nextcloud: occ maintenance:install leaves web UI in install state - nextcloud

I am trying to create a dockerfile where nextcloud will be installed through the cli, based on the docker images documented at https://hub.docker.com/_/nextcloud#running-this-image-with-docker-compose.
To test this, I manually run occ maintenance:install in the container, with the relevant parameters for admin user and database. After doing this, I see installed: true in occ status. Also, occ user:list shows me the new admin user.
However, after doing this, when I visit the web UI at http://localhost:8080, I still see the installation screen with "Create an admin account" and an "Install" button.
Also, requests to the ocs API, e.g. http://localhost:8080/ocs/v1.php/cloud/users, don't work.
To move forward and see what happens, I completed the install through the UI, creating a distinct user "admin1".
After doing this, occ user:list shows both the "admin" user from the cli installation, and the "admin1" user from the web UI installation. Also the ocs API works now.
So, what might be missing from the cli installation, that the web UI still thinks I need to install and create an admin user?

The confusion is coming from different installation directories.
The docker image contains one "installation" at /var/www/html and another at /usr/src/nextcloud. The web version uses the former. I suppose the latter is not really meant as an active instance.
For some reason I was using /usr/src/nextcloud/occ for occ. Obviously I had to use /var/www/html/occ instead.
Depending on circumstances, both could use the same database, which would result in users created in web and cli ending up in the same db table.

Related

I want to turn my localhost server into a real website

I created an application that runs on a localhost server using expressjs. And I also bought a domain.
I'm wondering if there is a way to take that localhost server and turn it into a real shared server
I tried once to use a hosting service like hostgator but I still don't know how I can turn the express app into a real website.
I have no experience with any web development services so please don't tell me to use ....... whatever because I will have no idea what that is.
For one thing it is not clear how your website actually works: if it is only express does it generate HTML or is it purely JSON passed to browser clients via get requests (to each their own).
There are so many options as to how you might do this: one of the best options is to first make sure your server runs on Docker. Find a tutorial on YouTube/google/Stack Overflow/Blogs on how to run your Express server with docker. If you do that you can deploy it to a Container manager like Google/Amazon/Digital Ocean. If this seems hard to you there are other options.
Presumably you run your server with something like npm start. This guide can show you how to do essentially that but on a cloud computer.
Before you begin make sure that you're locally working server is checked in to a cloud Git provider like Github, GitLab, Bitbucket, etc.
Since Amazon AWS, and Google Cloud have free tier or options for hosting for free for a certain amount of time (AWS 1 year) or for a certain amount of money (Google Cloud). These two seem like viable place to start.
If you find the option that you'd like you'll need to:
create an account
Create a server (choose a cheap one especially initially like mice/small/cheap etc).
Find a tutorial on how to "SSH" into that server (which basically means remotely control the terminal on that server). Google actually makes this fairly easy there's a big button that says SSH into this server.
Once you've logged into that Computer you'll be able to run the same commands you probably normally do on your home computer:
The computer you'll be getting is likely to be a virtual Linux Computer probably something like Linux Ubuntu. Find a tutorial on how to get git and node installed there (but it's something like sudo apt-get update && sudo apt-get install git node).
Once you have git and node try mkdir www and cd into that: mkdir www && cd project (This isn't critical but conventional.)
Copy the link that allows you to "Clone your repo using HTTPS" (there's a link at the top right of your GitHub (or others) repo that allows you to do that. You'll need to enter your password
Now all the files that you had on your computer are on this new computer.
Next you'll have to probably npm i to install your dependent NPM packages. (This assumes you properly used .gitignore to prevent GitHub from being filled with extra copies of your npm packages.)
Now you should be able to run your code as usual: npm run start
If all those steps work you'll want to get something that will run these "forever" like https://www.npmjs.com/package/forever npm i -g forever or even better: https://www.npmjs.com/package/pm2 will allow you to continuously run your express server.
Finally, you'll need to configure this server on AWS/Google/whatever service you're using to push traffic coming in on port 80 and 443 to port 3000 and open traffic to all. And depending on the service you chose that's different so find a tutorial for doing just that part.
This will only allow people across the internet to see your service on an AWS URL or a google URL. But it's a good chance to make sure everything works perfectly. Once you're happy with everything associate your purchased domain with that special AWS/Google domain. You can do that on the AWS side, or the GoDaddy/NameCheap/where-ever you bought your domain side.
For the docker option you can download aws-cli tools and upload your built docker container to AWS and have it available. Find a tutorial to do that.
Essentially your question is very broad so I sometimes brushed over some details, but this is essentially what you have to do.

