Initial commit for LXCification

This commit is contained in:
Disassembler 2018-09-04 21:42:26 +02:00
parent 42523d1aa3
commit 1c40252112
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
54 changed files with 144 additions and 120 deletions

View File

@ -82,7 +82,7 @@ chroot /mnt setup-timezone -z Europe/Prague
# Set hostname # Set hostname
echo 'spotter.vm' >/mnt/etc/hostname echo 'spotter.vm' >/mnt/etc/hostname
echo '127.0.0.1 spotter.vm localhost localhost.localdomain' >/mnt/etc/hosts echo -e '127.0.0.1 localhost\n::1 localhost' >/mnt/etc/hosts
sed -i '/hostname/d' /mnt/etc/network/interfaces sed -i '/hostname/d' /mnt/etc/network/interfaces
# Enable services on boot # Enable services on boot

View File

@ -3,6 +3,11 @@ set -e
SOURCE_DIR=$(realpath $(dirname "${0}"))/basic-runtimes SOURCE_DIR=$(realpath $(dirname "${0}"))/basic-runtimes
# Build basic Alpine image
mkdir -p /var/lib/lxc/shared/alpine
wget https://github.com/gliderlabs/docker-alpine/raw/2bfe6510ee31d86cfeb2f37587f4cf866f28ffbc/versions/library-3.8/x86_64/rootfs.tar.xz -O - | tar xJf - -C /var/lib/lxc/shared/alpine
cp ${SOURCE_DIR}/var/lib/lxc/shared/config /var/lib/lxc/shared/config
# Build Docker images # Build Docker images
docker build -t java ${SOURCE_DIR}/java docker build -t java ${SOURCE_DIR}/java
docker build -t php ${SOURCE_DIR}/php docker build -t php ${SOURCE_DIR}/php

View File

@ -0,0 +1,24 @@
# Hostname
lxc.uts.name = shared
# Network
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.ipv4.address = 172.17.0.2/16
lxc.net.0.ipv4.gateway = auto
# Volumes
lxc.rootfs.path = /var/lib/lxc/shared/alpine
# Mounts
lxc.mount.entry = /etc/hosts /etc/hosts none bind 0 0
lxc.mount.entry = /etc/resolv.conf /etc/resolv.conf none bind 0 0
# Halt
lxc.signal.halt = SIGTERM
# Other
lxc.arch = x86_64
lxc.cap.drop = sys_admin
lxc.include = /usr/share/lxc/config/alpine.common.conf

View File

@ -4,7 +4,7 @@ set -e
SOURCE_DIR=$(realpath $(dirname "${0}"))/basic SOURCE_DIR=$(realpath $(dirname "${0}"))/basic
# Install packages # Install packages
apk --no-cache add curl docker e2fsprogs-extra gettext kbd-misc libressl python3 py3-bcrypt py3-cffi py3-dnspython py3-jinja2 py3-requests py3-six py3-werkzeug nginx util-linux apk --no-cache add curl bridge e2fsprogs-extra gettext iptables kbd-misc libressl lxc python3 py3-bcrypt py3-cffi py3-dnspython py3-jinja2 py3-requests py3-six py3-werkzeug nginx util-linux
if [ ${DEBUG:-0} -eq 1 ]; then if [ ${DEBUG:-0} -eq 1 ]; then
# Install some utilities for DEBUG mode # Install some utilities for DEBUG mode
apk --no-cache add git file htop less openssh-server openssh-sftp-server apk --no-cache add git file htop less openssh-server openssh-sftp-server
@ -33,38 +33,37 @@ cp ${SOURCE_DIR}/etc/conf.d/consolefont /etc/conf.d/consolefont
# Configure NTP client # Configure NTP client
cp ${SOURCE_DIR}/etc/conf.d/ntpd /etc/conf.d/ntpd cp ${SOURCE_DIR}/etc/conf.d/ntpd /etc/conf.d/ntpd
# Configure networking
cp ${SOURCE_DIR}/etc/conf.d/iptables /etc/conf.d/iptables
cp ${SOURCE_DIR}/etc/iptables/rules-save /etc/iptables/rules-save
cp ${SOURCE_DIR}/etc/network/interfaces /etc/network/interfaces
service networking restart
service iptables restart
echo -e "172.17.0.1 host\n172.17.0.1 postfix" >>/etc/hosts
# Download and configure acme.sh # Download and configure acme.sh
mkdir /etc/acme.sh.d mkdir /etc/acme.sh.d
wget https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh -O /usr/bin/acme.sh wget https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh -O /usr/bin/acme.sh
sed -i 's|$HOME/.$PROJECT_NAME|/etc/acme.sh.d|' /usr/bin/acme.sh sed -i 's|$HOME/.$PROJECT_NAME|/etc/acme.sh.d|' /usr/bin/acme.sh
chmod +x /usr/bin/acme.sh chmod +x /usr/bin/acme.sh
# Copy AppMgr resources # Copy VMMgr resources
cp ${SOURCE_DIR}/etc/init.d/vm-appmgr /etc/init.d/vm-appmgr cp ${SOURCE_DIR}/etc/init.d/vmmgr /etc/init.d/vmmgr
rc-update -u rc-update -u
cp -r ${SOURCE_DIR}/srv/vm /srv/vm cp -r ${SOURCE_DIR}/srv/vm /srv/vm
ln -s /srv/vm/cli.py /usr/bin/vm-appmgr ln -s /srv/vm/cli.py /usr/bin/vmmgr
# Create a self-signed certificate # Create a self-signed certificate
vm-appmgr create-selfsigned vmmgr create-selfsigned
# Configure nginx # Configure nginx
cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf cp ${SOURCE_DIR}/etc/nginx/nginx.conf /etc/nginx/nginx.conf
# Configure services # Configure services
for SERVICE in consolefont crond nginx ntpd sshd vm-appmgr swap; do for SERVICE in consolefont crond nginx ntpd lxd sshd swap vmmgr; do
rc-update add ${SERVICE} boot rc-update add ${SERVICE} boot
service ${SERVICE} start service ${SERVICE} start
done done
# Configure Docker service
cp ${SOURCE_DIR}/etc/init.d/docker /etc/init.d/docker
rc-update -u
rc-update add docker
service docker start
# Create basic images
docker build -t alpine ${SOURCE_DIR}
# Set dummy host and generate related files # Set dummy host and generate related files
vm-appmgr update-host spotter.vm 443 vmmgr update-host spotter.vm 443

