Change application users UID/GID to 8080
This commit is contained in:
parent
4e9c63d8aa
commit
0f5c1d6433
@ -24,7 +24,7 @@
|
||||
| Service | Container | UID/GID | Internal Port |
|
||||
|-----------------|-----------------|---------|------------------|
|
||||
| ActiveMQ | activemq | 61616 | 61616 (ActiveMQ) |
|
||||
| CKAN Datapusher | ckan-datapusher | 8004 | 8080 (HTTP) |
|
||||
| CKAN Datapusher | ckan-datapusher | 8080 | 8080 (HTTP) |
|
||||
| MariaDB | mariadb | 3306 | 3306 (MySQL) |
|
||||
| Postgres | postgres | 5432 | 5432 (Postgres) |
|
||||
| RabbitMQ | rabbitmq | 5672 | 5672 (AMQP) |
|
||||
@ -33,27 +33,27 @@
|
||||
|
||||
## List of application containers
|
||||
|
||||
All application containers listen on internal port 8080 (HTTP)
|
||||
All application containers have the application user UID/GID 8080 and listen on internal port 8080 (HTTP)
|
||||
|
||||
| Application | Container | UID/GID | Host |
|
||||
|----------------|-------------------|---------|-------------|
|
||||
| CKAN | ckan | 8003 | ckan |
|
||||
| Crisis Cleanup | crisiscleanup | 8005 | cc |
|
||||
| CTS | cts | 8006 | cts |
|
||||
| EcoGIS | ecogis | 8020 | ecogis |
|
||||
| FrontlineSMS | frontlinesms | 8018 | sms |
|
||||
| GNU Health | gnuhealth | 8008 | gh |
|
||||
| KanBoard | kanboard | 8009 | kb |
|
||||
| Mifos X | mifosx | 8012 | mifosx |
|
||||
| Motech | motech | 8013 | motech |
|
||||
| ODK Aggregate | opendatakit | 8015 | odk |
|
||||
| ODK Build | opendatakit-build | 8017 | odkbuild |
|
||||
| Odoo | odoo | 8019 | odoo |
|
||||
| OpenMapKit | openmapkit | 8007 | omk |
|
||||
| Pan.do/ra | pandora | 8002 | pandora |
|
||||
| Sahana | sahana | 8001 | sahana |
|
||||
| Sahana - Demo | sahana-demo | 8001 | sahana-demo |
|
||||
| SAMBRO | sambro | 8001 | sambro |
|
||||
| SeedDMS | seeddms | 8010 | dms |
|
||||
| Sigmah | sigmah | 8011 | sigmah |
|
||||
| Ushahidi | ushahidi | 8014 | ush |
|
||||
| Application | Container | Host |
|
||||
|----------------|-------------------|-------------|
|
||||
| CKAN | ckan | ckan |
|
||||
| Crisis Cleanup | crisiscleanup | cc |
|
||||
| CTS | cts | cts |
|
||||
| EcoGIS | ecogis | ecogis |
|
||||
| FrontlineSMS | frontlinesms | sms |
|
||||
| GNU Health | gnuhealth | gh |
|
||||
| KanBoard | kanboard | kb |
|
||||
| Mifos X | mifosx | mifosx |
|
||||
| Motech | motech | motech |
|
||||
| ODK Aggregate | opendatakit | odk |
|
||||
| ODK Build | opendatakit-build | odkbuild |
|
||||
| Odoo | odoo | odoo |
|
||||
| OpenMapKit | openmapkit | omk |
|
||||
| Pan.do/ra | pandora | pandora |
|
||||
| Sahana | sahana | sahana |
|
||||
| Sahana - Demo | sahana-demo | sahana-demo |
|
||||
| SAMBRO | sambro | sambro |
|
||||
| SeedDMS | seeddms | dms |
|
||||
| Sigmah | sigmah | sigmah |
|
||||
| Ushahidi | ushahidi | ush |
|
||||
|
@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 crisiscleanup-postgres -- ps
|
||||
|
||||
# Copy existing config files into persistent storage
|
||||
mkdir -p /srv/crisiscleanup/cc_conf
|
||||
chown 108005:108005 /srv/crisiscleanup/cc_conf
|
||||
chown 108080:108080 /srv/crisiscleanup/cc_conf
|
||||
lxc-execute crisiscleanup -- tar -cC /srv/crisiscleanup/config . | tar -xC /srv/crisiscleanup/cc_conf
|
||||
|
||||
# Configure CrisisCleanup
|
||||
|
@ -35,8 +35,8 @@ RUN EOF
|
||||
rake assets:precompile
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8005 cc
|
||||
adduser -S -u 8005 -h /srv/crisiscleanup -s /bin/false -g cc -G cc cc
|
||||
addgroup -S -g 8080 cc
|
||||
adduser -S -u 8080 -h /srv/crisiscleanup -s /bin/false -g cc -G cc cc
|
||||
chown -R cc:cc /srv/crisiscleanup
|
||||
|
||||
# Cleanup
|
||||
@ -46,7 +46,7 @@ RUN EOF
|
||||
rm -rf /root/.bundle /root/.config /root/.npm
|
||||
EOF
|
||||
|
||||
USER 8005 8005
|
||||
USER 8080 8080
|
||||
WORKDIR /srv/crisiscleanup
|
||||
CMD rails server
|
||||
HALT SIGTERM
|
||||
|
@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 cts-postgres -- psql
|
||||
|
||||
# Copy existing config files into persistent storage
|
||||
mkdir -p /srv/cts/cts_conf
|
||||
chown 108006:108006 /srv/cts/cts_conf
|
||||
chown 108080:108080 /srv/cts/cts_conf
|
||||
lxc-execute cts -- tar -cC /srv/cts/cts/settings . | tar -xC /srv/cts/cts_conf
|
||||
|
||||
# Configure CTS
|
||||
|
@ -26,8 +26,8 @@ RUN EOF
|
||||
DJANGO_SETTINGS_MODULE=cts.settings.dev manage.py collectstatic -l --noinput
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8006 cts
|
||||
adduser -S -u 8006 -h /srv/cts -s /bin/false -g cts -G cts cts
|
||||
addgroup -S -g 8080 cts
|
||||
adduser -S -u 8080 -h /srv/cts -s /bin/false -g cts -G cts cts
|
||||
chown -R cts:cts /srv/cts
|
||||
|
||||
# Cleanup
|
||||
|
@ -21,7 +21,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 ecogis-postgres -- psql
|
||||
# Configure EcoGIS
|
||||
mkdir -p /srv/ecogis/ecogis_conf /srv/ecogis/ecogis_data
|
||||
envsubst <ecogis_conf/config.php >/srv/ecogis/conf/config.php
|
||||
chown -R 108020:108020 /srv/ecogis/ecogis_conf /srv/ecogis/ecogis_data
|
||||
chown -R 108080:108080 /srv/ecogis/ecogis_conf /srv/ecogis/ecogis_data
|
||||
|
||||
# Stop services required for setup
|
||||
service ecogis-postgres stop
|
||||
|
@ -23,8 +23,8 @@ RUN EOF
|
||||
pear install Auth Log
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8020 ecogis
|
||||
adduser -S -u 8020 -h /srv/ecogis -s /bin/false -g ecogis -G ecogis ecogis
|
||||
addgroup -S -g 8080 ecogis
|
||||
adduser -S -u 8080 -h /srv/ecogis -s /bin/false -g ecogis -G ecogis ecogis
|
||||
|
||||
# Cleanup
|
||||
apk --no-cache del .deps
|
||||
|
@ -10,7 +10,7 @@ export FRONTLINESMS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
export FRONTLINESMS_ADMIN_USER_HASH=$(echo -n "${FRONTLINESMS_ADMIN_USER}" | base64)
|
||||
export FRONTLINESMS_ADMIN_PWD_HASH=$(echo -n "${FRONTLINESMS_ADMIN_PWD}" | base64)
|
||||
envsubst <flsms_data/app-settings.properties >/srv/frontlinesms/flsms_data/app-settings.properties
|
||||
chown -R 8018:8018 /srv/frontlinesms/flsms_data
|
||||
chown -R 8080:8080 /srv/frontlinesms/flsms_data
|
||||
|
||||
# Register application
|
||||
vmmgr register-app frontlinesms sms "${FRONTLINESMS_ADMIN_USER}" "${FRONTLINESMS_ADMIN_PWD}"
|
||||
|
@ -8,8 +8,8 @@ RUN EOF
|
||||
apk --no-cache add openjdk8-jre ttf-opensans xf86-video-dummy xorg-server
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8018 sms
|
||||
adduser -S -u 8018 -h /srv/frontlinesms -s /bin/sh -g sms -G sms sms
|
||||
addgroup -S -g 8080 sms
|
||||
adduser -S -u 8080 -h /srv/frontlinesms -s /bin/sh -g sms -G sms sms
|
||||
