi + } + + database_type="$(cat "$__object/parameter/database-type")" + case "$database_type" in + sqlite|sqlite3) + occ_install_args="$occ_install_args --database sqlite" + ;; + mysql|mariadb) + db_setup mysql + ;; + pgsql|postgres|postgresql) + db_setup pgsql + ;; + + *) + printf "Database type '%s' is unkown!\n" "" >&2 + exit 3 + ;; + esac + + # Admin stuff + occ_install_args="$occ_install_args --admin-pass '$(cat "$__object/parameter/admin-password")'" + + admin_user="$__object/parameter/admin-user" + if [ -f "$admin_user" ]; then + occ_install_args="$occ_install_args --admin-user '$(cat "$admin_user")'" + fi + admin_email="$__object/parameter/admin-email" + if [ -f "$admin_email" ]; then + occ_install_args="$occ_install_args --admin-email '$(cat "$admin_email")'" + fi + + # Data directory + datadir="$__object/parameter/datadir" + if [ -f "$datadir" ]; then + occ_install_args="$occ_install_args --data-dir '$(cat "$datadir")'" + fi + + + # Execute the install command + occ maintenance:install $occ_install_args + + # send install message + echo installed >> "$__messages_out" +fi + + +# Handle the config +mkdir "$__object/files" +"$__type/map-conf-changes.sh" > "$__object/files/conf-cmds" + +# only print if there are changes listed +if [ -s "$__object/files/conf-cmds" ]; then + # save that we did changes + changes="yes" + + # print change commands incl. the switch of user context + # using -e to abort if the commands failed + printf "su -s /bin/sh -l '%s' -- -e << 'SU'\n" "$user" + printf "cd '%s'\n" "$installdir" + cat "$__object/files/conf-cmds" + printf "SU\n" + + # print a message + echo config >> "$__messages_out" +fi + + +# Check if this is the fist install +if [ "$install" ]; then + # do some convert stuff etc. + + # variable accessible from the last $install if-clause + case "$database_type" in + mysql|mariadb) + # only available for mysql + occ db:convert-mysql-charset + ;; + esac + + occ db:convert-filecache-bigint +fi + +# Disable maintainer mode +if [ "$install" ] || [ "$upgrade" ] || [ "$changes" ]; then + occ maintenance:mode --off +fi diff --git a/type/__nextcloud/manifest b/type/__nextcloud/manifest new file mode 100755 index 0000000..f6b8865 --- /dev/null +++ b/type/__nextcloud/manifest @@ -0,0 +1,132 @@ +#!/bin/sh -e +# __nextcloud/manifest + + +# Version compare function original from __sensible_editor +# +# Arguments: +# 1: version of which $2 should be checked against +# 2: version which should be bigger than or equal with $1 +# +# Return code: +# 0: $1 is bigger than $2 +# 1-n: $1 is smaller than or equal $2 +version_ge() { + printf "%s" "$1" | awk -F '[^0-9.]' -v target="$2" ' + function max(x, y) { return x > y ? x : y } + BEGIN { + getline + nx = split($1, x, ".") + ny = split(target, y, ".") + for (i = 1; i <= max(nx, ny); ++i) { + diff = int(x[i]) - int(y[i]) + if (diff == 0) continue + exit (diff < 0) + } + exit 1 + }'; return $? +} + + +# Check support status +os="$(cat "$__global/explorer/os")" + +case "$os" in + debian|ubuntu) + # PHP main + __package php-cli + # to unpack the package + __package bzip2 + # install misc packages for nextcloud + __package ffmpeg + + # PHP modules + for package in php-gd php-json php-mysql php-curl php-mbstring php-intl \ + php-imagick php-xml php-zip php-bz2 php-bcmath php-gmp + do + require="__package/php-cli" __package $package + done + + # check support database additions (but don't remove junk of old ones) + case "$(cat "$__object/parameter/database-type")" in + sqlite|sqlite3) + __package php-sqlite3 + ;; + mysql|mariadb) + __package php-mysql + ;; + pgsql|postgres|postgresql) + __package php-pgsql + ;; + esac + ;; + + # unkown distro - what to install? + *) + printf "unkown %s, don't know what to install ..\n" "$os" >&2 + echo "checkout the __nextcloud/manifest to contribute a working package list" >&2 + exit 1 + ;; +esac + + +# Get the user and group +mode="$(cat "$__object/parameter/mode")" +user="$(cat "$__object/parameter/user")" +group="$(cat "$__object/parameter/group")" + +# Get the installation directory +webroot="$(cat "$__object/explorer/webroot")" +installdir="$(cat "$__object/explorer/installdir")" + +# Set permissions after the nextcloud installation/upgrade is done +# FIXME maybe less strict if some parameter is not given by the user? +# permissions also partily set via the gencode-remote +require="__nextcloud/$__object_id" __directory "$installdir" \ + --mode "$mode" --owner "$user" --group "$group" + + +# Get version information +version_is="$( cat "$__object/explorer/version" )" +version_should="$( cat "$__object/parameter/version" )" +# The version URI +nextcloud_uri="https://download.nextcloud.com/server/releases/nextcloud-${version_should}.tar.bz2" +nextcloud_sum="${nextcloud_uri}.sha256" + + +# Only check if there is a current installation +if [ "$version_is" ]; then + # Block downgrades as there are may caused from the automatic upgrader + # if the current version is higher than the version that should be installed + if version_ge "$version_is" "$version_should"; then + # it's an error if the current version is higher than the one that should be installed + printf "The current nextcloud version '%s' is higher than the version that should be installed (%s)\n" \ + "$version_is" "$version_should" >&2 + printf "Please bump the nextcloud version to '%s' or higher!\n" "$version_is" >&2 + exit 2 + fi + + # Set destination to a temporary directory + destination="$webroot/.$__object_id" +else + # Set destination to the real destination + destination="$webroot/$__object_id" +fi + +# Upgrade the nextcloud version +if [ "$version_is" != "$version_should" ]; then + updatedir="$( dirname "$installdir" )" + + # Be sure the parent directory exists for installation + __directory "$updatedir" --parents + + require="__directory$updatedir" \ + __download "$updatedir/nextcloud.tar.bz2" \ + --url "$nextcloud_uri" \ + --sum "sha256:$(curl -sS -L "$nextcloud_sum" | awk '{print $1}')" # must be a required parameter?? + + require="__download$updatedir/nextcloud.tar.bz2" \ + __unpack "$updatedir/nextcloud.tar.bz2" \ + --tar-strip 1 \ + --destination "$destination" +fi diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh new file mode 100755 index 0000000..8a00ac6 --- /dev/null +++ b/type/__nextcloud/map-conf-changes.sh @@ -0,0 +1,196 @@ +#!/bin/sh -e +# __nextcloud/map-conf-changes.sh + + +# The environment variable "$install" should be set if nextcloud was installed +# now. This changes the behaviour to not trust gathered values from the +# explorer. + + +# Test if the value exists as given. +# +# Arguments: +# 1: The nextcloud config name +# 2: The value that should be set +# +# Return code: +# 0: value exactly matched +# 1: value not matched or do not exist +testparam() { + # short-circuit after installation; the explorer may not be valid + if [ "$install" ]; then return 1; fi + + if grep -q -F "$1 = $2" "$__object/explorer/config"; then + return 0 + else + return 1 + fi +} + +# Test if the parameter is somehow set. +# +# Arguments: +# 1: The nextcloud config name +# +# Return code: +# 0: param exists +# 1: param not found +paramexist() { + # short-circuit after installation; the explorer may not be valid + if [ "$install" ]; then return 0; fi + + if grep -q "^$1 = " "$__object/explorer/config"; then + return 0 + else + return 1 + fi +} + +# Base for the basic function types. +# +# Arguments: +# 1: cdist type parameter name +# 2: nextcloud config name +# 3: occ printf pattern to set the value +conf_base() { + if [ -f "$__object/parameter/$1" ]; then + value="$(cat "$__object/parameter/$1")" + if ! testparam "$2" "$value"; then + # set it because it does not exist + printf "php occ config:system:$3\n" "$2" "$value" + fi + else + if paramexist "$2"; then + # remove it because it exists + printf "php occ config:system:delete '%s'\n" "$2" + fi + fi +} + +# Set's the cdist parameter value to nextcloud as specific value. +# +# Arguments: +# 1: cdist type parameter name +# 2: nextcloud config name +conf_string() { + conf_base "$1" "$2" "set '%s' --type=string --value='%s'" +} +conf_number() { + conf_base "$1" "$2" "set '%s' --type=integer --value='%s'" +} +conf_decimal() { + conf_base "$1" "$2" "set '%s' --type=double --value='%s'" +} + +# Sets the nextcloud configuration option after a boolean cdist parameter. +# +# Arguments: +# 1: cdist type parameter name +# 2: nextcloud config name +conf_boolean() { + # map parameter to a php boolean (are outputted as 0 or 1) + if [ -f "$__object/parameter/$1" ]; then + testval="1" + value="true" + else + testval="0" + value="false" + fi + + if ! testparam "$2" "$testval"; then + # set it if does not already exist + printf "php occ config:system:set '%s' --type=boolean --value=%s\n" "$2" "$value" + fi +} + +# Corrects the array after all values given by the parameter. Values not given +# to this type will be removed. +# +# Arguments: +# 1: cdist type parameter name +# 2: nextcloud config name +conf_array() { + if [ -f "$__object/parameter/$1" ]; then + # reset array if installation is fresh + if [ "$install" ]; then + # just remove everything, because we don't know it + printf "php occ config:system:delete '%s' || true\n" "$2" + + # counter is zero for sure + counter=0 + + # else, default behaviour of the array + else + # save counter of the next free index + counter=$( awk -v FS=" = " -v name="$2" ' + BEGIN { counter = 0 } + split($1, header, "|") == 2 && header[1] ~ /^[[:digit:]]+$/ && header[2] == name \ + { if(counter < header[1]) counter = header[1] } + END { print counter + 1 } + ' "$__object/explorer/config" + ) + + # create a file which contains all lines not already resolved by this function + _dir="$__object/files/conf-arrays" + mkdir -p "$_dir" + grep "^[[:digit:]]*|$2 = " "$__object/explorer/config" > "$_dir/$2" || true # ignore not found + fi + + # iterate through every value + while read -r value; do + # check every value if he exists + if ! grep -q "^[[:digit:]]*|$2 = $value$" "$__object/explorer/config"; then + # add this value + printf "php occ config:system:set '%s' '%s' --type=string --value='%s'\n" \ + "$2" "$(( counter ))" "$value" + counter=$(( counter + 1 )) + fi + + if [ -z "$install" ]; then + # removes it from the list of unhandled values + grep -v "^[[:digit:]]*|$2 = $value$" "$_dir/$2" > "$_dir/$2_tmp" || true # ignore not found + mv "$_dir/$2_tmp" "$_dir/$2" # because we can't do `cat foo > foo` + fi + done < "$__object/parameter/$1" + + if [ -z "$install" ]; then + # interate through the leftover values + # remove them, as they should not exist (at least can be) + while read -r start equal value; do + # remove those specific elements from the array + printf "php occ config:system:delete '%s' '%s' --error-if-not-exists\n" \ + "$2" "$( printf "%s" "$start" | awk -F'|' '{print $1}' )" + done < "$_dir/$2" + fi + else + # remove everything because we don't know which was set by the user + if paramexist "$2"; then + # remove the whole array + printf "php occ config:system:delete '%s'\n" "$2" + fi + fi +} + +# Set the install variable if nextcloud was not installed before this type. +if ! testparam installed 1; then + install="yes" +fi + + +# Map all parameters + +# Generate the config changes + +# misc +conf_array host trusted_domains + +# Already set via the installer +if [ -z "$install" ]; then + # db + conf_string database-type dbtype + conf_string database-host dbhost # FIXME host included here (takes port also) + conf_string database-name dbname + conf_string database-user dbuser + conf_string database-password dbpassword + conf_string database-prefix dbtableprefix +fi diff --git a/type/__nextcloud/parameter/boolean b/type/__nextcloud/parameter/boolean new file mode 100644 index 0000000..0853f49 --- /dev/null +++ b/type/__nextcloud/parameter/boolean @@ -0,0 +1 @@ +install-only diff --git a/type/__nextcloud/parameter/default/database-type b/type/__nextcloud/parameter/default/database-type new file mode 100644 index 0000000..8b2f60c --- /dev/null +++ b/type/__nextcloud/parameter/default/database-type @@ -0,0 +1 @@ +sqlite3 diff --git a/type/__nextcloud/parameter/default/group b/type/__nextcloud/parameter/default/group new file mode 100644 index 0000000..5bbad18 --- /dev/null +++ b/type/__nextcloud/parameter/default/group @@ -0,0 +1 @@ +www-data diff --git a/type/__nextcloud/parameter/default/mode b/type/__nextcloud/parameter/default/mode new file mode 100644 index 0000000..20610ea --- /dev/null +++ b/type/__nextcloud/parameter/default/mode @@ -0,0 +1 @@ +755 diff --git a/type/__nextcloud/parameter/default/user b/type/__nextcloud/parameter/default/user new file mode 100644 index 0000000..5bbad18 --- /dev/null +++ b/type/__nextcloud/parameter/default/user @@ -0,0 +1 @@ +www-data diff --git a/type/__nextcloud/parameter/optional b/type/__nextcloud/parameter/optional new file mode 100644 index 0000000..cd09af4 --- /dev/null +++ b/type/__nextcloud/parameter/optional @@ -0,0 +1,13 @@ +mode +user +group +webroot +database-type +database-host +database-name +database-user +database-password +database-prefix +admin-user +admin-email +data-directory diff --git a/type/__nextcloud/parameter/optional_multiple b/type/__nextcloud/parameter/optional_multiple new file mode 100644 index 0000000..c70dc2d --- /dev/null +++ b/type/__nextcloud/parameter/optional_multiple @@ -0,0 +1 @@ +host diff --git a/type/__nextcloud/parameter/required b/type/__nextcloud/parameter/required new file mode 100644 index 0000000..3e83467 --- /dev/null +++ b/type/__nextcloud/parameter/required @@ -0,0 +1,2 @@ +version +admin-password From 0a0e4d26b4a6a765c556035725371ee0206a38ab Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 09:31:59 +0200 Subject: [PATCH 02/30] __nextcloud: fix shellcheck Mostly simply because of php inline code .. also because of the argument generation for the installation setup. --- type/__nextcloud/explorer/config | 5 +++-- type/__nextcloud/explorer/version | 3 ++- type/__nextcloud/gencode-remote | 7 +++++-- type/__nextcloud/map-conf-changes.sh | 4 ++++ 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/type/__nextcloud/explorer/config b/type/__nextcloud/explorer/config index 998264e..f97f39d 100755 --- a/type/__nextcloud/explorer/config +++ b/type/__nextcloud/explorer/config @@ -5,7 +5,6 @@ # Get the installdir -user="$( cat "$__object/parameter/user" )" installdir="$( "$__type_explorer/installdir" )" # Check if the tools are available @@ -14,9 +13,11 @@ if [ -d "$installdir" ]; then # if those files exist, everything should be good if [ -f "occ" ] && [ -f "config/config.php" ]; then - # dump out config instead of fuzz every possible option through + # Dump out config instead of fuzz every possible option through # `occ config:system:get`. Or parse through the whole json or # yaml-like output of `occ config:list system --private`. + # + # shellcheck disable=SC2016 # cause of the php inline code php -r 'require("lib/private/Config.php"); $config = new OC\Config("config/"); function printv($key, $value) {printf("%s = %s\n", $key, $value);} foreach($config->getKeys() as $key){ diff --git a/type/__nextcloud/explorer/version b/type/__nextcloud/explorer/version index fc79206..5a75258 100755 --- a/type/__nextcloud/explorer/version +++ b/type/__nextcloud/explorer/version @@ -13,7 +13,8 @@ if [ -d "$installdir" ]; then # if those files exist, everything should be good if [ -f "occ" ] && [ -f "version.php" ]; then - # detect php version with the version file + # Detect php version with the version file. + # shellcheck disable=SC2016 # cause of the php inline code php -r 'require("version.php"); print($OC_VersionString);' fi fi diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 60d9b42..e0317c1 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -91,6 +91,8 @@ fi # Check if the nextcloud application needs to be installed. # This checks the state of the configuration, not of the directory. +# +# shellcheck disable=SC2089 # disabled to write args string if ! grep -q -F "installed = 1" "$__object/explorer/config"; then # argument construction occ_install_args="" @@ -159,8 +161,9 @@ if ! grep -q -F "installed = 1" "$__object/explorer/config"; then fi - # Execute the install command - occ maintenance:install $occ_install_args + # Execute the install command. + # generated parameters will be splited in the remote shell + occ maintenance:install "$occ_install_args" # send install message echo installed >> "$__messages_out" diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index 8a00ac6..f107f5f 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -57,6 +57,7 @@ conf_base() { value="$(cat "$__object/parameter/$1")" if ! testparam "$2" "$value"; then # set it because it does not exist + # shellcheck disable=SC2059 # $3 contains patterns printf "php occ config:system:$3\n" "$2" "$value" fi else @@ -122,6 +123,7 @@ conf_array() { # else, default behaviour of the array else # save counter of the next free index + # shellcheck disable=SC1004 # the \ is required for awk counter=$( awk -v FS=" = " -v name="$2" ' BEGIN { counter = 0 } split($1, header, "|") == 2 && header[1] ~ /^[[:digit:]]+$/ && header[2] == name \ @@ -156,6 +158,8 @@ conf_array() { if [ -z "$install" ]; then # interate through the leftover values # remove them, as they should not exist (at least can be) + # + # shellcheck disable=SC2034 # $equal left for readability while read -r start equal value; do # remove those specific elements from the array printf "php occ config:system:delete '%s' '%s' --error-if-not-exists\n" \ From 3db4dcc6eab1b8f676f01a32c4bcde2d03685b34 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 11:58:16 +0200 Subject: [PATCH 03/30] __nextcloud: add --data-directory to config --- type/__nextcloud/gencode-remote | 2 +- type/__nextcloud/map-conf-changes.sh | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index e0317c1..9da3b86 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -155,7 +155,7 @@ if ! grep -q -F "installed = 1" "$__object/explorer/config"; then fi # Data directory - datadir="$__object/parameter/datadir" + datadir="$__object/parameter/data-directory" if [ -f "$datadir" ]; then occ_install_args="$occ_install_args --data-dir '$(cat "$datadir")'" fi diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index f107f5f..ddda9c8 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -197,4 +197,7 @@ if [ -z "$install" ]; then conf_string database-user dbuser conf_string database-password dbpassword conf_string database-prefix dbtableprefix + + # data-dir + conf_string data-directory datadirectory fi From ea58f98ecb76e366eb8b01925f89b283596d9d4d Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 13:36:26 +0200 Subject: [PATCH 04/30] __nextcloud: added initial manpage Still somehow a draft .. --- type/__nextcloud/man.rst | 173 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 173 insertions(+) create mode 100644 type/__nextcloud/man.rst diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst new file mode 100644 index 0000000..96d8eac --- /dev/null +++ b/type/__nextcloud/man.rst @@ -0,0 +1,173 @@ +cdist-type__nextcloud(7) +======================== + +NAME +---- +cdist-type__nextcloud - Installs and manages a nextcloud instance + + +DESCRIPTION +----------- +This type installs, upgrades and configure a nextcloud instance. + +It installs the application in the webspace based on the object id as relative +path from the webroot. If you want to install it directly in the webroot, you +must trick out this type by setting the webroot as parent directory. + + +REQUIRED PARAMETERS +------------------- +version + The version that should be installed. If it is already installed and the + installed version lower, it will upgrade nextcloud if ``--install-only`` is + not set. + + The type will never downgrade a nextcloud instance. Rather, it will fail, + as this is a missconfiguration. Downgrades are not recommended and + supported by upstream. Such cases can happen if the nextcloud instance was + upgraded via the built-in nextcloud installer. In such cases, it is + recommended to use the ``--install-only`` option. + +admin-password + The administrator password to access the nextcloud instance. Must be given + in plain text. + + +OPTIONAL PARAMETERS +------------------- +webroot + The webroot which will be used as basis for the installation. This may be + already detected by an explorer. Must be an absolute path (starting with a + slash). + +mode + Sets the unix file mode of the nextcloud directory. This is not inherited + to child files or folders. Defaults to `755`. + +user + The user which owns the complete nextcloud directory. The php application + should be executed with this user. All nextcloud commands will be executed + with this user. This type will not create the unix user. + + The type assumes the default `www-data` user, which is common on Debian + systems. **If you change this option, please do the same with the group + parameter!** + +group + The group all files and folders of the nextcloud installation should have. + Defaults to `www-data`. Should be changed with ``--user``. + + +BOOLEAN PARAMETERS +------------------ +install-only + Skips all nextcloud upgrades done by this type. Should be used when + nextcloud upgrades are (*exclusively*) done via the built-in updater. + + +NEXTCLOUD CONFIG PARAMETERS +--------------------------- +host + All hostnames where the the users can log into nextcloud. If you access + nextcloud via a hostname not given to this list, the access fails. This + parameter can be set multiple times. + +admin-user + The username of the administrative user which will be created while the + installation. This parameter has no effect if nextcloud will not be + installed. + +admin-email + The email address of the administrative user. This parameter has no effect + if nextcloud will not be installed. + +database-type + Sets the type of database that should be used as backend. Possible backends + are: + + SQLite + Use ``sqlite`` or ``sqlite3``. Saves everything in a database file + stored in the data directory. It is only recommended for very small + installations or test environments from upstream. + + *All further database options are ignored if SQLite is selected as + database backend.* + + MariaDB + Use ``mysql`` or ``mariadb``. MariaDB and MySQL are threated the same + way. They are the recommended database backends recommended from + upstream. + + PostgreSQL + Use ``pgsql``, ``postgres`` or ``postgresql``. + + **This parameter defaults to the SQLite database backend, as it is the + simplest one to setup and do not require extra parameters.** + +database-host + The database host to connect to. Possible are hostnames, ip addresses or + UNIX sockets. UNIX sockets must set in the format of + ``localhost:/path/to/socket``. If an non-standard port is used, set it + after the hostname or ip address seperated by an colon (``:``). + +database-name + The name of the database to connect to. + +database-user + The username to access the database. + +database-password + The password required to authorize the given user. + +database-prefix + The table prefix used by nextcloud. If nothing set, it defaults to + ``oc_``. + + +WEBROOT DETECTION +----------------- +TBA. + + +MESSAGES +-------- +installed + Nextcloud was successfully installed. + +upgraded $old to $new + The nextcloud version was upgraded from `$old` to `$new`. + +configured + Nextcloud configuration was changed. + + +ABORTS +------ +Aborts in the following cases: + +The current installed version is greather than the version that should be +installed. See the parameter description of `--version` for detailed +information. The problem can be fixed by bumping the version value to at least +the version that is currently installed or use the parameter `--install-only`. + +The type aborts if there is no webroot given as parameter and no could be +detected by the type itself. Please set the webroot via `--webroot` or extend +this type. + + +EXAMPLES +-------- +TBA. + + +AUTHORS +------- +Matthias Stecher + + +COPYRIGHT +--------- +Copyright \(C) 2020 Matthias Stecher. You can redistribute it +and/or modify it under the terms of the GNU General Public License as +published by the Free Software Foundation, either version 3 of the +License, or (at your option) any later version. From b6f4da7692e5b13bdc8f5990189b4ff2fe88b1b4 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 15:39:54 +0200 Subject: [PATCH 05/30] __nextcloud: completly respect --install-only parameter This commit changes the manifest to do not check for too low versions and does not download and unpack a tarball if available if the parameter --install-only is set. This should make it useable now. Also, a short message change to match the manual. --- type/__nextcloud/gencode-remote | 2 +- type/__nextcloud/manifest | 34 +++++++++++++++++++-------------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 9da3b86..0a68a02 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -187,7 +187,7 @@ if [ -s "$__object/files/conf-cmds" ]; then printf "SU\n" # print a message - echo config >> "$__messages_out" + echo configured >> "$__messages_out" fi diff --git a/type/__nextcloud/manifest b/type/__nextcloud/manifest index f6b8865..2d89f01 100755 --- a/type/__nextcloud/manifest +++ b/type/__nextcloud/manifest @@ -94,27 +94,33 @@ nextcloud_uri="https://download.nextcloud.com/server/releases/nextcloud-${versio nextcloud_sum="${nextcloud_uri}.sha256" -# Only check if there is a current installation +# Check if there is a current installation. It depends where the upstream +# tarball should be unpacked (directly or moved in a later stage). if [ "$version_is" ]; then - # Block downgrades as there are may caused from the automatic upgrader - # if the current version is higher than the version that should be installed - if version_ge "$version_is" "$version_should"; then - # it's an error if the current version is higher than the one that should be installed - printf "The current nextcloud version '%s' is higher than the version that should be installed (%s)\n" \ - "$version_is" "$version_should" >&2 - printf "Please bump the nextcloud version to '%s' or higher!\n" "$version_is" >&2 - exit 2 - fi + # Only set and check the version if a upgrade is allowed. + # if this block will be skipped, no upgrade will be done + if ! [ -f "$__object/parameter/install-only" ]; then + # Block downgrades as there are may caused from the automatic upgrader + # if the current version is higher than the version that should be installed + if version_ge "$version_is" "$version_should"; then + # it's an error if the current version is higher than the one that should be installed + printf "The current nextcloud version '%s' is higher than the version that should be installed (%s)\n" \ + "$version_is" "$version_should" >&2 + printf "Please bump the nextcloud version to '%s' or higher!\n" "$version_is" >&2 + exit 2 + fi - # Set destination to a temporary directory - destination="$webroot/.$__object_id" + # Set destination to a temporary directory + destination="$webroot/.$__object_id" + fi else # Set destination to the real destination destination="$webroot/$__object_id" fi -# Upgrade the nextcloud version -if [ "$version_is" != "$version_should" ]; then +# Install/Upgrade the nextcloud version if there is a destination set. +# it checks if it is necessary and intended to upgrade +if [ "$destination" ] && [ "$version_is" != "$version_should" ]; then updatedir="$( dirname "$installdir" )" # Be sure the parent directory exists for installation From f5c988c0f2f614001d39c52f44193b6ce853cd3a Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 16:46:19 +0200 Subject: [PATCH 06/30] __nextcloud: make some db parameters mandatory Some database parameters are required if the type is `mysql` or `pgsql`. Also, the variants of the parameter --database-type decreased to those that work with the configuration, as it is directly mapped to the parameter. The functions in `map-conf-changes.sh` where extended to support the conditional mandatory argument to throw an error if this parameter is set. --- type/__nextcloud/gencode-remote | 37 ++++++++++--------- type/__nextcloud/man.rst | 23 +++++++----- type/__nextcloud/map-conf-changes.sh | 55 +++++++++++++++++++++------- 3 files changed, 75 insertions(+), 40 deletions(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 0a68a02..9ffbc4a 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -97,27 +97,28 @@ if ! grep -q -F "installed = 1" "$__object/explorer/config"; then # argument construction occ_install_args="" - # Database + # Error function if value not found + die_err() { + echo "parameter not found but required; can't continue!!" >&2 + exit 1 + } + # Database setup for mysql and pgsql db_setup() { if ! [ -f "$__object/parameter/db-host" ]; then echo "no hostname given! can't proceed." >&2 exit 3 fi occ_install_args="$occ_install_args --database '$1'" - occ_install_args="$occ_install_args --database-host '$(cat "$__object/parameter/db-host")'" - db_name="$__object/parameter/database-name" - if [ -f "$db_name" ]; then - occ_install_args="$occ_install_args --database-name '$(cat "$db_name")'" - fi - db_user="$__object/parameter/database-user" - if [ -f "$db_user" ]; then - occ_install_args="$occ_install_args --database-user '$(cat "$db_user")'" - fi - db_pass="$__object/parameter/database-password" - if [ -f "$db_pass" ]; then - occ_install_args="$occ_install_args --database-pass '$(cat "$db_pass")'" + db_host="$__object/parameter/database-host" + if [ -f "$db_host" ]; then + occ_install_args="$occ_install_args --database-host '$(cat "$db_host")'" fi + + occ_install_args="$occ_install_args --database-name '$(cat "$__object/parameter/database-name" || die_err)'" + occ_install_args="$occ_install_args --database-user '$(cat "$__object/parameter/database-user" || die_err)'" + occ_install_args="$occ_install_args --database-pass '$(cat "$__object/parameter/database-password" || die_err)'" + db_prefix="$__object/parameter/database-prefix" if [ -f "$db_prefix" ]; then occ_install_args="$occ_install_args --database-table-prefix '$(cat "$db_prefix")'" @@ -126,18 +127,18 @@ if ! grep -q -F "installed = 1" "$__object/explorer/config"; then database_type="$(cat "$__object/parameter/database-type")" case "$database_type" in - sqlite|sqlite3) + sqlite3) occ_install_args="$occ_install_args --database sqlite" ;; - mysql|mariadb) + mysql) db_setup mysql ;; - pgsql|postgres|postgresql) + pgsql) db_setup pgsql ;; *) - printf "Database type '%s' is unkown!