How can I silently proceed with TeamCity First Start?

I have installed the TeamCity server on my infrastructure. I was e.g. able to silently configure the external database and some other stuff through the TeamCity configuration files. Now, when I start TeamCity, I am facing the "TeamCity First Start" web page, where I can choose if I want to restore my system from a backup or if I want to proceed with a First Start.
I would like to automate that installation as much as possible. Is there a reliable way, e.g. through the TeamCity API, to trigger the action underlying the "Proceed" button of that web page, other than writing a bot that browses the web page and clicks the button? I found no such thing in the API documentation, but I might have missed something.
I think something like this could be called on the server host:
curl -X POST http://localhost:8111/mnt/do/goNewInstallation
but I don't know what data to post and how to get the necessary authentication to be allowed to run that command. Indeed, running the above command yields the following error:
The session is not authenticated. Access denied.
At that time, the super user authentication token has not yet been displayed to the server log file.

Restart Kubernetes API server with different options

I'm pretty new to Kubernetes and clusters so this might be very simple.
I set up a Kubernetes cluster with 5 nodes using kubeadm following this guide. I got some issues but it all worked in the end. So now I want to install the Web UI (Dashboard). To do so I need to set up authentication:
Please note, this works only if the apiserver is set up to allow authentication with username and password. This is not currently the case with the some setup tools (e.g., kubeadm). Refer to the authentication admin documentation for information on how to configure authentication manually.
So I got to read authentication page of the documentation. And I decided I want to add authentication via a Static Password File. To do so I have to append the option --basic-auth-file=SOMEFILE to the Api server.
When I do ps -aux | grep kube-apiserver this is the result, so it is already running. (which makes sense because I use it when calling kubectl)
kube-apiserver
--insecure-bind-address=127.0.0.1
--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota
--service-cluster-ip-range=10.96.0.0/12
--service-account-key-file=/etc/kubernetes/pki/apiserver-key.pem
--client-ca-file=/etc/kubernetes/pki/ca.pem
--tls-cert-file=/etc/kubernetes/pki/apiserver.pem
--tls-private-key-file=/etc/kubernetes/pki/apiserver-key.pem
--token-auth-file=/etc/kubernetes/pki/tokens.csv
--secure-port=6443
--allow-privileged
--advertise-address=192.168.1.137
--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
--anonymous-auth=false
--etcd-servers=http://127.0.0.1:2379
Couple of questions I have:
So where are all these options set?
Can i just kill this process and restart it with the option I need?
Will it be started when I reboot the system?
in /etc/kubernetes/manifests is a file called kube-apiserver.json. This is a JSON file and contains all the option you can set. I've appended the --basic-auth-file=SOMEFILE and rebooted the system (right after the change of the file kubectl wasn't working anymore and the API was shutdown)
After a reboot the whole system was working again.
Update
I didn't manage to run the dashboard using this. What I did in the end was installing the dashboard on the cluster. copying the keys from the master node (/etc/kubernetes/admin.conf) to my laptop and did kubectl proxy to proxy the traffic of the dashboard to my local machine. Now I can access it on my laptop through 127.0.0.1:8001/ui
I just found this for a similar use case and the API server was crashing after adding an Option with a file path.
I was able to solve it and maybe this helps others as well:
As described in https://kubernetes.io/docs/reference/setup-tools/kubeadm/implementation-details/#constants-and-well-known-values-and-paths the files in /etc/kubernetes/manifests are static pod definitions. Therefore container rules apply.
So if you add an option with a file path, make sure you make it available to the pod with a hostPath volume.

