nsupdate-info · lkraider · Dec 20, 2019 · Dec 30, 2019 · Dec 30, 2019 · Dec 31, 2019
diff --git a/misc/contrib/docker/Makefile b/misc/contrib/docker/Makefile
@@ -0,0 +1,36 @@
+MAINTAINER=nkeyapps
+TAG=nsupdate.info
+VER=$(shell git describe)
+UWSGI_UID=700
+UWSGI_GID=700
+BASE_DIR='../../..'
+DOCKER_DIR='misc/contrib/docker'
+
+all: prod
+
+prod:
+	cd $(BASE_DIR); docker build --build-arg BUILD=prod --build-arg uwsgi_uid=$(UWSGI_UID) --build-arg uwsgi_gid=$(UWSGI_GID) --build-arg DOCKER_DIR=$(DOCKER_DIR) -t $(MAINTAINER)/$(TAG):$(VER) --rm -f $(DOCKER_DIR)/build/Dockerfile .
+	docker tag $(MAINTAINER)/$(TAG):$(VER) $(MAINTAINER)/$(TAG):prod
+
+release: require_tag prod release_latest
+	docker push $(MAINTAINER)/$(TAG):$(VER)
+
+release_latest:
+	docker tag $(MAINTAINER)/$(TAG):$(VER) $(MAINTAINER)/$(TAG):latest
+	docker push $(MAINTAINER)/$(TAG):latest
+
+require_tag:
+	@if ! git describe --exact-match; then\
+	  echo "      *** Don't forget to create a tag by creating an official GitHub release.";\
+	  exit 1;\
+	fi
+
+dev:
+	cd $(BASE_DIR); docker build --build-arg BUILD=dev --build-arg uwsgi_uid=$(UWSGI_UID) --build-arg uwsgi_gid=$(UWSGI_GID) --build-arg DOCKER_DIR=$(DOCKER_DIR) -t $(MAINTAINER)/$(TAG):$(VER)-dev --rm -f $(DOCKER_DIR)/build/Dockerfile .
+	docker tag $(MAINTAINER)/$(TAG):$(VER)-dev $(MAINTAINER)/$(TAG):dev
+
+test: dev clean
+	docker run -P --name $(TAG)-test-dev -d $(MAINTAINER)/$(TAG):dev
+
+clean:
+	-docker rm -f -v $(TAG)-test-dev
diff --git a/misc/contrib/docker/build/Dockerfile b/misc/contrib/docker/build/Dockerfile
@@ -0,0 +1,94 @@
+FROM debian:stable-slim
+LABEL maintainer="[email protected]"
+
+ARG BUILD=prod
+ARG DOCKER_DIR=./misc/contrib/docker
+ARG uwsgi_uid=700
+ARG uwsgi_gid=700
+
+ENV BUILD=$BUILD
+ENV DOCKER_CONTAINER=1
+ENV UWSGI_INI /nsupdate/uwsgi.ini
+ENV DJANGO_SETTINGS_MODULE=local_settings
+ENV DJANGO_SUPERUSER=django
+ENV DJANGO_SUPERPASS=S3cr3t
+ENV [email protected]
+ENV [email protected]
+ENV SECRET_KEY=S3cr3t
+ENV BASEDOMAIN=nsupdate.localdomain
+ENV REGISTRATION_OPEN=False
+
+RUN mkdir /static
+RUN mkdir /upload
+RUN mkdir /var/run/uwsgi
+
+# Install runtime tools
+RUN DEBIAN_FRONTEND=noninteractive apt-get update \
+    && apt-get install -y --no-install-recommends \
+      python3 \
+      python3-setuptools \
+      python3-pip
+
+# Install confd
+RUN apt-get install -y --no-install-recommends wget \
+    && mkdir -p /usr/local/bin \
+    && wget -O /usr/local/bin/confd https://github.com/kelseyhightower/confd/releases/download/v0.16.0/confd-0.16.0-linux-amd64 \
+    && chmod +x /usr/local/bin/confd \
+    && mkdir -p /etc/confd/{conf.d,templates} \
+    && apt-get autoremove -y wget
+
+# Use local version of nsupdate from sources
+COPY ./*.py /nsupdate/
+COPY ./*.rst /nsupdate/
