From b3e97981468857544dcd2f2da7aec11263dc5995 Mon Sep 17 00:00:00 2001 From: root Date: Sat, 29 May 2021 10:11:25 +0200 Subject: [PATCH] automated saml wp --- Makefile | 15 ++++++++++++--- digitaldemocratic.conf.sample | 4 ++++ isard-apps | 2 +- isard-sso | 2 +- 4 files changed, 18 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 3f76ff5..f0c7611 100644 --- a/Makefile +++ b/Makefile @@ -90,6 +90,12 @@ remove: down .PHONY: add-plugins add-plugins: connect-saml + # Add dd admin user (NOT USED, done in isard-sso-admin) + # docker exec isard-sso-keycloak /opt/jboss/keycloak/bin/add-user-keycloak.sh -u $$DDADMIN_USER -p $$DDADMIN_PASSWORD + # docker restart isard-sso-keycloak + # sleep 10 + # docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=$$DDADMIN_PASSWORD && php occ user:add --password-from-env --display-name="DD Admin" --group="admin" $$DDADMIN_USER' + # Wordpress ## Multisite docker exec -ti isard-apps-wordpress /bin/sh -c "/multisite.sh" @@ -124,8 +130,6 @@ add-plugins: connect-saml docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice jwt_header --value="Authorization" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set allow_local_remote_servers --value=true - # Add custom admin users - ##docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=$$NEXTCLOUD_DDADMIN_PASSWORD && php occ user:add --password-from-env --display-name="DD Admin" --group="admin" ddadmin' # Allow nextcloud into other apps iframes # Content-Security-Policy: frame-ancestors 'self' *.$$DOMAIN; @@ -143,10 +147,15 @@ add-plugins: connect-saml # Content-Security-Policy: font-src 'self' *.$$DOMAIN; docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$$allowedFontDomains = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php + # CERTIFICATES FOR SAML + docker exec -ti isard-sso-admin /bin/sh -c "/admin/generate_certificates.sh" + # SAML PLUGIN NEXTCLOUD - docker exec -ti isard-sso-admin /bin/sh -c "/admin/nextcloud_gencerts.sh" docker exec -ti isard-sso-admin python3 /admin/nextcloud_saml.py + # SAML PLUGIN WORDPRESS + docker exec -ti isard-sso-admin python3 /admin/wordpress_saml.py + # SAML PLUGIN MOODLE echo "To add SAML to moodle:" echo "1.-Activate SAML plugin in moodle extensions, regenerate certificate, lock certificate" diff --git a/digitaldemocratic.conf.sample b/digitaldemocratic.conf.sample index 6d2dcb8..d55bbec 100644 --- a/digitaldemocratic.conf.sample +++ b/digitaldemocratic.conf.sample @@ -19,6 +19,10 @@ SMTP_USER=your_email@mymailserver.com SMTP_PASSWORD=SuperSecret SMTP_PROTOCOL=tls +DDADMIN_USER=ddadmin +DDADMIN_PASSWORD=Th3M@st3r +DDADMIN_EMAIL=theemail@mymailserver.com + ### ADMINAPP (username:admin-app) ADMINAPP_PASSWORD=Sup3rS3cret #ADMINAPP_KEYCLOAK_PASSWORD=test diff --git a/isard-apps b/isard-apps index 7a6b416..f99da31 160000 --- a/isard-apps +++ b/isard-apps @@ -1 +1 @@ -Subproject commit 7a6b416e469c3afceb45838f916389145fbb9cc0 +Subproject commit f99da311e3da9389c7a9026bfd267d6c4b9cf78d diff --git a/isard-sso b/isard-sso index ab559dd..be28c1a 160000 --- a/isard-sso +++ b/isard-sso @@ -1 +1 @@ -Subproject commit ab559dd35af2e6177bac56e6b5c891de6df9f40e +Subproject commit be28c1ae30edb6097e0921c2aaebbaf92a68f566