From d9bea9eb37df44f9429ab8e42f666be1c03fff1b Mon Sep 17 00:00:00 2001 From: Hugo Levy-Falk Date: Tue, 31 Mar 2020 18:56:00 +0200 Subject: [PATCH] Initial commit --- Dockerfile | 51 +++++++++++++++++++++ README.md | 24 ++++++++++ docker-compose.yml | 24 ++++++++++ settings_local.py | 108 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 207 insertions(+) create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 docker-compose.yml create mode 100644 settings_local.py diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..79a701d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,51 @@ +FROM debian:buster as re2o_base +COPY ./apt_requirements.txt /var/www/re2o/apt_requirements.txt +COPY ./pip_requirements.txt /var/www/re2o/pip_requirements.txt +COPY ./install_utils/db.ldiff /var/www/re2o/install_utils/db.ldiff +COPY ./install_utils/schema.ldiff /var/www/re2o/install_utils/schema.ldiff +WORKDIR /var/www/re2o + +# Install dependancies +RUN apt-get update && apt-get upgrade -y +RUN cat apt_requirements.txt | xargs apt-get -y install +RUN pip3 install -r pip_requirements.txt + +# Install DB requirements +RUN apt-get install -y postgresql-client python3-psycopg2 + +# Install local LDAP +FROM re2o_base as re2o_ldap +ARG LDAP_PASSWORD=plopiplop +ARG LDAP_DN="dc=example,dc=net" + +ENV LDAP_ROOTPASS plopiplop +ENV LDAP_ORGANISATION Re2o +ENV LDAP_DOMAIN example.net + +RUN LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y slapd +RUN hashed_ldap_passwd="$(slappasswd -s $LDAP_PASSWORD)" && sed 's|dc=example,dc=net|'"$LDAP_DN"'|g' /var/www/re2o/install_utils/db.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/db +RUN hashed_ldap_passwd="$(slappasswd -s $LDAP_PASSWORD)" && sed 's|dc=example,dc=net|'"$LDAP_DN"'|g' /var/www/re2o/install_utils/schema.ldiff | sed 's|FILL_IT|'"$hashed_ldap_passwd"'|g' > /tmp/schema +RUN service slapd stop +RUN rm -rf /etc/ldap/slapd.d/* +RUN rm -rf /var/lib/ldap/* +RUN slapadd -n 0 -l /tmp/schema -F /etc/ldap/slapd.d/ +RUN slapadd -n 1 -l /tmp/db +RUN chown -R openldap:openldap /etc/ldap/slapd.d +RUN chown -R openldap:openldap /var/lib/ldap +RUN service slapd start + +# Install apache +FROM re2o_ldap as re2o_apache +RUN apt-get -y install apache2 libapache2-mod-wsgi-py3 +RUN a2enmod ssl +RUN a2enmod wsgi +RUN a2enconf javascript-common +COPY ./install_utils/apache2/re2o.conf /etc/apache2/sites-available/re2o.conf +RUN rm /etc/apache2/sites-enabled/000-default.conf +RUN sed -i 's|URL_SERVER|'"re2o.example.net"'|g' /etc/apache2/sites-available/re2o.conf +RUN sed -i 's|PATH|'"$(pwd)"'|g' /etc/apache2/sites-available/re2o.conf +RUN a2ensite re2o + +# HERE WE GO +FROM re2o_apache as re2o +CMD service apache2 stop && python3 manage.py migrate && python3 manage.py collectstatic --noinput && python3 manage.py compilemessages && service apache2 start && sleep infinity diff --git a/README.md b/README.md new file mode 100644 index 0000000..57a645b --- /dev/null +++ b/README.md @@ -0,0 +1,24 @@ +# Re2o Docker for devs + +This is simply a docker environment to dev re2o locally. + +To use it : + +* clone Re2o; +* copy `Dockerfile` and `docker-compose.yml` into the cloned directory; +* copy `settings_local.py` into the `re2o` folder in the cloned directory; +* run `docker-compose up` + +The apache server and migrations are updated every time you relauch the `docker-compose` command. To enter a shell in the execution environment, you can use + +``` +docker ps +``` + +to find the id of the re2o environment, then + +``` +docker exec -it bash +``` + +KEEP IN MIND THAT THIS IS A DEV ENVIRONMENT NOT MEANT FOR PRODUCTION