Create separate Sahana instance using SAMBRO template for testing purposes.

2017-09-16 18:55:19 +02:00 · 2017-09-16 18:55:19 +02:00 · f9759f3fcc
commit f9759f3fcc
parent f4034d6657
11 changed files with 10091 additions and 0 deletions
--- a/03-sambro.sh
+++ b/03-sambro.sh
@ -0,0 +1,89 @@
+#!/bin/bash
+
+SOURCE_DIR=$(realpath $(dirname "${0}"))
+
+# Install dependencies for Sahana
+apt-get -y --no-install-recommends install python-dateutil python-imaging python-lxml python-matplotlib python-openid python-psycopg2 python-pyth python-reportlab python-requests python-shapely python-tweepy python-xlrd python-xlwt
+
+# Install web2py
+git clone --recursive https://github.com/web2py/web2py.git /srv/sambro
+git -C /srv/sambro checkout cda35fd
+git -C /srv/sambro submodule update
+
+# Install Sahana
+git clone --depth 1 https://github.com/sahana/eden.git /srv/sambro/applications/eden
+
+# Create PostgreSQL user and database
+export SAMBRO_PWD=$(head -c 18 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/sambro/tmp/sambro-createdb.sql >/tmp/sambro-createdb.sql
+sudo -u postgres psql -f /tmp/sambro-createdb.sql
+rm -f /tmp/sambro-createdb.sql
+
+# Configure web2py
+rm -rf /srv/sambro/applications/{admin,examples,welcome}
+cp ${SOURCE_DIR}/sambro/srv/sambro/routes.py /srv/sambro/routes.py
+cp ${SOURCE_DIR}/sambro/srv/sambro/run_scheduler.py /srv/sambro/run_scheduler.py
+ln -s /srv/sambro/handlers/wsgihandler.py /srv/sambro/wsgihandler.py
+
+# Configure Sahana
+mkdir /srv/sambro/applications/eden/{databases,errors,sessions}
+mkdir -p /srv/sambro/applications/eden/static/cache/chart
+mkdir -p /srv/sambro/applications/eden/uploads/{gis_cache,images,tracks}
+export SAMBRO_HMAC=$(head -c 18 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/sambro/srv/sambro/applications/eden/models/000_config.py >/srv/sambro/applications/eden/models/000_config.py
+cp ${SOURCE_DIR}/sambro/srv/sambro/applications/eden/modules/templates/SAMBRO/config.py /srv/sambro/applications/eden/modules/templates/SAMBRO/config.py
+export SAMBRO_ADMIN_USER=admin@example.com
+export SAMBRO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
+envsubst <${SOURCE_DIR}/sambro/srv/sambro/applications/eden/modules/templates/default/users/masterUsers.csv >/srv/sambro/applications/eden/modules/templates/default/users/masterUsers.csv
+cp ${SOURCE_DIR}/sambro/srv/sambro/applications/eden/languages/cs.py /srv/sambro/applications/eden/languages/cs.py
+
+# Create OS user
+adduser --system --group --home /srv/sambro --shell /bin/false sambro
+chown -R sambro:sambro /srv/sambro
+
+# Populate database
+cd /srv/sambro
+sudo -u sambro python web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py
+
+# Set "production values" (increases performance). Only if the DEBUG environment variable doesn't exist
+if [ -z "${DEBUG}" ]; then
+    sed -i 's/settings.base.migrate = True/settings.base.migrate = False/' /srv/sambro/applications/eden/models/000_config.py
+    sed -i 's/settings.base.debug = True/settings.base.debug = False/' /srv/sambro/applications/eden/models/000_config.py
+    sed -i 's/#settings.base.prepopulate = 0/settings.base.prepopulate = 0/' /srv/sambro/applications/eden/models/000_config.py
+    sudo -u sambro python web2py.py -S eden -M -R applications/eden/static/scripts/tools/compile.py
+fi
+
+# Create uwsgi and nginx app definition
+cp ${SOURCE_DIR}/sambro/etc/uwsgi/apps-available/sambro.ini /etc/uwsgi/apps-available/sambro.ini
+ln -s /etc/uwsgi/apps-available/sambro.ini /etc/uwsgi/apps-enabled/sambro.ini
+cp ${SOURCE_DIR}/sambro/etc/nginx/sites-available/sambro /etc/nginx/sites-available/sambro
+ln -s /etc/nginx/sites-available/sambro /etc/nginx/sites-enabled/sambro
+
+# Restart services
+systemctl restart uwsgi
+systemctl restart nginx
+
+# Add portal application definition
+${SOURCE_DIR}/basic/portal-app-manager.py sambro "https://{host}:8099/eden/" "${SAMBRO_ADMIN_USER}" "${SAMBRO_ADMIN_PWD}"
+${SOURCE_DIR}/basic/portal-app-manager.py sambro-mobile
+
+# TODO: Does matplotlib still require MPLCONFIGDIR directory?
