From e95c73a2b907dc8c930251b0f9a0a3c4552bf89f Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Wed, 9 Jul 2014 15:57:24 +0200 Subject: [PATCH] add config for using classic authentic2 package --- Makefile | 23 +------- amue/settings.py | 2 +- amue/wsgi.py | 2 +- amue.conf => config/authentic2/config.py | 28 +++++---- .../nginx/sites-available/idp.amue.fr | 6 +- config/nginx/sites-enabled/idp.amue.fr | 1 + db.conf | 7 --- debian/amue-authentic2.conffile | 2 - debian/amue-authentic2.config | 12 ---- debian/amue-authentic2.dirs | 4 +- debian/amue-authentic2.install | 9 +-- debian/amue-authentic2.postinst | 58 ------------------- debian/amue-authentic2.postrm | 22 ------- debian/changelog | 6 ++ debian/control | 6 +- gunicorn-cfg.py | 11 ---- manage.sh | 7 --- reload.sh | 6 -- run.sh | 5 -- 19 files changed, 36 insertions(+), 181 deletions(-) rename amue.conf => config/authentic2/config.py (64%) rename idp.amue.fr.nginx => config/nginx/sites-available/idp.amue.fr (74%) create mode 120000 config/nginx/sites-enabled/idp.amue.fr delete mode 100644 db.conf delete mode 100644 debian/amue-authentic2.config delete mode 100644 debian/amue-authentic2.postinst delete mode 100755 debian/amue-authentic2.postrm delete mode 100644 gunicorn-cfg.py delete mode 100755 manage.sh delete mode 100755 reload.sh delete mode 100755 run.sh diff --git a/Makefile b/Makefile index 570fa6f..02537ec 100644 --- a/Makefile +++ b/Makefile @@ -2,22 +2,6 @@ all: true install: - install -d $(DESTDIR)/etc/amue-authentic2 - install -m 644 amue.conf $(DESTDIR)/etc/amue-authentic2/ - install -m 644 gunicorn-cfg.py $(DESTDIR)/etc/amue-authentic2/ - install -d $(DESTDIR)/usr/share/dbconfig-common/scripts/amue-authentic2/install - install -T -m 755 syncdb.sh $(DESTDIR)/usr/share/dbconfig-common/scripts/amue-authentic2/install/pgsql - install -d $(DESTDIR)/usr/share/amue-authentic2/templates - install db.conf $(DESTDIR)/usr/share/amue-authentic2/templates/ - install -d $(DESTDIR)/usr/share/pyshared/ - cp -R amue $(DESTDIR)/usr/share/pyshared/ - install -d $(DESTDIR)/usr/lib/amue-authentic2 - install -m 755 run.sh $(DESTDIR)/usr/lib/amue-authentic2 - install -m 755 manage.sh $(DESTDIR)/usr/lib/amue-authentic2 - install -m 755 reload.sh $(DESTDIR)/usr/lib/amue-authentic2 - # supervisor - install -d $(DESTDIR)/etc/supervisor/conf.d/ - install -T -m 644 supervisor.conf $(DESTDIR)/etc/supervisor/conf.d/amue-authentic2.conf # stud install -d $(DESTDIR)/etc/stud/ install -T -m 644 stud-amue-idp-test.conf $(DESTDIR)/etc/stud/idp.conf @@ -26,9 +10,6 @@ install: # haproxy install -d $(DESTDIR)/etc/haproxy/ install -T -m 644 haproxy.cfg $(DESTDIR)/etc/haproxy/haproxy-amue.cfg - # nginx - install -d $(DESTDIR)/etc/nginx/sites-available/ - install -T -m 644 idp.amue.fr.nginx $(DESTDIR)/etc/nginx/sites-available/idp.amue.fr # custom template and static files - install -d $(DESTDIR)/var/lib/amue-authentic2/ - cp -R templates extra-static $(DESTDIR)/var/lib/amue-authentic2/ + install -d $(DESTDIR)/var/lib/authentic2/ + cp -R templates extra-static $(DESTDIR)/var/lib/authentic2/ diff --git a/amue/settings.py b/amue/settings.py index 6987d2f..88e0388 100644 --- a/amue/settings.py +++ b/amue/settings.py @@ -77,7 +77,7 @@ TEMPLATE_CONTEXT_PROCESSORS = ( 'django.core.context_processors.request', 'django.contrib.messages.context_processors.messages', 