Change application users UID/GID to 8080

This commit is contained in:
Disassembler 2019-10-14 07:59:06 +02:00
parent 4e9c63d8aa
commit 0f5c1d6433
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
34 changed files with 95 additions and 95 deletions

View File

@ -24,7 +24,7 @@
| Service | Container | UID/GID | Internal Port |
|-----------------|-----------------|---------|------------------|
| ActiveMQ | activemq | 61616 | 61616 (ActiveMQ) |
| CKAN Datapusher | ckan-datapusher | 8004 | 8080 (HTTP) |
| CKAN Datapusher | ckan-datapusher | 8080 | 8080 (HTTP) |
| MariaDB | mariadb | 3306 | 3306 (MySQL) |
| Postgres | postgres | 5432 | 5432 (Postgres) |
| RabbitMQ | rabbitmq | 5672 | 5672 (AMQP) |
@ -33,27 +33,27 @@
## List of application containers
All application containers listen on internal port 8080 (HTTP)
All application containers have the application user UID/GID 8080 and listen on internal port 8080 (HTTP)
| Application | Container | UID/GID | Host |
|----------------|-------------------|---------|-------------|
| CKAN | ckan | 8003 | ckan |
| Crisis Cleanup | crisiscleanup | 8005 | cc |
| CTS | cts | 8006 | cts |
| EcoGIS | ecogis | 8020 | ecogis |
| FrontlineSMS | frontlinesms | 8018 | sms |
| GNU Health | gnuhealth | 8008 | gh |
| KanBoard | kanboard | 8009 | kb |
| Mifos X | mifosx | 8012 | mifosx |
| Motech | motech | 8013 | motech |
| ODK Aggregate | opendatakit | 8015 | odk |
| ODK Build | opendatakit-build | 8017 | odkbuild |
| Odoo | odoo | 8019 | odoo |
| OpenMapKit | openmapkit | 8007 | omk |
| Pan.do/ra | pandora | 8002 | pandora |
| Sahana | sahana | 8001 | sahana |
| Sahana - Demo | sahana-demo | 8001 | sahana-demo |
| SAMBRO | sambro | 8001 | sambro |
| SeedDMS | seeddms | 8010 | dms |
| Sigmah | sigmah | 8011 | sigmah |
| Ushahidi | ushahidi | 8014 | ush |
| Application | Container | Host |
|----------------|-------------------|-------------|
| CKAN | ckan | ckan |
| Crisis Cleanup | crisiscleanup | cc |
| CTS | cts | cts |
| EcoGIS | ecogis | ecogis |
| FrontlineSMS | frontlinesms | sms |
| GNU Health | gnuhealth | gh |
| KanBoard | kanboard | kb |
| Mifos X | mifosx | mifosx |
| Motech | motech | motech |
| ODK Aggregate | opendatakit | odk |
| ODK Build | opendatakit-build | odkbuild |
| Odoo | odoo | odoo |
| OpenMapKit | openmapkit | omk |
| Pan.do/ra | pandora | pandora |
| Sahana | sahana | sahana |
| Sahana - Demo | sahana-demo | sahana-demo |
| SAMBRO | sambro | sambro |
| SeedDMS | seeddms | dms |
| Sigmah | sigmah | sigmah |
| Ushahidi | ushahidi | ush |

View File

@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 crisiscleanup-postgres -- ps
# Copy existing config files into persistent storage
mkdir -p /srv/crisiscleanup/cc_conf
chown 108005:108005 /srv/crisiscleanup/cc_conf
chown 108080:108080 /srv/crisiscleanup/cc_conf
lxc-execute crisiscleanup -- tar -cC /srv/crisiscleanup/config . | tar -xC /srv/crisiscleanup/cc_conf
# Configure CrisisCleanup

View File

@ -35,8 +35,8 @@ RUN EOF
rake assets:precompile
# Create OS user
addgroup -S -g 8005 cc
adduser -S -u 8005 -h /srv/crisiscleanup -s /bin/false -g cc -G cc cc
addgroup -S -g 8080 cc
adduser -S -u 8080 -h /srv/crisiscleanup -s /bin/false -g cc -G cc cc
chown -R cc:cc /srv/crisiscleanup
# Cleanup
@ -46,7 +46,7 @@ RUN EOF
rm -rf /root/.bundle /root/.config /root/.npm
EOF
USER 8005 8005
USER 8080 8080
WORKDIR /srv/crisiscleanup
CMD rails server
HALT SIGTERM

