entrouvert
/
passerelle
15
0
Fork 0
Code Issues Pull Requests 16 Releases Activity

multitenant-only packaging (#5634)

This commit is contained in:
Thomas NOËL 2015-03-11 19:39:06 +01:00
parent 4022ba011a
commit c01e76f71a
20 changed files with 286 additions and 235 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
README.Debian Normal file
View File

@ -0,0 +1,21 @@
Passerelle server for Debian
============================
Create a tenant
---------------
$ passerelle-manage create_tenant foo.passerelle.example.org
Configure nginx
---------------
1. Copy /usr/share/doc/passerelle/nginx-example.conf to /etc/nginx/sites-available/passerelle.conf:
# cp /usr/share/doc/passerelle/nginx-example.conf /etc/nginx/sites-available/passerelle.conf
2. Edit /etc/nginx/sites-available/passerelle.conf
3. Enable nginx passerelle site:
# ln -s ../sites-available/passerelle.conf /etc/nginx/sites-enabled/
4. Reload nginx:
# service nginx restart

79
changelog
View File

@ -1,80 +1,5 @@
passerelle (0.2.51.g24f717a-1) stable; urgency=low
passerelle (0.0-1) unstable; urgency=low
* update to last mmaster commit
-- Jérôme Schneider <jschneider@entrouvert.com> Tue, 13 Aug 2013 10:47:34 +0200
passerelle (0.2.35.g040e1e3-2) stable; urgency=low
* fix local_settings.py
-- Jérôme Schneider <jschneider@entrouvert.com> Thu, 20 Jun 2013 16:27:27 +0200
passerelle (0.2.35.g040e1e3-1) stable; urgency=low
* update to last mmaster commit
-- Jérôme Schneider <jschneider@entrouvert.com> Thu, 20 Jun 2013 15:53:52 +0200
passerelle (0.2.34.ged4ed8a-1) stable; urgency=low
* update to last mmaster commit
-- Jérôme Schneider <jschneider@entrouvert.com> Thu, 20 Jun 2013 12:00:25 +0200
passerelle (0.2.29.gb8547fd-2) stable; urgency=low
* debian: depends on python-django-south >= 0.8
-- Jérôme Schneider <jschneider@entrouvert.com> Tue, 18 Jun 2013 11:51:56 +0200
passerelle (0.2.29.gb8547fd-1) stable; urgency=low
* merge to last master commit
-- Jérôme Schneider <jschneider@entrouvert.com> Tue, 18 Jun 2013 11:48:15 +0200
passerelle (0.2.27.gd2a8e52-1) stable; urgency=low
* merge to last master commit
* update INSTALLED_APPS in local_settings.py
* move static to /var/lib/passerelle/static
-- Jérôme Schneider <jschneider@entrouvert.com> Mon, 17 Jun 2013 19:38:50 +0200
passerelle (0.2.21.g6b65b40-3) stable; urgency=low
* update INSTALLED_APPS in local_settings.py
* add python-django-south dependency
-- Jérôme Schneider <jschneider@entrouvert.com> Sun, 16 Jun 2013 19:56:43 +0200
passerelle (0.2.21.g6b65b40-2) stable; urgency=low
* fix new local_settings link
-- Jérôme Schneider <jschneider@entrouvert.com> Sun, 16 Jun 2013 18:40:34 +0200
passerelle (0.2.21.g6b65b40-1) stable; urgency=low
* merge to last upstream commit
-- Jérôme Schneider <jschneider@entrouvert.com> Sat, 15 Jun 2013 11:34:05 +0200
passerelle (0.2.12.g828e940-3) unstable; urgency=low
* debian: cleaning package
-- Jérôme Schneider <jschneider@entrouvert.com> Fri, 14 Jun 2013 16:00:47 +0200
passerelle (0.2.12.g828e940-2) unstable; urgency=low
* debian: fix apache example
-- Jérôme Schneider <jschneider@entrouvert.com> Thu, 13 Jun 2013 16:56:40 +0200
passerelle (0.2.12.g828e940-1) unstable; urgency=low
* Initial release ...
* Initial release
-- Jérôme Schneider <jschneider@entrouvert.com> Thu, 13 Jun 2013 12:29:42 +0200

