Merge pull request #147 from bashclub/dev

Release
2026-04-18 14:56:06 +00:00 · 2026-04-09 18:04:02 +02:00
parent 639e8d6978 d3060354f9
commit b849b541a1
85 changed files with 1165 additions and 1347 deletions
--- a/scripts/check_zambaconfonpve_trmm.sh
+++ b/scripts/check_zambaconfonpve_trmm.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+export LC_ALL=C
+ZAMBA_CONF="/root/zamba-lxc-toolbox/conf/zamba.conf"
+
+if [[ -f "$ZAMBA_CONF" ]]; then
+    # Prüfen, ob die Datei älter als 3 Tage ist
+    if find "$ZAMBA_CONF" -mtime +3 >/dev/null 2>&1; then
+        echo "⚠️ zamba.conf ist älter als 3 Tage – Datei wird gelöscht: $ZAMBA_CONF"
+        rm -f "$ZAMBA_CONF"
+        exit 0
+    else
+        echo "❌ Problem: zamba.conf ist vorhanden und jünger als 3 Tage: $ZAMBA_CONF"
+        exit 2
+    fi
+else
+    echo "✅ OK: zamba.conf ist nicht vorhanden"
+    exit 0
+fi
--- a/scripts/create-service-account
+++ b/scripts/create-service-account
@@ -36,7 +36,7 @@ ldbmodify -H /var/lib/samba/private/sam.ldb <<EOF
 dn: $DN
 changetype: modify
 replace: userWorkstations
-userWorkstations: NONE
+userWorkstations: "NOWORKSTATION"
 EOF

 echo
--- a/scripts/nextcloud-for-mailcow-dockerized.conf
+++ b/scripts/nextcloud-for-mailcow-dockerized.conf
@@ -0,0 +1,44 @@
+server {
+    listen 80;
+    listen [::]:80;
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    server_name cloud.domain.tld;
+
+    ssl_certificate     /etc/ssl/mail/cert.pem;
+    ssl_certificate_key /etc/ssl/mail/key.pem;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    # HTTP → HTTPS
+    if ($scheme = http) {
+        return 301 https://$host$request_uri;
+    }
+
+    location / {
+        proxy_pass https://cloud.domain.tld;
+
+        # Hostname & Forwarded-Header sauber durchreichen
+        proxy_set_header Host 192.168.178.253;        # explizit der Upstream-Name
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto https;  # TLS endet hier
+        proxy_set_header X-Forwarded-Host $host;   # also cloud.domain.tld
+        proxy_set_header X-Forwarded-Port 443;
+        proxy_set_header Forwarded "for=$remote_addr;proto=https;host=$host";
+        proxy_set_header Referrer-Policy "no-referrer";
+
+        proxy_connect_timeout 600;
+        proxy_send_timeout 600;
+        proxy_read_timeout 600;
+        send_timeout 600;
+        client_max_body_size 10G;
+    }
+
+    # CalDAV/CardDAV Redirects
+    location /.well-known/carddav { return 301 https://$host/remote.php/dav; }
+    location /.well-known/caldav { return 301 https://$host/remote.php/dav; }
+}