View File

@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 cts-postgres -- psql
# Copy existing config files into persistent storage
mkdir -p /srv/cts/cts_conf
chown 108006:108006 /srv/cts/cts_conf
chown 108080:108080 /srv/cts/cts_conf
lxc-execute cts -- tar -cC /srv/cts/cts/settings . | tar -xC /srv/cts/cts_conf
# Configure CTS

View File

@ -26,8 +26,8 @@ RUN EOF
DJANGO_SETTINGS_MODULE=cts.settings.dev manage.py collectstatic -l --noinput
# Create OS user
addgroup -S -g 8006 cts
adduser -S -u 8006 -h /srv/cts -s /bin/false -g cts -G cts cts
addgroup -S -g 8080 cts
adduser -S -u 8080 -h /srv/cts -s /bin/false -g cts -G cts cts
chown -R cts:cts /srv/cts
# Cleanup

View File

@ -21,7 +21,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 ecogis-postgres -- psql
# Configure EcoGIS
mkdir -p /srv/ecogis/ecogis_conf /srv/ecogis/ecogis_data
envsubst <ecogis_conf/config.php >/srv/ecogis/conf/config.php
chown -R 108020:108020 /srv/ecogis/ecogis_conf /srv/ecogis/ecogis_data
chown -R 108080:108080 /srv/ecogis/ecogis_conf /srv/ecogis/ecogis_data
# Stop services required for setup
service ecogis-postgres stop

View File

@ -23,8 +23,8 @@ RUN EOF
pear install Auth Log
# Create OS user
addgroup -S -g 8020 ecogis
adduser -S -u 8020 -h /srv/ecogis -s /bin/false -g ecogis -G ecogis ecogis
addgroup -S -g 8080 ecogis
adduser -S -u 8080 -h /srv/ecogis -s /bin/false -g ecogis -G ecogis ecogis
# Cleanup
apk --no-cache del .deps

View File

@ -10,7 +10,7 @@ export FRONTLINESMS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
export FRONTLINESMS_ADMIN_USER_HASH=$(echo -n "${FRONTLINESMS_ADMIN_USER}" | base64)
export FRONTLINESMS_ADMIN_PWD_HASH=$(echo -n "${FRONTLINESMS_ADMIN_PWD}" | base64)
envsubst <flsms_data/app-settings.properties >/srv/frontlinesms/flsms_data/app-settings.properties
chown -R 8018:8018 /srv/frontlinesms/flsms_data
chown -R 8080:8080 /srv/frontlinesms/flsms_data
# Register application
vmmgr register-app frontlinesms sms "${FRONTLINESMS_ADMIN_USER}" "${FRONTLINESMS_ADMIN_PWD}"

View File

@ -8,8 +8,8 @@ RUN EOF
apk --no-cache add openjdk8-jre ttf-opensans xf86-video-dummy xorg-server
# Create OS user
addgroup -S -g 8018 sms
adduser -S -u 8018 -h /srv/frontlinesms -s /bin/sh -g sms -G sms sms
addgroup -S -g 8080 sms
adduser -S -u 8080 -h /srv/frontlinesms -s /bin/sh -g sms -G sms sms
adduser sms dialout
# Install FrontlineSMS
@ -35,7 +35,7 @@ RUN EOF
MD5=$(md5sum frontlinesms-core_messages_cs.js | cut -d' ' -f1)
cp frontlinesms-core_messages_cs.js frontlinesms-core_messages_cs-${MD5}.js
cp frontlinesms-core_messages_cs.js.gz frontlinesms-core_messages_cs-${MD5}.js.gz
chown 8018:8018 frontlinesms-core_messages_cs*
chown 8080:8080 frontlinesms-core_messages_cs*
EOF
CMD s6-svscan /etc/services.d

