From: Matt Birkholz Date: Sun, 2 Nov 2025 22:36:37 +0000 (-0700) Subject: Punt expect(1). Nextcloud user commands have --password-from-env. X-Git-Url: https://birchwood-abbey.net/git?a=commitdiff_plain;h=f68975f5c175ff10f454a069db360de09cb9a74d;p=Institute.git Punt expect(1). Nextcloud user commands have --password-from-env. --- diff --git a/README.org b/README.org index 8c9ab4c..74d36fb 100644 --- a/README.org +++ b/README.org @@ -978,7 +978,7 @@ modem and installed them as shown below. : $ sudo apt install wireguard systemd-resolved unattended-upgrades \ : _ chrony isc-dhcp-server bind9 apache2 postfix \ -: _ dovecot-imapd fetchmail expect rsync gnupg +: _ dovecot-imapd fetchmail rsync gnupg Manual installation of Postfix prompted for configuration type and mail name. The answers given are listed here. @@ -2882,19 +2882,6 @@ The institute prefers to install security updates as soon as possible. apt: pkg=unattended-upgrades #+END_SRC -** Install Expect - -The ~expect~ program is used by [[* The Institute Commands][The Institute Commands]] to interact -with Nextcloud on the command line. - -#+CAPTION: [[file:roles_t/core/tasks/main.yml][=roles_t/core/tasks/main.yml=]] -#+BEGIN_SRC conf :tangle roles_t/core/tasks/main.yml - -- name: Install expect. - become: yes - apt: pkg=expect -#+END_SRC - ** Configure User Accounts User accounts are created immediately so that backups can begin @@ -6232,28 +6219,15 @@ sub strip_vault ($) { #+CAPTION: [[file:playbooks/nextcloud-new.yml][=playbooks/nextcloud-new.yml=]] #+BEGIN_SRC conf :tangle playbooks/nextcloud-new.yml - hosts: core - no_log: yes tasks: - name: Run occ user:add. - shell: | - spawn sudo -u www-data /usr/bin/php occ user:add {{ user }} - expect { - "Enter password:" {} - timeout { exit 1 } - } - send "{{ pass|quote }}\n"; - expect { - "Confirm password:" {} - timeout { exit 2 } - } - send "{{ pass|quote }}\n"; - expect { - "The user \"{{ user }}\" was created successfully" {} - timeout { exit 3 } - } - args: + become: yes + shell: chdir: /var/www/nextcloud/ - executable: /usr/bin/expect + cmd: > + sudo -u www-data sh -c + "OC_PASS={{ pass }} + php occ user:add {{ user }} --password-from-env" #+END_SRC ** The Pass Command @@ -6423,8 +6397,8 @@ As always: please email root with any questions or concerns.\n"; } #+END_SRC -And here is the playbook that interacts with Nextcloud's ~occ -users:resetpassword~ command using ~expect(1)~. +And here is the playbook that runs Nextcloud's ~occ +users:resetpassword~ command. #+CAPTION: [[file:playbooks/nextcloud-pass.yml][=playbooks/nextcloud-pass.yml=]] #+BEGIN_SRC conf :tangle playbooks/nextcloud-pass.yml @@ -6432,27 +6406,13 @@ users:resetpassword~ command using ~expect(1)~. no_log: yes tasks: - name: Run occ user:resetpassword. - shell: | - spawn sudo -u www-data \ - /usr/bin/php occ user:resetpassword {{ user }} - expect { - "Enter a new password:" {} - timeout { exit 1 } - } - send "{{ pass|quote }}\n" - expect { - "Confirm the new password:" {} - timeout { exit 2 } - } - send "{{ pass|quote }}\n" - expect { - "Successfully reset password for {{ user }}" {} - "Please choose a different password." { exit 3 } - timeout { exit 4 } - } - args: + become: yes + become_user: www-data + shell: chdir: /var/www/nextcloud/ - executable: /usr/bin/expect + cmd: > + OC_PASS={{ pass }} + php occ user:resetpassword {{ user }} --password-from-env #+END_SRC *** Installing the Less Aggressive passwd @@ -6550,15 +6510,11 @@ if (defined $ARGV[0] && $ARGV[0] eq "old") { - hosts: core tasks: - name: Run occ user:disable. - shell: | - spawn sudo -u www-data /usr/bin/php occ user:disable {{ user }} - expect { - "The