adduser sms dialout
|
||||
|
||||
# Install FrontlineSMS
|
||||
@ -35,7 +35,7 @@ RUN EOF
|
||||
MD5=$(md5sum frontlinesms-core_messages_cs.js | cut -d' ' -f1)
|
||||
cp frontlinesms-core_messages_cs.js frontlinesms-core_messages_cs-${MD5}.js
|
||||
cp frontlinesms-core_messages_cs.js.gz frontlinesms-core_messages_cs-${MD5}.js.gz
|
||||
chown 8018:8018 frontlinesms-core_messages_cs*
|
||||
chown 8080:8080 frontlinesms-core_messages_cs*
|
||||
EOF
|
||||
|
||||
CMD s6-svscan /etc/services.d
|
||||
|
@ -25,8 +25,8 @@ RUN EOF
|
||||
git clone -b 4.6 --single-branch --depth 1 https://github.com/tryton/sao /srv/gnuhealth/sao
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8008 gnuhealth
|
||||
adduser -S -u 8008 -h /srv/gnuhealth -s /bin/bash -g gnuhealth -G gnuhealth gnuhealth
|
||||
addgroup -S -g 8080 gnuhealth
|
||||
adduser -S -u 8080 -h /srv/gnuhealth -s /bin/bash -g gnuhealth -G gnuhealth gnuhealth
|
||||
chown -R gnuhealth:gnuhealth /srv/gnuhealth
|
||||
|
||||
# Install GNU Health
|
||||
@ -61,5 +61,5 @@ ENV PATH /srv/gnuhealth/gnuhealth/tryton/server/trytond-current/bin:/usr/local/s
|
||||
ENV TRYTOND_CONFIG /srv/gnuhealth/gnuhealth/tryton/server/config/trytond.conf
|
||||
ENV PYTHONPATH /srv/gnuhealth/gnuhealth/tryton/server/trytond-current:/srv/gnuhealth/gnuhealth/tryton/server/config
|
||||
|
||||
USER 8008 8008
|
||||
USER 8080 8080
|
||||
CMD trytond --verbose
|
||||
|
@ -21,7 +21,7 @@ lxc-execute kanboard -- cat /srv/kanboard/app/Schema/Sql/postgres.sql | lxc-atta
|
||||
|
||||
# Configure Kanboard
|
||||
mkdir -p /srv/kanboard/kanboard_conf /srv/kanboard/kanboard_data
|
||||
chown -R 8009:8009 /srv/kanboard/kanboard_data
|
||||
chown -R 8080:8080 /srv/kanboard/kanboard_data
|
||||
envsubst <kanboard_conf/config.php >/srv/kanboard/kanboard_conf/config.php
|
||||
export KANBOARD_ADMIN_USER=admin
|
||||
export KANBOARD_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
|
@ -32,8 +32,8 @@ RUN EOF
|
||||
git clone --depth=1 https://github.com/xavividal/kanboard-plugin-relationgraph /srv/kanboard/plugins/Relationgraph
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8009 kanboard
|
||||
adduser -S -u 8009 -h /srv/kanboard -s /bin/false -g kanboard -G kanboard kanboard
|
||||
addgroup -S -g 8080 kanboard
|
||||
adduser -S -u 8080 -h /srv/kanboard -s /bin/false -g kanboard -G kanboard kanboard
|
||||
|
||||
# Cleanup
|
||||
apk --no-cache del .deps
|
||||
|
@ -20,8 +20,8 @@ RUN EOF
|
||||
wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.4/drizzle-jdbc-1.4.jar -O /srv/tomcat/lib/drizzle-jdbc-1.4.jar
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8012 mifosx
|
||||
adduser -S -u 8012 -h /srv/tomcat -s /bin/false -g mifosx -G mifosx mifosx
|
||||
addgroup -S -g 8080 mifosx
|
||||
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g mifosx -G mifosx mifosx
|
||||
chown -R mifosx:mifosx /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
|
||||
|
||||
# Cleanup
|
||||
|
@ -28,7 +28,7 @@ envsubst <motech_conf/config/bootstrap.properties >/srv/motech/motech_conf/confi
|
||||
cp motech_conf/config-locations.properties /srv/motech/motech_conf/config-locations.properties
|
||||
cp motech_conf/config/motech-settings.properties /srv/motech/motech_conf/config/motech-settings.properties
