diff --git a/docs/extra-docs.md b/docs/extra-docs.md new file mode 100644 index 0000000..fd5c211 --- /dev/null +++ b/docs/extra-docs.md @@ -0,0 +1,159 @@ +# Extra documentation + +These configurations are automated, so are here only by informational purposes. + +## Keycloak configuration + +Go to `https://sso.DOMAIN/auth/admin/master/console` + +### THEMES + +- [ ] login theme: dd +- [ ] account theme: account-avatar +- [ ] internazionalization enabled: ON +- [ ] default locale: ca + + +1. Configure -> Realm Settings -> Themes + +Configure as this: + +![](img/snapshot/1FGGqna.png) + +### SECURITY DEFENSES + +- [ ] Change second line of Content-Security-Policy to: +`frame-src 'self'; frame-ancestors 'self' *.DOMAIN localhost; object-src 'none';` + +- [ ] Last one to: +`max-age=31536000; includeSubDomains` + +- [ ] Save + +![](img/snapshot/uS5uqJB.png) + +### CLIENT SCOPES + +- [ ] client scopes => mappers => role_list => Single Role Attribute: ON + +![](img/snapshot/Q2i349B.png) + +![](img/snapshot/KYbY4ao.png) + +![](img/snapshot/oJJPRdp.png) + +### CLIENT + +- [ ] Clients -> Account-console -> Settings -> Add a *Valid Redirect URIs* "https://moodle.DOMAIN.net/*" in addition to the wp one "https://wp.DOMINI.net/*" + +![](img/snapshot/vgamSuC.png) + +### EVENTS + +![](img/snapshot/events-keycloak.png) + + +### CLIENTS / account + +Add a valid redirection URI + +- [ ] `https://moodle.DOMAIN/*` +- [ ] `https://wp.DOMAIN/*` +- [ ] `/realms/master/account/*` +- [ ] `https://nextcloud.DOMAIN/*` + +![](img/snapshot/N_42e!m$3Fe.png) + +### Wordpress Configuration + +![](img/snapshot/Nk8YPCI.png) + +![](img/snapshot/3ZRPyzd.png) + +Configure the nickname of Wordpress: +![](img/snapshot/uOwYjOJ.png) + +Script: +``` +var Output = user.getFirstName()+" "+user.getLastName(); +Output; +``` + +#### To allow closing the SAML session from Wordpress + +![](img/snapshot/myofFZv.png) + +Add these settings: + +`/realms/master/account/*` +`https://wp.DOMAIN/*` + +![](img/snapshot/7U9t8Zn.png) + +Save the configuration. + +## Nextcloud configuration + +### Email +- To configure email: + +![](img/snapshot/5jIt2EE.png) +![](img/snapshot/gMQAKmb.png) + + +### Circles + +1. To download the Circles application: Applications -> Featured apps -> Circles (Download and enable) + +![](img/snapshot/yyNyUvc.png) + +2. A new menu entry will exist in Settings + +![](img/snapshot/IbRuJqC.png) + +3. Get back to Settings and click "Administration" >> "Groupware" configuration: + +![](img/snapshot/yjbOrLz.png) + +It could be enabled by command line: + +``` +docker exec -u www-data dd-apps-nextcloud-app php occ --no-warnings config:app:set circles members_limit --value="150" +docker exec -u www-data dd-apps-nextcloud-app php occ --no-warnings config:app:set circles allow_linked_groups --value="1" +docker exec -u www-data dd-apps-nextcloud-app php occ --no-warnings config:app:set circles skip_invitation_to_closed_circles --value="1 +``` + +### Other configurations + +4. Add docker network as whitelist. Administration -> Security +![](img/snapshot/9RxNQNx.png) + +5. Configure OnlyOffice templates in Nextcloud + +![](img/snapshot/ogGM_pzr3ybW.png) + +And save + +## Wordpress settings + +### SAML2 plugin + + +**1. Login as admin in WordPress (with closed session in other environments): https://wp.\/wp-login.php?normal** + +**2. Enable plugin "OneLogin SAML SSO" and apply changes** + + +### Generate Block plugin and GeneratePress theme + +Check that GenerateBlock plugin and GeneratePress theme are installed and enabled. + +![](img/snapshot/gZGNZXY.png) + +![](img/snapshot/iThTdIa.png) + +### Date and time + +- To set up date and time: + +![](img/snapshot/JbyHUqJ.png)