From 2e489c4114c26d9c67a0d9b4b532d8ba74ff725b Mon Sep 17 00:00:00 2001 From: Akhil Date: Tue, 26 Jul 2022 16:58:53 +0530 Subject: [PATCH 1/9] Add upgrade guide and update images --- templates/docker-compose/docker-compose.yml | 8 ++++---- upgrade-guides/upgrade-to-21.0.9.12.md | 7 +++++++ 2 files changed, 11 insertions(+), 4 deletions(-) create mode 100644 upgrade-guides/upgrade-to-21.0.9.12.md diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index 87206a9..02da278 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -81,7 +81,7 @@ services: - /mnt/repo-base/volumes/mysql/db/data:/var/lib/mysql - /mnt/repo-base/config/mariadb/:/etc/mysql/conf.d/:ro redis: - image: redis:6.0-alpine + image: redis:6.2-alpine container_name: redis restart: always networks: @@ -92,7 +92,7 @@ services: - /mnt/repo-base/volumes/redis/tmp:/tmp/redis welcome: - image: registry.gitlab.e.foundation/e/infra/docker-welcome:2.1.3 + image: registry.gitlab.e.foundation/e/infra/docker-welcome:3.0.2 container_name: welcome environment: - DOMAINS=${VHOSTS_ACCOUNTS} @@ -123,7 +123,7 @@ services: - "${DOMAIN}:${NC_HOST_IP}" nextcloud: - image: registry.gitlab.e.foundation/e/infra/ecloud/nextcloud:selfhost + image: registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/selfhost:selfhost-21-0-9-12 container_name: nextcloud restart: always networks: @@ -164,7 +164,7 @@ services: - /mnt/repo-base/config/automx/automx.conf:/etc/automx.conf nginx: - image: nginx:1.19-alpine + image: nginx:1.20-alpine container_name: nginx restart: unless-stopped networks: diff --git a/upgrade-guides/upgrade-to-21.0.9.12.md b/upgrade-guides/upgrade-to-21.0.9.12.md new file mode 100644 index 0000000..1a60c68 --- /dev/null +++ b/upgrade-guides/upgrade-to-21.0.9.12.md @@ -0,0 +1,7 @@ +# To upgrade from ecloud 20.x.x.x to 21.0.9.12 + +- In your `docker-compose.yml` file update the following: + - Set the redis image to `redis:6.2-alpine` + - Set the welcome image to `registry.gitlab.e.foundation/e/infra/docker-welcome:3.0.2` + - Set the nextcloud image to `registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/selfhost:selfhost-21-0-9-12` + - Set the nginx image to `nginx:1.20-alpine` \ No newline at end of file -- GitLab From db366f70f8febce5ad64508e41b2ec4c4d4eb7d3 Mon Sep 17 00:00:00 2001 From: Akhil Date: Wed, 27 Jul 2022 17:38:05 +0530 Subject: [PATCH 2/9] Welcome 2.5.0 as that matches 21.0.9.12 --- templates/docker-compose/docker-compose.yml | 2 +- upgrade-guides/upgrade-to-21.0.9.12.md | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index 02da278..56d3c40 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -92,7 +92,7 @@ services: - /mnt/repo-base/volumes/redis/tmp:/tmp/redis welcome: - image: registry.gitlab.e.foundation/e/infra/docker-welcome:3.0.2 + image: registry.gitlab.e.foundation/e/infra/docker-welcome:2.5.0 container_name: welcome environment: - DOMAINS=${VHOSTS_ACCOUNTS} diff --git a/upgrade-guides/upgrade-to-21.0.9.12.md b/upgrade-guides/upgrade-to-21.0.9.12.md index 1a60c68..2beef40 100644 --- a/upgrade-guides/upgrade-to-21.0.9.12.md +++ b/upgrade-guides/upgrade-to-21.0.9.12.md @@ -2,6 +2,8 @@ - In your `docker-compose.yml` file update the following: - Set the redis image to `redis:6.2-alpine` - - Set the welcome image to `registry.gitlab.e.foundation/e/infra/docker-welcome:3.0.2` + - Set the welcome image to `registry.gitlab.e.foundation/e/infra/docker-welcome:2.5.0` - Set the nextcloud image to `registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/selfhost:selfhost-21-0-9-12` - - Set the nginx image to `nginx:1.20-alpine` \ No newline at end of file + - Set the nginx image to `nginx:1.20-alpine` +- Run `docker-compose pull` +- Run `docker-compose up -d` \ No newline at end of file -- GitLab From ef995ec4fdc529b06bb3312f3b7a4ee49959ba92 Mon Sep 17 00:00:00 2001 From: Akhil Date: Tue, 9 Aug 2022 16:03:41 +0530 Subject: [PATCH 3/9] Added step to enable ecloud-accounts --- upgrade-guides/upgrade-to-21.0.9.12.