From f0e4b552017ab87dd0284ec404c0d4735e1e09ff Mon Sep 17 00:00:00 2001
From: root <josepmaria@isardvdi.com>
Date: Wed, 29 Sep 2021 13:07:52 +0200
Subject: [PATCH] Updated inital install

---
 README.md                     |  19 +++++-
 README_en.md                  |  42 +++++++++----
 dd-ctl                        | 112 +++++++++++++++++-----------------
 digitaldemocratic.conf.sample |  10 +++
 isard-apps                    |   2 +-
 5 files changed, 116 insertions(+), 69 deletions(-)

diff --git a/README.md b/README.md
index 018bc7a..43a8a24 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,12 @@ cp -R custom.sample custom
 
 Edita i substitueix els fitxers per personalitzar el sistema.
 
+La primera vegada executa:
+```
+./dd-ctl update-repo
+```
+
+I després:
 ```
 ./dd-ctl all
 ```
@@ -134,11 +140,22 @@ Copieu digitaldemocratic.conf.exemple a digitaldemocratic.conf i  editeu-lo per
 Copia recursivament la carpeta *custom.sample* a *custom* i edita els fitxers yaml de personalització i menú i substitueix les imatges.
 
 ### Iniciar el projecte
+La primera vegada (i si voleu actualitzar a la última versió posteriorment) executeu:
+```
+./dd-ctl update-repo
+```
+I després
 ```
 ./dd-ctl all
 ```
 
+Posteriorment podreu iniciar o aturar amb:
+```
+./dd-ctl down
+./dd-ctl up
+```
+
 ### Integració
 
-Llegiu el fitxer [SAML_README.md](https://gitlab.com/isard/isard-sso/-/blob/master/docs/SAML_README.md) a la carpeta isard-sso/docs per integrar totes les aplicacions. Ara el  Nextcloud i el Wordpress s'haurien d'integrar automàticament amb el Keycloak després d'acabar el *make all* excepte Moodle que encara necessita alguns passos manuals i el Wordpress que cal només activar el connector.
+Llegiu el fitxer [SAML_README.md](https://gitlab.com/isard/isard-sso/-/blob/master/docs/SAML_README.md) a la carpeta isard-sso/docs per integrar totes les aplicacions. Ara el  Nextcloud i el Wordpress s'haurien d'integrar automàticament amb el Keycloak.
 
diff --git a/README_en.md b/README_en.md
index 56d9f61..aa633d8 100644
--- a/README_en.md
+++ b/README_en.md
@@ -71,6 +71,11 @@ cp -R custom.sample custom
 
 Edit and replace files to personalize system.
 
+The first time execute:
+```
+./dd-ctl update-repo
+```
+And then:
 ```
 ./dd-ctl all
 ```
@@ -111,14 +116,15 @@ Refer to the official documentation (https://docs.docker.com/engine/install/) or
 
 Refer to the official documentation (https://docs.docker.com/compose/install/) or use our sysadm script if you are on a Debian Buster (10).
 
-### Configuració
+### Setup
 
-Copieu digitaldemocratic.conf.sample a digitaldemocratic.conf i  editeu-lo per satisfer les vostres necessitats. Com a mínim (per a desenvolupament) heu d'adaptar la variable de DOMINI al vostre domini  arrel.
+Copy digitaldemocratic.conf.sample to digitaldemocratic.conf and edit to satisfy your needs. At least (to development) you should adapt
+the DOMINI envvar to your root domain.
 
-- PRODUCCIÓ: Necessiteu un dns multidomini (o redirigeix els subdominis múltiples) a la vostra màquina servidor.
-- Desenvolupament: Heu d'editar el fitxer /etc/hosts i afegir els subdominis només per a propòsits de proves local.
+- PRODUCTION: You'll need a multidomain dns (or redirect all the subdomains) to your server IP.
+- DEVELOPMENT: You'll have to edit your /etc/hosts and add all the required domains to your development server IP.
 