14
basic/etc/conf.d/iptables Normal file
View File

@ -0,0 +1,14 @@
# /etc/conf.d/iptables
# Location in which iptables initscript will save set rules on
# service shutdown
IPTABLES_SAVE="/etc/iptables/rules-save"
# Options to pass to iptables-save and iptables-restore
SAVE_RESTORE_OPTIONS="-c"
# Save state on stopping iptables
SAVE_ON_STOP="yes"
# Enable/disable IPv4 forwarding with the rules
IPFORWARD="yes"

View File

@ -1,40 +0,0 @@
#!/sbin/openrc-run
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
command="${DOCKERD_BINARY:-/usr/bin/dockerd}"
pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}"
command_args="-p \"${pidfile}\" ${DOCKER_OPTS}"
DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
DOCKER_ERRFILE="${DOCKER_ERRFILE:-${DOCKER_LOGFILE}}"
DOCKER_OUTFILE="${DOCKER_OUTFILE:-${DOCKER_LOGFILE}}"
start_stop_daemon_args="--background \
--stderr \"${DOCKER_ERRFILE}\" --stdout \"${DOCKER_OUTFILE}\""
grsecdir=/proc/sys/kernel/grsecurity
depend() {
need sysfs cgroups
}
start_pre() {
checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE"
for i in $disable_grsec; do
if [ -e "$grsecdir/$i" ]; then
einfo " Disabling $i"
echo 0 > "$grsecdir/$i"
fi
done
ulimit -n 1048576
# Having non-zero limits causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
ulimit -p unlimited
return 0
}
start_post() {
ewaitfile 10 /var/run/docker.sock
}

View File

@ -1,6 +1,6 @@
#!/sbin/openrc-run #!/sbin/openrc-run
command=/srv/vm/wsgi.py command=/srv/vm/wsgi.py
description="VM application manager" description="VM manager"
pidfile=/var/run/vm-appmgr.pid pidfile=/var/run/vmmgr.pid
start_stop_daemon_args="--background --make-pidfile --stderr /dev/null --stdout /dev/null" start_stop_daemon_args="--background --make-pidfile --stderr /dev/null --stdout /dev/null"

View File

@ -0,0 +1,7 @@
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
[0:0] -A POSTROUTING -o eth0 -j MASQUERADE
COMMIT

View File

@ -0,0 +1,15 @@
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto lxcbr0
iface lxcbr0 inet static
address 172.17.0.1
network 172.17.0.0
netmask 255.255.0.0
broadcast 172.17.255.255
bridge_fd 0
bridge_stp off
bridge_waitport 0

View File

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# Rebuild /etc/issue # Rebuild /etc/issue
/usr/bin/vm-appmgr rebuild-issue /usr/bin/vmmgr rebuild-issue
# Remove double-escaping needed for the real /etc/issue # Remove double-escaping needed for the real /etc/issue
/bin/sed 's|\\\\|\\|g' /etc/issue /bin/sed 's|\\\\|\\|g' /etc/issue
# Wait for key press # Wait for key press

View File

@ -6,7 +6,7 @@ import getpass
import sys import sys
sys.path.append('/srv/vm') sys.path.append('/srv/vm')
from appmgr import AppMgr from mgr import VMMgr
parser = argparse.ArgumentParser(description='VM application manager') parser = argparse.ArgumentParser(description='VM application manager')
subparsers = parser.add_subparsers() subparsers = parser.add_subparsers()
@ -77,7 +77,7 @@ parser_install_cert.add_argument('certificate', help='Certificate file')
parser_install_cert.add_argument('key', help='Key file') parser_install_cert.add_argument('key', help='Key file')
args = parser.parse_args() args = parser.parse_args()
mgr = AppMgr() mgr = VMMgr()
if args.action == 'update-login': if args.action == 'update-login':
mgr.update_login(args.app, args.login, args.password) mgr.update_login(args.app, args.login, args.password)
elif args.action == 'show-tiles': elif args.action == 'show-tiles':

View File

@ -122,7 +122,7 @@ x509_extensions = ext
subjectAltName=DNS:{domain},DNS:*.{domain}" subjectAltName=DNS:{domain},DNS:*.{domain}"
''' '''
class AppMgr: class VMMgr:
def __init__(self): def __init__(self):
# Load JSON configuration # Load JSON configuration
with open(CONF_FILE, 'r') as f: with open(CONF_FILE, 'r') as f:

View File

@ -10,7 +10,7 @@ from werkzeug.wrappers import Request, Response
from werkzeug.wsgi import ClosingIterator from werkzeug.wsgi import ClosingIterator
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
from . import AppMgr, CERT_PUB_FILE from . import VMMgr, CERT_PUB_FILE
from . import tools from . import tools
from .validator import InvalidValueException from .validator import InvalidValueException
from .wsgilang import WSGILang from .wsgilang import WSGILang
@ -30,7 +30,7 @@ class WSGIApp(object):
def wsgi_app(self, environ, start_response): def wsgi_app(self, environ, start_response):
request = Request(environ) request = Request(environ)
# Enhance request # Enhance request
request.mgr = AppMgr() request.mgr = VMMgr()
request.session = WSGISession(request.cookies, SESSION_KEY) request.session = WSGISession(request.cookies, SESSION_KEY)
request.session.lang = WSGILang() request.session.lang = WSGILang()
# Dispatch request # Dispatch request
@ -254,7 +254,7 @@ class WSGIApp(object):
return self.render_json({'ok': request.session.lang.app_stopped()}) return self.render_json({'ok': request.session.lang.app_stopped()})
def update_password_action(self, request): def update_password_action(self, request):
# Updates password for both HDD encryption (LUKS-on-LVM) and admin account to vm-appmgr # Updates password for both HDD encryption (LUKS-on-LVM) and admin account to vmmgr
try: try:
if request.form['newpassword'] != request.form['newpassword2']: if request.form['newpassword'] != request.form['newpassword2']:
return self.render_json({'error': request.session.lang.password_mismatch()}) return self.render_json({'error': request.session.lang.password_mismatch()})

View File

@ -4,7 +4,7 @@
import sys import sys
sys.path.append('/srv/vm') sys.path.append('/srv/vm')
from appmgr.wsgiapp import WSGIApp from mgr.wsgiapp import WSGIApp
application = WSGIApp() application = WSGIApp()

View File

@ -56,7 +56,7 @@ export CKAN_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export CKAN_ADMIN_HASH=$(docker run --rm ckan python -c "from passlib.hash import pbkdf2_sha512;print pbkdf2_sha512.encrypt('${CKAN_ADMIN_PWD}')") export CKAN_ADMIN_HASH=$(docker run --rm ckan python -c "from passlib.hash import pbkdf2_sha512;print pbkdf2_sha512.encrypt('${CKAN_ADMIN_PWD}')")
export CKAN_ADMIN_EMAIL="admin@example.com" export CKAN_ADMIN_EMAIL="admin@example.com"
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql ckan envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql ckan
vm-appmgr update-login ckan "${CKAN_ADMIN_USER}" "${CKAN_ADMIN_PWD}" vmmgr update-login ckan "${CKAN_ADMIN_USER}" "${CKAN_ADMIN_PWD}"
# Install cron job # Install cron job
cp ${SOURCE_DIR}/etc/periodic/hourly/ckan /etc/periodic/hourly/ckan cp ${SOURCE_DIR}/etc/periodic/hourly/ckan /etc/periodic/hourly/ckan

View File

@ -21,11 +21,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy ckan /usr/bin/vmmgr register-proxy ckan
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy ckan /usr/bin/vmmgr unregister-proxy ckan
} }
stop() { stop() {

View File

@ -31,7 +31,7 @@ envsubst <${SOURCE_DIR}/srv/crisiscleanup/conf/database.yml >/srv/crisiscleanup/
cp ${SOURCE_DIR}/srv/crisiscleanup/conf/boot.rb /srv/crisiscleanup/conf/boot.rb cp ${SOURCE_DIR}/srv/crisiscleanup/conf/boot.rb /srv/crisiscleanup/conf/boot.rb
cp ${SOURCE_DIR}/srv/crisiscleanup/conf/initializers/devise.rb /srv/crisiscleanup/conf/initializers/devise.rb cp ${SOURCE_DIR}/srv/crisiscleanup/conf/initializers/devise.rb /srv/crisiscleanup/conf/initializers/devise.rb
cp ${SOURCE_DIR}/srv/crisiscleanup/conf/environments/production.rb /srv/crisiscleanup/conf/environments/production.rb cp ${SOURCE_DIR}/srv/crisiscleanup/conf/environments/production.rb /srv/crisiscleanup/conf/environments/production.rb
vm-appmgr update-login crisiscleanup "${CRISISCLEANUP_ADMIN_EMAIL}" "${CRISISCLEANUP_ADMIN_PWD}" vmmgr update-login crisiscleanup "${CRISISCLEANUP_ADMIN_EMAIL}" "${CRISISCLEANUP_ADMIN_PWD}"
# Populate database # Populate database
envsubst <${SOURCE_DIR}/srv/crisiscleanup/db/seeds.rb >/tmp/seeds.rb envsubst <${SOURCE_DIR}/srv/crisiscleanup/db/seeds.rb >/tmp/seeds.rb

View File

@ -17,11 +17,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy crisiscleanup /usr/bin/vmmgr register-proxy crisiscleanup
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy crisiscleanup /usr/bin/vmmgr unregister-proxy crisiscleanup
} }
stop() { stop() {

2
cts.sh
View File

@ -39,7 +39,7 @@ export CTS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export CTS_ADMIN_HASH=$(docker run --rm -h cts -v /srv/cts/conf:/srv/cts/cts/settings cts python -c "from django.contrib.auth.hashers import make_password; print make_password('${CTS_ADMIN_PWD}')") export CTS_ADMIN_HASH=$(docker run --rm -h cts -v /srv/cts/conf:/srv/cts/cts/settings cts python -c "from django.contrib.auth.hashers import make_password; print make_password('${CTS_ADMIN_PWD}')")
export CTS_ADMIN_SECRET=$(head -c 12 /dev/urandom | sha256sum | cut -c1-13) export CTS_ADMIN_SECRET=$(head -c 12 /dev/urandom | sha256sum | cut -c1-13)
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql cts envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql cts
vm-appmgr update-login cts "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}" vmmgr update-login cts "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}"
# Stop services required for build # Stop services required for build
service postgres stop service postgres stop

View File

@ -16,11 +16,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy cts /usr/bin/vmmgr register-proxy cts
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy cts /usr/bin/vmmgr unregister-proxy cts
} }
stop() { stop() {

View File

@ -16,4 +16,4 @@ export FRONTLINESMS_ADMIN_USER_HASH=$(echo -n "${FRONTLINESMS_ADMIN_USER}" | bas
export FRONTLINESMS_ADMIN_PWD_HASH=$(echo -n "${FRONTLINESMS_ADMIN_PWD}" | base64) export FRONTLINESMS_ADMIN_PWD_HASH=$(echo -n "${FRONTLINESMS_ADMIN_PWD}" | base64)
envsubst <${SOURCE_DIR}/srv/frontlinesms/data/app-settings.properties >/srv/frontlinesms/data/app-settings.properties envsubst <${SOURCE_DIR}/srv/frontlinesms/data/app-settings.properties >/srv/frontlinesms/data/app-settings.properties
chown -R 8018:8018 /srv/frontlinesms/data chown -R 8018:8018 /srv/frontlinesms/data
vm-appmgr update-login frontlinesms "${FRONTLINESMS_ADMIN_USER}" "${FRONTLINESMS_ADMIN_PWD}" vmmgr update-login frontlinesms "${FRONTLINESMS_ADMIN_USER}" "${FRONTLINESMS_ADMIN_PWD}"

View File

@ -15,11 +15,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy frontlinesms /usr/bin/vmmgr register-proxy frontlinesms
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy frontlinesms /usr/bin/vmmgr unregister-proxy frontlinesms
} }
stop() { stop() {

View File

@ -27,7 +27,7 @@ export GNUHEALTH_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
echo ${GNUHEALTH_ADMIN_PWD} >/tmp/.adminpwd echo ${GNUHEALTH_ADMIN_PWD} >/tmp/.adminpwd
docker run --rm -h gnuhealth --link postgres -v /srv/gnuhealth/conf:/srv/gnuhealth/gnuhealth/tryton/server/config -v /tmp/.adminpwd:/tmp/.adminpwd -e TRYTONPASSFILE=/tmp/.adminpwd gnuhealth /srv/gnuhealth/gnuhealth/tryton/server/trytond-4.2.15/bin/trytond-admin -d gnuhealth --all -v docker run --rm -h gnuhealth --link postgres -v /srv/gnuhealth/conf:/srv/gnuhealth/gnuhealth/tryton/server/config -v /tmp/.adminpwd:/tmp/.adminpwd -e TRYTONPASSFILE=/tmp/.adminpwd gnuhealth /srv/gnuhealth/gnuhealth/tryton/server/trytond-4.2.15/bin/trytond-admin -d gnuhealth --all -v
rm -f /tmp/.adminpwd rm -f /tmp/.adminpwd
vm-appmgr update-login gnuhealth "${GNUHEALTH_ADMIN_USER}" "${GNUHEALTH_ADMIN_PWD}" vmmgr update-login gnuhealth "${GNUHEALTH_ADMIN_USER}" "${GNUHEALTH_ADMIN_PWD}"
# Populate demo database # Populate demo database
wget http://health.gnu.org/downloads/postgres_dumps/gnuhealth-32-demo.sql.gz -O /tmp/gnuhealth_demo.sql.gz wget http://health.gnu.org/downloads/postgres_dumps/gnuhealth-32-demo.sql.gz -O /tmp/gnuhealth_demo.sql.gz