\n" "" >&2 + printf "Database type '%s' is unkown!\n" "$database_type" >&2 exit 3 ;; esac @@ -197,7 +198,7 @@ if [ "$install" ]; then # variable accessible from the last $install if-clause case "$database_type" in - mysql|mariadb) + mysql) # only available for mysql occ db:convert-mysql-charset ;; diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index 96d8eac..e958a82 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -74,8 +74,8 @@ host admin-user The username of the administrative user which will be created while the - installation. This parameter has no effect if nextcloud will not be - installed. + installation. If not set, nextcloud defaults to "admin". This parameter has + no effect if nextcloud will not be installed. admin-email The email address of the administrative user. This parameter has no effect @@ -86,7 +86,7 @@ database-type are: SQLite - Use ``sqlite`` or ``sqlite3``. Saves everything in a database file + Use ``sqlite3`` as value. Saves everything in a database file stored in the data directory. It is only recommended for very small installations or test environments from upstream. @@ -94,12 +94,12 @@ database-type database backend.* MariaDB - Use ``mysql`` or ``mariadb``. MariaDB and MySQL are threated the same + Use ``mysql`` as value. MariaDB and MySQL are threated the same way. They are the recommended database backends recommended from upstream. PostgreSQL - Use ``pgsql``, ``postgres`` or ``postgresql``. + Use ``pgsql`` as value. **This parameter defaults to the SQLite database backend, as it is the simplest one to setup and do not require extra parameters.** @@ -110,17 +110,22 @@ database-host ``localhost:/path/to/socket``. If an non-standard port is used, set it after the hostname or ip address seperated by an colon (``:``). + If this value is not set, nextcloud defaults to the value ``localhost``. + database-name - The name of the database to connect to. + The name of the database to connect to. Required if MariaDB or PostgreSQL + is used. database-user - The username to access the database. + The username to access the database. Required if MariaDB or PostgreSQL is + used. database-password - The password required to authorize the given user. + The password required to authorize the given user. Required if MariaDB or + PostgreSQL is used. database-prefix - The table prefix used by nextcloud. If nothing set, it defaults to + The table prefix used by nextcloud. If nothing set, nextcloud defaults to ``oc_``. diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index ddda9c8..791edc7 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -51,16 +51,23 @@ paramexist() { # Arguments: # 1: cdist type parameter name # 2: nextcloud config name -# 3: occ printf pattern to set the value +# 3: conditially mandatory argument, value "required" if true +# 4: occ printf pattern to set the value conf_base() { if [ -f "$__object/parameter/$1" ]; then value="$(cat "$__object/parameter/$1")" if ! testparam "$2" "$value"; then # set it because it does not exist - # shellcheck disable=SC2059 # $3 contains patterns - printf "php occ config:system:$3\n" "$2" "$value" + # shellcheck disable=SC2059 # $4 contains patterns + printf "php occ config:system:$4\n" "$2" "$value" fi else + if [ "$3" = "required" ]; then + # error because the parameter should be set + printf "Parameter '%s' not set by user, but required!\n" "$1" >&2 + exit 4 + fi + if paramexist "$2"; then # remove it because it exists printf "php occ config:system:delete '%s'\n" "$2" @@ -73,14 +80,15 @@ conf_base() { # Arguments: # 1: cdist type parameter name # 2: nextcloud config name +# 3: conditional mandatory of this parameter; value "required" if true conf_string() { - conf_base "$1" "$2" "set '%s' --type=string --value='%s'" + conf_base "$1" "$2" "$3" "set '%s' --type=string --value='%s'" } conf_number() { - conf_base "$1" "$2" "set '%s' --type=integer --value='%s'" + conf_base "$1" "$2" "$3" "set '%s' --type=integer --value='%s'" } conf_decimal() { - conf_base "$1" "$2" "set '%s' --type=double --value='%s'" + conf_base "$1" "$2" "$3" "set '%s' --type=double --value='%s'" } # Sets the nextcloud configuration option after a boolean cdist parameter. @@ -110,6 +118,7 @@ conf_boolean() { # Arguments: # 1: cdist type parameter name # 2: nextcloud config name +# 3: conditional mandatory of this parameter; value "required" if true conf_array() { if [ -f "$__object/parameter/$1" ]; then # reset array if installation is fresh @@ -167,6 +176,12 @@ conf_array() { done < "$_dir/$2" fi else + if [ "$3" = "required" ]; then + # error because the parameter should be set + printf "Parameter '%s' not set by user, but required!\n" "$1" >&2 + exit 4 + fi + # remove everything because we don't know which was set by the user if paramexist "$2"; then # remove the whole array @@ -190,13 +205,27 @@ conf_array host trusted_domains # Already set via the installer if [ -z "$install" ]; then - # db - conf_string database-type dbtype - conf_string database-host dbhost # FIXME host included here (takes port also) - conf_string database-name dbname - conf_string database-user dbuser - conf_string database-password dbpassword - conf_string database-prefix dbtableprefix + # database + database_type="$(cat "$__object/parameter/database-type")" + case "$database_type" in + sqlite3) + conf_string database-type dbtype + ;; + + mysql|pgsql) + conf_string database-type dbtype + conf_string database-host dbhost + conf_string database-name dbname required + conf_string database-user dbuser required + conf_string database-password dbpassword required + conf_string database-prefix dbtableprefix + ;; + + *) + printf "Databasetype '%s' is unkown!\n" "$database_type" >&2 + exit 3 + ;; + esac # data-dir conf_string data-directory datadirectory From 3bda4cf0c8f556be659d0e0d0cf72bf1ee06e673 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 17:29:38 +0200 Subject: [PATCH 07/30] __nextcloud: respect installer default values To do not override default values from the nextcloud installer script, they are accepted as default values if the user did not set any value. --- type/__nextcloud/map-conf-changes.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index 791edc7..7d11728 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -53,9 +53,10 @@ paramexist() { # 2: nextcloud config name # 3: conditially mandatory argument, value "required" if true # 4: occ printf pattern to set the value +# 5: "installation" default value, can be used to backup the user value conf_base() { - if [ -f "$__object/parameter/$1" ]; then - value="$(cat "$__object/parameter/$1")" + if [ -f "$__object/parameter/$1" ] || [ "$5" ]; then + value="$(cat "$__object/parameter/$1" || printf "%s" "$5")" if ! testparam "$2" "$value"; then # set it because it does not exist # shellcheck disable=SC2059 # $4 contains patterns @@ -81,14 +82,15 @@ conf_base() { # 1: cdist type parameter name # 2: nextcloud config name # 3: conditional mandatory of this parameter; value "required" if true +# 4: default value; will be used if parameter is absent conf_string() { - conf_base "$1" "$2" "$3" "set '%s' --type=string --value='%s'" + conf_base "$1" "$2" "$3" "$4" "set '%s' --type=string --value='%s'" } conf_number() { - conf_base "$1" "$2" "$3" "set '%s' --type=integer --value='%s'" + conf_base "$1" "$2" "$3" "$4" "set '%s' --type=integer --value='%s'" } conf_decimal() { - conf_base "$1" "$2" "$3" "set '%s' --type=double --value='%s'" + conf_base "$1" "$2" "$3" "$4" "set '%s' --type=double --value='%s'" } # Sets the nextcloud configuration option after a boolean cdist parameter. @@ -96,6 +98,7 @@ conf_decimal() { # Arguments: # 1: cdist type parameter name # 2: nextcloud config name +# FIXME default value required for booleans? conf_boolean() { # map parameter to a php boolean (are outputted as 0 or 1) if [ -f "$__object/parameter/$1" ]; then @@ -119,6 +122,7 @@ conf_boolean() { # 1: cdist type parameter name # 2: nextcloud config name # 3: conditional mandatory of this parameter; value "required" if true +# FIXME currently no default value due to complexity of arrays conf_array() { if [ -f "$__object/parameter/$1" ]; then # reset array if installation is fresh @@ -204,6 +208,7 @@ fi conf_array host trusted_domains # Already set via the installer +# set default values from the nextcloud installer to do not override them if [ -z "$install" ]; then # database database_type="$(cat "$__object/parameter/database-type")" @@ -214,7 +219,7 @@ if [ -z "$install" ]; then mysql|pgsql) conf_string database-type dbtype - conf_string database-host dbhost + conf_string database-host dbhost installdef "localhost" conf_string database-name dbname required conf_string database-user dbuser required conf_string database-password dbpassword required @@ -228,5 +233,5 @@ if [ -z "$install" ]; then esac # data-dir - conf_string data-directory datadirectory + conf_string data-directory datadirectory installdef "$(cat "$__object/explorer/installdir")/$__object_id/data" fi From facb204749d47468e544e81649313079a713e004 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 24 Oct 2020 21:09:35 +0200 Subject: [PATCH 08/30] __nextcloud: move data directory if destination changes The type now handles the case when the data directory will be moved to an other location. To this, adjustment to the "maintainer mode" on setting and the manpage. --- type/__nextcloud/gencode-remote | 54 ++++++++++++++++++++++++++-- type/__nextcloud/man.rst | 14 ++++++++ type/__nextcloud/map-conf-changes.sh | 10 +++--- 3 files changed, 70 insertions(+), 8 deletions(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 9ffbc4a..38024a6 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -22,6 +22,28 @@ SU SHELL } +# Turn the maintainer mode on, but print it only once at all. +# +# No arguments. +occ_maintainer_mode_on() { + # Check if this was not already done + if [ "$_maintainer_mode_on" != "yes" ]; then + occ maintenance:mode --on + _maintainer_mode_on="yes" + fi +} + +# Print the value of the given configuration. +# +# Arguments: +# 1: the nextcloud configuration name +getparam() { + awk -v FS=" = " -v name="$1" ' + function ntostring(n) { ret=""; for(i=n; i<=NF; i++) ret=ret $i (i/dev/null || printf "%s/data" "$installdir")" + +# Move if they should be moved. Avoid false positives if $data_old is empty +if [ "$data_old" ] && [ "$data_old" != "$data_new" ]; then + # save that we did changes + changes="yes" + occ_maintainer_mode_on + + # Change the configuration variable and then move the folder. This order is + # important if SQLite is used, but the config already corrupted if it can + # not be moved. + occ config:system:set datadirectory --type=string --value "'$data_new'" + cat << REMOTE +rm -rf '$data_new' +mkdir -p '$(dirname "$data_new")' # if the parent not exists +mv '$data_old' '$data_new' + +REMOTE +fi + +# Print configured message if changes where done to the configuration +if [ "$changes" ]; then echo configured >> "$__messages_out" fi @@ -208,6 +256,6 @@ if [ "$install" ]; then fi # Disable maintainer mode -if [ "$install" ] || [ "$upgrade" ] || [ "$changes" ]; then +if [ "$_maintainer_mode_on" = "yes" ]; then occ maintenance:mode --off fi diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index e958a82..2bff614 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -81,6 +81,15 @@ admin-email The email address of the administrative user. This parameter has no effect if nextcloud will not be installed. +data-directory + This will set or change the data directory where nextcloud will keep all + its data, including the SQLite database if any. By default, it will be + saved in the ``data`` directory below the nextcloud directory. + + If this directory change, this type will move the old location to the new + one to preserve all data. This is not supported by upstream, as some apps + may not handle this. + database-type Sets the type of database that should be used as backend. Possible backends are: @@ -159,6 +168,11 @@ The type aborts if there is no webroot given as parameter and no could be detected by the type itself. Please set the webroot via `--webroot` or extend this type. +It may abort if the data directory can not be moved correctly. Then, the +nextcloud configuration is broken and must be resolved manually: Move the data +directory to the correct location or change the configuration to point to the +old destination and retry. + EXAMPLES -------- diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index 7d11728..caea3bd 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -84,13 +84,13 @@ conf_base() { # 3: conditional mandatory of this parameter; value "required" if true # 4: default value; will be used if parameter is absent conf_string() { - conf_base "$1" "$2" "$3" "$4" "set '%s' --type=string --value='%s'" + conf_base "$1" "$2" "$3" "set '%s' --type=string --value='%s'" "$4" } conf_number() { - conf_base "$1" "$2" "$3" "$4" "set '%s' --type=integer --value='%s'" + conf_base "$1" "$2" "$3" "set '%s' --type=integer --value='%s'" "$4" } conf_decimal() { - conf_base "$1" "$2" "$3" "$4" "set '%s' --type=double --value='%s'" + conf_base "$1" "$2" "$3" "set '%s' --type=double --value='%s'" "$4" } # Sets the nextcloud configuration option after a boolean cdist parameter. @@ -232,6 +232,6 @@ if [ -z "$install" ]; then ;; esac - # data-dir - conf_string data-directory datadirectory installdef "$(cat "$__object/explorer/installdir")/$__object_id/data" + # data-dir is handled in the gencode-remote + #conf_string data-directory datadirectory installdef "$(cat "$__object/explorer/installdir")/$__object_id/data" fi From 809ad7aa9d63ca7d21375874660fe56385938bfc Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 25 Oct 2020 14:55:11 +0100 Subject: [PATCH 09/30] __nextcloud: migrate if the database type change This adds a migration progess if the database type changes automaticly. --- type/__nextcloud/man.rst | 16 +++++- type/__nextcloud/map-conf-changes.sh | 81 +++++++++++++++++++++++++--- 2 files changed, 89 insertions(+), 8 deletions(-) diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index 2bff614..2a6ec9d 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -113,13 +113,22 @@ database-type **This parameter defaults to the SQLite database backend, as it is the simplest one to setup and do not require extra parameters.** + If this parameter change, the type will migrate to the new database type. + It will not work for SQLite because the upstream migration script does not + support it. **Be aware that migrations take there time, plan at minimum + 40 seconds of migration for a stock installation.