diff options
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | Dockerfile | 1 | ||||
| -rw-r--r-- | README.md | 12 | ||||
| -rw-r--r-- | nginx-test/pwman.dev.conf | 25 | ||||
| -rw-r--r-- | other_conf/uwsgi.conf | 18 | ||||
| -rw-r--r-- | src/pwman/settings.py | 2 | ||||
| -rwxr-xr-x | start.sh | 2 |
7 files changed, 58 insertions, 5 deletions
@@ -13,3 +13,6 @@ local_settings.py env/ venv/ ENV/ + +# data dir +data/ @@ -16,6 +16,7 @@ RUN apt-get update && \ apt-get clean ADD src /app +ADD other_conf/uwsgi.conf /app/ ADD start.sh / ENTRYPOINT [ "/start.sh" ] @@ -5,16 +5,22 @@ docker build --no-cache=true -t ndn-pwman . ``` +Make a `secret.txt` file and add a random 50 character secret in a data dir. + +``` +6dxjpk*+-ywfxxi#_wmpzon@-p6hwwh9z)7q0t)h7zy*tdz20x +``` + Migrate db if necessary. ``` -docker run --rm -ti ndn-pwman migrate +docker run --rm -ti -v $(pwd)/data:/opt/pwman ndn-pwman migrate ``` Then run a collect static: ``` -docker run --rm --ti ndn-pwman -v /opt/pwman-statics:/opt/statics collectstatic +docker run --rm --ti ndn-pwman -v $(pwd)/data:/opt/pwman collectstatic ``` You need a useradmin keytab file, and the admin password for our ldap. @@ -39,7 +45,7 @@ docker run --rm -ti ndn-pwman shell - LDAP_URL - LDAP_USER - LDAP_PASSWORD -- KERBEROS_SCRIPT +- KERBEROS_SCRIPT - DEBUG_MODE - SECRET_KEY_FILE - SECRET_KEY diff --git a/nginx-test/pwman.dev.conf b/nginx-test/pwman.dev.conf index 12af816..2804b61 100644 --- a/nginx-test/pwman.dev.conf +++ b/nginx-test/pwman.dev.conf @@ -27,3 +27,28 @@ server { proxy_set_header AFFILIATION 'employee@nordu.net'; } } + +server { + listen 80; + server_name uwsgi.pwman.dev; + + + location /sso/ { + include uwsgi_params; + uwsgi_pass pwman:8000; + } + + location /sso/accounts/login-federated/ { + include uwsgi_params; + uwsgi_pass pwman:8000; + uwsgi_param HTTP_X_REMOTE_USER 'markus@nordu.net'; + uwsgi_param HTTP_GIVENNAME 'Markus'; + uwsgi_param HTTP_SN 'Krogh'; + uwsgi_param HTTP_MAIL 'markus@nordu.net'; + uwsgi_param HTTP_AFFILIATION 'employee@nordu.net'; + } + + location /sso/static/ { + alias /opt/pwman/; + } +} diff --git a/other_conf/uwsgi.conf b/other_conf/uwsgi.conf new file mode 100644 index 0000000..ad48d13 --- /dev/null +++ b/other_conf/uwsgi.conf @@ -0,0 +1,18 @@ +[uwsgi] +# Django-related settings +plugins = python +protocol = uwsgi +# the base directory (full path) +chdir = /app/ +# Django's wsgi file +wsgi-file = /app/pwman/wsgi.py +# process-related settings +# master +master = true +# maximum number of worker processes +processes = 5 +#threads = 2 +max-requests = 5000 +# the socket (use the full path to be safe +socket = 0.0.0.0:8000 +#socket = /opt/pwman/pwman.sock diff --git a/src/pwman/settings.py b/src/pwman/settings.py index cf7bb69..8d63f92 100644 --- a/src/pwman/settings.py +++ b/src/pwman/settings.py @@ -11,7 +11,7 @@ DATA_DIR = environ.get('DATA_DIR', '/opt/pwman') # See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/ -ALLOWED_HOSTS = ['crowd.nordu.net', 'pwman.nordu.net', 'localhost'] +ALLOWED_HOSTS = ['crowd.nordu.net', 'pwman.nordu.net', 'localhost', 'uwsgi.pwman.dev'] INSTALLED_APPS = [ 'django.contrib.auth', @@ -10,7 +10,7 @@ case "$*" in ;; server) # uwsgi start! - + uwsgi --ini /app/uwsgi.conf ;; shell) /bin/bash |