diff --git a/80-cts.sh b/80-cts.sh new file mode 100644 index 0000000..ec72873 --- /dev/null +++ b/80-cts.sh @@ -0,0 +1,65 @@ +#!/bin/bash + +SOURCE_DIR=$(realpath $(dirname "${0}")) + +# Install packages +apt-get -y --no-install-recommends install build-essential libpq-dev python-dev python-virtualenv virtualenv zlib1g-dev + +# Clone CTS git repository +git clone --depth 1 https://github.com/theirc/CTS /srv/cts + +# Install CTS python virtual environment +virtualenv --no-site-packages --python=/usr/bin/python2.7 /srv/cts +/srv/cts/bin/pip install -r /srv/cts/requirements/production.txt + +# Create database +export CTS_PWD=$(head -c 18 /dev/urandom | base64) +envsubst <${SOURCE_DIR}/cts/tmp/cts-createdb.sql >/tmp/cts-createdb.sql +sudo -u postgres psql -f /tmp/cts-createdb.sql +rm /tmp/cts-createdb.sql + +# Configure CTS +export CTS_SECRET=$(head -c 26 /dev/urandom | base64) +envsubst <${SOURCE_DIR}/cts/srv/cts/cts/settings/spotter.py >/srv/cts/cts/settings/spotter.py +ln -s /srv/cts/lib/python2.7/site-packages/django/contrib/admin/static/admin /srv/cts/cts/static/admin +ln -s /srv/cts/lib/python2.7/site-packages/django_extensions/static/django_extensions /srv/cts/cts/static/django_extensions +ln -s /srv/cts/lib/python2.7/site-packages/django_tables2/static/django_tables2 /srv/cts/cts/static/django_tables2 +ln -s /srv/cts/lib/python2.7/site-packages/leaflet/static/leaflet /srv/cts/cts/static/leaflet +ln -s /srv/cts/lib/python2.7/site-packages/rest_framework/static/rest_framework /srv/cts/cts/static/rest_framework +ln -s /srv/cts/lib/python2.7/site-packages/rest_framework_swagger/static/rest_framework_swagger /srv/cts/cts/static/rest_framework_swagger +ln -s /srv/cts/lib/python2.7/site-packages/selectable/static/selectable /srv/cts/cts/static/selectable +ln -s /srv/cts/lib/python2.7/site-packages/session_security/static/session_security /srv/cts/cts/static/session_security + +# Set "production values" (increases performance) only if the DEBUG environment variable is not set +if [ ${DEBUG:-0} -eq 0 ]; then + sed -i 's/DEBUG = True/DEBUG = False/' /srv/cts/cts/settings/spotter.py +fi + +# Populate database +DJANGO_SETTINGS_MODULE=cts.settings.spotter /srv/cts/bin/python /srv/cts/manage.py migrate + +# Create admin account +export CTS_ADMIN_EMAIL=admin@example.com +export CTS_ADMIN_PWD=$(head -c 12 /dev/urandom | base64) +export CTS_ADMIN_HASH=$(cd /srv/cts && DJANGO_SETTINGS_MODULE=cts.settings.spotter /srv/cts/bin/python -c "from django.contrib.auth.hashers import make_password; print make_password('${CTS_ADMIN_PWD}')") +export CTS_ADMIN_SECRET=$(head -c 12 /dev/urandom | sha256sum | cut -c1-13) +envsubst <${SOURCE_DIR}/cts/tmp/cts-adminpwd.sql >/tmp/cts-adminpwd.sql +sudo -u postgres psql -f /tmp/cts-adminpwd.sql cts +rm /tmp/cts-adminpwd.sql + +# Create CTS OS user +adduser --system --group --home /srv/cts --shell /bin/false cts +chown -R cts:cts /srv/cts + +# Create uwsgi and nginx app definition +cp ${SOURCE_DIR}/cts/etc/uwsgi/apps-available/cts.ini /etc/uwsgi/apps-available/cts.ini +ln -s /etc/uwsgi/apps-available/cts.ini /etc/uwsgi/apps-enabled/cts.ini +cp ${SOURCE_DIR}/cts/etc/nginx/sites-available/cts /etc/nginx/sites-available/cts +ln -s /etc/nginx/sites-available/cts /etc/nginx/sites-enabled/cts + +# Restart services +systemctl restart uwsgi +systemctl restart nginx + +# Add portal application definition +${SOURCE_DIR}/basic/portal-app-manager.py cts "https://{host}:8004/" "${CTS_ADMIN_EMAIL}" "${CTS_ADMIN_PWD}" diff --git a/basic/srv/portal/img/CTS.png b/basic/srv/portal/img/CTS.png new file mode 100644 index 0000000..9bd35f4 Binary files /dev/null and b/basic/srv/portal/img/CTS.png differ diff --git a/basic/srv/portal/index.html b/basic/srv/portal/index.html index d14b716..8c584a0 100644 --- a/basic/srv/portal/index.html +++ b/basic/srv/portal/index.html @@ -160,6 +160,15 @@

+
+

CTSCTS

+

Logistika hmotné pomoci pro humanitární potřeby.

