Introduce install script for CTS

2017-11-29 20:01:17 +01:00 · 2017-11-29 20:01:17 +01:00 · 9957096b83
commit 9957096b83
parent f3286c9222
8 changed files with 182 additions and 0 deletions
--- a/80-cts.sh
+++ b/80-cts.sh
@ -0,0 +1,65 @@
 #!/bin/bash
 SOURCE_DIR=$(realpath $(dirname "${0}"))
 # Install packages
 apt-get -y --no-install-recommends install build-essential libpq-dev python-dev python-virtualenv virtualenv zlib1g-dev
 # Clone CTS git repository
 git clone --depth 1 https://github.com/theirc/CTS /srv/cts
 # Install CTS python virtual environment
 virtualenv --no-site-packages --python=/usr/bin/python2.7 /srv/cts
 /srv/cts/bin/pip install -r /srv/cts/requirements/production.txt
 # Create database
 export CTS_PWD=$(head -c 18 /dev/urandom | base64)
 envsubst <${SOURCE_DIR}/cts/tmp/cts-createdb.sql >/tmp/cts-createdb.sql
 sudo -u postgres psql -f /tmp/cts-createdb.sql
 rm /tmp/cts-createdb.sql
 # Configure CTS
 export CTS_SECRET=$(head -c 26 /dev/urandom | base64)
 envsubst <${SOURCE_DIR}/cts/srv/cts/cts/settings/spotter.py >/srv/cts/cts/settings/spotter.py
 ln -s /srv/cts/lib/python2.7/site-packages/django/contrib/admin/static/admin /srv/cts/cts/static/admin
 ln -s /srv/cts/lib/python2.7/site-packages/django_extensions/static/django_extensions /srv/cts/cts/static/django_extensions
 ln -s /srv/cts/lib/python2.7/site-packages/django_tables2/static/django_tables2 /srv/cts/cts/static/django_tables2
 ln -s /srv/cts/lib/python2.7/site-packages/leaflet/static/leaflet /srv/cts/cts/static/leaflet
 ln -s /srv/cts/lib/python2.7/site-packages/rest_framework/static/rest_framework /srv/cts/cts/static/rest_framework
 ln -s /srv/cts/lib/python2.7/site-packages/rest_framework_swagger/static/rest_framework_swagger /srv/cts/cts/static/rest_framework_swagger
 ln -s /srv/cts/lib/python2.7/site-packages/selectable/static/selectable /srv/cts/cts/static/selectable
 ln -s /srv/cts/lib/python2.7/site-packages/session_security/static/session_security /srv/cts/cts/static/session_security
 # Set "production values" (increases performance) only if the DEBUG environment variable is not set
 if [ ${DEBUG:-0} -eq 0 ]; then
    sed -i 's/DEBUG = True/DEBUG = False/' /srv/cts/cts/settings/spotter.py
 fi
 # Populate database
 DJANGO_SETTINGS_MODULE=cts.settings.spotter /srv/cts/bin/python /srv/cts/manage.py migrate
 # Create admin account
 export CTS_ADMIN_EMAIL=admin@example.com
 export CTS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
 export CTS_ADMIN_HASH=$(cd /srv/cts && DJANGO_SETTINGS_MODULE=cts.settings.spotter /srv/cts/bin/python -c "from django.contrib.auth.hashers import make_password; print make_password('${CTS_ADMIN_PWD}')")
 export CTS_ADMIN_SECRET=$(head -c 12 /dev/urandom | sha256sum | cut -c1-13)
 envsubst <${SOURCE_DIR}/cts/tmp/cts-adminpwd.sql >/tmp/cts-adminpwd.sql
 sudo -u postgres psql -f /tmp/cts-adminpwd.sql cts
 rm /tmp/cts-adminpwd.sql
 # Create CTS OS user
 adduser --system --group --home /srv/cts --shell /bin/false cts
 chown -R cts:cts /srv/cts
 # Create uwsgi and nginx app definition
 cp ${SOURCE_DIR}/cts/etc/uwsgi/apps-available/cts.ini /etc/uwsgi/apps-available/cts.ini
 ln -s /etc/uwsgi/apps-available/cts.ini /etc/uwsgi/apps-enabled/cts.ini
 cp ${SOURCE_DIR}/cts/etc/nginx/sites-available/cts /etc/nginx/sites-available/cts
 ln -s /etc/nginx/sites-available/cts /etc/nginx/sites-enabled/cts
 # Restart services
 systemctl restart uwsgi
 systemctl restart nginx
 # Add portal application definition
 ${SOURCE_DIR}/basic/portal-app-manager.py cts "https://{host}:8004/" "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}"
--- a/basic/srv/portal/img/CTS.png
+++ b/basic/srv/portal/img/CTS.png
--- a/basic/srv/portal/index.html
+++ b/basic/srv/portal/index.html
@ -160,6 +160,15 @@
            </p>
        </div>
        <div class="c" id="cts">
            <h2><a href="#"><img src="img/CTS.png" alt="CTS" title="CTS">CTS</a></h2>
            <p>Logistika hmotné pomoci pro humanitární potřeby.</p>
            <ul>
                <li><strong>Login:</strong> <span class="login"></span></li>
                <li><strong>Heslo:</strong> <span class="password"></span></li>
            </ul>
        </div>
        <div class="c" id="diaspora">
            <h2><a href="#"><img src="img/Diaspora.png" alt="diaspora*" title="diaspora*">diaspora*</a></h2>
            <p>Autonomní sociání síť s možností propojení do cizích sociálních sítí.</p>
--- a/cts/etc/nginx/sites-available/cts
+++ b/cts/etc/nginx/sites-available/cts
@ -0,0 +1,43 @@
 server {
    listen 8004 ssl http2;
    root /srv/cts/cts;
    access_log /var/log/nginx/cts.access.log;
    error_log /var/log/nginx/cts.error.log;
    location /robots.txt {
        alias /srv/cts/cts/static/robots.txt;
    }
    location /media {
        alias /srv/cts/cts/media;
    }
    location /static {
        gzip on;
        alias /srv/cts/cts/static;
        expires max;
        add_header Cache-Control public;
        location /static/protected {
            return 401;
        }
    }
    location /protected {
        internal;
        root /srv/cts/cts/static;
    }
    error_page 502 503 504 /502.html;
    location /502.html {
        alias /srv/cts/cts/static/502.html;
    }
    location / {
        uwsgi_pass unix:///run/uwsgi/app/cts/socket;
        include uwsgi_params;
    }
 }
--- a/cts/etc/uwsgi/apps-available/cts.ini
+++ b/cts/etc/uwsgi/apps-available/cts.ini
@ -0,0 +1,8 @@
 [uwsgi]
 uid = cts
 gid = cts
 chown-socket = www-data:www-data
 chdir = /srv/cts
 home = /srv/cts
 module = cts.wsgi:application
 env = DJANGO_SETTINGS_MODULE=cts.settings.spotter
--- a/cts/srv/cts/cts/settings/spotter.py
+++ b/cts/srv/cts/cts/settings/spotter.py
@ -0,0 +1,46 @@
 import os
 import sys
 os.environ['ENVIRONMENT'] = 'dev'
 os.environ['INSTANCE'] = 'local'
 os.environ['PREFIX_URL'] = ''
 from cts.settings.base import *
 INSTANCE_NAME = 'Local'
 INSTANCES = [
    (INSTANCE_NAME, ''),
 ]
 DATABASES = {
    'default': {
        'ENGINE': 'django.contrib.gis.db.backends.postgis',
        'NAME': 'cts',
        'USER': 'cts',
        'PASSWORD': '${CTS_PWD}',
        'HOST': '',
        'PORT': '',
    }
 }
 SECRET_KEY = '${CTS_SECRET}'
 ADMINS = (
    ('Admin', 'admin@example.com'),
 )
 INTERNAL_IPS = ('127.0.0.1', )
 PUBLIC_ROOT = os.path.join(PROJECT_ROOT, 'public')
 SENDFILE_ROOT = os.path.join(PUBLIC_ROOT, 'static/protected')
 COMPRESS_ENABLED = False
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 SERVER_EMAIL = 'cts@spotter.ngo'
 CELERY_ALWAYS_EAGER = True
 CELERY_EAGER_PROPAGATES_EXCEPTIONS = True
 TIME_ZONE = 'Europe/Prague'
 LANGUAGE_CODE = 'cs'
 DEBUG = True
 TEMPLATE_DEBUG = DEBUG
--- a/cts/tmp/cts-adminpwd.sql
+++ b/cts/tmp/cts-adminpwd.sql
@ -0,0 +1 @@
 INSERT INTO accounts_ctsuser (id, password, last_login, is_superuser, name, email, is_staff, is_active, date_joined, mobile, code, skype, notes, role, referrer_id, city_id, colour, deviceid) VALUES (nextval('accounts_ctsuser_id_seq'), '${CTS_ADMIN_HASH}', now(), true, '${CTS_ADMIN_USER}', '${CTS_ADMIN_EMAIL}', true, true, now(), '', '${CTS_ADMIN_SECRET}', '', '', 'partner', NULL, NULL, '', '');
--- a/cts/tmp/cts-createdb.sql
+++ b/cts/tmp/cts-createdb.sql
@ -0,0 +1,10 @@
 CREATE ROLE cts NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN ENCRYPTED PASSWORD '${CTS_PWD}';
 CREATE DATABASE cts;
 REVOKE ALL ON DATABASE cts FROM public;
 ALTER DATABASE cts OWNER TO cts;
 \c cts;
 CREATE EXTENSION hstore;
 CREATE EXTENSION postgis;
 GRANT ALL ON geometry_columns TO cts;
 GRANT ALL ON spatial_ref_sys TO cts;
 GRANT ALL ON geography_columns TO cts;
		`@ -0,0 +1 @@`
							`INSERT INTO accounts_ctsuser (id, password, last_login, is_superuser, name, email, is_staff, is_active, date_joined, mobile, code, skype, notes, role, referrer_id, city_id, colour, deviceid) VALUES (nextval('accounts_ctsuser_id_seq'), '${CTS_ADMIN_HASH}', now(), true, '${CTS_ADMIN_USER}', '${CTS_ADMIN_EMAIL}', true, true, now(), '', '${CTS_ADMIN_SECRET}', '', '', 'partner', NULL, NULL, '', '');`