[damned-lies/oscp] Generate statics in httpd image
- From: Bartłomiej Piotrowski <bpiotrowski src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [damned-lies/oscp] Generate statics in httpd image
- Date: Tue, 24 Mar 2020 10:10:33 +0000 (UTC)
commit 76ba730808bd609c0f802fce70198f266bd9417e
Author: Bartłomiej Piotrowski <bpiotrowski gnome org>
Date: Tue Mar 24 10:44:56 2020 +0100
Generate statics in httpd image
httpd/Dockerfile | 42 +++++++++++++---
httpd/entrypoint.sh | 23 +++++++++
httpd/{app_data/httpd-cfg => }/l10n.gnome.org.conf | 0
httpd/local_settings.py | 57 ++++++++++++++++++++++
httpd/ssh_config | 5 ++
5 files changed, 121 insertions(+), 6 deletions(-)
---
diff --git a/httpd/Dockerfile b/httpd/Dockerfile
index 20fdf6f0..d6805263 100644
--- a/httpd/Dockerfile
+++ b/httpd/Dockerfile
@@ -1,9 +1,39 @@
-FROM centos/httpd-24-centos7
+FROM centos/s2i-base-centos7
-USER root
-COPY app_data /opt/app-root/src
-RUN chown -R 1000660000:1000660000 /opt/app-root/src
+RUN INSTALL_PKGS="rh-python36 rh-python36-python-devel rh-python36-python-setuptools rh-python36-python-pip
nss_wrapper rh-python36-mod_wsgi \
+ httpd24 httpd24-httpd-devel httpd24-mod_ssl httpd24-mod_auth_kerb httpd24-mod_ldap \
+ httpd24-mod_session atlas-devel gcc-gfortran libffi-devel libtool-ltdl enchant \
+ gettext gnome-doc-utils intltool itstool libicu-devel mariadb-devel subversion translate-toolkit
yelp-tools" && \
+ yum install -y centos-release-scl epel-release && \
+ yum -y --setopt=tsflags=nodocs install --enablerepo=centosplus $INSTALL_PKGS && \
+ rpm -V $INSTALL_PKGS && \
+ # Remove centos-logos (httpd dependency) to keep image size smaller.
+ rpm -e --nodeps centos-logos && \
+ yum -y clean all --enablerepo='*'
-EXPOSE 8080
+RUN sed -ri ' s!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g; s!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g;'
/opt/rh/httpd24/root/etc/httpd/conf/httpd.conf && \
+ sed -ri ' s!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g; s!^(\s*TransferLog)\s+\S+!\1 /proc/self/fd/1!g;
s!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g;' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
-ENTRYPOINT ["/usr/bin/run-httpd"]
+RUN sed -i 's/Listen\ 80/Listen\ 8080/' /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf && \
+ sed -i 's/Listen\ 443/Listen\ 8443/' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf && \
+ sed -i 's/_default_:443/_default_:8443/' /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
+
+RUN groupadd l10n -g 1000660000 && \
+ useradd l10n -g 1000660000 -u 1000660000 -G apache -r -l -m && \
+ chown l10n:l10n /etc/pki/tls/certs/localhost.crt /etc/pki/tls/private/localhost.key && \
+ chown l10n:l10n /opt/rh/httpd24/root/var/run/httpd && \
+ mkdir -p /l10n && \
+ git clone --depth 1 --branch master --single-branch
https://gitlab.gnome.org/Infrastructure/damned-lies.git /l10n/damnedlies
+ADD local_settings.py /l10n/damnedlies/damnedlies/local_settings.py
+ADD l10n.gnome.org.conf /opt/rh/httpd24/root/etc/httpd/conf.d/l10n.gnome.org.conf
+RUN chown -R l10n:l10n /l10n /var/log/httpd24
+
+USER l10n
+SHELL ["/usr/bin/scl", "enable", "rh-python36"]
+WORKDIR /l10n/damnedlies
+RUN virtualenv /l10n/venv && \
+ /l10n/venv/bin/pip install -r requirements.txt
+
+ADD entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["httpd", "-DFOREGROUND"]
