Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-12-18 23:05:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

find and replace fixes, will introduce errors

Browse Source
This commit is contained in:
Ariel Rin
2023-10-27 16:37:53 +10:00
parent b9d128259e
commit ffb526ab0c
52 changed files with 615 additions and 589 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs/features/services/discord.md
View File

@@ -33,8 +33,7 @@ CELERYBEAT_SCHEDULE['discord.update_all_usernames'] = {
}
```
```eval_rst
.. note::
:::{note}
You will have to add most the values for these settings, e.g. your Discord server ID (aka guild ID), later in the setup process.
```
@@ -48,8 +47,7 @@ Now retrieve the server ID [following this procedure.](https://support.discord.c
Update your auth project's settings file, inputting the server ID as `DISCORD_GUILD_ID`
```eval_rst
.. note::
:::{note}
If you already have a Discord server skip the creation step, but be sure to retrieve the server ID
```
@@ -107,12 +105,11 @@ Second, it is possible to exclude Discord roles from being managed by Auth at al
To exclude roles from being managed by Auth you only have to add them to the list of reserved group names in Group Management.
```eval_rst
.. note::
:::{note}
Role names on Discord are case sensitive, while reserved group names on Auth are not. Therefore reserved group names will cover all roles regardless of their case. For example if you have reserved the group name "alpha", then the Discord roles "alpha" and "Alpha" will both be persisted.
```
```eval_rst
```{eval-rst}
.. seealso::
For more information see :ref:`ref-reserved-group-names`.
```
@@ -123,11 +120,11 @@ The Discord service contains a number of tasks that can be run to manually perfo
You can run any of these tasks from the command line. Please make sure that you are in your venv and then you can run this command from the same folder that your manage.py is located:
```bash
```shell
celery -A myauth call discord.update_all_groups
```
```eval_rst
```{eval-rst}
======================== ====================================================
Name Description
======================== ====================================================
@@ -138,8 +135,7 @@ Name Description
======================== ====================================================
```
```eval_rst
.. note::
:::{note}
Depending on how many users you have, running these tasks can take considerable time to finish. You can calculate roughly 1 sec per user for all tasks, except update_all, which needs roughly 3 secs per user.
```
@@ -147,7 +143,7 @@ Name Description
You can configure your Discord services with the following settings:
```eval_rst
```{eval-rst}
=================================== ============================================================================================= =======
Name Description Default
=================================== ============================================================================================= =======
@@ -168,7 +164,7 @@ Name Description
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+

16
docs/features/services/discourse.md
View File

@@ -17,7 +17,7 @@ DISCOURSE_SSO_SECRET = ''
## Install Docker
```bash
```shell
wget -qO- https://get.docker.io/ | sh
```
@@ -25,14 +25,14 @@ wget -qO- https://get.docker.io/ | sh
### Download Discourse
```bash
```shell
mkdir /var/discourse
git clone https://github.com/discourse/discourse_docker.git /var/discourse
```
### Configure
```bash
```shell
cd /var/discourse
cp samples/standalone.yml containers/app.yml
nano containers/app.yml
@@ -68,7 +68,7 @@ Or any other port will do, if taken. Remember this number.
### Build and launch
```bash
```shell
nano /etc/default/docker
```
@@ -80,13 +80,13 @@ Uncomment this line:
Restart Docker:
```bash
```shell
service docker restart
```
Now build:
```bash
```shell
./launcher bootstrap app
./launcher start app
```
@@ -124,7 +124,7 @@ server {
From the `/var/discourse` directory,
```bash
```shell
./launcher enter app
rake admin:create
```
@@ -157,7 +157,7 @@ Finally run migrations and restart Gunicorn and Celery.
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+

30
docs/features/services/index.md
View File

@@ -4,26 +4,24 @@
## Supported Services
```eval_rst
.. toctree::
:maxdepth: 1
```{toctree}
:maxdepth: 1
discord
discourse
mumble
openfire
phpbb3
smf
teamspeak3
xenforo
discord
discourse
mumble
openfire
phpbb3
smf
teamspeak3
xenforo
```
## Tools
```eval_rst
.. toctree::
:maxdepth: 1
```{toctree}
:maxdepth: 1
nameformats
permissions
nameformats
permissions
```