View File

@ -25,8 +25,8 @@ RUN EOF
git clone -b 4.6 --single-branch --depth 1 https://github.com/tryton/sao /srv/gnuhealth/sao
# Create OS user
addgroup -S -g 8008 gnuhealth
adduser -S -u 8008 -h /srv/gnuhealth -s /bin/bash -g gnuhealth -G gnuhealth gnuhealth
addgroup -S -g 8080 gnuhealth
adduser -S -u 8080 -h /srv/gnuhealth -s /bin/bash -g gnuhealth -G gnuhealth gnuhealth
chown -R gnuhealth:gnuhealth /srv/gnuhealth
# Install GNU Health
@ -61,5 +61,5 @@ ENV PATH /srv/gnuhealth/gnuhealth/tryton/server/trytond-current/bin:/usr/local/s
ENV TRYTOND_CONFIG /srv/gnuhealth/gnuhealth/tryton/server/config/trytond.conf
ENV PYTHONPATH /srv/gnuhealth/gnuhealth/tryton/server/trytond-current:/srv/gnuhealth/gnuhealth/tryton/server/config
USER 8008 8008
USER 8080 8080
CMD trytond --verbose

View File

@ -21,7 +21,7 @@ lxc-execute kanboard -- cat /srv/kanboard/app/Schema/Sql/postgres.sql | lxc-atta
# Configure Kanboard
mkdir -p /srv/kanboard/kanboard_conf /srv/kanboard/kanboard_data
chown -R 8009:8009 /srv/kanboard/kanboard_data
chown -R 8080:8080 /srv/kanboard/kanboard_data
envsubst <kanboard_conf/config.php >/srv/kanboard/kanboard_conf/config.php
export KANBOARD_ADMIN_USER=admin
export KANBOARD_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')

View File

@ -32,8 +32,8 @@ RUN EOF
git clone --depth=1 https://github.com/xavividal/kanboard-plugin-relationgraph /srv/kanboard/plugins/Relationgraph
# Create OS user
addgroup -S -g 8009 kanboard
adduser -S -u 8009 -h /srv/kanboard -s /bin/false -g kanboard -G kanboard kanboard
addgroup -S -g 8080 kanboard
adduser -S -u 8080 -h /srv/kanboard -s /bin/false -g kanboard -G kanboard kanboard
# Cleanup
apk --no-cache del .deps

View File

@ -20,8 +20,8 @@ RUN EOF
wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.4/drizzle-jdbc-1.4.jar -O /srv/tomcat/lib/drizzle-jdbc-1.4.jar
# Create OS user
addgroup -S -g 8012 mifosx
adduser -S -u 8012 -h /srv/tomcat -s /bin/false -g mifosx -G mifosx mifosx
addgroup -S -g 8080 mifosx
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g mifosx -G mifosx mifosx
chown -R mifosx:mifosx /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
# Cleanup

View File

@ -28,7 +28,7 @@ envsubst <motech_conf/config/bootstrap.properties >/srv/motech/motech_conf/confi
cp motech_conf/config-locations.properties /srv/motech/motech_conf/config-locations.properties
cp motech_conf/config/motech-settings.properties /srv/motech/motech_conf/config/motech-settings.properties
cp motech_conf/config/org.motechproject.motech-platform-email/motech-email.properties /srv/motech/motech_conf/config/org.motechproject.motech-platform-email/motech-email.properties
chown -R 108013:108013 /srv/motech/motech_conf
chown -R 108080:108080 /srv/motech/motech_conf
# Populate database and create admin account
service activemq start

View File

@ -16,14 +16,14 @@ RUN EOF
cp /srv/tomcat/webapps/ROOT/WEB-INF/lib/postgresql-42.2.5.jar /srv/tomcat/webapps/ROOT/WEB-INF/bundles/postgresql-42.2.5.jar
# Create OS user
addgroup -S -g 8013 motech
adduser -S -u 8013 -h /srv/tomcat -s /bin/false -g motech -G motech motech
addgroup -S -g 8080 motech
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g motech -G motech motech
chown -R motech:motech /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
# Cleanup
rm -f /tmp/motech.war
EOF
USER 8013 8013
USER 8080 8080
WORKDIR /srv/tomcat
CMD catalina.sh run

View File

@ -23,7 +23,7 @@ export ODOO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
mkdir -p /srv/odoo/odoo_conf/ /srv/odoo/odoo_data/
envsubst <odoo_conf/odoo.conf >/srv/odoo/odoo_conf/odoo.conf
chown 100000:100000 /srv/odoo/odoo_conf/
chown 108019:108019 /srv/odoo/odoo_data/
chown 108080:108080 /srv/odoo/odoo_data/
# Populate database
# TODO: proc ne execute?

