diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..83bf565 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +mandaye-meyzieu (0.1-1) stable; urgency=medium + + * Initial release + + -- Jérôme Schneider Tue, 03 Jun 2014 19:00:37 +0200 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7f8f011 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debian/config.ini b/debian/config.ini new file mode 100644 index 0000000..4638d37 --- /dev/null +++ b/debian/config.ini @@ -0,0 +1,36 @@ +[database] +; http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html +url: postgresql://mandaye-meyzieu@/mandaye_meyzieu + +[dirs] +config_root: /etc/mandaye-meyzieu/sites-enabled +data_dir: /var/lib/mandaye-meyzieu/data +static_root: /usr/share/mandaye-meyzieu/static +static_url: /mandaye/static + +[debug] +debug: false +use_long_trace: true +log_debug: false +; you need to install python-raven for this feature +sentry_dsn: + +[mandaye] +toolbar: false +a2_auto_connection: false +auto_decompress: true +; if you want to encypt password set to true +; you need to install pycrypto for this feature +encrypt_sp_password: false +; if encrypt_sp_password then you need to choose a secret +; must be a 16, 24, or 32 bytes long +encrypt_secret: + +[session] +; file, dbm, memory or memcached +; if memcached you need to install python-memcached and memcached +type: file +url: +cookie_expires: true +timeout: 3600 +data_dir: /var/lib/mandaye-meyzieu/sessions diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..6c4254f --- /dev/null +++ b/debian/control @@ -0,0 +1,20 @@ +Source: mandaye-meyzieu +Maintainer: Jerome Schneider +Section: python +Priority: optional +Build-Depends: python-setuptools (>= 0.6b3), python-all (>= 2.6.6-3), debhelper (>= 7.4.3) +Standards-Version: 3.9.1 +X-Python-Version: current + +Package: mandaye-meyzieu +Architecture: all +Depends: ${misc:Depends}, ${python:Depends}, + python-mandaye (>= 0.10.2), + python-beautifulsoup (>= 3.1), + python-crypto (>= 2.6), + python-lasso (>= 2.4.0), + python-psycopg2, + gunicorn (>= 0.17) +Recommends: postgresql, python-raven +Description: Meyzieu Mandaye project, modular authentification reverse proxy + diff --git a/debian/dirs b/debian/dirs new file mode 100644 index 0000000..913e797 --- /dev/null +++ b/debian/dirs @@ -0,0 +1,11 @@ +etc/mandaye-meyzieu +etc/mandaye-meyzieu/certs +etc/mandaye-meyzieu/sites-available +etc/mandaye-meyzieu/sites-enabled +var/lib/mandaye-meyzieu +var/lib/mandaye-meyzieu/data +var/lib/mandaye-meyzieu/sessions +var/run/mandaye-meyzieu +var/log/mandaye-meyzieu +usr/lib/mandaye-meyzieu +usr/share/mandaye-meyzieu diff --git a/debian/init.d b/debian/init.d new file mode 100755 index 0000000..cafde89 --- /dev/null +++ b/debian/init.d @@ -0,0 +1,167 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: mandaye-meyzieu +# Required-Start: $network $local_fs +# Required-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: authentication reverse proxy for Meyzieu +# Description: authentication reverse proxy for Meyzieu +### END INIT INFO + +# Author: Jérôme Schneider + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +NAME=mandaye-meyzieu +DAEMON=/usr/bin/gunicorn +PID_DIR=/var/run/$NAME +PIDFILE=/var/run/$NAME/$NAME.pid +LOG_DIR=/var/log/$NAME +SCRIPTNAME=/etc/init.d/$NAME +MANDAYE_CONFIG_FILES=/etc/$NAME/config.ini + +USER=$NAME +GROUP=$NAME + +DAEMON_ARGS="--pid $PIDFILE \ +--user $USER --group $GROUP \ +--daemon \ +--access-logfile $LOG_DIR/gunicorn-access.log \ +--log-file $LOG_DIR/gunicorn-error.log \ +--bind=unix:$PID_DIR/$NAME.sock \ +--workers=5 \ +--worker-class=sync \ +--timeout=60 \ +rp_meyzieu.wsgi:application" + +# Exit if the package is not installed +[ -x $DAEMON ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Create pid directory +[ ! -d $PID_DIR ] && mkdir $PID_DIR && chown $USER:$GROUP $PID_DIR + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +# environment for wsgi & settings +export MANDAYE_CONFIG_FILES + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --exec $DAEMON -- \ + $DAEMON_ARGS \ + || return 2 +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +case "$1" in + start) + log_daemon_msg "Starting $DESC " "$NAME" + do_start + case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; + esac + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) log_end_msg 0 ;; + 2) log_end_msg 1 ;; + esac + ;; + status) + status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + reload|force-reload) + # + # If do_reload() is not implemented then leave this commented out + # and leave 'force-reload' as an alias for 'restart'. + # + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart|force-reload) + # + # If the "reload" option is implemented then remove the + # 'force-reload' alias + # + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 + exit 3 + ;; +esac + diff --git a/debian/install b/debian/install new file mode 100644 index 0000000..fb21d5f --- /dev/null +++ b/debian/install @@ -0,0 +1,2 @@ +debian/config.ini /etc/mandaye-meyzieu/ +debian/mandaye_meyzieu_manager /usr/bin/ diff --git a/debian/mandaye_meyzieu_manager b/debian/mandaye_meyzieu_manager new file mode 100755 index 0000000..a7077dc --- /dev/null +++ b/debian/mandaye_meyzieu_manager @@ -0,0 +1,22 @@ +#!/bin/sh + +NAME=mandaye-meyzieu +MANAGER="/usr/lib/$NAME/manager.py --config=/etc/$NAME/config.ini" + +# check user +if test x$1 = x"--forceuser" +then + shift +elif test $(id -un) != "$NAME" +then + echo "error: must use $0 with user ${NAME}" + exit 1 +fi + +if test $# -eq 0 +then + python ${MANAGER} --help + exit 1 +fi + +python ${MANAGER} "$@" diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 0000000..4704653 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,65 @@ +#!/bin/sh +# +# Postinst script for mandaye-meyzieu +# + +set -e + +NAME=mandaye-meyzieu +USER=$NAME +GROUP=$NAME +HOME=/var/lib/$NAME + +case "$1" in + configure) + if ! getent group $GROUP > /dev/null 2>&1; then + echo -n "Adding group $GROUP.." + addgroup --quiet --system $GROUP + echo "..done" + fi + if ! getent passwd $USER > /dev/null 2>&1; then + echo -n "Adding user $USER.." + adduser --quiet --system --gecos "Mandaye Meyzieu daemon" \ + --ingroup $GROUP \ + --no-create-home --home $HOME \ + $USER + echo "..done" + fi + if [ ! -f /etc/mandaye-meyzieu/certs/saml.crt -a ! -f /etc/mandaye-meyzieu/certs/saml.key ]; then + echo -n "Generating key material..." >&2 + openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out /etc/mandaye-meyzieu/certs/saml.key >&2 + openssl req -x509 -new -out /etc/mandaye-meyzieu/certs/saml.crt -subj '/CN=whocares' -key /etc/mandaye-meyzieu/certs/saml.key -days 3650 >&2 + chown root:$GROUP /etc/mandaye-meyzieu/certs/saml.crt /etc/mandaye-meyzieu/certs/saml.key + chmod 640 /etc/mandaye-meyzieu/certs/saml.crt /etc/mandaye-meyzieu/certs/saml.key + echo "..done" >&2 + fi + + echo -n "Fixing permissions.." + chown $USER:$GROUP /var/lib/$NAME /var/run/$NAME /var/log/$NAME + chown $USER:$GROUP /var/lib/$NAME/data /var/lib/$NAME/sessions + echo "..done" + + if [ -z "$2" ]; then + echo "Please create your database :" + echo "su $USER -p -c '/usr/bin/mandaye_meyzieu_manager --createdb'" + fi + ;; + + reconfigure) + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/pydist-overrides b/debian/pydist-overrides new file mode 100644 index 0000000..d10358f --- /dev/null +++ b/debian/pydist-overrides @@ -0,0 +1,2 @@ +mandaye python-mandaye +pycrypto python-crypto diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..5dc8cc3 --- /dev/null +++ b/debian/rules @@ -0,0 +1,12 @@ +#!/usr/bin/make -f + +BUILD_DIR=$(CURDIR)/debian/mandaye-meyzieu + +%: + dh $@ --with python2 + +override_dh_install: + dh_install + mv $(BUILD_DIR)/usr/bin/server.py $(BUILD_DIR)/usr/lib/mandaye-meyzieu/server.py + mv $(BUILD_DIR)/usr/bin/manager.py $(BUILD_DIR)/usr/lib/mandaye-meyzieu/manager.py + cp -R rp_meyzieu/static $(BUILD_DIR)/usr/share/mandaye-meyzieu diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt)