andrea/ldap-overleaf-slf-sl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: andrea:5.0.6
Branches Tags
andrea:master andrea:5.0.6 andrea:traefik
andrea:4.1.1 andrea:3.3.2
...
pull from: andrea:master
Branches Tags
andrea:master andrea:5.0.6 andrea:traefik
andrea:4.1.1 andrea:3.3.2

2 Commits
5.0.6 ... master

Author SHA1 Message Date
root
037bf36b3f fix update_texlive 2024-09-23 19:45:57 +00:00
root
018b51176f mildstone deploy 2024-07-28 09:36:18 +00:00
8 changed files with 114 additions and 26 deletions
Expand all files Collapse all files

4
.env
View File

@@ -1,6 +1,6 @@
# do not use quotes (") # do not use quotes (")
MYDOMAIN=MYDOMAIN.TLD MYDOMAIN=overleaf.mildstone.org
MYMAIL=MYEMAIL@MYDOMAIN.TLD MYMAIL=andrea.rgn@gmail.com
MYDATA=/data MYDATA=/data
LOGIN_TEXT=username LOGIN_TEXT=username
COLLAB_TEXT=Direct share with collaborators is enabled only for activated users! COLLAB_TEXT=Direct share with collaborators is enabled only for activated users!

2
Makefile
View File

@@ -4,7 +4,7 @@ build:
docker build --build-arg login_text="${LOGIN_TEXT}" \ docker build --build-arg login_text="${LOGIN_TEXT}" \
--build-arg collab_text="${COLLAB_TEXT}" \ --build-arg collab_text="${COLLAB_TEXT}" \
--build-arg admin_is_sysadmin="${ADMIN_IS_SYSADMIN}" \ --build-arg admin_is_sysadmin="${ADMIN_IS_SYSADMIN}" \
-t "ldap-overleaf-sl" ldap-overleaf-sl -t "ldap-overleaf-sl:240728" ldap-overleaf-sl
clean: check_clean clean: check_clean
docker-compose down docker-compose down