USE. diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..4724522 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,24 @@ +version: '3' + +volumes: + database_data: + driver: local + +services: + re2o: + build: . + ports: + - "8080:80" + volumes: + - .:/var/www/re2o + db: + image: postgres:latest + expose: + - 3306 + volumes: + - database_data:/var/lib/postgresql/data + environment: + POSTGRES_PASSWORD: plopiplop + POSTGRES_DB: re2o + POSTGRES_USER: re2o + MYSQL_PASSWORD: plopiplop diff --git a/settings_local.py b/settings_local.py new file mode 100644 index 0000000..a747abb --- /dev/null +++ b/settings_local.py @@ -0,0 +1,108 @@ +# coding: utf-8 +# Re2o est un logiciel d'administration développé initiallement au rezometz. Il +# se veut agnostique au réseau considéré, de manière à être installable en +# quelques clics. +# +# Copyright © 2017 Gabriel Détraz +# Copyright © 2017 Lara Kermarec +# Copyright © 2017 Augustin Lemesle +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +"""re2o.settings_locale +The file with all the available options for a locale configuration of re2o +""" + +from __future__ import unicode_literals + +# A secret key used by the server. +SECRET_KEY = "=0u1d+gi6r06+r4gmrtdg6dhsi0mc7v39a37di4m5cfqt2aro2" + +# The password to access the project database +DB_PASSWORD = "plopiplop" + +# AES key for secret key encryption. +# The length must be a multiple of 16 +AES_KEY = "gnbe3elnujzlspzkavgdmqho16zizvek" + +# Should the server run in debug mode ? +# SECURITY WARNING: don't run with debug turned on in production! +DEBUG = True + +# A list of admins of the services. Receive mails when an error occurs +ADMINS = [("Example", "admin@example.net")] + +# The list of hostname the server will respond to. +ALLOWED_HOSTS = ["*"] + +# The time zone the server is runned in +TIME_ZONE = "Europe/Paris" + +# The storage systems parameters to use +DATABASES = { + "default": { # The DB + "ENGINE": "django.db.backends.postgresql", + "NAME": "re2o", + "USER": "re2o", + "PASSWORD": DB_PASSWORD, + "HOST": "db", + "TEST": {"CHARSET": "utf8", "COLLATION": "utf8_general_ci"}, + }, + "ldap": { # The LDAP + "ENGINE": "ldapdb.backends.ldap", + "NAME": "ldap://localhost/", + "USER": "cn=admin,dc=example,dc=net", + "PASSWORD": "plopiplop", + }, +} + +# Security settings for secure https +# Activate once https is correctly configured +SECURE_CONTENT_TYPE_NOSNIFF = False +SECURE_BROWSER_XSS_FILTER = False +SESSION_COOKIE_SECURE = False +CSRF_COOKIE_SECURE = False +CSRF_COOKIE_HTTPONLY = False +X_FRAME_OPTIONS = "DENY" +SESSION_COOKIE_AGE = 60 * 60 * 3 + +# The path where your organization logo is stored +LOGO_PATH = "static_files/logo.png" + +# The mail configuration for Re2o to send mails +SERVER_EMAIL = "no-reply@example.net" # The mail address to use +EMAIL_HOST = "example.net" # The host to use +# EMAIL_PORT = MY_EMAIL_PORT # The port to use +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' + +# Settings of the LDAP structure +LDAP = { + "base_user_dn": "cn=Utilisateurs,dc=example,dc=net", + "base_userservice_dn": "ou=service-users,dc=example,dc=net", + "base_usergroup_dn": "ou=posix,ou=groups,dc=example,dc=net", + "base_userservicegroup_dn": "ou=services,ou=groups,dc=example,dc=net", + "user_gid": 500, +} + +# A range of UID to use. Used in linux environement +UID_RANGES = {"users": [21001, 30000], "service-users": [20000, 21000]} + +# A range of GID to use. Used in linux environement +GID_RANGES = {"posix": [501, 600]} + +# Some optionnal Re2o Apps +OPTIONNAL_APPS_RE2O = () + +# Some Django apps you want to add in you local project +OPTIONNAL_APPS = OPTIONNAL_APPS_RE2O + ()