45
config.py
View File

@ -1,45 +0,0 @@
# Configuration for passerelle.
# You can override Passerelle default settings here
# Passerelle is a Django application: for the full list of settings and their
# values, see https://docs.djangoproject.com/en/1.7/ref/settings/
# For more information on settings see
# https://docs.djangoproject.com/en/1.7/topics/settings/
# WARNING! Quick-start development settings unsuitable for production!
# See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/
# This file is sourced by "execfile" from /usr/lib/passerelle/debian_config.py
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = file('/etc/passerelle/secret').read()
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
TEMPLATE_DEBUG = False
ADMINS = (
# ('User 1', 'watchdog@example.net'),
# ('User 2', 'janitor@example.net'),
)
# ALLOWED_HOSTS must be correct in production!
# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
ALLOWED_HOSTS = [
'passerelle.example.net',
'passerelle.example.net.',
'.passerelle.example.net',
'.passerelle.example.net.',
]
# Passerelle use a postgresql database
# Default: a local database named "passerelle"
# DATABASES['default']['name'] = 'passerelle'
# DATABASES['default']['user'] = 'passerelle'
# DATABASES['default']['password'] = '******'
# DATABASES['default']['host'] = 'localhost'
# DATABASES['default']['port'] = '5432'
LANGUAGE_CODE = 'fr-fr'
TIME_ZONE = 'Europe/Paris'

36
control
View File

@ -1,27 +1,39 @@
Source: passerelle
Section: python
Priority: optional
Maintainer: Jérôme Schneider <jschneider@entrouvert.com>
Maintainer: Thomas NOËL <tnoel@entrouvert.com>
Build-Depends: debhelper (>= 8.0.0),
python-django,
python-setuptools
Standards-Version: 3.9.4
python-django (>= 1.7),
python-setuptools (>= 0.6b3),
python-all (>= 2.6.6-3)
Standards-Version: 3.9.6
Homepage: https://dev.entrouvert.org/projects/passerelle
X-Python-Version: >= 2.7
Package: passerelle
Package: python-passerelle
Architecture: all
Depends: ${python:Depends},
${misc:Depends},
python-entrouvert,
gunicorn,
python-django (< 1.7),
python-django-south,
python-django (>= 1.7),
python-gadjo
python-django-jsonresponse,
python-django-model-utils,
python-requests,
python-setuptools,
python-gadjo
python-django-jsonfield,
Recommends: python-soappy, python-phpserialize
Suggests: python-sqlalchemy, python-mako
Description: Passerelle provides an uniform access to multiple data sources and services.
Passerelle provides an uniform access to multiple data sources and services.
Description: Uniform access to multiple data sources and services (Python module)
Package: passerelle
Architecture: all
Depends: ${misc:Depends},
python-passerelle (= ${binary:Version}),
python-hobo,
python-django-tenant-schemas,
python-psycopg2,
python-memcache,
gunicorn
Recommends: python-django-mellon, nginx, postgresql, memcached
Description: Uniform access to multiple data sources and services

2
copyright
View File

@ -1,5 +1,5 @@
Files: debian/*
Copyright: 2013 Jérôme Schneider <jschneider@entrouvert.com>
Copyright: 2015 Thomas NOËL <tnoel@entrouvert.com>
License: GPL-2+
This package is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by

