#!/bin/bash if [ ! -d "custom" ]; then echo "You need to copy custom.sample to custom folder and adapt it to your needs." && exit 1; fi if [ ! -f "digitaldemocratic.conf" ]; then echo "You need to copy digitaldemocratic.conf.sample to digitaldemocratic.conf and adapt" && exit 1; fi OPERATION="$1" if [ -z "$OPERATION" ]; then set +x echo "Missing command." echo " Example: ./dd.ctl [operation]" echo " Update repository: ./dd-ctl repo-update [branch-name] (defaults to master)" echo " Bring the current project up: ./dd-ctl all" echo " Build the compose files: ./dd-ctl build" echo " Regenerate docker-compose.yml from conf: ./dd-ctl yml" echo " Build the devel compose files: ./dd-ctl build-devel" echo " Start the project when stopped: ./dd-ctl up" echo " Stop the project when started: ./dd-ctl down" echo " Apply customizations: ./dd-ctl customize" echo " Update SAML certificates: ./dd-ctl saml" echo " Upgrade plugins: ./dd-ctl upgrade-plugins" echo " Branding (custom/img, custom/menu): ./dd-ctl branding" echo " Restart api if changes applied (development): ./dd-ctl restart-api" echo " Generate adminer.yml to access DBs: ./dd-ctl adminer" echo " Rescan nextcloud data folders: ./dd-ctl nextcloud-scan" exit 1 fi BRANCH="$2" if [ -z "$BRANCH" ]; then BRANCH="master" fi cp digitaldemocratic.conf .env CUSTOM_PATH=$(pwd) . ./.env update_repo(){ git fetch && git checkout $BRANCH git submodule update --init --recursive cd isard-apps && git fetch && git checkout $BRANCH && git pull && cd .. cd isard-sso && git fetch && git checkout $BRANCH && git pull && cd .. } build_compose(){ ## Prepare apps environment cp .env isard-apps/.env echo "CUSTOM_PATH=$CUSTOM_PATH" >> isard-apps/.env echo "BUILD_ROOT_PATH=$CUSTOM_PATH/isard-apps" >> isard-apps/.env cp isard-apps/.env isard-apps/docker/postgresql && \ cp isard-apps/.env isard-apps/docker/mariadb && \ cp isard-apps/.env isard-apps/docker/moodle && \ cp isard-apps/.env isard-apps/docker/nextcloud && \ cp isard-apps/.env isard-apps/docker/wordpress && \ cp isard-apps/.env isard-apps/docker/etherpad ## Prepare sso environment cp .env isard-sso/.env echo "CUSTOM_PATH=$CUSTOM_PATH" >> isard-sso/.env echo "BUILD_ROOT_PATH=$CUSTOM_PATH/isard-sso" >> isard-sso/.env cp isard-sso/.env isard-sso/docker-compose-parts/.env mkdir -p custom/system/keycloak cp -R isard-sso/docker/keycloak/themes custom/system/keycloak/ cp custom/login/logo.png custom/system/keycloak/themes/liiibrelite/login/resources/img/logo.png cp custom/login/background.png custom/system/keycloak/themes/liiibrelite/login/resources/img/loginBG.png cp custom/login/background.png custom/system/keycloak/themes/liiibrelite/login/resources/img/loginBG2.png if [ "$BEHIND_PROXY" = "true" ]; then BEHIND="haproxy-behind.yml" else BEHIND="haproxy.yml" fi # Build compose ymls echo CUSTOM_PATH=$CUSTOM_PATH > .env echo BUILD_ROOT_PATH=$CUSTOM_PATH/isard-sso >> .env docker-compose -f isard-sso/docker-compose-parts/$BEHIND \ -f isard-sso/docker-compose-parts/api.yml \ -f isard-sso/docker-compose-parts/keycloak.yml \ -f isard-sso/docker-compose-parts/avatars.yml \ -f isard-apps/docker/postgresql/postgresql.yml \ -f isard-sso/docker-compose-parts/admin.yml \ -f isard-sso/docker-compose-parts/backup.yml \ config > sso.yml #-f isard-sso/docker-compose-parts/freeipa.yml echo BUILD_ROOT_PATH=$CUSTOM_PATH/isard-apps > .env docker-compose -f isard-apps/docker/moodle/moodle.yml \ -f isard-apps/docker/nextcloud/nextcloud.yml \ -f isard-apps/docker/wordpress/wordpress.yml \ -f isard-apps/docker/etherpad/etherpad.yml \ -f isard-apps/docker/onlyoffice/onlyoffice.yml \ -f isard-apps/docker/redis/redis.yml \ -f isard-apps/docker/postgresql/postgresql.yml \ -f isard-apps/docker/mariadb/mariadb.yml \ -f isard-apps/docker/network.yml \ config > apps.yml docker-compose -f sso.yml -f apps.yml config > docker-compose.yml