From a924a2dd2656838018de199538a96851fcdd9c92 Mon Sep 17 00:00:00 2001 From: Disassembler Date: Fri, 9 Feb 2018 19:20:32 +0100 Subject: [PATCH] Create vanilla Sahana Demo installation script --- sahana-demo.sh | 41 +++ sahana-demo/createdb.sql | 8 + sahana-demo/etc/init.d/sahana-demo | 29 ++ sahana-demo/etc/nginx/conf.d/sahana-demo.conf | 11 + sahana-demo/masterUsers.csv | 2 + .../srv/sahana-demo/conf/000_config.py | 261 ++++++++++++++++++ sahana-demo/srv/sahana-demo/update-ip.sh | 4 + 7 files changed, 356 insertions(+) create mode 100755 sahana-demo.sh create mode 100644 sahana-demo/createdb.sql create mode 100755 sahana-demo/etc/init.d/sahana-demo create mode 100644 sahana-demo/etc/nginx/conf.d/sahana-demo.conf create mode 100644 sahana-demo/masterUsers.csv create mode 100644 sahana-demo/srv/sahana-demo/conf/000_config.py create mode 100755 sahana-demo/srv/sahana-demo/update-ip.sh diff --git a/sahana-demo.sh b/sahana-demo.sh new file mode 100755 index 0000000..3ed8b3a --- /dev/null +++ b/sahana-demo.sh @@ -0,0 +1,41 @@ +#!/bin/sh + +SOURCE_DIR=$(realpath $(dirname "${0}"))/sahana-demo + +# Check prerequisites +docker image ls | grep -q postfix || $(realpath $(dirname "${0}"))/postfix.sh +docker image ls | grep -q postgres || $(realpath $(dirname "${0}"))/postgres.sh +docker image ls | grep -q sahana || docker build -t sahana $(realpath $(dirname "${0}"))/sahana + +# Create PostgreSQL user and database +export SAHANADEMO_PWD=$(head -c 18 /dev/urandom | base64) +envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i postgres psql + +# Prepare persistent directory structure +mkdir -p /srv/sahana-demo/conf /srv/sahana-demo/data/databases /srv/sahana-demo/data/uploads +chown -R 8001:8001 /srv/sahana-demo/conf /srv/sahana-demo/data +docker run --rm -v /srv/sahana-demo/conf:/mnt/conf sahana cp -rp /srv/web2py/applications/eden/models/. /mnt/conf + +# Configure Sahana +export SAHANADEMO_HMAC=$(head -c 18 /dev/urandom | base64) +envsubst <${SOURCE_DIR}/srv/sahana-demo/conf/000_config.py >/srv/sahana-demo/conf/000_config.py +cp ${SOURCE_DIR}/srv/sahana-demo/update-ip.sh /srv/sahana-demo/update-ip.sh +export SAHANADEMO_ADMIN_USER=admin@example.com +export SAHANADEMO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) +envsubst <${SOURCE_DIR}/masterUsers.csv >/tmp/masterUsers.csv + +# Populate database +docker run --rm -h sahana-demo --link postgres -v /srv/sahana-demo/conf:/srv/web2py/applications/eden/models -v /srv/sahana-demo/data/Spotter:/srv/web2py/applications/eden/modules/templates/Spotter -v /srv/sahana-demo/data/databases:/srv/web2py/applications/eden/databases -v /tmp/masterUsers.csv:/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv sahana ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py +rm /tmp/masterUsers.csv + +# Create Sahana service +cp ${SOURCE_DIR}/etc/init.d/sahana-demo /etc/init.d/sahana-demo +rc-update add sahana-demo +service sahana-demo start + +# Create nginx app definition +cp ${SOURCE_DIR}/etc/nginx/conf.d/sahana-demo.conf /etc/nginx/conf.d/sahana-demo.conf +service nginx reload + +# Add portal application definition +portal-app-manager sahana-eden-demo "https://{host}:8498/eden/" "${SAHANADEMO_ADMIN_USER}" "${SAHANADEMO_ADMIN_PWD}" diff --git a/sahana-demo/createdb.sql b/sahana-demo/createdb.sql new file mode 100644 index 0000000..5437dbf --- /dev/null +++ b/sahana-demo/createdb.sql @@ -0,0 +1,8 @@ +CREATE ROLE sahanademo NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN ENCRYPTED PASSWORD '${SAHANADEMO_PWD}'; +CREATE DATABASE sahanademo; +REVOKE ALL ON DATABASE sahanademo FROM public; +ALTER DATABASE sahanademo OWNER TO sahanademo; +\c sahanademo; +CREATE EXTENSION postgis; +GRANT ALL ON geometry_columns TO sahanademo; +GRANT ALL ON spatial_ref_sys TO sahanademo; diff --git a/sahana-demo/etc/init.d/sahana-demo b/sahana-demo/etc/init.d/sahana-demo new file mode 100755 index 0000000..4f53064 --- /dev/null +++ b/sahana-demo/etc/init.d/sahana-demo @@ -0,0 +1,29 @@ +#!