View File

@ -17,11 +17,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy gnuhealth /usr/bin/vmmgr register-proxy gnuhealth
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy gnuhealth /usr/bin/vmmgr unregister-proxy gnuhealth
} }
stop() { stop() {

View File

@ -26,7 +26,7 @@ export KANBOARD_ADMIN_USER=admin
export KANBOARD_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) export KANBOARD_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export KANBOARD_ADMIN_HASH=$(docker run --rm kanboard php -r "echo password_hash('${KANBOARD_ADMIN_PWD}', PASSWORD_BCRYPT);") export KANBOARD_ADMIN_HASH=$(docker run --rm kanboard php -r "echo password_hash('${KANBOARD_ADMIN_PWD}', PASSWORD_BCRYPT);")
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql kanboard envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql kanboard
vm-appmgr update-login kanboard "${KANBOARD_ADMIN_USER}" "${KANBOARD_ADMIN_PWD}" vmmgr update-login kanboard "${KANBOARD_ADMIN_USER}" "${KANBOARD_ADMIN_PWD}"
# Install cron job # Install cron job
cp ${SOURCE_DIR}/etc/periodic/daily/kanboard /etc/periodic/daily/kanboard cp ${SOURCE_DIR}/etc/periodic/daily/kanboard /etc/periodic/daily/kanboard

View File

@ -18,11 +18,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy kanboard /usr/bin/vmmgr register-proxy kanboard
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy kanboard /usr/bin/vmmgr unregister-proxy kanboard
} }
stop() { stop() {

View File

@ -42,7 +42,7 @@ export MIFOSX_ADMIN_EMAIL=admin@example.com
export MIFOSX_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d "+") export MIFOSX_ADMIN_PWD=$(head -c 12 /dev/urandom | base64 | tr -d "+")
export MIFOSX_ADMIN_HASH=$(echo -n "${MIFOSX_ADMIN_PWD}{1}" | sha256sum | awk '{print $1}') export MIFOSX_ADMIN_HASH=$(echo -n "${MIFOSX_ADMIN_PWD}{1}" | sha256sum | awk '{print $1}')
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql mifostenant-default envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql mifostenant-default
vm-appmgr update-login mifosx "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}" vmmgr update-login mifosx "${MIFOSX_ADMIN_USER}" "${MIFOSX_ADMIN_PWD}"
# Stop services required for build # Stop services required for build
service mariadb stop service mariadb stop

View File

@ -18,11 +18,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy mifosx /usr/bin/vmmgr register-proxy mifosx
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy mifosx /usr/bin/vmmgr unregister-proxy mifosx
} }
stop() { stop() {

View File

@ -38,7 +38,7 @@ export MOTECH_ADMIN_EMAIL="admin@example.com"
export MOTECH_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) export MOTECH_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
curl -H "Content-Type: application/json" -X POST -d "{\"adminLogin\":\"${MOTECH_ADMIN_USER}\",\"adminEmail\":\"${MOTECH_ADMIN_EMAIL}\",\"adminPassword\":\"${MOTECH_ADMIN_PWD}\",\"adminConfirmPassword\":\"${MOTECH_ADMIN_PWD}\",\"language\":\"cs\",\"providerName\":\"\",\"providerUrl\":\"\",\"schedulerUrl\":\"\"}" http://${MOTECH_IP}:8080/module/server/startup/ curl -H "Content-Type: application/json" -X POST -d "{\"adminLogin\":\"${MOTECH_ADMIN_USER}\",\"adminEmail\":\"${MOTECH_ADMIN_EMAIL}\",\"adminPassword\":\"${MOTECH_ADMIN_PWD}\",\"adminConfirmPassword\":\"${MOTECH_ADMIN_PWD}\",\"language\":\"cs\",\"providerName\":\"\",\"providerUrl\":\"\",\"schedulerUrl\":\"\"}" http://${MOTECH_IP}:8080/module/server/startup/
service motech stop service motech stop
vm-appmgr update-login motech "${MOTECH_ADMIN_USER}" "${MOTECH_ADMIN_PWD}" vmmgr update-login motech "${MOTECH_ADMIN_USER}" "${MOTECH_ADMIN_PWD}"
# Stop services required for build # Stop services required for build
service activemq stop service activemq stop

View File

@ -18,11 +18,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy motech /usr/bin/vmmgr register-proxy motech
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy motech /usr/bin/vmmgr unregister-proxy motech
} }
stop() { stop() {

View File

@ -17,11 +17,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy opendatakit-build /usr/bin/vmmgr register-proxy opendatakit-build
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy opendatakit-build /usr/bin/vmmgr unregister-proxy opendatakit-build
} }
stop() { stop() {

