Add 'debian/' from commit '67daf5ecd78eda2f3c4da0eaa4da49d631e433d4'

git-subtree-dir: debian
git-subtree-mainline: 36fa31b53e
git-subtree-split: 67daf5ecd7
This commit is contained in:
Jérôme Schneider 2015-04-03 10:20:49 +02:00
commit 8319aa1103
12 changed files with 338 additions and 0 deletions

5
debian/changelog vendored Normal file
View File

@ -0,0 +1,5 @@
mandaye-cud (0.0.1-1) stable; urgency=medium
* Initial release
-- Jérôme Schneider <jschneider@entrouvert.com> Tue, 03 Jun 2014 19:00:37 +0200

1
debian/compat vendored Normal file
View File

@ -0,0 +1 @@
7

27
debian/config.ini vendored Normal file
View File

@ -0,0 +1,27 @@
[database]
; http://docs.sqlalchemy.org/en/rel_0_8/core/engines.html
url: postgresql://mandaye-cud@/mandaye-cud
[dirs]
config_root: /etc/mandaye-cud/sites-enabled
data_dir: /var/lib/mandaye-cud/data
static_root: /usr/share/mandaye-cud/static
[debug]
debug: false
use_long_trace: true
log_debug: false
; you need to install python-raven for this feature
sentry_dsn:
[template_vars]
idp_url: https://idp-cud.dev.entrouvert.org
[session]
; file, dbm, memory or memcached
; if memcached you need to install python-memcached and memcached
type: memcached
url: 127.0.0.1:11211
cookie_expires: true
timeout: 3600
data_dir: /var/lib/mandaye-cud/sessions

22
debian/control vendored Normal file
View File

@ -0,0 +1,22 @@
Source: mandaye-cud
Maintainer: Jerome Schneider <jschneider@entrouvert.com>
Section: python
Priority: optional
Build-Depends: python-setuptools (>= 0.6b3), python-all (>= 2.6.6-3), debhelper (>= 7.4.3)
Standards-Version: 3.9.1
X-Python-Version: current
Package: mandaye-cud
Architecture: all
Depends: ${misc:Depends}, ${python:Depends},
python-mandaye (>= 0.9),
python-beautifulsoup (>= 3.1),
python-crypto (>= 2.6),
python-lasso (>= 2.4.0),
python-memcache,
python-psycopg2,
memcached,
gunicorn (>= 0.17)
Recommends: postgresql, python-raven
Description: CUD Mandaye project, modular authentification reverse proxy

11
debian/dirs vendored Normal file
View File

@ -0,0 +1,11 @@
etc/mandaye-cud
etc/mandaye-cud/certs
etc/mandaye-cud/sites-available
etc/mandaye-cud/sites-enabled
var/lib/mandaye-cud
var/lib/mandaye-cud/data
var/lib/mandaye-cud/sessions
var/log/mandaye-cud
var/run/mandaye-cud
usr/lib/mandaye-cud
usr/share/mandaye-cud

168
debian/init.d vendored Executable file
View File

@ -0,0 +1,168 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: mandaye-cud
# Required-Start: $network $local_fs
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: authentication reverse proxy for CUD
# Description: authentication reverse proxy for CUD
### END INIT INFO
# Author: Jérôme Schneider <jschneider@entrouvert.com>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
NAME=mandaye-cud
DAEMON=/usr/bin/gunicorn
PID_DIR=/var/run/mandaye-cud
PIDFILE=/var/run/mandaye-cud/$NAME.pid
LOG_DIR=/var/log/mandaye-cud
SCRIPTNAME=/etc/init.d/$NAME
MANDAYE_CONFIG_FILES=/etc/$NAME/config.ini
USER=mandaye-cud
GROUP=mandaye-cud
DAEMON_ARGS="--pid $PIDFILE \
--user $USER --group $GROUP \
--daemon \
--access-logfile $LOG_DIR/gunicorn-access.log \
--log-file $LOG_DIR/gunicorn-error.log \
--bind=unix:$PID_DIR/$NAME.sock \
--workers=5 \
--worker-class=sync \
--timeout=60 \
mandaye_cud.wsgi:application"
# Exit if the package is not installed
[ -x $DAEMON ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Create pid directory
[ ! -d $PID_DIR ] && mkdir $PID_DIR && chown $USER:$GROUP $PID_DIR
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
# environment for wsgi & settings
export MANDAYE_CONFIG_FILES
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
return 0
}
case "$1" in
start)
log_daemon_msg "Starting $DESC " "$NAME"
do_start
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
status)
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac

2
debian/install vendored Normal file
View File

@ -0,0 +1,2 @@
debian/config.ini /etc/mandaye-cud/
debian/mandaye_cud_manager /usr/bin/

22
debian/mandaye_cud_manager vendored Normal file
View File

@ -0,0 +1,22 @@
#!/bin/sh
NAME=mandaye-cud
MANAGER="/usr/lib/$NAME/manager.py --config=/etc/$NAME/config.ini"
# check user
if test x$1 = x"--forceuser"
then
shift
elif test $(id -un) != "$NAME"
then
echo "error: must use $0 with user ${NAME}"
exit 1
fi
if test $# -eq 0
then
python ${MANAGER} --help
exit 1
fi
python ${MANAGER} "$@"

65
debian/postinst vendored Normal file
View File

@ -0,0 +1,65 @@
#!/bin/sh
#
# Postinst script for mandaye-cud
#
set -e
NAME=mandaye-cud
USER=$NAME
GROUP=$NAME
HOME=/var/lib/$NAME
case "$1" in
configure)
if ! getent group $GROUP > /dev/null 2>&1; then
echo -n "Adding group $GROUP.."
addgroup --quiet --system $GROUP
echo "..done"
fi
if ! getent passwd $USER > /dev/null 2>&1; then
echo -n "Adding user $USER.."
adduser --quiet --system --gecos "Mandaye CUD daemon" \
--ingroup $GROUP \
--no-create-home --home $HOME \
$USER
echo "..done"
fi
if [ ! -f /etc/mandaye-cud/certs/saml.crt -a ! -f /etc/mandaye-cud/certs/saml.key ]; then
echo -n "Generating key material..." >&2
openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out /etc/mandaye-cud/certs/saml.key >&2
openssl req -x509 -new -out /etc/mandaye-cud/certs/saml.crt -subj '/CN=whocares' -key /etc/mandaye-cud/certs/saml.key -days 3650 >&2
chown root:$GROUP /etc/mandaye-cud/certs/saml.crt /etc/mandaye-cud/certs/saml.key
chmod 640 /etc/mandaye-cud/certs/saml.crt /etc/mandaye-cud/certs/saml.key
echo "..done" >&2
fi
echo -n "Fixing permissions.."
chown $USER:$GROUP /var/lib/$NAME /var/run/$NAME /var/log/$NAME
chown $USER:$GROUP /var/lib/$NAME/data /var/lib/$NAME/sessions
echo "..done"
if [ -z "$2" ]; then
echo "Please create your database :"
echo "su $USER -p -c '/usr/bin/mandaye_cud_manager --createdb'"
fi
;;
reconfigure)
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

2
debian/pydist-overrides vendored Normal file
View File

@ -0,0 +1,2 @@
mandaye python-mandaye
pycrypto python-crypto

12
debian/rules vendored Executable file
View File

@ -0,0 +1,12 @@
#!/usr/bin/make -f
BUILD_DIR=$(CURDIR)/debian/mandaye-cud
%:
dh $@ --with python2
override_dh_install:
dh_install
mv $(BUILD_DIR)/usr/bin/server.py $(BUILD_DIR)/usr/lib/mandaye-cud/server.py
mv $(BUILD_DIR)/usr/bin/manager.py $(BUILD_DIR)/usr/lib/mandaye-cud/manager.py
cp -R mandaye_cud/static $(BUILD_DIR)/usr/share/mandaye-cud

1
debian/source/format vendored Normal file
View File

@ -0,0 +1 @@
3.0 (quilt)