diff --git a/httpd/entrypoint.sh b/httpd/entrypoint.sh
new file mode 100755
index 00000000..554592b3
--- /dev/null
+++ b/httpd/entrypoint.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+sed -i "s/\$DB_NAME/${DB_NAME}/" /l10n/damnedlies/damnedlies/local_settings.py
+sed -i "s/\$DB_USER/${DB_USER}/" /l10n/damnedlies/damnedlies/local_settings.py
+sed -i "s/\$DB_PASSWORD/${DB_PASSWORD}/" /l10n/damnedlies/damnedlies/local_settings.py
+sed -i "s/\$DB_HOST/${DB_HOST}/" /l10n/damnedlies/damnedlies/local_settings.py
+sed -i "s/\$SECRET_KEY/${SECRET_KEY}/" /l10n/damnedlies/damnedlies/local_settings.py
+sed -i "s/\$SENTRY_DSN/${SENTRY_DSN}/" /l10n/damnedlies/damnedlies/local_settings.py
+sed -i "s/\$GITLAB_TOKEN/${GITLAB_TOKEN}/" /l10n/damnedlies/damnedlies/local_settings.py
+
+echo 'Populating .ssh for the l10n user'
+mkdir -p /home/l10n/.ssh
+ln -s /home/l10n/.ssh_secret/ssh-privatekey /home/l10n/.ssh/ssh-privatekey
+ln -s /home/l10n/.ssh_secret/.gitconfig /home/l10n/.gitconfig
+wget https://gitlab.gnome.org/Infrastructure/damned-lies/raw/oscp/ssh_config -O /home/l10n/.ssh/config
+
+echo 'Generating static files'
+/l10n/venv/bin/python manage.py collectstatic
+
+echo 'Compiling translations'
+/l10n/venv/bin/python manage.py compile-trans
+
+scl enable rh-python36 httpd24 "$*"
diff --git a/httpd/app_data/httpd-cfg/l10n.gnome.org.conf b/httpd/l10n.gnome.org.conf
similarity index 100%
rename from httpd/app_data/httpd-cfg/l10n.gnome.org.conf
rename to httpd/l10n.gnome.org.conf
diff --git a/httpd/local_settings.py b/httpd/local_settings.py
new file mode 100644
index 00000000..2cc45101
--- /dev/null
+++ b/httpd/local_settings.py
@@ -0,0 +1,57 @@
+import os
+
+DEBUG = False
+STATIC_SERVE = False
+USE_DJANGO_OPENID = False
+
+ADMINS = (
+ ('Claude Paroz', 'claude 2xlibre net'),
+)
+
+MANAGERS = ADMINS
+
+DATABASES = {
+ 'default': {
+ 'ENGINE': 'django.db.backends.mysql',
+ 'NAME' : '$DB_NAME',
+ 'USER' : '$DB_USER',
+ 'PASSWORD': '$DB_PASSWORD',
+ 'HOST' : '$DB_HOST',
+ 'CONN_MAX_AGE': 300,
+ 'OPTIONS': {
+ 'charset': 'utf8mb4',
+ }
+ }
+}
+SECRET_KEY = '$SECRET_KEY'
+ALLOWED_HOSTS=['l10n.gnome.org', '8.43.85.13', '8.43.85.14']
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
+
+EMAIL_HOST = 'smtp-int.gnome.org'
+EMAIL_SUBJECT_PREFIX = '[DL]'
+DEFAULT_FROM_EMAIL = 'noreply gnome org'
+SERVER_EMAIL = 'gnomeweb gnome org'
+
+TIME_ZONE = 'UTC'
+
+MEDIA_ROOT = '/var/www/djamnedlies/data/media'
+# Local directory path for VCS checkout
+SCRATCHDIR = "/var/www/djamnedlies/data/scratchdir"
+POTDIR = os.path.join(SCRATCHDIR, "POT")
+LOCK_DIR = '/var/www/djamnedlies/data/locks'
+
+ADMIN_GROUP = "coordination_team"
+
+UPLOAD_ARCHIVED_DIR = 'upload-backup'
+FILE_UPLOAD_PERMISSIONS = 0o644
+
+#ITSTOOL_PATH = '/usr/local/www/gnomeweb/local/bin/'
+
+# Sentry configuration (needs pip install raven)
+RAVEN_CONFIG = {
+ "dsn": "$SENTRY_DSN"
+}
+
+GITLAB_TOKEN = "$GITLAB_TOKEN"
+VCS_HOME_REGEX = "gitlab\.gnome\.org"
diff --git a/httpd/ssh_config b/httpd/ssh_config
new file mode 100644
index 00000000..9cf39f8d
--- /dev/null
+++ b/httpd/ssh_config
@@ -0,0 +1,5 @@
+Host gitlab.gnome.org
+User git
+IdentityFile ~/.ssh/ssh-privatekey
+StrictHostKeyChecking no
+UserKnownHostsFile=/dev/null
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]