From acdb34027b361cccfe6200ed8f087aa146d0ab55 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Tue, 11 Feb 2020 21:52:57 +0100 Subject: WIP: update mysql/seafile to use their own ldap user in ou=services --- consul/configuration/.gitignore | 1 + consul/configuration/seafile/conf/ccnet.conf | 29 ++++++++++++++++++++++ .../configuration/seafile/conf/ccnet.conf.sample | 29 ---------------------- nomad/seafile.hcl | 14 ++++++++--- 4 files changed, 40 insertions(+), 33 deletions(-) create mode 100644 consul/configuration/seafile/conf/ccnet.conf delete mode 100644 consul/configuration/seafile/conf/ccnet.conf.sample diff --git a/consul/configuration/.gitignore b/consul/configuration/.gitignore index 8c55cc6..d54ae44 100644 --- a/consul/configuration/.gitignore +++ b/consul/configuration/.gitignore @@ -10,6 +10,7 @@ # Whitelist specific files !seafile/conf/seafdav.conf +!seafile/conf/ccnet.conf !seafile/ccnet/seafile.ini !email/dkim/keytable diff --git a/consul/configuration/seafile/conf/ccnet.conf b/consul/configuration/seafile/conf/ccnet.conf new file mode 100644 index 0000000..2395a9b --- /dev/null +++ b/consul/configuration/seafile/conf/ccnet.conf @@ -0,0 +1,29 @@ +[General] +USER_NAME = deuxfleurs +ID = {{ key "secrets/seafile/ccnet/seafile_id" | trimSpace }} +NAME = deuxfleurs +SERVICE_URL = https://cloud.deuxfleurs.fr + +[Network] +PORT = 10001 + +[Client] +PORT = 13418 + +[LDAP] +HOST = ldap://bottin2.service.2.cluster.deuxfleurs.fr/ +BASE = ou=users,dc=deuxfleurs,dc=fr +USER_DN = {{ key "secrets/seafile/ccnet/ldap_binddn" | trimSpace }} +FILTER = memberOf=CN=seafile,OU=groups,DC=deuxfleurs,DC=fr +PASSWORD = {{ key "secrets/seafile/ccnet/ldap_bindpwd" | trimSpace }} +LOGIN_ATTR = mail + +[Database] +ENGINE = mysql +HOST = mariadb.service.2.cluster.deuxfleurs.fr +PORT = 3306 +USER = seafile +PASSWD = {{ key "secrets/seafile/ccnet/mysql_pwd" | trimSpace }} +DB = ccnet-db +CONNECTION_CHARSET = utf8 + diff --git a/consul/configuration/seafile/conf/ccnet.conf.sample b/consul/configuration/seafile/conf/ccnet.conf.sample deleted file mode 100644 index 76f4da9..0000000 --- a/consul/configuration/seafile/conf/ccnet.conf.sample +++ /dev/null @@ -1,29 +0,0 @@ -[General] -USER_NAME = deuxfleurs -ID = -NAME = deuxfleurs -SERVICE_URL = https://cloud.deuxfleurs.fr - -[Network] -PORT = 10001 - -[Client] -PORT = 13418 - -[LDAP] -HOST = ldap://bottin2.service.2.cluster.deuxfleurs.fr/ -BASE = ou=users,dc=deuxfleurs,dc=fr -USER_DN = cn=,dc=deuxfleurs,dc=fr -FILTER = memberOf=CN=seafile,OU=groups,DC=deuxfleurs,DC=fr -PASSWORD = -LOGIN_ATTR = mail - -[Database] -ENGINE = mysql -HOST = mariadb.service.2.cluster.deuxfleurs.fr -PORT = 3306 -USER = seafile -PASSWD = -DB = ccnet-db -CONNECTION_CHARSET = utf8 - diff --git a/nomad/seafile.hcl b/nomad/seafile.hcl index c930396..1ffd1a1 100644 --- a/nomad/seafile.hcl +++ b/nomad/seafile.hcl @@ -111,6 +111,16 @@ job "seafile" { } } + artifact { + source = "http://127.0.0.1:8500/v1/kv/configuration/seafile/conf/ccnet.conf?raw" + destination = "secrets/conf/ccnet.conf.tpl" + mode = "file" + } + template { + source = "secrets/conf/ccnet.conf.tpl" + destination = "secrets/conf/ccnet.conf" + } + template { data = "{{ key \"configuration/seafile/ccnet/mykey.peer\" }}" destination = "secrets/ccnet/mykey.peer" @@ -119,10 +129,6 @@ job "seafile" { data = "{{ key \"configuration/seafile/ccnet/seafile.ini\" }}" destination = "secrets/ccnet/seafile.ini" } - template { - data = "{{ key \"configuration/seafile/conf/ccnet.conf\" }}" - destination = "secrets/conf/ccnet.conf" - } template { data = "{{ key \"configuration/seafile/conf/mykey.peer\" }}" destination = "secrets/conf/mykey.peer" -- cgit v1.2.3