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/upgrade-guides/upgrade-to-21.0.9.12.md b/upgrade-guides/upgrade-to-21.0.9.12.md index 2beef40..d1c57a5 100644 --- a/upgrade-guides/upgrade-to-21.0.9.12.md +++ b/upgrade-guides/upgrade-to-21.0.9.12.md @@ -6,4 +6,6 @@ - Set the nextcloud image to `registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/selfhost:selfhost-21-0-9-12` - Set the nginx image to `nginx:1.20-alpine` - Run `docker-compose pull` -- Run `docker-compose up -d` \ No newline at end of file +- Run `docker-compose up -d` +- Enable the `ecloud-accounts` app: + `docker exec -u www-data nextcloud /var/www/html/occ app:enable ecloud-accounts` \ No newline at end of file -- GitLab From df02cc8e15fbdca47668bf707bf7cbf0c650f11a Mon Sep 17 00:00:00 2001 From: Akhil Date: Thu, 18 Aug 2022 19:02:48 +0530 Subject: [PATCH 4/9] Updated upgrade guide --- deployment/questionnaire/questionnaire.dat | 1 + scripts/init-repo.sh | 1 + templates/docker-compose/docker-compose.yml | 3 +++ templates/nextcloud/config.php | 3 +++ upgrade-guides/upgrade-to-21.0.9.12.md | 20 ++++++++++++++++++++ 5 files changed, 28 insertions(+) diff --git a/deployment/questionnaire/questionnaire.dat b/deployment/questionnaire/questionnaire.dat index 9e57c61..344c47b 100644 --- a/deployment/questionnaire/questionnaire.dat +++ b/deployment/questionnaire/questionnaire.dat @@ -20,6 +20,7 @@ DBPASS=@@@generate@@@:20@ DRIVE_SMTP_PASSWORD=@@@generate@@@:16@ POSTFIXADMIN_SSH_PASSWORD=@@@generate@@@:20@ CREATE_ACCOUNT_PASSWORD=@@@generate@@@:20@ +ECLOUD_ACCOUNTS_SECRET=@@@generate@@@:20@ PFA_SUPERADMIN_PASSWORD=1@@@generate@@@:16@2 diff --git a/scripts/init-repo.sh b/scripts/init-repo.sh index 1e9571e..0e81f2a 100755 --- a/scripts/init-repo.sh +++ b/scripts/init-repo.sh @@ -174,6 +174,7 @@ mkdir -p /mnt/repo-base/volumes/nextcloud/{html,data,log} mkdir "/mnt/repo-base/volumes/nextcloud/html/config/" cat /mnt/repo-base/templates/nextcloud/config.php | sed "s/@@@DOMAIN@@@/$DOMAIN/g" | \ sed "s/@@@DRIVE_SMTP_PASSWORD@@@/$DRIVE_SMTP_PASSWORD/g" | sed "s/@@@PFDB_DB@@@/$PFDB_DB/g" | \ + sed "s/@@@ECLOUD_ACCOUNTS_SECRET@@@/$ECLOUD_ACCOUNTS_SECRET/g" | \ sed "s/@@@PFDB_USR@@@/$PFDB_USR/g" | sed "s/@@@DBPASS@@@/$PFDB_DBPASS/g" > \ "/mnt/repo-base/volumes/nextcloud/html/config/config.php" chown -R www-data: "/mnt/repo-base/volumes/nextcloud/" diff --git a/templates/docker-compose/docker-compose.yml b/templates/docker-compose/docker-compose.yml index 56d3c40..aae05aa 100644 --- a/templates/docker-compose/docker-compose.yml +++ b/templates/docker-compose/docker-compose.yml @@ -108,6 +108,9 @@ services: - SMTP_HOST=${SMTP_HOST} - SMTP_FROM=${SMTP_FROM} - SMTP_PW=${SMTP_PW} + - WELCOME_SMTP_FROM=${SMTP_FROM} + - WELCOME_SMTP_PW=${SMTP_PW} + - ECLOUD_ACCOUNTS_SECRET=${ECLOUD_ACCOUNTS_SECRET} - SMTP_PORT=587 - NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER} - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD} diff --git a/templates/nextcloud/config.php b/templates/nextcloud/config.php index 70d5689..b3c97b6 100644 --- a/templates/nextcloud/config.php +++ b/templates/nextcloud/config.php @@ -43,6 +43,9 @@ $CONFIG = array ( 'mail_smtpport' => '587', 'mail_smtpsecure' => 'tls', 'installed' => false, + 'ecloud-accounts' => [ + 'secret' => '@@@ECLOUD_ACCOUNTS_SECRET@@@' + ], 'user_backend_sql_raw' => array ( 'db_type' => 'mariadb', diff --git a/upgrade-guides/upgrade-to-21.0.9.12.md b/upgrade-guides/upgrade-to-21.0.9.12.md index d1c57a5..747238b 100644 --- a/upgrade-guides/upgrade-to-21.0.9.12.md +++ b/upgrade-guides/upgrade-to-21.0.9.12.md @@ -5,6 +5,26 @@ - Set the welcome image to `registry.gitlab.e.foundation/e/infra/docker-welcome:2.5.0` - Set the nextcloud image to `registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/selfhost:selfhost-21-0-9-12` - Set the nginx image to `nginx:1.20-alpine` + +- Add `ecloud-accounts` secret to secure the `ecloud-accounts` API: + - Generate a secure secret string + - Add it to `volumes/nextcloud/html/config/config.php` with an entry like: + - ```php + ... + 'ecloud-accounts' => [ + 'secret' => 'secure-secret' + ], + ... + - Add this to your `.env` file as `ECLOUD_ACCOUNTS_SECRET=secure-secret` + - Add it to the environment variables of `welcome` in `docker-compose.yml`: + - ``` + environment: + ... + - ECLOUD_ACCOUNTS_SECRET=${ECLOUD_ACCOUNTS_SECRET} + ... + ``` + + - Run `docker-compose pull` - Run `docker-compose up -d` - Enable the `ecloud-accounts` app: -- GitLab From 5e9a82e7eec01a0c455318ffdf0830454fb74ab5 Mon Sep 17 00:00:00 2001 From: Akhil Date: Mon, 22 Aug 2022 13:59:37 +0530 Subject: [PATCH 5/9] More instruction updates --- upgrade-guides/upgrade-to-21.0.9.12.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/upgrade-guides/upgrade-to-21.0.9.12.md b/upgrade-guides/upgrade-to-21.0.9.12.md index 747238b..f3b1f28 100644 --- a/upgrade-guides/upgrade-to-21.0.9.12.md +++ b/upgrade-guides/upgrade-to-21.0.9.12.md @@ -5,6 +5,14 @@ - Set the welcome image to `registry.gitlab.e.foundation/e/infra/docker-welcome:2.5.0` - Set the nextcloud image to `registry.gitlab.e.foundation/e/infra/ecloud/nextcloud/selfhost:selfhost-21-0-9-12` - Set the nginx image to `nginx:1.20-alpine` + - Under `welcome`, set the following env variables: + - ``` + environment: + ... + - WELCOME_SMTP_FROM=${SMTP_FROM} + - WELCOME_SMTP_PW=${SMTP_PW} + ... + ``` - Add `ecloud-accounts` secret to secure the `ecloud-accounts` API: - Generate a secure secret string -- GitLab From e1c7be38eec45855d58dad83f1fea097ab4315ad Mon Sep 17 00:00:00 2001 From: Akhil Date: Tue, 23 Aug 2022 16:58:02 +0530 Subject: [PATCH 6/9] ecloud-drop-account -> ecloud-accounts --- scripts/postinstall.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/postinstall.sh b/scripts/postinstall.sh index 4117fa4..88d9230 100755 --- a/scripts/postinstall.sh +++ b/scripts/postinstall.sh @@ -46,7 +46,7 @@ docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enabl docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable contacts docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable news docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable email-recovery -docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable ecloud_drop_account +docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable ecloud-accounts docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable ecloud-theme-helper docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:enable ecloud-launcher docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:disable firstrunwizard @@ -57,9 +57,9 @@ docker-compose exec -T --user www-data nextcloud php /var/www/html/occ app:insta docker-compose exec -T --user www-data nextcloud