|
||||
cp motech_conf/config/org.motechproject.motech-platform-email/motech-email.properties /srv/motech/motech_conf/config/org.motechproject.motech-platform-email/motech-email.properties
|
||||
chown -R 108013:108013 /srv/motech/motech_conf
|
||||
chown -R 108080:108080 /srv/motech/motech_conf
|
||||
|
||||
# Populate database and create admin account
|
||||
service activemq start
|
||||
|
@ -16,14 +16,14 @@ RUN EOF
|
||||
cp /srv/tomcat/webapps/ROOT/WEB-INF/lib/postgresql-42.2.5.jar /srv/tomcat/webapps/ROOT/WEB-INF/bundles/postgresql-42.2.5.jar
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8013 motech
|
||||
adduser -S -u 8013 -h /srv/tomcat -s /bin/false -g motech -G motech motech
|
||||
addgroup -S -g 8080 motech
|
||||
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g motech -G motech motech
|
||||
chown -R motech:motech /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
|
||||
|
||||
# Cleanup
|
||||
rm -f /tmp/motech.war
|
||||
EOF
|
||||
|
||||
USER 8013 8013
|
||||
USER 8080 8080
|
||||
WORKDIR /srv/tomcat
|
||||
CMD catalina.sh run
|
||||
|
@ -23,7 +23,7 @@ export ODOO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
mkdir -p /srv/odoo/odoo_conf/ /srv/odoo/odoo_data/
|
||||
envsubst <odoo_conf/odoo.conf >/srv/odoo/odoo_conf/odoo.conf
|
||||
chown 100000:100000 /srv/odoo/odoo_conf/
|
||||
chown 108019:108019 /srv/odoo/odoo_data/
|
||||
chown 108080:108080 /srv/odoo/odoo_data/
|
||||
|
||||
# Populate database
|
||||
# TODO: proc ne execute?
|
||||
|
@ -21,8 +21,8 @@ RUN EOF
|
||||
pip3 install -r requirements.txt
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8019 odoo
|
||||
adduser -S -u 8019 -h /srv/odoo -s /bin/false -g odoo -G odoo odoo
|
||||
addgroup -S -g 8080 odoo
|
||||
adduser -S -u 8080 -h /srv/odoo -s /bin/false -g odoo -G odoo odoo
|
||||
chown -R odoo:odoo /srv/odoo
|
||||
|
||||
# Cleanup
|
||||
@ -31,5 +31,5 @@ RUN EOF
|
||||
rm -rf /usr/local/share/.cache
|
||||
EOF
|
||||
|
||||
USER 8019 8019
|
||||
USER 8080 8080
|
||||
CMD /srv/odoo/odoo-bin -c srv/odoo/odoo.conf
|
||||
|
@ -26,7 +26,7 @@ export OPENDATAKIT_ADMIN_REALM=spotter
|
||||
envsubst <odk_conf/jdbc.properties >/srv/opendatakit/odk_conf/jdbc.properties
|
||||
envsubst <odk_conf/security.properties >/srv/opendatakit/odk_conf/security.properties
|
||||
cp odk_conf/server.xml /srv/opendatakit/odk_conf/server.xml
|
||||
chown -R 108015:108015 /srv/opendatakit/odk_conf
|
||||
chown -R 108080:108080 /srv/opendatakit/odk_conf
|
||||
|
||||
# Configure OpenDataKit Build
|
||||
export OPENDATAKITBUILD_COOKIE_SECRET=$(head -c 8 /dev/urandom | hexdump -e '"%x"')
|
||||
|
@ -27,8 +27,8 @@ RUN EOF
|
||||
make
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8017 odkbuild
|
||||
adduser -S -u 8017 -h /srv/opendatakit-build -s /bin/false -g odkbuild -G odkbuild odkbuild
|
||||
addgroup -S -g 8080 odkbuild
|
||||
adduser -S -u 8080 -h /srv/opendatakit-build -s /bin/false -g odkbuild -G odkbuild odkbuild
|
||||
chown -R odkbuild:odkbuild /srv/opendatakit-build
|
||||
chown -R odkbuild:odkbuild /srv/build2xlsform
|
||||
|
||||
|
@ -15,14 +15,14 @@ RUN EOF
|
||||
wget https://jdbc.postgresql.org/download/postgresql-42.2.5.jar -O /srv/tomcat/webapps/ROOT/WEB-INF/lib/postgresql-42.2.5.jar
