Introduce install script for CTS

2017-11-29 20:01:17 +01:00 · 2017-11-29 20:01:17 +01:00 · 9957096b83
commit 9957096b83
parent f3286c9222
8 changed files with 182 additions and 0 deletions
--- a/80-cts.sh
+++ b/80-cts.sh
@ -0,0 +1,65 @@
+#!/bin/bash
+
+SOURCE_DIR=$(realpath $(dirname "${0}"))
+
+# Install packages
+apt-get -y --no-install-recommends install build-essential libpq-dev python-dev python-virtualenv virtualenv zlib1g-dev
+
+# Clone CTS git repository
+git clone --depth 1 https://github.com/theirc/CTS /srv/cts
+
+# Install CTS python virtual environment
+virtualenv --no-site-packages --python=/usr/bin/python2.7 /srv/cts
+/srv/cts/bin/pip install -r /srv/cts/requirements/production.txt
+
+# Create database
+export CTS_PWD=$(head -c 18 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/cts/tmp/cts-createdb.sql >/tmp/cts-createdb.sql
+sudo -u postgres psql -f /tmp/cts-createdb.sql
+rm /tmp/cts-createdb.sql
+
+# Configure CTS
+export CTS_SECRET=$(head -c 26 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/cts/srv/cts/cts/settings/spotter.py >/srv/cts/cts/settings/spotter.py
+ln -s /srv/cts/lib/python2.7/site-packages/django/contrib/admin/static/admin /srv/cts/cts/static/admin
+ln -s /srv/cts/lib/python2.7/site-packages/django_extensions/static/django_extensions /srv/cts/cts/static/django_extensions
+ln -s /srv/cts/lib/python2.7/site-packages/django_tables2/static/django_tables2 /srv/cts/cts/static/django_tables2
+ln -s /srv/cts/lib/python2.7/site-packages/leaflet/static/leaflet /srv/cts/cts/static/leaflet
+ln -s /srv/cts/lib/python2.7/site-packages/rest_framework/static/rest_framework /srv/cts/cts/static/rest_framework
+ln -s /srv/cts/lib/python2.7/site-packages/rest_framework_swagger/static/rest_framework_swagger /srv/cts/cts/static/rest_framework_swagger
+ln -s /srv/cts/lib/python2.7/site-packages/selectable/static/selectable /srv/cts/cts/static/selectable
+ln -s /srv/cts/lib/python2.7/site-packages/session_security/static/session_security /srv/cts/cts/static/session_security
+
+# Set "production values" (increases performance) only if the DEBUG environment variable is not set
+if [ ${DEBUG:-0} -eq 0 ]; then
+    sed -i 's/DEBUG = True/DEBUG = False/' /srv/cts/cts/settings/spotter.py
+fi
+
+# Populate database
+DJANGO_SETTINGS_MODULE=cts.settings.spotter /srv/cts/bin/python /srv/cts/manage.py migrate
+
+# Create admin account
+export CTS_ADMIN_EMAIL=admin@example.com
+export CTS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
+export CTS_ADMIN_HASH=$(cd /srv/cts && DJANGO_SETTINGS_MODULE=cts.settings.spotter /srv/cts/bin/python -c "from django.contrib.auth.hashers import make_password; print make_password('${CTS_ADMIN_PWD}')")
+export CTS_ADMIN_SECRET=$(head -c 12 /dev/urandom | sha256sum | cut -c1-13)
+envsubst <${SOURCE_DIR}/cts/tmp/cts-adminpwd.sql >/tmp/cts-adminpwd.sql
+sudo -u postgres psql -f /tmp/cts-adminpwd.sql cts
+rm /tmp/cts-adminpwd.sql
+
+# Create CTS OS user
+adduser --system --group --home /srv/cts --shell /bin/false cts
+chown -R cts:cts /srv/cts
+
+# Create uwsgi and nginx app definition
+cp ${SOURCE_DIR}/cts/etc/uwsgi/apps-available/cts.ini /etc/uwsgi/apps-available/cts.ini
+ln -s /etc/uwsgi/apps-available/cts.ini /etc/uwsgi/apps-enabled/cts.ini
+cp ${SOURCE_DIR}/cts/etc/nginx/sites-available/cts /etc/nginx/sites-available/cts
+ln -s /etc/nginx/sites-available/cts /etc/nginx/sites-enabled/cts
+
+# Restart services
+systemctl restart uwsgi
+systemctl restart nginx
+
+# Add portal application definition
+${SOURCE_DIR}/basic/portal-app-manager.py cts "https://{host}:8004/" "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}"
--- a/basic/srv/portal/img/CTS.png
+++ b/basic/srv/portal/img/CTS.png
--- a/basic/srv/portal/index.html
+++ b/basic/srv/portal/index.html
@ -160,6 +160,15 @@
            </p>
        </div>

+        <div class="c" id="cts">
+            <h2><a href="#"><img src="img/CTS.png" alt="CTS" title="CTS">CTS</a></h2>
+            <p>Logistika hmotné pomoci pro humanitární potřeby.</p>
+            <ul>
