From 04bfebf2e981dfb60347bce453ee70360a69ab7c Mon Sep 17 00:00:00 2001
From: Aleix Quintana Alsius <kinta@communia.org>
Date: Fri, 21 Apr 2023 21:38:59 +0000
Subject: [PATCH] PostInstall translation

---
 docs/post-install.md | 100 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 docs/post-install.md

diff --git a/docs/post-install.md b/docs/post-install.md
new file mode 100644
index 0000000..fa4bd02
--- /dev/null
+++ b/docs/post-install.md
@@ -0,0 +1,100 @@
+# Post-installation instructions
+
+Although the [installer](install.md) automates most of the configuration, some manual steps are still required.
+
+## Access without SAML
+
+Once installed, services are accessible without SAML, it can be useful to complete or check some configuration.
+
+login detail are defined in `dd.conf`.
+
+| Service | Variables | Login without SAML |
+| ------ | --------- | ---------------- |
+| Moodle | `MOODLE_ADMIN_*` |`https://moodle.DOMAIN/login/index.php?saml=off` |
+| Nextcloud | `NEXTCLOUD_ADMIN_*` | `https://nextcloud.DOMAIN/login?direct=1` |
+| Wordpress | `WORDPRESS_ADMIN_*` | `https://wp.DOMAIN/wp-login.php?normal` |
+| Keycloak | `KEYCLOAK_*` | `https://sso.DOMAIN/auth/admin/master/console` |
+| Admin | `DDADMIN_*` | `https://admin.DOMAIN` |
+
+
+## SAML user for testing
+
+To be able to check all services you need to create a SAML user.
+This is done in administration application in https://admin.DOMAIN.
+There follow next steps:
+
+- Create a group, for example: "teachers"
+- Click Resync button.
+- Go to groups and verify that group exists.
+- Go to users and create a "teacher01" of group "teachers" with role "teacher"
+
+## Activate WAF
+
+If you wish, you can enable Web Application Firewall/Modsecurity following [these instructions](waf-modsecurity.md).
+
+## Nextcloud common templates (Optional)
+
+It is possible to set common templates to all users:
+
+![](img/snapshot/Y!-rq;7GxjTW.png)
+
+
+## Integration Moodle-Nextcloud
+
+The integration between Moodle and Nextcloud is not automated, next steps must be followed once DD installation has finished.
+
+
+
+### Create a Oauth client in Nextcloud
+
+![](img/snapshot/3ICWP5X.png)
+
+- Name: moodle
+- URI: https://moodle.test1.digitaldemocratic.net/admin/oauth2callback.php
+
+The created **Client ID** and **Secret**, must be added in Moodle's OAuth2.
+
+
+### Create the service OAuth2 in Moodle
+
+https://moodle.test1.digitaldemocratic.net/admin/tool/oauth2/issuers.php
+
+Create new Nextcloud service
+
+![](img/snapshot/mkM8JN1.png)
+
+Configure as this:
+
+- Name: Nextcloud
+- Client Id: **Client ID**
+- Client Secret: **Secret**
+- [OK] Authenticate token requests via HTTP headers
+- Service base URL: https://nextcloud.test1.digitaldemocratic.net
+
+![](img/snapshot/KBV5ys2.png)
+
+To test that it works, click on the next icon:
+![](img/snapshot/XLQNA9i.png)
+
+And follow the authentication steps that indicates Nextcloud. A green tick, means that configuration is ok and it is working.
+
+### Enable repository in Moodle
+3. Go to 'Manage repositories' https://moodle.test1.digitaldemocratic.net/admin/repository.php
+
+Enable and make it visible
+
+Go to Nextcloud repository configuration:
+
+![](img/snapshot/JGRbAJF.png)
+
+Enable both options and save:
+
+![](img/snapshot/buRSMwg.png)
+
+Create an instance of the repository with these values:
+
+- Name: Nextcloud
+- Issuer: Select the OAuth2 created earlier
+- Folder: ''
+- Supported files: Internal and External
+- Return type: Internal
\ No newline at end of file