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8015 odk
|
||||
adduser -S -u 8015 -h /srv/tomcat -s /bin/false -g odk -G odk odk
|
||||
addgroup -S -g 8080 odk
|
||||
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g odk -G odk odk
|
||||
chown -R odk:odk /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
|
||||
|
||||
# Cleanup
|
||||
rm /tmp/odk.war
|
||||
EOF
|
||||
|
||||
USER 8015 8015
|
||||
USER 8080 8080
|
||||
WORKDIR /srv/tomcat
|
||||
CMD catalina.sh run
|
||||
|
@ -7,7 +7,7 @@ cd $(realpath $(dirname "${0}"))/install
|
||||
export OPENMAPKIT_ADMIN_USER="admin"
|
||||
export OPENMAPKIT_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
mkdir -p /srv/openmapkit/omk_conf /srv/openmapkit/omk_data
|
||||
chown -R 108007:108007 /srv/openmapkit/omk_data
|
||||
chown -R 108080:108080 /srv/openmapkit/omk_data
|
||||
lxc-execute openmapkit -- tar -cC /srv/openmapkit/data . | tar -xC /srv/openmapkit/omk_data
|
||||
envsubst <omk_conf/settings.js >/srv/openmapkit/omk_conf/settings.js
|
||||
|
||||
|
@ -14,7 +14,7 @@ RUN EOF
|
||||
# Clone OpenMapKit
|
||||
git clone --depth 1 https://github.com/posm/OpenMapKitServer /srv/openmapkit
|
||||
cd /srv/openmapkit
|
||||
git submodule update --init
|
||||
git submodule update --init #TODO: Why does this fail?
|
||||
|
||||
# Install OpenMapKit dependencies
|
||||
pip install -r requirements.txt
|
||||
@ -25,8 +25,8 @@ RUN EOF
|
||||
yarn build
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8007 omk
|
||||
adduser -S -u 8007 -h /srv/openmapkit -s /bin/false -g omk -G omk omk
|
||||
addgroup -S -g 8080 omk
|
||||
adduser -S -u 8080 -h /srv/openmapkit -s /bin/false -g omk -G omk omk
|
||||
chown -R omk:omk /srv/openmapkit
|
||||
|
||||
# Cleanup
|
||||
|
@ -31,7 +31,7 @@ lxc-attach pandora-rabbitmq -- rabbitmqctl set_permissions -p /pandora pandora "
|
||||
|
||||
# Configure Pandora
|
||||
mkdir -p /srv/pandora/pandora_conf /srv/pandora/pandora_data
|
||||
chown 108002:108002 /srv/pandora/pandora_data
|
||||
chown 108080:108080 /srv/pandora/pandora_data
|
||||
# Copy customized configuration if VANILLA environment variable is not set, else use the default pandora config
|
||||
if [ ${VANILLA:-0} -eq 0 ]; then
|
||||
cp pandora_conf/config.jsonc /srv/pandora/pandora_conf/config.jsonc
|
||||
@ -40,7 +40,7 @@ else
|
||||
fi
|
||||
cp pandora_conf/gunicorn_config.py /srv/pandora/pandora_conf/gunicorn_config.py
|
||||
envsubst <pandora_conf/local_settings.py >/srv/pandora/pandora_conf/local_settings.py
|
||||
chown -R 108002:108002 /srv/pandora/pandora_conf
|
||||
chown -R 108080:108080 /srv/pandora/pandora_conf
|
||||
|
||||
# Populate database
|
||||
lxc-execute pandora -- /srv/pandora/pandora/manage.py migrate --noinput
|
||||
|
@ -59,8 +59,8 @@ RUN EOF
|
||||
./manage.py collectstatic -l --noinput
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8002 pandora
|
||||
adduser -S -u 8002 -h /srv/pandora -s /bin/false -g pandora -G pandora pandora
|
||||
addgroup -S -g 8080 pandora
|
||||
adduser -S -u 8080 -h /srv/pandora -s /bin/false -g pandora -G pandora pandora
|
||||
EOF
|
||||
|
||||
COPY lxc
|
||||
@ -80,7 +80,7 @@ RUN EOF
|
||||
ln -s /srv/pandora/conf/config.jsonc config.jsonc
|
||||
ln -s /srv/pandora/conf/gunicorn_config.py gunicorn_config.py