/sbin/openrc-run + +description="Sahana Eden Development docker container" + +depend() { + need docker net postgres + use dns logger netmount postfix +} + +start_pre() { + /srv/sahana-demo/update-ip.sh +} + +start() { + /usr/bin/docker run -d --rm \ + --name sahana-demo \ + -h sahana-demo \ + --link postfix \ + --link postgres \ + -p 127.0.0.1:8098:8001 \ + -v /srv/sahana-demo/conf:/srv/web2py/applications/eden/models \ + -v /srv/sahana-demo/data/databases:/srv/web2py/applications/eden/databases \ + -v /srv/sahana-demo/data/uploads:/srv/web2py/applications/eden/uploads \ + sahana +} + +stop() { + /usr/bin/docker stop sahana-demo +} diff --git a/sahana-demo/etc/nginx/conf.d/sahana-demo.conf b/sahana-demo/etc/nginx/conf.d/sahana-demo.conf new file mode 100644 index 0000000..d96d4c4 --- /dev/null +++ b/sahana-demo/etc/nginx/conf.d/sahana-demo.conf @@ -0,0 +1,11 @@ +server { + listen [::]:8898 ipv6only=off; + listen [::]:8498 ssl http2 ipv6only=off; + + access_log /var/log/nginx/sahana-demo.access.log; + error_log /var/log/nginx/sahana-demo.error.log; + + location / { + proxy_pass http://127.0.0.1:8098; + } +} diff --git a/sahana-demo/masterUsers.csv b/sahana-demo/masterUsers.csv new file mode 100644 index 0000000..2deba24 --- /dev/null +++ b/sahana-demo/masterUsers.csv @@ -0,0 +1,2 @@ +First Name,Last Name,Email,Password,Role,Organisation +Admin,User,${SAHANADEMO_ADMIN_USER},${SAHANADEMO_ADMIN_PWD},ADMIN, diff --git a/sahana-demo/srv/sahana-demo/conf/000_config.py b/sahana-demo/srv/sahana-demo/conf/000_config.py new file mode 100644 index 0000000..0d661c1 --- /dev/null +++ b/sahana-demo/srv/sahana-demo/conf/000_config.py @@ -0,0 +1,261 @@ +# -*- coding: utf-8 -*- + +""" + Machine-specific settings + All settings which are typically edited for a specific machine should be done here + + Deployers should ideally not need to edit any other files outside of their template folder + + Note for Developers: + /models/000_config.py is NOT in the Git repository, to avoid leaking of + sensitive or irrelevant information into the repository. + For changes to be committed, please also edit: + modules/templates/000_config.py +""" + +# Remove this line when you have edited this file sufficiently to proceed to the web interface +FINISHED_EDITING_CONFIG_FILE = True + +# Select the Template +# - which Modules are enabled +# - PrePopulate data +# - Security Policy +# - Workflows +# - Theme +# - note that you should restart your web2py after changing this setting +settings.base.template = "default" + +# Database settings +# Uncomment to use a different database, other than sqlite +settings.database.db_type = "postgres" +#settings.database.db_type = "mysql" +# Uncomment to use a different host +settings.database.host = "postgres" +# Uncomment to use a different port +#settings.database.port = 3306 +#settings.database.port = 5432 +# Uncomment to select a different name for your database +settings.database.database = "sahanademo" +# Uncomment to select a different username for your database +settings.database.username = "sahanademo" +# Uncomment to set the password +# NB Web2Py doesn't like passwords with an @ in them +settings.database.password = "${SAHANADEMO_PWD}" +# Uncomment to use a different pool size +#settings.database.pool_size = 30 +# Do we have a spatial DB available? (currently supports PostGIS. Spatialite to come.) +settings.gis.spatialdb = True + +# Base settings +#settings.base.system_name = T("Sahana Eden Humanitarian Management Platform") +#settings.base.system_name_short = T("Sahana Eden") +# Set this to the Public URL of the instance +settings.base.public_url = "http://127.0.0.1" + +# Switch to "False" in Production for a Performance gain +# (need to set to "True" again when Table definitions are changed) +settings.base.migrate = True +# To just create the .table files (also requires migrate=True): +#settings.base.fake_migrate = True + +# Set this to