Update the vagrant config → should work now

This commit is contained in:
Martin Pépin 2020-12-04 16:09:59 +01:00
parent 5d22a4cac4
commit df222f18a3
No known key found for this signature in database
GPG key ID: E7520278B1774448
7 changed files with 160 additions and 112 deletions

42
Vagrantfile vendored
View file

@ -1,47 +1,19 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
# Configuration de base pour GestioCOF.
# Voir https://docs.vagrantup.com pour plus d'informations.
Vagrant.configure(2) do |config|
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
config.vm.box = "ubuntu/xenial64"
# On se base sur Debian 10 (Buster) pour avoir le même environnement qu'en
# production.
config.vm.box = "debian/contrib-buster64"
# On associe le port 80 dans la machine virtuelle avec le port 8080 de notre
# ordinateur, et le port 8000 avec le port 8000.
config.vm.network :forwarded_port, guest: 80, host: 8080
config.vm.network :forwarded_port, guest: 8000, host: 8000
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
# config.vm.provider "virtualbox" do |vb|
# # Display the VirtualBox GUI when booting the machine
# vb.gui = true
#
# # Customize the amount of memory on the VM:
# vb.memory = "1024"
# end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
# documentation for more information about their specific syntax and use.
# config.vm.provision "shell", inline: <<-SHELL
# sudo apt-get update
# sudo apt-get install -y apache2
# SHELL
# Le restes de la configuration (installation de paquets, etc) est géré un
# script shell.
config.vm.provision :shell, path: "provisioning/bootstrap.sh"
end

58
cof/settings/dev.py Normal file
View file

@ -0,0 +1,58 @@
"""Django local development settings."""
import os
from . import bds_prod
from .cof_prod import * # NOQA
from .cof_prod import INSTALLED_APPS, MIDDLEWARE, TESTING
# ---
# Merge COF and BDS configs
# ---
for app in bds_prod.INSTALLED_APPS:
if app not in INSTALLED_APPS:
INSTALLED_APPS.append(app)
# ---
# Tweaks for debug/local development
# ---
ALLOWED_HOSTS = []
DEBUG = True
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
if TESTING:
PASSWORD_HASHERS = ["django.contrib.auth.hashers.MD5PasswordHasher"]
STATIC_URL = "/static/"
STATIC_ROOT = "/srv/gestiocof/static"
MEDIA_URL = "/media/"
MEDIA_ROOT = "/srv/gestiocof/media"
# ---
# Debug tool bar
# ---
def show_toolbar(request):
"""
On active la debug-toolbar en mode développement local sauf :
- dans l'admin où ça ne sert pas à grand chose;
- si la variable d'environnement DJANGO_NO_DDT est à 1 → ça permet de la désactiver
sans modifier ce fichier en exécutant `export DJANGO_NO_DDT=1` dans le terminal
qui lance `./manage.py runserver`.
Autre side effect de cette fonction : on ne fait pas la vérification de INTERNAL_IPS
que ferait la debug-toolbar par défaut, ce qui la fait fonctionner aussi à
l'intérieur de Vagrant (comportement non testé depuis un moment…)
"""
env_no_ddt = bool(os.environ.get("DJANGO_NO_DDT", None))
return DEBUG and not env_no_ddt and not request.path.startswith("/admin/")
if not TESTING:
INSTALLED_APPS += ["debug_toolbar"]
MIDDLEWARE = ["debug_toolbar.middleware.DebugToolbarMiddleware"] + MIDDLEWARE
DEBUG_TOOLBAR_CONFIG = {"SHOW_TOOLBAR_CALLBACK": show_toolbar}