Disable Trac Authentication for local Usage

I set up a local Trac wiki using a conda env, where I installed all dependencies, except the system packages, which I installed in the system:
trac-admin . initenv
I entered the required infos like project name there.
Then I run the Trac standalone server.
tracd --port 8000 .
inside the directory, where I set up the wiki.
Since this is supposed to be a wiki, which I use locally myself and not for any multiuser setup, I don't need any authentication functionality. How can I deactivate any authentication or need for login for Trac?
I know that I don't have permissions, because I used the quick search field for a page, which could not exist and when the wiki showed no results, it didn't offer a create page button of any kind. According to the StartPage, this means I don't have permissions.
I couldn't find any enable/disable setting for this in the ./conf/trac.ini to do this. It would also be acceptable to find an easy way to create a user, as which I login to Trac, but all the guides from Trac documentation assume prior knowledge of some kind of configuration files and they don't explain those exactly. For example here. Where does that configuration file even go and what kind of syntax does this use? Not really helpful.
You are correct that you need to modify the permissions (authorization). The permissions are stored in the database rather than trac.ini. You need to grant permission using trac-admin utility. See TracPermissions.
trac-admin $env permission add anonymous WIKI_CREATE WIKI_MODIFY WIKI_DELETE WIKI_RENAME
For help, execute:
trac-admin $env permission help
If you wish to setup authentication, see TracStandalone: UsingAuthentication.

How do I backup to google drive using duplicity?

I have been trying to get duplicity to backup to google drive. But it looks like it is still using the old client API.
I found some thread saying that the new API should be supported but not much details on how to get it to work.
I got as far as compiling and using duplicity 7.0.3 but then I got this error:
BackendException: GOOGLE_DRIVE_ACCOUNT_KEY environment variable not set. Please read the manpage to fix.
Has anyone set up duplicity to work with Google Drive and know how to do this?
Now that Google has begun forcing clients to use OAuth, using Google Drive as a backup target has actually gotten very confusing. I found an excellent blog post that walked me through it. The salient steps are:
Install PyDrive
PyDrive is the library that lets Duplicity use OAuth to access Drive.
pip install pydrive
should be sufficient, or you can go through your distribution's package manager.
Create an API token
Navigate to the Google Developer Console and log in. Create a project and select it from the drop-down on the top toolbar.
Now select the "Enable APIs and Services" button in the Dashboard, which should already be pulled up, but if not, is in the hamburger menu on the left.
Search for and enable the Drive API. After it's enabled, you can actually create the token. Choose "Credentials" from the left navigation bar, and click "Add Credential" > "OAuth 2.0 Client ID." Set the application type to "Other."
After the credential is created, click on it to view the details. Your Client ID and secret will be displayed. Take note of them.
Configure Duplicity
Whew. Time to actually configure the program. Paste the following into a file, replacing your client ID and secret with the ones from the Console above.
client_config_backend: settings
client_config:
client_id: <your client ID>.apps.googleusercontent.com
client_secret: <your client secret>
save_credentials: True
save_credentials_backend: file
save_credentials_file: gdrive.cache
get_refresh_token: True
(I'm using the excellent Duply frontend, so I saved this as ~/.duply/<server name>/gdrive).
Duplicity needs to be given the name of this file in the GOOGLE_DRIVE_SETTINGS environment variable. So you could invoke duplicity like this:
GOOGLE_DRIVE_SETTINGS=gdrive duplicity <...>
Or if you're using Duply, you can export this variable in the Duply configuration file:
export GOOGLE_DRIVE_SETTINGS=gdrive
Running Duplicity for the first time will begin the OAuth process; you'll be given a link to visit, which will ask permission for the app you created earlier in the Console to access your Drive account. Accept, and it will give you another authentication token to paste back into the terminal. The authorization info will be saved in a .cache file alongside the gdrive settings file.
At this point you should be good to go, and Duplicity should behave normally. Good luck!