82
debian_config.py
View File

@ -2,22 +2,82 @@
import os
ETC_DIR = '/etc/passerelle'
VAR_DIR = '/var/lib/passerelle'
RUN_DIR = '/run/passerelle'
from django.conf import global_settings
STATIC_ROOT = os.path.join(VAR_DIR, 'collected-static')
STATICFILES_DIRS = (os.path.join(VAR_DIR, 'static'),) + STATICFILES_DIRS
TEMPLATE_DIRS = (os.path.join(VAR_DIR, 'templates'),) + TEMPLATE_DIRS
LOCALE_PATHS = (os.path.join(VAR_DIR, 'locale'),) + LOCALE_PATHS
TENANT_BASE = os.path.join(VAR_DIR, 'tenants')
TENANT_TEMPLATE_DIRS = (TENANT_BASE,)
PROJECT_NAME = 'passerelle'
ETC_DIR = '/etc/%s' % PROJECT_NAME
VAR_DIR = '/var/lib/%s' % PROJECT_NAME
STATIC_ROOT = os.path.join(VAR_DIR, 'collectstatic')
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'ENGINE': 'tenant_schemas.postgresql_backend',
'NAME': 'passerelle'
}
}
execfile(os.path.join(ETC_DIR, 'config.py'))
DATABASE_ROUTERS = (
'tenant_schemas.routers.TenantSyncRouter',
)
TENANT_BASE = os.path.join(VAR_DIR, 'tenants')
TENANT_MODEL = 'multitenant.Tenant'
SHARED_APPS = (
'hobo.multitenant',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.messages',
'django.contrib.sessions',
'django.contrib.staticfiles',
'django.contrib.admin',
)
TENANT_APPS = INSTALLED_APPS
INSTALLED_APPS = ('hobo.multitenant',) + INSTALLED_APPS
TEMPLATE_LOADERS = (
'hobo.multitenant.template_loader.FilesystemLoader',
) + global_settings.TEMPLATE_LOADERS
TENANT_TEMPLATE_DIRS = (TENANT_BASE,)
TEMPLATE_CONTEXT_PROCESSORS = (
'django.core.context_processors.request',
) + global_settings.TEMPLATE_CONTEXT_PROCESSORS
MIDDLEWARE_CLASSES = (
'hobo.multitenant.middleware.TenantMiddleware',
'hobo.middleware.context.TemplateVarsMiddleware',
) + MIDDLEWARE_CLASSES
DEFAULT_FILE_STORAGE = 'hobo.multitenant.storage.TenantFileSystemStorage'
CACHES = {
'default': {
'BACKEND': 'hobo.multitenant.cache.TenantCache',
# add a real Django cache backend, with its parameters if needed
'REAL_BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '127.0.0.1:11211',
}
}
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = file('/etc/passerelle/secret').read()
ADMINS = (
('root', 'root@localhost'),
)
DEBUG = False
TEMPLATE_DEBUG = False
EMAIL_SUBJECT_PREFIX = '[passerelle] '
# HTTPS
CSRF_COOKIE_SECURE = True
SESSION_COOKIE_SECURE = True
execfile(os.path.join(ETC_DIR, 'settings.py'))

9
dirs
View File

@ -1,9 +0,0 @@
/etc/default
/etc/passerelle
/var/lib/passerelle
/var/lib/passerelle/tenants
/var/lib/passerelle/media
/var/lib/passerelle/static
/var/log/passerelle
/usr/share/passerelle/static
/usr/lib/passerelle

39
nginx-example.conf Normal file
View File

@ -0,0 +1,39 @@
server {
listen 443;
server_name *.passerelle.example.org;
ssl on;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
access_log /var/log/nginx/passerelle.example.org-access.log combined;
error_log /var/log/nginx/passerelle.example.org-error.log;
location ~ ^/static/(.+)$ {
root /;
try_files /var/lib/passerelle/tenants/$host/static/$1
/var/lib/passerelle/collectstatic/$1
=404;
}
location / {
proxy_pass http://unix:/run/passerelle/passerelle.sock;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Forwarded-Protocol ssl;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name *.passerelle.example.org;
access_log /var/log/nginx/passerelle.example.org-access.log combined;
error_log /var/log/nginx/passerelle.example.org-error.log;
return 301 https://$host$request_uri;
}

5
passerelle-manage
View File

@ -1,7 +1,10 @@
#!/bin/sh
NAME=passerelle
MANAGE="/usr/lib/$NAME/manage.py --multitenant --config=/usr/lib/${NAME}/debian_config.py"
MANAGE="/usr/lib/passerelle/manage.py"
# load Debian default configuration
export PASSERELLE_SETTINGS_FILE=/usr/lib/$NAME/debian_config.py
# check user
if test x$1 = x"--forceuser"

5
passerelle.dirs Normal file
View File

@ -0,0 +1,5 @@
/etc/passerelle
/usr/lib/passerelle
/var/lib/passerelle/collectstatic
/var/lib/passerelle/tenants
/var/log/passerelle