True to switch to Debug mode +# Debug mode means that uncompressed CSS/JS files are loaded +# JS Debug messages are also available in the Console +# can also load an individual page in debug mode by appending URL with +# ?debug=1 +settings.base.debug = True + +# Uncomment this to prevent automated test runs from remote +# settings.base.allow_testing = False + +# Configure the log level ("DEBUG", "INFO", "WARNING", "ERROR" or "CRITICAL"), None = turn off logging +#settings.log.level = "WARNING" +# Uncomment to prevent writing log messages to the console (sys.stderr) +#settings.log.console = False +# Configure a log file (file name) +#settings.log.logfile = None +# Uncomment to get detailed caller information +#settings.log.caller_info = True + +# Uncomment to use Content Delivery Networks to speed up Internet-facing sites +#settings.base.cdn = True + +# Allow language files to be updated automatically +#settings.L10n.languages_readonly = False + +# This setting should be changed _before_ registering the 1st user +# - should happen automatically if installing using supported scripts +settings.auth.hmac_key = "${SAHANADEMO_HMAC}" + +# Minimum Password Length +#settings.auth.password_min_length = 8 + +# Email settings +# Outbound server +settings.mail.server = "postfix:25" +#settings.mail.tls = True +# Useful for Windows Laptops: +# https://www.google.com/settings/security/lesssecureapps +#settings.mail.server = "smtp.gmail.com:587" +#settings.mail.tls = True +#settings.mail.login = "username:password" +# From Address - until this is set, no mails can be sent +settings.mail.sender = "'Sahana' " +# Default email address to which requests to approve new user accounts gets sent +# This can be overridden for specific domains/organisations via the auth_domain table +#settings.mail.approver = "useradmin@example.org" +# Daily Limit on Sending of emails +#settings.mail.limit = 1000 + +# Frontpage settings +# RSS feeds +settings.frontpage.rss = [ + {"title": "Eden", + # Trac timeline + "url": "http://eden.sahanafoundation.org/timeline?ticket=on&changeset=on&milestone=on&wiki=on&max=50&daysback=90&format=rss" + }, + {"title": "Twitter", + # @SahanaFOSS + #"url": "https://search.twitter.com/search.rss?q=from%3ASahanaFOSS" # API v1 deprecated, so doesn't work, need to use 3rd-party service, like: + "url": "http://www.rssitfor.me/getrss?name=@SahanaFOSS" + # Hashtag + #url: "http://search.twitter.com/search.atom?q=%23eqnz" # API v1 deprecated, so doesn't work, need to use 3rd-party service, like: + #url: "http://api2.socialmention.com/search?q=%23eqnz&t=all&f=rss" + } +] + +# Uncomment to restrict to specific country/countries +#settings.gis.countries= ("LK",) + +# Uncomment to enable a guided tour +#settings.base.guided_tour = True + +# Instance Name - for management scripts +#settings.base.instance_name = "test" + +# Bing API Key (for Map layers) +# http://www.microsoft.com/maps/create-a-bing-maps-key.aspx +#settings.gis.api_bing = "" +# Google API Key (for Google Maps Layers) +#settings.gis.api_google = "" +# Yahoo API Key (for Geocoder) +#settings.gis.api_yahoo = "" + +# GeoNames username +#settings.gis.geonames_username = "" + +# Fill this in to get Google Analytics for your site +#settings.base.google_analytics_tracking_id = "" + +# Chat server, see: http://eden.sahanafoundation.org/wiki/InstallationGuidelines/Chat +#settings.base.chat_server = { +# "ip": "127.0.0.1", +# "port": 7070, +# "name": "servername", +# # Default group everyone is added to +# "groupname" : "everyone", +# "server_db" : "openfire", +# # These settings fallback to main DB settings if not specified +# # Only mysql/postgres supported +# #"server_db_type" : "mysql", +# #"server_db_username" : "", +# #"server_db_password": "", +# #"server_db_port" : 3306, +# #"server_db_ip" : "127.0.0.1", +# } + +# GeoServer (Currently used by GeoExplorer. Will allow REST control of GeoServer.) +# NB Needs to be publically-accessible