Added securization script and haproxy auth to admin app
parent
ead1a721be
commit
9e39c7b5e0
7
Makefile
7
Makefile
|
@ -117,10 +117,13 @@ add-plugins:
|
||||||
docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice jwt_header --value="Authorization"
|
docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice jwt_header --value="Authorization"
|
||||||
docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set allow_local_remote_servers --value=true
|
docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set allow_local_remote_servers --value=true
|
||||||
|
|
||||||
# Allow nextcloud into other apps iframes
|
# Allow nextcloud into other apps iframes
|
||||||
# Content-Security-Policy: frame-ancestors 'self' *.$$DOMAIN;
|
# Content-Security-Policy: frame-ancestors 'self' *.$$DOMAIN;
|
||||||
docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$$allowedFrameAncestors = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php
|
docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$$allowedFrameAncestors = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php
|
||||||
|
|
||||||
|
# Add custom admin users
|
||||||
|
##docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=$$NEXTCLOUD_DDADMIN_PASSWORD && php occ user:add --password-from-env --display-name="DD Admin" --group="admin" ddadmin'
|
||||||
|
|
||||||
# default labels
|
# default labels
|
||||||
echo "INSERT INTO oc_systemtag (name, editable) VALUES ('nombre etiqueta', 0);" | docker exec -i isard-apps-postgresql psql -U admin -d nextcloud
|
echo "INSERT INTO oc_systemtag (name, editable) VALUES ('nombre etiqueta', 0);" | docker exec -i isard-apps-postgresql psql -U admin -d nextcloud
|
||||||
|
|
||||||
|
|
|
@ -19,13 +19,16 @@ SMTP_USER=your_email@mymailserver.com
|
||||||
SMTP_PASSWORD=SuperSecret
|
SMTP_PASSWORD=SuperSecret
|
||||||
SMTP_PROTOCOL=tls
|
SMTP_PROTOCOL=tls
|
||||||
|
|
||||||
### FREEIPA (ipa)
|
### ADMINAPP (username:admin-app)
|
||||||
###########################################################################
|
ADMINAPP_PASSWORD=Sup3rS3cret
|
||||||
IPA_ADMIN_PWD=freeipafreeipa
|
#ADMINAPP_KEYCLOAK_PASSWORD=test
|
||||||
|
#ADMINAPP_MOODLE_PASSWORD=test
|
||||||
|
#ADMINAPP_NEXTCLOUD_PASSWORD=test
|
||||||
|
|
||||||
|
|
||||||
### KEYCLOAK (sso)
|
### KEYCLOAK (sso)
|
||||||
###########################################################################
|
###########################################################################
|
||||||
KEYCLOAK_USER=admin
|
KEYCLOAK_USER=admin ## DO NOT CHANGE. It is not being modified at container start
|
||||||
KEYCLOAK_PASSWORD=keycloakkeycloak
|
KEYCLOAK_PASSWORD=keycloakkeycloak
|
||||||
|
|
||||||
KEYCLOAK_DB_ADDR=isard-apps-postgresql
|
KEYCLOAK_DB_ADDR=isard-apps-postgresql
|
||||||
|
@ -77,3 +80,7 @@ WORDPRESS_MARIADB_PASSWORD=W0rdpr3ss
|
||||||
WORDPRESS_ADMIN_USER=admin
|
WORDPRESS_ADMIN_USER=admin
|
||||||
WORDPRESS_ADMIN_PASSWORD=W0rdpr3ss
|
WORDPRESS_ADMIN_PASSWORD=W0rdpr3ss
|
||||||
|
|
||||||
|
|
||||||
|
### FREEIPA (ipa)
|
||||||
|
###########################################################################
|
||||||
|
IPA_ADMIN_PWD=freeipafreeipa
|
|
@ -1 +1 @@
|
||||||
Subproject commit 42932d55a03af7b4442df6f4a2bced7adb7f2fd6
|
Subproject commit a6826ec8c3b759ab0117629224d68d260854a98c
|
|
@ -0,0 +1,44 @@
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^SMTP_PASSWORD=/c\SMTP_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^ADMINAPP_PASSWORD=/c\ADMINAPP_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^KEYCLOAK_PASSWORD=/c\KEYCLOAK_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^KEYCLOAK_DB_PASSWORD=/c\KEYCLOAK_DB_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^POSTGRES_PASSWORD=/c\POSTGRES_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^MARIADB_PASSWORD=/c\MARIADB_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^MOODLE_POSTGRES_PASSWORD=/c\MOODLE_POSTGRES_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^MOODLE_ADMIN_PASSWORD=/c\MOODLE_ADMIN_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^NEXTCLOUD_POSTGRES_PASSWORD=/c\NEXTCLOUD_POSTGRES_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^NEXTCLOUD_ADMIN_PASSWORD=/c\NEXTCLOUD_ADMIN_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^ETHERPAD_POSTGRES_PASSWORD=/c\ETHERPAD_POSTGRES_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^ETHERPAD_ADMIN_PASSWORD=/c\ETHERPAD_ADMIN_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^WORDPRESS_MARIADB_PASSWORD=/c\WORDPRESS_MARIADB_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^WORDPRESS_ADMIN_PASSWORD=/c\WORDPRESS_ADMIN_PASSWORD=$PWD" digitaldemocratic.conf
|
||||||
|
|
||||||
|
PWD=$(shuf -n3 /usr/share/dict/words | tr -d "\n" | tr -d "'")
|
||||||
|
sed -i "/^IPA_ADMIN_PWD=/c\IPA_ADMIN_PWD=$PWD" digitaldemocratic.conf
|
Loading…
Reference in New Issue