add config for using classic authentic2 package
This commit is contained in:
parent
0935d0feeb
commit
e95c73a2b9
23
Makefile
23
Makefile
|
@ -2,22 +2,6 @@ all:
|
|||
true
|
||||
|
||||
install:
|
||||
install -d $(DESTDIR)/etc/amue-authentic2
|
||||
install -m 644 amue.conf $(DESTDIR)/etc/amue-authentic2/
|
||||
install -m 644 gunicorn-cfg.py $(DESTDIR)/etc/amue-authentic2/
|
||||
install -d $(DESTDIR)/usr/share/dbconfig-common/scripts/amue-authentic2/install
|
||||
install -T -m 755 syncdb.sh $(DESTDIR)/usr/share/dbconfig-common/scripts/amue-authentic2/install/pgsql
|
||||
install -d $(DESTDIR)/usr/share/amue-authentic2/templates
|
||||
install db.conf $(DESTDIR)/usr/share/amue-authentic2/templates/
|
||||
install -d $(DESTDIR)/usr/share/pyshared/
|
||||
cp -R amue $(DESTDIR)/usr/share/pyshared/
|
||||
install -d $(DESTDIR)/usr/lib/amue-authentic2
|
||||
install -m 755 run.sh $(DESTDIR)/usr/lib/amue-authentic2
|
||||
install -m 755 manage.sh $(DESTDIR)/usr/lib/amue-authentic2
|
||||
install -m 755 reload.sh $(DESTDIR)/usr/lib/amue-authentic2
|
||||
# supervisor
|
||||
install -d $(DESTDIR)/etc/supervisor/conf.d/
|
||||
install -T -m 644 supervisor.conf $(DESTDIR)/etc/supervisor/conf.d/amue-authentic2.conf
|
||||
# stud
|
||||
install -d $(DESTDIR)/etc/stud/
|
||||
install -T -m 644 stud-amue-idp-test.conf $(DESTDIR)/etc/stud/idp.conf
|
||||
|
@ -26,9 +10,6 @@ install:
|
|||
# haproxy
|
||||
install -d $(DESTDIR)/etc/haproxy/
|
||||
install -T -m 644 haproxy.cfg $(DESTDIR)/etc/haproxy/haproxy-amue.cfg
|
||||
# nginx
|
||||
install -d $(DESTDIR)/etc/nginx/sites-available/
|
||||
install -T -m 644 idp.amue.fr.nginx $(DESTDIR)/etc/nginx/sites-available/idp.amue.fr
|
||||
# custom template and static files
|
||||
install -d $(DESTDIR)/var/lib/amue-authentic2/
|
||||
cp -R templates extra-static $(DESTDIR)/var/lib/amue-authentic2/
|
||||
install -d $(DESTDIR)/var/lib/authentic2/
|
||||
cp -R templates extra-static $(DESTDIR)/var/lib/authentic2/
|
||||
|
|
|
@ -77,7 +77,7 @@ TEMPLATE_CONTEXT_PROCESSORS = (
|
|||
'django.core.context_processors.request',
|
||||
'django.contrib.messages.context_processors.messages',
|
||||
'django.core.context_processors.static',
|
||||
'authentic2.context_processors.federations_processor',
|
||||
'authentic2.context_processors.a2_processor',
|
||||
)
|
||||
|
||||
MIDDLEWARE_CLASSES = (
|
||||
|
|
|
@ -15,7 +15,7 @@ framework.
