D5068.1774887647.diff
No OneTemporary
Actions

Authored By

Unknown

Size

13 KB

Referenced Files

None

Subscribers

None

D5068.1774887647.diff
View Options

	diff --git a/config.demo/src/database/seeds/DatabaseSeeder.php b/config.demo/src/database/seeds/DatabaseSeeder.php
	--- a/config.demo/src/database/seeds/DatabaseSeeder.php
	+++ b/config.demo/src/database/seeds/DatabaseSeeder.php
	@@ -14,7 +14,6 @@
	public function run()
	{
	$this->call([
	- Seeds\PassportSeeder::class,
	Seeds\IP4NetSeeder::class,
	Seeds\TenantSeeder::class,
	Seeds\DiscountSeeder::class,
	diff --git a/config.demo/src/database/seeds/PassportSeeder.php b/config.demo/src/database/seeds/PassportSeeder.php
	deleted file mode 100644
	--- a/config.demo/src/database/seeds/PassportSeeder.php
	+++ /dev/null
	@@ -1,64 +0,0 @@
	-<?php
	-
	-namespace Database\Seeds;
	-
	-use Laravel\Passport\Passport;
	-use Illuminate\Database\Seeder;
	-
	-class PassportSeeder extends Seeder
	-{
	- /**
	- * Run the database seeds.
	- *
	- * This emulates:
	- * './artisan passport:client --password --name="Kolab Password Grant Client" --provider=users'
	- *
	- * @return void
	- */
	- public function run()
	- {
	- //Create a password grant client for the webapp
	- $client = Passport::client()->forceFill([
	- 'user_id' => null,
	- 'name' => "Kolab Password Grant Client",
	- 'secret' => \config('auth.proxy.client_secret'),
	- 'provider' => 'users',
	- 'redirect' => 'https://' . \config('app.website_domain'),
	- 'personal_access_client' => 0,
	- 'password_client' => 1,
	- 'revoked' => false,
	- ]);
	- $client->id = \config('auth.proxy.client_id');
	- $client->save();
	-
	- // Create a client for Webmail SSO
	- $client = Passport::client()->forceFill([
	- 'user_id' => null,
	- 'name' => 'Webmail SSO client',
	- 'secret' => \config('auth.sso.client_secret'),
	- 'provider' => 'users',
	- 'redirect' => (str_starts_with(\config('app.webmail_url'), 'http') ? '' : 'https://' . \config('app.website_domain')) . \config('app.webmail_url') . 'index.php/login/oauth',
	- 'personal_access_client' => 0,
	- 'password_client' => 0,
	- 'revoked' => false,
	- 'allowed_scopes' => ['email', 'auth.token'],
	- ]);
	- $client->id = \config('auth.sso.client_id');
	- $client->save();
	-
	- // Create a client for synapse oauth
	- $client = Passport::client()->forceFill([
	- 'user_id' => null,
	- 'name' => "Synapse oauth client",
	- 'secret' => \config('auth.synapse.client_secret'),
	- 'provider' => 'users',
	- 'redirect' => 'https://' . \config('app.website_domain') . "/_synapse/client/oidc/callback",
	- 'personal_access_client' => 0,
	- 'password_client' => 0,
	- 'revoked' => false,
	- 'allowed_scopes' => ['email'],
	- ]);
	- $client->id = \config('auth.synapse.client_id');
	- $client->save();
	- }
	-}
	diff --git a/config.prod/src/database/seeds/DatabaseSeeder.php b/config.prod/src/database/seeds/DatabaseSeeder.php
	--- a/config.prod/src/database/seeds/DatabaseSeeder.php
	+++ b/config.prod/src/database/seeds/DatabaseSeeder.php
	@@ -14,12 +14,9 @@
	public function run()
	{
	$this->call([
	- Seeds\PassportSeeder::class,
	Seeds\PowerDNSSeeder::class,
	Seeds\TenantSeeder::class,
	Seeds\AdminSeeder::class,
	- Seeds\ImapAdminSeeder::class,
	- Seeds\NoreplySeeder::class,
	]);
	}
	}
	diff --git a/config.prod/src/database/seeds/ImapAdminSeeder.php b/config.prod/src/database/seeds/ImapAdminSeeder.php
	deleted file mode 100644
	--- a/config.prod/src/database/seeds/ImapAdminSeeder.php
	+++ /dev/null
	@@ -1,25 +0,0 @@
	-<?php
	-
	-namespace Database\Seeds;
	-
	-use App\User;