View file

@ -1,36 +1,60 @@
#!/bin/sh
# Stop if an error is encountered
set -e
# Arête le script quand :
# - une erreur survient
# - on essaie d'utiliser une variable non définie
# - on essaie d'écraser un fichier avec une redirection (>).
set -euC
# Configuration de la base de données. Le mot de passe est constant car c'est
# Configuration de la base de données, redis, Django, etc.
# Tous les mots de passe sont constant et en clair dans le fichier car c'est
# pour une installation de dév locale qui ne sera accessible que depuis la
# machine virtuelle.
DBUSER="cof_gestion"
DBNAME="cof_gestion"
DBPASSWD="4KZt3nGPLVeWSvtBZPSM3fSzXpzEU4"
readonly DBUSER="cof_gestion"
readonly DBNAME="cof_gestion"
readonly DBPASSWD="4KZt3nGPLVeWSvtBZPSM3fSzXpzEU4"
readonly REDIS_PASSWD="dummy"
readonly DJANGO_SETTINGS_MODULE="cof.settings.dev"
# Installation de paquets utiles
apt-get update && apt-get upgrade -y
apt-get update
# https://github.com/chef/bento/issues/661
export DEBIAN_FRONTEND=noninteractive
apt-get -y upgrade
# -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" \
# upgrade
apt-get install -y python3-pip python3-dev python3-venv libpq-dev postgresql \
postgresql-contrib libjpeg-dev nginx git redis-server
postgresql-contrib libjpeg-dev nginx git redis-server \
libldap2-dev libsasl2-dev slapd ldap-utils
# Postgresql
sudo -u postgres createdb $DBNAME
sudo -u postgres createuser -SdR $DBUSER
pg_user_exists () {
sudo -u postgres psql postgres -tAc \
"SELECT 1 FROM pg_roles WHERE rolname='$1'" \
| grep -q '^1$'
}
pg_db_exists () {
sudo -u postgres psql postgres -tAc \
"SELECT 1 FROM pg_database WHERE datname='$1'" \
| grep -q '^1$'
}
pg_db_exists "$DBNAME" || sudo -u postgres createdb "$DBNAME"
pg_user_exists "$DBUSER" || sudo -u postgres createuser -SdR "$DBUSER"
sudo -u postgres psql -c "ALTER USER $DBUSER WITH PASSWORD '$DBPASSWD';"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DBNAME TO $DBUSER;"
# Redis
REDIS_PASSWD="dummy"
redis-cli CONFIG SET requirepass $REDIS_PASSWD
redis-cli -a $REDIS_PASSWD CONFIG REWRITE
redis-cli CONFIG SET requirepass "$REDIS_PASSWD"
redis-cli -a "$REDIS_PASSWD" CONFIG REWRITE
# Contenu statique
mkdir -p /srv/gestiocof/media
mkdir -p /srv/gestiocof/static
chown -R ubuntu:www-data /srv/gestiocof
chown -R vagrant:www-data /srv/gestiocof
# Nginx
ln -s -f /vagrant/provisioning/nginx.conf /etc/nginx/sites-enabled/gestiocof.conf
@ -38,36 +62,44 @@ rm -f /etc/nginx/sites-enabled/default
systemctl reload nginx
# Environnement virtuel python
sudo -H -u ubuntu python3 -m venv ~ubuntu/venv
sudo -H -u ubuntu ~ubuntu/venv/bin/pip install -U pip
sudo -H -u ubuntu ~ubuntu/venv/bin/pip install -r /vagrant/requirements-devel.txt
sudo -H -u vagrant python3 -m venv ~vagrant/venv
sudo -H -u vagrant ~vagrant/venv/bin/pip install -U pip
sudo -H -u vagrant ~vagrant/venv/bin/pip install \
-r /vagrant/requirements-prod.txt \
-r /vagrant/requirements-devel.txt \
# Préparation de Django
cd /vagrant
ln -s -f secret_example.py cof/settings/secret.py
sudo -H -u ubuntu \
DJANGO_SETTINGS_MODULE='cof.settings.dev' \
bash -c ". ~/venv/bin/activate && bash provisioning/prepare_django.sh"
/home/ubuntu/venv/bin/python manage.py collectstatic --noinput --settings cof.settings.dev
sudo -H -u vagrant \
DJANGO_SETTINGS_MODULE="$DJANGO_SETTINGS_MODULE"\
/bin/sh -c ". ~vagrant/venv/bin/activate && /bin/sh provisioning/prepare_django.sh"
~vagrant/venv/bin/python manage.py collectstatic \
--noinput \
--settings "$DJANGO_SETTINGS_MODULE"
# Installation du cron pour les mails de rappels
sudo -H -u ubuntu crontab provisioning/cron.dev
# TODO: FIXME
# sudo -H -u vagrant crontab provisioning/cron.dev
# Daphne + runworker
cp /vagrant/provisioning/daphne.service /etc/systemd/system/daphne.service
cp /vagrant/provisioning/worker.service /etc/systemd/system/worker.service
systemctl enable daphne.service
systemctl enable worker.service
systemctl start daphne.service
systemctl start worker.service
# TODO: explain
ln -sf /vagrant/provisioning/daphne.service /etc/systemd/system/daphne.service
ln -sf /vagrant/provisioning/worker.service /etc/systemd/system/worker.service
systemctl enable --now daphne.service
systemctl enable --now worker.service
# Mise en place du .bash_profile pour tout configurer lors du `vagrant ssh`
cat >> ~ubuntu/.bashrc <<EOF
# Configure le bash de l'utilisateur 'vagrant' pour utiliser le bon fichier de
# settings et et bon virtualenv.
# On utilise .bash_aliases au lieu de .bashrc pour ne pas écraser la
# configuration par défaut.
rm -f ~vagrant/.bash_aliases
cat > ~vagrant/.bash_aliases <<EOF
# On utilise la version de développement de GestioCOF
export DJANGO_SETTINGS_MODULE='cof.settings.dev'
export DJANGO_SETTINGS_MODULE='$DJANGO_SETTINGS_MODULE'
# Charge le virtualenv
source ~/venv/bin/activate
. ~/venv/bin/activate
# On va dans /vagrant où se trouve le code de gestioCOF
cd /vagrant