-#### Subdominis
+#### Subdomains
 - Keycloak: sso.<yourdomain.org>
 - Api: api.<yourdomain.org>
 - Moodle: moodle.<yourdomain.org>
@@ -126,18 +132,32 @@ Copieu digitaldemocratic.conf.sample a digitaldemocratic.conf i  editeu-lo per s
 - Wordpress: wp.<yourdomain.org>
 - Onlyoffice: oof.<yourdomain.org>
 - Etherpad: pad.<yourdomain.org>
-- (opcional) FreeIPA: ipa.<yourdomain.org>
+- (optional) FreeIPA: ipa.<yourdomain.org>
 
-### Personalització
+### Customization
 
-Copia recursivament la carpeta *custom.sample* a *custom* i edita els fitxers yaml de personalització i de menú i substitueix les imatges.
+Recursively copy the *custom.sampl* folder to *custom* and edit the yaml personalization files and substitute the image.
 
-### Inicial el projecte
+### Start the project
+
+The first time (and to upgrade later) you should execute:
+```
+./dd-ctl update-repo
+```
+And after:
 ```
 ./dd-ctl all
 ```
 
-### Integració
+Then you can control the up/down:
+```
+./dd-ctl down
+./dd-ctl up
+```
 
-Llegiu el  [SAML_README.md](https://gitlab.com/isard/isard-sso/-/blob/master/docs/SAML_README.md) a la carpeta isard-sso/docs per integrar totes les aplicacions. Ara el  nextcloud i el wordpress s'haurien d'integrar automàticament amb el Keycloak després d'acabar el *make all* excepte Moodle que encara  necessita alguns passos manuals. i el plugin de Wordpress que cal només activar-lo en acabar.
+### Integration
+
+Read the [SAML_README.md](https://gitlab.com/isard/isard-sso/-/blob/master/docs/SAML_README.md) in isard-sso/docs folder
+to known more about setting and customizing applications, specially if the SSO fails to get correctly configured the
+first time.
 
diff --git a/dd-ctl b/dd-ctl
index dc8cf9c..886a149 100755
--- a/dd-ctl
+++ b/dd-ctl
@@ -8,8 +8,9 @@ if [ -z "$OPERATION" ]; then
     set +x
     echo "Missing command."
 	echo " Example: ./dd.ctl [operation]"
-	echo "                            Bring the project up: ./dd-ctl all"
-    echo "Bring the project up without changing submodules: ./dd-ctl all-develop"
+	echo "                               Update repository: ./dd-ctl update-repo [branch-name] (defaults to master)"
+	echo "                    Bring the current project up: ./dd-ctl all"
+	echo "                         Build the compose files: ./dd-ctl build"
 	echo "                  Start the project when stopped: ./dd-ctl up"
 	echo "                   Stop the project when started: ./dd-ctl down"
 	echo "                            Apply customizations: ./dd-ctl customize"
@@ -28,15 +29,14 @@ cp digitaldemocratic.conf .env
 CUSTOM_PATH=$(pwd)
 . ./.env
 
-prepare_submodules(){
-	if [ ! "$BRANCH" = "develop" ]; then
-		git submodule update --init --recursive
-		cd isard-apps && git fetch && git reset --hard origin/$BRANCH && cd ..
-		cd isard-sso && git fetch && git reset --hard origin/$BRANCH && cd ..
-	fi
+update_repo(){
+	git fetch && git reset --hard origin/$BRANCH
+	git submodule update --init --recursive
+	cd isard-apps && git fetch && git reset --hard origin/$BRANCH && cd ..
+	cd isard-sso && git fetch && git reset --hard origin/$BRANCH && cd ..
 }
 
-prepare(){
+build(){
 	## Prepare apps environment
 	cp .env isard-apps/.env
 	echo "CUSTOM_PATH=$CUSTOM_PATH" >> isard-apps/.env
@@ -87,10 +87,6 @@ prepare(){
 					config > apps.yml
 	docker-compose -f sso.yml -f apps.yml config > docker-compose.yml
 	rm sso.yml apps.yml
-
-}
-
-build(){
 	docker-compose build
 }
 
@@ -173,9 +169,10 @@ setup_wordpress(){
 	## Multisite
 	docker exec -ti isard-apps-wordpress /bin/sh -c "/multisite.sh"
 