** + database-host The database host to connect to. Possible are hostnames, ip addresses or UNIX sockets. UNIX sockets must set in the format of ``localhost:/path/to/socket``. If an non-standard port is used, set it - after the hostname or ip address seperated by an colon (``:``). + after the hostname or ip address seperated by an colon (``:``). If this + value is not set, nextcloud defaults to the value ``localhost``. - If this value is not set, nextcloud defaults to the value ``localhost``. + This type will not migrate data if the type does not change. You must do + this manually by setting the maintainer mode (to avoid data changes) and + then cloning the database to the new destination. After that, run cdist to + apply the config changes. It should automaticly remove the maintainer mode. database-name The name of the database to connect to. Required if MariaDB or PostgreSQL @@ -173,6 +182,9 @@ nextcloud configuration is broken and must be resolved manually: Move the data directory to the correct location or change the configuration to point to the old destination and retry. +It aborts if it should migrate to a SQLite database. This will be done before +the upstream migration script is executed, as it would throw the same error. + EXAMPLES -------- diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index caea3bd..3c98c3b 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -7,6 +7,21 @@ # explorer. +# Print the value of the given configuration. +# +# Arguments: +# 1: the nextcloud configuration name +# +# Returns with a unsuccessful return code if no parameter found. +getparam() { + awk -v FS=" = " -v name="$1" ' + function ntostring(n) { ret=""; for(i=n; i<=NF; i++) ret=ret $i (i/dev/null || printf "localhost")" + database_name="$(cat "$__object/parameter/database-name")" + database_user="$(cat "$__object/parameter/database-user")" + database_pass="$(cat "$__object/parameter/database-password")" + + # Extract the port from the host + # this is required for pgsql, but mysql can do it itself, too + if printf "%s" "$database_host" | grep -q ":[[:digit:]]\+$"; then + # extract the last part, which is the port number + database_port="${database_host##*:}" + else + # set default port because the tool can not do this for pgsql + case "$database_type" in + mysql) + database_port=3306 + ;; + pgsql) + database_port=5432 + ;; + esac + fi + + # print out the correct command + printf "php occ db:convert-type --no-interaction --no-ansi --clear-schema --all-apps \ + '%s' '%s' --password '%s' '%s' --port '%u' '%s'\n" \ + "$database_type" "$database_user" "$database_pass" "$database_host" "$database_port" "$database_name" +} + + # Set the install variable if nextcloud was not installed before this type. if ! testparam installed 1; then install="yes" @@ -210,19 +263,35 @@ conf_array host trusted_domains # Already set via the installer # set default values from the nextcloud installer to do not override them if [ -z "$install" ]; then - # database + # Database to check if the type changed + # use the current type if no old type found to match instead of migrate database_type="$(cat "$__object/parameter/database-type")" + old_db_type="$(getparam dbtype || printf "%s" "$database_type")" + case "$database_type" in sqlite3) + if [ "$old_db_type" != "sqlite3" ]; then + echo "Migrating to a SQLite database is not supported by upstream!" >&2 + echo "Do it manually or reinstall nextcloud .." >&2 + exit 1 + fi conf_string database-type dbtype ;; mysql|pgsql) - conf_string database-type dbtype - conf_string database-host dbhost installdef "localhost" - conf_string database-name dbname required - conf_string database-user dbuser required - conf_string database-password dbpassword required + if [ "$old_db_type" != "$database_type" ]; then + # the migration will change all database parameters itself + migrate_db "$database_type" + else + # no change of dbtype cause it will cause a migration + conf_string database-host dbhost installdef "localhost" + conf_string database-name dbname required + conf_string database-user dbuser required + conf_string database-password dbpassword required + fi + + # It may not be a good idea to change this parameter, but do what + # the user want to do. conf_string database-prefix dbtableprefix ;; From 77b530eefb59d844eaf45fc0998cb35d58802e74 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 25 Oct 2020 18:57:02 +0100 Subject: [PATCH 10/30] __nextcloud: update manpage Added webroot detection, examples and notes. Should be complete now. --- type/__nextcloud/man.rst | 69 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 67 insertions(+), 2 deletions(-) diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index 2a6ec9d..ba4d8c4 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -149,7 +149,14 @@ database-prefix WEBROOT DETECTION ----------------- -TBA. +As the `object id` is the install path relatively from the webroot, it must be +known somehow. Therefor, it will try to detect a good location for it. You can +set a custom webroot via the `--webroot` parameter. As default, following +directories will be checked if they exist to be the webroot: + +1. ``/srv/www/`` +2. ``/var/www/html/`` +3. ``/var/www/`` MESSAGES @@ -185,10 +192,68 @@ old destination and retry. It aborts if it should migrate to a SQLite database. This will be done before the upstream migration script is executed, as it would throw the same error. +The explorers will abort if they found a valid nextcloud installation, but no +installed `php`. Currently, this is intended behaviour, because it can not +safely get the current nextcloud version, also do not get the nextcloud +configuration. For more information, see the *NOTES section*. + EXAMPLES -------- -TBA. + +.. code-block:: sh + + # minimal nextcloud installation with sqlite and other defaults + # please only use sqlite for minimal or test installations as recommend :) + __nextcloud nextcloud --version 20.0.0 --admin-password "iaminsecure" \ + --host localhost --host nextcloud + + # more extensive configuration + __nextcloud cloud --version 20.0.0 --admin-password "iaminsecure" \ + --host localhost --host nextcloud --host 192.168.1.67 \ + --data-directory /var/lib/nextcloud/what \ + --database-type mysql --database-host "localhost" --database-name "nextcloud" \ + --database-user "test" --database-password "not-a-good-password" + + # install it in the webroot /var/www/html + __nextcloud html --version 20.0.0 --admin-password "notthatsecure" \ + --webroot "/var/www" --host localhost + + +NOTES +----- +This cdist type does not cover all configuration options that nextcloud offer. +If you need more configuration options for nextcloud, you are welcome to extend +this type and contribute it upstream! + +- `Nextcloud configuration reference + `_ + +Database migration is only partly supported if the database will be changed to +``mysql` or ``pgsql``, because it is supported by an upstream script. You are +welcome to extend this type for database migrations between the same database +type. For an implementation, you may use shell utilites like ``mysqldump(1)`` +(be aware that this may not already be installed) or use the already installed +php code to migrate. + +The type will abort if a valid nextcloud directory already exists in the +explorer execution, but no `php` exists to explore the setup. Therefor, the +manifest could not install `php` yet. This is not the case for a new +installation, as there does not exist a nextcloud directory with a valid +structure. While some code could be skipped and the other replaced with `awk` +with something like +``awk '$1 == "$OC_VersionString" {gsub(/['\'';]/, "", $3); print $3}' version.php``, +it is not handled for the following cases: + +1. This case should not happen very often. +2. Maybe because of ``libapache2-mod-php`` or ``php-fpm``, `php` already + exists for the cli. +3. While the `awk` replacement for the version is just a bit worser, it would + bring stable results, while it would be more difficult to dump out the + configuration without custom `php` or the help from ``php occ``. Therefor, + it would make false assumptions like it want to install nextcloud again, + do not delete configuration options and set all available nextcloud options + that are available through this type. AUTHORS From b368102bd58fd40ba9850ec866667019d3e5e5f3 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 25 Oct 2020 20:29:57 +0100 Subject: [PATCH 11/30] __nextcloud: misc adjustments Mostly to the manpage, but some minor fixes, too. --- type/__nextcloud/gencode-remote | 2 +- type/__nextcloud/man.rst | 13 ++++++++++++- type/__nextcloud/map-conf-changes.sh | 2 ++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 38024a6..1850dd0 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -17,7 +17,7 @@ occ() { # will not use -q as it supresses errors, too cat << SHELL su -s /bin/sh -l "$user" -- -e <`_ or from the `GitHub Releases + `_ page. The type will + download the tarball over the official nextcloud website. + The type will never downgrade a nextcloud instance. Rather, it will fail, as this is a missconfiguration. Downgrades are not recommended and supported by upstream. Such cases can happen if the nextcloud instance was @@ -255,13 +260,19 @@ it is not handled for the following cases: do not delete configuration options and set all available nextcloud options that are available through this type. +If the nextcloud installation does not work and you stuck in a plaintext error +screen, try to restart your Apache WWW server first! This type will install all +php dependencies, but there are not recognised by the server-internal php +environment. This can happen after a database migration between different +database types, as it installs the database module only when it is required. + AUTHORS ------- Matthias Stecher -COPYRIGHT +COPYING --------- Copyright \(C) 2020 Matthias Stecher. You can redistribute it and/or modify it under the terms of the GNU General Public License as diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index 3c98c3b..caad3bd 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -230,6 +230,7 @@ migrate_db() { database_port="${database_host##*:}" else # set default port because the tool can not do this for pgsql + # it looks like mysql get struggles, too case "$database_type" in mysql) database_port=3306 @@ -244,6 +245,7 @@ migrate_db() { printf "php occ db:convert-type --no-interaction --no-ansi --clear-schema --all-apps \ '%s' '%s' --password '%s' '%s' --port '%u' '%s'\n" \ "$database_type" "$database_user" "$database_pass" "$database_host" "$database_port" "$database_name" + printf "php occ maintenance:mode --on\n" # was disabled by database convertion } From 072ca3772047549bfb435ba521ef1d4677d0dc27 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Mon, 26 Oct 2020 19:19:49 +0100 Subject: [PATCH 12/30] __nextcloud: stricter check configuration values This now checks the configuration value exactly and does not say there are equal if just the end of the string differs. Resulting from this, it will run code the next run if the default port was in a database migration. This was fixed by instantly correct this configuration value. --- type/__nextcloud/map-conf-changes.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index caad3bd..5855761 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -35,7 +35,7 @@ testparam() { # short-circuit after installation; the explorer may not be valid if [ "$install" ]; then return 1; fi - if grep -q -F "$1 = $2" "$__object/explorer/config"; then + if grep -q -Fx "$1 = $2" "$__object/explorer/config"; then return 0 else return 1 @@ -113,7 +113,6 @@ conf_decimal() { # Arguments: # 1: cdist type parameter name # 2: nextcloud config name -# FIXME default value required for booleans? conf_boolean() { # map parameter to a php boolean (are outputted as 0 or 1) if [ -f "$__object/parameter/$1" ]; then @@ -239,6 +238,10 @@ migrate_db() { database_port=5432 ;; esac + + # Correct this value to the value set by the parameter + # this will prevent codegen in the run after the migration + correct_standard_port="yes" fi # print out the correct command @@ -246,6 +249,11 @@ migrate_db() { '%s' '%s' --password '%s' '%s' --port '%u' '%s'\n" \ "$database_type" "$database_user" "$database_pass" "$database_host" "$database_port" "$database_name" printf "php occ maintenance:mode --on\n" # was disabled by database convertion + + # Correct the database host value if it was not correctly set by the migration script + if [ "$correct_standard_port" = "yes" ]; then + printf "php occ config:system:set '%s' --type=string --value '%s'\n" "dbhost" "$database_host" + fi } From b0ed6b2f18f3b9ed4a25468eaaa71fa7b0f0c67d Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Fri, 30 Oct 2020 19:14:24 +0100 Subject: [PATCH 13/30] Initial __nextcloud_user type This type setup and updates a nextcloud user account. Currently not finished yet, but should work in all cases. --- type/__nextcloud_user/explorer/password | 49 ++++ type/__nextcloud_user/explorer/user | 39 +++ type/__nextcloud_user/gencode-remote | 239 ++++++++++++++++++ type/__nextcloud_user/parameter/default/state | 1 + .../parameter/default/www-user | 1 + type/__nextcloud_user/parameter/optional | 7 + .../parameter/optional_multiple | 1 + type/__nextcloud_user/parameter/required | 1 + 8 files changed, 338 insertions(+) create mode 100755 type/__nextcloud_user/explorer/password create mode 100755 type/__nextcloud_user/explorer/user create mode 100644 type/__nextcloud_user/gencode-remote create mode 100644 type/__nextcloud_user/parameter/default/state create mode 100644 type/__nextcloud_user/parameter/default/www-user create mode 100644 type/__nextcloud_user/parameter/optional create mode 100644 type/__nextcloud_user/parameter/optional_multiple create mode 100644 type/__nextcloud_user/parameter/required diff --git a/type/__nextcloud_user/explorer/password b/type/__nextcloud_user/explorer/password new file mode 100755 index 0000000..88260ec --- /dev/null +++ b/type/__nextcloud_user/explorer/password @@ -0,0 +1,49 @@ +#!/bin/sh +# __nextcloud/explorer/password + +# Checks if the given password is working by hacking somehow into the nextcloud +# php libary. +# +# Outputs: +# - "noop" if no password given as parameter +# - "matched" if the given parameter matched the password +# - "mismatched" if the given parameter did not matched +# - "" if no nextcloud directory could be detected + + +# Check if the password exists, else this is nonsense +password="$__object/parameter/password" +if [ -f "$password" ]; then + password="$(cat "$password")" +else + # no password to compare - it's managed by someone other + echo noop + exit +fi + +# Get parameters +user="$__object/parameter/user" +if [ -f "$user" ]; then + user="$(cat "$user")" +else + user="$__object_id" +fi +cloud="$(cat "$__object/parameter/cloud")" +www_user="$(cat "$__object/parameter/www-user")" + + + +# Check if there exists the installation +if [ -d "$cloud" ]; then + # if those files exist, everything should be good + if [ -f "$cloud/occ" ] && [ -f "$cloud/config/config.php" ]; then + # Output the information from the custom php + # change the user to be on the safe side if something is written + su -s /bin/sh -l "$www_user" -- -e <getUserSession()->getManager()->checkPasswordNoLogging("$user", getenv("pw")) ? "matched" : "mismatched");' +SU + fi +fi diff --git a/type/__nextcloud_user/explorer/user b/type/__nextcloud_user/explorer/user new file mode 100755 index 0000000..ab97a1f --- /dev/null +++ b/type/__nextcloud_user/explorer/user @@ -0,0 +1,39 @@ +#!