summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJérôme Schneider <jschneider@entrouvert.com>2015-04-03 08:20:49 (GMT)
committerJérôme Schneider <jschneider@entrouvert.com>2015-04-03 08:20:49 (GMT)
commit8319aa110398ef13b21efce59d1af5175bba0613 (patch)
treede3f64a4a8001df4cf4dd7f4733336220cb17657
parent36fa31b53ea8065913c6b837912bd50ed1b5549e (diff)
parent67daf5ecd78eda2f3c4da0eaa4da49d631e433d4 (diff)
downloadmandaye-cud-master.zip
mandaye-cud-master.tar.gz
mandaye-cud-master.tar.bz2
Add 'debian/' from commit '67daf5ecd78eda2f3c4da0eaa4da49d631e433d4'HEADmaster
git-subtree-dir: debian git-subtree-mainline: 36fa31b53ea8065913c6b837912bd50ed1b5549e git-subtree-split: 67daf5ecd78eda2f3c4da0eaa4da49d631e433d4
-rw-r--r--debian/changelog5
-rw-r--r--debian/compat1
-rw-r--r--debian/config.ini27
-rw-r--r--debian/control22
-rw-r--r--debian/dirs11
-rwxr-xr-xdebian/init.d168
-rw-r--r--debian/install2
-rw-r--r--debian/mandaye_cud_manager22
-rw-r--r--debian/postinst65
-rw-r--r--debian/pydist-overrides2
-rwxr-xr-xdebian/rules12
-rw-r--r--debian/source/format1
12 files changed, 338 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..b41bf71
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,5 @@
+mandaye-cud (0.0.1-1) stable; urgency=medium
+
+ * Initial release
+
+ -- Jérôme Schneider <jschneider@entrouvert.com> Tue, 03 Jun 2014 19:00:37 +0200
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..7f8f011
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+7
diff --git a/debian/config.ini b/debian/config.ini
new file mode 100644
index 0000000..96739b4
--- /dev/null
+++ b/debian/config.ini
@@ -0,0 +1,27 @@
+[database]
+; http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html
+url: postgresql://mandaye-cud@/mandaye-cud
+
+[dirs]
+config_root: /etc/mandaye-cud/sites-enabled
+data_dir: /var/lib/mandaye-cud/data
+static_root: /usr/share/mandaye-cud/static
+
+[debug]
+debug: false
+use_long_trace: true
+log_debug: false
+; you need to install python-raven for this feature
+sentry_dsn:
+
+[template_vars]
+idp_url: https://idp-cud.dev.entrouvert.org
+
+[session]
+; file, dbm, memory or memcached
+; if memcached you need to install python-memcached and memcached
+type: memcached
+url: 127.0.0.1:11211
+cookie_expires: true
+timeout: 3600
+data_dir: /var/lib/mandaye-cud/sessions
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..16b5e3a
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,22 @@
+Source: mandaye-cud
+Maintainer: Jerome Schneider <jschneider@entrouvert.com>
+Section: python
+Priority: optional
+Build-Depends: python-setuptools (>= 0.6b3), python-all (>= 2.6.6-3), debhelper (>= 7.4.3)
+Standards-Version: 3.9.1
+X-Python-Version: current
+
+Package: mandaye-cud
+Architecture: all
+Depends: ${misc:Depends}, ${python:Depends},
+ python-mandaye (>= 0.9),
+ python-beautifulsoup (>= 3.1),
+ python-crypto (>= 2.6),
+ python-lasso (>= 2.4.0),
+ python-memcache,
+ python-psycopg2,
+ memcached,
+ gunicorn (>= 0.17)
+Recommends: postgresql, python-raven
+Description: CUD Mandaye project, modular authentification reverse proxy
+
diff --git a/debian/dirs b/debian/dirs
new file mode 100644
index 0000000..cf49c19
--- /dev/null
+++ b/debian/dirs
@@ -0,0 +1,11 @@
+etc/mandaye-cud
+etc/mandaye-cud/certs
+etc/mandaye-cud/sites-available
+etc/mandaye-cud/sites-enabled
+var/lib/mandaye-cud
+var/lib/mandaye-cud/data
+var/lib/mandaye-cud/sessions
+var/log/mandaye-cud
+var/run/mandaye-cud
+usr/lib/mandaye-cud
+usr/share/mandaye-cud
diff --git a/debian/init.d b/debian/init.d
new file mode 100755
index 0000000..a96bdc5
--- /dev/null
+++ b/debian/init.d
@@ -0,0 +1,168 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: mandaye-cud
+# Required-Start: $network $local_fs
+# Required-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: authentication reverse proxy for CUD
+# Description: authentication reverse proxy for CUD
+### END INIT INFO
+
+# Author: Jérôme Schneider <jschneider@entrouvert.com>
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+NAME=mandaye-cud
+DAEMON=/usr/bin/gunicorn
+PID_DIR=/var/run/mandaye-cud