+# If so, /srv/sambro/wsgihandler.py needs to be modified
+
+# TODO: Potentially needed dependencies
+# WARNING:  Setup unresolved dependency: boto required for Setup Module
+# WARNING:  S3Doc unresolved dependency: sunburnt required for Full-Text Search support
+# WARNING:  S3GIS unresolved dependency: selenium required for Map printing support
+# WARNING:  Setup unresolved dependency: PyYAML required for Setup Module
+# WARNING:  S3GIS unresolved dependency: GDAL required for Shapefile support
+# WARNING:  Setup unresolved dependency: ansible required for Setup Module
+# WARNING:  Survey unresolved dependency: PyRTF required if you want to export assessment/survey templates as a Word document
+# WARNING: Unresolved optional dependency: pyserial required
+# WARNING:  Message Parsing unresolved dependency: TwitterSearch required for fetching results from twitter keyword queries
+
+# TODO: Development notes
+# vi /srv/sambro/applications/eden/modules/templates/default/config.py
+# vi /srv/sambro/applications/eden/modules/s3cfg.py
+# sudo -u sambro /srv/sambro/web2py.py -i 192.168.2.202 -a sambro --nogui
+# sudo -u sambro openssl req -new -x509 -nodes -out /srv/sambro/cert.pem -keyout /srv/sambro/cert.key -subj "/C=CZ/CN=$(hostname -f)"
+# sudo -u sambro /srv/sambro/web2py.py -i 192.168.2.202 -a sambro -c /srv/sambro/cert.pem -k /srv/sambro/cert.key --nogui
--- a/basic/srv/portal/index.html
+++ b/basic/srv/portal/index.html
@ -36,6 +36,15 @@
            </ul>
        </div>

+        <div class="c" id="sambro">
+            <h2><a href="#"><img src="img/EDEN.png" alt="Sahana EDEN SAMBRO" title="Sahana EDEN SAMBRO">Sahana EDEN SAMBRO</a></h2>
+            <p>Samostatná instance Sahana EDEN s šablonou SAMBRO.</p>
+            <ul>
+                <li><strong>Login:</strong> <span class="login">Demo</span></li>
+                <li><strong>Heslo:</strong> <span class="password">Demo2018</span></li>
+            </ul>
+        </div>
+
        <div class="c" id="sambro-mobile">
            <h2><a href="#"><img src="img/EDEN.png" alt="SAMBRO Mobile" title="SAMBRO Mobile">SAMBRO Mobile</a></h2>
            <p>Mobilní klient k aplikaci Sahana EDEN. Po stažení se zaregistrujte a pro přístup k serveru zadejte IP vaší instalace Sahana EDEN.<br>
--- a/sambro/etc/nginx/sites-available/sambro
+++ b/sambro/etc/nginx/sites-available/sambro
@ -0,0 +1,34 @@
+server {
+    listen 8099 ssl http2;
+    listen [::]:8099 ssl http2;
+
+    ssl_certificate /etc/ssl/certs/services.pem;
+    ssl_certificate_key /etc/ssl/private/services.key;
+    ssl_protocols TLSv1.2;
+    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:1m;
+    ssl_session_timeout 1d;
+    ssl_session_tickets off;
+
+    access_log /var/log/nginx/sambro.access.log;
+    error_log /var/log/nginx/sambro.error.log;
+
+    location / {
+        return 301 https://$http_host:8099/eden/;
+    }
+
+    location /eden {
+        uwsgi_pass unix:///run/uwsgi/app/sambro/socket;
+        uwsgi_read_timeout 120s;
+        uwsgi_send_timeout 120s;
+        include uwsgi_params;
+        uwsgi_param UWSGI_SCHEME $scheme;
+        uwsgi_param SERVER_SOFTWARE nginx/$nginx_version;
+    }
+
+    location ~* /eden/static {
+        root /srv/sambro/applications;
+        expires max;
+    }
+}
--- a/sambro/etc/uwsgi/apps-available/sambro.ini
+++ b/sambro/etc/uwsgi/apps-available/sambro.ini
@ -0,0 +1,15 @@
+[uwsgi]
+uid = sambro
+gid = sambro
+chown-socket = www-data:www-data
+chdir = /srv/sambro
+module = wsgihandler
+cheaper = 1
+cheaper-algo = spare
+cheaper-initial = 1
+cheaper-step = 1
+workers = 4
+idle = 600
+harakiri = 120
+mule = run_scheduler.py
+cron = 10 -1 -1 -1 -1 python web2py.py -Q -S eden -M -R scripts/sessions2trash.py -A -o
--- a/sambro/srv/sambro/applications/eden/languages/cs.py