+                <li><strong>Login:</strong> <span class="login"></span></li>
+                <li><strong>Heslo:</strong> <span class="password"></span></li>
+            </ul>
+        </div>
+
        <div class="c" id="diaspora">
            <h2><a href="#"><img src="img/Diaspora.png" alt="diaspora*" title="diaspora*">diaspora*</a></h2>
            <p>Autonomní sociání síť s možností propojení do cizích sociálních sítí.</p>
--- a/cts/etc/nginx/sites-available/cts
+++ b/cts/etc/nginx/sites-available/cts
@ -0,0 +1,43 @@
+server {
+    listen 8004 ssl http2;
+
+    root /srv/cts/cts;
+
+    access_log /var/log/nginx/cts.access.log;
+    error_log /var/log/nginx/cts.error.log;
+
+    location /robots.txt {
+        alias /srv/cts/cts/static/robots.txt;
+    }
+
+    location /media {
+        alias /srv/cts/cts/media;
+    }
+
+    location /static {
+        gzip on;
+        alias /srv/cts/cts/static;
+        expires max;
+        add_header Cache-Control public;
+
+        location /static/protected {
+            return 401;
+        }
+    }
+
+    location /protected {
+        internal;
+        root /srv/cts/cts/static;
+    }
+
+    error_page 502 503 504 /502.html;
+
+    location /502.html {
+        alias /srv/cts/cts/static/502.html;
+    }
+
+    location / {
+        uwsgi_pass unix:///run/uwsgi/app/cts/socket;
+        include uwsgi_params;
+    }
+}
--- a/cts/etc/uwsgi/apps-available/cts.ini
+++ b/cts/etc/uwsgi/apps-available/cts.ini
@ -0,0 +1,8 @@
+[uwsgi]
+uid = cts
+gid = cts
+chown-socket = www-data:www-data
+chdir = /srv/cts
+home = /srv/cts
+module = cts.wsgi:application
+env = DJANGO_SETTINGS_MODULE=cts.settings.spotter
--- a/cts/srv/cts/cts/settings/spotter.py
+++ b/cts/srv/cts/cts/settings/spotter.py
@ -0,0 +1,46 @@
+import os
+import sys
+
+os.environ['ENVIRONMENT'] = 'dev'
+os.environ['INSTANCE'] = 'local'
+os.environ['PREFIX_URL'] = ''
+
+from cts.settings.base import *
+
+INSTANCE_NAME = 'Local'
+INSTANCES = [
+    (INSTANCE_NAME, ''),
+]
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.contrib.gis.db.backends.postgis',
+        'NAME': 'cts',
+        'USER': 'cts',
+        'PASSWORD': '${CTS_PWD}',
+        'HOST': '',
+        'PORT': '',
+    }
+}
+SECRET_KEY = '${CTS_SECRET}'
+
+ADMINS = (
+    ('Admin', 'admin@example.com'),
+)
+
+INTERNAL_IPS = ('127.0.0.1', )
+PUBLIC_ROOT = os.path.join(PROJECT_ROOT, 'public')
+SENDFILE_ROOT = os.path.join(PUBLIC_ROOT, 'static/protected')
+COMPRESS_ENABLED = False
+
+EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+SERVER_EMAIL = 'cts@spotter.ngo'
+
+CELERY_ALWAYS_EAGER = True
+CELERY_EAGER_PROPAGATES_EXCEPTIONS = True
+
+TIME_ZONE = 'Europe/Prague'
+LANGUAGE_CODE = 'cs'
+
+DEBUG = True
+TEMPLATE_DEBUG = DEBUG
--- a/cts/tmp/cts-adminpwd.sql
+++ b/cts/tmp/cts-adminpwd.sql
@ -0,0 +1 @@
+INSERT INTO accounts_ctsuser (id, password, last_login, is_superuser, name, email, is_staff, is_active, date_joined, mobile, code, skype, notes, role, referrer_id, city_id, colour, deviceid) VALUES (nextval('accounts_ctsuser_id_seq'), '${CTS_ADMIN_HASH}', now(), true, '${CTS_ADMIN_USER}', '${CTS_ADMIN_EMAIL}', true, true, now(), '', '${CTS_ADMIN_SECRET}', '', '', 'partner', NULL, NULL, '', '');
--- a/cts/tmp/cts-createdb.sql
+++ b/cts/tmp/cts-createdb.sql
@ -0,0 +1,10 @@
+CREATE ROLE cts NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN ENCRYPTED PASSWORD '${CTS_PWD}';
+CREATE DATABASE cts;
+REVOKE ALL ON DATABASE cts FROM public;
+ALTER DATABASE cts OWNER TO cts;
+\c cts;
+CREATE EXTENSION hstore;
+CREATE EXTENSION postgis;
+GRANT ALL ON geometry_columns TO cts;
+GRANT ALL ON spatial_ref_sys TO cts;
+GRANT ALL ON geography_columns TO cts;
				`@ -0,0 +1 @@`
				`INSERT INTO accounts_ctsuser (id, password, last_login, is_superuser, name, email, is_staff, is_active, date_joined, mobile, code, skype, notes, role, referrer_id, city_id, colour, deviceid) VALUES (nextval('accounts_ctsuser_id_seq'), '${CTS_ADMIN_HASH}', now(), true, '${CTS_ADMIN_USER}', '${CTS_ADMIN_EMAIL}', true, true, now(), '', '${CTS_ADMIN_SECRET}', '', '', 'partner', NULL, NULL, '', '');`