URL for querying via client JS +#settings.gis.geoserver_url = "http://localhost/geoserver" +#settings.gis.geoserver_username = "admin" +#settings.gis.geoserver_password = "" +# Print Service URL: http://eden.sahanafoundation.org/wiki/BluePrintGISPrinting +#settings.gis.print_service = "/geoserver/pdf/" + +# Google OAuth (to allow users to login using Google) +# https://code.google.com/apis/console/ +#settings.auth.google_id = "" +#settings.auth.google_secret = "" + +# Pootle server +# settings.L10n.pootle_url = "http://pootle.sahanafoundation.org/" +# settings.L10n.pootle_username = "username" +# settings.L10n.pootle_password = "*****" + +# SOLR server for Full-Text Search +#settings.base.solr_url = "http://127.0.0.1:8983/solr/" + +# Memcache server to allow sharing of sessions across instances +#settings.base.session_memcache = '127.0.0.1:11211' + +settings.base.session_db = True + +# UI options +# Should user be prompted to save before navigating away? +#settings.ui.navigate_away_confirm = False +# Should user be prompted to confirm actions? +#settings.ui.confirm = False +# Should potentially large dropdowns be turned into autocompletes? +# (unused currently) +#settings.ui.autocomplete = True +#settings.ui.read_label = "Details" +#settings.ui.update_label = "Edit" + +# Audit settings +# - can be a callable for custom hooks (return True to also perform normal logging, or False otherwise) +# NB Auditing (especially Reads) slows system down & consumes diskspace +#settings.security.audit_write = False +#settings.security.audit_read = False + +# Performance Options +# Maximum number of search results for an Autocomplete Widget +#settings.search.max_results = 200 +# Maximum number of features for a Map Layer +#settings.gis.max_features = 1000 + +# CAP Settings +# Change for different authority and organisations +# See http://alerting.worldweather.org/ for oid +# Country root oid. The oid for the organisation includes this base +#settings.cap.identifier_oid = "2.49.0.0.608.0" +# Change this for the offset period in days that the alert will be effective for +# Expire Date = Effective Date + expire_offset +# Default is 2 days +#settings.cap.expire_offset = 2 + +# ============================================================================= +# Import the settings from the Template +# - note: invalid settings are ignored +# +settings.import_template() + +# ============================================================================= +# Over-rides to the Template may be done here +# + +# e.g. +#settings.base.system_name = T("Sahana TEST") +#settings.base.prepopulate = ("MY_TEMPLATE_ONLY") +settings.base.prepopulate += ("default", "default/users") +#settings.base.theme = "default" +#settings.L10n.default_language = "en" +#settings.security.policy = 7 # Organisation-ACLs +# Enable Additional Module(s) +#settings.modules["delphi"] = Storage( +# name_nice = T("Delphi Decision Maker"), +# restricted = False, +# module_type = 10, +# ) +# Disable a module which is normally used by the template +# - NB Only templates with adaptive menus will work nicely with this! +#del settings.modules["irs"] + +# After 1st_run, set this for Production to save 1x DAL hit/request +#settings.base.prepopulate = 0 + +# ============================================================================= +# A version number to tell update_check if there is a need to refresh the +# running copy of this file +VERSION = 1 + +# END ========================================================================= diff --git a/sahana-demo/srv/sahana-demo/update-ip.sh b/sahana-demo/srv/sahana-demo/update-ip.sh new file mode 100755 index 0000000..84987f3 --- /dev/null +++ b/sahana-demo/srv/sahana-demo/update-ip.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +URL=$(ip route get 1 | awk '{print $NF;exit}') +sed -i "s|^settings\.base\.public_url.*|settings.base.public_url = \"https://${URL}:8498\"|" /srv/sahana-demo/conf/000_config.py