View File

@ -39,7 +39,7 @@ export OPENDATAKIT_ADMIN_SALT=$(head -c 4 /dev/urandom | hexdump -e '"%x"') # Mu
export OPENDATAKIT_ADMIN_BASIC_HASH=$(echo -n "${OPENDATAKIT_ADMIN_PWD}{${OPENDATAKIT_ADMIN_SALT}}" | sha1sum | tr -d " -") export OPENDATAKIT_ADMIN_BASIC_HASH=$(echo -n "${OPENDATAKIT_ADMIN_PWD}{${OPENDATAKIT_ADMIN_SALT}}" | sha1sum | tr -d " -")
export OPENDATAKIT_ADMIN_DIGEST_HASH=$(echo -n "${OPENDATAKIT_ADMIN_USER}:${OPENDATAKIT_ADMIN_REALM}:${OPENDATAKIT_ADMIN_PWD}" | md5sum | tr -d " -") export OPENDATAKIT_ADMIN_DIGEST_HASH=$(echo -n "${OPENDATAKIT_ADMIN_USER}:${OPENDATAKIT_ADMIN_REALM}:${OPENDATAKIT_ADMIN_PWD}" | md5sum | tr -d " -")
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql opendatakit envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql opendatakit
vm-appmgr update-login opendatakit "${OPENDATAKIT_ADMIN_USER}" "${OPENDATAKIT_ADMIN_PWD}" vmmgr update-login opendatakit "${OPENDATAKIT_ADMIN_USER}" "${OPENDATAKIT_ADMIN_PWD}"
# Stop services required for build # Stop services required for build
service postgres stop service postgres stop

View File

@ -19,11 +19,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy opendatakit /usr/bin/vmmgr register-proxy opendatakit
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy opendatakit /usr/bin/vmmgr unregister-proxy opendatakit
} }
stop() { stop() {

View File

@ -15,4 +15,4 @@ mkdir -p /srv/openmapkit/conf /srv/openmapkit/data
chown -R 8007:8007 /srv/openmapkit/data chown -R 8007:8007 /srv/openmapkit/data
docker run --rm -v /srv/openmapkit/data:/mnt/data openmapkit cp -rp /srv/openmapkit/data/. /mnt/data docker run --rm -v /srv/openmapkit/data:/mnt/data openmapkit cp -rp /srv/openmapkit/data/. /mnt/data
envsubst <${SOURCE_DIR}/srv/openmapkit/conf/settings.js >/srv/openmapkit/conf/settings.js envsubst <${SOURCE_DIR}/srv/openmapkit/conf/settings.js >/srv/openmapkit/conf/settings.js
vm-appmgr update-login openmapkit "${OPENMAPKIT_ADMIN_USER}" "${OPENMAPKIT_ADMIN_PWD}" vmmgr update-login openmapkit "${OPENMAPKIT_ADMIN_USER}" "${OPENMAPKIT_ADMIN_PWD}"

View File

@ -16,11 +16,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy openmapkit /usr/bin/vmmgr register-proxy openmapkit
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy openmapkit /usr/bin/vmmgr unregister-proxy openmapkit
} }
stop() { stop() {

View File

@ -55,7 +55,7 @@ export PANDORA_ADMIN_EMAIL=admin@example.com
export PANDORA_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) export PANDORA_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export PANDORA_ADMIN_HASH=$(docker run --rm -h pandora -e DJANGO_SETTINGS_MODULE=pandora.settings -v /srv/pandora/conf:/srv/pandora/conf pandora python3 -c "from django.contrib.auth.hashers import make_password; print(make_password('${PANDORA_ADMIN_PWD}'))") export PANDORA_ADMIN_HASH=$(docker run --rm -h pandora -e DJANGO_SETTINGS_MODULE=pandora.settings -v /srv/pandora/conf:/srv/pandora/conf pandora python3 -c "from django.contrib.auth.hashers import make_password; print(make_password('${PANDORA_ADMIN_PWD}'))")
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql pandora envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql pandora
vm-appmgr update-login pandora "${PANDORA_ADMIN_USER}" "${PANDORA_ADMIN_PWD}" vmmgr update-login pandora "${PANDORA_ADMIN_USER}" "${PANDORA_ADMIN_PWD}"
# Stop services required for build # Stop services required for build
service rabbitmq stop service rabbitmq stop

View File

@ -19,11 +19,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy pandora /usr/bin/vmmgr register-proxy pandora
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy pandora /usr/bin/vmmgr unregister-proxy pandora
} }
stop() { stop() {

