chore: cleanup

fix: backupbot labels
2023-04-24 11:50:41 +02:00 · 2023-04-24 11:49:38 +02:00
5 changed files with 13 additions and 33 deletions
--- a/.env.sample
+++ b/.env.sample
@ -10,9 +10,6 @@ SECRET_DB_ROOT_PASSWORD_VERSION=v1
 SECRET_ADMIN_PASSWORD_VERSION=v1

 # SSO_ENABLED=0
-## only set one of those depending on which SSO you're using
-# SSO_AUTHENTIK=1
-# SSO_KEYCLOAK=0
 # SSO_PROVIDER_URL=https://sso.example.org/
 # SSO_SAML_URL=https://sso.example.org/application/saml/<application-slug>/sso/binding/redirect/
 # SSO_LOGOUT_URL=https://sso.example.org/if/session-end/<application-slug>/
--- a/abra.sh
+++ b/abra.sh
@ -1,7 +1,7 @@
 export ENTRYPOINT_CONF_VERSION=v1
-export LOCAL_CONF_VERSION=v3
+export LOCAL_CONF_VERSION=v1

 create_admin () {
    export DATABASE_URL="$DATABASE_TYPE://$DATABASE_USER:$(cat /run/secrets/db_password)@$DATABASE_HOST/$DATABASE_NAME"
-    /opt/kimai/bin/console kimai:create-user admin admin@example.org ROLE_SUPER_ADMIN
+    /opt/kimai/bin/console kimai:create-user admin admin@example.org ROLE_SUPER_ADMIN 
 }
--- a/compose.yml
+++ b/compose.yml
@ -15,8 +15,6 @@ services:
      - DATABASE_PASSWORD_FILE=/run/secrets/db_password
      - DOMAIN
      - SSO_ENABLED
-      - SSO_KEYCLOAK
-      - SSO_AUTHENTIK
      - SSO_PROVIDER_URL
      - SSO_SAML_URL
      - SSO_LOGOUT_URL
@ -38,7 +36,6 @@ services:
      - admin_password
    depends_on:
      - db
-    #entrypoint: ['tail', '-f', '/dev/null']
    entrypoint: /docker-entrypoint.sh
    #healthcheck:
    #  test: curl -s -o /dev/null http://localhost:8001 || exit 1
@ -59,7 +56,7 @@ services:
        - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
-        - "coop-cloud.${STACK_NAME}.version=0.3.0+apache-1.29.1-prod"
+        - "coop-cloud.${STACK_NAME}.version=0.2.0+apache-debian-1.29.1-prod"
  db:
    image: mysql:5.7
    environment:
@ -81,18 +78,19 @@ services:
    #  start_period: 10s
    #  timeout: 10s
    #  retries: 3
-
    deploy:
      labels:
-        - backupbot.backup="true"
-        - backupbot.backup.pre-hook='mkdir -p /tmp/backup/ && mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" kimai > /tmp/backup/backup.sql'
-        - backupbot.backup.post-hook="rm -rf /tmp/backup"
-        - backupbot.backup.path="/tmp/backup/"
+        - "backupbot.backup=true"
+        - "backupbot.backup.pre-hook=sh -c 'mysqldump --single-transaction -u root -p\"$$(cat /run/secrets/db_root_password)\" kimai > /tmp/backup.sql'"
+        - "backupbot.backup.post-hook=rm -rf /tmp/backup.sql"
+        - "backupbot.backup.path=/tmp/backup.sql"

 volumes:
  kimai_var:
  kimai_public:
  mariadb:
+
+
 secrets:
  db_password:
    external: true
@ -103,10 +101,13 @@ secrets:
  admin_password:
    external: true
    name: ${STACK_NAME}_admin_password_${SECRET_ADMIN_PASSWORD_VERSION}
+
 networks:
  proxy:
    external: true
  internal:
+
+
 configs:
  entrypoint_conf:
    name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_CONF_VERSION}
--- a/local.yaml.tmpl
+++ b/local.yaml.tmpl
@ -3,27 +3,14 @@ kimai:
  saml:
    activate: true
    title: Login with SAML
-    {{ if eq (env "SSO_AUTHENTIK") "1" }}
    mapping:
      - { saml: $http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress, kimai: email }
      - { saml: $http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name, kimai: alias }
    roles:
      attribute: http://schemas.xmlsoap.org/claims/Group
-      resetOnLogin: true
-      attribute: Roles
      mapping:
+      # Insert your roles here (ROLE_USER is added automatically)
        - { saml: admin.group, kimai: ROLE_ADMIN }
-    {{ else if eq (env "SSO_KEYCLOAK") "1" }}
-    mapping:
-      - { saml: $Email, kimai: email }
-      - { saml: $FirstName $LastName, kimai: alias }
-    roles:
-      resetOnLogin: true
-      attribute: Roles
-      mapping:
-        - { saml: Admins, kimai: ROLE_ADMIN }
-        - { saml: Management, kimai: ROLE_TEAMLEAD }
-    {{ end }}
    connection:
      # You SAML provider
      # Your Authentik instance, replace https://authentik.company with your authentik URL
--- a/release/0.3.0+apache-debian-1.29.1-prod
+++ b/release/0.3.0+apache-debian-1.29.1-prod
@ -1,5 +0,0 @@
-If you have SSO enabled this upgrade will break unless you add
-`SSO_KEYCLOAK=1` or `SSO_AUTHENTIK=1` in your env file for kimai!
-This allows us to support both SSO methods
-
-knoflook @ kotec.pl
Author	SHA1	Message	Date
Philipp Rothmann	92c3bcf27e	chore: cleanup All checks were successful continuous-integration/drone/push Build is passing Details	2023-04-24 11:50:41 +02:00
Philipp Rothmann	5c4f6098bf	fix: backupbot labels	2023-04-24 11:49:38 +02:00