|
|||
"""
|
||||
import os
|
||||
|
||||
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "amue.settings")
|
||||
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "authentic2.settings")
|
||||
|
||||
# This application object is used by any WSGI server configured to use this
|
||||
# file. This includes Django's development server, if the WSGI_APPLICATION
|
||||
|
|
|
@ -1,20 +1,23 @@
|
|||
# do not remove this line, it imports db configuration from dbconfig-common
|
||||
. /etc/amue-authentic2/db.conf
|
||||
import os
|
||||
|
||||
export REGISTRATION_OPEN=0
|
||||
export A2_CAN_RESET_PASSWORD=0
|
||||
export A2_HOMEPAGE_URL=http://www.amue.fr/
|
||||
export CACHE_BACKEND='{"BACKEND": "django.core.cache.backends.memcached.MemcachedCache", "LOCATION": "127.0.0.1:11211"}'
|
||||
export USE_X_FORWARDER_HOST=1
|
||||
export ALLOWED_HOSTS="idptest.amue.fr:idp.amue.fr"
|
||||
export LDAP_AUTH_SETTINGS='[{
|
||||
REGISTRATION_OPEN=False
|
||||
A2_CAN_RESET_PASSWORD=False
|
||||
A2_HOMEPAGE_URL='http://www.amue.fr/'
|
||||
CACHE_BACKEND={
|
||||
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
|
||||
'LOCATION': '127.0.0.1:11211'
|
||||
}
|
||||
USE_X_FORWARDED_HOST=True
|
||||
ALLOWED_HOSTS='idptest.amue.fr:idp.amue.fr'
|
||||
LDAP_AUTH_SETTINGS=[
|
||||
{
|
||||
"url": "ldap://194.167.237.11",
|
||||
"realm": "amue.fr",
|
||||
"basedn": "OU=AMUE,DC=wan,DC=amue,DC=fr",
|
||||
"binddn": "ldap.read@amue.fr",
|
||||
"bindpw": "",
|
||||
"bindpw": os.environ['AMUE_LDAP_PASSWORD'],
|
||||
"user_filter": "sAMAccountName=%s",
|
||||
"active_directory": true,
|
||||
"active_directory": True,
|
||||
"attributes": [
|
||||
"sAMAccountName",
|
||||
"mail",
|
||||
|
@ -33,4 +36,5 @@ export LDAP_AUTH_SETTINGS='[{
|
|||
"attribute_mappings": [
|
||||
["userPrincipalName", "eduPersonPrincipalName"]
|
||||
]
|
||||
}]'
|
||||
}
|
||||
]
|
|
@ -7,7 +7,7 @@ server {
|
|||
index index.html index.htm;
|
||||
|
||||
location / {
|
||||
proxy_pass http://unix:/run/amue-authentic2.sock:/;
|
||||
proxy_pass http://unix:/run/authentic2/authentic2.sock:/;
|
||||
|
||||
client_max_body_size 200k;
|
||||
client_body_buffer_size 1m;
|
||||
|
@ -19,8 +19,8 @@ server {
|
|||
proxy_temp_file_write_size 256k;
|
||||
proxy_max_temp_file_size 0;
|
||||
proxy_read_timeout 300;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-Protocol https;
|
||||
proxy_set_header Host $http_host; proxy_set_header
|
||||
X-Forwarded-Protocol https;
|
||||
}
|
||||
location /static {
|
||||
alias /var/lib/amue-authentic2/static/;
|
|
@ -0,0 +1 @@
|
|||
../sites-available/idp.amue.fr
|
7
db.conf
7
db.conf
|
@ -1,7 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
export DATABASE_ENGINE='django.db.backends.postgresql_psycopg2'
|
||||
export DATABASE_NAME='_DBC_DBNAME_'
|
||||
export DATABASE_USER='_DBC_DBUSER_'
|
||||
export DATABASE_PASSWORD='_DBC_DBPASS_'
|
||||
export DATABASE_HOST='localhost'
|
|
@ -1,2 +0,0 @@
|
|||
/etc/amue-authentic2/amue.conf
|
||||
/etc/nginx/sites-available/idp.amue.fr
|
|
@ -1,12 +0,0 @@
|
|||
#!/bin/sh
|
||||
# config maintainer script for foo-pgsql
|
||||
|
||||
# source debconf stuff
|
||||
. /usr/share/debconf/confmodule
|
||||
# source dbconfig-common shell library, and call the hook function
|
||||
if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then
|
||||
. /usr/share/dbconfig-common/dpkg/config.pgsql
|
||||
dbc_go amue-authentic2 $@
|
||||
fi
|
||||
|
||||
#DEBHELPER#
|
|
@ -1,2 +1,2 @@
|
|||
/var/lib/amue-authentic2/extra-static
|
||||
/var/lib/amue-authentic2/templates
|
||||
/var/lib/authentic2/extra-static
|
||||
/var/lib/authentic2/templates
|
||||
|
|
|
@ -1,8 +1 @@
|
|||
/etc/amue-authentic2/*
|
||||
/usr/share/dbconfig-common/scripts/amue-authentic2/install/*
|
||||
/usr/share/amue-authentic2/templates/*
|
||||
/usr/share/pyshared/amue/*
|
||||
/usr/lib/amue-authentic2/*
|
||||
/etc/supervisor/conf.d/*
|
||||
/etc/nginx/sites-available/*
|
||||
/var/lib/amue-authentic2/*
|
||||
/var/lib/authentic2/*
|
||||
|
|
|
@ -1,58 +0,0 @@
|
|||
#!/bin/sh
|
||||
# postinst maintainer script for foo-pgsql
|
||||
|
||||
USER=amue-authentic2
|
||||
GROUP=amue-authentic2
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
if ! getent group $GROUP > /dev/null 2>&1; then
|
||||
echo -n "Adding group $GROUP.."
|
||||
addgroup --quiet --system $GROUP
|
||||
echo "..done"
|
||||
fi
|
||||
if ! getent passwd $USER >/dev/null; then
|
||||
echo Adding user $USER...