+PIDFILE=/var/run/mandaye-cud/$NAME.pid
+LOG_DIR=/var/log/mandaye-cud
+SCRIPTNAME=/etc/init.d/$NAME
+MANDAYE_CONFIG_FILES=/etc/$NAME/config.ini
+
+USER=mandaye-cud
+GROUP=mandaye-cud
+
+DAEMON_ARGS="--pid $PIDFILE \
+--user $USER --group $GROUP \
+--daemon \
+--access-logfile $LOG_DIR/gunicorn-access.log \
+--log-file $LOG_DIR/gunicorn-error.log \
+--bind=unix:$PID_DIR/$NAME.sock \
+--workers=5 \
+--worker-class=sync \
+--timeout=60 \
+mandaye_cud.wsgi:application"
+
+# Exit if the package is not installed
+[ -x $DAEMON ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Create pid directory
+[ ! -d $PID_DIR ] && mkdir $PID_DIR && chown $USER:$GROUP $PID_DIR
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# environment for wsgi & settings
+export MANDAYE_CONFIG_FILES
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ log_daemon_msg "Starting $DESC " "$NAME"
+ do_start
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) log_end_msg 0 ;;
+ 2) log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
diff --git a/debian/install b/debian/install
new file mode 100644
index 0000000..bd1af80
--- /dev/null
+++ b/debian/install
@@ -0,0 +1,2 @@
+debian/config.ini /etc/mandaye-cud/
+debian/mandaye_cud_manager /usr/bin/
diff --git a/debian/mandaye_cud_manager b/debian/mandaye_cud_manager
new file mode 100644
index 0000000..ea342de
--- /dev/null
+++ b/debian/mandaye_cud_manager
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+NAME=mandaye-cud
+MANAGER="/usr/lib/$NAME/manager.py --config=/etc/$NAME/config.ini"
+
+# check user
+if test x$1 = x"--forceuser"
+then
+ shift
+elif test $(id -un) != "$NAME"
+then
+ echo "error: must use $0 with user ${NAME}"
+ exit 1
+fi
+
+if test $# -eq 0
+then
+ python ${MANAGER} --help
+ exit 1
+fi
+
+python ${MANAGER} "$@"
diff --git a/debian/postinst b/debian/postinst
new file mode 100644
index 0000000..59f86a4
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,65 @@
+#!/bin/sh
+#
+# Postinst script for mandaye-cud
+#
+
+set -e
+
+NAME=mandaye-cud
+USER=$NAME
+GROUP=$NAME
+HOME=/var/lib/$NAME
+
+case "$1" in
+ configure)
+ if ! getent group $GROUP > /dev/null 2>&1; then
+ echo -n "Adding group $GROUP.."
+ addgroup --quiet --system $GROUP
+ echo "..done"
+ fi
+ if ! getent passwd $USER > /dev/null 2>&1; then
+ echo -n "Adding user $USER.."
+ adduser --quiet --system --gecos "Mandaye CUD daemon" \
+ --ingroup $GROUP \
+ --no-create-home --home $HOME \
+ $USER
+ echo "..done"
+ fi
+ if [ ! -f /etc/mandaye-cud/certs/saml.crt -a ! -f /etc/mandaye-cud/certs/saml.key ]; then
+ echo -n "Generating key material..." >&2
+ openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out /etc/mandaye-cud/certs/saml.key >&2
+ openssl req -x509 -new -out /etc/mandaye-cud/certs/saml.crt -subj '/CN=whocares' -key /etc/mandaye-cud/certs/saml.key -days 3650 >&2
+ chown root:$GROUP /etc/mandaye-cud/certs/saml.crt /etc/mandaye-cud/certs/saml.key
+ chmod 640 /etc/mandaye-cud/certs/saml.crt /etc/mandaye-cud/certs/saml.key
+ echo "..done" >&2
+ fi
+
+ echo -n "Fixing permissions.."
+ chown $USER:$GROUP /var/lib/$NAME /var/run/$NAME /var/log/$NAME
+ chown $USER:$GROUP /var/lib/$NAME/data /var/lib/$NAME/sessions
+ echo "..done"
+
+ if [ -z "$2" ]; then
+ echo "Please create your database :"
+ echo "su $USER -p -c '/usr/bin/mandaye_cud_manager --createdb'"
+ fi
+ ;;
+
+ reconfigure)
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/pydist-overrides b/debian/pydist-overrides
new file mode 100644
index 0000000..d10358f
--- /dev/null
+++ b/debian/pydist-overrides
@@ -0,0 +1,2 @@
+mandaye python-mandaye
+pycrypto python-crypto
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..4f437bb
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,12 @@
+#!/usr/bin/make -f
+
+BUILD_DIR=$(CURDIR)/debian/mandaye-cud
+
+%:
+ dh $@ --with python2
+
+override_dh_install:
+ dh_install
+ mv $(BUILD_DIR)/usr/bin/server.py $(BUILD_DIR)/usr/lib/mandaye-cud/server.py
+ mv $(BUILD_DIR)/usr/bin/manager.py $(BUILD_DIR)/usr/lib/mandaye-cud/manager.py
+ cp -R mandaye_cud/static $(BUILD_DIR)/usr/share/mandaye-cud
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)