mirrors
/
nextcloud
Mirror von https://github.com/nextcloud/server.git
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Releases 993 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
66087 Commits
413 Branches
Struktur: bb34476b68
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „bb34476b68“
${ noResults }
nextcloud/.github/workflows/smb-kerberos.yml

smb-kerberos.yml 2.8KB
Originalformat Blame Verlauf

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. name: Samba Kerberos SSO

  2. on:

  3.   push:

  4.     branches:

  5.       - master

  6.       - stable*

  7.     paths:

  8.       - 'apps/files_external/**'

  9.   pull_request:

  10.     paths:

  11.       - 'apps/files_external/**'

  12. 

  13. jobs:

  14.   smb-kerberos-tests:

  15.     runs-on: ubuntu-latest

  16. 

  17.     name: kerberos

  18. 

  19.     steps:

  20.       - name: Checkout server

  21.         uses: actions/checkout@v3

  22.         with:

  23.           submodules: true

  24.       - name: Pull images

  25.         run: |

  26.           docker pull icewind1991/samba-krb-test-dc

  27.           docker pull icewind1991/samba-krb-test-apache

  28.           docker pull icewind1991/samba-krb-test-client

  29.       - name: Setup AD-DC

  30.         run: |

  31.           mkdir data

  32.           sudo chown -R 33 data apps config

  33.           apps/files_external/tests/setup-krb.sh

  34.       - name: Set up Nextcloud

  35.         run: |

  36.           docker exec --user 33 apache ./occ maintenance:install --verbose --database=sqlite --database-name=nextcloud --database-host=127.0.0.1 --database-user=root --database-pass=rootpassword --admin-user admin --admin-pass password

  37.           docker exec --user 33 apache ./occ config:system:set trusted_domains 1 --value 'httpd.domain.test'

  38. 

  39.           # setup user_saml

  40.           docker exec --user 33 apache ./occ app:enable user_saml --force

  41.           docker exec --user 33 apache ./occ config:app:set user_saml type --value 'environment-variable'

  42.           docker exec --user 33 apache ./occ config:app:set user_saml general-uid_mapping --value REMOTE_USER

  43. 

  44.           # setup external storage

  45.           docker exec --user 33 apache ./occ app:enable files_external --force

  46.           docker exec --user 33 apache ./occ files_external:create smb smb smb::kerberosapache

  47.           docker exec --user 33 apache ./occ files_external:config 1 host krb.domain.test

  48.           docker exec --user 33 apache ./occ files_external:config 1 share netlogon

  49.           docker exec --user 33 apache ./occ files_external:list

  50.       - name: Test SSO

  51.         run: |

  52.           mkdir cookies

  53.           chmod 0777 cookies

  54. 

  55.           DC_IP=$(docker inspect dc --format '{{.NetworkSettings.IPAddress}}')

  56.           echo "SAML login"

  57.           docker run --rm --name client -v $PWD/cookies:/cookies -v /tmp/shared:/shared --dns $DC_IP --hostname client.domain.test icewind1991/samba-krb-test-client \

  58.             curl -c /cookies/jar --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/index.php/apps/user_saml/saml/login

  59.           echo "Check we are logged in"

  60.           CONTENT=$(docker run --rm --name client -v $PWD/cookies:/cookies -v /tmp/shared:/shared --dns $DC_IP --hostname client.domain.test icewind1991/samba-krb-test-client \

  61.             curl -b /cookies/jar -s --negotiate -u testuser@DOMAIN.TEST: --delegation always http://httpd.domain.test/remote.php/webdav/smb/test.txt)

  62.           echo $CONTENT

  63.           CONTENT=$(echo $CONTENT | tr -d '[:space:]')

  64.           [[ $CONTENT == "testfile" ]]