rm sso.yml apps.yml } build(){ build_compose docker-compose build } build_compose_develop(){ build_compose ## Prepare sso environment cp .env isard-sso/.env echo "CUSTOM_PATH=$CUSTOM_PATH" >> isard-sso/.env echo "BUILD_ROOT_PATH=$CUSTOM_PATH/isard-sso" >> isard-sso/.env cp isard-sso/.env isard-sso/docker-compose-parts/.env # Build compose ymls echo CUSTOM_PATH=$CUSTOM_PATH > .env echo BUILD_ROOT_PATH=$CUSTOM_PATH/isard-sso >> .env # echo CUSTOM_PATH=$(CUSTOM_PATH) > .env # echo BUILD_ROOT_PATH=$(CUSTOM_PATH)/isard-sso >> .env docker-compose -f docker-compose.yml \ -f isard-sso/docker-compose-parts/api.devel.yml \ -f isard-sso/docker-compose-parts/admin.devel.yml \ config > devel.yml } up(){ docker-compose up -d } down(){ docker-compose down } setup_nextcloud(){ echo " --> Applying custom settings in nextcloud" # docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=$DDADMIN_PASSWORD && php occ user:add --password-from-env --display-name="DD Admin" --group="admin" $DDADMIN_USER' # docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=admin && php occ user:delete admin' # docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=LostAdminGroup && php occ user:add --password-from-env --display-name="Admin" --group="admin" admin' # docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set unaprova token --value "SuperS3cret" #cp -R $BUILD_ROOT_PATH/isard-apps/docker/nextcloud/themes/* $DATA_FOLDER/nextcloud/themes/ docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set default_language --value="ca" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set skeletondirectory --value='' docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:disable firstrunwizard docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:disable recommendations # Custom forms docker exec isard-apps-nextcloud-app apk add git npm docker exec -u www-data isard-apps-nextcloud-app rm -rf /var/www/html/custom_apps/forms docker exec -u www-data isard-apps-nextcloud-app git clone https://github.com/juanan3ip/form /var/www/html/custom_apps/forms docker exec -u www-data isard-apps-nextcloud-app npm --prefix /var/www/html/custom_apps/forms install docker exec -u www-data isard-apps-nextcloud-app php occ app:enable forms docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:install polls docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:install calendar docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:install spreed # Big Blue Button docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:install bbb # Disable Big Blue Button media check by default docker exec -u www-data isard-apps-nextcloud-app php occ config:app:set bbb join.mediaCheck --value="false" # Disable Big Blue Button listen only mode by default docker exec isard-apps-nextcloud-app sed -i.orig 's/^\(\s*$room->setListenOnly(\)true\();\)$/\1false\2/' /var/www/html/custom_apps/bbb/lib/Service/RoomService.php # Enable option to join muted to Big Blue Button room by default docker exec isard-apps-nextcloud-app sed -i 's/^\(\s*$room->setJoinMuted(\)false\();\)$/\1true\2/' /var/www/html/custom_apps/bbb/lib/Service/RoomService.php docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set theme --value=digitaldemocratic docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:system:set allow_local_remote_servers --value=true docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings maintenance:theme:update docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:disable dashboard'" docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:install mail'" docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:enable mail'" docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:install user_saml'" docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:enable user_saml'" docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:install ownpad'" docker exec isard-apps-nextcloud-app apk add jq docker exec isard-apps-nextcloud-app sh -c 'jq ". + {\"pad\": [\"application/x-ownpad\"], \"calc\": [\"application/x-ownpad\"]}" /var/www/html/resources/config/mimetypemapping.dist.json > /var/www/html/config/mimetypemapping.json' nextcloud_scan # Open pads in a new tab/window docker exec isard-apps-nextcloud-app sed -i.orig 's/^\(\s*\)\(var viewer = OC.generateUrl.