2
passerelle.docs Normal file
View File

@ -0,0 +1,2 @@
debian/nginx-example.conf
debian/README.Debian

33
init.d → passerelle.init
View File

@ -5,7 +5,7 @@
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Passerelle provides an uniform access to multiple data sources and services
# Short-Description: Passerelle server
# Description: Passerelle provides an uniform access to multiple data sources and services.
### END INIT INFO
@ -21,11 +21,10 @@ LOG_DIR=/var/log/$NAME
SCRIPTNAME=/etc/init.d/$NAME
BIND=unix:$RUN_DIR/$NAME.sock
WORKERS=5
TIMEOUT=10
TIMEOUT=30
DJANGO_SETTINGS_MODULE=passerelle.tenant_settings
DJANGO_CONFIG_FILE=/usr/lib/$NAME/debian_config.py
MANAGE_SCRIPT="python /usr/lib/$NAME/manage.py --config=$DJANGO_CONFIG_FILE"
PASSERELLE_SETTINGS_FILE=/usr/lib/$NAME/debian_config.py
MANAGE_SCRIPT="/usr/bin/$NAME-manage"
USER=$NAME
GROUP=$NAME
@ -46,7 +45,7 @@ DAEMON_ARGS=${DAEMON_ARGS:-"--pid $PIDFILE \
--worker-class=sync \
--timeout=$TIMEOUT \
--name $NAME \
passerelle.wsgi:application"}
$NAME.wsgi:application"}
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
@ -60,14 +59,8 @@ if [ ! -d $RUN_DIR ]; then
install -d -m 755 -o $USER -g $GROUP $RUN_DIR
fi
# environment for wsgi & settings
export DJANGO_SETTINGS_MODULE
export DJANGO_CONFIG_FILE
# multitenant mode
if [ "x$DJANGO_SETTINGS_MODULE" = "xpasserelle.tenant_settings" ]; then
TENANT_BASE=/var/lib/$NAME/tenants
MANAGE_SCRIPT="$MANAGE_SCRIPT --multitenant"
fi
# environment for wsgi
export PASSERELLE_SETTINGS_FILE
#
# Function that starts the daemon/service
@ -120,25 +113,19 @@ do_reload() {
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name `basename $DAEMON`
return 0
}
do_migrate() {
log_action_msg "Applying new migrations .."
if [ "x$TENANT_BASE" != "x" ]; then
su $USER -p -c "$MANAGE_SCRIPT create_schema"
su $USER -p -c "$MANAGE_SCRIPT sync_schemas --noinput"
su $USER -p -c "$MANAGE_SCRIPT migrate_schemas --noinput"
else
su $USER -p -c "$MANAGE_SCRIPT syncdb --migrate --noinput"
fi
su $USER -p -c "$MANAGE_SCRIPT migrate_schemas"
log_action_msg ".. done"
}
do_collectstatic() {
log_action_msg "Collect static files.."
su $USER -p -c "$MANAGE_SCRIPT collectstatic --noinput --link"
su $USER -p -c "$MANAGE_SCRIPT collectstatic --noinput"
log_action_msg ".. done"
}

2
install → passerelle.install
View File

@ -1,3 +1,3 @@
debian/passerelle-manage /usr/bin
debian/debian_config.py /usr/lib/passerelle
debian/config.py /etc/passerelle
debian/settings.py /etc/passerelle

45
passerelle.postinst Normal file
View File

@ -0,0 +1,45 @@
#! /bin/sh
set -e
NAME="passerelle"
USER=$NAME
GROUP=$NAME
CONFIG_DIR="/etc/$NAME"
case "$1" in
configure)
# make sure the administrative user exists
if ! getent passwd $USER >/dev/null; then
adduser --disabled-password --quiet --system \
--no-create-home --home /var/lib/$NAME \
--gecos "Passerelle user" --group $USER
fi
# ensure dirs ownership
chown $USER:$GROUP /var/log/$NAME
chown $USER:$GROUP /var/lib/$NAME/collectstatic
chown $USER:$GROUP /var/lib/$NAME/tenants
# create a secret file
SECRET_FILE=$CONFIG_DIR/secret
if [ ! -f $SECRET_FILE ]; then
echo -n "Generating Django secret..." >&2
cat /dev/urandom | tr -dc [:alnum:]-_\!\%\^:\; | head -c70 > $SECRET_FILE
chown root:$GROUP $SECRET_FILE
chmod 0440 $SECRET_FILE
echo "done" >&2
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0