+COPY ./*.in /nsupdate/
+COPY ./*.cfg /nsupdate/
+COPY ./*.txt /nsupdate/
+COPY ./requirements.d/ /nsupdate/requirements.d/
+COPY ./.git/ /nsupdate/.git/
+COPY ./src/ /nsupdate/src/
+WORKDIR /nsupdate
+
+# Build and install
+RUN DEBIAN_FRONTEND=noninteractive apt-get update \
+    && apt-get install -y --no-install-recommends \
+      git \
+      python3-dev \
+      build-essential \
+      libpcre3-dev \
+    && pip3 install wheel \
+    && python3 setup.py bdist_wheel \
+    && pip3 install psycopg2-binary uwsgi \
+    && pip3 install -r requirements.d/$BUILD.txt \
+    && pip3 install -e . \
+    && cp /usr/lib/x86_64-linux-gnu/libpython* /tmp \
+    && apt-get autoremove -y \
+      git \
+      python3-dev \
+      build-essential \
+      libpcre3-dev \
+    && cp /tmp/libpython* /usr/lib/x86_64-linux-gnu/ \
+    && rm -rf build \
+    && rm -rf .git && rm -rf /root/.cache \
+    && rm -rf /tmp/* /var/tmp/* \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy helper files
+COPY $DOCKER_DIR/build/django/create-superuser.py /nsupdate/src/nsupdate/management/commands/create-superuser.py
+COPY $DOCKER_DIR/build/uwsgi.ini /nsupdate/uwsgi.ini
+COPY $DOCKER_DIR/build/confd/ /etc/confd/
+COPY $DOCKER_DIR/build/setup.sh /
+COPY $DOCKER_DIR/build/docker-entrypoint.sh /var/local/
+
+# Set the permissions according to env options
+RUN chmod a+x /var/local/docker-entrypoint.sh
+RUN bash /setup.sh "${uwsgi_uid}" "${uwsgi_gid}"
+
+VOLUME /nsupdate
+VOLUME /static
+VOLUME /upload
+VOLUME /var/run/uwsgi
+
+EXPOSE 3031
+EXPOSE 8080
+
+ENTRYPOINT ["/var/local/docker-entrypoint.sh"]
diff --git a/misc/contrib/docker/build/confd/conf.d/local_settings.toml b/misc/contrib/docker/build/confd/conf.d/local_settings.toml
@@ -0,0 +1,3 @@
+[template]
+src = "local_settings.tmpl"
+dest = "/nsupdate/local_settings.py"
diff --git a/misc/contrib/docker/build/confd/templates/local_settings.tmpl b/misc/contrib/docker/build/confd/templates/local_settings.tmpl
@@ -0,0 +1,27 @@
+from nsupdate.settings.{{getenv "BUILD"}} import *
+
+STATIC_ROOT='/static'
+MEDIA_ROOT='/upload'
+
+SECRET_KEY = '{{ getenv "SECRET_KEY" }}'
+BASEDOMAIN = '{{ getenv "BASEDOMAIN" }}'
+WWW_HOST='{{ getenv "BASEDOMAIN" }}'
+
+REGISTRATION_OPEN = False
+
+SERVICE_CONTACT = '{{ getenv "SERVICE_CONTACT" }}'
+
+ALLOWED_HOSTS=['localhost', '127.0.0.1', '[::1]', '{{ getenv "BASEDOMAIN" }}']
+
+{{ if getenv "DB_NAME"}}
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': '{{getenv "DB_NAME"}}',  # database name
+        'USER': '{{getenv "DB_USER"}}',
+        'PASSWORD': '{{getenv "DB_PASS"}}',
+        'HOST': '{{getenv "DB_HOST"}}',  # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
+        'PORT': '{{getenv "DB_PORT"}}'  # Set to empty string for default.