/bin/sh -e +# __nextcloud_user/explorer/user + +# Outputs the raw nextcloud command output of the given user + + +# Parameters +user="$__object/parameter/user" +if [ -f "$user" ]; then + user="$(cat "$user")" +else + user="$__object_id" +fi +cloud="$(cat "$__object/parameter/cloud")" +www_user="$(cat "$__object/parameter/www-user")" + + +# Check if there exists the installation +if [ -d "$cloud" ]; then + # if those files exist, everything should be good + if [ -f "$cloud/occ" ] && [ -f "$cloud/config/config.php" ]; then + # Content could be gathered through php code directly, too. This can + # be done if more parameters are required than user:info will output + # or if there will be too much fuzz in the output. + + # Output the information of the user + # type will abort if explorer is empty, not if occ aborts + su -s /bin/sh -l "$www_user" -- -e <getUserSession()->getManager()->userExists("$user") ? 0 : 1);' +then + php occ --no-interaction --no-ansi --output=plain user:info '$user' +fi +SU + fi +fi diff --git a/type/__nextcloud_user/gencode-remote b/type/__nextcloud_user/gencode-remote new file mode 100644 index 0000000..f5cdaf5 --- /dev/null +++ b/type/__nextcloud_user/gencode-remote @@ -0,0 +1,239 @@ +#!/bin/sh -e +# __nextcloud_user/gencode-remote + + +# Call the nextcloud occ script as the designed user. Maybe this can be a bit +# more effictive with user switching, but currently the easiest way of doing +# it. +# +# All arguments are directly passed to occ (injection alarm ;-) ) +occ() { + # su creates a new shell, so it does not affect the current session + # will not use -q as it supresses errors, too + cat << SHELL +su -s /bin/sh -l "$www_user" -- -e <<'SU' +cd '$cloud' && php occ --no-interaction --no-ansi $@ +SU +SHELL +} + +# Creates the output for the nextcloud command to create a user. Takes all +# required parameters from existing variables. +occ_create() { + cat <> "$__messages_out" + else + occ_create + echo created >> "$__messages_out" + fi + ;; + + disabled) + if [ "$state_is" = "absent" ]; then + occ_create + echo created >> "$__messages_out" + fi + + occ user:disable "'$user'" + echo disabled >> "$__messages_out" + ;; + + present) + if [ "$state_is" = "absent" ]; then + occ_create + echo created >> "$__messages_out" + fi + # else, everything is ok + ;; + + absent) + occ user:delete "'$user'" + echo removed >> "$__messages_out" + ;; + esac +fi + + +# Check if some user configuration should be changed +# do not run this code if the user will be created in the previous code +if [ "$state_should" != "absent" ] && [ "$occ_created" != "yes" ]; then + # Check if the display name is correct if someone is set + if [ -f "$__object/parameter/displayname" ]; then + displayname="$(cat "$__object/parameter/displayname")" + if ! match_param display_name "$displayname"; then + cat <getUserSession()->getManager()->get("$user")->setDisplayName("$displayname") + or die("Couldn'\''t modify $user display name! Maybe unsupported or already set ..".PHP_EOL);' +SU +SHELL + fi + fi + + # Check if the email address is correct + if [ -f "$__object/parameter/email" ]; then + email="$(cat "$__object/parameter/email")" + if ! match_param email "$email"; then + occ user:setting -- "'$user'" settings email "'$email'" + fi + else + # remove if it doesn't exist + if ! match_param email ""; then + occ user:setting --delete -- "'$user'" settings email + fi + fi + + # Check state of the password + # explorer handles missing passwords already + if [ "$(cat "$__object/explorer/password")" = "mismatched" ]; then + cat < "$__object/files/explorer_groups" + + # Add/Remove groups not set via the parameter + if [ -s "$__object/parameter/group" ]; then + # Get all groups to remove + grep -Fxv -f "$__object/parameter/group" \ + "$__object/files/explorer_groups" > "$__object/files/group.del" || true + # Get all groups to add + grep -Fxv -f "$__object/files/explorer_groups" \ + "$__object/parameter/group" > "$__object/files/group.add" || true + + # No user groups at all if nothing wanted by the user + else + # remove all groups to stay inline with the user parameter + cp "$__object/files/explorer_groups" "$__object/files/group.del" + fi + + # Remove all groups not exist anymore + if [ -s "$__object/files/group.del" ]; then + while read -r GROUP; do + cat <getGroupManager()->get("$GROUP"); + \$user = \\OC::\$server->getUserSession()->getManager()->get("$user"); + if (\$group === NULL || \$user === NULL) + die("Can'\''t delete $user from group $GROUP! User or group doesn'\''t exist in nextcloud!".PHP_EOL); + \$group->removeUser(\$user);' +SU +SHELL + done < "$__object/files/group.del" + fi + + # Add all existing groups + if [ -s "$__object/files/group.add" ]; then + while read -r GROUP; do + cat <getGroupManager()->get("$GROUP"); + \$user = \\OC::\$server->getUserSession()->getManager()->get("$user"); + if (\$group === NULL || \$user === NULL) + die("Can'\''t delete $user from group $GROUP! User or group doesn'\''t exist in nextcloud!".PHP_EOL); + \$group->addUser(\$user);' +SU +SHELL + done < "$__object/files/group.add" + fi +fi diff --git a/type/__nextcloud_user/parameter/default/state b/type/__nextcloud_user/parameter/default/state new file mode 100644 index 0000000..e7f6134 --- /dev/null +++ b/type/__nextcloud_user/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/type/__nextcloud_user/parameter/default/www-user b/type/__nextcloud_user/parameter/default/www-user new file mode 100644 index 0000000..5bbad18 --- /dev/null +++ b/type/__nextcloud_user/parameter/default/www-user @@ -0,0 +1 @@ +www-data diff --git a/type/__nextcloud_user/parameter/optional b/type/__nextcloud_user/parameter/optional new file mode 100644 index 0000000..aaf31d0 --- /dev/null +++ b/type/__nextcloud_user/parameter/optional @@ -0,0 +1,7 @@ +user +www-user +state +displayname +email +password +quota diff --git a/type/__nextcloud_user/parameter/optional_multiple b/type/__nextcloud_user/parameter/optional_multiple new file mode 100644 index 0000000..3a60cce --- /dev/null +++ b/type/__nextcloud_user/parameter/optional_multiple @@ -0,0 +1 @@ +group diff --git a/type/__nextcloud_user/parameter/required b/type/__nextcloud_user/parameter/required new file mode 100644 index 0000000..c3de202 --- /dev/null +++ b/type/__nextcloud_user/parameter/required @@ -0,0 +1 @@ +cloud From 1e1df1016d102a1eda3b809030026e5867b8a9d8 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Fri, 30 Oct 2020 20:01:53 +0100 Subject: [PATCH 14/30] __nextcloud_user: add manpage --- type/__nextcloud_user/man.rst | 99 +++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 type/__nextcloud_user/man.rst diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst new file mode 100644 index 0000000..3a51a98 --- /dev/null +++ b/type/__nextcloud_user/man.rst @@ -0,0 +1,99 @@ +cdist-type__nextcloud_user(7) +============================= + +NAME +---- +cdist-type__nextcloud_user - Setup a Nextcloud user + + +DESCRIPTION +----------- +It manages a single Nextcloud user given by the object id or parameter `--user`. + + +REQUIRED PARAMETERS +------------------- +cloud + The absolute path of the Nextcloud installation. + + +OPTIONAL PARAMETERS +------------------- +state + The state the user should be in. Can be the following: + + present *(default)* + The user exists. + + enabled + The user exists and is enabled. + + disabled + The user exists and is disabled. + + absent + The user does not exist. + +user + Takes the uid of the Nextcloud user which will be handled by this type. If + this is not set, the object id will be taken instead. + +www-user + The unix user which will be used to execute Nextcloud related stuff. You + should always use the same user for all Nextcloud interactions, for the + webserver and cli execution. As default, `www-data` will be used. + +displayname + The display name the user should have. + +email + The email address of the Nextcloud user. + +password + The password of the Nextcloud user. + +quota + TBA. + +group + Multiple group names which the Nextcloud user belongs to. If not set, the + user will be removed from every group he is in. + + +MESSAGES +-------- +created + The user as created. + +enabled + The user already exists and was enabled. + +disabled + The user already exists and was disabled. + +removed + The user was removed. + + +EXAMPLES +-------- +TBA. + + +SEE ALSO +-------- +:strong:`cdist-type__nextcloud`\ (7) +:string:`cdist-type__nextcloud_app`\ (7) + + +AUTHORS +------- +Matthias Stecher + + +COPYING +------- +Copyright \(C) 2020 Matthias Stecher. +You can redistribute it and/or modify it under the terms of the GNU +General Public License as published by the Free Software Foundation, +either version 3 of the License, or (at your option) any later version. From 635f03f527140a69a4caeb7091f9ae0cfc91de76 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Fri, 30 Oct 2020 20:08:32 +0100 Subject: [PATCH 15/30] __nextcloud_user: use `occ group:` commands Instead of the self-tinkered php code, the correct occ command is used now. --- type/__nextcloud_user/gencode-remote | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/type/__nextcloud_user/gencode-remote b/type/__nextcloud_user/gencode-remote index f5cdaf5..f5b0bc4 100644 --- a/type/__nextcloud_user/gencode-remote +++ b/type/__nextcloud_user/gencode-remote @@ -206,34 +206,14 @@ SHELL # Remove all groups not exist anymore if [ -s "$__object/files/group.del" ]; then while read -r GROUP; do - cat <getGroupManager()->get("$GROUP"); - \$user = \\OC::\$server->getUserSession()->getManager()->get("$user"); - if (\$group === NULL || \$user === NULL) - die("Can'\''t delete $user from group $GROUP! User or group doesn'\''t exist in nextcloud!".PHP_EOL); - \$group->removeUser(\$user);' -SU -SHELL + occ group:removeuser "'$GROUP'" "'$user'" done < "$__object/files/group.del" fi # Add all existing groups if [ -s "$__object/files/group.add" ]; then while read -r GROUP; do - cat <getGroupManager()->get("$GROUP"); - \$user = \\OC::\$server->getUserSession()->getManager()->get("$user"); - if (\$group === NULL || \$user === NULL) - die("Can'\''t delete $user from group $GROUP! User or group doesn'\''t exist in nextcloud!".PHP_EOL); - \$group->addUser(\$user);' -SU -SHELL + occ group:adduser "'$GROUP'" "'$user'" done < "$__object/files/group.add" fi fi From 82283d0b1cb9fb3a002a0add3dde3d6f7bcb479e Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 31 Oct 2020 09:47:38 +0100 Subject: [PATCH 16/30] __nextcloud_user: new parameters to prevent changes to the user This adds new parameters `--only-setup` and `--keep-*` to prevent certain parameters to be changed in Nextcloud. This will not apply to the setup. --- type/__nextcloud_user/gencode-remote | 125 +++++++++++++----------- type/__nextcloud_user/man.rst | 52 +++++++++- type/__nextcloud_user/parameter/boolean | 6 ++ 3 files changed, 125 insertions(+), 58 deletions(-) create mode 100644 type/__nextcloud_user/parameter/boolean diff --git a/type/__nextcloud_user/gencode-remote b/type/__nextcloud_user/gencode-remote index f5b0bc4..dd0c715 100644 --- a/type/__nextcloud_user/gencode-remote +++ b/type/__nextcloud_user/gencode-remote @@ -52,7 +52,7 @@ SHELL fi # save that use user will be created and no further steps are required - occ_created="yes" + ignore_config="yes" } # Checks if the key-value exists on the remote side. Only matches first-level @@ -136,84 +136,99 @@ if [ "$state_is" != "$state_should" ]; then esac fi +# Check if the user should not be modified further from the initial setup. +if [ -f "$__object/parameter/only-setup" ]; then + ignore_config="yes" +fi + # Check if some user configuration should be changed # do not run this code if the user will be created in the previous code -if [ "$state_should" != "absent" ] && [ "$occ_created" != "yes" ]; then - # Check if the display name is correct if someone is set - if [ -f "$__object/parameter/displayname" ]; then - displayname="$(cat "$__object/parameter/displayname")" - if ! match_param display_name "$displayname"; then - cat <getUserSession()->getManager()->get("$user")->setDisplayName("$displayname") - or die("Couldn'\''t modify $user display name! Maybe unsupported or already set ..".PHP_EOL);' + or print("Couldn'\''t modify $user display name! Maybe unsupported or already set ..".PHP_EOL) + and die(1);' SU SHELL + fi + fi + # the display name can not be unset + fi + + if ! [ -f "$__object/paramter/keep-email" ]; then + # Check if the email address is correct + if [ -f "$__object/parameter/email" ]; then + email="$(cat "$__object/parameter/email")" + if ! match_param email "$email"; then + occ user:setting -- "'$user'" settings email "'$email'" + fi + else + # remove if it doesn't exist + if ! match_param email ""; then + occ user:setting --delete -- "'$user'" settings email + fi fi fi - # Check if the email address is correct - if [ -f "$__object/parameter/email" ]; then - email="$(cat "$__object/parameter/email")" - if ! match_param email "$email"; then - occ user:setting -- "'$user'" settings email "'$email'" - fi - else - # remove if it doesn't exist - if ! match_param email ""; then - occ user:setting --delete -- "'$user'" settings email - fi - fi - - # Check state of the password - # explorer handles missing passwords already - if [ "$(cat "$__object/explorer/password")" = "mismatched" ]; then - cat < "$__object/files/explorer_groups" + if ! [ -f "$__object/parameter/keep-groups" ]; then + # Handle the user groups + # extract all groups set by remote + mkdir -p "$__object/files" + # check the spaces before the value to match all sub-categories + awk '/^ -/{start=0} start{print $2} $0 == " - groups:"{start=1}' \ + "$__object/explorer/user" > "$__object/files/explorer_groups" - # Add/Remove groups not set via the parameter - if [ -s "$__object/parameter/group" ]; then - # Get all groups to remove - grep -Fxv -f "$__object/parameter/group" \ - "$__object/files/explorer_groups" > "$__object/files/group.del" || true - # Get all groups to add - grep -Fxv -f "$__object/files/explorer_groups" \ - "$__object/parameter/group" > "$__object/files/group.add" || true + # Add/Remove groups not set via the parameter + if [ -s "$__object/parameter/group" ]; then + # Get all groups to remove + grep -Fxv -f "$__object/parameter/group" \ + "$__object/files/explorer_groups" > "$__object/files/group.del" || true + # Get all groups to add + grep -Fxv -f "$__object/files/explorer_groups" \ + "$__object/parameter/group" > "$__object/files/group.add" || true - # No user groups at all if nothing wanted by the user - else - # remove all groups to stay inline with the user parameter - cp "$__object/files/explorer_groups" "$__object/files/group.del" - fi + # No user groups at all if nothing wanted by the user + else + # remove all groups to stay inline with the user parameter + cp "$__object/files/explorer_groups" "$__object/files/group.del" + fi - # Remove all groups not exist anymore - if [ -s "$__object/files/group.del" ]; then - while read -r GROUP; do - occ group:removeuser "'$GROUP'" "'$user'" - done < "$__object/files/group.del" - fi + # Remove all groups not exist anymore + if [ -s "$__object/files/group.del" ]; then + while read -r GROUP; do + occ group:removeuser "'$GROUP'" "'$user'" + done < "$__object/files/group.del" + fi - # Add all existing groups - if [ -s "$__object/files/group.add" ]; then - while read -r GROUP; do - occ group:adduser "'$GROUP'" "'$user'" - done < "$__object/files/group.add" + # Add all existing groups + if [ -s "$__object/files/group.add" ]; then + while read -r GROUP; do + occ group:adduser "'$GROUP'" "'$user'" + done < "$__object/files/group.add" + fi fi fi diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst index 3a51a98..f68a092 100644 --- a/type/__nextcloud_user/man.rst +++ b/type/__nextcloud_user/man.rst @@ -9,6 +9,10 @@ cdist-type__nextcloud_user - Setup a Nextcloud user DESCRIPTION ----------- It manages a single Nextcloud user given by the object id or parameter `--user`. +This type can create and manage most properties of the Nextcloud user. If you +only want to setup the user, but want that the user will take full control over +all settings (so cdist will not touch the user anymore), use the parameter +`--only-setup` or `--keep-*` for special parameters. REQUIRED PARAMETERS @@ -44,13 +48,21 @@ www-user webserver and cli execution. As default, `www-data` will be used. displayname - The display name the user should have. + The display name the user should have. As the display name can not be unset + or set to empty, this type will ignore the display name if this parameter + is not set. Setting the parameter to an empty string leads to an error from + the Nextcloud side. email - The email address of the Nextcloud user. + The email address of the Nextcloud user. Will be unset if no parameter + given. password - The password of the Nextcloud user. + The password of the Nextcloud user. If the password not match, the new + password will be set to the user. If no password is given, it will not + touch the current password. **A password is required for the user setup!