View File

@ -21,8 +21,8 @@ RUN EOF
pip3 install -r requirements.txt
# Create OS user
addgroup -S -g 8019 odoo
adduser -S -u 8019 -h /srv/odoo -s /bin/false -g odoo -G odoo odoo
addgroup -S -g 8080 odoo
adduser -S -u 8080 -h /srv/odoo -s /bin/false -g odoo -G odoo odoo
chown -R odoo:odoo /srv/odoo
# Cleanup
@ -31,5 +31,5 @@ RUN EOF
rm -rf /usr/local/share/.cache
EOF
USER 8019 8019
USER 8080 8080
CMD /srv/odoo/odoo-bin -c srv/odoo/odoo.conf

View File

@ -26,7 +26,7 @@ export OPENDATAKIT_ADMIN_REALM=spotter
envsubst <odk_conf/jdbc.properties >/srv/opendatakit/odk_conf/jdbc.properties
envsubst <odk_conf/security.properties >/srv/opendatakit/odk_conf/security.properties
cp odk_conf/server.xml /srv/opendatakit/odk_conf/server.xml
chown -R 108015:108015 /srv/opendatakit/odk_conf
chown -R 108080:108080 /srv/opendatakit/odk_conf
# Configure OpenDataKit Build
export OPENDATAKITBUILD_COOKIE_SECRET=$(head -c 8 /dev/urandom | hexdump -e '"%x"')

View File

@ -27,8 +27,8 @@ RUN EOF
make
# Create OS user
addgroup -S -g 8017 odkbuild
adduser -S -u 8017 -h /srv/opendatakit-build -s /bin/false -g odkbuild -G odkbuild odkbuild
addgroup -S -g 8080 odkbuild
adduser -S -u 8080 -h /srv/opendatakit-build -s /bin/false -g odkbuild -G odkbuild odkbuild
chown -R odkbuild:odkbuild /srv/opendatakit-build
chown -R odkbuild:odkbuild /srv/build2xlsform

View File

@ -15,14 +15,14 @@ RUN EOF
wget https://jdbc.postgresql.org/download/postgresql-42.2.5.jar -O /srv/tomcat/webapps/ROOT/WEB-INF/lib/postgresql-42.2.5.jar
# Create OS user
addgroup -S -g 8015 odk
adduser -S -u 8015 -h /srv/tomcat -s /bin/false -g odk -G odk odk
addgroup -S -g 8080 odk
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g odk -G odk odk
chown -R odk:odk /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
# Cleanup
rm /tmp/odk.war
EOF
USER 8015 8015
USER 8080 8080
WORKDIR /srv/tomcat
CMD catalina.sh run

View File

@ -7,7 +7,7 @@ cd $(realpath $(dirname "${0}"))/install
export OPENMAPKIT_ADMIN_USER="admin"
export OPENMAPKIT_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
mkdir -p /srv/openmapkit/omk_conf /srv/openmapkit/omk_data
chown -R 108007:108007 /srv/openmapkit/omk_data
chown -R 108080:108080 /srv/openmapkit/omk_data
lxc-execute openmapkit -- tar -cC /srv/openmapkit/data . | tar -xC /srv/openmapkit/omk_data
envsubst <omk_conf/settings.js >/srv/openmapkit/omk_conf/settings.js

View File

@ -14,7 +14,7 @@ RUN EOF
# Clone OpenMapKit
git clone --depth 1 https://github.com/posm/OpenMapKitServer /srv/openmapkit
cd /srv/openmapkit
git submodule update --init
git submodule update --init #TODO: Why does this fail?
# Install OpenMapKit dependencies
pip install -r requirements.txt
@ -25,8 +25,8 @@ RUN EOF
yarn build
# Create OS user
addgroup -S -g 8007 omk
adduser -S -u 8007 -h /srv/openmapkit -s /bin/false -g omk -G omk omk
addgroup -S -g 8080 omk
adduser -S -u 8080 -h /srv/openmapkit -s /bin/false -g omk -G omk omk
chown -R omk:omk /srv/openmapkit
# Cleanup