|
||||
ln -s /srv/pandora/conf/local_settings.py local_settings.py
|
||||
chown -R 8002:8002 /srv/pandora
|
||||
chown -R 8080:8080 /srv/pandora
|
||||
|
||||
# Cleanup
|
||||
apk --no-cache del .deps
|
||||
|
@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sahana-demo-postgres -- psql
|
||||
|
||||
# Prepare persistent directory structure
|
||||
mkdir -p /srv/sahana-demo/sahana_conf /srv/sahana-demo/sahana_data/databases /srv/sahana-demo/sahana_data/uploads /srv/sahana-demo/sahana_data/default
|
||||
chown -R 108001:108001 /srv/sahana-demo/sahana_conf /srv/sahana-demo/sahana_data
|
||||
chown -R 108080:108080 /srv/sahana-demo/sahana_conf /srv/sahana-demo/sahana_data
|
||||
lxc-execute sahana-demo -- tar -cC /srv/web2py/applications/eden/models . | tar -xC /srv/sahana-demo/sahana_conf
|
||||
lxc-execute sahana-demo -- tar -cC /srv/web2py/applications/eden/modules/templates/default . | tar -xC /srv/sahana-demo/sahana_data/default
|
||||
|
||||
@ -30,10 +30,10 @@ export SAHANADEMO_ADMIN_USER=admin@example.com
|
||||
export SAHANADEMO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
envsubst <srv/sahana-demo/conf/000_config.py >/srv/sahana-demo/sahana_conf/000_config.py
|
||||
envsubst <masterUsers.csv >/srv/sahana-demo/sahana_data/default/users/masterUsers.csv
|
||||
chown -R 108001:108001 /srv/sahana/sahana_conf /srv/sahana/sahana_data
|
||||
chown -R 108080:108080 /srv/sahana/sahana_conf /srv/sahana/sahana_data
|
||||
|
||||
# Populate database
|
||||
lxc-execute -u 8001 -g 8001 sahana-demo -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
|
||||
lxc-execute -u 8080 -g 8080 sahana-demo -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
|
||||
|
||||
# Install config update script
|
||||
cp update-conf.sh /srv/sahana-demo/update-conf.sh
|
||||
|
@ -20,12 +20,12 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sahana-postgres -- psql
|
||||
|
||||
# Prepare persistent directory structure
|
||||
mkdir -p /srv/sahana/sahana_conf /srv/sahana/sahana_data/databases /srv/sahana/sahana_data/uploads
|
||||
chown -R 108001:108001 /srv/sahana/sahana_conf
|
||||
chown -R 108080:108080 /srv/sahana/sahana_conf
|
||||
lxc-execute sahana -- tar -cC /srv/web2py/applications/eden/models . | tar -xC /srv/sahana/sahana_conf
|
||||
|
||||
# Copy Spotter template
|
||||
cp -r sahana_data/Spotter /srv/sahana/sahana_data/
|
||||
chown -R 108001:108001 /srv/sahana/sahana_data
|
||||
chown -R 108080:108080 /srv/sahana/sahana_data
|
||||
|
||||
# Configure Sahana
|
||||
export SAHANA_HMAC=$(head -c 18 /dev/urandom | base64 | tr -d '+/=')
|
||||
@ -34,10 +34,10 @@ export SAHANA_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
envsubst <sahana_conf/000_config.py >/srv/sahana/sahana_conf/000_config.py
|
||||
envsubst <sahana_data/Spotter/masterUsers.csv >/srv/sahana/sahana_data/Spotter/masterUsers.csv
|
||||
cp sahana_conf/00_settings.py /srv/sahana/sahana_conf/00_settings.py
|
||||
chown -R 108001:108001 /srv/sahana/sahana_conf /srv/sahana/sahana_data
|
||||
chown -R 108080:108080 /srv/sahana/sahana_conf /srv/sahana/sahana_data
|
||||
|
||||
# Populate database
|
||||
lxc-execute -u 8001 -g 8001 sahana -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
|
||||