+++ b/sambro/srv/sambro/applications/eden/languages/cs.py
--- a/sambro/srv/sambro/applications/eden/models/000_config.py
+++ b/sambro/srv/sambro/applications/eden/models/000_config.py
@ -0,0 +1,259 @@
+# -*- coding: utf-8 -*-
+
+"""
+    Machine-specific settings
+    All settings which are typically edited for a specific machine should be done here
+
+    Deployers should ideally not need to edit any other files outside of their template folder
+
+    Note for Developers:
+        /models/000_config.py is NOT in the Git repository, to avoid leaking of
+        sensitive or irrelevant information into the repository.
+    For changes to be committed, please also edit:
+        modules/templates/000_config.py
+"""
+
+# Remove this line when you have edited this file sufficiently to proceed to the web interface
+FINISHED_EDITING_CONFIG_FILE = True
+
+# Select the Template
+# - which Modules are enabled
+# - PrePopulate data
+# - Security Policy
+# - Workflows
+# - Theme
+# - note that you should restart your web2py after changing this setting
+settings.base.template = "SAMBRO"
+
+# Database settings
+# Uncomment to use a different database, other than sqlite
+settings.database.db_type = "postgres"
+#settings.database.db_type = "mysql"
+# Uncomment to use a different host
+#settings.database.host = "localhost"
+# Uncomment to use a different port
+#settings.database.port = 3306
+#settings.database.port = 5432
+# Uncomment to select a different name for your database
+settings.database.database = "sambro"
+# Uncomment to select a different username for your database
+settings.database.username = "sambro"
+# Uncomment to set the password
+# NB Web2Py doesn't like passwords with an @ in them
+settings.database.password = "${SAMBRO_PWD}"
+# Uncomment to use a different pool size
+#settings.database.pool_size = 30
+# Do we have a spatial DB available? (currently supports PostGIS. Spatialite to come.)
+settings.gis.spatialdb = True
+
+# Base settings
+#settings.base.system_name = T("Sahana Eden Humanitarian Management Platform")
+#settings.base.system_name_short = T("Sahana Eden")
+# Set this to the Public URL of the instance
+#settings.base.public_url = "http://127.0.0.1:8000"
+
+# Switch to "False" in Production for a Performance gain
+# (need to set to "True" again when Table definitions are changed)
+settings.base.migrate = True
+# To just create the .table files (also requires migrate=True):
+#settings.base.fake_migrate = True
+
+# Set this to True to switch to Debug mode
+# Debug mode means that uncompressed CSS/JS files are loaded
+# JS Debug messages are also available in the Console
+# can also load an individual page in debug mode by appending URL with
+# ?debug=1
+settings.base.debug = True
+
+# Uncomment this to prevent automated test runs from remote
+# settings.base.allow_testing = False
+
+# Configure the log level ("DEBUG", "INFO", "WARNING", "ERROR" or "CRITICAL"), None = turn off logging
+#settings.log.level = "WARNING"
+# Uncomment to prevent writing log messages to the console (sys.stderr)
+#settings.log.console = False
+# Configure a log file (file name)
+#settings.log.logfile = None
+# Uncomment to get detailed caller information
+#settings.log.caller_info = True
+
+# Uncomment to use Content Delivery Networks to speed up Internet-facing sites
+#settings.base.cdn = True
+
+# Allow language files to be updated automatically
+#settings.L10n.languages_readonly = False
+
+# This setting should be changed _before_ registering the 1st user
+# - should happen automatically if installing using supported scripts
+settings.auth.hmac_key = "${SAMBRO_HMAC}"
+
+# Minimum Password Length
+#settings.auth.password_min_length = 8
+
+# Email settings
+# Outbound server
+#settings.mail.server = "127.0.0.1:25"