*\)/\1\2\n\1window.open(viewer);\n\1return;/' /var/www/html/custom_apps/ownpad/js/ownpad.js docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ app:enable ownpad'" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set ownpad ownpad_etherpad_enable --value="yes" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set ownpad ownpad_etherpad_host --value="https://pad.$DOMAIN" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings app:install onlyoffice docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice DocumentServerUrl --value="https://oof.$DOMAIN" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice jwt_secret --value="secret" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice jwt_header --value="Authorization" docker exec -u www-data isard-apps-nextcloud-app php occ --no-warnings config:app:set onlyoffice sameTab --value="false" # Allow nextcloud into other apps iframes # Content-Security-Policy: frame-ancestors 'self' *.$DOMAIN; docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$allowedFrameAncestors = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php # Content-Security-Policy: connect-src 'self' *.$DOMAIN; docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$allowedConnectDomains = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php # Content-Security-Policy: img-src 'self' *.$DOMAIN; docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$allowedImageDomains = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php # Content-Security-Policy: style-src 'self' *.$DOMAIN; docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$allowedStyleDomains = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php # Content-Security-Policy: font-src 'self' *.$DOMAIN; docker exec -ti isard-apps-nextcloud-app sed -ie "/protected \\\$allowedFontDomains = \[/{n;s/\('\\\\\'self\\\\\'\)\('\)/\1 *.$DOMAIN\2/}" /var/www/html/lib/public/AppFramework/Http/ContentSecurityPolicy.php # Fix nextcloud files_external "segudos" typo # https://github.com/nextcloud/server/pull/28990 docker exec isard-apps-nextcloud-app sh -c 'sed -i.orig -e "s/segudos/segundos/" /var/www/html/apps/files_external/l10n/es_*.js' # Import fix from Nextcloud 22 of pdf viewer # https://github.com/nextcloud/files_pdfviewer/issues/381#issuecomment-845806364 docker exec isard-apps-nextcloud-app sed -i 's/encodeURIComponent(i\[a\])/i[a]/' /var/www/html/apps/files_pdfviewer/js/files_pdfviewer-main.js # Add default file for moodle activities if [ ! -f $DATA_FOLDER/nextcloud/admin/files/template.docx ]; then cp isard-apps/docker/nextcloud/template.docx $DATA_FOLDER/nextcloud/admin/files/ nextcloud_scan fi } nextcloud_scan(){ # The folders shown as 'not writeable' are empty user folders. Not a problem. docker exec -ti isard-apps-nextcloud-app /bin/sh -c "su - www-data -s /bin/sh -c 'PHP_MEMORY_LIMIT=512M php /var/www/html/occ files:scan --all'" } setup_moodle(){ echo " --> Applying custom settings in moodle" docker exec -ti isard-apps-moodle php7 admin/cli/cfg.php --name=guestloginbutton --set=0 docker exec -ti isard-apps-moodle php7 admin/cli/cfg.php --name=enrol_plugins_enabled --set=manual docker exec -ti isard-apps-moodle php7 admin/cli/cfg.php --name=enablemobilewebservice --set=0 docker exec -ti isard-apps-moodle php7 admin/cli/cfg.php --name=enablebadges --set=0 docker exec -ti isard-apps-moodle php7 admin/cli/cfg.php --name=timezone --set="${MOODLE_TIMEZONE-Europe/Madrid}" docker exec -ti isard-apps-moodle php7 admin/cli/purge_caches.php } setup_wordpress(){ echo " --> Applying custom settings in wordpress" ## Multisite docker exec -ti isard-apps-wordpress /bin/sh -c "/multisite.sh" #docker exec -ti isard-apps-wordpress /bin/sh -c "if [ ! -d /var/www/html/wp-content/plugins/saml/onelogin-saml-sso ]; then cp -R /plugins/saml/onelogin-saml-sso /var/www/html/wp-content/plugins/; fi" # docker exec -ti isard-apps-wordpress /bin/sh -c "if [ ! -d /var/www/html/wp-content/mu-plugins ]; then cp -R /plugins/mu-plugins /var/www/html/wp-content/; fi" docker-compose run --user=33 isard-apps-wordpress-cli /bin/bash -c 'wp plugin install onelogin-saml-sso --activate' docker-compose run --user=33 isard-apps-wordpress-cli /bin/bash -c 'wp plugin install generateblocks --activate' docker-compose run --user=33 isard-apps-wordpress-cli /bin/bash -c 'wp theme install generatepress --activate' # docker-compose run isard-apps-wordpress-cli /bin/bash -c 'wp plugin activate onelogin-saml-sso --network' } setup_keycloak(){ # configure keycloack: realm and client_scopes echo " --> Setting up SAML for moodle" docker exec -ti isard-sso-admin sh -c "export PYTHONWARNINGS='ignore:Unverified HTTPS request' && cd /admin/saml_scripts/ && python3 keycloak_config.py" } saml_certificates(){ wait_for_moodle echo " --> Setting up SAML for moodle" docker exec -ti isard-sso-admin sh -c "export PYTHONWARNINGS='ignore:Unverified HTTPS request' && cd /admin/saml_scripts/ && python3 moodle_saml.py" docker exec -ti isard-apps-moodle php7 admin/cli/purge_caches.php # CERTIFICATES FOR SAML echo " --> Generating certificates for nextcloud and wordpress" docker exec -ti isard-sso-admin /bin/sh -c "/admin/generate_certificates.sh" # SAML PLUGIN NEXTCLOUD echo " --> Setting up SAML for nextcloud" docker exec -ti isard-sso-admin sh -c "export PYTHONWARNINGS='ignore:Unverified HTTPS request' && cd /admin/saml_scripts/ && python3 nextcloud_saml.py" # SAML PLUGIN WORDPRESS echo " --> Setting up SAML for wordpress" docker exec -ti isard-sso-admin sh -c "export PYTHONWARNINGS='ignore:Unverified HTTPS request' && cd /admin/saml_scripts/ && python3 wordpress_saml.py" # SAML PLUGIN MOODLE # echo "To add SAML to moodle:" # echo "1.-Activate SAML plugin in moodle extensions, regenerate certificate, lock certificate" # echo "2.-Then run: docker exec -ti isard-sso-admin python3 /admin/nextcloud_saml.py" # echo "3.-" } wait_for_moodle(){ echo "Waiting for system to be fully up before customizing... It can take some minutes..." echo " (you can monitorize install with: docker logs isard-apps-moodle --follow" while [ "`docker inspect -f {{.State.Health.Status}} isard-apps-moodle`" != "healthy" ]; do sleep 2; done } upgrade_moodle(){ docker exec -ti isard-apps-moodle php7 admin/cli/maintenance.php --enable docker exec -ti isard-apps-moodle php7 admin/cli/upgrade.php --non-interactive --allow-unstable docker exec -ti isard-apps-moodle php7 admin/cli/maintenance.php --disable } extras_adminer(){ docker-compose -f isard-apps/docker/network.yml \ -f isard-sso/docker-compose-parts/adminer.yml config > adminer.yml echo " --> Generated adminer.yml" echo " Bring it up: docker-compose -f adminer.yml up -d" echo " Connect to: https://sso.