From 9dc5f3fefb19cc3a22cebc8eadb6f02d84802f55 Mon Sep 17 00:00:00 2001
From: Maxime Bombar <bombar@crans.org>
Date: Tue, 29 Dec 2020 02:05:18 +0100
Subject: [PATCH] Owncloud is on !
---
host_vars/owncloud.adm.crans.org.yml | 6 ++++++
hosts | 1 +
plays/owncloud.yml | 5 ++++-
roles/owncloud-autofs/tasks/main.yml | 4 ++--
.../auto.master.d/home-owncloud.sh.j2 | 19 +++++++++++--------
roles/owncloud/tasks/main.yml | 10 ++++++++++
6 files changed, 34 insertions(+), 11 deletions(-)
create mode 100644 host_vars/owncloud.adm.crans.org.yml
diff --git a/host_vars/owncloud.adm.crans.org.yml b/host_vars/owncloud.adm.crans.org.yml
new file mode 100644
index 00000000..85395a8d
--- /dev/null
+++ b/host_vars/owncloud.adm.crans.org.yml
@@ -0,0 +1,6 @@
+---
+loc_ldap:
+ base_dn: "cn=admin,dc=crans,dc=org"
+ password: "{{ vault_ldap_master_password }}"
+ uri: "ldap://172.16.10.157"
+
diff --git a/hosts b/hosts
index ea5b0fb1..b6c5952f 100644
--- a/hosts
+++ b/hosts
@@ -115,6 +115,7 @@ kenobi.adm.crans.org
roundcube.adm.crans.org
horde.adm.crans.org
bigbluebutton.adm.crans.org
+owncloud.adm.crans.org
[ovh_physical]
sputnik.adm.crans.org
diff --git a/plays/owncloud.yml b/plays/owncloud.yml
index 3280165f..1be65a36 100755
--- a/plays/owncloud.yml
+++ b/plays/owncloud.yml
@@ -1,7 +1,10 @@
#!/usr/bin/env ansible-playbook
---
# Deploy OwnCloud
-- hosts: owncloud-srv.adm.crans.org
+- hosts: owncloud.adm.crans.org
+ vars:
+ ldap: '{{ glob_ldap | default({}) | combine(loc_ldap | default({})) }}'
+
roles:
- owncloud
- owncloud-autofs
diff --git a/roles/owncloud-autofs/tasks/main.yml b/roles/owncloud-autofs/tasks/main.yml
index 83db9c3f..e8acd1aa 100644
--- a/roles/owncloud-autofs/tasks/main.yml
+++ b/roles/owncloud-autofs/tasks/main.yml
@@ -25,8 +25,8 @@
dest: "/etc/auto.master.d/{{ item.0 }}"
mode: "{{ item.1 }}"
loop:
- - ["home-owncloud.autofs", "0644"]
- - ["home-owncloud.sh", "0755"]
+ - ["home-owncloud.autofs", "0600"]
+ - ["home-owncloud.sh", "0700"]
notify: Restart autofs service
- name: Create /home-owncloud/ directory
diff --git a/roles/owncloud-autofs/templates/auto.master.d/home-owncloud.sh.j2 b/roles/owncloud-autofs/templates/auto.master.d/home-owncloud.sh.j2
index 3f764cc8..80586c40 100755
--- a/roles/owncloud-autofs/templates/auto.master.d/home-owncloud.sh.j2
+++ b/roles/owncloud-autofs/templates/auto.master.d/home-owncloud.sh.j2
@@ -5,31 +5,34 @@
# ceci est un fix
USER=$(echo $1 | sed "s/_[1-9]*$//")
+
+UHOME=/home_adh/$USER
+
+USERID=$(ldapsearch -LLL -b "{{ ldap.base }}" -H {{ ldap.uri }} -D "{{ ldap.base_dn }}" -w {{ ldap.password }} "uid=$USER" uidNumber | grep uidNumber | awk '{print $2}')
+UGROUP=$(ldapsearch -LLL -b "{{ ldap.base }}" -H {{ ldap.uri }} -D "{{ ldap.base_dn }}" -w {{ ldap.password }} "uid=$USER" gidNumber | grep gidNumber | awk '{print $2}')
+
# On quitte si l'utilisateur $USER n'existe pas
-if ! /usr/bin/id -- "$USER" &>/dev/null; then
+if [ -z "$USERID" ]; then
logger -p local0.error -t autofs "user $USER n'existe pas"
exit 1
fi
-UHOME=$(eval echo ~$USER)
-UGROUP=$(/usr/bin/id -gn $USER)
-
# Rafraîchi les stats du dossier
/bin/ls ${UHOME}/OwnCloud/ &>/dev/null || /bin/ls ${UHOME} &>/dev/null
# Création du dossier OwnCloud s'il n'existe pas ou n'appartient pas a l'utilisateur
if [ ! -d "${UHOME}/OwnCloud" ] || ! (
- /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USER -group ${UGROUP} |
+ /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USERID -group ${UGROUP} |
/bin/grep -q ${UHOME}/OwnCloud/
); then
if [ ! -d "${UHOME}/OwnCloud" ]; then
mkdir ${UHOME}/OwnCloud
fi
chmod 700 ${UHOME}/OwnCloud &&
- chown $USER:${UGROUP} ${UHOME}/OwnCloud
+ chown $USERID:${UGROUP} ${UHOME}/OwnCloud
if [ ! -d "${UHOME}/OwnCloud" ] || ! (
- /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USER -group ${UGROUP} |
+ /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USERID -group ${UGROUP} |
/bin/grep -q ${UHOME}/OwnCloud/
); then
logger -p local0.error -t autofs "impossible de créer le dossier ${UHOME}/OwnCloud"
@@ -41,4 +44,4 @@ fi
chmod 750 /home-owncloud &&
chown www-data:root /home-owncloud &&
-echo "-fstype=fuse.bindfs,map=$USER/www-data:@$UGROUP/@www-data,resolve-symlinks :${UHOME}/OwnCloud"
+echo "-fstype=fuse.bindfs,map=$USERID/www-data:@$UGROUP/@www-data,resolve-symlinks :${UHOME}/OwnCloud"
diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml
index 6baa9b20..72e735bb 100644
--- a/roles/owncloud/tasks/main.yml
+++ b/roles/owncloud/tasks/main.yml
@@ -1,4 +1,14 @@
---
+
+- name: Install gpg
+ apt:
+ update_cache: true
+ name:
+ - gpg
+ register: apt_result
+ retries: 3
+ until: apt_result is succeeded
+
# Add the key
- name: Configure the apt key
apt_key:
--
GitLab