** + If you do not want to modify the user password, set a password via this + parameter and set the parameter `--keep-password`. quota TBA. @@ -60,6 +72,40 @@ group user will be removed from every group he is in. +BOOLEAN PARAMETERS +------------------ +only-setup + Only provisioning the user if he does not exist. Do not touch the user if + he already exists (except to enforce the given state). + +keep-displayname + Do not touch the display name of the user if he is already set up. This + will avoid to delete the user-set value because it does not match with the + predefined state. If the parameter `--displayname` is set despite of this + parameter, it will be used in the user setup if he does not already exist. + +keep-email + Do not touch the email attributes of the user if he is already set up. This + will avoid to delete the user-set value because it does not match with the + predefined state. If the parameter `--email` is set despite of this + parameter, it will be used in the user setup if he does not already exist. + +keep-password + Do not touch the password if the user is already set up. This will avoid to + delete user-set passwords because they do not match with the predefined + state. If the parameter `--password` is set despite of this parameter, it + will be used in the user setup if he does not already exists. + +keep-quota + TBA. + +keep-groups + Do not touch the user groups if the user is already set up. This will avoid + to delete group assosiactions not defined via cdist. If the parameter + `--group` is set despite of this parameter, it will be used in the user + setup if he does not already exists. + + MESSAGES -------- created diff --git a/type/__nextcloud_user/parameter/boolean b/type/__nextcloud_user/parameter/boolean new file mode 100644 index 0000000..cf0a40a --- /dev/null +++ b/type/__nextcloud_user/parameter/boolean @@ -0,0 +1,6 @@ +only-setup +keep-displayname +keep-email +keep-password +keep-quota +keep-groups From 30205b38ae88f3ba89f65cce818fb9992a839cbb Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 31 Oct 2020 11:44:31 +0100 Subject: [PATCH 17/30] __nextcloud_user: add --quota paramter --- type/__nextcloud_user/explorer/user | 10 ++++++++-- type/__nextcloud_user/gencode-remote | 13 ++++++++++++- type/__nextcloud_user/man.rst | 17 +++++++++++------ type/__nextcloud_user/parameter/default/quota | 1 + 4 files changed, 32 insertions(+), 9 deletions(-) create mode 100644 type/__nextcloud_user/parameter/default/quota diff --git a/type/__nextcloud_user/explorer/user b/type/__nextcloud_user/explorer/user index ab97a1f..bf2c475 100755 --- a/type/__nextcloud_user/explorer/user +++ b/type/__nextcloud_user/explorer/user @@ -1,7 +1,10 @@ #!/bin/sh -e # __nextcloud_user/explorer/user -# Outputs the raw nextcloud command output of the given user +# Outputs the raw nextcloud command output of the given user. +# +# The output is extended by the following fields (in the same syntax): +# 1. quota_param which outputs the real quota value instead of resolved values # Parameters @@ -32,7 +35,10 @@ cd '$cloud' if php -r 'define("OC_CONSOLE",1); require_once(__DIR__."/lib/base.php"); exit(\\OC::\$server->getUserSession()->getManager()->userExists("$user") ? 0 : 1);' then - php occ --no-interaction --no-ansi --output=plain user:info '$user' + php occ --no-warnings --no-interaction --no-ansi --output=plain user:info '$user' + # also output the quota parameter + printf " - quota_parm: %s\n" \ + "\$(php occ --no-warnings --no-interaction --no-ansi user:setting '$user' files quota)" fi SU fi diff --git a/type/__nextcloud_user/gencode-remote b/type/__nextcloud_user/gencode-remote index dd0c715..bd986f5 100644 --- a/type/__nextcloud_user/gencode-remote +++ b/type/__nextcloud_user/gencode-remote @@ -12,7 +12,7 @@ occ() { # will not use -q as it supresses errors, too cat << SHELL su -s /bin/sh -l "$www_user" -- -e <<'SU' -cd '$cloud' && php occ --no-interaction --no-ansi $@ +cd '$cloud' && php occ --no-warnings --no-interaction --no-ansi $@ SU SHELL } @@ -51,6 +51,9 @@ SHELL occ user:setting -- "'$user'" settings email "'$(cat "$__object/parameter/email")'" fi + # add the set quota - the default value don't hurt if it's explicitly set + occ user:setting -- "'$user'" files quota "'$(cat "$__object/parameter/quota")'" + # save that use user will be created and no further steps are required ignore_config="yes" } @@ -193,6 +196,14 @@ SHELL fi fi + if ! [ -f "$__object/parameter/keep-quota" ]; then + # Handle the qouta + # the parameter is always set cause of the default value + quota="$(cat "$__object/parameter/quota")" + if ! match_param quota_param "$quota"; then + occ user:setting -- "'$user'" files quota "'$quota'" + fi + fi if ! [ -f "$__object/parameter/keep-groups" ]; then # Handle the user groups diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst index f68a092..43aefc8 100644 --- a/type/__nextcloud_user/man.rst +++ b/type/__nextcloud_user/man.rst @@ -65,7 +65,7 @@ password parameter and set the parameter `--keep-password`. quota - TBA. + The quota the Nextcloud user have to store it data. Defaults to `default`. group Multiple group names which the Nextcloud user belongs to. If not set, the @@ -82,27 +82,32 @@ keep-displayname Do not touch the display name of the user if he is already set up. This will avoid to delete the user-set value because it does not match with the predefined state. If the parameter `--displayname` is set despite of this - parameter, it will be used in the user setup if he does not already exist. + parameter, it will only be used in the user setup if he does not already + exist. keep-email Do not touch the email attributes of the user if he is already set up. This will avoid to delete the user-set value because it does not match with the predefined state. If the parameter `--email` is set despite of this - parameter, it will be used in the user setup if he does not already exist. + parameter, it will only be used in the user setup if he does not already + exist. keep-password Do not touch the password if the user is already set up. This will avoid to delete user-set passwords because they do not match with the predefined state. If the parameter `--password` is set despite of this parameter, it - will be used in the user setup if he does not already exists. + will only be used in the user setup if he does not already exists. keep-quota - TBA. + Do not touch the user quota if he is already set up. This will avoid to + delete the configuration set by an administrator. If the parameter `--quota` + is set despite of this parameter, it will only be used in the user setup if + he does not already exist. keep-groups Do not touch the user groups if the user is already set up. This will avoid to delete group assosiactions not defined via cdist. If the parameter - `--group` is set despite of this parameter, it will be used in the user + `--group` is set despite of this parameter, it will only be used in the user setup if he does not already exists. diff --git a/type/__nextcloud_user/parameter/default/quota b/type/__nextcloud_user/parameter/default/quota new file mode 100644 index 0000000..4ad96d5 --- /dev/null +++ b/type/__nextcloud_user/parameter/default/quota @@ -0,0 +1 @@ +default From a82a880858457cf57b74b64255d72b16e694a620 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 31 Oct 2020 12:26:36 +0100 Subject: [PATCH 18/30] __nextcloud_user: finished manpage --- type/__nextcloud_user/gencode-remote | 4 ++ type/__nextcloud_user/man.rst | 59 +++++++++++++++++++++++++++- 2 files changed, 61 insertions(+), 2 deletions(-) diff --git a/type/__nextcloud_user/gencode-remote b/type/__nextcloud_user/gencode-remote index bd986f5..c76f74e 100644 --- a/type/__nextcloud_user/gencode-remote +++ b/type/__nextcloud_user/gencode-remote @@ -242,4 +242,8 @@ SHELL done < "$__object/files/group.add" fi fi + + + # These parameters are only set if they exist + # ... fi diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst index 43aefc8..39ff38a 100644 --- a/type/__nextcloud_user/man.rst +++ b/type/__nextcloud_user/man.rst @@ -66,6 +66,17 @@ password quota The quota the Nextcloud user have to store it data. Defaults to `default`. + Following values are accepted by Nextcloud: + + default + Uses the quota set as default in Nextcloud. + + none + No quota limit set; unlimited. + + $size + The quota that should be used. Same values as set over the user + interface. First the number, then a space and then the unit like `GB`. group Multiple group names which the Nextcloud user belongs to. If not set, the @@ -128,13 +139,57 @@ removed EXAMPLES -------- -TBA. + +.. code-block:: sh + + # nextcloud base installation + __nextcloud cloud + + # setups an user, but do not touch it after it was created + require="__nextcloud/cloud" __nextcloud_user foo \ + --cloud /var/www/html/cloud/ \ + --displayname "Big Fooo" \ + --email "foo@bar.tld" \ + --password "do-not-use-this-password" \ + --group "team_a" --group "xxxx" \ + --quota "2 GB" + --only-setup + + # manages an admin user fully controlled by cdist + require="__nextcloud/cloud" __nextcloud_user bar \ + --cloud /var/www/html/cloud/ \ + --displayname "Bar" \ + --email "bar@bar.tld" \ + --password "nope_insecure" \ + --group "admin" + + # disables an user + require="__nextcloud/cloud" __nextcloud_user bb \ + --state disabled \ + --cloud /var/www/html/cloud/ \ + --displayname "byebye" \ + --password "do_not_copy" \ + --keep-email --keep-password --keep-quota --keep-groups + + # removes an user + require="__nextcloud/cloud" __nextcloud_user foobar \ + --state absent \ + --cloud /var/www/html/cloud/ + + +NOTES +----- +This type may be extended by more user settings. If you think some +configuration is missing, you are welcome to contribute! + +Sometimes, this type uses custom php code to hack into Nextcloud to gather some +information not possible to get via the `occ` command or even set a value. SEE ALSO -------- :strong:`cdist-type__nextcloud`\ (7) -:string:`cdist-type__nextcloud_app`\ (7) +:strong:`cdist-type__nextcloud_app`\ (7) AUTHORS From d0f597b9e44ed60bb00d3c09d7eaaf770e622b20 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 31 Oct 2020 14:16:31 +0100 Subject: [PATCH 19/30] __nextcloud: added manpage notes .. and some more. --- type/__nextcloud/man.rst | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index 9daa4ce..1996d42 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -234,8 +234,19 @@ this type and contribute it upstream! - `Nextcloud configuration reference `_ +Currently, the state of this object is always `present`. So it will always be +installed without the option to uninstall it again (`absent`). This was done +because it will not be a common demand to uninstall nextcloud again. If you +need to toggle the state, you are welcome to contirbute! + +Parameters given for the admin user which will be set up at installation time +(`--admin-*` ones) are not applied if nextcloud will not be installed. +Therefor, parameter changes are not applied to the installation. Currently not +implemented - but possible - is to use the type +:strong:`cdist-type__nextcloud_user`\ (7) to do all the later work. + Database migration is only partly supported if the database will be changed to -``mysql` or ``pgsql``, because it is supported by an upstream script. You are +``mysql`` or ``pgsql``, because it is supported by an upstream script. You are welcome to extend this type for database migrations between the same database type. For an implementation, you may use shell utilites like ``mysqldump(1)`` (be aware that this may not already be installed) or use the already installed @@ -267,6 +278,13 @@ environment. This can happen after a database migration between different database types, as it installs the database module only when it is required. +SEE ALSO +-------- +`Nextcloud documentation `_ + +:strong:`cdist-type__nextcloud_user`\ (7) + + AUTHORS ------- Matthias Stecher From 9ed1a9cbfd57b6666747971f812f9e566138053b Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 31 Oct 2020 16:25:35 +0100 Subject: [PATCH 20/30] __nextcloud_user: fix misspelled quota parameter --- type/__nextcloud_user/explorer/user | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/type/__nextcloud_user/explorer/user b/type/__nextcloud_user/explorer/user index bf2c475..face683 100755 --- a/type/__nextcloud_user/explorer/user +++ b/type/__nextcloud_user/explorer/user @@ -37,7 +37,7 @@ if php -r 'define("OC_CONSOLE",1); require_once(__DIR__."/lib/base.php"); then php occ --no-warnings --no-interaction --no-ansi --output=plain user:info '$user' # also output the quota parameter - printf " - quota_parm: %s\n" \ + printf " - quota_param: %s\n" \ "\$(php occ --no-warnings --no-interaction --no-ansi user:setting '$user' files quota)" fi SU From 7490cef49e148e68700c643242b4976d7ee15f8f Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sat, 31 Oct 2020 16:47:39 +0100 Subject: [PATCH 21/30] Initial __nextcloud_app type Overall complete, more functionalitly is currently out of scope. --- type/__nextcloud_app/explorer/state | 38 +++++ type/__nextcloud_app/gencode-remote | 85 ++++++++++++ type/__nextcloud_app/man.rst | 131 ++++++++++++++++++ type/__nextcloud_app/parameter/default/state | 1 + .../parameter/default/www-user | 1 + type/__nextcloud_app/parameter/optional | 3 + type/__nextcloud_app/parameter/required | 1 + type/__nextcloud_user/man.rst | 8 +- 8 files changed, 264 insertions(+), 4 deletions(-) create mode 100755 type/__nextcloud_app/explorer/state create mode 100644 type/__nextcloud_app/gencode-remote create mode 100644 type/__nextcloud_app/man.rst create mode 100644 type/__nextcloud_app/parameter/default/state create mode 100644 type/__nextcloud_app/parameter/default/www-user create mode 100644 type/__nextcloud_app/parameter/optional create mode 100644 type/__nextcloud_app/parameter/required diff --git a/type/__nextcloud_app/explorer/state b/type/__nextcloud_app/explorer/state new file mode 100755 index 0000000..d7572ce --- /dev/null +++ b/type/__nextcloud_app/explorer/state @@ -0,0 +1,38 @@ +#!