Add SAML, SMB and polish layout

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2026-03-27 13:38:39 +07:00 · 2020-01-02 22:46:56 +01:00
parent 0bf59b19a7
commit 210651b75c
2 changed files with 79 additions and 17 deletions
--- a/developer_manual/core/index.rst
+++ b/developer_manual/core/index.rst
@@ -12,3 +12,4 @@ Please make sure you have set up a :ref:`devenv`.
   translation
   unit-testing
   externalapi
+   ../how_to/index
--- a/developer_manual/how_to/index.rst
+++ b/developer_manual/how_to/index.rst
@@ -7,17 +7,15 @@ This page should explain how to test given features in Nextcloud.
 Redis
 -----

-First you need to install the `phpredis extension<https://github.com/phpredis/phpredis>`. There is a install document available `inside the repo<https://github.com/phpredis/phpredis/blob/develop/INSTALL.markdown>` and many linux distribtutions ship it in their repositories as well.
+First you need to install the `phpredis extension <https://github.com/phpredis/phpredis>`_ . There is a install document available `inside the repo <https://github.com/phpredis/phpredis/blob/develop/INSTALL.markdown>`_ and many linux distribtutions ship it in their repositories as well.

-..code:
-   

   pecl install redis

 Cluster
 ~~~~~~~

-For a local Redis cluster setup there are some docker script collected in `this repository<https://github.com/Grokzen/docker-redis-cluster>`. It boils down to clone the repo and run `make up`. Then the redis cluster is available at ``localhost:7000``.
+For a local Redis cluster setup there are some docker script collected in `this repository <https://github.com/Grokzen/docker-redis-cluster>`_. It boils down to clone the repo and run `make up`. Then the redis cluster is available at ``localhost:7000``.

 Following ``config.php`` can be used::

@@ -31,28 +29,91 @@ Following ``config.php`` can be used::
      'failover_mode' => \RedisCluster::FAILOVER_ERROR,
   ],

+SMB
+---
+
+::
+
+    mkdir /tmp/samba
+    docker run -it -p 139:139 -p 445:445 \
+        -v /tmp/samba:/smbmount dperson/samba \
+        -u "user;password" -s "public;/smbmount;yes;no;yes"
+
+Make sure that smbclient is installed on your Nextcloud server and has the following configuration:
+
+::
+
+    # /etc/samba/smb.conf
+    [global]
+    client min protocol = SMB2
+    client max protocol = SMB3
+    hide dot files = no
+
+The setup can be verified with
+
+::
+
+    smbclient //127.0.0.1/public -u user
+
+SAML setup with onelogin
+------------------------
+
+- create dev account on onelogin.com
+
+- log into onelogin.com
+
+- create new app: SAML Test Connector (Advanced)
+
+    - go to "Configuration"
+
+        - Audience: https://localhost/apps/user_saml/saml/metadata
+        - Recipient: https://localhost/apps/user_saml/saml/acs
+        - ACS (Consumer) URL Validator: https://localhost/apps/user_saml/saml/acs
+    
+    - go to "Parameters"
+    
+        - Add "User.email" -> email (and add to assertion)
+        - Add "User.FirstName" -> first name (and add to assertion)
+        - Add "User.LastName" -> last name (and add to assertion)
+
+- open Nextcloud SAML settings
+
+    - Select SAML
+    - Configure it according to https://portal.nextcloud.com/article/configuring-single-sign-on-10.html
+
+
 Collabora without SSL
 -----

-1) start Collabora
-    - docker run -p 127.0.0.1:9980:9980 -e 'domain=172.17.0.1' -e 'username=admin' -e 'password=487903ffcf4' -e extra_params='--o:ssl.enable=false' --restart always --cap-add MKNOD collabora/code
-    - 172.17.0.1 is localhost, which is default by Docker
-    - get IP of Collabora container: docker inspect --format='{{ .NetworkSettings.IPAddress }}' $containerName
+**1) Start Collabora in a docker container**

-2) configure Nextcloud
+::
+
+    docker run -p 127.0.0.1:9980:9980 -e 'domain=172.17.0.1' \
+        -e 'username=admin' -e 'password=487903ffcf4' \
+        -e extra_params='--o:ssl.enable=false' \
+        --restart always --cap-add MKNOD collabora/code
+
+- 172.17.0.1 is localhost, which is default by Docker
+- get IP of Collabora container: docker inspect --format='{{ .NetworkSettings.IPAddress }}' $containerName
+
+**2) Configure Nextcloud**
    - go to your local cloud (e.g. 172.17.0.1/nc) -> Settings -> Collabora
        - set URL to IP you found out above, e.g: http://172.17.0.2:9980
        - check "Disable certificate verification (insecure)

-3) use
+**3) Use**
    - please note that you cannot use it with localhost, but you have to enter a valid IP address of localhost
    - with this approach you can also use it with mobile clients
-4) troubleshoot
+**4) Troubleshoot**
    - http://172.17.0.2:9980/hosting/capabilities should give you:
+
+::
+
    {"convert-to":{"available":false},"hasMobileSupport":true,"hasTemplateSaveAs":true,"productName":"Collabora Online Development Edition"}

 OnlyOffice
------
+----------

 1) Create self signed cert, should be on a permanent path::

@@ -79,15 +140,15 @@ docker run --name=ONLYOFFICEDOCKER -i -t -d -p 4433:443 -e JWT_ENABLED='true' -e
 - vim /etc/onlyoffice/documentserver/local.json
    - change token -> inbox -> header to "AuthorizationJWT"
    - change token -> outbox -> header to "AuthorizationJWT"
- edit config.php of NC server:
-    - add::
+- Add the following to your config.php:
+    
+    ::

-    'onlyoffice' =>
-    array (
+        'onlyoffice' => array (
            'verify_peer_off' => true,
            'jwt_secret' => 'secret',
            'jwt_header' => 'AuthorizationJWT'
-    ),
+        ),

 - test with local ip: https://localhost:4433
    - accept cert warning