Owncloud is on !

9dc5f3fe · Maxime Bombar · 6a1ca308 · 9dc5f3fe · 9dc5f3fe · 9dc5f3fe
Commit 9dc5f3fe authored 4 years ago by Maxime Bombar
--- a/host_vars/owncloud.adm.crans.org.yml
+++ b/host_vars/owncloud.adm.crans.org.yml
+---
+loc_ldap:
+  base_dn: "cn=admin,dc=crans,dc=org"
+  password: "{{ vault_ldap_master_password }}"
+  uri: "ldap://172.16.10.157"
--- a/hosts
+++ b/hosts
@@ -115,6 +115,7 @@ kenobi.adm.crans.org
 roundcube.adm.crans.org
 horde.adm.crans.org
 bigbluebutton.adm.crans.org
+owncloud.adm.crans.org
 [ovh_physical]
 sputnik.adm.crans.org

--- a/plays/owncloud.yml
+++ b/plays/owncloud.yml
 #!/usr/bin/env ansible-playbook
 ---
 # Deploy OwnCloud
- hosts: owncloud-srv.adm.crans.org
+- hosts: owncloud.adm.crans.org
+  vars:
+    ldap: '{{ glob_ldap | default({}) | combine(loc_ldap | default({})) }}'
  roles:
    - owncloud
    - owncloud-autofs
--- a/roles/owncloud-autofs/tasks/main.yml
+++ b/roles/owncloud-autofs/tasks/main.yml
@@ -25,8 +25,8 @@
    dest: "/etc/auto.master.d/{{ item.0 }}"
    mode: "{{ item.1 }}"
  loop:
-    - ["home-owncloud.autofs", "0644"]
+    - ["home-owncloud.autofs", "0600"]
-    - ["home-owncloud.sh", "0755"]
+    - ["home-owncloud.sh", "0700"]
  notify: Restart autofs service
 - name: Create /home-owncloud/ directory

--- a/roles/owncloud-autofs/templates/auto.master.d/home-owncloud.sh.j2
+++ b/roles/owncloud-autofs/templates/auto.master.d/home-owncloud.sh.j2
@@ -5,31 +5,34 @@
 # ceci est un fix
 USER=$(echo $1 | sed "s/_[1-9]*$//")
+UHOME=/home_adh/$USER
+USERID=$(ldapsearch -LLL -b "{{ ldap.base }}" -H {{ ldap.uri }} -D "{{ ldap.base_dn }}" -w {{ ldap.password }} "uid=$USER" uidNumber | grep uidNumber | awk '{print $2}')
+UGROUP=$(ldapsearch -LLL -b "{{ ldap.base }}" -H {{ ldap.uri }} -D "{{ ldap.base_dn }}" -w {{ ldap.password }} "uid=$USER" gidNumber | grep gidNumber | awk '{print $2}')
 # On quitte si l'utilisateur $USER n'existe pas
-if ! /usr/bin/id -- "$USER" &>/dev/null; then
+if [ -z "$USERID" ]; then
    logger -p local0.error -t autofs "user $USER n'existe pas"
    exit 1
 fi
-UHOME=$(eval echo ~$USER)
-UGROUP=$(/usr/bin/id -gn $USER)
 # Rafraîchi les stats du dossier
 /bin/ls ${UHOME}/OwnCloud/ &>/dev/null || /bin/ls ${UHOME} &>/dev/null
 # Création du dossier OwnCloud s'il n'existe pas ou n'appartient pas a l'utilisateur
 if [ ! -d "${UHOME}/OwnCloud" ] || ! (
-    /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USER -group ${UGROUP} |
+    /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USERID -group ${UGROUP} |
    /bin/grep -q ${UHOME}/OwnCloud/
 ); then
    if [ ! -d "${UHOME}/OwnCloud" ]; then
        mkdir ${UHOME}/OwnCloud
    fi
    chmod 700 ${UHOME}/OwnCloud &&
-    chown $USER:${UGROUP} ${UHOME}/OwnCloud
+    chown $USERID:${UGROUP} ${UHOME}/OwnCloud
    if [ ! -d "${UHOME}/OwnCloud" ] || ! (
-        /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USER -group ${UGROUP} |
+        /usr/bin/find ${UHOME}/OwnCloud/ -maxdepth 0 -user $USERID -group ${UGROUP} |
        /bin/grep -q ${UHOME}/OwnCloud/
    ); then
        logger -p local0.error -t autofs "impossible de créer le dossier ${UHOME}/OwnCloud"
@@ -41,4 +44,4 @@ fi
 chmod 750 /home-owncloud &&
 chown www-data:root /home-owncloud &&
-echo "-fstype=fuse.bindfs,map=$USER/www-data:@$UGROUP/@www-data,resolve-symlinks :${UHOME}/OwnCloud"
+echo "-fstype=fuse.bindfs,map=$USERID/www-data:@$UGROUP/@www-data,resolve-symlinks :${UHOME}/OwnCloud"
--- a/roles/owncloud/tasks/main.yml
+++ b/roles/owncloud/tasks/main.yml
 ---
+- name: Install gpg
+  apt:
+    update_cache: true
+    name:
+    - gpg
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
 # Add the key
 - name: Configure the apt key
  apt_key: