From eda40b2b5f2f5fbea067e07c1d6b1b97c8673e94 Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Wed, 19 Nov 2014 15:21:14 +0100 Subject: [PATCH] Various enhancements * Upgrades to 1.2.2 * Use MySQL * Use supervisord * Support persistent storage * Automigration during start --- Dockerfile | 52 ++++++++++++++-------- apache.foreground.sh | 12 ++++++ local.cfg | 11 ----- local.dist.cfg | 17 ++++++++ rattic.conf | 20 ++++----- requirements-sqlite.txt | 2 - run.sh | 95 +++++++++++++++++++++++++++++++++++++++++ supervisord.apache.conf | 4 ++ supervisord.mysql.conf | 2 + 9 files changed, 174 insertions(+), 41 deletions(-) create mode 100755 apache.foreground.sh delete mode 100644 local.cfg create mode 100644 local.dist.cfg delete mode 100644 requirements-sqlite.txt create mode 100755 run.sh create mode 100644 supervisord.apache.conf create mode 100644 supervisord.mysql.conf diff --git a/Dockerfile b/Dockerfile index 95a2bc7..34a8b06 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,26 +1,42 @@ -FROM debian:wheezy +FROM ubuntu:precise -ADD https://github.com/tildaslash/RatticWeb/archive/v1.2.1.zip /opt/v1.2.1.zip +# Install dependencies +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y install unzip python python-pip \ + python-dev gcc libsqlite3-dev libcurl4-openssl-dev libldap2-dev \ + libsasl2-dev libxml2-dev libxslt-dev apache2 libapache2-mod-wsgi mysql-server \ + supervisor libmysqlclient-dev && \ + apt-get clean && \ + rm /var/lib/apt/lists/*_* -RUN apt-get update -RUN apt-get install -y unzip python python-pip \ -python-dev gcc libsqlite3-dev \ -libcurl4-openssl-dev libldap2-dev \ -libsasl2-dev libxml2-dev libxslt-dev apache2 libapache2-mod-wsgi +# Download rattic +ENV RATTIC_VERSION 1.2.2 +ADD https://github.com/tildaslash/RatticWeb/archive/v${RATTIC_VERSION}.tar.gz /opt/rattic.tar.gz -RUN cd /opt/ && unzip v1.2.1.zip && rm -f v1.2.1.zip +# Unpack rattic +RUN mkdir -p /opt/rattic && tar xvfz /opt/rattic.tar.gz -C /opt/rattic --strip-components=1 -ADD ./requirements-sqlite.txt /opt/RatticWeb-1.2.1/ -ADD ./local.cfg /opt/RatticWeb-1.2.1/conf/local.cfg -ADD ./rattic.conf /etc/apache2/conf.d/sites-enabled/rattic -ADD ./start-apache.sh /start-apache.sh +# Copy config +ADD ./local.dist.cfg /opt/rattic/conf/local.dist.cfg +RUN ln -s ../../../srv/rattic/conf/local.cfg /opt/rattic/conf/local.cfg +ADD ./rattic.conf /etc/apache2/sites-available/rattic +RUN ln -s ../../../srv/apache.conf /etc/apache2/sites-enabled/rattic +# Install dependencies +RUN cd /opt/rattic/ && pip install -r requirements-mysql.txt -RUN cd /opt/RatticWeb-1.2.1/ && pip install -r requirements-sqlite.txt -RUN cd /opt/RatticWeb-1.2.1/ && ./manage.py syncdb --noinput && ./manage.py migrate --all -RUN cd /opt/RatticWeb-1.2.1/ && mkdir static && ./manage.py collectstatic -c --noinput -RUN cd /opt/RatticWeb-1.2.1/ && ./manage.py demosetup -RUN chmod +x /start-apache.sh && chown www-data /opt/RatticWeb-1.2.1/ && chown www-data:www-data /opt/RatticWeb-1.2.1/rattic.db +# Copy run script +ADD ./run.sh /run.sh +RUN chmod 755 /run.sh +# Copy supervisor config +ADD ./apache.foreground.sh /etc/apache2/foreground.sh +ADD ./supervisord.apache.conf /etc/supervisor/conf.d/apache.conf +ADD ./supervisord.mysql.conf /etc/supervisor/conf.d/mysql.conf + +# Expose http port EXPOSE 80 -CMD ["/start-apache.sh"] +# Default command +CMD ["/run.sh"] + +VOLUME /srv diff --git a/apache.foreground.sh b/apache.foreground.sh new file mode 100755 index 0000000..f85b421 --- /dev/null +++ b/apache.foreground.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +read pid cmd state ppid pgrp session tty_nr tpgid rest < /proc/self/stat +trap "kill -TERM -$pgrp; exit" EXIT TERM KILL SIGKILL SIGTERM SIGQUIT + + +source /etc/apache2/envvars + +mkdir -p /var/run/apache2 +chown ${APACHE_RUN_USER}:${APACHE_RUN_GROUP} /var/run/apache2 + +apache2 -D FOREGROUND diff --git a/local.cfg b/local.cfg deleted file mode 100644 index d5050f3..0000000 --- a/local.cfg +++ /dev/null @@ -1,11 +0,0 @@ -[ratticweb] -debug = False -secretkey = hjkhl324kl9*(^^&$jjjad;hasdo9012nds.e[kpt-=-]) -hostname = localhost - -[filepaths] -static = /opt/RatticWeb-1.2.1/static - -[database] -engine = django.db.backends.sqlite3 -name = /opt/RatticWeb-1.2.1/rattic.db diff --git a/local.dist.cfg b/local.dist.cfg new file mode 100644 index 0000000..088d7eb --- /dev/null +++ b/local.dist.cfg @@ -0,0 +1,17 @@ +[ratticweb] +debug = False +secretkey = %SECRET_KEY% +hostname = localhost +timezone = Europe/Berlin +passwordexpirydays = 365 + +[filepaths] +static = /srv/rattic/static + +[database] +user = rattic +password = %MYSQL_PASSWORD% +host = localhost +port = 3306 +engine = django.db.backends.mysql +name = rattic diff --git a/rattic.conf b/rattic.conf index 26bfe31..76adcef 100644 --- a/rattic.conf +++ b/rattic.conf @@ -4,30 +4,30 @@ NameVirtualHost *:80 ServerName localhost -Alias /robots.txt /opt/RatticWeb-1.2.1/static/robots.txt -Alias /favicon.ico /opt/RatticWeb-1.2.1/static/favicon.ico +Alias /robots.txt /srv/rattic/static/robots.txt +Alias /favicon.ico /srv/rattic/static/favicon.ico -AliasMatch ^/([^/]*\.css) /opt/RatticWeb-1.2.1/static/styles/$1 +AliasMatch ^/([^/]*\.css) /srv/rattic/static/styles/$1 -Alias /media/ /opt/RatticWeb-1.2.1/media/ -Alias /static/ /opt/RatticWeb-1.2.1/static/ +Alias /media/ /opt/rattic/media/ +Alias /static/ /srv/rattic/static/ - + Order deny,allow Allow from all - + Order deny,allow Allow from all -WSGIScriptAlias / /opt/RatticWeb-1.2.1/ratticweb/wsgi.py +WSGIScriptAlias / /opt/rattic/ratticweb/wsgi.py WSGIPassAuthorization On -WSGIDaemonProcess rattic processes=2 threads=25 home=/opt/RatticWeb-1.2.1/ python-path=/opt/RatticWeb-1.2.1:/opt/RatticWeb-1.2.1.venv/lib/python2.6/site-packages display-name=%{GROUP} +WSGIDaemonProcess rattic processes=2 threads=25 home=/opt/rattic/ python-path=/opt/rattic:/opt/rattic.venv/lib/python2.6/site-packages display-name=%{GROUP} WSGIProcessGroup rattic - + Order deny,allow Allow from all diff --git a/requirements-sqlite.txt b/requirements-sqlite.txt deleted file mode 100644 index 7dae0e9..0000000 --- a/requirements-sqlite.txt +++ /dev/null @@ -1,2 +0,0 @@ --r requirements-base.txt -pysqlite diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..6343620 --- /dev/null +++ b/run.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +DATA_PATH=/srv +MYSQL_PATH=${DATA_PATH}/mysql/data +MYSQL_CONFIG=${DATA_PATH}/mysql/.my.cnf +MYSQL_INIT=${DATA_PATH}/mysql/.rattinc_init_db +LOGS_PATH=${DATA_PATH}/logs +RATTIC_PATH=${DATA_PATH}/rattic +RATTIC_STATIC_PATH=${RATTIC_PATH}/static +RATTIC_CONFIG_PATH=${RATTIC_PATH}/conf/local.cfg + +if [ ! -d ${DATA_PATH} ]; then + mkdir -p ${DATA_PATH} + chmod 755 ${DATA_PATH} +fi + +if [ ! -d ${MYSQL_PATH} ]; then + mkdir -p ${MYSQL_PATH} + mysql_install_db --basedir=/usr --datadir=${MYSQL_PATH} --plugin-dir=/usr/lib/mysql/plugin > /dev/null + chown -R mysql:mysql $(dirname ${MYSQL_PATH}) + chmod 700 $(dirname ${MYSQL_PATH}) +fi + +if [ ! -d ${LOGS_PATH} ]; then + mkdir -p ${LOGS_PATH} + chmod 755 ${LOGS_PATH} +fi + +if [ ! -f /srv/apache.conf ]; then + cp /etc/apache2/sites-available/rattic /srv/apache.conf +fi + +# Starting supervisord +supervisord -n -c /etc/supervisor/supervisord.conf & + +# Ensure Rattic dir exists +if [ ! -d ${RATTIC_PATH} ]; then + mkdir -p ${RATTIC_PATH} +fi + +if [ ! -d ${RATTIC_STATIC_PATH} ]; then + mkdir -p ${RATTIC_STATIC_PATH} +fi + +# Ensure Rattic config +if [ ! -f ${RATTIC_CONFIG_PATH} ]; then + mkdir -p $(dirname ${RATTIC_CONFIG_PATH}) + cp /opt/rattic/conf/local.dist.cfg ${RATTIC_CONFIG_PATH} + sed -i "s/%SECRET_KEY%/$(openssl rand -base64 48 | cut -c1-32 | tr '/' '-')/g" ${RATTIC_CONFIG_PATH} +fi + +# Ensure rights +chown www-data:www-data $(dirname ${RATTIC_CONFIG_PATH}) +chmod 755 $(dirname ${RATTIC_CONFIG_PATH}) +chown www-data:www-data ${RATTIC_STATIC_PATH} +chmod 755 ${RATTIC_STATIC_PATH} +chown www-data:www-data ${RATTIC_CONFIG_PATH} +chmod 600 ${RATTIC_CONFIG_PATH} + +# Wait for mysql +echo -n "Wait for mysql to be ready:" +while true; do + if mysqladmin ping 2>/dev/null > /dev/null; then + echo "" + break + fi + echo -n "." + sleep 1 +done + +# Generate root password for mysql +if [ ! -f ${MYSQL_CONFIG} ]; then + ROOT_PW=$(openssl rand -base64 48 | cut -c1-32 | tr '/' '-') + echo -e "[client]\nuser=root\npassword=${ROOT_PW}\n" > ${MYSQL_CONFIG} + mysqladmin password "${ROOT_PW}" +fi + +# Create database for ratticdb +if [ ! -f ${MYSQL_INIT} ]; then + RATTIC_PW=$(openssl rand -base64 48 | cut -c1-32 | tr '/' '-') + sed -i "s/%MYSQL_PASSWORD%/${RATTIC_PW}/g" ${RATTIC_CONFIG_PATH} + mysql --defaults-file=${MYSQL_CONFIG} -e "create database rattic; grant all on rattic.* to rattic@localhost identified by '"${RATTIC_PW}"';" + touch ${MYSQL_INIT} +fi + +# Ensure rights +chown root:root ${MYSQL_CONFIG} +chmod 600 ${MYSQL_CONFIG} + +# Migrate database config +su -c "cd /opt/rattic/ && ./manage.py syncdb --noinput && ./manage.py migrate --all" www-data +su -c "cd /opt/rattic/ && ./manage.py collectstatic -c --noinput" www-data + +# Wait for supervisord +wait diff --git a/supervisord.apache.conf b/supervisord.apache.conf new file mode 100644 index 0000000..ab95c41 --- /dev/null +++ b/supervisord.apache.conf @@ -0,0 +1,4 @@ +[program:httpd] +command=/etc/apache2/foreground.sh +stopsignal=6 + diff --git a/supervisord.mysql.conf b/supervisord.mysql.conf new file mode 100644 index 0000000..9fc13f4 --- /dev/null +++ b/supervisord.mysql.conf @@ -0,0 +1,2 @@ +[program:mysql] +command=/usr/bin/pidproxy /var/run/mysqld/mysqld.pid /usr/bin/mysqld_safe --basedir=/usr --datadir=/srv/mysql/data --plugin-dir=/usr/lib/mysql/plugin --user=mysql --open-files-limit=32768 --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/run/mysqld/mysqld.sock --port=3306