kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-06-25 03:38:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Solved csp bugs

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-06-03 17:49:55 +02:00
parent ebd74db3c4
commit 6d857663fb
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
6 changed files with 55 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
filter_plugins/csp_filters.py
View File

@ -117,7 +117,7 @@ class FilterModule(object):
# ReCaptcha integration: allow loading scripts from Google if feature enabled # ReCaptcha integration: allow loading scripts from Google if feature enabled
if self.is_feature_enabled(applications, 'recaptcha', application_id): if self.is_feature_enabled(applications, 'recaptcha', application_id):
if directive == 'script-src-elem': if directive in ['script-src-elem',"frame-src"]:
tokens.append('https://www.gstatic.com') tokens.append('https://www.gstatic.com')
tokens.append('https://www.google.com') tokens.append('https://www.google.com')

13
roles/docker-nextcloud/Update.md
View File

@ -1,13 +0,0 @@
# Update Nextcloud (manuel)
To perform a manuel Nexcloud update execute:
```bash
docker-compose exec -T -u www-data application /var/www/html/occ upgrade
docker-compose exec -T -u www-data application /var/www/html/occ maintenance:repair --include-expensive
docker-compose exec -T -u www-data application /var/www/html/occ app:update --all
docker-compose exec -T -u www-data application /var/www/html/occ db:add-missing-columns
docker-compose exec -T -u www-data application /var/www/html/occ db:add-missing-indices
docker-compose exec -T -u www-data application /var/www/html/occ db:add-missing-primary-keys
docker-compose exec -T -u www-data application /var/www/html/occ maintenance:mode --off
```

43
roles/docker-nextcloud/docs/OCC.md
View File

@ -9,49 +9,6 @@ To use OCC, run:
```bash ```bash
docker-compose exec -it -u www-data application /var/www/html/occ docker-compose exec -it -u www-data application /var/www/html/occ
``` ```
## User Administration
### List Users
```bash
docker compose exec -it -u www-data application php occ user:list
```
### Get User Info
```bash
docker compose exec -u www-data application php occ user:info {{username}}
```
### Sync Users
```bash
docker compose exec -it -u www-data application php occ user:sync
```
### Create user via CLI
```bash
docker compose exec -it -u www-data application php occ user:add {{username}}
```
### Make user admin via cli
```bash
docker compose exec -it -u www-data application php occ group:adduser admin {{username}}
```
### Delete user via CLI
```bash
docker compose exec -it -u www-data application php occ user:delete {{username}}
```
### Delete all User (if no ldap is used)
```bash
for user in $(docker compose exec -u www-data application php occ user:list --output=json | jq -r 'keys[]'); do
docker compose exec -u www-data application php occ user:delete "$user"
done
```
### Identify users which exist still in nextcloud but not in LDAP anymore
```bash
occ ldap:show-remnants
```
## App Administration ## App Administration
```bash ```bash

43
roles/docker-nextcloud/docs/Users.md Normal file
View File

@ -0,0 +1,43 @@
# User Administration
### List Users
```bash
docker compose exec -it -u www-data application php occ user:list
```
### Get User Info
```bash
docker compose exec -u www-data application php occ user:info {{username}}
```
### Sync Users
```bash
docker compose exec -it -u www-data application php occ user:sync
```
### Create user via CLI
```bash
docker compose exec -it -u www-data application php occ user:add {{username}}
```
### Make user admin via cli
```bash
docker compose exec -it -u www-data application php occ group:adduser admin {{username}}
```
### Delete user via CLI
```bash
docker compose exec -it -u www-data application php occ user:delete {{username}}
```
### Delete all User (if no ldap is used)
```bash
for user in $(docker compose exec -u www-data application php occ user:list --output=json | jq -r 'keys[]'); do
docker compose exec -u www-data application php occ user:delete "$user"
done
```
### Identify users which exist still in nextcloud but not in LDAP anymore
```bash
occ ldap:show-remnants
```

8
roles/docker-nextcloud/tasks/main.yml
View File

@ -64,3 +64,11 @@
'Removing' in db_indices_result.stdout or 'Removing' in db_indices_result.stdout or
'updated successfully' in db_indices_result.stdout 'updated successfully' in db_indices_result.stdout
failed_when: db_indices_result.rc != 0 failed_when: db_indices_result.rc != 0
- name: Ensure Nextcloud administrator is in the 'admin' group
command: >
docker exec -u {{ nextcloud_docker_user }} {{ applications.nextcloud.container.application }}
php occ group:adduser admin {{ applications.nextcloud.users.administrator.username }}
register: add_admin_to_group
changed_when: "'Added user' in add_admin_to_group.stdout"
failed_when: add_admin_to_group.rc != 0 and "'is already a member of' not in add_admin_to_group.stderr"

4
roles/docker-presentation/vars/configuration.yml
View File

@ -17,8 +17,10 @@ csp:
flags: flags:
style-src: style-src:
unsafe-inline: true unsafe-inline: true
script-src-elem: script-src:
unsafe-eval: true unsafe-eval: true
script-src-elem:
unsafe-inline: true
domains: domains:
canonical: canonical:
- "slides.{{ primary_domain }}" - "slides.{{ primary_domain }}"