+ +
+

diaspora*diaspora*

Autonomní sociání síť s možností propojení do cizích sociálních sítí.

diff --git a/cts/etc/nginx/sites-available/cts b/cts/etc/nginx/sites-available/cts new file mode 100644 index 0000000..0e38569 --- /dev/null +++ b/cts/etc/nginx/sites-available/cts @@ -0,0 +1,43 @@ +server { + listen 8004 ssl http2; + + root /srv/cts/cts; + + access_log /var/log/nginx/cts.access.log; + error_log /var/log/nginx/cts.error.log; + + location /robots.txt { + alias /srv/cts/cts/static/robots.txt; + } + + location /media { + alias /srv/cts/cts/media; + } + + location /static { + gzip on; + alias /srv/cts/cts/static; + expires max; + add_header Cache-Control public; + + location /static/protected { + return 401; + } + } + + location /protected { + internal; + root /srv/cts/cts/static; + } + + error_page 502 503 504 /502.html; + + location /502.html { + alias /srv/cts/cts/static/502.html; + } + + location / { + uwsgi_pass unix:///run/uwsgi/app/cts/socket; + include uwsgi_params; + } +} diff --git a/cts/etc/uwsgi/apps-available/cts.ini b/cts/etc/uwsgi/apps-available/cts.ini new file mode 100644 index 0000000..5ccfa87 --- /dev/null +++ b/cts/etc/uwsgi/apps-available/cts.ini @@ -0,0 +1,8 @@ +[uwsgi] +uid = cts +gid = cts +chown-socket = www-data:www-data +chdir = /srv/cts +home = /srv/cts +module = cts.wsgi:application +env = DJANGO_SETTINGS_MODULE=cts.settings.spotter diff --git a/cts/srv/cts/cts/settings/spotter.py b/cts/srv/cts/cts/settings/spotter.py new file mode 100644 index 0000000..3bd2f7f --- /dev/null +++ b/cts/srv/cts/cts/settings/spotter.py @@ -0,0 +1,46 @@ +import os +import sys + +os.environ['ENVIRONMENT'] = 'dev' +os.environ['INSTANCE'] = 'local' +os.environ['PREFIX_URL'] = '' + +from cts.settings.base import * + +INSTANCE_NAME = 'Local' +INSTANCES = [ + (INSTANCE_NAME, ''), +] + +DATABASES = { + 'default': { + 'ENGINE': 'django.contrib.gis.db.backends.postgis', + 'NAME': 'cts', + 'USER': 'cts', + 'PASSWORD': '${CTS_PWD}', + 'HOST': '', + 'PORT': '', + } +} +SECRET_KEY = '${CTS_SECRET}' + +ADMINS = ( + ('Admin', 'admin@example.com'), +) + +INTERNAL_IPS = ('127.0.0.1', ) +PUBLIC_ROOT = os.path.join(PROJECT_ROOT, 'public') +SENDFILE_ROOT = os.path.join(PUBLIC_ROOT, 'static/protected') +COMPRESS_ENABLED = False + +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' +SERVER_EMAIL = 'cts@spotter.ngo' + +CELERY_ALWAYS_EAGER = True +CELERY_EAGER_PROPAGATES_EXCEPTIONS = True + +TIME_ZONE = 'Europe/Prague' +LANGUAGE_CODE = 'cs' + +DEBUG = True +TEMPLATE_DEBUG = DEBUG diff --git a/cts/tmp/cts-adminpwd.sql b/cts/tmp/cts-adminpwd.sql new file mode 100644 index 0000000..f10ebd5 --- /dev/null +++ b/cts/tmp/cts-adminpwd.sql @@ -0,0 +1 @@ +INSERT INTO accounts_ctsuser (id, password, last_login, is_superuser, name, email, is_staff, is_active, date_joined, mobile, code, skype, notes, role, referrer_id, city_id, colour, deviceid) VALUES (nextval('accounts_ctsuser_id_seq'), '${CTS_ADMIN_HASH}', now(), true, '${CTS_ADMIN_USER}', '${CTS_ADMIN_EMAIL}', true, true, now(), '', '${CTS_ADMIN_SECRET}', '', '', 'partner', NULL, NULL, '', ''); diff --git a/cts/tmp/cts-createdb.sql b/cts/tmp/cts-createdb.sql new file mode 100644 index 0000000..3c800c2 --- /dev/null +++ b/cts/tmp/cts-createdb.sql @@ -0,0 +1,10 @@ +CREATE ROLE cts NOSUPERUSER NOCREATEDB NOCREATEROLE NOINHERIT LOGIN ENCRYPTED PASSWORD '${CTS_PWD}'; +CREATE DATABASE cts; +REVOKE ALL ON DATABASE cts FROM public; +ALTER DATABASE cts OWNER TO cts; +\c cts; +CREATE EXTENSION hstore; +CREATE EXTENSION postgis; +GRANT ALL ON geometry_columns TO cts; +GRANT ALL ON spatial_ref_sys TO cts; +GRANT ALL ON geography_columns TO cts;