Create vanilla Sahana Demo installation script

sahana-demo.sh

@@ -0,0 +1,41 @@
+#!/bin/sh
+
+SOURCE_DIR=$(realpath $(dirname "${0}"))/sahana-demo
+
+# Check prerequisites
+docker image ls | grep -q postfix || $(realpath $(dirname "${0}"))/postfix.sh
+docker image ls | grep -q postgres || $(realpath $(dirname "${0}"))/postgres.sh
+docker image ls | grep -q sahana || docker build -t sahana $(realpath $(dirname "${0}"))/sahana
+
+# Create PostgreSQL user and database
+export SAHANADEMO_PWD=$(head -c 18 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/createdb.sql | docker exec -i postgres psql
+
+# Prepare persistent directory structure
+mkdir -p /srv/sahana-demo/conf /srv/sahana-demo/data/databases /srv/sahana-demo/data/uploads
+chown -R 8001:8001 /srv/sahana-demo/conf /srv/sahana-demo/data
+docker run --rm -v /srv/sahana-demo/conf:/mnt/conf sahana cp -rp /srv/web2py/applications/eden/models/. /mnt/conf
+
+# Configure Sahana
+export SAHANADEMO_HMAC=$(head -c 18 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/srv/sahana-demo/conf/000_config.py >/srv/sahana-demo/conf/000_config.py
+cp ${SOURCE_DIR}/srv/sahana-demo/update-ip.sh /srv/sahana-demo/update-ip.sh
+export SAHANADEMO_ADMIN_USER=admin@example.com
+export SAHANADEMO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/masterUsers.csv >/tmp/masterUsers.csv
+
+# Populate database
+docker run --rm -h sahana-demo --link postgres -v /srv/sahana-demo/conf:/srv/web2py/applications/eden/models -v /srv/sahana-demo/data/Spotter:/srv/web2py/applications/eden/modules/templates/Spotter -v /srv/sahana-demo/data/databases:/srv/web2py/applications/eden/databases -v /tmp/masterUsers.csv:/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv sahana ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py
+rm /tmp/masterUsers.csv
+
+# Create Sahana service
+cp ${SOURCE_DIR}/etc/init.d/sahana-demo /etc/init.d/sahana-demo
+rc-update add sahana-demo
+service sahana-demo start
+
+# Create nginx app definition
+cp ${SOURCE_DIR}/etc/nginx/conf.d/sahana-demo.conf /etc/nginx/conf.d/sahana-demo.conf
+service nginx reload
+
+# Add portal application definition
+portal-app-manager sahana-eden-demo "https://{host}:8498/eden/" "${SAHANADEMO_ADMIN_USER}" "${SAHANADEMO_ADMIN_PWD}"

sahana-demo/createdb.sql

@@ -0,0 +1,8 @@
+CREATE ROLE sahanademo NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN ENCRYPTED PASSWORD '${SAHANADEMO_PWD}';
+CREATE DATABASE sahanademo;
+REVOKE ALL ON DATABASE sahanademo FROM public;
+ALTER DATABASE sahanademo OWNER TO sahanademo;
+\c sahanademo;
+CREATE EXTENSION postgis;
+GRANT ALL ON geometry_columns TO sahanademo;
+GRANT ALL ON spatial_ref_sys TO sahanademo;

sahana-demo/etc/init.d/sahana-demo

@@ -0,0 +1,29 @@
+#!/sbin/openrc-run
+
+description="Sahana Eden Development docker container"
+
+depend() {
+	need docker net postgres
+	use dns logger netmount postfix
+}
+
+start_pre() {
+	/srv/sahana-demo/update-ip.sh
+}
+
+start() {
+	/usr/bin/docker run -d --rm \
+	--name sahana-demo \
+	-h sahana-demo \
+	--link postfix \
+	--link postgres \
+	-p 127.0.0.1:8098:8001 \
+	-v /srv/sahana-demo/conf:/srv/web2py/applications/eden/models \
+	-v /srv/sahana-demo/data/databases:/srv/web2py/applications/eden/databases \
+	-v /srv/sahana-demo/data/uploads:/srv/web2py/applications/eden/uploads \
+	sahana
+}
+
+stop() {
+	/usr/bin/docker stop sahana-demo
+}