lxc-execute -u 8080 -g 8080 sahana -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
|
||||
|
||||
# Set "production values" (increases performance) only if the DEBUG environment variable is not set
|
||||
if [ ${DEBUG:-0} -eq 0 ]; then
|
||||
|
@ -44,8 +44,8 @@ COPY lxc
|
||||
|
||||
RUN EOF
|
||||
# Create OS user
|
||||
addgroup -S -g 8001 sahana
|
||||
adduser -S -u 8001 -h /srv/web2py -s /bin/false -g sahana -G sahana sahana
|
||||
addgroup -S -g 8080 sahana
|
||||
adduser -S -u 8080 -h /srv/web2py -s /bin/false -g sahana -G sahana sahana
|
||||
chown -R sahana:sahana /srv/web2py
|
||||
|
||||
# Cleanup
|
||||
|
@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sambro-postgres -- psql
|
||||
|
||||
# Prepare persistent directory structure
|
||||
mkdir -p /srv/sambro/sahana_conf /srv/sambro/sahana_data/databases /srv/sambro/sahana_data/uploads /srv/sambro/sahana_data/SAMBRO
|
||||
chown -R 108001:108001 /srv/sambro/sahana_conf /srv/sambro/sahana_data
|
||||
chown -R 108080:108080 /srv/sambro/sahana_conf /srv/sambro/sahana_data
|
||||
lxc-execute sambro -- tar -cC /srv/web2py/applications/eden/models . | tar -xC /srv/sambro/sahana_conf
|
||||
lxc-execute sambro -- tar -cC /srv/web2py/applications/eden/modules/templates/SAMBRO . | tar -xC /srv/sambro/sahana_data/SAMBRO
|
||||
|
||||
@ -32,13 +32,13 @@ envsubst <sahana_conf/000_config.py >/srv/sambro/sahana_conf/000_config.py
|
||||
# TODO:
|
||||
#mkdir -p /var/lib/lxc/sambro/sambro/srv/web2py/applications/eden/modules/templates/default/users
|
||||
#envsubst <masterUsers.csv >/var/lib/lxc/sambro/sambro/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv
|
||||
#chown -R 8001:8001 /var/lib/lxc/sambro/sambro/srv/web2py
|
||||
#chown -R 8080:8080 /var/lib/lxc/sambro/sambro/srv/web2py
|
||||
cp sahana_conf/00_settings.py /srv/sambro/sahana_conf/00_settings.py
|
||||
cp sahana_data/SAMBRO/config.py /srv/sambro/sahana_data/SAMBRO/config.py
|
||||
chown -R 108001:108001 /srv/sambro/sahana_conf /srv/sambro/sahana_data
|
||||
chown -R 108080:108080 /srv/sambro/sahana_conf /srv/sambro/sahana_data
|
||||
|
||||
# Populate database
|
||||
lxc-execute -u 8001 -g 8001 sambro -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
|
||||
lxc-execute -u 8080 -g 8080 sambro -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
|
||||
|
||||
# Set "production values" (increases performance) only if the DEBUG environment variable is not set
|
||||
if [ ${DEBUG:-0} -eq 0 ]; then
|
||||
|
@ -22,8 +22,8 @@ cat custom.sql | lxc-attach -u 5432 -g 5432 seeddms-postgres -- psql seeddms
|
||||
|
||||
# Copy existing files into persistent storage
|
||||
mkdir -p /srv/seeddms/seeddms_conf /srv/seeddms/seeddms)data
|
||||
chown 108010:108010 /srv/seeddms/conf
|
||||
chown 108010:108010 /srv/seeddms/data
|
||||
chown 108080:108080 /srv/seeddms/conf
|
||||
chown 108080:108080 /srv/seeddms/data
|
||||
lxc-execute seeddms -- tar -cC /srv/seeddms/conf . | tar -xC /srv/seeddms/seeddms_conf
|
||||
lxc-execute seeddms -- tar -cC /srv/seeddms/data . | tar -xC /srv/seeddms/seeddms_data
|
||||
|
||||
@ -33,7 +33,7 @@ export SEEDDMS_ADMIN_USER=admin
|
||||
export SEEDDMS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
|
||||
export SEEDDMS_ADMIN_EMAIL=admin@example.com
|
||||