|
||||
adduser --quiet --system --gecos "AMUE authentic2 system user" \
|
||||
--ingroup $GROUP \
|
||||
--no-create-home \
|
||||
--home /var/lib/amue-authentic2 --shell /usr/sbin/nologin $USER
|
||||
fi
|
||||
mkdir -p /var/log/amue-authentic2
|
||||
chown amue-authentic2 /var/log/amue-authentic2
|
||||
;;
|
||||
esac
|
||||
|
||||
# source debconf stuff
|
||||
. /usr/share/debconf/confmodule
|
||||
# source dbconfig-common shell library, and call the hook function
|
||||
if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
|
||||
. /usr/share/dbconfig-common/dpkg/postinst.pgsql
|
||||
dbc_pgsql_createdb_encoding="UTF8"
|
||||
dbc_generate_include=template:/etc/amue-authentic2/db.conf
|
||||
dbc_generate_include_args="-o template_infile=/usr/share/amue-authentic2/templates/db.conf -U"
|
||||
dbc_generate_include_owner="amue-authentic2"
|
||||
dbc_generate_include_perms="640"
|
||||
dbc_go amue-authentic2 $@
|
||||
fi
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
echo Updating static files...
|
||||
/usr/lib/amue-authentic2/manage.sh collectstatic --noinput
|
||||
if [ ! -e /etc/nginx/sites-enabled/idp.amue.fr ]; then
|
||||
echo Installing nginx virtualhost...
|
||||
ln -s /etc/nginx/sites-available/idp.amue.fr /etc/nginx/sites-enabled/
|
||||
invoke-rc.d nginx restart
|
||||
else
|
||||
echo Reloading nginx virtualhost...
|
||||
invoke-rc.d nginx reload
|
||||
fi
|
||||
echo Restarting amue-authentic...
|
||||
/usr/bin/supervisorctl update
|
||||
/usr/bin/supervisorctl restart amue-authentic2
|
||||
;;
|
||||
esac
|
||||
|
||||
|
||||
#DEBHELPER#
|
|
@ -1,22 +0,0 @@
|
|||
#!/bin/sh
|
||||
# config maintainer script for foo-pgsql
|
||||
|
||||
# source debconf stuff
|
||||
. /usr/share/debconf/confmodule
|
||||
# source dbconfig-common shell library, and call the hook function
|
||||
if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then
|
||||
. /usr/share/dbconfig-common/dpkg/postrm.pgsql
|
||||
dbc_go amue-authentic2 $@
|
||||
fi
|
||||
|
||||
DBCONF=/etc/amue-authentic2/db.conf
|
||||
if [ "$1" = "purge" ]; then
|
||||
rm -f $DBCONF
|
||||
if which ucf >/dev/null 2>&1; then
|
||||
ucf --purge $DBCONF
|
||||
fi
|
||||
fi
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
|
|
@ -1,3 +1,9 @@
|
|||
amue-authentic2 (0.15) stable; urgency=low
|
||||
|
||||
* improve packaging
|
||||
|
||||
-- Benjamin Dauvergne <bdauvergne@fenouil.entrouvert.org> Wed, 09 Jul 2014 16:10:13 +0200
|
||||
|
||||
amue-authentic2 (0.13) stable; urgency=low
|
||||
|
||||
* add a persistence cookie in the haproxy.cfg for the production backend
|
||||
|
|
|
@ -9,9 +9,9 @@ X-Python-Version: current
|
|||
|
||||
Package: amue-authentic2
|
||||
Architecture: all
|
||||
Depends: ${misc:Depends}, python-authentic2,
|
||||
dbconfig-common, nginx, gunicorn, supervisor, ${python:Depends},
|
||||
python-memcache, python-psycopg2, python-gevent, python-ldap, memcached
|
||||
Depends: ${misc:Depends}, authentic2,
|
||||
dbconfig-common, nginx, gunicorn, ${python:Depends},
|
||||
python-memcache, python-psycopg2, python-ldap, memcached
|
||||
Recommends: postgresql-client
|
||||
Description: AMUE settings for the Authentic2 identity server
|
||||
Gather all needed settings for using Authentic2 at AMUE
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
import multiprocessing
|
||||
|
||||
|
||||
debug = True
|
||||
bind = 'unix:/run/amue-authentic2.sock'
|
||||
workers = multiprocessing.cpu_count() * 2 + 1
|
||||
worker_class = 'gevent'
|
||||
timeout = 10
|
||||
user = 'amue-authentic2'
|
||||
group = 'amue-authentic2'
|
||||
proc_name = 'amue-authentic2'
|
|
@ -1,7 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
. /etc/amue-authentic2/amue.conf
|
||||
|
||||
export DJANGO_SETTINGS_MODULE=amue.settings
|
||||
|
||||
django-admin $@
|
|
@ -1,6 +0,0 @@
|
|||
#!/bin/sh
|
||||
PID="`sudo supervisorctl status | grep RUNNING | awk '{ print $4 }' | sed 's/,//'`"
|
||||
|
||||
if [ "x$PID" != "x" ]; then
|
||||
kill -HUP $PID
|
||||
fi
|
Reference in New Issue