View File

@ -31,7 +31,7 @@ lxc-attach pandora-rabbitmq -- rabbitmqctl set_permissions -p /pandora pandora "
# Configure Pandora
mkdir -p /srv/pandora/pandora_conf /srv/pandora/pandora_data
chown 108002:108002 /srv/pandora/pandora_data
chown 108080:108080 /srv/pandora/pandora_data
# Copy customized configuration if VANILLA environment variable is not set, else use the default pandora config
if [ ${VANILLA:-0} -eq 0 ]; then
cp pandora_conf/config.jsonc /srv/pandora/pandora_conf/config.jsonc
@ -40,7 +40,7 @@ else
fi
cp pandora_conf/gunicorn_config.py /srv/pandora/pandora_conf/gunicorn_config.py
envsubst <pandora_conf/local_settings.py >/srv/pandora/pandora_conf/local_settings.py
chown -R 108002:108002 /srv/pandora/pandora_conf
chown -R 108080:108080 /srv/pandora/pandora_conf
# Populate database
lxc-execute pandora -- /srv/pandora/pandora/manage.py migrate --noinput

View File

@ -59,8 +59,8 @@ RUN EOF
./manage.py collectstatic -l --noinput
# Create OS user
addgroup -S -g 8002 pandora
adduser -S -u 8002 -h /srv/pandora -s /bin/false -g pandora -G pandora pandora
addgroup -S -g 8080 pandora
adduser -S -u 8080 -h /srv/pandora -s /bin/false -g pandora -G pandora pandora
EOF
COPY lxc
@ -80,7 +80,7 @@ RUN EOF
ln -s /srv/pandora/conf/config.jsonc config.jsonc
ln -s /srv/pandora/conf/gunicorn_config.py gunicorn_config.py
ln -s /srv/pandora/conf/local_settings.py local_settings.py
chown -R 8002:8002 /srv/pandora
chown -R 8080:8080 /srv/pandora
# Cleanup
apk --no-cache del .deps

View File

@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sahana-demo-postgres -- psql
# Prepare persistent directory structure
mkdir -p /srv/sahana-demo/sahana_conf /srv/sahana-demo/sahana_data/databases /srv/sahana-demo/sahana_data/uploads /srv/sahana-demo/sahana_data/default
chown -R 108001:108001 /srv/sahana-demo/sahana_conf /srv/sahana-demo/sahana_data
chown -R 108080:108080 /srv/sahana-demo/sahana_conf /srv/sahana-demo/sahana_data
lxc-execute sahana-demo -- tar -cC /srv/web2py/applications/eden/models . | tar -xC /srv/sahana-demo/sahana_conf
lxc-execute sahana-demo -- tar -cC /srv/web2py/applications/eden/modules/templates/default . | tar -xC /srv/sahana-demo/sahana_data/default
@ -30,10 +30,10 @@ export SAHANADEMO_ADMIN_USER=admin@example.com
export SAHANADEMO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
envsubst <srv/sahana-demo/conf/000_config.py >/srv/sahana-demo/sahana_conf/000_config.py
envsubst <masterUsers.csv >/srv/sahana-demo/sahana_data/default/users/masterUsers.csv
chown -R 108001:108001 /srv/sahana/sahana_conf /srv/sahana/sahana_data
chown -R 108080:108080 /srv/sahana/sahana_conf /srv/sahana/sahana_data
# Populate database
lxc-execute -u 8001 -g 8001 sahana-demo -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
lxc-execute -u 8080 -g 8080 sahana-demo -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
# Install config update script
cp update-conf.sh /srv/sahana-demo/update-conf.sh