/bin/sh -e +# __nextcloud_app/explorer/state + +# Outputs the current state of the app. There are: +# - `enabled` if the app is enabled +# - `disabled` if the app is disabled +# - `absent` if the app does not exist +# - nothing if nextcloud is not installed + + +# Get the app id +appid="$__object/parameter/appid" +if [ -f "$appid" ]; then + appid="$(cat "$appid")" +else + appid="$__object_id" +fi + +# Get the installation directory +cloud="$(cat "$__object/parameter/cloud")" +www_user="$(cat "$__object/parameter/www-user")" + + +# Check if the installation directory exists +if [ -d "$cloud" ]; then + # if those files exist, everything should be fine + if [ -f "$cloud/occ" ] && [ -f "$cloud/config/config.php" ]; then + # Check if the app exists in the correct user context + su -s /bin/sh -l "$www_user" -- -e <&2 + echo "Use the type __nextcloud to ensure the installation and mark it as dependency for this type!" >&2 + exit 2 +fi + + +# Check if the state changes +if [ "$state_is" != "$state_should" ]; then + # check what to do + case "$state_should" in + enabled) + if [ "$state_is" = "disabled" ]; then + occ app:enable "'$appid'" + echo enabled >> "$__messages_out" + else + occ app:install "'$appid'" + echo installed >> "$__messages_out" + fi + ;; + + disabled) + if [ "$state_is" = "absent" ]; then + occ app:install --keep-disabled "'$appid'" + echo installed >> "$__messages_out" + else + occ app:disable "'$appid'" + echo disabled >> "$__messages_out" + fi + ;; + + present) + if [ "$state_is" = "absent" ]; then + occ app:install "'$appid'" + echo installed >> "$__messages_out" + fi + # else, everything is ok + ;; + + absent) + occ app:remove "'$appid'" + echo removed >> "$__messages_out" + ;; + esac +fi diff --git a/type/__nextcloud_app/man.rst b/type/__nextcloud_app/man.rst new file mode 100644 index 0000000..2b13c5c --- /dev/null +++ b/type/__nextcloud_app/man.rst @@ -0,0 +1,131 @@ +cdist-type__nextcloud_app(7) +============================ + +NAME +---- +cdist-type__nextcloud_app - Managese a Nextcloud app installation + + +DESCRIPTION +----------- +This types manages an app for a Nextcloud installation. For now, you can only +(un-)install or enable/disable an app. + +The object id is the appid of the app which will be managed by this type. It +will be overwritten by the parameter `--appid`. See this parameter for more +information about the appid. + + +REQUIRED PARAMETERS +------------------- +cloud + The absolute path of the Nextcloud installation. + + +OPTIONAL PARAMETERS +------------------- +state + The state of the app. Can be the following: + + present *(default)* + The app is installed. + + enabled + The app is installed and enabled. + + disabled + The app is installed, but disabled. + + absent + The app is not installed. + +appid + The appid is the uniquie identifier for an app in the Nextcloud app store. + It is required to know which app should be installed, which is expressed + via the appid. Apps who are shipped by the installation can not be removed. + Doing this will throw an error at exeuction time. + + To find the appid, you must select the app in the Nextcloud app menu or on + the app page in the Nextcloud app store. Then, examine the URL and use the + lastest part (e.g. "the filename") as appid. + +www-user + The unix user which will be used to execute Nextcloud related stuff. You + should always use the same user for all Nextcloud interactions, for the + webserver and cli execution. As default, `www-data` will be used. + + +MESSAGES +-------- +installed + The app was installed. + +enabled + The app is already installed and was enabled. + +disabled + The app is already installed and was disabled. + +removed + The app was removed. + + +EXAMPLES +-------- + +.. code-block:: sh + + # nextcloud base installation + __nextcloud cloud $args + + # install the music app + require="__nextcloud/cloud" __nextcloud_app music \ + --cloud /var/www/html/cloud/ --state enabled + + # enable a shipped app (already installed) + require="__nextcloud/cloud" __nextcloud_app files_external \ + --cloud /var/www/html/cloud/ --state enabled + + # remove some app + require="__nextcloud/cloud" __nextcloud_app drawio \ + --cloud /var/www/html/cloud/ --state absent + + +NOTES +----- +Currently, it manages just if the app is installed and enabled. Further +implementation is possible, but not done yet. This contains the management of +the app settings (via ``occ config:app:*``) and further finetuning to the +possibilities of installation and enablement (force-enable an app or restrict +enablement only to some groups). + +Special app settings could also be written as a new type which completly +handles this one app with all configuration options. + +Upgrading an Nextcloud app may be possible, but not the scope of this type. +Also, the upgrade can not be done to a given version, which results that this +type will loose the control over the state of the app. Installing the app +manually or hooking into the Nextcloud code is too unsafe and complex, in +addition it will be used rarely. Most admins would propably just update the app +via the web interface. + + +SEE ALSO +-------- +`Nextcloud app store `_ + +:strong:`cdist-type__nextcloud`\ (7) +:strong:`cdist-type__nextcloud_user`\ (7) + + +AUTHORS +------- +Matthias Stecher + + +COPYING +------- +Copyright \(C) 2020 Matthias Stecher. +You can redistribute it and/or modify it under the terms of the GNU +General Public License as published by the Free Software Foundation, +either version 3 of the License, or (at your option) any later version. diff --git a/type/__nextcloud_app/parameter/default/state b/type/__nextcloud_app/parameter/default/state new file mode 100644 index 0000000..e7f6134 --- /dev/null +++ b/type/__nextcloud_app/parameter/default/state @@ -0,0 +1 @@ +present diff --git a/type/__nextcloud_app/parameter/default/www-user b/type/__nextcloud_app/parameter/default/www-user new file mode 100644 index 0000000..5bbad18 --- /dev/null +++ b/type/__nextcloud_app/parameter/default/www-user @@ -0,0 +1 @@ +www-data diff --git a/type/__nextcloud_app/parameter/optional b/type/__nextcloud_app/parameter/optional new file mode 100644 index 0000000..0f2a3eb --- /dev/null +++ b/type/__nextcloud_app/parameter/optional @@ -0,0 +1,3 @@ +state +appid +www-user diff --git a/type/__nextcloud_app/parameter/required b/type/__nextcloud_app/parameter/required new file mode 100644 index 0000000..c3de202 --- /dev/null +++ b/type/__nextcloud_app/parameter/required @@ -0,0 +1 @@ +cloud diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst index 39ff38a..f0ceff9 100644 --- a/type/__nextcloud_user/man.rst +++ b/type/__nextcloud_user/man.rst @@ -142,11 +142,11 @@ EXAMPLES .. code-block:: sh - # nextcloud base installation - __nextcloud cloud + # nextcloud base installation + __nextcloud cloud $args - # setups an user, but do not touch it after it was created - require="__nextcloud/cloud" __nextcloud_user foo \ + # setups an user, but do not touch it after it was created + require="__nextcloud/cloud" __nextcloud_user foo \ --cloud /var/www/html/cloud/ \ --displayname "Big Fooo" \ --email "foo@bar.tld" \ From c24aedd4dbd9bb468bdce51cd6435d0f47f91da8 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 15 Nov 2020 16:21:56 +0100 Subject: [PATCH 22/30] __nextcloud: remove --webroot parameter Because the detection of the webroot is not that good, it was removed. Now, the object id contains the full path of the nextcloud installation. This changes the installation process a bit, as it will download the tarball to /tmp rather the webroot. Also, this commit contains a bit overhaul work. --- type/__nextcloud/explorer/config | 2 +- type/__nextcloud/explorer/installdir | 16 --------- type/__nextcloud/explorer/version | 2 +- type/__nextcloud/explorer/webroot | 34 ------------------- type/__nextcloud/gencode-remote | 14 ++++---- type/__nextcloud/man.rst | 49 ++++++++++------------------ type/__nextcloud/manifest | 26 +++++++-------- type/__nextcloud/map-conf-changes.sh | 4 +-- type/__nextcloud/parameter/optional | 1 - 9 files changed, 38 insertions(+), 110 deletions(-) delete mode 100755 type/__nextcloud/explorer/installdir delete mode 100755 type/__nextcloud/explorer/webroot diff --git a/type/__nextcloud/explorer/config b/type/__nextcloud/explorer/config index f97f39d..6637ad6 100755 --- a/type/__nextcloud/explorer/config +++ b/type/__nextcloud/explorer/config @@ -5,7 +5,7 @@ # Get the installdir -installdir="$( "$__type_explorer/installdir" )" +installdir="/$__object_id" # Check if the tools are available if [ -d "$installdir" ]; then diff --git a/type/__nextcloud/explorer/installdir b/type/__nextcloud/explorer/installdir deleted file mode 100755 index 7b34f2e..0000000 --- a/type/__nextcloud/explorer/installdir +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -e -# __nextcloud/explorer/installdir - -# Detects the directory nextcloud should be installed to. - - -# by parameter or auto-detection -webroot="$( "$__type_explorer/webroot" )" -if [ -z "$webroot" ]; then - echo "no installdir given and no webroot directory found" >&2 - echo "no place to install found; set it via --webroot" >&2 - exit 1 -fi - -# assemble directory with the object id -printf "%s/%s\n" "$webroot" "$__object_id" diff --git a/type/__nextcloud/explorer/version b/type/__nextcloud/explorer/version index 5a75258..1e1cda9 100755 --- a/type/__nextcloud/explorer/version +++ b/type/__nextcloud/explorer/version @@ -5,7 +5,7 @@ # Get the install directory -installdir="$( "$__type_explorer/installdir" )" +installdir="/$__object_id" # Check if the installation directory exists if [ -d "$installdir" ]; then diff --git a/type/__nextcloud/explorer/webroot b/type/__nextcloud/explorer/webroot deleted file mode 100755 index 7eab286..0000000 --- a/type/__nextcloud/explorer/webroot +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -e -# __nextcloud/explorer/webroot - -# Detects the webroot if any - - -# Just check if there is some directory and echo + exit on success -# -# Arguments: -# 1: the directory to check -check_dir() { - if [ -d "$1" ]; then - echo "$1" - exit - fi -} - - -# Check the user choice -parameter="$__object/parameter/webroot" -if [ -f "$parameter" ]; then - cat "$parameter" - exit -fi - -# Maybe checking standard webserver configs .. - -# Check if there are default directories -check_dir "/srv/www" -check_dir "/var/www/html" -check_dir "/var/www" - - -# do nothing if no webroot found diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 1850dd0..cde78ca 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -49,9 +49,8 @@ version_is="$( cat "$__object/explorer/version" )" version_should="$( cat "$__object/parameter/version" )" # the install directory -installdir="$( cat "$__object/explorer/installdir" )" -updatedir="$( dirname "$installdir" )" -tarballdir="$updatedir/.$__object_id" +installdir="/$__object_id" +tarballdir="$(dirname "$installdir")/.$(basename "$installdir")" # get used user and group user="$( cat "$__object/parameter/user" )" @@ -77,11 +76,10 @@ fi # Remove the old folder and replace it with the new one. if [ "$upgrade" ]; then cat << REMOTE -cd '$updatedir' - chown '$user':'$group' -R '$tarballdir' REMOTE + # no more changes from the user occ_maintainer_mode_on cat << REMOTE @@ -91,8 +89,6 @@ mv '$installdir/data' '$tarballdir' rm -rf '$installdir' mv '$tarballdir' '$installdir' -cd '$installdir' - REMOTE # do some maintainer stuff @@ -227,9 +223,11 @@ if [ "$data_old" ] && [ "$data_old" != "$data_new" ]; then # not be moved. occ config:system:set datadirectory --type=string --value "'$data_new'" cat << REMOTE +cd '$installdir' # only for the users safety + rm -rf '$data_new' mkdir -p '$(dirname "$data_new")' # if the parent not exists -mv '$data_old' '$data_new' +mv -T '$data_old' '$data_new' REMOTE fi diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index 1996d42..a89a550 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -8,11 +8,9 @@ cdist-type__nextcloud - Installs and manages a nextcloud instance DESCRIPTION ----------- -This type installs, upgrades and configure a nextcloud instance. - -It installs the application in the webspace based on the object id as relative -path from the webroot. If you want to install it directly in the webroot, you -must trick out this type by setting the webroot as parent directory. +This type installs, upgrades and configure a nextcloud instance. The object +id is the absolute path for the installation directory. Nextcloud will be +installed unter that directory. REQUIRED PARAMETERS @@ -40,11 +38,6 @@ admin-password OPTIONAL PARAMETERS ------------------- -webroot - The webroot which will be used as basis for the installation. This may be - already detected by an explorer. Must be an absolute path (starting with a - slash). - mode Sets the unix file mode of the nextcloud directory. This is not inherited to child files or folders. Defaults to `755`. @@ -152,18 +145,6 @@ database-prefix ``oc_``. -WEBROOT DETECTION ------------------ -As the `object id` is the install path relatively from the webroot, it must be -known somehow. Therefor, it will try to detect a good location for it. You can -set a custom webroot via the `--webroot` parameter. As default, following -directories will be checked if they exist to be the webroot: - -1. ``/srv/www/`` -2. ``/var/www/html/`` -3. ``/var/www/`` - - MESSAGES -------- installed @@ -185,10 +166,6 @@ installed. See the parameter description of `--version` for detailed information. The problem can be fixed by bumping the version value to at least the version that is currently installed or use the parameter `--install-only`. -The type aborts if there is no webroot given as parameter and no could be -detected by the type itself. Please set the webroot via `--webroot` or extend -this type. - It may abort if the data directory can not be moved correctly. Then, the nextcloud configuration is broken and must be resolved manually: Move the data directory to the correct location or change the configuration to point to the @@ -210,20 +187,21 @@ EXAMPLES # minimal nextcloud installation with sqlite and other defaults # please only use sqlite for minimal or test installations as recommend :) - __nextcloud nextcloud --version 20.0.0 --admin-password "iaminsecure" \ + __nextcloud /var/www/html/nextcloud --version 20.0.0 \ + --admin-password "iaminsecure" \ --host localhost --host nextcloud + # installation under the webroot + __nextcloud /var/www/html/ --version 20.0.0 + --admin-password "notthatsecure" --host mycloud.example.com + # more extensive configuration - __nextcloud cloud --version 20.0.0 --admin-password "iaminsecure" \ + __nextcloud /var/www/cloud --version 20.0.0 --admin-password "iaminsecure" \ --host localhost --host nextcloud --host 192.168.1.67 \ --data-directory /var/lib/nextcloud/what \ --database-type mysql --database-host "localhost" --database-name "nextcloud" \ --database-user "test" --database-password "not-a-good-password" - # install it in the webroot /var/www/html - __nextcloud html --version 20.0.0 --admin-password "notthatsecure" \ - --webroot "/var/www" --host localhost - NOTES ----- @@ -277,6 +255,13 @@ php dependencies, but there are not recognised by the server-internal php environment. This can happen after a database migration between different database types, as it installs the database module only when it is required. +If the tarball needs to be downloaded, it will be directly downloaded into the +directory ``/tmp`` and will be unpacked to the destination for an installation +or to the same directory but prefixed with a dot for an update. It will +download it into the temp directory because it does not find a better location. +In legacy, it was downloaded to the parent directory, but this may not the best +location as the installation dir can be everywhere. + SEE ALSO -------- diff --git a/type/__nextcloud/manifest b/type/__nextcloud/manifest index 2d89f01..90508d8 100755 --- a/type/__nextcloud/manifest +++ b/type/__nextcloud/manifest @@ -76,8 +76,7 @@ user="$(cat "$__object/parameter/user")" group="$(cat "$__object/parameter/group")" # Get the installation directory -webroot="$(cat "$__object/explorer/webroot")" -installdir="$(cat "$__object/explorer/installdir")" +installdir="/$__object_id" # Set permissions after the nextcloud installation/upgrade is done # FIXME maybe less strict if some parameter is not given by the user? @@ -111,28 +110,25 @@ if [ "$version_is" ]; then fi # Set destination to a temporary directory - destination="$webroot/.