+    }
+}
+{{end}}
diff --git a/misc/contrib/docker/build/django/create-superuser.py b/misc/contrib/docker/build/django/create-superuser.py
@@ -0,0 +1,52 @@
+# Title: create-superuser.py
+# Link: https://gist.github.com/c00kiemon5ter/7806c1eac8c6a3e82f061ec32a55c702
+# License: None (Public Domain)
+
+from django.contrib.auth.management.commands import createsuperuser
+from django.core.management import CommandError
+
+
+class Command(createsuperuser.Command):
+    help = 'Create a superuser with a password non-interactively'
+
+    def add_arguments(self, parser):
+        super(Command, self).add_arguments(parser)
+        parser.add_argument(
+            '--preserve', dest='preserve', default=False, action='store_true',
+            help='Exit normally if the user already exists.',
+        )
+        parser.add_argument(
+            '--password', dest='password', default=None,
+            help='Specifies the password for the superuser.',
+        )
+
+    def handle(self, *args, **options):
+        options.setdefault('interactive', False)
+        database = options.get('database')
+        password = options.get('password')
+        username = options.get('username')
+        email = options.get('email')
+
+        if not password or not username or not email:
+            raise CommandError(
+                "--username, --password, and --email are required options")
+
+        if username and options.get('preserve'):
+            exists = self.UserModel._default_manager.db_manager(
+                database).filter(username=username).exists()
+            if exists:
+                self.stdout.write(
+                    "User exists, exiting normally due to --preserve")
+                return
+
+        user_data = {
+            'username': username,
+            'password': password,
+            'email': email,
+        }
+
+        self.UserModel._default_manager.db_manager(
+            database).create_superuser(**user_data)
+
+        if options.get('verbosity', 0) >= 1:
+            self.stdout.write("Superuser created successfully.")
diff --git a/misc/contrib/docker/build/docker-entrypoint.sh b/misc/contrib/docker/build/docker-entrypoint.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+/usr/local/bin/confd -onetime -backend env
+
+python3 manage.py collectstatic
+python3 manage.py migrate
+python3 manage.py create-superuser --preserve --username $DJANGO_SUPERUSER --password $DJANGO_SUPERPASS --email $DJANGO_EMAIL
+
+# Fix Permissions prior to running uwsgi server
+chown -R www-data:www-data /static
+chown -R www-data:www-data /nsupdate
+
+uwsgi --uid=www-data --gid=www-data --ini uwsgi.ini
diff --git a/misc/contrib/docker/build/setup.sh b/misc/contrib/docker/build/setup.sh
@@ -0,0 +1,38 @@
+#!/usr/bin/bash
+
+# Quit on error.
+set -e
+# Treat undefined variables as errors.
+set -u
+
+
+function main {
+    local uwsgi_uid="${1:-}"
+    local uwsgi_gid="${2:-}"
+
+    # Change the uid
+    if [[ -n "${uwsgi_uid:-}" ]]; then
+        usermod -u "${uwsgi_uid}" www-data
+    fi
+    # Change the gid
+    if [[ -n "${uwsgi_gid:-}" ]]; then
+        groupmod -g "${uwsgi_gid}" www-data
+    fi
+
+    # Setup permissions on the run directory where the sockets will be
+    # created, so we are sure the app will have the rights to create them.
+
+    # Set owner.
+    chown www-data:www-data /var/run/uwsgi
+    # Set permissions.
+    chmod u=rwX,g=rwX,o=--- /var/run/uwsgi
+
+    # Set app folder permissions
+    chown -R www-data:www-data /nsupdate
+    chown -R www-data:www-data /static
+    chown -R www-data:www-data /upload
+
+}
+
+
+main "$@"
diff --git a/misc/contrib/docker/build/uwsgi.ini b/misc/contrib/docker/build/uwsgi.ini
@@ -0,0 +1,8 @@
+[uwsgi]
+socket = /var/run/uwsgi/uwsgi.sock
+socket = :3031
+http-socket = :8080
+workers = 3
+master = true
+wsgi-file=/nsupdate/src/nsupdate/wsgi.py
+env = LANG=en_US.UTF-8