run curl without cert check when setting up on appliance due to unknown,

preliminary cert
author: Arthur Schiwon <blizzz@arthur-schiwon.de> 2017-09-12 15:10:42 +0300
committer: Arthur Schiwon <blizzz@arthur-schiwon.de> 2017-09-12 15:10:42 +0300
commit: 2fd02763eb8e5cd03da6c7a41b0e1dead5fdfc79 (patch)
tree: b8bc9c50880c7d3dc325301f5be59df15ad8793b /inst
parent: 3ea7122aa1da1c9117b848ef8c5f84f2d037d483 (diff)
1 files changed, 18 insertions, 4 deletions
diff --git a/inst b/inst
index fc52818..c113704 100644
--- a/inst
+++ b/inst
@@ -37,12 +37,14 @@ IS_UPDATE=false
 NC_LDAP_BIND_DN="$appcenter_apps_nextcloud_hostdn"
 NC_LDAP_BIND_PW_FILE="$(joinscript_container_file /etc/machine.secret)"
 NC_LDAP_BIND_PW="$(< $NC_LDAP_BIND_PW_FILE)"
+NC_ADDITIONAL_CURL_ARGS=
 
 nextcloud_main() {
     if [ -e "/var/lib/univention-appcenter/apps/nextcloud/conf/initial_config_done" ] ; then
         IS_UPDATE=true
     fi
     ucs_addServiceToLocalhost "${SERVICE}" "$@"
+    nextcloud_appliance_detection
     if [ "$JS_LAST_EXECUTED_VERSION" = 1 ]; then
         nextcloud_update_ldap_bind_account
     fi
@@ -58,6 +60,13 @@ nextcloud_main() {
     exit 0
 }
 
+nextcloud_appliance_detection() {
+    if [ "`ucr get umc/web/appliance/id`" = "nextcloud" ]; then
+        # On appliance mode, the server works with a preliminary, unknown cert
+        NC_ADDITIONAL_CURL_ARGS="--insecure"
+    fi
+}
+
 # ensures that UCR variables are set. They can be used to pre-set Nextcloud settings before install
 nextcloud_ensure_ucr() {
     ucr set nextcloud/ucs/modifyUsersFilter?"(&(|(&(objectClass=posixAccount) (objectClass=shadowAccount)) (objectClass=univentionMail) (objectClass=sambaSamAccount) (objectClass=simpleSecurityObject) (&(objectClass=person) (objectClass=organizationalPerson) (objectClass=inetOrgPerson))) (!(uidNumber=0)) (!(|(uid=*$) (uid=nextcloud-systemuser) (uid=join-backup) (uid=join-slave))) (!(objectClass=nextcloudUser)))" \
@@ -94,7 +103,7 @@ nextcloud_update_ldap_bind_account() {
     data="configData[ldapAgentName]="`nextcloud_urlEncode "$NC_LDAP_BIND_DN"`
     data+="&configData[ldapAgentPassword]="`nextcloud_urlEncode "$NC_LDAP_BIND_PW"`
     curl -X PUT -d "$data" \
-        -H "OCS-APIREQUEST: true" -u "nc_admin:$admin_password" \
+        -H "OCS-APIREQUEST: true" -u "nc_admin:$admin_password" "$NC_ADDITIONAL_CURL_ARGS" \
         "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config/$configid" > /dev/null
 }
 
@@ -137,7 +146,9 @@ nextcloud_configure_ldap_backend() {
     data+="&configData[turnOnPasswordChange]=0"
     data+="&configData[ldapExperiencedAdmin]=1"
 
-    RESULT=`curl -X POST -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config"`
+    RESULT=`curl -X POST -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" \
+        "$NC_ADDITIONAL_CURL_ARGS" \
+        "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config"`
     STATUS=`echo $RESULT | grep "<statuscode>200</statuscode>" -c`
     if [ ! $STATUS -eq 1 ] ; then
         die "Could not create LDAP Config at Nextcloud"
@@ -145,6 +156,7 @@ nextcloud_configure_ldap_backend() {
     CONFIGID=`echo $RESULT | grep -oP '(?<=<configID>).*?(?=</configID>)'`
     echo "$CONFIGID" > "$NC_PERMCONFDIR/ldap-config-id"
     curl -X PUT -d "$data" -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" \
+        "$NC_ADDITIONAL_CURL_ARGS" \
         "$HOST/ocs/v2.php/apps/user_ldap/api/v1/config/$CONFIGID" \
         > /dev/null | die "Configuring LDAP Backend failed"
 }
@@ -158,7 +170,8 @@ nextcloud_add_Administrator_to_admin_group() {
     local NC_ADMIN_PWD=`cat "$NC_ADMIN_PWD_FILE"`
 
     # triggers the mapping
-    RESULT=`curl -X GET -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$HOST/ocs/v2.php/cloud/users?search=Administrator"`
+    RESULT=`curl -X GET -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$NC_ADDITIONAL_CURL_ARGS" \
+        "$HOST/ocs/v2.php/cloud/users?search=Administrator"`
     # we expect the username (nc internal) to be Administrator
     STATUS=`echo $RESULT | grep "<element>Administrator</element>" -c`
     if [ ! $STATUS -eq 1 ] ; then
@@ -167,7 +180,8 @@ nextcloud_add_Administrator_to_admin_group() {
         die
     fi
 
-    RESULT=`curl -X POST -d "groupid=admin" -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$HOST/ocs/v2.php/cloud/users/Administrator/groups"`
+    RESULT=`curl -X POST -d "groupid=admin" -H "OCS-APIREQUEST: true" -u "nc_admin:$NC_ADMIN_PWD" "$NC_ADDITIONAL_CURL_ARGS" \
+        "$HOST/ocs/v2.php/cloud/users/Administrator/groups"`
     STATUS=`echo $RESULT | grep "<statuscode>200</statuscode>" -c`
     if [ ! $STATUS -eq 1 ] ; then
         echo "Could not Administrator to admin group, because adding as group member failed:"
author	Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-12 15:10:42 +0300
committer	Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-12 15:10:42 +0300
commit	2fd02763eb8e5cd03da6c7a41b0e1dead5fdfc79 (patch)
tree	b8bc9c50880c7d3dc325301f5be59df15ad8793b /inst
parent	3ea7122aa1da1c9117b848ef8c5f84f2d037d483 (diff)