specified user is disabled" {} - timeout { exit 1 } - } - args: + become: yes + become_user: www-data + shell: chdir: /var/www/nextcloud/ - executable: /usr/bin/expect + cmd: php occ user:disable {{ user }} #+END_SRC ** The Client Command @@ -7318,7 +7274,7 @@ The script starts by installing additional software packages. sudo apt install wireguard systemd-resolved unattended-upgrades \ chrony isc-dhcp-server bind9 apache2 postfix \ - dovecot-imapd fetchmail expect rsync gnupg \ + dovecot-imapd fetchmail rsync gnupg \ mariadb-server php php-{apcu,bcmath,curl,gd,gmp}\ php-{json,mysql,mbstring,intl,imagick,xml,zip} \ libapache2-mod-php \ diff --git a/playbooks/nextcloud-new.yml b/playbooks/nextcloud-new.yml index f0c8308..aa27db3 100644 --- a/playbooks/nextcloud-new.yml +++ b/playbooks/nextcloud-new.yml @@ -1,23 +1,10 @@ - hosts: core - no_log: yes tasks: - name: Run occ user:add. - shell: | - spawn sudo -u www-data /usr/bin/php occ user:add {{ user }} - expect { - "Enter password:" {} - timeout { exit 1 } - } - send "{{ pass|quote }}\n"; - expect { - "Confirm password:" {} - timeout { exit 2 } - } - send "{{ pass|quote }}\n"; - expect { - "The user \"{{ user }}\" was created successfully" {} - timeout { exit 3 } - } - args: + become: yes + shell: chdir: /var/www/nextcloud/ - executable: /usr/bin/expect + cmd: > + sudo -u www-data sh -c + "OC_PASS={{ pass }} + php occ user:add {{ user }} --password-from-env" diff --git a/playbooks/nextcloud-old.yml b/playbooks/nextcloud-old.yml index 827aa20..6d1df1e 100644 --- a/playbooks/nextcloud-old.yml +++ b/playbooks/nextcloud-old.yml @@ -1,12 +1,8 @@ - hosts: core tasks: - name: Run occ user:disable. - shell: | - spawn sudo -u www-data /usr/bin/php occ user:disable {{ user }} - expect { - "The specified user is disabled" {} - timeout { exit 1 } - } - args: + become: yes + become_user: www-data + shell: chdir: /var/www/nextcloud/ - executable: /usr/bin/expect + cmd: php occ user:disable {{ user }} diff --git a/playbooks/nextcloud-pass.yml b/playbooks/nextcloud-pass.yml index 36df93c..4a38955 100644 --- a/playbooks/nextcloud-pass.yml +++ b/playbooks/nextcloud-pass.yml @@ -2,24 +2,10 @@ no_log: yes tasks: - name: Run occ user:resetpassword. - shell: | - spawn sudo -u www-data \ - /usr/bin/php occ user:resetpassword {{ user }} - expect { - "Enter a new password:" {} - timeout { exit 1 } - } - send "{{ pass|quote }}\n" - expect { - "Confirm the new password:" {} - timeout { exit 2 } - } - send "{{ pass|quote }}\n" - expect { - "Successfully reset password for {{ user }}" {} - "Please choose a different password." { exit 3 } - timeout { exit 4 } - } - args: + become: yes + become_user: www-data + shell: chdir: /var/www/nextcloud/ - executable: /usr/bin/expect + cmd: > + OC_PASS={{ pass }} + php occ user:resetpassword {{ user }} --password-from-env diff --git a/private/test-core-prep b/private/test-core-prep index da2f016..53af72b 100755 --- a/private/test-core-prep +++ b/private/test-core-prep @@ -2,7 +2,7 @@ sudo apt install wireguard systemd-resolved unattended-upgrades \ chrony isc-dhcp-server bind9 apache2 postfix \ - dovecot-imapd fetchmail expect rsync gnupg \ + dovecot-imapd fetchmail rsync gnupg \ mariadb-server php php-{apcu,bcmath,curl,gd,gmp}\ php-{json,mysql,mbstring,intl,imagick,xml,zip} \ libapache2-mod-php \ diff --git a/roles_t/core/tasks/main.yml b/roles_t/core/tasks/main.yml index 1266c42..da87204 100644 --- a/roles_t/core/tasks/main.yml +++ b/roles_t/core/tasks/main.yml @@ -249,10 +249,6 @@ become: yes apt: pkg=unattended-upgrades -- name: Install expect. - become: yes - apt: pkg=expect - - name: Create user accounts. become: yes user: