diff options
author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2017-09-12 15:10:42 +0300 |
---|---|---|
committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2017-09-12 15:10:42 +0300 |
commit | 2fd02763eb8e5cd03da6c7a41b0e1dead5fdfc79 (patch) | |
tree | b8bc9c50880c7d3dc325301f5be59df15ad8793b /inst | |
parent | 3ea7122aa1da1c9117b848ef8c5f84f2d037d483 (diff) |
run curl without cert check when setting up on appliance due to unknown,
preliminary cert
Diffstat (limited to 'inst')
-rw-r--r-- | inst | 22 |
1 files changed, 18 insertions, 4 deletions
@@ -37,12 +37,14 @@ IS_UPDATE=false NC_LDAP_BIND_DN="$appcenter_apps_nextcloud_hostdn" NC_LDAP_BIND_PW_FILE="$(joinscript_container_file /etc/machine.secret)" NC_LDAP_BIND_PW="$(< $NC_LDAP_BIND_PW_FILE)" +NC_ADDITIONAL_CURL_ARGS= nextcloud_main() { if [ -e "/var/lib/univention-appcenter/apps/nextcloud/conf/initial_config_done" ] ; then IS_UPDATE=true fi ucs_addServiceToLocalhost "${SERVICE}" "$@" + nextcloud_appliance_detection if [ "$JS_LAST_EXECUTED_VERSION" = 1 ]; then nextcloud_update_ldap_bind_account fi @@ -58,6 +60,13 @@ nextcloud_main() { exit 0 } +nextcloud_appliance_detection() { + if [ "`ucr get umc/web/appliance/id`" = "nextcloud" ]; then + # On appliance mode, the server works with a preliminary, unknown cert + NC_ADDITIONAL_CURL_ARGS="--insecure" + fi +} + # ensures that UCR variables are set. They can be used to pre-set Nextcloud settings before install nextcloud_ensure_ucr() { ucr set nextcloud/ucs/modifyUsersFilter?"(&(|(&(objectClass=posixAccount) (objectClass=shadowAccount)) (objectClass=univentionMail) (objectClass=sambaSamAccount) (objectClass=simpleSecurityObject) (&(objectClass=person) (objectClass=organizationalPerson) (objectClass=inetOrgPerson))) (!(uidNumber=0)) (!(|(uid=*$) (uid=nextcloud-systemuser) (uid=join-backup) (uid=join-slave))) (!(objectClass=nextcloudUser)))" \ @@ -94,7 +103,7 @@ nextcloud_update_ldap_bind_account() { data="configData[ldapAgentName]="`nextcloud_urlEncode "$NC_LDAP_BIND_DN"` data+="&configData[ldapAgentPassword]="`nextcloud_urlEncode "$NC_LDAP_BIND_PW"` curl -X PUT -d "$data" \ - -H "OCS-APIREQUEST: true" -u "nc_admin:$admin_password" \ + -H "OCS-APIREQUEST: true" -u "nc_admin:$admin_password" "$NC_ADDITIONAL_CURL_ARGS" \ "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config/$configid" > /dev/null } @@ -137,7 +146,9 @@ nextcloud_configure_ldap_backend() { data+="&configData[turnOnPasswordChange]=0" data+="&configData[ldapExperiencedAdmin]=1" - RESULT=`curl -X POST -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config"` + RESULT=`curl -X POST -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" \ + "$NC_ADDITIONAL_CURL_ARGS" \ + "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config"` STATUS=`echo $RESULT | grep "<statuscode>200</statuscode>" -c` if [ ! $STATUS -eq 1 ] ; then die "Could not create LDAP Config at Nextcloud" @@ -145,6 +156,7 @@ nextcloud_configure_ldap_backend() { CONFIGID=`echo $RESULT | grep -oP '(?<=<configID>).*?(?=</configID>)'` echo "$CONFIGID" > "$NC_PERMCONFDIR/ldap-config-id" curl -X PUT -d "$data" -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" \ + "$NC_ADDITIONAL_CURL_ARGS" \ "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config/$CONFIGID" \ > /dev/null | die "Configuring LDAP Backend failed" } @@ -158,7 +170,8 @@ nextcloud_add_Administrator_to_admin_group() { local NC_ADMIN_PWD=`cat "$NC_ADMIN_PWD_FILE"` # triggers the mapping - RESULT=`curl -X GET -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$HOST/ocs/v2.php/cloud/users?search=Administrator"` + RESULT=`curl -X GET -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$NC_ADDITIONAL_CURL_ARGS" \ + "$HOST/ocs/v2.php/cloud/users?search=Administrator"` # we expect the username (nc internal) to be Administrator STATUS=`echo $RESULT | grep "<element>Administrator</element>" -c` if [ ! $STATUS -eq 1 ] ; then @@ -167,7 +180,8 @@ nextcloud_add_Administrator_to_admin_group() { die fi - RESULT=`curl -X POST -d "groupid=admin" -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$HOST/ocs/v2.php/cloud/users/Administrator/groups"` + RESULT=`curl -X POST -d "groupid=admin" -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$NC_ADDITIONAL_CURL_ARGS" \ + "$HOST/ocs/v2.php/cloud/users/Administrator/groups"` STATUS=`echo $RESULT | grep "<statuscode>200</statuscode>" -c` if [ ! $STATUS -eq 1 ] ; then echo "Could not Administrator to admin group, because adding as group member failed:" |