26
docker-compose.yml
View File

@@ -2,7 +2,7 @@ version: "2.2"
services: services:
sharelatex: sharelatex:
restart: always restart: always
image: ldap-overleaf-sl image: ldap-overleaf-sl:240728
container_name: ldap-overleaf-sl container_name: ldap-overleaf-sl
depends_on: depends_on:
mongo: mongo:
@@ -31,8 +31,8 @@ services:
SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}" SHARELATEX_EMAIL_FROM_ADDRESS: "noreply@${MYDOMAIN}"
# SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID: # SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
# SHARELATEX_EMAIL_AWS_SES_SECRET_KEY: # SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
SHARELATEX_EMAIL_SMTP_HOST: smtp.${MYDOMAIN} SHARELATEX_EMAIL_SMTP_HOST: 192.168.1.99
SHARELATEX_EMAIL_SMTP_PORT: 587 SHARELATEX_EMAIL_SMTP_PORT: 25
SHARELATEX_EMAIL_SMTP_SECURE: "false" SHARELATEX_EMAIL_SMTP_SECURE: "false"
# SHARELATEX_EMAIL_SMTP_USER: # SHARELATEX_EMAIL_SMTP_USER:
# SHARELATEX_EMAIL_SMTP_PASS: # SHARELATEX_EMAIL_SMTP_PASS:
@@ -40,6 +40,8 @@ services:
# SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false # SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues." SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by ${MYDOMAIN} - please contact ${MYMAIL} if you experience any issues."
#LOG_LEVEL: "debug"
# make public links accessible w/o login (link sharing issue) # make public links accessible w/o login (link sharing issue)
# https://github.com/overleaf/docker-image/issues/66 # https://github.com/overleaf/docker-image/issues/66
# https://github.com/overleaf/overleaf/issues/628 # https://github.com/overleaf/overleaf/issues/628
@@ -52,32 +54,34 @@ services:
# SHARELATEX_SECURE_COOKIE: "true" # SHARELATEX_SECURE_COOKIE: "true"
# SHARELATEX_BEHIND_PROXY: "true" # SHARELATEX_BEHIND_PROXY: "true"
LDAP_SERVER: ldaps://LDAPSERVER:636 LDAP_SERVER: ldap://ipa.mildstone.org:389
LDAP_BASE: ou=people,dc=DOMAIN,dc=TLD LDAP_BASE: cn=users,cn=accounts,dc=mildstone,dc=org
### There are to ways get users from the ldap server ### There are to ways get users from the ldap server
## NO LDAP BIND USER: ## NO LDAP BIND USER:
# Tries directly to bind with the login user (as uid) # Tries directly to bind with the login user (as uid)
# LDAP_BINDDN: uid=%u,ou=someunit,ou=people,dc=DOMAIN,dc=TLD # LDAP_BINDDN: uid=%u,ou=someunit,ou=people,dc=DOMAIN,dc=TLD
# LDAP_BINDDN: uid=%u,ou=people,dc=mildstone,dc=org
## Or you can use ai global LDAP_BIND_USER ## Or you can use ai global LDAP_BIND_USER
# LDAP_BIND_USER: LDAP_BIND_USER: uid=ldapsearch,cn=users,cn=accounts,dc=mildstone,dc=org
# LDAP_BIND_PW: LDAP_BIND_PW: ldap_ha39it9
# Only allow users matching LDAP_USER_FILTER # Only allow users matching LDAP_USER_FILTER
LDAP_USER_FILTER: "(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)" LDAP_USER_FILTER: "(&(memberof=cn=latexusers,cn=groups,cn=accounts,dc=mildstone,dc=org)(uid=%u))"
# If user is in ADMIN_GROUP on user creation (first login) isAdmin is set to true. # If user is in ADMIN_GROUP on user creation (first login) isAdmin is set to true.
# Admin Users can invite external (non ldap) users. This feature makes only sense # Admin Users can invite external (non ldap) users. This feature makes only sense
# when ALLOW_EMAIL_LOGIN is set to 'true'. Additionally admins can send # when ALLOW_EMAIL_LOGIN is set to 'true'. Additionally admins can send
# system wide messages. # system wide messages.
LDAP_ADMIN_GROUP_FILTER: "(memberof=cn=ADMINGROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)" LDAP_ADMIN_GROUP_FILTER: "(memberof=cn=admins,cn=groups,cn=accounts,dc=mildstone,dc=org)"
ALLOW_EMAIL_LOGIN: "true" ALLOW_EMAIL_LOGIN: "true"
# All users in the LDAP_CONTACT_FILTER are loaded from the ldap server into contacts. # All users in the LDAP_CONTACT_FILTER are loaded from the ldap server into contacts.
LDAP_CONTACT_FILTER: "(memberof=cn=GROUPNAME,ou=groups,dc=DOMAIN,dc=TLD)" LDAP_CONTACT_FILTER: "(memberof=cn=latexusers,cn=groups,cn=accounts,dc=mildstone,dc=org)"
LDAP_CONTACTS: "false" LDAP_CONTACTS: "true"
## OAuth2 Settings ## OAuth2 Settings
# OAUTH2_ENABLED: "true" # OAUTH2_ENABLED: "true"

14
ldap-overleaf-sl/Dockerfile
View File

@@ -13,10 +13,17 @@ ARG admin_is_sysadmin
# set workdir (might solve issue #2 - see https://stackoverflow.com/questions/57534295/) # set workdir (might solve issue #2 - see https://stackoverflow.com/questions/57534295/)
WORKDIR /overleaf/services/web WORKDIR /overleaf/services/web
RUN npm cache clean --force && \
npm install -g npm@10.5.0
# install latest npm # install latest npm
RUN npm install -g npm && \ RUN \
## clean cache (might solve issue #2) ## clean cache (might solve issue #2)
# npm cache clean --force && \ ##npm cache clean --force && \
##npm install -g npm@latest && \
npm install ldap-escape ldapts-search ldapts@3.2.4 && \ npm install ldap-escape ldapts-search ldapts@3.2.4 && \
# npm install bcrypt@5.0.0 && \ # npm install bcrypt@5.0.0 && \
## This variant of updateing texlive does not work ## This variant of updateing texlive does not work
@@ -85,3 +92,6 @@ RUN sed -iE "s/email@example.com/${login_text:-user}/g" /overleaf/services/web/a
# echo "/usr/cron.weekly/nginx-cert.sh 2>&1 > /dev/null" > /etc/rc.local && \ # echo "/usr/cron.weekly/nginx-cert.sh 2>&1 > /dev/null" > /etc/rc.local && \
# chmod 0744 /etc/rc.local # chmod 0744 /etc/rc.local
COPY update_texlive.sh /overleaf/services/web
RUN sh update_texlive.sh