	-use Illuminate\Database\Seeder;
	-
	-class ImapAdminSeeder extends Seeder
	-{
	- /**
	- * Run the database seeds.
	- *
	- * Create imap admin service account, which is required for sasl httpauth to work
	- *
	- * @return void
	- */
	- public function run()
	- {
	- $user = new \App\User();
	- $user->email = \config('services.imap.admin_login');
	- $user->password = \config('services.imap.admin_password');
	- $user->role = \App\User::ROLE_SERVICE;
	- $user->save();
	- }
	-}
	diff --git a/config.prod/src/database/seeds/NoreplySeeder.php b/config.prod/src/database/seeds/NoreplySeeder.php
	deleted file mode 100644
	--- a/config.prod/src/database/seeds/NoreplySeeder.php
	+++ /dev/null
	@@ -1,28 +0,0 @@
	-<?php
	-
	-namespace Database\Seeds;
	-
	-use App\User;
	-use Illuminate\Database\Seeder;
	-
	-class NoreplySeeder extends Seeder
	-{
	- /**
	- * Run the database seeds.
	- *
	- * Create imap admin service account, which is required for sasl httpauth to work
	- *
	- * @return void
	- */
	- public function run()
	- {
	- if (!empty(\config('mail.mailers.smtp.username'))) {
	- User::create(
	- [
	- 'email' => \config('mail.mailers.smtp.username'),
	- 'password' => \config('mail.mailers.smtp.password')
	- ]
	- );
	- }
	- }
	-}
	diff --git a/config.prod/src/database/seeds/PassportSeeder.php b/config.prod/src/database/seeds/PassportSeeder.php
	deleted file mode 100644
	--- a/config.prod/src/database/seeds/PassportSeeder.php
	+++ /dev/null
	@@ -1,64 +0,0 @@
	-<?php
	-
	-namespace Database\Seeds;
	-
	-use Laravel\Passport\Passport;
	-use Illuminate\Database\Seeder;
	-
	-class PassportSeeder extends Seeder
	-{
	- /**
	- * Run the database seeds.
	- *
	- * This emulates:
	- * './artisan passport:client --password --name="Kolab Password Grant Client" --provider=users'
	- *
	- * @return void
	- */
	- public function run()
	- {
	- //Create a password grant client for the webapp
	- $client = Passport::client()->forceFill([
	- 'user_id' => null,
	- 'name' => "Kolab Password Grant Client",
	- 'secret' => \config('auth.proxy.client_secret'),
	- 'provider' => 'users',
	- 'redirect' => 'https://' . \config('app.website_domain'),
	- 'personal_access_client' => 0,
	- 'password_client' => 1,
	- 'revoked' => false,
	- ]);
	- $client->id = \config('auth.proxy.client_id');
	- $client->save();
	-
	- // Create a client for Webmail SSO
	- $client = Passport::client()->forceFill([
	- 'user_id' => null,
	- 'name' => 'Webmail SSO client',
	- 'secret' => \config('auth.sso.client_secret'),
	- 'provider' => 'users',
	- 'redirect' => (str_starts_with(\config('app.webmail_url'), 'http') ? '' : 'https://' . \config('app.website_domain')) . \config('app.webmail_url') . 'index.php/login/oauth',
	- 'personal_access_client' => 0,
	- 'password_client' => 0,
	- 'revoked' => false,
	- 'allowed_scopes' => ['email', 'auth.token'],
	- ]);
	- $client->id = \config('auth.sso.client_id');
	- $client->save();
	-
	- // Create a client for synapse oauth
	- $client = Passport::client()->forceFill([
	- 'user_id' => null,
	- 'name' => "Synapse oauth client",
	- 'secret' => \config('auth.synapse.client_secret'),
	- 'provider' => 'users',
	- 'redirect' => 'https://' . \config('app.website_domain') . "/_synapse/client/oidc/callback",
	- 'personal_access_client' => 0,
	- 'password_client' => 0,
	- 'revoked' => false,
	- 'allowed_scopes' => ['email'],
	- ]);
	- $client->id = \config('auth.synapse.client_id');
	- $client->save();
	- }
	-}
	diff --git a/docker/webapp/init.sh b/docker/webapp/init.sh
	--- a/docker/webapp/init.sh
	+++ b/docker/webapp/init.sh
	@@ -47,6 +47,7 @@