php /var/www/html/occ config:system:set integrity.check.disabled --value='true' --type=boolean echo "Installing custom ecloud drop account plugin" -# Add WELCOME_SECRET from .env file as a system config value, to be used by our ecloud_drop_account plugin +# Add WELCOME_SECRET from .env file as a system config value, to be used by our ecloud-accounts plugin docker-compose exec -T --user www-data nextcloud php occ config:system:set e_welcome_secret --value="$WELCOME_SECRET" -# Add VHOST_ACCOUNTS from .env file as a system config value, to be used by our ecloud_drop_account plugin +# Add VHOST_ACCOUNTS from .env file as a system config value, to be used by our ecloud-accounts plugin docker-compose exec -T --user www-data nextcloud php occ config:system:set e_welcome_domain --value="welcome.$DOMAIN" # Add missing indices -- GitLab From 319e33aa364840f73d608e23068b9971f112b37e Mon Sep 17 00:00:00 2001 From: Sylvain Manceau Date: Thu, 25 Aug 2022 09:59:10 +0000 Subject: [PATCH 7/9] Added env var for ECLOUD_ACCOUNTS_SECRET --- scripts/base.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/base.sh b/scripts/base.sh index 3675432..d79cd93 100755 --- a/scripts/base.sh +++ b/scripts/base.sh @@ -40,3 +40,6 @@ SMTP_PW=$(grep ^SMTP_PW= "$ENVFILE" | awk -F= '{ print $NF }') SMTP_HOST=$(grep ^SMTP_HOST= "$ENVFILE" | awk -F= '{ print $NF }') MYSQL_ROOT_PASSWORD=$(grep ^MYSQL_ROOT_PASSWORD= "$ENVFILE" | awk -F= '{ print $NF }') + +ECLOUD_ACCOUNTS_SECRET=$(grep ^ECLOUD_ACCOUNTS_SECRET= "$ENVFILE" | awk -F= '{ print $NF }') + -- GitLab From fe3cda2884a5f64f290bb66478b0cfc094d54183 Mon Sep 17 00:00:00 2001 From: Sylvain Manceau Date: Thu, 25 Aug 2022 10:09:45 +0000 Subject: [PATCH 8/9] Corrected URL for "account ready" email templates --- scripts/postinstall.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/postinstall.sh b/scripts/postinstall.sh index 88d9230..6ec4e65 100755 --- a/scripts/postinstall.sh +++ b/scripts/postinstall.sh @@ -102,6 +102,7 @@ echo "Setting the right domain in welcome templates" docker-compose exec -T welcome find /var/www/html/invite_template/ -type f -exec sed -i "s/ecloud\.global/$DOMAIN/g" {} \; docker-compose exec -T welcome find /var/www/html/invite_template/ -type f -exec sed -i "s/e\.email/$DOMAIN/g" {} \; docker-compose exec -T welcome find /var/www/html/ -type f -name '*.html' -exec sed -i "s/e\.email/$DOMAIN/g" {} \; +docker-compose exec -T welcome find /var/www/html/account_created_templates/ -type f -exec sed -i "s/ecloud\.global/$DOMAIN/g" {} \; # display DKIM DNS setup info/instructions to the user echo -e "\n\n\n" -- GitLab From 3a6633af3128510af67d071bcd2fd4f75b574e91 Mon Sep 17 00:00:00 2001 From: Sylvain Manceau Date: Thu, 25 Aug 2022 10:14:02 +0000 Subject: [PATCH 9/9] Fixed DKIM record display for easy use --- scripts/postinstall.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/postinstall.sh b/scripts/postinstall.sh index 88d9230..a8b1a81 100755 --- a/scripts/postinstall.sh +++ b/scripts/postinstall.sh @@ -108,7 +108,7 @@ echo -e "\n\n\n" echo -e "Please add the following records to your domain's DNS configuration:\n" find /mnt/repo-base/volumes/mail/dkim/ -maxdepth 1 -mindepth 1 -type d | while read line; do DOMAIN=$(basename $line) - echo " - DKIM record (TXT) for $DOMAIN:" && cat $line/mail.public.key + echo " - DKIM record (TXT) for $DOMAIN:" && sed $'N;s/"\\n\t"//g' $line/mail.public.key done echo "=================================================================================================================================" -- GitLab