$DOMAIN/isard-sso-adminer/" echo " Parameters:" echo " - System: PostgreSQL (or Mysql for wordpress db)" echo " Server: isard-apps-postgresql (or isard-apps-mariadb for wordpress db)" echo " User/Pass/Database from digitaldemocratic.conf" } extras_pgtuner(){ docker-compose -f isard-apps/docker/network.yml \ -f isard-sso/docker-compose-parts/pgtuner.yml config > pgtuner.yml echo " --> Generated pgtuner.yml" } extras_nextcloud_remove_banned_ips(){ docker-compose exec isard-apps-postgresql psql -v ON_ERROR_STOP=1 \ -U admin nextcloud -c "DELETE FROM oc_bruteforce_attempts;" } extras_nextcloud_set_admin_group(){ docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=admin && php occ user:delete admin' docker exec -u www-data isard-apps-nextcloud-app sh -c 'export OC_PASS=N3xtcl0ud && php occ user:add --password-from-env --display-name="Admin" --group="admin" admin' } extras_dump_keycloak_client(){ docker exec -ti isard-sso-keycloak sh -c " /opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password keycloakkeycloak \ && /opt/jboss/keycloak/bin/kcadm.sh get clients/bef873f0-2079-4876-8657-067de27d01b7 -r master""" } upgrade_plugins_moodle(){ wait_for_moodle rm -rf /tmp/moodle mkdir -p /tmp/moodle/mod mkdir -p /tmp/moodle/mod/assign/submission mkdir -p /tmp/moodle/auth/saml2 mkdir -p /tmp/moodle/theme/cbe mkdir -p /tmp/moodle/blocks curl --location $MOODLE_PLUGIN_JITSI > jitsi.zip unzip jitsi.zip -d /tmp/moodle/mod/ rm jitsi.zip curl --location $MOODLE_PLUGIN_BBB > bbb.zip unzip bbb.zip -d /tmp/moodle/mod/ rm bbb.zip # curl --location https://github.com/isard-vdi/moodle-auth_saml2/archive/refs/heads/role_map.zip > auth_saml2.zip # curl --location https://moodle.org/plugins/download.php/24556/auth_saml2_moodle311_2021062900.zip > auth_saml2.zip curl --location $MOODLE_PLUGIN_SAML > auth_saml2.zip unzip auth_saml2.zip -d /tmp/moodle/auth/ mv /tmp/moodle/auth/moodle-auth_saml2-role_map/* /tmp/moodle/auth/saml2/ rm -rf /tmp/moodle/auth/moodle-auth_saml2-role_map rm auth_saml2.zip if [[ "$MOODLE_PLUGIN_TRESIPUNTSHARE" == *"develop"* ]]; then BRANCH=develop else BRANCH=master fi curl --location $MOODLE_PLUGIN_TRESIPUNTSHARE > tresipuntshare.zip unzip tresipuntshare.zip -d /tmp/moodle/mod/ mv /tmp/moodle/mod/moodle_mod_tresipuntshare-$BRANCH /tmp/moodle/mod/tresipuntshare rm tresipuntshare.zip if [[ "$MOODLE_PLUGIN_TRESIPUNTVIDEO" == *"develop"* ]]; then BRANCH=develop else BRANCH=master fi curl --location $MOODLE_PLUGIN_TRESIPUNTVIDEO > tresipuntvideo.zip unzip tresipuntvideo.zip -d /tmp/moodle/mod/ mv /tmp/moodle/mod/moodle_mod_tresipuntvideo-$BRANCH /tmp/moodle/mod/tresipuntvideo rm tresipuntvideo.zip if [[ "$MOODLE_PLUGIN_TRESIPUNTAUDIO" == *"develop"* ]]; then BRANCH=develop else BRANCH=master fi curl --location $MOODLE_PLUGIN_TRESIPUNTAUDIO > tresipuntaudio.zip unzip tresipuntaudio.zip -d /tmp/moodle/mod/ mv /tmp/moodle/mod/moodle_mod_tresipuntaudio-$BRANCH /tmp/moodle/mod/tresipuntaudio rm tresipuntaudio.zip if [[ "$MOODLE_PLUGIN_ASSIGNSUBMISSION" == *"develop"* ]]; then BRANCH=develop else BRANCH=master fi curl --location $MOODLE_PLUGIN_ASSIGNSUBMISSION > assignsubmission_tipnc.zip unzip assignsubmission_tipnc.zip -d /tmp/moodle/mod/assign/submission/ mv /tmp/moodle/mod/assign/submission/moodle_assignsubmission_tipnc-$BRANCH /tmp/moodle/mod/assign/submission/tipnc rm assignsubmission_tipnc.zip curl --location $MOODLE_PLUGIN_TRESIPUNTMODSPEND > block_tresipuntmodspend.zip unzip block_tresipuntmodspend.zip -d /tmp/moodle/blocks/ rm block_tresipuntmodspend.zip if [[ "$MOODLE_THEME_CBE" == *"develop"* ]]; then BRANCH=develop else BRANCH=master fi curl --location $MOODLE_THEME_CBE > tresipunt_theme_cbe.zip unzip tresipunt_theme_cbe.zip -d /tmp/moodle/theme/cbe/ mv /tmp/moodle/theme/cbe/moodle_theme_cbe-$BRANCH/* /tmp/moodle/theme/cbe/ rm tresipunt_theme_cbe.zip mkdir -p /tmp/moodle/local/tresipuntimportgc cp -R local_plugins/moodle/tresipuntimportgc/* /tmp/moodle/local/tresipuntimportgc/ cp -R /tmp/moodle/* $SRC_FOLDER/moodle/ rm -rf /tmp/moodle docker exec -ti isard-apps-moodle php7 admin/cli/purge_caches.php } upgrade_plugins_nextcloud(){ cp -R isard-apps/docker/nextcloud/themes/* $SRC_FOLDER/nextcloud/themes/ } upgrade_plugins_wp(){ if [ ! -d $SRC_FOLDER/wordpress/wp-content/mu-plugins ]; then git clone https://gitlab.com/muplugins-multiste1/muplugins-google-sites.git $SRC_FOLDER/wordpress/wp-content/mu-plugins fi if [ ! -d $SRC_FOLDER/wordpress/wp-content/mu-plugins/.git ]; then echo "WARNING: $SRC_FOLDER/wordpress/wp-content/mu-plugins is not a git repository." echo " This could be due to old installation. To bring all new mu-plugins code for WP" echo " remove that folder and it will be cloned and mantained with git from now on." else sh -c "cd $SRC_FOLDER/wordpress/wp-content/mu-plugins; git pull" fi docker-compose run --user=root isard-apps-wordpress-cli /bin/bash -c 'chown -R 33:33 /var/www/html/wp-content/mu-plugins;' } update_logos_and_menu(){ cp custom/img/logo.png custom/system/keycloak/themes/liiibrelite/login/resources/img/ cp custom/img/background.png custom/system/keycloak/themes/liiibrelite/login/resources/img/loginBG.png cp custom/img/background.png custom/system/keycloak/themes/liiibrelite/login/resources/img/loginBG2.png # docker exec -ti isard-sso-keycloak sh -c "/opt/jboss/keycloak/bin/jboss-cli.sh --connect --command='/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheThemes,value=false)'" # docker exec -ti isard-sso-keycloak sh -c "/opt/jboss/keycloak/bin/jboss-cli.sh --connect --command='/subsystem=keycloak-server/theme=defaults/:write-attribute(name=cacheTemplates,value=false)'" # docker exec -ti isard-sso-keycloak sh -c "/opt/jboss/keycloak/bin/jboss-cli.sh --connect --command='/subsystem=keycloak-server/theme=defaults/:write-attribute(name=staticMaxAge,value=-1)'" # docker exec -ti isard-sso-keycloak sh -c "/opt/jboss/keycloak/bin/jboss-cli.sh --connect --command='reload'" docker exec -ti --user root isard-sso-keycloak sh -c 'rm -rf /opt/jboss/keycloak/standalone/tmp/kc-gzip-cache/*' docker-compose build isard-sso-api && docker-compose up -d isard-sso-api } if [ "$OPERATION" = "repo-update" ]; then update_repo fi if [ "$OPERATION" = "build" ]; then build fi if [ "$OPERATION" = "yml" ]; then cp digitaldemocratic.conf .env CUSTOM_PATH=$(pwd) . ./.env build_compose fi if [ "$OPERATION" = "build-devel" ]; then build_compose_develop fi if [ "$OPERATION" = "up" ]; then up fi if [ "$OPERATION" = "down" ]; then down fi if [ "$OPERATION" = "customize" ]; then up wait_for_moodle setup_nextcloud setup_wordpress setup_moodle fi if [ "$OPERATION" = "saml" ]; then up wait_for_moodle setup_keycloak saml_certificates fi if [ "$OPERATION" = "all" ]; then build up wait_for_moodle upgrade_plugins_moodle upgrade_plugins_nextcloud upgrade_plugins_wp setup_nextcloud setup_wordpress setup_moodle setup_keycloak saml_certificates echo "\n\n" echo " #### After install ####" echo " - SSO in moodle should be active. You can go to: https://moodle.$DOMAIN" echo " If it fails, regenerate and lock certificate in moodle SAML2 connector as a local admin." echo " After that run ./dd-ctl saml" echo " - SSO in nextcloud should be active. You can go to: https://nextcloud.$DOMAIN" echo " - SSO in wordpress should be active. You should go to https://wp.$DOMAIN/wp-admin//plugins.php " echo "\n\n" echo " #### Update customizations ####" echo " - ./dd-ctl customize" fi if [ "$OPERATION" = "branding" ]; then up wait_for_moodle update_logos_and_menu fi if [ "$OPERATION" = "upgrade-plugins" ]; then up wait_for_moodle upgrade_plugins_moodle upgrade_plugins_nextcloud upgrade_plugins_wp fi if [ "$OPERATION" = "restart-api" ]; then up wait_for_moodle docker restart isard-sso-api fi if [ "$OPERATION" = "adminer" ]; then extras_adminer fi if [ "$OPERATION" = "pgtuner" ]; then extras_pgtuner fi if [ "$OPERATION" = "reset-1714" ]; then echo "Resetting all but certificates" down rm -rf /opt/digitaldemocratic/backup rm -rf /opt/digitaldemocratic/data/* rm -rf /opt/digitaldemocratic/db/* rm -rf $SRC_FOLDER/avatars rm -rf $SRC_FOLDER/moodle rm -rf $SRC_FOLDER/nextcloud rm -rf $SRC_FOLDER/wordpress fi if [ "$OPERATION" = "nextcloud-scan" ]; then nextcloud_scan fi