document nextcloud integration, for future nextcloud setups

doc/nextcloud-notes.md

@@ -0,0 +1,94 @@
+# Nextcloud integration
+
+- Based on [this plugin](https://github.com/nextcloud/user_external)
+- Install that plugin via web
+- Connect to server, enter nextcloud-docker-image: `docker exec -it nextcloud-aio-nextcloud bash`
+- Adapt `/var/www/html/custom_apps/user_external/lib/BasicAuth.php` to switch from BasicAuth to RowtAuth:
+```php
+<?php
+/**
+ * Copyright (c) 2019 Lutz Freitag <lutz.freitag@gottliebtfreitag.de>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OCA\UserExternal;
+
+class BasicAuth extends Base {
+    private $authUrl;
+
+    public function __construct($authUrl) {
+        parent::__construct($authUrl);
+        $this->authUrl = $authUrl;
+    }
+
+    /**
+     * Check if the password is correct without logging in the user
+     *
+     * @param string $uid      The username
+     * @param string $password The password
+     *
+     * @return true/false
+     */
+    public function checkPassword($uid, $password) {
+        // Prepare POST data with credentials
+        $postData = http_build_query([
+            'name' => $uid,
+            'password' => $password
+        ]);
+
+        // Create context with POST method
+        $context = stream_context_create([
+            'http' => [
+                'method' => 'POST',
+                'header' => 'Content-Type: application/x-www-form-urlencoded',
+                'content' => $postData,
+                'follow_location' => 0
+            ]
+        ]);
+
+        // Get the content of the response
+        $content = @file_get_contents($this->authUrl, false, $context);
+
+        if ($content === false) {
+            \OC::$server->getLogger()->error(
+                'ERROR: Failed to get content from Auth Url: '.$this->authUrl,
+                ['app' => 'user_external']
+            );
+            return false;
+        }
+
+        // Check if the content is "SUCC"
+        if (trim($content) === "SUCC") {
+            $this->storeUser($uid);
+            return $uid;
+        }
+
+        return false;
+    }
+}
+```
+- In `/var/www/html/config/config.php` add this:
+```
+ 'user_backends' => 
+  array (
+    0 => 
+    array (
+      'class' => '\\OCA\\UserExternal\\BasicAuth',
+      'arguments' => 
+      array (
+        0 => 'https://app.rudernlinz.at/nxauth',
+      ),
+    ),
+  ),
+```
+- In `/var/www/html/config/config.php` add this `'skeletondirectory' => '',` to disable default folders for new users
+- To automatically add users to a group (e.g. `vorstand`), use the `Auto Groups` plugin
+- Shared folders are not shared with new members due to [this bug](https://github.com/nextcloud/server/issues/25062#issuecomment-766445043)
+	- Find DB config: `docker exec nextcloud-aio-database env | grep POSTGRES`
+	- Workaround: Connect to docker-db: `docker exec -it nextcloud-aio-database bash`
+	- Connect to db: `psql -U nextcloud -d nextcloud_database`
+	- (with `\l` you see all dbs)
+	- Connect to nextcloud db: `\c nextcloud_database`
+	- Do query from issue: `UPDATE oc_share SET accepted = 1 WHERE share_type = 1;`