15
ldap-overleaf-sl/update_texlive.sh Normal file
View File

@@ -0,0 +1,15 @@
#!/bin/sh
cd /usr/local/texlive/
if [ -d 2023 ]
then
cp -a 2023 2024
rm -f 2024/tlpkg/backups/*
cd 2024
wget https://mirror.ctan.org/systems/texlive/tlnet/update-tlmgr-latest.sh
sh update-tlmgr-latest.sh --accept
fi
tlmgr update --self --all
tlmgr install scheme-full
luaotfload-tool -fu

58
scripts/copy.sh Normal file
View File

@@ -0,0 +1,58 @@
#!/bin/bash
set -e
CONTAINER_FILE_PATHS=(
"/overleaf/services/web/app/src/Features/Authentication/AuthenticationManager.js"
"/overleaf/services/web/app/src/Features/Authentication/AuthenticationController.js"
"/overleaf/services/web/app/src/Features/Contacts/ContactController.js"
"/overleaf/services/web/app/src/router.js"
"/overleaf/services/web/app/views/user/settings.pug"
"/overleaf/services/web/app/views/user/login.pug"
"/overleaf/services/web/app/views/layout/navbar.pug"
"/overleaf/services/web/app/views/layout/navbar-marketing.pug"
"/overleaf/services/web/app/views/admin/index.pug"
"/overleaf/services/web/app/views/admin/index.pug"
)
FILENAMES=(
"AuthenticationManager.js"
"AuthenticationController.js"
"ContactController.js"
"router.js"
"settings.pug"
"login.pug"
"navbar.pug"
"navbar-marketing.pug"
"admin-index.pug"
"admin-sysadmin.pug"
)
if [ "${#CONTAINER_FILE_PATHS[@]}" -ne "${#FILENAMES[@]}" ]; then
echo "Error: The number of source files and target filenames does not match."
exit 1
fi
HOST_TARGET_PATH="ldap-overleaf-sl/sharelatex_ori"
if [ "$#" -ne 1 ]; then
echo "Usage: $0 [version]"
exit 1
else
VERSION=$1
fi
CONTAINER_NAME="tmp_sharelatex_for_extract_files"
IMAGE="sharelatex/sharelatex:$VERSION"
for i in "${!CONTAINER_FILE_PATHS[@]}"; do
file_path="${CONTAINER_FILE_PATHS[i]}"
new_filename="${FILENAMES[i]}"
new_target_path="$HOST_TARGET_PATH/$new_filename"
echo " copy: $new_target_path"
docker cp $CONTAINER_NAME:$file_path $new_target_path
done
#
#echo "Stopping and removing container..."
#docker stop $CONTAINER_NAME
#docker rm $CONTAINER_NAME

20
scripts/extract_files.sh
View File

@@ -60,13 +60,13 @@ docker run -d --name $CONTAINER_NAME $IMAGE
echo "Waiting for container to start up..." echo "Waiting for container to start up..."
sleep 10 sleep 10
for i in "${!CONTAINER_FILE_PATHS[@]}"; do #for i in "${!CONTAINER_FILE_PATHS[@]}"; do
file_path="${CONTAINER_FILE_PATHS[i]}" # file_path="${CONTAINER_FILE_PATHS[i]}"
new_filename="${FILENAMES[i]}" # new_filename="${FILENAMES[i]}"
new_target_path="$HOST_TARGET_PATH/$new_filename" # new_target_path="$HOST_TARGET_PATH/$new_filename"
docker cp $CONTAINER_NAME:$file_path $new_target_path # docker cp $CONTAINER_NAME:$file_path $new_target_path
done #done
#
echo "Stopping and removing container..." #echo "Stopping and removing container..."
docker stop $CONTAINER_NAME #docker stop $CONTAINER_NAME
docker rm $CONTAINER_NAME #docker rm $CONTAINER_NAME

1
scripts/make_diffs.sh
View File

@@ -8,6 +8,7 @@ for filename in $(ls $MODIFIED_DIR); do
raw_file="$ORI_DIR/$filename" raw_file="$ORI_DIR/$filename"
if [ -f "$raw_file" ]; then if [ -f "$raw_file" ]; then
echo "working on $raw_file"
diff_output="$DIFFS_DIR/${filename}.diff" diff_output="$DIFFS_DIR/${filename}.diff"
diff "$raw_file" "$MODIFIED_DIR/$filename" > "$diff_output" diff "$raw_file" "$MODIFIED_DIR/$filename" > "$diff_output"
else else