Keep envs in sudo commands

sahana/Dockerfile

@@ -18,21 +18,25 @@ RUN \
     git clone --recursive git://github.com/web2py/web2py.git /srv/web2py && \
     git -C /srv/web2py reset --hard 31905858b && \
     git -C /srv/web2py submodule update --recursive && \
+    # Symlink WSGI handler
+    ln -s handlers/wsgihandler.py /srv/web2py/wsgihandler.py && \
     # Install Sahana
     git clone --recursive --depth 1 https://github.com/sahana/eden.git /srv/web2py/applications/eden && \
     # Install python dependencies, exclude old or unnecessary ones
-    #  - boto - Needed for setup on AWS
+    #  - boto, boto3 - Needed for setup on AWS
     #  - PyRTF - Ceased to exist
     #  - openstacksdk - Needed for setup on OpenStack
     sed -i 's/^boto/#boto/' /srv/web2py/applications/eden/optional_requirements.txt && \
     sed -i 's/^PyRTF/#PyRTF/' /srv/web2py/applications/eden/optional_requirements.txt && \
     sed -i 's/^openstacksdk/#openstacksdk/' /srv/web2py/applications/eden/optional_requirements.txt && \
     pip3 install -r /srv/web2py/applications/eden/optional_requirements.txt && \
-    # Hackfix paths for ansible and other modules with hardcoded paths
-    ln -s /srv/web2py /home/prod && \
     # Copy fonts with Czech glyphs
     cp /usr/share/fonts/ttf-dejavu/DejaVuSerif-Bold.ttf /srv/web2py/applications/eden/static/fonts/Helvetica-Bold.ttf && \
     cp /usr/share/fonts/ttf-dejavu/DejaVuSerif.ttf /srv/web2py/applications/eden/static/fonts/Helvetica.ttf && \
+    # Hackfix paths for ansible and other modules with hardcoded paths
+    ln -s /srv/web2py /home/prod && \
+    # Create volume paths
+    mkdir /srv/web2py/applications/eden/databases /srv/web2py/applications/eden/errors /srv/web2py/applications/eden/sessions /srv/web2py/applications/eden/uploads && \
     # Create OS user
     addgroup -S -g 8080 sahana && \
     adduser -S -u 8080 -h /srv/web2py -s /bin/false -g sahana -G sahana sahana && \
@@ -46,7 +50,7 @@ COPY image.d /
 
 RUN \
     # Change ownership of the newly copied files
-    chown -R sahana:sahana /srv/web2py
+    find /srv/web2py ! -user sahana -exec chown -R sahana:sahana {} +
 
 ENTRYPOINT ["/entrypoint.sh"]
 EXPOSE 8080

sahana/image.d/entrypoint.sh

@@ -10,7 +10,7 @@ echo "Starting Sahana Eden..."
 # Create admin user CSV template
 cat <<EOF >/srv/web2py/applications/eden/modules/templates/default/users/masterUsers.csv
 First Name,Last Name,Email,Password,Role,Organisation
-Admin,User,${SAHANA_ADMIN_USER},${SAHANA_ADMIN_PASSWORD},ADMIN,
+Admin,User,${SAHANA_ADMIN_USER:-admin},${SAHANA_ADMIN_PASSWORD:-admin},ADMIN,
 EOF
 unset SAHANA_ADMIN_USER
 unset SAHANA_ADMIN_PASSWORD

sahana/image.d/etc/sudoers.d/sahana

@@ -1 +1,12 @@
+Defaults env_keep += "POSTGRES_USER"
+Defaults env_keep += "POSTGRES_PASSWORD"
+Defaults env_keep += "POSTGRES_DB"
+Defaults env_keep += "POSTGRES_HOST"
+Defaults env_keep += "SAHANA_HMAC_KEY"
+Defaults env_keep += "SAHANA_MAIL_HOST"
+Defaults env_keep += "SAHANA_MAIL_SENDER"
+Defaults env_keep += "SAHANA_MAIL_APPROVER"
+Defaults env_keep += "SAHANA_API_KEY_GOOGLE"
+Defaults env_keep += "SAHANA_API_KEY_OPENWEATHERMAP"
+
 sahana ALL=(ALL) NOPASSWD:ALL