sahana-demo/etc/nginx/conf.d/sahana-demo.conf

@@ -0,0 +1,11 @@
+server {
+    listen [::]:8898 ipv6only=off;
+    listen [::]:8498 ssl http2 ipv6only=off;
+
+    access_log /var/log/nginx/sahana-demo.access.log;
+    error_log /var/log/nginx/sahana-demo.error.log;
+
+    location / {
+        proxy_pass http://127.0.0.1:8098;
+    }
+}

sahana-demo/masterUsers.csv

@@ -0,0 +1,2 @@
+First Name,Last Name,Email,Password,Role,Organisation
+Admin,User,${SAHANADEMO_ADMIN_USER},${SAHANADEMO_ADMIN_PWD},ADMIN,

sahana-demo/srv/sahana-demo/conf/000_config.py

@@ -0,0 +1,261 @@
+# -*- coding: utf-8 -*-
+
+"""
+    Machine-specific settings
+    All settings which are typically edited for a specific machine should be done here
+
+    Deployers should ideally not need to edit any other files outside of their template folder
+
+    Note for Developers:
+        /models/000_config.py is NOT in the Git repository, to avoid leaking of
+        sensitive or irrelevant information into the repository.
+    For changes to be committed, please also edit:
+        modules/templates/000_config.py
+"""
+
+# Remove this line when you have edited this file sufficiently to proceed to the web interface
+FINISHED_EDITING_CONFIG_FILE = True
+
+# Select the Template
+# - which Modules are enabled
+# - PrePopulate data
+# - Security Policy
+# - Workflows
+# - Theme
+# - note that you should restart your web2py after changing this setting
+settings.base.template = "default"
+
+# Database settings
+# Uncomment to use a different database, other than sqlite
+settings.database.db_type = "postgres"
+#settings.database.db_type = "mysql"
+# Uncomment to use a different host
+settings.database.host = "postgres"
+# Uncomment to use a different port
+#settings.database.port = 3306
+#settings.database.port = 5432
+# Uncomment to select a different name for your database
+settings.database.database = "sahanademo"
+# Uncomment to select a different username for your database
+settings.database.username = "sahanademo"
+# Uncomment to set the password
+# NB Web2Py doesn't like passwords with an @ in them
+settings.database.password = "${SAHANADEMO_PWD}"
+# Uncomment to use a different pool size
+#settings.database.pool_size = 30
+# Do we have a spatial DB available? (currently supports PostGIS. Spatialite to come.)
+settings.gis.spatialdb = True
+
+# Base settings
+#settings.base.system_name = T("Sahana Eden Humanitarian Management Platform")
+#settings.base.system_name_short = T("Sahana Eden")
+# Set this to the Public URL of the instance
+settings.base.public_url = "http://127.0.0.1"
+
+# Switch to "False" in Production for a Performance gain
+# (need to set to "True" again when Table definitions are changed)
+settings.base.migrate = True
+# To just create the .table files (also requires migrate=True):
+#settings.base.fake_migrate = True
+
+# Set this to True to switch to Debug mode
+# Debug mode means that uncompressed CSS/JS files are loaded
+# JS Debug messages are also available in the Console
+# can also load an individual page in debug mode by appending URL with
+# ?debug=1
+settings.base.debug = True
+
+# Uncomment this to prevent automated test runs from remote
+# settings.base.allow_testing = False
+
+# Configure the log level ("DEBUG", "INFO", "WARNING", "ERROR" or "CRITICAL"), None = turn off logging
+#settings.log.level = "WARNING"
+# Uncomment to prevent writing log messages to the console (sys.stderr)
+#settings.log.console = False
+# Configure a log file (file name)
+#settings.log.logfile = None
+# Uncomment to get detailed caller information
+#settings.log.caller_info = True
+
+# Uncomment to use Content Delivery Networks to speed up Internet-facing sites
+#settings.base.cdn = True
+
+# Allow language files to be updated automatically
+#settings.L10n.languages_readonly = False
+
+# This setting should be changed _before_ registering the 1st user
+# - should happen automatically if installing using supported scripts
+settings.auth.hmac_key = "${SAHANADEMO_HMAC}"
+
+# Minimum Password Length
+#settings.auth.password_min_length = 8
+
+# Email settings
+# Outbound server
+settings.mail.server = "postfix:25"
+#settings.mail.tls = True
+# Useful for Windows Laptops:
+# https://www.google.com/settings/security/lesssecureapps
+#settings.mail.server = "smtp.gmail.com:587"
+#settings.mail.tls = True
+#settings.mail.login = "username:password"
+# From Address - until this is set, no mails can be sent
+settings.mail.sender = "'Sahana' <sahanademo@spotter.ngo>"
+# Default email address to which requests to approve new user accounts gets sent
+# This can be overridden for specific domains/organisations via the auth_domain table
+#settings.mail.approver = "useradmin@example.org"
+# Daily Limit on Sending of emails
+#settings.mail.limit = 1000
+
+# Frontpage settings
+# RSS feeds
+settings.frontpage.rss = [
+    {"title": "Eden",
+     # Trac timeline
+     "url": "http://eden.sahanafoundation.org/timeline?ticket=on&changeset=on&milestone=on&wiki=on&max=50&daysback=90&format=rss"
+    },
+    {"title": "Twitter",
+     # @SahanaFOSS
+     #"url": "https://search.twitter.com/search.rss?q=from%3ASahanaFOSS" # API v1 deprecated, so doesn't work, need to use 3rd-party service, like:
+     "url": "http://www.rssitfor.me/getrss?name=@SahanaFOSS"
+     # Hashtag
+     #url: "http://search.twitter.com/search.atom?q=%23eqnz" # API v1 deprecated, so doesn't work, need to use 3rd-party service, like:
+     #url: "http://api2.socialmention.com/search?q=%23eqnz&t=all&f=rss"
+    }
+]
+
+# Uncomment to restrict to specific country/countries
+#settings.gis.countries= ("LK",)
+
+# Uncomment to enable a guided tour
+#settings.base.guided_tour = True
+
+# Instance Name - for management scripts
+#settings.base.instance_name = "test"
+
+# Bing API Key (for Map layers)
+# http://www.microsoft.com/maps/create-a-bing-maps-key.aspx
+#settings.gis.api_bing = ""
+# Google API Key (for Google Maps Layers)
+#settings.gis.api_google = ""
+# Yahoo API Key (for Geocoder)
+#settings.gis.api_yahoo = ""
+
+# GeoNames username
+#settings.gis.geonames_username = ""
+
+# Fill this in to get Google Analytics for your site
+#settings.base.google_analytics_tracking_id = ""
+
+# Chat server, see: http://eden.sahanafoundation.org/wiki/InstallationGuidelines/Chat
+#settings.base.chat_server = {
+#   "ip": "127.0.0.1",
+#   "port": 7070,
+#   "name": "servername",
+#	# Default group everyone is added to
+#   "groupname" : "everyone",
+#   "server_db" : "openfire",
+#   # These settings fallback to main DB settings if not specified
+#   # Only mysql/postgres supported
+#   #"server_db_type" : "mysql",
+#   #"server_db_username" : "",
+#   #"server_db_password": "",
+#   #"server_db_port" : 3306,
+#   #"server_db_ip" : "127.0.0.1",
+#   }
+
+# GeoServer (Currently used by GeoExplorer. Will allow REST control of GeoServer.)
+# NB Needs to be publically-accessible URL for querying via client JS
+#settings.gis.geoserver_url = "http://localhost/geoserver"
+#settings.gis.geoserver_username = "admin"
+#settings.gis.geoserver_password = ""
+# Print Service URL: http://eden.sahanafoundation.org/wiki/BluePrintGISPrinting