View file

@ -4,13 +4,14 @@ After=network.target
[Service]
Type=simple
User=ubuntu
Group=ubuntu
User=vagrant
Group=vagrant
TimeoutSec=300
WorkingDirectory=/vagrant
Environment="DJANGO_SETTINGS_MODULE=cof.settings.dev"
ExecStart=/home/ubuntu/venv/bin/daphne -u /srv/gestiocof/gestiocof.sock \
cof.asgi:channel_layer
ExecStart=/home/vagrant/venv/bin/daphne \
-u /srv/gestiocof/gestiocof.sock \
cof.asgi:channel_layer
[Install]
WantedBy=multi-user.target

View file

@ -5,31 +5,21 @@ upstream gestiocof {
server {
listen 80;
listen [::]:80;
server_name localhost;
server_name _;
root /srv/gestiocof/;
# / /gestion/
# /gestion /gestion/
rewrite ^/$ /gestion/;
rewrite ^/gestion$ /gestion/;
# Redirection:
rewrite ^/$ http://localhost:8080/gestion/ redirect;
rewrite ^/gestion$ http://localhost:8080/gestion/ redirect;
# Static files
location /static/ {
access_log off;
add_header Cache-Control "public";
expires 7d;
}
# Les pages statiques sont servies à part.
location /gestion/static { try_files $uri $uri/ =404; }
location /gestion/media { try_files $uri $uri/ =404; }
# Uploaded media
location /media/ {
access_log off;
add_header Cache-Control "public";
expires 7d;
}
location /gestion/ {
# A copy-paste of what we have in production
# On proxy-pass les requêtes vers les pages dynamiques à daphne
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@ -37,20 +27,16 @@ server {
proxy_set_header X-SSL-Client-Serial $ssl_client_serial;
proxy_set_header X-SSL-Client-Verify $ssl_client_verify;
proxy_set_header X-SSL-Client-S-DN $ssl_client_s_dn;
proxy_set_header Daphne-Root-Path /gestion;
proxy_pass http://gestiocof;
}
location /gestion/ws/ {
# See http://nginx.org/en/docs/http/websocket.html
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://gestiocof/ws/;
}
location /gestion/ {
proxy_pass http://gestiocof;
}
# Pour les websockets :
# See http://nginx.org/en/docs/http/websocket.html.
location /ws/ {
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://gestiocof/ws/;
}
}

View file

@ -1,9 +1,8 @@
#!/bin/bash
#!/bin/sh
# Stop if an error is encountered.
set -e
set -euC
python manage.py migrate
python manage.py migrate --noinput
python manage.py sync_page_translation_fields
python manage.py update_translation_fields
python manage.py loaddata gestion sites articles

View file

@ -5,12 +5,12 @@ After=network.target
[Service]
Type=simple
User=ubuntu
Group=ubuntu
User=vagrant
Group=vagrant
TimeoutSec=300
WorkingDirectory=/vagrant
Environment="DJANGO_SETTINGS_MODULE=cof.settings.dev"
ExecStart=/home/ubuntu/venv/bin/python manage.py runworker
ExecStart=/home/vagrant/venv/bin/python manage.py runworker
[Install]
WantedBy=multi-user.target