akshay/docs.coopcloud.tech
0
0
Fork 0
forked from toolshed/docs.coopcloud.tech
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Yeet the app config guide

Browse Source
This commit is contained in:
3wc
2021-10-30 18:14:00 +02:00
parent 457e02fe8f
commit b8b8596812
1 changed files with 9 additions and 189 deletions
Download Patch File Download Diff File Expand all files Collapse all files

198
docs/app-config-guide.md
View File

@ -2,194 +2,14 @@
title: App config guide title: App config guide
--- ---
## Keycloak The tips that were previously on this page have moved to the relevant recipe README files, to keep everything in one place while we figure out the best long-term home for per-app documentation. Find the READMEs here:
#### How do I setup a custom theme? - [Keycloak][keycloak]
- [Nextcloud][nextcloud]
- [Drone][drone]
- [Peertube][peertube]
Check [this approach](https://git.autonomic.zone/ruangrupa/login.lumbung.space). [keycloak]: https://git.coopcloud.tech/coop-cloud/keycloak
[nextcloud]: https://git.coopcloud.tech/coop-cloud/nextcloud
#### How do I create another admin user? [drone]: https://git.coopcloud.tech/coop-cloud/drone
[peertube]: https://git.coopcloud.tech/coop-cloud/peertube
- Under the `Master` realm > `Users` > `Add user`
- Create the user and set a temporary password
- Under the `Role Mappings` tab, move `admin` from `Available Roles` into `Assigned Roles`
## Nextcloud
#### How do I customise the default home page when logging in?
- Delete the dashboard app since it is so corporate
- Follow [these docs](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/default_files_configuration.html) to set the default files list for each user in the Files app
- Configure a `defaultapp` in your `config.php` or use [apporder](https://apps.nextcloud.com/apps/apporder)
#### How do I integrate with Keycloak SSO?
Use [this plugin](https://github.com/pulsejet/nextcloud-oidc-login). Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit `/var/www/html/config/config.php`:
```
'oidc_login_client_id' => 'nextcloud',
'oidc_login_client_secret' => 'mysecret',
'oidc_login_provider_url' => 'https://example.com/auth/realms/myrealm',
'oidc_login_disable_registration' => false,
'oidc_login_hide_password_form' => true,
'oidc_login_button_text' => 'Log in with your myssodomain',
'oidc_login_default_group' => 'mygroup',
'oidc_login_attributes' =>
array (
'id' => 'sub',
'name' => 'name',
'mail' => 'email',
),
'oidc_create_groups' => true,
```
You can use [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) (see "Cryptic Usernames" work-around) to get proper usernames.
You might also need the following "Why is my synchronisation.." change if you see an error `'redirect_uri' is invalid`.
If you ever need to change the realm, you'll need to reset the cache with:
```
docker exec -u www-data <container-id> php occ config:app:delete oidc_login last_updated_well_known
docker exec -u www-data <container-id> php occ config:app:delete oidc_login last_updated_jwks
```
#### Why is my synchronisation client freezing on the "grant access" step?
Please see [this ticket](https://git.autonomic.zone/coop-cloud/nextcloud/issues/5).
#### How can I customise the CSS?
There is some basic stuff in the admin settings.
To go a little deeper, you can use [this handy app](https://apps.nextcloud.com/apps/theming_customcss).
Here is an example CSS config which hides the local login and makes space for a central image:
```css
#body-login .wrapper main form[name="login"],
#body-login .wrapper main form[name="login"] ~ a {
display: none;
}
#body-login .logo {
visibility: hidden;
}
#body-login #alternative-logins a.button[href*="oidc"] {
background: #233b4a;
color: #fff;
transition: all 0.2s ease-in-out;
}
#body-login #alternative-logins a.button[href*="oidc"]:hover {
background: linear-gradient(-35deg, #233b4a 40%, #486c83 100%);
}
#body-login #alternative-logins a.button[href*="/sociallogin/oauth/google"] {
border: 0;
color: #db4437 !important;
background-color: #fff;
}
#body-login
#alternative-logins
a.button[href*="/sociallogin/oauth/google"]::before {
width: 25px;
background-color: #db4437;
border-radius: 100%;
background-size: 60%;
background-position: center;
height: 25px;
vertical-align: middle;
margin-right: 4px;
}
#body-login main {
padding: 50vh 0 0 0;
}
#body-login a[href*="#body-login"] {
visibility: hidden;
}
#body-login footer a,
#body-login footer p {
color: #233b4a;
}
#body-login footer a:hover {
color: #fff;
}
#body-login footer p.info {
text-shadow: none;
}
```
## Drone
#### Generating deploy keys
We normally do something like the following.
```bash
ssh-keygen -t ed25519 -C drone@swarm.autonomic.zone
```
When you're loading them into Drone, make sure to use the right name of the organisation when using `drone orgsecret add`.
#### How to change orgsecret values
First, get your Drone CLI tool downloaded and the environment configured.
```bash
export DRONE_SERVER=https://drone.example.com
export DRONE_TOKEN=$(pass show your-pass-store-path)
curl -L https://github.com/drone/drone-cli/releases/latest/download/drone_linux_amd64.tar.gz | tar zx
```
Then you can do things like:
```
./drone orgsecret ls
./drone orgsecret add someorg my_deploy_key @my_private_key_file
```
#### How to enable build failure notifications
Add this to your `.drone.yml` file. See the [plugin docs](http://plugins.drone.io/drone-plugins/drone-slack/) for more.
```yaml
- name: notify rocket chat
image: plugins/slack
depends_on: ["mybuild"]
settings:
webhook:
from_secret: rc_builds_url
username: foobar
channel: "builds"
template: "{{repo.owner}}/{{repo.name}} build failed: {{build.link}}"
when:
status:
- failure
```
!!! warning
You must include valid names of pipelines in your `depends_on` list field.
This is so that the notification will wait until all other pipelines are
run before performing the notification logic.
#### Skipping CI builds
Add `[ci skip]` into the git commit message. You don't have to run builds if you don't want to.
## Peertube
#### How do I wire up Keycloak SSO?
Use [this plugin](https://framagit.org/framasoft/peertube/official-plugins/tree/master/peertube-plugin-auth-openid-connect).
#### How do I develop a custom theme?
See [this approach](https://git.autonomic.zone/ruangrupa/peertube-plugin-lumbung-space).