47
postinst
View File

@ -1,47 +0,0 @@
#! /bin/sh
set -e
MANAGE="python /usr/lib/passerelle/manage.py --config=/usr/lib/passerelle/debian_config.py"
case "$1" in
configure)
# make sure the administrative user exists
if ! getent passwd passerelle >/dev/null; then
adduser --disabled-password --quiet --system \
--no-create-home --home /var/lib/passerelle \
--gecos "Passerelle software user" --group passerelle
fi
# ensure dirs ownership
chown passerelle:passerelle /var/log/passerelle
chown passerelle:passerelle /var/lib/passerelle
chown passerelle:passerelle /var/lib/passerelle/media
chown passerelle:passerelle /var/lib/passerelle/tenants
# create a secret file
SECRET_FILE=/etc/passerelle/secret
if [ ! -f $SECRET_FILE ]; then
echo -n "Generating Django secret..." >&2
cat /dev/urandom | tr -dc [:alnum:]-_\!\%\^:\; | head -c70 > $SECRET_FILE
chown root:passerelle $SECRET_FILE
chmod 0440 $SECRET_FILE
fi
# populate /var/lib/passerelle/collected-static
$MANAGE collectstatic --noinput --link
;;
reconfigure)
$MANAGE collectstatic --noinput --link
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0

1
python-passerelle.dirs Normal file
View File

@ -0,0 +1 @@
/usr/lib/passerelle

2
python-passerelle.docs Normal file
View File

@ -0,0 +1,2 @@
README
LICENSE

1
python-passerelle.install Normal file
View File

@ -0,0 +1 @@
usr/lib/python2*/*-packages

10
rules
View File

@ -1,20 +1,14 @@
#!/usr/bin/make -f
# -*- makefile -*-
# Sample debian/rules that uses debhelper.
# This file was originally written by Joey Hess and Craig Small.
# As a special exception, when this file is copied by dh-make into a
# dh-make output file, you may use that output file without restriction.
# This special exception was added by Craig Small in version 0.37 of dh-make.
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
BUILD_DIR := 'debian/passerelle'
PYTHON_PASSERELLE_DIR=$(CURDIR)/debian/python-passerelle
%:
dh $@ --with python2
override_dh_install:
dh_install
mv $(BUILD_DIR)/usr/bin/manage.py $(BUILD_DIR)/usr/lib/passerelle/manage.py
mv $(CURDIR)/debian/tmp/usr/bin/manage.py $(PYTHON_PASSERELLLE_DIR)/usr/lib/passerelle/manage.py

55
settings.py Normal file
View File

@ -0,0 +1,55 @@
# Configuration for passerelle.
# You can override Passerelle default settings here
# Passerelle is a Django application: for the full list of settings and their
# values, see https://docs.djangoproject.com/en/1.7/ref/settings/
# For more information on settings see
# https://docs.djangoproject.com/en/1.7/topics/settings/
# WARNING! Quick-start development settings unsuitable for production!
# See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/
# This file is sourced by "execfile" from /usr/lib/passerelle/debian_config.py
# SECURITY WARNING: don't run with debug turned on in production!
#DEBUG = False
#TEMPLATE_DEBUG = False
#ADMINS = (
# ('User 1', 'poulpe@example.org'),
# ('User 2', 'janitor@example.net'),
#)
# ALLOWED_HOSTS must be correct in production!
# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
ALLOWED_HOSTS = ['*']
# If a tenant doesn't exist, the tenant middleware raise a 404 error. If you
# prefer to redirect to a specific site, use:
# TENANT_NOT_FOUND_REDIRECT_URL = 'http://www.example.net/'
# Database
# Warning: don't change ENGINE, it must be 'tenant_schemas.postgresql_backend'
#DATABASES['default']['NAME'] = 'passerelle'
#DATABASES['default']['USER'] = 'passerelle'
#DATABASES['default']['PASSWORD'] = '******'
#DATABASES['default']['HOST'] = 'localhost'
#DATABASES['default']['PORT'] = '5432'
LANGUAGE_CODE = 'fr-fr'
TIME_ZONE = 'Europe/Paris'
# Email configuration
#EMAIL_SUBJECT_PREFIX = '[passerelle] '
#SERVER_EMAIL = 'root@passerelle.example.org'
#DEFAULT_FROM_EMAIL = 'webmaster@passerelle.example.org'
# SMTP configuration
#EMAIL_HOST = 'localhost'
#EMAIL_HOST_USER = ''
#EMAIL_HOST_PASSWORD = ''
#EMAIL_PORT = 25
# HTTPS
#CSRF_COOKIE_SECURE = True
#SESSION_COOKIE_SECURE = True