View File

@ -20,12 +20,12 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sahana-postgres -- psql
# Prepare persistent directory structure
mkdir -p /srv/sahana/sahana_conf /srv/sahana/sahana_data/databases /srv/sahana/sahana_data/uploads
chown -R 108001:108001 /srv/sahana/sahana_conf
chown -R 108080:108080 /srv/sahana/sahana_conf
lxc-execute sahana -- tar -cC /srv/web2py/applications/eden/models . | tar -xC /srv/sahana/sahana_conf
# Copy Spotter template
cp -r sahana_data/Spotter /srv/sahana/sahana_data/
chown -R 108001:108001 /srv/sahana/sahana_data
chown -R 108080:108080 /srv/sahana/sahana_data
# Configure Sahana
export SAHANA_HMAC=$(head -c 18 /dev/urandom | base64 | tr -d '+/=')
@ -34,10 +34,10 @@ export SAHANA_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
envsubst <sahana_conf/000_config.py >/srv/sahana/sahana_conf/000_config.py
envsubst <sahana_data/Spotter/masterUsers.csv >/srv/sahana/sahana_data/Spotter/masterUsers.csv
cp sahana_conf/00_settings.py /srv/sahana/sahana_conf/00_settings.py
chown -R 108001:108001 /srv/sahana/sahana_conf /srv/sahana/sahana_data
chown -R 108080:108080 /srv/sahana/sahana_conf /srv/sahana/sahana_data
# Populate database
lxc-execute -u 8001 -g 8001 sahana -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
lxc-execute -u 8080 -g 8080 sahana -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
# Set "production values" (increases performance) only if the DEBUG environment variable is not set
if [ ${DEBUG:-0} -eq 0 ]; then

View File

@ -44,8 +44,8 @@ COPY lxc
RUN EOF
# Create OS user
addgroup -S -g 8001 sahana
adduser -S -u 8001 -h /srv/web2py -s /bin/false -g sahana -G sahana sahana
addgroup -S -g 8080 sahana
adduser -S -u 8080 -h /srv/web2py -s /bin/false -g sahana -G sahana sahana
chown -R sahana:sahana /srv/web2py
# Cleanup

View File

@ -20,7 +20,7 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sambro-postgres -- psql
# Prepare persistent directory structure
mkdir -p /srv/sambro/sahana_conf /srv/sambro/sahana_data/databases /srv/sambro/sahana_data/uploads /srv/sambro/sahana_data/SAMBRO
chown -R 108001:108001 /srv/sambro/sahana_conf /srv/sambro/sahana_data
chown -R 108080:108080 /srv/sambro/sahana_conf /srv/sambro/sahana_data
lxc-execute sambro -- tar -cC /srv/web2py/applications/eden/models . | tar -xC /srv/sambro/sahana_conf
lxc-execute sambro -- tar -cC /srv/web2py/applications/eden/modules/templates/SAMBRO . | tar -xC /srv/sambro/sahana_data/SAMBRO
@ -32,13 +32,13 @@ envsubst <sahana_conf/000_config.py >/srv/sambro/sahana_conf/000_config.py
# TODO:
#mkdir -p /var/lib/lxc/sambro/sambro/srv/web2py/applications/eden/modules/templates/default/users
#envsubst <masterUsers.csv >/var/lib/lxc/sambro/sambro/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv
#chown -R 8001:8001 /var/lib/lxc/sambro/sambro/srv/web2py
#chown -R 8080:8080 /var/lib/lxc/sambro/sambro/srv/web2py
cp sahana_conf/00_settings.py /srv/sambro/sahana_conf/00_settings.py
cp sahana_data/SAMBRO/config.py /srv/sambro/sahana_data/SAMBRO/config.py
chown -R 108001:108001 /srv/sambro/sahana_conf /srv/sambro/sahana_data
chown -R 108080:108080 /srv/sambro/sahana_conf /srv/sambro/sahana_data
# Populate database
lxc-execute -u 8001 -g 8001 sambro -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
lxc-execute -u 8080 -g 8080 sambro -- sh -c 'cd /srv/web2py; ./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py'
# Set "production values" (increases performance) only if the DEBUG environment variable is not set
if [ ${DEBUG:-0} -eq 0 ]; then

View File

@ -22,8 +22,8 @@ cat custom.sql | lxc-attach -u 5432 -g 5432 seeddms-postgres -- psql seeddms
# Copy existing files into persistent storage
mkdir -p /srv/seeddms/seeddms_conf /srv/seeddms/seeddms)data
chown 108010:108010 /srv/seeddms/conf
chown 108010:108010 /srv/seeddms/data
chown 108080:108080 /srv/seeddms/conf
chown 108080:108080 /srv/seeddms/data
lxc-execute seeddms -- tar -cC /srv/seeddms/conf . | tar -xC /srv/seeddms/seeddms_conf
lxc-execute seeddms -- tar -cC /srv/seeddms/data . | tar -xC /srv/seeddms/seeddms_data
@ -33,7 +33,7 @@ export SEEDDMS_ADMIN_USER=admin
export SEEDDMS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d '+/=')
export SEEDDMS_ADMIN_EMAIL=admin@example.com
envsubst <adminpwd.sql | lxc-attach -u 5432 -g 5432 seeddms-postgres -- psql seeddms
chown -R 108010:108010 /srv/seeddms/seeddms_conf
chown -R 108080:108080 /srv/seeddms/seeddms_conf
# Install config update script
cp update-conf.sh /srv/seeddms/update-conf.sh