'django.core.context_processors.static', - 'authentic2.context_processors.federations_processor', + 'authentic2.context_processors.a2_processor', ) MIDDLEWARE_CLASSES = ( diff --git a/amue/wsgi.py b/amue/wsgi.py index 33cc5f3..dff0f8e 100644 --- a/amue/wsgi.py +++ b/amue/wsgi.py @@ -15,7 +15,7 @@ framework. """ import os -os.environ.setdefault("DJANGO_SETTINGS_MODULE", "amue.settings") +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "authentic2.settings") # This application object is used by any WSGI server configured to use this # file. This includes Django's development server, if the WSGI_APPLICATION diff --git a/amue.conf b/config/authentic2/config.py similarity index 64% rename from amue.conf rename to config/authentic2/config.py index de48073..96fe95d 100644 --- a/amue.conf +++ b/config/authentic2/config.py @@ -1,20 +1,23 @@ -# do not remove this line, it imports db configuration from dbconfig-common -. /etc/amue-authentic2/db.conf +import os -export REGISTRATION_OPEN=0 -export A2_CAN_RESET_PASSWORD=0 -export A2_HOMEPAGE_URL=http://www.amue.fr/ -export CACHE_BACKEND='{"BACKEND": "django.core.cache.backends.memcached.MemcachedCache", "LOCATION": "127.0.0.1:11211"}' -export USE_X_FORWARDER_HOST=1 -export ALLOWED_HOSTS="idptest.amue.fr:idp.amue.fr" -export LDAP_AUTH_SETTINGS='[{ +REGISTRATION_OPEN=False +A2_CAN_RESET_PASSWORD=False +A2_HOMEPAGE_URL='http://www.amue.fr/' +CACHE_BACKEND={ + 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', + 'LOCATION': '127.0.0.1:11211' + } +USE_X_FORWARDED_HOST=True +ALLOWED_HOSTS='idptest.amue.fr:idp.amue.fr' +LDAP_AUTH_SETTINGS=[ + { "url": "ldap://194.167.237.11", "realm": "amue.fr", "basedn": "OU=AMUE,DC=wan,DC=amue,DC=fr", "binddn": "ldap.read@amue.fr", - "bindpw": "", + "bindpw": os.environ['AMUE_LDAP_PASSWORD'], "user_filter": "sAMAccountName=%s", - "active_directory": true, + "active_directory": True, "attributes": [ "sAMAccountName", "mail", @@ -33,4 +36,5 @@ export LDAP_AUTH_SETTINGS='[{ "attribute_mappings": [ ["userPrincipalName", "eduPersonPrincipalName"] ] - }]' + } +] diff --git a/idp.amue.fr.nginx b/config/nginx/sites-available/idp.amue.fr similarity index 74% rename from idp.amue.fr.nginx rename to config/nginx/sites-available/idp.amue.fr index 0878dd3..4f30d0d 100644 --- a/idp.amue.fr.nginx +++ b/config/nginx/sites-available/idp.amue.fr @@ -7,7 +7,7 @@ server { index index.html index.htm; location / { - proxy_pass http://unix:/run/amue-authentic2.sock:/; + proxy_pass http://unix:/run/authentic2/authentic2.sock:/; client_max_body_size 200k; client_body_buffer_size 1m; @@ -19,8 +19,8 @@ server { proxy_temp_file_write_size 256k; proxy_max_temp_file_size 0; proxy_read_timeout 300; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Protocol https; + proxy_set_header Host $http_host; proxy_set_header + X-Forwarded-Protocol https; } location /static { alias /var/lib/amue-authentic2/static/; diff --git a/config/nginx/sites-enabled/idp.amue.fr b/config/nginx/sites-enabled/idp.amue.fr new file mode 120000 index 0000000..bb03ef4 --- /dev/null +++ b/config/nginx/sites-enabled/idp.amue.fr @@ -0,0 +1 @@ +../sites-available/idp.amue.fr \ No newline at end of file diff --git a/db.conf b/db.conf deleted file mode 100644 index 27708ab..0000000 --- a/db.conf +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -export DATABASE_ENGINE='django.db.backends.postgresql_psycopg2' -export DATABASE_NAME='_DBC_DBNAME_' -export DATABASE_USER='_DBC_DBUSER_' -export DATABASE_PASSWORD='_DBC_DBPASS_' -export DATABASE_HOST='localhost' diff --git a/debian/amue-authentic2.conffile b/debian/amue-authentic2.conffile index d1004de..e69de29 100644 --- a/debian/amue-authentic2.conffile +++ b/debian/amue-authentic2.conffile @@ -1,2 +0,0 @@ -/etc/amue-authentic2/amue.conf -/etc/nginx/sites-available/idp.amue.fr diff --git a/debian/amue-authentic2.config b/debian/amue-authentic2.config deleted file mode 100644 index 6a4bbc5..0000000 --- a/debian/amue-authentic2.config +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -# config maintainer script for foo-pgsql - -# source debconf stuff -. /usr/share/debconf/confmodule -# source dbconfig-common shell library, and call the hook function -if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then - . /usr/share/dbconfig-common/dpkg/config.pgsql - dbc_go amue-authentic2 $@ -fi - -#DEBHELPER# diff --git a/debian/amue-authentic2.dirs b/debian/amue-authentic2.dirs index 25e2868..daf609b 100644 --- a/debian/amue-authentic2.dirs +++ b/debian/amue-authentic2.dirs @@ -1,2 +1,2 @@ -/var/lib/amue-authentic2/extra-static -/var/lib/amue-authentic2/templates +/var/lib/authentic2/extra-static +/var/lib/authentic2/templates diff --git a/debian/amue-authentic2.install b/debian/amue-authentic2.install index fed8c65..3e92fc3 100644 --- a/debian/amue-authentic2.install +++ b/debian/amue-authentic2.install @@ -1,8 +1 @@ -/etc/amue-authentic2/* -/usr/share/dbconfig-common/scripts/amue-authentic2/install/* -/usr/share/amue-authentic2/templates/* -/usr/share/pyshared/amue/* -/usr/lib/amue-authentic2/* -/etc/supervisor/conf.d/* -/etc/nginx/sites-available/* -/var/lib/amue-authentic2/* +/var/lib/authentic2/* diff --git a/debian/amue-authentic2.postinst b/debian/amue-authentic2.postinst deleted file mode 100644 index 26613cf..0000000 --- a/debian/amue-authentic2.postinst +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh -# postinst maintainer script for foo-pgsql - -USER=amue-authentic2 -GROUP=amue-authentic2 - -case "$1" in - configure) - if ! getent group $GROUP > /dev/null 2>&1; then - echo -n "Adding group $GROUP.." - addgroup --quiet --system $GROUP - echo "..done" - fi - if ! getent passwd $USER >/dev/null; then - echo Adding user $USER... - adduser --quiet --system --gecos "AMUE authentic2 system user" \ - --ingroup $GROUP \ - --no-create-home \ - --home /var/lib/amue-authentic2 --shell /usr/sbin/nologin $USER - fi - mkdir -p /var/log/amue-authentic2 - chown amue-authentic2 /var/log/amue-authentic2 - ;; -esac - -# source debconf stuff -. /usr/share/debconf/confmodule -# source dbconfig-common shell library, and call the hook function -if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then - . /usr/share/dbconfig-common/dpkg/postinst.pgsql - dbc_pgsql_createdb_encoding="UTF8" - dbc_generate_include=template:/etc/amue-authentic2/db.conf - dbc_generate_include_args="-o template_infile=/usr/share/amue-authentic2/templates/db.conf -U" - dbc_generate_include_owner="amue-authentic2" - dbc_generate_include_perms="640" - dbc_go amue-authentic2 $@ -fi - -case "$1" in - configure) - echo Updating static files... - /usr/lib/amue-authentic2/manage.sh collectstatic --noinput - if [ ! -e /etc/nginx/sites-enabled/idp.amue.fr ]; then - echo Installing nginx virtualhost... - ln -s /etc/nginx/sites-available/idp.amue.fr /etc/nginx/sites-enabled/ - invoke-rc.d nginx restart - else - echo Reloading nginx virtualhost... - invoke-rc.d nginx reload - fi - echo Restarting amue-authentic... - /usr/bin/supervisorctl update - /usr/bin/supervisorctl restart amue-authentic2 - ;; -esac - - -#DEBHELPER# diff --git a/debian/amue-authentic2.postrm b/debian/amue-authentic2.postrm deleted file mode 100755 index df263ac..0000000 --- a/debian/amue-authentic2.postrm +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh -# config maintainer script for foo-pgsql - -# source debconf stuff -. /usr/share/debconf/confmodule -# source dbconfig-common shell library, and call the hook function -if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then - . /usr/share/dbconfig-common/dpkg/postrm.pgsql - dbc_go amue-authentic2 $@ -fi - -DBCONF=/etc/amue-authentic2/db.conf -if [ "$1" = "purge" ]; then - rm -f $DBCONF - if which ucf >/dev/null 2>&1; then - ucf --purge $DBCONF - fi -fi - -#DEBHELPER# - - diff --git a/debian/changelog b/debian/changelog index 6f6bc89..0b04cad 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +amue-authentic2 (0.15) stable; urgency=low + + * improve packaging + + -- Benjamin Dauvergne Wed, 09 Jul 2014 16:10:13 +0200 + amue-authentic2 (0.13) stable; urgency=low * add a persistence cookie in the haproxy.cfg for the production backend diff --git a/debian/control b/debian/control index b44149c..330f42a 100644 --- a/debian/control +++ b/debian/control @@ -9,9 +9,9 @@ X-Python-Version: current Package: amue-authentic2 Architecture: all -Depends: ${misc:Depends}, python-authentic2, - dbconfig-common, nginx, gunicorn, supervisor, ${python:Depends}, - python-memcache, python-psycopg2, python-gevent, python-ldap, memcached +Depends: ${misc:Depends}, authentic2, + dbconfig-common, nginx, gunicorn, ${python:Depends}, + python-memcache, python-psycopg2, python-ldap, memcached Recommends: postgresql-client Description: AMUE settings for the Authentic2 identity server Gather all needed settings for using Authentic2 at AMUE diff --git a/gunicorn-cfg.py b/gunicorn-cfg.py deleted file mode 100644 index c00c818..0000000 --- a/gunicorn-cfg.py +++ /dev/null @@ -1,11 +0,0 @@ -import multiprocessing - - -debug = True -bind = 'unix:/run/amue-authentic2.sock' -workers = multiprocessing.cpu_count() * 2 + 1 -worker_class = 'gevent' -timeout = 10 -user = 'amue-authentic2' -group = 'amue-authentic2' -proc_name = 'amue-authentic2' diff --git a/manage.sh b/manage.sh deleted file mode 100755 index 1c1ca2f..0000000 --- a/manage.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -. /etc/amue-authentic2/amue.conf - -export DJANGO_SETTINGS_MODULE=amue.settings - -django-admin $@ diff --git a/reload.sh b/reload.sh deleted file mode 100755 index 5e46a74..0000000 --- a/reload.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -PID="`sudo supervisorctl status | grep RUNNING | awk '{ print $4 }' | sed 's/,//'`" - -if [ "x$PID" != "x" ]; then - kill -HUP $PID -fi diff --git a/run.sh b/run.sh deleted file mode 100755 index 0b7aa24..0000000 --- a/run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -. /etc/amue-authentic2/amue.conf - -exec /usr/bin/gunicorn -c /etc/amue-authentic2/gunicorn-cfg.py amue.wsgi:application