+#settings.mail.tls = True
+# Useful for Windows Laptops:
+# https://www.google.com/settings/security/lesssecureapps
+#settings.mail.server = "smtp.gmail.com:587"
+#settings.mail.tls = True
+#settings.mail.login = "username:password"
+# From Address - until this is set, no mails can be sent
+#settings.mail.sender = "'Sahana' <sahana@example.org>"
+# Default email address to which requests to approve new user accounts gets sent
+# This can be overridden for specific domains/organisations via the auth_domain table
+#settings.mail.approver = "useradmin@example.org"
+# Daily Limit on Sending of emails
+#settings.mail.limit = 1000
+
+# Frontpage settings
+# RSS feeds
+settings.frontpage.rss = [
+    {"title": "Eden",
+     # Trac timeline
+     "url": "http://eden.sahanafoundation.org/timeline?ticket=on&changeset=on&milestone=on&wiki=on&max=50&daysback=90&format=rss"
+    },
+    {"title": "Twitter",
+     # @SahanaFOSS
+     #"url": "https://search.twitter.com/search.rss?q=from%3ASahanaFOSS" # API v1 deprecated, so doesn't work, need to use 3rd-party service, like:
+     "url": "http://www.rssitfor.me/getrss?name=@SahanaFOSS"
+     # Hashtag
+     #url: "http://search.twitter.com/search.atom?q=%23eqnz" # API v1 deprecated, so doesn't work, need to use 3rd-party service, like:
+     #url: "http://api2.socialmention.com/search?q=%23eqnz&t=all&f=rss"
+    }
+]
+
+# Uncomment to restrict to specific country/countries
+#settings.gis.countries= ("LK",)
+
+# Uncomment to enable a guided tour
+#settings.base.guided_tour = True
+
+# Instance Name - for management scripts
+#settings.base.instance_name = "test"
+
+# Bing API Key (for Map layers)
+# http://www.microsoft.com/maps/create-a-bing-maps-key.aspx
+#settings.gis.api_bing = ""
+# Google API Key (for Google Maps Layers)
+#settings.gis.api_google = ""
+# Yahoo API Key (for Geocoder)
+#settings.gis.api_yahoo = ""
+
+# GeoNames username
+#settings.gis.geonames_username = ""
+
+# Fill this in to get Google Analytics for your site
+#settings.base.google_analytics_tracking_id = ""
+
+# Chat server, see: http://eden.sahanafoundation.org/wiki/InstallationGuidelines/Chat
+#settings.base.chat_server = {
+#   "ip": "127.0.0.1",
+#   "port": 7070,
+#   "name": "servername",
+#	# Default group everyone is added to
+#   "groupname" : "everyone",
+#   "server_db" : "openfire",
+#   # These settings fallback to main DB settings if not specified
+#   # Only mysql/postgres supported
+#   #"server_db_type" : "mysql",
+#   #"server_db_username" : "",
+#   #"server_db_password": "",
+#   #"server_db_port" : 3306,
+#   #"server_db_ip" : "127.0.0.1",
+#   }
+
+# GeoServer (Currently used by GeoExplorer. Will allow REST control of GeoServer.)
+# NB Needs to be publically-accessible URL for querying via client JS
+#settings.gis.geoserver_url = "http://localhost/geoserver"
+#settings.gis.geoserver_username = "admin"
+#settings.gis.geoserver_password = ""
+# Print Service URL: http://eden.sahanafoundation.org/wiki/BluePrintGISPrinting
+#settings.gis.print_service = "/geoserver/pdf/"
+
+# Google OAuth (to allow users to login using Google)
+# https://code.google.com/apis/console/
+#settings.auth.google_id = ""
+#settings.auth.google_secret = ""
+
+# Pootle server
+# settings.L10n.pootle_url = "http://pootle.sahanafoundation.org/"
+# settings.L10n.pootle_username = "username"
+# settings.L10n.pootle_password = "*****"
+
+# SOLR server for Full-Text Search
+#settings.base.solr_url = "http://127.0.0.1:8983/solr/"
+
+# Memcache server to allow sharing of sessions across instances
+#settings.base.session_memcache = '127.0.0.1:11211'
+
+# UI options
+# Should user be prompted to save before navigating away?
+#settings.ui.navigate_away_confirm = False
+# Should user be prompted to confirm actions?