View File

@ -30,7 +30,7 @@ export SAHANADEMO_ADMIN_USER=admin@example.com
export SAHANADEMO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) export SAHANADEMO_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
envsubst <${SOURCE_DIR}/srv/sahana-demo/conf/000_config.py >/srv/sahana-demo/conf/000_config.py envsubst <${SOURCE_DIR}/srv/sahana-demo/conf/000_config.py >/srv/sahana-demo/conf/000_config.py
envsubst <${SOURCE_DIR}/masterUsers.csv >/tmp/masterUsers.csv envsubst <${SOURCE_DIR}/masterUsers.csv >/tmp/masterUsers.csv
vm-appmgr update-login sahana-demo "${SAHANADEMO_ADMIN_USER}" "${SAHANADEMO_ADMIN_PWD}" vmmgr update-login sahana-demo "${SAHANADEMO_ADMIN_USER}" "${SAHANADEMO_ADMIN_PWD}"
# Populate database # Populate database
docker run --rm -h sahana-demo --link postgres -v /srv/sahana-demo/conf:/srv/web2py/applications/eden/models -v /srv/sahana-demo/data/${TEMPLATE}:/srv/web2py/applications/eden/modules/templates/${TEMPLATE} -v /srv/sahana-demo/data/databases:/srv/web2py/applications/eden/databases -v /tmp/masterUsers.csv:/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv sahana su - sahana -c "./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py" docker run --rm -h sahana-demo --link postgres -v /srv/sahana-demo/conf:/srv/web2py/applications/eden/models -v /srv/sahana-demo/data/${TEMPLATE}:/srv/web2py/applications/eden/modules/templates/${TEMPLATE} -v /srv/sahana-demo/data/databases:/srv/web2py/applications/eden/databases -v /tmp/masterUsers.csv:/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv sahana su - sahana -c "./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py"

View File

@ -20,11 +20,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy sahana-demo /usr/bin/vmmgr register-proxy sahana-demo
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy sahana-demo /usr/bin/vmmgr unregister-proxy sahana-demo
} }
stop() { stop() {

View File

@ -33,7 +33,7 @@ export SAHANA_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
envsubst <${SOURCE_DIR}/srv/sahana/conf/000_config.py >/srv/sahana/conf/000_config.py envsubst <${SOURCE_DIR}/srv/sahana/conf/000_config.py >/srv/sahana/conf/000_config.py
envsubst <${SOURCE_DIR}/srv/sahana/data/Spotter/masterUsers.csv >/srv/sahana/data/Spotter/masterUsers.csv envsubst <${SOURCE_DIR}/srv/sahana/data/Spotter/masterUsers.csv >/srv/sahana/data/Spotter/masterUsers.csv
cp ${SOURCE_DIR}/srv/sahana/conf/00_settings.py /srv/sahana/conf/00_settings.py cp ${SOURCE_DIR}/srv/sahana/conf/00_settings.py /srv/sahana/conf/00_settings.py
vm-appmgr update-login sahana "${SAHANA_ADMIN_USER}" "${SAHANA_ADMIN_PWD}" vmmgr update-login sahana "${SAHANA_ADMIN_USER}" "${SAHANA_ADMIN_PWD}"
# Populate database # Populate database
docker run --rm -h sahana --link postgres -v /srv/sahana/conf:/srv/web2py/applications/eden/models -v /srv/sahana/data/Spotter:/srv/web2py/applications/eden/modules/templates/Spotter -v /srv/sahana/data/databases:/srv/web2py/applications/eden/databases sahana su - sahana -c "./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py" docker run --rm -h sahana --link postgres -v /srv/sahana/conf:/srv/web2py/applications/eden/models -v /srv/sahana/data/Spotter:/srv/web2py/applications/eden/modules/templates/Spotter -v /srv/sahana/data/databases:/srv/web2py/applications/eden/databases sahana su - sahana -c "./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py"

View File

@ -20,11 +20,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy sahana /usr/bin/vmmgr register-proxy sahana
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy sahana /usr/bin/vmmgr unregister-proxy sahana
} }
stop() { stop() {

View File

@ -31,7 +31,7 @@ envsubst <${SOURCE_DIR}/srv/sambro/conf/000_config.py >/srv/sambro/conf/000_conf
envsubst <${SOURCE_DIR}/masterUsers.csv >/tmp/masterUsers.csv envsubst <${SOURCE_DIR}/masterUsers.csv >/tmp/masterUsers.csv
cp ${SOURCE_DIR}/srv/sambro/conf/00_settings.py /srv/sambro/conf/00_settings.py cp ${SOURCE_DIR}/srv/sambro/conf/00_settings.py /srv/sambro/conf/00_settings.py
cp ${SOURCE_DIR}/srv/sambro/data/SAMBRO/config.py /srv/sambro/data/SAMBRO/config.py cp ${SOURCE_DIR}/srv/sambro/data/SAMBRO/config.py /srv/sambro/data/SAMBRO/config.py
vm-appmgr update-login sambro "${SAMBRO_ADMIN_USER}" "${SAMBRO_ADMIN_PWD}" vmmgr update-login sambro "${SAMBRO_ADMIN_USER}" "${SAMBRO_ADMIN_PWD}"
# Populate database # Populate database
docker run --rm -h sambro --link postgres -v /srv/sambro/conf:/srv/web2py/applications/eden/models -v /srv/sambro/data/SAMBRO:/srv/web2py/applications/eden/modules/templates/SAMBRO -v /tmp/masterUsers.csv:/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv -v /srv/sambro/data/databases:/srv/web2py/applications/eden/databases sahana su - sahana -c "./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py" docker run --rm -h sambro --link postgres -v /srv/sambro/conf:/srv/web2py/applications/eden/models -v /srv/sambro/data/SAMBRO:/srv/web2py/applications/eden/modules/templates/SAMBRO -v /tmp/masterUsers.csv:/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv -v /srv/sambro/data/databases:/srv/web2py/applications/eden/databases sahana su - sahana -c "./web2py.py -S eden -M -R applications/eden/static/scripts/tools/noop.py"

View File

@ -20,11 +20,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy sambro /usr/bin/vmmgr register-proxy sambro
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy sambro /usr/bin/vmmgr unregister-proxy sambro
} }
stop() { stop() {

View File

@ -32,7 +32,7 @@ export SEEDDMS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export SEEDDMS_ADMIN_EMAIL=admin@example.com export SEEDDMS_ADMIN_EMAIL=admin@example.com
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql seeddms envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i postgres psql seeddms
chown -R 8010:8010 /srv/seeddms/conf chown -R 8010:8010 /srv/seeddms/conf
vm-appmgr update-login seeddms "${SEEDDMS_ADMIN_USER}" "${SEEDDMS_ADMIN_PWD}" vmmgr update-login seeddms "${SEEDDMS_ADMIN_USER}" "${SEEDDMS_ADMIN_PWD}"
# Install cron job # Install cron job
cp ${SOURCE_DIR}/etc/periodic/hourly/seeddms /etc/periodic/hourly/seeddms cp ${SOURCE_DIR}/etc/periodic/hourly/seeddms /etc/periodic/hourly/seeddms

View File

@ -18,11 +18,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy seeddms /usr/bin/vmmgr register-proxy seeddms
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy seeddms /usr/bin/vmmgr unregister-proxy seeddms
} }
stop() { stop() {

View File

@ -44,7 +44,7 @@ sed -i "s|\$2a\$10\$pMcTA1p9fefR8U9NoOPei.H0eq/TbbdSF27M0tn9iDWBrA4JHeCDC|${SIGM
cat /tmp/sigmah-MinimumDataKit.sql | docker exec -i -e PGPASSWORD=${SIGMAH_PWD} postgres psql -U sigmah sigmah cat /tmp/sigmah-MinimumDataKit.sql | docker exec -i -e PGPASSWORD=${SIGMAH_PWD} postgres psql -U sigmah sigmah
cat /tmp/sigmah-newOrganizationLaunchScript.sql | docker exec -i -e PGPASSWORD=${SIGMAH_PWD} postgres psql -U sigmah sigmah cat /tmp/sigmah-newOrganizationLaunchScript.sql | docker exec -i -e PGPASSWORD=${SIGMAH_PWD} postgres psql -U sigmah sigmah
rm -f /tmp/sigmah-MinimumDataKit.sql /tmp/sigmah-newOrganizationLaunchScript.sql rm -f /tmp/sigmah-MinimumDataKit.sql /tmp/sigmah-newOrganizationLaunchScript.sql
vm-appmgr update-login sigmah "${SIGMAH_ADMIN_EMAIL}" "${SIGMAH_ADMIN_PWD}" vmmgr update-login sigmah "${SIGMAH_ADMIN_EMAIL}" "${SIGMAH_ADMIN_PWD}"
# Stop services required for build # Stop services required for build
service postgres stop service postgres stop

View File

@ -19,11 +19,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy sigmah /usr/bin/vmmgr register-proxy sigmah
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy sigmah /usr/bin/vmmgr unregister-proxy sigmah
} }
stop() { stop() {

View File

@ -31,7 +31,7 @@ export USHAHIDI_ADMIN_USER=admin@example.com
export USHAHIDI_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) export USHAHIDI_ADMIN_PWD=$(head -c 12 /dev/urandom | base64)
export USHAHIDI_ADMIN_HASH=$(docker run --rm ushahidi php -r "echo password_hash('${USHAHIDI_ADMIN_PWD}', PASSWORD_BCRYPT);") export USHAHIDI_ADMIN_HASH=$(docker run --rm ushahidi php -r "echo password_hash('${USHAHIDI_ADMIN_PWD}', PASSWORD_BCRYPT);")
envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql ushahidi envsubst <${SOURCE_DIR}/adminpwd.sql | docker exec -i mariadb mysql ushahidi
vm-appmgr update-login ushahidi "${USHAHIDI_ADMIN_USER}" "${USHAHIDI_ADMIN_PWD}" vmmgr update-login ushahidi "${USHAHIDI_ADMIN_USER}" "${USHAHIDI_ADMIN_PWD}"
# Install cron job # Install cron job
cp ${SOURCE_DIR}/etc/periodic/15min/ushahidi /etc/periodic/15min/ushahidi cp ${SOURCE_DIR}/etc/periodic/15min/ushahidi /etc/periodic/15min/ushahidi

View File

@ -19,11 +19,11 @@ start() {
} }
start_post() { start_post() {
/usr/bin/vm-appmgr register-proxy ushahidi /usr/bin/vmmgr register-proxy ushahidi
} }
stop_pre() { stop_pre() {
/usr/bin/vm-appmgr unregister-proxy ushahidi /usr/bin/vmmgr unregister-proxy ushahidi
} }
stop() { stop() {