+#settings.gis.print_service = "/geoserver/pdf/"
+
+# Google OAuth (to allow users to login using Google)
+# https://code.google.com/apis/console/
+#settings.auth.google_id = ""
+#settings.auth.google_secret = ""
+
+# Pootle server
+# settings.L10n.pootle_url = "http://pootle.sahanafoundation.org/"
+# settings.L10n.pootle_username = "username"
+# settings.L10n.pootle_password = "*****"
+
+# SOLR server for Full-Text Search
+#settings.base.solr_url = "http://127.0.0.1:8983/solr/"
+
+# Memcache server to allow sharing of sessions across instances
+#settings.base.session_memcache = '127.0.0.1:11211'
+
+settings.base.session_db = True
+
+# UI options
+# Should user be prompted to save before navigating away?
+#settings.ui.navigate_away_confirm = False
+# Should user be prompted to confirm actions?
+#settings.ui.confirm = False
+# Should potentially large dropdowns be turned into autocompletes?
+# (unused currently)
+#settings.ui.autocomplete = True
+#settings.ui.read_label = "Details"
+#settings.ui.update_label = "Edit"
+
+# Audit settings
+# - can be a callable for custom hooks (return True to also perform normal logging, or False otherwise)
+# NB Auditing (especially Reads) slows system down & consumes diskspace
+#settings.security.audit_write = False
+#settings.security.audit_read = False
+
+# Performance Options
+# Maximum number of search results for an Autocomplete Widget
+#settings.search.max_results = 200
+# Maximum number of features for a Map Layer
+#settings.gis.max_features = 1000
+
+# CAP Settings
+# Change for different authority and organisations
+# See http://alerting.worldweather.org/ for oid
+# Country root oid. The oid for the organisation includes this base
+#settings.cap.identifier_oid = "2.49.0.0.608.0"
+# Change this for the offset period in days that the alert will be effective for
+# Expire Date = Effective Date + expire_offset
+# Default is 2 days
+#settings.cap.expire_offset = 2
+
+# =============================================================================
+# Import the settings from the Template
+# - note: invalid settings are ignored
+#
+settings.import_template()
+
+# =============================================================================
+# Over-rides to the Template may be done here
+#
+
+# e.g.
+#settings.base.system_name = T("Sahana TEST")
+#settings.base.prepopulate = ("MY_TEMPLATE_ONLY")
+settings.base.prepopulate += ("default", "default/users")
+#settings.base.theme = "default"
+#settings.L10n.default_language = "en"
+#settings.security.policy = 7 # Organisation-ACLs
+# Enable Additional Module(s)
+#settings.modules["delphi"] = Storage(
+#        name_nice = T("Delphi Decision Maker"),
+#        restricted = False,
+#        module_type = 10,
+#    )
+# Disable a module which is normally used by the template
+# - NB Only templates with adaptive menus will work nicely with this!
+#del settings.modules["irs"]
+
+# After 1st_run, set this for Production to save 1x DAL hit/request
+#settings.base.prepopulate = 0
+
+# =============================================================================
+# A version number to tell update_check if there is a need to refresh the
+# running copy of this file
+VERSION = 1
+
+# END =========================================================================

sahana-demo/srv/sahana-demo/update-ip.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+URL=$(ip route get 1 | awk '{print $NF;exit}')
+sed -i "s|^settings\.base\.public_url.*|settings.base.public_url = \"https://${URL}:8498\"|" /srv/sahana-demo/conf/000_config.py