View File

@ -33,8 +33,8 @@ RUN EOF
rm previewers.patch
# Create OS user
addgroup -S -g 8010 seeddms
adduser -S -u 8010 -h /srv/seeddms -s /bin/false -g seeddms -G seeddms seeddms
addgroup -S -g 8080 seeddms
adduser -S -u 8080 -h /srv/seeddms -s /bin/false -g seeddms -G seeddms seeddms
chown -R seeddms:seeddms /srv/seeddms
# Cleanup

View File

@ -20,10 +20,10 @@ envsubst <createdb.sql | lxc-attach -u 5432 -g 5432 sigmah-postgres -- psql
# Configure Sigmah
mkdir -p /srv/sigmah/sigmah_conf /srv/sigmah/sigmah_data/files /srv/sigmah/sigmah_data/archives
chown -R 108011:108011 /srv/sigmah/sigmah_data
chown -R 108080:108080 /srv/sigmah/sigmah_data
envsubst <sigmah_conf/persistence.xml >/srv/sigmah/sigmah_conf/persistence.xml
cp sigmah_conf/sigmah.properties /srv/sigmah/sigmah_conf/sigmah.properties
chown -R 108011:108011 /srv/sigmah/sigmah_conf
chown -R 108080:108080 /srv/sigmah/sigmah_conf
lxc-execute sigmah -- cat /srv/tomcat/webapps/sigmah/sigmah/images/header/org-default-logo.png >/srv/sigmah/sigmah_data/files/logo.png
# Populate database

View File

@ -18,8 +18,8 @@ RUN EOF
rm /srv/tomcat/webapps/sigmah/WEB-INF/classes/logback.xml
# Create OS user
addgroup -S -g 8011 sigmah
adduser -S -u 8011 -h /srv/tomcat -s /bin/false -g sigmah -G sigmah sigmah
addgroup -S -g 8080 sigmah
adduser -S -u 8080 -h /srv/tomcat -s /bin/false -g sigmah -G sigmah sigmah
chown -R sigmah:sigmah /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/webapps /srv/tomcat/work
# Download database files
@ -32,6 +32,6 @@ EOF
COPY lxc
USER 8011 8011
USER 8080 8080
WORKDIR /srv/tomcat
CMD catalina.sh run

View File

@ -17,7 +17,7 @@ envsubst <createdb.sql | lxc-attach ushahidi-mariadb -- mysql
# Configure Ushahidi
mkdir -p /srv/ushahidi/ushahidi_conf /srv/ushahidi/ushahidi_data
chown 108014:108014 /srv/ushahidi/ushahidi_data
chown 108080:108080 /srv/ushahidi/ushahidi_data
envsubst <ushahidi_conf/env >/srv/ushahidi/ushahidi_conf/env
cp ushahidi_conf/config.json /srv/ushahidi/ushahidi_conf/config.json
chown -R 100000:100000 /srv/ushahidi/ushahidi_conf

View File

@ -16,8 +16,8 @@ RUN EOF
mv /srv/ushahidi/ushahidi-platform-bundle-v3.12.3 /srv/ushahidi/platform
# Create OS user
addgroup -S -g 8014 ushahidi
adduser -S -u 8014 -h /srv/ushahidi -s /bin/false -g ushahidi -G ushahidi ushahidi
addgroup -S -g 8080 ushahidi
adduser -S -u 8080 -h /srv/ushahidi -s /bin/false -g ushahidi -G ushahidi ushahidi
chown -R ushahidi:ushahidi /srv/ushahidi/platform/application/logs /srv/ushahidi/platform/application/cache /srv/ushahidi/platform/application/media/uploads
# Cleanup