	echo "----> Running migrations"
	php -dmemory_limit=512M ./artisan migrate --force \|\| :
	+ php -dmemory_limit=512M ./artisan init
	echo "----> Starting horizon"
	exec ./artisan horizon
	;;
	@@ -83,6 +84,7 @@
	echo "----> Running migrations"
	php -dmemory_limit=512M ./artisan migrate --force
	fi
	+ php -dmemory_limit=512M ./artisan init
	nohup ./artisan horizon 2>&1 &
	exec ./artisan octane:start --host=$(env \| grep OCTANE_HTTP_HOST \| tail -n1 \| sed "s/OCTANE_HTTP_HOST=//")
	;;
	diff --git a/src/app/Console/Commands/Init.php b/src/app/Console/Commands/Init.php
	new file mode 100644
	--- /dev/null
	+++ b/src/app/Console/Commands/Init.php
	@@ -0,0 +1,137 @@
	+<?php
	+
	+namespace App\Console\Commands;
	+
	+use App\Console\Command;
	+use App\User;
	+use Laravel\Passport\Passport;
	+
	+class Init extends Command
	+{
	+ /**
	+ * The name and signature of the console command.
	+ *
	+ * @var string
	+ */
	+ protected $signature = 'init';
	+
	+ /**
	+ * The console command description.
	+ *
	+ * @var string
	+ */
	+ protected $description = 'Initialization command, making sure some expected db entries exist. Rerunnable to apply latest config changes.';
	+
	+ /**
	+ * Execute the console command.
	+ *
	+ * @return mixed
	+ */
	+ public function handle()
	+ {
	+ $this->createImapAdmin();
	+ $this->createNoreplyUser();
	+ $this->createPassportClients();
	+ }
	+
	+ private function createImapAdmin()
	+ {
	+ $user = User::where(['email' => \config('services.imap.admin_login')])->first();
	+ if (!$user) {
	+ $user = new \App\User();
	+ $user->email = \config('services.imap.admin_login');
	+ $user->password = \config('services.imap.admin_password');
	+ $user->role = \App\User::ROLE_SERVICE;
	+ $user->save();
	+ } else {
	+ $user->password = \config('services.imap.admin_password');
	+ $user->role = \App\User::ROLE_SERVICE;
	+ $user->update();
	+ }
	+ }
	+
	+ private function createNoreplyUser()
	+ {
	+ if (!empty(\config('mail.mailers.smtp.username'))) {
	+ $user = User::where(['email' => \config('services.mailers.smtp.username')])->first();
	+ if (!$user) {
	+ $user = new \App\User();
	+ $user->email = \config('mail.mailers.smtp.username');
	+ $user->password = \config('mail.mailers.smtp.password');
	+ $user->role = \App\User::ROLE_SERVICE;
	+ $user->save();
	+ } else {
	+ $user->password = \config('mail.mailers.smtp.password');
	+ $user->role = \App\User::ROLE_SERVICE;
	+ $user->update();
	+ }
	+ }
	+ }
	+
	+ /**
	+ * Execute the console command.
	+ *
	+ * @return mixed
	+ */
	+ private function createPassportClients()
	+ {
	+ //Create a password grant client for the webapp
	+ if (
	+ !empty(\config('auth.proxy.client_secret')) &&
	+ !Passport::client()->where('name', 'Kolab Password Grant Client')->whereNull('user_id')->exists()
	+ ) {
	+ $client = Passport::client()->forceFill([
	+ 'user_id' => null,
	+ 'name' => "Kolab Password Grant Client",
	+ 'secret' => \config('auth.proxy.client_secret'),
	+ 'provider' => 'users',
	+ 'redirect' => 'https://' . \config('app.website_domain'),
	+ 'personal_access_client' => 0,
	+ 'password_client' => 1,
	+ 'revoked' => false,
	+ ]);
	+ $client->id = \config('auth.proxy.client_id');
	+ $client->save();
	+ }
	+
	+ // Create a client for Webmail SSO
	+ if (
	+ !empty(\config('auth.sso.client_secret')) &&
	+ !Passport::client()->where('name', 'Webmail SSO client')->whereNull('user_id')->exists()
	+ ) {
	+ $client = Passport::client()->forceFill([
	+ 'user_id' => null,
	+ 'name' => 'Webmail SSO client',
	+ 'secret' => \config('auth.sso.client_secret'),
	+ 'provider' => 'users',
	+ 'redirect' => (str_starts_with(\config('app.webmail_url'), 'http') ? '' : 'https://' . \config('app.website_domain')) . \config('app.webmail_url') . 'index.php/login/oauth',
	+ 'personal_access_client' => 0,
	+ 'password_client' => 0,
	+ 'revoked' => false,
	+ 'allowed_scopes' => ['email', 'auth.token'],
	+ ]);
	+ $client->id = \config('auth.sso.client_id');
	+ $client->save();
	+ }
	+
	+ // Create a client for synapse oauth
	+ if (
	+ !empty(\config('auth.synapse.client_secret')) &&
	+ !Passport::client()->where('name', 'Synapse oauth client')->whereNull('user_id')->exists()
	+ ) {
	+ $client = Passport::client()->forceFill([
	+ 'user_id' => null,
	+ 'name' => "Synapse oauth client",
	+ 'secret' => \config('auth.synapse.client_secret'),
	+ 'provider' => 'users',
	+ 'redirect' => 'https://' . \config('app.website_domain') . "/_synapse/client/oidc/callback",
	+ 'personal_access_client' => 0,
	+ 'password_client' => 0,
	+ 'revoked' => false,
	+ 'allowed_scopes' => ['email'],
	+ ]);
	+ $client->id = \config('auth.synapse.client_id');
	+ $client->save();
	+ }
	+ }
	+}

File Metadata

Mime Type: text/plain
Expires: Mon, Mar 30, 4:20 PM (4 d, 7 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 18816543
Default Alt Text: D5068.1774887647.diff (13 KB)

D5068.1774887647.diffNo OneTemporaryActions

D5068.1774887647.diffView Options

File Metadata

Event Timeline

D5068.1774887647.diff
No OneTemporary
Actions

D5068.1774887647.diff
View Options