Merge branch 'master' of ssh://yuno.oiseauroch.fr:6969/tobias/infra-oasis21
This commit is contained in:
commit
510eb9c929
66
README.md
66
README.md
|
@ -12,3 +12,69 @@ Au premier lancement, assurez-vous que :
|
||||||
- Changez ses permissions à `600`
|
- Changez ses permissions à `600`
|
||||||
|
|
||||||
C'est dans ce fichier que seront conservés tous les certificats générés par Traefik.
|
C'est dans ce fichier que seront conservés tous les certificats générés par Traefik.
|
||||||
|
|
||||||
|
### Migration des données
|
||||||
|
|
||||||
|
1. Mettre nextcloud en mode maintenance :
|
||||||
|
```
|
||||||
|
sudo -u www-data php occ maintenance:mode --on
|
||||||
|
```
|
||||||
|
2. Faire un dump de la bdd
|
||||||
|
```
|
||||||
|
sudo -u postgres pg_dump -Fc nc > nc.dump
|
||||||
|
```
|
||||||
|
3. Sauver les données du dossier nextcloud
|
||||||
|
```
|
||||||
|
mkdir /var/lib/backuppc/migration
|
||||||
|
tar caf /var/lib/backuppc/migration/nextcloud.tar.xz /srv/nextcloud/
|
||||||
|
```
|
||||||
|
4. Sauver le fichier de configuration de nextcloud
|
||||||
|
```
|
||||||
|
# par précaution, ne devrait pas être utile
|
||||||
|
cp /var/www/nextcloud/public_html/config/config.php /var/lib/backuppc/migration
|
||||||
|
```
|
||||||
|
|
||||||
|
…
|
||||||
|
installation de proxmox, vm, docker.
|
||||||
|
…
|
||||||
|
|
||||||
|
### Installation des services
|
||||||
|
|
||||||
|
1. Cloner le repo de l'infra
|
||||||
|
```
|
||||||
|
git clone https://yuno.oiseauroch.fr/gitea/tobias/infra-oasis21.git
|
||||||
|
```
|
||||||
|
2. Create `config.php` from the file in vaultwarden
|
||||||
|
3. Move `secrets/librezo.secrets.example` to `secrets/librezo.secrets`
|
||||||
|
4.Replace **nextcloud** and **collabora** password from vaultwarden
|
||||||
|
```
|
||||||
|
sed -i 's/__POSTGRES_PASSWORD__/nextcloudstrongpassword/g' config.php secrets/librezo.secrets
|
||||||
|
sed -i 's/__COLLABORA_PASSWORD__/collaborastrongpassword/g' config.php secrets/librezo.secrets
|
||||||
|
```
|
||||||
|
|
||||||
|
4. Start traefik
|
||||||
|
```
|
||||||
|
cd traefik
|
||||||
|
docker-compose up -d
|
||||||
|
```
|
||||||
|
5. Create docker containers and volume
|
||||||
|
```
|
||||||
|
docker-compose up --no-start
|
||||||
|
```
|
||||||
|
6. Import database
|
||||||
|
```
|
||||||
|
docker cp nc.dump nextcloud-db:/nc.dmp
|
||||||
|
docker-compose up -d nextcloud-db
|
||||||
|
docker-compose exec nextcloud-db sh -c "pg_restore -d nc -U nc nc.dmp"
|
||||||
|
docker-compose exec nextcloud-db rm /nc.dmp
|
||||||
|
```
|
||||||
|
7. Copy files
|
||||||
|
```
|
||||||
|
docker cp /your/files nextcloud-app:/var/www/html/
|
||||||
|
docker-compose up -d nextcloud-app
|
||||||
|
docker-compose exec nextcloud-app chown -R www-data:www-data /var/www/html/data
|
||||||
|
```
|
||||||
|
8. change `config.php` rights
|
||||||
|
```
|
||||||
|
docker-compose exec nextcloud-app chown -R www-data:www-data /var/www/html/config
|
||||||
|
```
|
||||||
|
|
1
nextcloud/.gitignore
vendored
1
nextcloud/.gitignore
vendored
|
@ -1,2 +1,3 @@
|
||||||
*.secrets
|
*.secrets
|
||||||
.env
|
.env
|
||||||
|
config.php
|
||||||
|
|
|
@ -1,62 +0,0 @@
|
||||||
<?php
|
|
||||||
$CONFIG = array (
|
|
||||||
'instanceid' => 'oc00cptraqej',
|
|
||||||
'passwordsalt' => 'QDWCIlUPIxBCPkOPapq39bHhFtrADT',
|
|
||||||
'secret' => 'xfKWpSH0/UV4PYUClkDRyaeiYc2SugcEe0/mZVB7/6lElAQE',
|
|
||||||
'trusted_domains' =>
|
|
||||||
array (
|
|
||||||
0 => 'cloud.oasis21.org',
|
|
||||||
),
|
|
||||||
'apps_paths' =>
|
|
||||||
array (
|
|
||||||
0 =>
|
|
||||||
array (
|
|
||||||
'path' => '/var/www/html/apps',
|
|
||||||
'url' => '/apps',
|
|
||||||
'writable' => false,
|
|
||||||
),
|
|
||||||
1 =>
|
|
||||||
array (
|
|
||||||
'path' => '/var/www/html/custom_apps',