$__object_id" + destination="$(dirname "$installdir")/.$(basename "$installdir")" fi else # Set destination to the real destination - destination="$webroot/$__object_id" + destination="$installdir" fi # Install/Upgrade the nextcloud version if there is a destination set. # it checks if it is necessary and intended to upgrade if [ "$destination" ] && [ "$version_is" != "$version_should" ]; then - updatedir="$( dirname "$installdir" )" + # download it to the tmp directory + # FIXME --sum is currently rather a hack, see cdist#844 + __download "/tmp/nextcloud-${version_should}.tar.bz2" \ + --url "$nextcloud_uri" \ + --sum "sha256:$(curl -sS -L "$nextcloud_sum" | awk '{print $1}')" - # Be sure the parent directory exists for installation - __directory "$updatedir" --parents - - require="__directory$updatedir" \ - __download "$updatedir/nextcloud.tar.bz2" \ - --url "$nextcloud_uri" \ - --sum "sha256:$(curl -sS -L "$nextcloud_sum" | awk '{print $1}')" # must be a required parameter?? - - require="__download$updatedir/nextcloud.tar.bz2" \ - __unpack "$updatedir/nextcloud.tar.bz2" \ + # after this, unpack it from /tmp to $destination + require="__download/tmp/nextcloud-${version_should}.tar.bz2" \ + __unpack "/tmp/nextcloud-${version_should}.tar.bz2" \ --tar-strip 1 \ --destination "$destination" fi diff --git a/type/__nextcloud/map-conf-changes.sh b/type/__nextcloud/map-conf-changes.sh index 5855761..9b6ffe3 100755 --- a/type/__nextcloud/map-conf-changes.sh +++ b/type/__nextcloud/map-conf-changes.sh @@ -270,7 +270,7 @@ fi # misc conf_array host trusted_domains -# Already set via the installer +# If already set via the installer, we don't need to do this # set default values from the nextcloud installer to do not override them if [ -z "$install" ]; then # Database to check if the type changed @@ -312,5 +312,5 @@ if [ -z "$install" ]; then esac # data-dir is handled in the gencode-remote - #conf_string data-directory datadirectory installdef "$(cat "$__object/explorer/installdir")/$__object_id/data" + #conf_string data-directory datadirectory installdef "/$__object_id/data" fi diff --git a/type/__nextcloud/parameter/optional b/type/__nextcloud/parameter/optional index cd09af4..b51ef3d 100644 --- a/type/__nextcloud/parameter/optional +++ b/type/__nextcloud/parameter/optional @@ -1,7 +1,6 @@ mode user group -webroot database-type database-host database-name From 32417aba34e6ae226b072eea1d3e408ba9fec673 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 15 Nov 2020 16:34:26 +0100 Subject: [PATCH 23/30] __nextcloud: aborts at installation with pgsql/mariadb Accidentally, there was a check for a parameter that could not exist. The block is now streamlined as other parameters got handled, too :-) --- type/__nextcloud/gencode-remote | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index cde78ca..111347c 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -122,17 +122,9 @@ if ! grep -q -F "installed = 1" "$__object/explorer/config"; then } # Database setup for mysql and pgsql db_setup() { - if ! [ -f "$__object/parameter/db-host" ]; then - echo "no hostname given! can't proceed." >&2 - exit 3 - fi + # add type and other database values occ_install_args="$occ_install_args --database '$1'" - - db_host="$__object/parameter/database-host" - if [ -f "$db_host" ]; then - occ_install_args="$occ_install_args --database-host '$(cat "$db_host")'" - fi - + occ_install_args="$occ_install_args --database-host '$(cat "$__object/parameter/database-host" || die_err)'" occ_install_args="$occ_install_args --database-name '$(cat "$__object/parameter/database-name" || die_err)'" occ_install_args="$occ_install_args --database-user '$(cat "$__object/parameter/database-user" || die_err)'" occ_install_args="$occ_install_args --database-pass '$(cat "$__object/parameter/database-password" || die_err)'" From 3fda91ca2fde5e85353d4fb0b37860e861949fbe Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 15 Nov 2020 17:40:02 +0100 Subject: [PATCH 24/30] __nextcloud: add comments about the maintenance mode ... because it not always work like you want it. --- type/__nextcloud/gencode-remote | 3 +++ type/__nextcloud/man.rst | 10 ++++++++++ 2 files changed, 13 insertions(+) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 111347c..00611a3 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -101,6 +101,9 @@ REMOTE # Apply some misc to the installation folder. elif [ "$install" ]; then + # Maintainer mode is not available before installation + + # Correct all file permissions of the new installation cat << REMOTE chown '$user':'$group' -R '$installdir' REMOTE diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index a89a550..39de9e8 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -262,6 +262,16 @@ download it into the temp directory because it does not find a better location. In legacy, it was downloaded to the parent directory, but this may not the best location as the installation dir can be everywhere. +This type does not garantee to always show the maintenance mode screen because +nextcloud does not show it in every case: + +1. For fresh installations, the maintenance mode can not be set. +2. While upgrades starting at version 20, the user is promted to execute the + update manually via the webinterface instead of the maintenance screen. + +It is recommended to show an own maintanance screen via the webserver if this +is critical for you. + SEE ALSO -------- From ee650d88ed09c8189aee40199905f6f8503287f9 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Sun, 15 Nov 2020 19:14:31 +0100 Subject: [PATCH 25/30] __nextcloud_{app,user}: Updated man cause of __nextcloud changes Also, the `gencode-remote` scripts where marked executeable. --- type/__nextcloud_app/gencode-remote | 0 type/__nextcloud_app/man.rst | 17 ++++++++++++----- type/__nextcloud_user/gencode-remote | 0 type/__nextcloud_user/man.rst | 19 +++++++++++++------ 4 files changed, 25 insertions(+), 11 deletions(-) mode change 100644 => 100755 type/__nextcloud_app/gencode-remote mode change 100644 => 100755 type/__nextcloud_user/gencode-remote diff --git a/type/__nextcloud_app/gencode-remote b/type/__nextcloud_app/gencode-remote old mode 100644 new mode 100755 diff --git a/type/__nextcloud_app/man.rst b/type/__nextcloud_app/man.rst index 2b13c5c..9074b03 100644 --- a/type/__nextcloud_app/man.rst +++ b/type/__nextcloud_app/man.rst @@ -75,22 +75,29 @@ EXAMPLES .. code-block:: sh - # nextcloud base installation - __nextcloud cloud $args + # Nextcloud base installation + __nextcloud /var/www/html/cloud $args # install the music app - require="__nextcloud/cloud" __nextcloud_app music \ + require="__nextcloud/var/www/html/cloud" __nextcloud_app music \ --cloud /var/www/html/cloud/ --state enabled # enable a shipped app (already installed) - require="__nextcloud/cloud" __nextcloud_app files_external \ + require="__nextcloud/var/www/html/cloud" __nextcloud_app files_external \ --cloud /var/www/html/cloud/ --state enabled # remove some app - require="__nextcloud/cloud" __nextcloud_app drawio \ + require="__nextcloud/var/www/html/cloud" __nextcloud_app drawio \ --cloud /var/www/html/cloud/ --state absent + # Different cloud + __nextcloud /var/www/html/nextcloud $args + # but same app name + require="__nextcloud/var/www/html/nextcloud" __nextcloud_user next_music \ + --cloud /var/www/html/nextcloud/ --appid music + + NOTES ----- Currently, it manages just if the app is installed and enabled. Further diff --git a/type/__nextcloud_user/gencode-remote b/type/__nextcloud_user/gencode-remote old mode 100644 new mode 100755 diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst index f0ceff9..0b303d6 100644 --- a/type/__nextcloud_user/man.rst +++ b/type/__nextcloud_user/man.rst @@ -142,11 +142,11 @@ EXAMPLES .. code-block:: sh - # nextcloud base installation - __nextcloud cloud $args + # Nextcloud base installation + __nextcloud /var/www/html/cloud $args # setups an user, but do not touch it after it was created - require="__nextcloud/cloud" __nextcloud_user foo \ + require="__nextcloud/var/www/html/cloud" __nextcloud_user foo \ --cloud /var/www/html/cloud/ \ --displayname "Big Fooo" \ --email "foo@bar.tld" \ @@ -156,7 +156,7 @@ EXAMPLES --only-setup # manages an admin user fully controlled by cdist - require="__nextcloud/cloud" __nextcloud_user bar \ + require="__nextcloud/var/www/html/cloud" __nextcloud_user bar \ --cloud /var/www/html/cloud/ \ --displayname "Bar" \ --email "bar@bar.tld" \ @@ -164,7 +164,7 @@ EXAMPLES --group "admin" # disables an user - require="__nextcloud/cloud" __nextcloud_user bb \ + require="__nextcloud/var/www/html/cloud" __nextcloud_user bb \ --state disabled \ --cloud /var/www/html/cloud/ \ --displayname "byebye" \ @@ -172,11 +172,18 @@ EXAMPLES --keep-email --keep-password --keep-quota --keep-groups # removes an user - require="__nextcloud/cloud" __nextcloud_user foobar \ + require="__nextcloud/var/www/html/cloud" __nextcloud_user foobar \ --state absent \ --cloud /var/www/html/cloud/ + # Different cloud + __nextcloud /var/www/html/nextcloud $args + # but same user name + require="__nextcloud/var/www/html/nextcloud" __nextcloud_user next_foobar \ + --cloud /var/www/html/nextcloud/ --user foobar + + NOTES ----- This type may be extended by more user settings. If you think some From c0b3f792291e8ffb0988e7b21f59270616a163ff Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Mon, 16 Nov 2020 19:32:10 +0100 Subject: [PATCH 26/30] __nextcloud{,_user}: Updated manpages --- type/__nextcloud/man.rst | 3 ++- type/__nextcloud_user/man.rst | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/type/__nextcloud/man.rst b/type/__nextcloud/man.rst index 39de9e8..1e0238d 100644 --- a/type/__nextcloud/man.rst +++ b/type/__nextcloud/man.rst @@ -33,7 +33,8 @@ version admin-password The administrator password to access the nextcloud instance. Must be given - in plain text. + in plain text. This parameter has no effect if nextcloud will not be + installed. OPTIONAL PARAMETERS diff --git a/type/__nextcloud_user/man.rst b/type/__nextcloud_user/man.rst index 0b303d6..200769f 100644 --- a/type/__nextcloud_user/man.rst +++ b/type/__nextcloud_user/man.rst @@ -64,6 +64,9 @@ password If you do not want to modify the user password, set a password via this parameter and set the parameter `--keep-password`. + Note that Nextcloud will check for the security of passwords. The type + will abort if Nextcloud refuses that password! + quota The quota the Nextcloud user have to store it data. Defaults to `default`. Following values are accepted by Nextcloud: From c89bb59409a90bafead5a6dd323fd2d87ccc55db Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Fri, 20 Nov 2020 19:23:40 +0100 Subject: [PATCH 27/30] __nextcloud: add database maintainer command for upgrades After my update to 20.0.2, Nextcloud complained about missing primary key indexes. I don't know if it existed before that version, but adding it to make life easier .. as no one will propably install an older version than Nextcloud 20.0.2. --- type/__nextcloud/gencode-remote | 2 ++ 1 file changed, 2 insertions(+) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 00611a3..4ead4a9 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -93,6 +93,8 @@ REMOTE # do some maintainer stuff occ upgrade + # gamble a bit with database maintainer commands + occ db:add-missing-primary-keys occ db:add-missing-columns occ db:add-missing-indices From b6db7b5ca8daa8c4febfbbee0bd8ef8c23adade8 Mon Sep 17 00:00:00 2001 From: Matthias Stecher Date: Mon, 21 Dec 2020 19:04:53 +0100 Subject: [PATCH 28/30] __nextcloud: suppress global warnings from occ As it's the default for __nextcloud_app and __nextcloud_user, it will now suppress global warnings, too. This will be done because nobody cares about then, only about the errors generated from the executed command. --- type/__nextcloud/gencode-remote | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 4ead4a9..83748f5 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -17,7 +17,7 @@ occ() { # will not use -q as it supresses errors, too cat << SHELL su -s /bin/sh -l "$user" -- -e < Date: Fri, 25 Dec 2020 11:44:32 +0100 Subject: [PATCH 29/30] __nextcloud: harden here-doc for su call Because the here-doc will be evaluated again by the shell, it will was changed to avoid this. Because the script does not depend on such function, it will be done in faviour of special characters. --- type/__nextcloud/gencode-remote | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 83748f5..15ff966 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -16,7 +16,7 @@ occ() { # su creates a new shell, so it does not affect the current session # will not use -q as it supresses errors, too cat << SHELL -su -s /bin/sh -l "$user" -- -e < Date: Fri, 25 Dec 2020 20:14:04 +0100 Subject: [PATCH 30/30] __nextcloud: add db:convert-filecache-bigint command Looks like this command should be executed on upgrades, too. --- type/__nextcloud/gencode-remote | 1 + 1 file changed, 1 insertion(+) diff --git a/type/__nextcloud/gencode-remote b/type/__nextcloud/gencode-remote index 15ff966..6812c68 100755 --- a/type/__nextcloud/gencode-remote +++ b/type/__nextcloud/gencode-remote @@ -97,6 +97,7 @@ REMOTE occ db:add-missing-primary-keys occ db:add-missing-columns occ db:add-missing-indices + occ db:convert-filecache-bigint # send upgrade message printf "upgraded %s to %s\n" "$version_is" "$version_should" >> "$__messages_out"