Created
June 1, 2021 13:47
-
-
Save alerque/d7976cce609053cde589aa177e1bc2b6 to your computer and use it in GitHub Desktop.
Migrate LDAP users in Nextcloud from UUIDs to Keycloak usernames
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env zsh | |
| # This is provided with NO SUPPORT, it worked for me but it is also hard coded to the exact | |
| # circumstances of by previous databaase and desired end schema. The paths to by data files | |
| # and database credentials would need to be adjusted. Backup both your file repository and | |
| # databased before even touching this. | |
| # Note this script is setup to run BTRFS snapshots and data dumps accourding to my backup | |
| # schemed on every run so I could experiment with several and rollback, but these sections | |
| # would be your responsibility to adapt to your backup methods. | |
| exit 1 | |
| set -e | |
| set -x | |
| sudo -v | |
| test -n "$DB_PASSWORD" | |
| get_uuids() { | |
| occ user:list --output json -i | | |
| jq -r '.[] | select(.backend == "LDAP") | .user_id' | | |
| grep -E '^.{36}$' | |
| } | |
| get_uid() { | |
| occ user:setting --output json $1 | | |
| jq -r .user_ldap.uid | |
| } | |
| sql() { | |
| echo "UPDATE $1 SET $2 = '$username' WHERE $2 = '$uuid';" | |
| } | |
| sql_replace() { | |
| echo "UPDATE $1 SET $2 = REPLACE($2, '$3$uuid', '$3$username');" | |
| } | |
| date=$(date +%Y-%m-%d-%H-%M-%S) | |
| occ maintenance:mode | grep -q disabled | |
| get_uuids | | |
| while read uuid; do | |
| get_uid $uuid | read username | |
| echo $uuid $username | sudo tee -a /bak/cruft/${date}_map >/dev/null | |
| # filecache has path_hash wich is md5sum(), can | |
| echo "START TRANSACTION;" | |
| sql accounts uid | |
| sql activity affecteduser | |
| sql activity user | |
| sql_replace addressbooks principaluri | |
| sql authtoken uid | |
| sql_replace calendars principaluri | |
| sql_replace cards carddata CLOUD: | |
| sql_replace cards carddata UID: | |
| sql_replace cards_properties preferred | |
| sql cards uid | |
| sql collres_accesscache user_id | |
| sql comments actor_id | |
| sql comments_read_markers user_id | |
| sql_replace filecache path | |
| sql files_trash user | |
| sql group_admin uid | |
| sql group_user uid | |
| sql ldap_user_mapping owncloud_name | |
| sql ldap_user_mapping directory_uuid | |
| sql_replace mounts mount_point | |
| sql mounts user_id | |
| sql preferences userid | |
| sql share share_with | |
| sql share uid_initiator | |
| sql share uid_owner | |
| sql_replace storages id home:: | |
| sql talk_attendees actor_id | |
| sql talk_rooms name | |
| sql twofactor_providers uid | |
| sql user_status user_id | |
| sql vcategory uid | |
| echo "COMMIT;" | |
| done | | |
| sudo tee /bak/cruft/${date}_updates.sql > /dev/null | |
| occ maintenance:mode --on | |
| # Backups | |
| sudo cp $0 /bak/cruft/${date}_script | |
| mysqldump -unextcloud -p$DB_PASSWORD nextcloud | sudo tee /bak/cruft/${date}_dump.sql >/dev/null | |
| sudo btrfs subvolume snapshot -r /srv/nextcloud/ /srv/.snapshots/nextcloud-$date | |
| sudo btrfs subvolume snapshot -r /srv/mariadb/ /srv/.snapshots/mariadb-$date | |
| # HOT STUFF, procede at your own risk | |
| exit 1 | |
| mysql -unextcloud -p$DB_PASSWORD nextcloud < /bak/cruft/${date}_updates.sql | |
| echo "mysql -unextcloud -p\$DB_PASSWORD nextcloud < /bak/cruft/${date}_dump.sql" | sudo tee -a /bak/cruft/${date}_revert | |
| while read uuid username; do | |
| sudo mv /srv/nextcloud/{$uuid,$username} | |
| echo "sudo mv /srv/nextcloud/{$uuid,$username}" | sudo tee -a /bak/cruft/${date}_revert | |
| done < /bak/cruft/${date}_map | |
| occ maintenance:mode --off | |
| # move flolder |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment