From be5d914b73a264960770419e1e10d00b5fceb47f Mon Sep 17 00:00:00 2001 From: Markus Krogh Date: Fri, 2 Jun 2017 14:32:39 +0200 Subject: Uwsgi and ready for deployment --- .gitignore | 3 +++ Dockerfile | 1 + README.md | 12 +++++++++--- nginx-test/pwman.dev.conf | 25 +++++++++++++++++++++++++ other_conf/uwsgi.conf | 18 ++++++++++++++++++ src/pwman/settings.py | 2 +- start.sh | 2 +- 7 files changed, 58 insertions(+), 5 deletions(-) create mode 100644 other_conf/uwsgi.conf diff --git a/.gitignore b/.gitignore index ce88364..4017474 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,6 @@ local_settings.py env/ venv/ ENV/ + +# data dir +data/ diff --git a/Dockerfile b/Dockerfile index 1473480..9bb25dc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,6 +16,7 @@ RUN apt-get update && \ apt-get clean ADD src /app +ADD other_conf/uwsgi.conf /app/ ADD start.sh / ENTRYPOINT [ "/start.sh" ] diff --git a/README.md b/README.md index 2714a2a..76d72f9 100644 --- a/README.md +++ b/README.md @@ -5,16 +5,22 @@ docker build --no-cache=true -t ndn-pwman . ``` +Make a `secret.txt` file and add a random 50 character secret in a data dir. + +``` +6dxjpk*+-ywfxxi#_wmpzon@-p6hwwh9z)7q0t)h7zy*tdz20x +``` + Migrate db if necessary. ``` -docker run --rm -ti ndn-pwman migrate +docker run --rm -ti -v $(pwd)/data:/opt/pwman ndn-pwman migrate ``` Then run a collect static: ``` -docker run --rm --ti ndn-pwman -v /opt/pwman-statics:/opt/statics collectstatic +docker run --rm --ti ndn-pwman -v $(pwd)/data:/opt/pwman collectstatic ``` You need a useradmin keytab file, and the admin password for our ldap. @@ -39,7 +45,7 @@ docker run --rm -ti ndn-pwman shell - LDAP_URL - LDAP_USER - LDAP_PASSWORD -- KERBEROS_SCRIPT +- KERBEROS_SCRIPT - DEBUG_MODE - SECRET_KEY_FILE - SECRET_KEY diff --git a/nginx-test/pwman.dev.conf b/nginx-test/pwman.dev.conf index 12af816..2804b61 100644 --- a/nginx-test/pwman.dev.conf +++ b/nginx-test/pwman.dev.conf @@ -27,3 +27,28 @@ server { proxy_set_header AFFILIATION 'employee@nordu.net'; } } + +server { + listen 80; + server_name uwsgi.pwman.dev; + + + location /sso/ { + include uwsgi_params; + uwsgi_pass pwman:8000; + } + + location /sso/accounts/login-federated/ { + include uwsgi_params; + uwsgi_pass pwman:8000; + uwsgi_param HTTP_X_REMOTE_USER 'markus@nordu.net'; + uwsgi_param HTTP_GIVENNAME 'Markus'; + uwsgi_param HTTP_SN 'Krogh'; + uwsgi_param HTTP_MAIL 'markus@nordu.net'; + uwsgi_param HTTP_AFFILIATION 'employee@nordu.net'; + } + + location /sso/static/ { + alias /opt/pwman/; + } +} diff --git a/other_conf/uwsgi.conf b/other_conf/uwsgi.conf new file mode 100644 index 0000000..ad48d13 --- /dev/null +++ b/other_conf/uwsgi.conf @@ -0,0 +1,18 @@ +[uwsgi] +# Django-related settings +plugins = python +protocol = uwsgi +# the base directory (full path) +chdir = /app/ +# Django's wsgi file +wsgi-file = /app/pwman/wsgi.py +# process-related settings +# master +master = true +# maximum number of worker processes +processes = 5 +#threads = 2 +max-requests = 5000 +# the socket (use the full path to be safe +socket = 0.0.0.0:8000 +#socket = /opt/pwman/pwman.sock diff --git a/src/pwman/settings.py b/src/pwman/settings.py index cf7bb69..8d63f92 100644 --- a/src/pwman/settings.py +++ b/src/pwman/settings.py @@ -11,7 +11,7 @@ DATA_DIR = environ.get('DATA_DIR', '/opt/pwman') # See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/ -ALLOWED_HOSTS = ['crowd.nordu.net', 'pwman.nordu.net', 'localhost'] +ALLOWED_HOSTS = ['crowd.nordu.net', 'pwman.nordu.net', 'localhost', 'uwsgi.pwman.dev'] INSTALLED_APPS = [ 'django.contrib.auth', diff --git a/start.sh b/start.sh index c271303..2b0047c 100755 --- a/start.sh +++ b/start.sh @@ -10,7 +10,7 @@ case "$*" in ;; server) # uwsgi start! - + uwsgi --ini /app/uwsgi.conf ;; shell) /bin/bash -- cgit v1.1