47
docs/features/services/mumble.md
View File

@@ -2,12 +2,11 @@
Mumble is a free voice chat server. While not as flashy as TeamSpeak, it has all the functionality and is easier to customize. And is better. I may be slightly biased.
```eval_rst
.. note::
:::{note}
Note that this guide assumes that you have installed Auth with the official :doc:`/installation/allianceauth` guide under ``/home/allianceserver`` and that it is called ``myauth``. Accordingly it assumes that you have a service user called ``allianceserver`` that is used to run all Auth services under supervisor.
```
```eval_rst
```{eval-rst}
.. warning::
This guide is currently for Ubuntu only.
```
@@ -18,17 +17,17 @@ Mumble is a free voice chat server. While not as flashy as TeamSpeak, it has all
The mumble server package can be retrieved from a repository, which we need to add:
```bash
```shell
sudo apt-add-repository ppa:mumble/release
```
```bash
```shell
sudo apt-get update
```
Now three packages need to be installed:
```bash
```shell
sudo apt-get install python-software-properties mumble-server libqt5sql5-mysql
```
@@ -36,19 +35,19 @@ sudo apt-get install python-software-properties mumble-server libqt5sql5-mysql
Next, we need to download the latest authenticator release from the [authenticator repository](https://gitlab.com/allianceauth/mumble-authenticator).
```bash
```shell
git clone https://gitlab.com/allianceauth/mumble-authenticator /home/allianceserver/mumble-authenticator
```
We will now install the authenticator into your Auth virtual environment. Please make sure to activate it first:
```bash
```shell
source /home/allianceserver/venv/auth/bin/activate
```
Install the python dependencies for the mumble authenticator. Note that this process can take 2-10 minutes to complete.
```bash
```shell
pip install -r requirements.txt
```
@@ -66,7 +65,7 @@ GRANT ALL PRIVILEGES ON alliance_mumble . * TO 'allianceserver'@'localhost';
Mumble ships with a configuration file that needs customization. By default its located at `/etc/mumble-server.ini`. Open it with your favorite text editor:
```bash
```shell
sudo nano /etc/mumble-server.ini
```
@@ -90,7 +89,7 @@ Save and close the file.
To get Mumble superuser account credentials, run the following:
```bash
```shell
sudo dpkg-reconfigure mumble-server
```
@@ -98,7 +97,7 @@ Set the password to something youll remember and write it down. This is your
Now restart the server to see the changes reflected.
```bash
```shell
sudo service mumble-server restart
```
@@ -110,7 +109,7 @@ The ICE authenticator lives in the mumble-authenticator repository, cd to the di
Make a copy of the default config:
```bash
```shell
cp authenticator.ini.example authenticator.ini
```
@@ -124,19 +123,19 @@ Edit `authenticator.ini` and change these values:
Test your configuration by starting it:
```bash
```shell
python /home/allianceserver/mumble-authenticator/authenticator.py
```
And finally ensure the allianceserver user has read/write permissions to the mumble authenticator files before proceeding:
```bash
```shell
sudo chown -R allianceserver:allianceserver /home/allianceserver/mumble-authenticator
```
The authenticator needs to be running 24/7 to validate users on Mumble. This can be achieved by adding a section to your auth project's supervisor config file like the following example:
```text
```ini
[program:authenticator]
command=/home/allianceserver/venv/auth/bin/python authenticator.py
directory=/home/allianceserver/mumble-authenticator
@@ -151,7 +150,7 @@ priority=996
In addition we'd recommend to add the authenticator to Auth's restart group in your supervisor conf. For that you need to add it to the group line as shown in the following example:
```text
```ini
[group:myauth]
programs=beat,worker,gunicorn,authenticator
priority=999
@@ -159,7 +158,7 @@ priority=999
To enable the changes in your supervisor configuration you need to restart the supervisor process itself. And before we do that we are shutting down the current Auth supervisors gracefully:
```bash
```shell
sudo supervisor stop myauth:
sudo systemctl restart supervisor
```
@@ -187,11 +186,11 @@ MUMBLE_URL = "mumble.example.com"
Finally, run migrations and restart your supervisor to complete the setup:
```bash
```shell
python /home/allianceserver/myauth/manage.py migrate
```
```bash
```shell
supervisorctl restart myauth:
```
@@ -199,7 +198,7 @@ supervisorctl restart myauth:
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+
@@ -262,19 +261,19 @@ If Push to Talk is to your tastes, configure the suggestion as follows
With the default configuration your mumble server is public. Meaning that everyone who has the address can at least connect to it and might also be able join all channels that don't have any permissions set (Depending on your ACL configured for the root channel). If you want only registered member being able to join your mumble, you have to set a server password. To do so open your mumble server configuration which is by default located at `/etc/mumble-server.ini`.
```bash
```shell
sudo nano /etc/mumble-server.ini
```
Now search for `serverpassword=` and set your password here. If there is no such line, simply add it.
```text
```ini
serverpassword=YourSuperSecretServerPassword
```
Save the file and restart your mumble server afterwards.
```bash
```shell
sudo service mumble-server restart
```

11
docs/features/services/nameformats.md
View File

@@ -6,7 +6,7 @@ Each service's username or nickname, depending on which the service supports, ca
Currently the following services support custom name formats:
```eval_rst
```{eval-rst}
+-------------+-----------+-------------------------------------+
| Service | Used with | Default Formatter |
+=============+===========+=====================================+
@@ -30,8 +30,7 @@ Currently the following services support custom name formats:
+-------------+-----------+-------------------------------------+
```
```eval_rst
.. note::
:::{note}
It's important to note here, before we get into what you can do with a name formatter, that before the generated name is passed off to the service to create an account it will be sanitized to remove characters (the letters and numbers etc.) that the service cannot support. This means that, despite what you configured, the service may display something different. It is up to you to test your formatter and understand how your format may be disrupted by a certain services sanitization function.
```
@@ -59,7 +58,7 @@ A more digestible documentation of string formatting in Python is available on t
Some examples of strings you could use:
```eval_rst
```{eval-rst}