-	docker exec -ti isard-apps-wordpress /bin/sh -c "if [ ! -d /var/www/html/wp-content/plugins/saml/onelogin-saml-sso ]; then cp -R /plugins/saml/onelogin-saml-sso /var/www/html/wp-content/plugins/; fi"
-	docker exec -ti isard-apps-wordpress /bin/sh -c "if [ ! -d /var/www/html/wp-content/mu-plugins ]; then cp -R /plugins/mu-plugins /var/www/html/wp-content/; fi"
-
+	# docker exec -ti isard-apps-wordpress /bin/sh -c "if [ ! -d /var/www/html/wp-content/plugins/saml/onelogin-saml-sso ]; then cp -R /plugins/saml/onelogin-saml-sso /var/www/html/wp-content/plugins/; fi"
+	# docker exec -ti isard-apps-wordpress /bin/sh -c "if [ ! -d /var/www/html/wp-content/mu-plugins ]; then cp -R /plugins/mu-plugins /var/www/html/wp-content/; fi"
+	docker-compose run --user=33 isard-apps-wordpress-cli /bin/bash -c 'wp plugin install onelogin-saml-sso --activate'
+	# docker-compose run isard-apps-wordpress-cli /bin/bash -c 'wp plugin activate onelogin-saml-sso --network'
 }
 
 setup_keycloak(){
@@ -251,6 +248,7 @@ extras_develop(){
 }
 
 upgrade_plugins_moodle(){
+	wait_for_moodle
 	rm -rf /tmp/moodle
 
 	mkdir -p /tmp/moodle/mod
@@ -259,45 +257,47 @@ upgrade_plugins_moodle(){
 	mkdir -p /tmp/moodle/theme/cbe
 	mkdir -p /tmp/moodle/blocks
 
-    curl --location https://moodle.org/plugins/download.php/25078/mod_jitsi_moodle311_2021090100.zip > jitsi.zip
+    curl --location $MOODLE_PLUGIN_JITSI > jitsi.zip
     unzip jitsi.zip -d /tmp/moodle/mod/
     rm jitsi.zip
 
-    curl --location https://moodle.org/plugins/download.php/24977/mod_bigbluebuttonbn_moodle311_2019101011.zip > bbb.zip
+    curl --location $MOODLE_PLUGIN_BBB > bbb.zip
     unzip bbb.zip -d /tmp/moodle/mod/
     rm bbb.zip
 
-    curl --location https://github.com/isard-vdi/moodle-auth_saml2/archive/refs/heads/role_map.zip > auth_saml2.zip
+    # curl --location https://github.com/isard-vdi/moodle-auth_saml2/archive/refs/heads/role_map.zip > auth_saml2.zip
+	# curl --location https://moodle.org/plugins/download.php/24556/auth_saml2_moodle311_2021062900.zip > auth_saml2.zip
+	curl --location $MOODLE_PLUGIN_SAML > auth_saml2.zip
     unzip auth_saml2.zip -d /tmp/moodle/auth/
     mv /tmp/moodle/auth/moodle-auth_saml2-role_map/* /tmp/moodle/auth/saml2/
     rm -rf /tmp/moodle/auth/moodle-auth_saml2-role_map
     rm auth_saml2.zip
 
-    curl --location https://github.com/3iPunt/moodle_mod_tresipuntshare/archive/refs/heads/master.zip > tresipuntshare.zip
+    curl --location $MOODLE_PLUGIN_TRESIPUNTSHARE > tresipuntshare.zip
     unzip tresipuntshare.zip -d /tmp/moodle/mod/
     mv /tmp/moodle/mod/moodle_mod_tresipuntshare-master /tmp/moodle/mod/tresipuntshare
     rm tresipuntshare.zip
 
-    curl --location https://github.com/3iPunt/moodle_mod_tresipuntvideo/archive/refs/heads/master.zip > tresipuntvideo.zip
+    curl --location $MOODLE_PLUGIN_TRESIPUNTVIDEO > tresipuntvideo.zip
     unzip tresipuntvideo.zip -d /tmp/moodle/mod/
     mv /tmp/moodle/mod/moodle_mod_tresipuntvideo-master /tmp/moodle/mod/tresipuntvideo
     rm tresipuntvideo.zip
 
-    curl --location https://github.com/3iPunt/moodle_mod_tresipuntaudio/archive/refs/heads/master.zip > tresipuntaudio.zip
+    curl --location $MOODLE_PLUGIN_TRESIPUNTAUDIO > tresipuntaudio.zip
     unzip tresipuntaudio.zip -d /tmp/moodle/mod/
     mv /tmp/moodle/mod/moodle_mod_tresipuntaudio-master /tmp/moodle/mod/tresipuntaudio
     rm tresipuntaudio.zip
 