+#settings.ui.confirm = False
+# Should potentially large dropdowns be turned into autocompletes?
+# (unused currently)
+#settings.ui.autocomplete = True
+#settings.ui.read_label = "Details"
+#settings.ui.update_label = "Edit"
+
+# Audit settings
+# - can be a callable for custom hooks (return True to also perform normal logging, or False otherwise)
+# NB Auditing (especially Reads) slows system down & consumes diskspace
+#settings.security.audit_write = False
+#settings.security.audit_read = False
+
+# Performance Options
+# Maximum number of search results for an Autocomplete Widget
+#settings.search.max_results = 200
+# Maximum number of features for a Map Layer
+#settings.gis.max_features = 1000
+
+# CAP Settings
+# Change for different authority and organisations
+# See http://alerting.worldweather.org/ for oid
+# Country root oid. The oid for the organisation includes this base
+#settings.cap.identifier_oid = "2.49.0.0.608.0"
+# Change this for the offset period in days that the alert will be effective for
+# Expire Date = Effective Date + expire_offset
+# Default is 2 days
+#settings.cap.expire_offset = 2
+
+# =============================================================================
+# Import the settings from the Template
+# - note: invalid settings are ignored
+#
+settings.import_template()
+
+# =============================================================================
+# Over-rides to the Template may be done here
+#
+
+# e.g.
+#settings.base.system_name = T("Sahana TEST")
+#settings.base.prepopulate = ("MY_TEMPLATE_ONLY")
+#settings.base.prepopulate += ("default", "default/users")
+#settings.base.theme = "default"
+#settings.L10n.default_language = "en"
+#settings.security.policy = 7 # Organisation-ACLs
+# Enable Additional Module(s)
+#settings.modules["delphi"] = Storage(
+#        name_nice = T("Delphi Decision Maker"),
+#        restricted = False,
+#        module_type = 10,
+#    )
+# Disable a module which is normally used by the template
+# - NB Only templates with adaptive menus will work nicely with this!
+#del settings.modules["irs"]
+
+# After 1st_run, set this for Production to save 1x DAL hit/request
+#settings.base.prepopulate = 0
+
+# =============================================================================
+# A version number to tell update_check if there is a need to refresh the
+# running copy of this file
+VERSION = 1
+
+# END =========================================================================
--- a/sambro/srv/sambro/applications/eden/modules/templates/SAMBRO/config.py
+++ b/sambro/srv/sambro/applications/eden/modules/templates/SAMBRO/config.py
--- a/sambro/srv/sambro/applications/eden/modules/templates/default/users/masterUsers.csv
+++ b/sambro/srv/sambro/applications/eden/modules/templates/default/users/masterUsers.csv
@ -0,0 +1,2 @@
+First Name,Last Name,Email,Password,Role,Organisation
+Admin,User,${SAMBRO_ADMIN_USER},${SAMBRO_ADMIN_PWD},ADMIN,
--- a/sambro/srv/sambro/routes.py
+++ b/sambro/srv/sambro/routes.py
@ -0,0 +1,11 @@
+#!/usr/bin/python
+default_application = 'eden'
+default_controller = 'default'
+default_function = 'index'
+routes_onerror = [
+    ('eden/400', '!'),
+    ('eden/401', '!'),
+    ('eden/509', '!'),
+    ('eden/*', '/eden/errors/index'),
+    ('*/*', '/eden/errors/index'),
+]
--- a/sambro/srv/sambro/run_scheduler.py
+++ b/sambro/srv/sambro/run_scheduler.py
@ -0,0 +1,6 @@
+#!/usr/bin/env python
+
+from gluon.shell import run
+
+if __name__ == '__main__':
+    run('eden', True, True, None, False, 'from gluon import current; current._scheduler.loop()')
--- a/sambro/tmp/sambro-createdb.sql
+++ b/sambro/tmp/sambro-createdb.sql
@ -0,0 +1,8 @@
+CREATE ROLE sambro NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN ENCRYPTED PASSWORD '${SAMBRO_PWD}';
+CREATE DATABASE sambro;
+REVOKE ALL ON DATABASE sambro FROM public;
+ALTER DATABASE sambro OWNER TO sambro;
+\c sambro;
+CREATE EXTENSION postgis;
+GRANT ALL ON geometry_columns TO sambro;
+GRANT ALL ON spatial_ref_sys TO sambro;