+------------------------------------------+---------------------------+
| Formatter | Result |
+==========================================+===========================+
@@ -71,12 +70,12 @@ Some examples of strings you could use:
+------------------------------------------+---------------------------+
```
```eval_rst
```{eval-rst}
.. important::
For most services, name formats only take effect when a user creates an account. This means if you create or update a name formatter it wont retroactively alter the format of users names. There are some exceptions to this where the service updates nicknames on a periodic basis. Check the service's documentation to see which of these apply.
```
```eval_rst
```{eval-rst}
.. important::
You must only create one formatter per service per state. E.g. don't create two formatters for Mumble for the Member state. In this case one of the formatters will be used and it may not be the formatter you are expecting.
```

16
docs/features/services/openfire.md
View File

@@ -25,18 +25,18 @@ Openfire require a Java 8 runtime environment.
Ubuntu 1804, 2004, 2204:
```bash
```shell
sudo apt-get install openjdk-11-jre
```
Centos 7:
```bash
```shell
sudo yum install java-11-openjdk java-11-openjdk-devel
```
Centos Stream 8, Stream 9:
```bash
```shell
sudo dnf install java-11-openjdk java-11-openjdk-devel
```
@@ -51,7 +51,7 @@ On your PC, navigate to the [Ignite Realtime downloads section](https://www.igni
Retrieve the file location by copying the URL from the “click here” link, depending on your browser you may have a Copy Link or similar option in your right click menu.
In the console, ensure youre in your users home directory:
```bash
```shell
cd ~
```
@@ -59,14 +59,14 @@ Download and install the package, replacing the URL with the latest you got from
Ubuntu 1804, 2004, 2204:
```bash
```shell
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.7.2_all.deb
dpkg -i openfire_4.7.2_all.deb
```
Centos 7, Stream 8, Stream 9:
```bash
```shell
wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire-4.7.2-1.noarch.rpm
yum install -y openfire-4.7.2-1.noarch.rpm
```
@@ -74,7 +74,7 @@ yum install -y openfire-4.7.2-1.noarch.rpm
Performance is best when working from a SQL database. If you installed MySQL or MariaDB alongside your auth project, go ahead and create a database for Openfire:
```bash
```shell
mysql -u root -p
create database alliance_jabber;
grant all privileges on alliance_jabber . * to 'allianceserver'@'localhost';
@@ -165,7 +165,7 @@ ACL is achieved by assigning groups to each of the three tiers: `Owners`, `Admin
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+

4
docs/features/services/permissions.md
View File

@@ -6,7 +6,7 @@ In the past, access to services was dictated by a list of settings in `settings.
Instead of granting access to services by the previous rigid structure, access to services is now granted by the built in Django permissions system. This means that service access can be more granular, allowing only certain states, certain groups, for instance Corp CEOs, or even individual user access to each enabled service.
```eval_rst
```{eval-rst}
.. important::
If you grant access to an individual user, they will have access to that service regardless of whether or not they are a member.
```
@@ -19,7 +19,7 @@ A user can be granted the same permission from multiple sources. e.g. they may h
## Removing access
```eval_rst
```{eval-rst}
.. danger::
Access removal is processed immediately after removing a permission from a user or group. If you remove access from a large group, such as Member, it will immediately remove all users from that service.
```

16
docs/features/services/phpbb3.md
View File

@@ -34,7 +34,7 @@ DATABASES['phpbb3'] = {
Create a database to install phpBB3 in.
```bash
```shell
mysql -u root -p
create database alliance_forum;
grant all privileges on alliance_forum . * to 'allianceserver'@'localhost';
@@ -51,19 +51,19 @@ In the console, navigate to your users home directory: `cd ~`
Now download using wget, replacing the URL with the URL for the package you just retrieved
```bash
```shell
wget https://download.phpbb.com/pub/release/3.3/3.3.8/phpBB-3.3.8.zip
```
This needs to be unpackaged. Unzip it, replacing the file name with that of the file you just downloaded
```bash
```shell
unzip phpBB-3.3.8.zip
```
Now we need to move this to our web directory. Usually `/var/www/forums`.
```bash
```shell
mv phpBB3 /var/www/forums
```
@@ -72,7 +72,7 @@ The web server needs read/write permission to this folder
Apache: `chown -R www-data:www-data /var/www/forums`
Nginx: `chown -R nginx:nginx /var/www/forums`
```eval_rst
```{eval-rst}
.. tip::
Nginx: Some distributions use the ``www-data:www-data`` user:group instead of ``nginx:nginx``. If you run into problems with permissions try it instead.
..
@@ -157,7 +157,7 @@ phpBB will then write its own config file.
Before users can see the forums, we need to remove the install directory
```bash
```shell
rm -rf /var/www/forums/install
```
@@ -171,7 +171,7 @@ You can allow members to overwrite the portrait with a custom image if desired.
Users generated via Alliance Auth do not have a default theme set. You will need to set this on the phpbb_users table in SQL
```bash
```shell
mysql -u root -p
use alliance_forum;
alter table phpbb_users change user_style user_style int not null default 1
@@ -187,7 +187,7 @@ Once settings have been configured, run migrations and restart Gunicorn and Cele
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+

10
docs/features/services/smf.md
View File

@@ -36,17 +36,17 @@ Using your browser, you can download the latest version of SMF to your desktop c
Download using wget, replacing the URL with the URL for the package you just retrieved
```bash
```shell
wget https://download.simplemachines.org/index.php?thanks;filename=smf_2-1-2_install.tar.gz
```
This needs to be unpackaged. Unzip it, replacing the file name with that of the file you just downloaded
```bash
```shell
unzip smf_2-1-2_install.zip
```
Now we need to move this to our web directory. Usually `/var/www/forums`.
```bash
```shell
mv smf /var/www/forums
````
@@ -55,7 +55,7 @@ The web server needs read/write permission to this folder
Apache: `chown -R www-data:www-data /var/www/forums`
Nginx: `chown -R nginx:nginx /var/www/forums`
```eval_rst
```{eval-rst}
.. tip::
Nginx: Some distributions use the ``www-data:www-data`` user:group instead of ``nginx:nginx``. If you run into problems with permissions try it instead.
..
@@ -139,7 +139,7 @@ Once settings are entered, apply migrations and restart Gunicorn and Celery.
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+