|
|
||||||
'url' => '/custom_apps',
|
|
||||||
'writable' => true,
|
|
||||||
),
|
|
||||||
),
|
|
||||||
'datadirectory' => '/var/www/html/data',
|
|
||||||
'dbtype' => 'pgsql',
|
|
||||||
'version' => '23.0.0.10',
|
|
||||||
'overwrite.cli.url' => 'https://cloud.oasis21.org',
|
|
||||||
'dbname' => 'nc',
|
|
||||||
'dbhost' => 'nextcloud-db',
|
|
||||||
'dbport' => '',
|
|
||||||
'dbtableprefix' => 'oc_',
|
|
||||||
'dbuser' => 'nc',
|
|
||||||
'dbpassword' => 'tavnuenRo',
|
|
||||||
'installed' => true,
|
|
||||||
'logfile' => '/var/log/nextcloud/nextcloud.log',
|
|
||||||
'log_type' => 'file',
|
|
||||||
'htaccess.RewriteBase' => '/',
|
|
||||||
'skeletondirectory' => '',
|
|
||||||
'memcache.local' => '\\OC\\Memcache\\APCu',
|
|
||||||
'memcache.locking' => '\\OC\\Memcache\\Redis',
|
|
||||||
'memcache.distributed' => '\\OC\\Memcache\\Redis',
|
|
||||||
'redis' =>
|
|
||||||
array (
|
|
||||||
'host' => '/redis',
|
|
||||||
'password' => '',
|
|
||||||
'port' => 6379,
|
|
||||||
),
|
|
||||||
'default_phone_region' => 'FR',
|
|
||||||
'defaultapp' => 'files',
|
|
||||||
'encryption.legacy_format_support' => false,
|
|
||||||
'simpleSignUpLink.shown' => false,
|
|
||||||
'updater.release.channel' => 'stable',
|
|
||||||
'mail_domain' => 'oasis21.org',
|
|
||||||
'mail_from_address' => 'nextcloud',
|
|
||||||
'mail_smtpmode' => 'smtp',
|
|
||||||
'loglevel' => 0,
|
|
||||||
'integrity.check.disabled' => false,
|
|
||||||
'ldapUserCleanupInterval' => '10',
|
|
||||||
'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
|
|
||||||
'maintenance' => false,
|
|
||||||
);
|
|
|
@ -49,8 +49,8 @@ services:
|
||||||
image: 'bitnami/redis:latest'
|
image: 'bitnami/redis:latest'
|
||||||
container_name: redis
|
container_name: redis
|
||||||
environment:
|
environment:
|
||||||
- ALLOW_EMPTY_PASSWORD=yes
|
|
||||||
- "TZ=Europe/Paris"
|
- "TZ=Europe/Paris"
|
||||||
|
env_file: ./secrets/librezo.secrets
|
||||||
networks:
|
networks:
|
||||||
- nextcloud
|
- nextcloud
|
||||||
|
|
||||||
|
|
|
@ -157,7 +157,7 @@
|
||||||
<enable desc="Enable the admin console functionality" type="bool" default="true">true</enable>
|
<enable desc="Enable the admin console functionality" type="bool" default="true">true</enable>
|
||||||
<enable_pam desc="Enable admin user authentication with PAM" type="bool" default="false">false</enable_pam>
|
<enable_pam desc="Enable admin user authentication with PAM" type="bool" default="false">false</enable_pam>
|
||||||
<username desc="The username of the admin console. Ignored if PAM is enabled.">nextcloud</username>
|
<username desc="The username of the admin console. Ignored if PAM is enabled.">nextcloud</username>
|
||||||
<password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password.">o!NdFB7fpQAbXG</password>
|
<password desc="The password of the admin console. Deprecated on most platforms. Instead, use PAM or loolconfig to set up a secure password.">__COLLABORA__PASSWORD__</password>
|
||||||
</admin_console>
|
</admin_console>
|
||||||
|
|
||||||
<monitors desc="Addresses of servers we connect to on start for monitoring">
|
<monitors desc="Addresses of servers we connect to on start for monitoring">
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
POSTGRES_PASSWORD=MOT_DE_PASSE_POSTGRES
|
POSTGRES_PASSWORD=__POSTGRES_PASSWORD__
|
||||||
POSTGRES_DB=nc
|
POSTGRES_DB=nc
|
||||||
POSTGRES_USER=nc
|
POSTGRES_USER=nc
|
||||||
POSTGRES_HOST=nextcloud-db
|
POSTGRES_HOST=nextcloud-db
|
||||||
username=nextcloud
|
username=nextcloud
|
||||||
password=MOT_DE_PASSE_COLLABORA
|
password=__COLLABORA_PASSWORD__
|
||||||
|
REDIS_PASSWORD=__REDIS_PASSWORD__
|
||||||
|
REDIS_HOST_PASSWORD=$REDIS_PASSWORD
|
||||||
|
|
Loading…
Reference in New Issue
Block a user