-    curl --location https://github.com/3iPunt/moodle_assignsubmission_tipnc/archive/refs/heads/master.zip > assignsubmission_tipnc.zip
+    curl --location $MOODLE_PLUGIN_ASSIGNSUBMISSION > assignsubmission_tipnc.zip
     unzip assignsubmission_tipnc.zip -d /tmp/moodle/mod/assign/submission/
     mv /tmp/moodle/mod/assign/submission/moodle_assignsubmission_tipnc-master /tmp/moodle/mod/assign/submission/tipnc
     rm assignsubmission_tipnc.zip
 
-    curl --location https://gitlab.com/digitaldemocratic/digitaldemocratic/-/raw/master/custom.sample/moodle/plugins/block_tresipuntmodspend.zip?inline=false > block_tresipuntmodspend.zip
+    curl --location $MOODLE_PLUGIN_TRESIPUNTMODSPEND > block_tresipuntmodspend.zip
     unzip block_tresipuntmodspend.zip -d /tmp/moodle/blocks/
     rm block_tresipuntmodspend.zip
 
-    curl --location https://github.com/3iPunt/moodle_theme_cbe/archive/refs/heads/master.zip > tresipunt_theme_cbe.zip
+    curl --location $MOODLE_THEME_CBE > tresipunt_theme_cbe.zip
     unzip tresipunt_theme_cbe.zip -d /tmp/moodle/theme/cbe/
     mv /tmp/moodle/theme/cbe/moodle_theme_cbe-master/* /tmp/moodle/theme/cbe/
     rm tresipunt_theme_cbe.zip
@@ -311,33 +311,32 @@ upgrade_plugins_moodle(){
 
 upgrade_plugins_wp(){
 ## MU-PLUGINS WP
-    rm -rf /tmp/muplugins-google-sites-master
-    curl --location  https://gitlab.com/muplugins-multiste1/muplugins-google-sites/-/archive/master/muplugins-google-sites-master.zip > muplugins.zip
-    unzip muplugins.zip -d /tmp/
-    cp -R /tmp/muplugins-google-sites-master/mu-plugins/* /opt/digitaldemocratic/src/wordpress/wp-content/mu-plugins/
-    rm muplugins.zip
-    rm /tmp/muplugins-google-sites-master -rf
+	docker-compose run --user=root isard-apps-wordpress-cli /bin/bash -c 'curl --location  https://gitlab.com/muplugins-multiste1/muplugins-google-sites/-/archive/master/muplugins-google-sites-master.zip > muplugins.zip; \
+	unzip muplugins.zip; \
+	rm -rf /var/www/html/wp-content/mu-plugins/*; \
+	mkdir -p /var/www/html/wp-content/mu-plugins; \
+	cp -R muplugins-google-sites-master/mu-plugins/* /var/www/html/wp-content/mu-plugins/; \
+	chown -R 33:33 /var/www/html/wp-content/mu-plugins; \
+	rm muplugins.zip; \
+	rm muplugins-google-sites-master -rf;'
 }
 
-if [ "$OPERATION" = "prepare" ]; then
-	prepare_submodules
-	prepare
-	build
+if [ "$OPERATION" = "repo-update" ]; then
+	update_repo
 fi
 
 if [ "$OPERATION" = "build" ]; then
-	prepare_submodules
-	prepare
 	build
 fi
 
 if [ "$OPERATION" = "up" ]; then
-	prepare_submodules
-	prepare
-	build
 	up
 fi
 
+if [ "$OPERATION" = "down" ]; then
+	down
+fi
+
 if [ "$OPERATION" = "customize" ]; then
 	up
 	wait_for_moodle
@@ -348,25 +347,31 @@ fi
 
 if [ "$OPERATION" = "saml" ]; then
 	up
+	wait_for_moodle
 	saml_certificates
 fi
 
 if [ "$OPERATION" = "all" ]; then
-	prepare_submodules
-	prepare
 	build
 	up
+
 	wait_for_moodle
+	upgrade_plugins_moodle
+	upgrade_plugins_wp
+
 	setup_nextcloud
 	setup_wordpress
 	setup_moodle
+
 	saml_certificates
 
 	echo "\n\n"
 	echo " #### After install ####"
 	echo " - SSO in moodle should be active. You can go to: https://moodle.$DOMAIN"
+	echo "   If it fails, regenerate and lock certificate in moodle SAML2 connector as a local admin."
+	echo "   After that run ./dd-ctl saml"
 	echo " - SSO in nextcloud should be active. You can go to: https://nextcloud.$DOMAIN"
-	echo " - SSO in wordpress needs manual activation. You should go to https://wp.$DOMAIN/wp-admin//plugins.php "
+	echo " - SSO in wordpress should be active. You should go to https://wp.$DOMAIN/wp-admin//plugins.php "
 	echo "   and activate 'OneLogin SAML SSO' plugin"
 
 	echo "\n\n"
@@ -375,28 +380,23 @@ if [ "$OPERATION" = "all" ]; then
 fi
 
 if [ "$OPERATION" = "upgrade-plugins" ]; then
-	upgrade_plugins_moodle
-	upgrade_plugins_wp
-fi
-
-if [ "$OPERATION" = "all-develop" ]; then
-	prepare
-	build
 	up
 	wait_for_moodle
-	setup_nextcloud
-	setup_wordpress
-	setup_moodle
-	saml_certificates
+	upgrade_plugins_moodle
+	upgrade_plugins_wp
 fi
 
 if [ "$OPERATION" = "adminer" ]; then
 	extras_adminer
 fi
 
-if [ "$OPERATION" = "reset-7941" ]; then
+if [ "$OPERATION" = "pgtuner" ]; then
+	extras_pgtuner
+fi
+
+if [ "$OPERATION" = "reset-1714" ]; then
 	echo "Resetting all but certificates"
-	docker-compose down
+	down
 	rm -rf /opt/digitaldemocratic/backup
 	rm -rf /opt/digitaldemocratic/data
 	rm -rf /opt/digitaldemocratic/db
diff --git a/digitaldemocratic.conf.sample b/digitaldemocratic.conf.sample
index f9d2dba..54d5237 100644
--- a/digitaldemocratic.conf.sample
+++ b/digitaldemocratic.conf.sample
@@ -110,6 +110,16 @@ MOODLE_IMG=erseco/alpine-php7-webserver:1.10.0
 MOODLE_VERSION=MOODLE_311_STABLE
 MOODLE_MAX_FILESIZE_UPLOAD=50M
 
+MOODLE_PLUGIN_JITSI=https://moodle.org/plugins/download.php/23360/mod_jitsi_moodle310_2021052500.zip
+MOODLE_PLUGIN_BBB=https://moodle.org/plugins/download.php/23294/mod_bigbluebuttonbn_moodle310_2019101009.zip
+MOODLE_PLUGIN_SAML=https://github.com/isard-vdi/moodle-auth_saml2/archive/refs/heads/role_map.zip
+MOODLE_PLUGIN_TRESIPUNTSHARE=https://github.com/3iPunt/moodle_mod_tresipuntshare/archive/refs/heads/master.zip
+MOODLE_PLUGIN_TRESIPUNTVIDEO=https://github.com/3iPunt/moodle_mod_tresipuntvideo/archive/refs/heads/master.zip
+MOODLE_PLUGIN_TRESIPUNTAUDIO=https://github.com/3iPunt/moodle_mod_tresipuntaudio/archive/refs/heads/master.zip
+MOODLE_PLUGIN_ASSIGNSUBMISSION=https://github.com/3iPunt/moodle_assignsubmission_tipnc/archive/refs/heads/master.zip
+MOODLE_PLUGIN_TRESIPUNTMODSPEND=https://gitlab.com/digitaldemocratic/digitaldemocratic/-/raw/master/custom.sample/moodle/plugins/block_tresipuntmodspend.zip?inline=false
+MOODLE_THEME_CBE=https://github.com/3iPunt/moodle_theme_cbe/archive/refs/heads/master.zip
+
 ## NEXTCLOUD
 NEXTCLOUD_IMG=nextcloud:21.0.2-fpm-alpine
 
diff --git a/isard-apps b/isard-apps
index f8dd910..cb96478 160000
--- a/isard-apps
+++ b/isard-apps
@@ -1 +1 @@
-Subproject commit f8dd910b724ce7955948d27d17c840bb01faf2af
+Subproject commit cb96478a2ddf977fb394e3e4b117be16b47f9773