envsubst <adminpwd.sql | lxc-attach -u 5432 -g 5432 seeddms-postgres -- psql seeddms
|
||||
chown -R 108010:108010 /srv/seeddms/seeddms_conf
|
||||
chown -R 108080:108080 /srv/seeddms/seeddms_conf
|
||||
|
||||
# Install config update script
|
||||
cp update-conf.sh /srv/seeddms/update-conf.sh
|
||||
|
@ -33,8 +33,8 @@ RUN EOF
|
||||
rm previewers.patch
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8010 seeddms
|
||||
adduser -S -u 8010 -h /srv/seeddms -s /bin/false -g seeddms -G seeddms seeddms
|
||||
addgroup -S -g 8080 seeddms
|
||||
adduser -S -u 8080 -h /srv/seeddms -s /bin/false -g seeddms -G seeddms seeddms
|
||||
chown -R seeddms:seeddms /srv/seeddms
|
||||
|
||||
# Cleanup
|
||||
|
@ -20,10 +20,10 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sigmah-postgres -- psql
|
||||
|
||||
# Configure Sigmah
|
||||
mkdir -p /srv/sigmah/sigmah_conf /srv/sigmah/sigmah_data/files /srv/sigmah/sigmah_data/archives
|
||||
chown -R 108011:108011 /srv/sigmah/sigmah_data
|
||||
chown -R 108080:108080 /srv/sigmah/sigmah_data
|
||||
envsubst <sigmah_conf/persistence.xml >/srv/sigmah/sigmah_conf/persistence.xml
|
||||
cp sigmah_conf/sigmah.properties /srv/sigmah/sigmah_conf/sigmah.properties
|
||||
chown -R 108011:108011 /srv/sigmah/sigmah_conf
|
||||
chown -R 108080:108080 /srv/sigmah/sigmah_conf
|
||||
lxc-execute sigmah -- cat /srv/tomcat/webapps/sigmah/sigmah/images/header/org-default-logo.png >/srv/sigmah/sigmah_data/files/logo.png
|
||||
|
||||
# Populate database
|
||||
|
@ -18,8 +18,8 @@ RUN EOF
|
||||
rm /srv/tomcat/webapps/sigmah/WEB-INF/classes/logback.xml
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8011 sigmah
|
||||
adduser -S -u 8011 -h /srv/tomcat -s /bin/false -g sigmah -G sigmah sigmah
|
||||
addgroup -S -g 8080 sigmah
|
||||
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g sigmah -G sigmah sigmah
|
||||
chown -R sigmah:sigmah /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
|
||||
|
||||
# Download database files
|
||||
@ -32,6 +32,6 @@ EOF
|
||||
|
||||
COPY lxc
|
||||
|
||||
USER 8011 8011
|
||||
USER 8080 8080
|
||||
WORKDIR /srv/tomcat
|
||||
CMD catalina.sh run
|
||||
|
@ -17,7 +17,7 @@ envsubst <createdb.sql | lxc-attach ushahidi-mariadb -- mysql
|
||||
|
||||
# Configure Ushahidi
|
||||
mkdir -p /srv/ushahidi/ushahidi_conf /srv/ushahidi/ushahidi_data
|
||||
chown 108014:108014 /srv/ushahidi/ushahidi_data
|
||||
chown 108080:108080 /srv/ushahidi/ushahidi_data
|
||||
envsubst <ushahidi_conf/env >/srv/ushahidi/ushahidi_conf/env
|
||||
cp ushahidi_conf/config.json /srv/ushahidi/ushahidi_conf/config.json
|
||||
chown -R 100000:100000 /srv/ushahidi/ushahidi_conf
|
||||
|
@ -16,8 +16,8 @@ RUN EOF
|
||||
mv /srv/ushahidi/ushahidi-platform-bundle-v3.12.3 /srv/ushahidi/platform
|
||||
|
||||
# Create OS user
|
||||
addgroup -S -g 8014 ushahidi
|
||||
adduser -S -u 8014 -h /srv/ushahidi -s /bin/false -g ushahidi -G ushahidi ushahidi
|
||||
addgroup -S -g 8080 ushahidi
|
||||
adduser -S -u 8080 -h /srv/ushahidi -s /bin/false -g ushahidi -G ushahidi ushahidi
|
||||
chown -R ushahidi:ushahidi /srv/ushahidi/platform/application/logs /srv/ushahidi/platform/application/cache /srv/ushahidi/platform/application/media/uploads
|
||||
|
||||
# Cleanup
|
||||
|
Loading…
x
Reference in New Issue
Block a user