eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

helm - allow to define an additional_trusted_proxy

Browse source 
Signed-off-by: Simon L <szaimen@e.mail.de>
This commit is contained in:
Simon L 2023-11-21 17:34:37 +01:00
parent 5a385ebdd3
commit 89a87d8b60
2 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
Containers/nextcloud/entrypoint.sh
View file

@ -516,6 +516,9 @@ fi
chmod 775 -R /var/www/html/custom_apps/notify_push/bin/ chmod 775 -R /var/www/html/custom_apps/notify_push/bin/
php /var/www/html/occ config:system:set trusted_proxies 0 --value="127.0.0.1" php /var/www/html/occ config:system:set trusted_proxies 0 --value="127.0.0.1"
php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1" php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1"
if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY"
fi
php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push" php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push"
# Collabora # Collabora
@ -561,6 +564,11 @@ if [ "$COLLABORA_ENABLED" = 'yes' ]; then
if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$PRIVATE_IP_RANGES"; then if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$PRIVATE_IP_RANGES"; then
COLLABORA_ALLOW_LIST+=",$PRIVATE_IP_RANGES" COLLABORA_ALLOW_LIST+=",$PRIVATE_IP_RANGES"
fi fi
if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
if ! echo "$COLLABORA_ALLOW_LIST" | grep -q "$ADDITIONAL_TRUSTED_PROXY"; then
COLLABORA_ALLOW_LIST+=",$ADDITIONAL_TRUSTED_PROXY"
fi
fi
php /var/www/html/occ config:app:set richdocuments wopi_allowlist --value="$COLLABORA_ALLOW_LIST" php /var/www/html/occ config:app:set richdocuments wopi_allowlist --value="$COLLABORA_ALLOW_LIST"
else else
echo "Warning: wopi_allowlist is empty which should not be the case!" echo "Warning: wopi_allowlist is empty which should not be the case!"

3
nextcloud-aio-helm-chart/update-helm.sh
View file

@ -233,6 +233,8 @@ cat << EOL > /tmp/additional.config
value: "{{ .Values.SUBSCRIPTION_KEY }}" value: "{{ .Values.SUBSCRIPTION_KEY }}"
- name: APPS_ALLOWLIST - name: APPS_ALLOWLIST
value: "{{ .Values.APPS_ALLOWLIST }}" value: "{{ .Values.APPS_ALLOWLIST }}"
- name: ADDITIONAL_TRUSTED_PROXY
value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
EOL EOL
# shellcheck disable=SC1083 # shellcheck disable=SC1083
find ./ -name '*nextcloud-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional.config" \{} \; find ./ -name '*nextcloud-deployment.yaml' -exec sed -i "/^.*\- env:/r /tmp/additional.config" \{} \;
@ -280,6 +282,7 @@ cat << ADDITIONAL_CONFIG >> /tmp/sample.conf
SUBSCRIPTION_KEY: # This allows to set the Nextcloud Enterprise key via ENV SUBSCRIPTION_KEY: # This allows to set the Nextcloud Enterprise key via ENV
APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments' APPS_ALLOWLIST: # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments'
ADDITIONAL_TRUSTED_PROXY: # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here.
SMTP_HOST: # (empty by default): The hostname of the SMTP server. SMTP_HOST: # (empty by default): The hostname of the SMTP server.
SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS. SMTP_SECURE: # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS.
SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS. SMTP_PORT: # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.