Steps for user migration from former guifi·net to networks.guifi.net
Prepare a fresh instance
Over an already existing installationation, open a shell and move to the web directory,
Remove styles
sudo rm -f sites/default/files/css/*
sudo rm rm -rf sites/default/files/js/
Initialize database
drush site:install --yes
Take the admin password just created, and login with the wen browser to the website.
Install migrate manifest module
composer require drupal/migrate_manifest
drush en migrate_manifest migrate_drupal migrate_drupal_ui
Create manifest
At the web root directory, create the file manifest.yml
# user
- d6_user
- d6_user_profile_field
- d6_user_profile_field_instance
- d6_user_profile_entity_display
- d6_user_profile_entity_form_display
- d6_profile_values:user
- d6_filter_format
- d6_user_role
- d6_user_picture_entity_display
- d6_user_picture_entity_form_display
- d6_user_picture_file
- d6_user_picture_field
- d6_user_picture_field_instance
Setup source database
At the settings.php, configure the source database. Note that at the source database must be configured to allow the remote connection through the appropriate permission grants.
$databases['migrate']['default'] = array(
'database' => 'guifi66',
'username' => 'username',
'password' => 'password',
'prefix' => '',
'host' => 'guifi.net',
'port' => '3306',
'namespace' => 'Drupal\Core\Database\Driver\mysql',
'driver' => 'mysql'
);
Execute user migration
drush migrate-manifest manifest.yml
Enable Basic Auth & Rest
drush en rest restui basic_auth
...and enable REST for file upload by going to the url: /admin/config/services/rest/resource/file:upload/edit
providing POST permissions with basic_auth and cookie
/admin/config/services/rest/resource/entity:user/edit
Providing PATCH permissions with basic_auth and cookie
Enable SSO with identitats.guifi.net (keycloak/OpenID)
Install the modules:
composer require drupal/keycloak drupal/openid_connect
drush en keycloak openid_connect -y
Configure SSO
At identitats.guifi.net (keycloak)
Setup de redirect URI for the openid-connect Client:
http://<my_host>/net/openid-connect/keycloak
At the drupal site:
Go to the configuration for OpenID-Connect:
https://network.guifi.net/admin/config/services/openid-connect
- Enable keycloak / identitats.guifi.net
- Specify the Client ID & Secret
- Keycloak base URL to https://identitats.guifi.net/auth
- Keycloak Realm to master
- Enable Update email address in user profile
- Enable user role mapping set to true
- Override registration settings set to true
- Save user claims on every login set to true
- OpenID buttons display in user login form set to Replace
- Automatically connect existing users set to true
eof