18
docs/features/services/teamspeak3.md
View File

@@ -38,14 +38,14 @@ To install we need a copy of the server. You can find the latest version from th
Download the server, replacing the link with the link you got earlier.
``` bash
```bash
cd ~
wget https://files.teamspeak-services.com/releases/server/3.13.7/teamspeak3-server_linux_amd64-3.13.7.tar.bz2
```
Now we need to extract the file.
```bash
```shell
tar -xf teamspeak3-server_linux_amd64-3.13.7.tar.bz2
```
@@ -53,7 +53,7 @@ tar -xf teamspeak3-server_linux_amd64-3.13.7.tar.bz2
TeamSpeak needs its own user.
```bash
```shell
adduser --disabled-login teamspeak
```
@@ -61,7 +61,7 @@ adduser --disabled-login teamspeak
Now we move the server binary somewhere more accessible and change its ownership to the new user.
```bash
```shell
mv teamspeak3-server_linux_amd64 /usr/local/teamspeak
chown -R teamspeak:teamspeak /usr/local/teamspeak
```
@@ -70,14 +70,14 @@ chown -R teamspeak:teamspeak /usr/local/teamspeak
Now we generate a startup script so TeamSpeak comes up with the server.
```bash
```shell
ln -s /usr/local/teamspeak/ts3server_startscript.sh /etc/init.d/teamspeak
update-rc.d teamspeak defaults
```
Finally we start the server.
```bash
```shell
service teamspeak start
```
@@ -85,7 +85,7 @@ service teamspeak start
Set your Teamspeak Serveradmin password to a random string
```bash
```shell
./ts3server_minimal_runscript.sh inifile=ts3server.ini serveradmin_password=pleasegeneratearandomstring
```
@@ -139,7 +139,7 @@ Then, in the top-right corner click, click on `Update TS3 Groups` to start the p
Start a django shell with:
```bash
```shell
python manage.py shell
```
@@ -180,7 +180,7 @@ This usually occurs if you've created a separate serverquery user to use with au
To use and configure this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+

2
docs/features/services/xenforo.md
View File

@@ -47,7 +47,7 @@ Once these are entered, run migrations and restart Gunicorn and Celery.
To use this service, users will require some of the following.
```eval_rst
```{eval-rst}
+---------------------------------------+------------------+--------------------------------------------------------------------------+
| Permission | Admin Site | Auth Site |
+=======================================+==================+==========================================================================+