parent
8c1fdc8bb2
commit
65dc16c678
@ -0,0 +1,2 @@
|
||||
calculate:default/amd64/20/server
|
||||
../..
|
@ -0,0 +1,2 @@
|
||||
../../../../calculate/profiles/default/amd64/18/server
|
||||
..
|
@ -0,0 +1,3 @@
|
||||
[main]
|
||||
os_linux_name = 'Calculate Taiga'
|
||||
os_linux_shortname = 'taiga'
|
@ -0,0 +1 @@
|
||||
..
|
@ -0,0 +1,10 @@
|
||||
# Calculate name=world format=world
|
||||
|
||||
#?in(os_linux_pkglist, taiga)!=#
|
||||
dev-db/postgresql:12
|
||||
dev-python/nodeenv
|
||||
dev-python/setuptools
|
||||
net-misc/rabbitmq-server
|
||||
sys-devel/gettext
|
||||
www-servers/nginx
|
||||
#in#
|
@ -0,0 +1 @@
|
||||
# Calculate os_linux_shortname==taiga cl_name==calculate-core append=skip
|
@ -0,0 +1 @@
|
||||
# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip
|
@ -0,0 +1,85 @@
|
||||
# Calculate path=/etc/nginx/sites-enabled comment=#
|
||||
server {
|
||||
listen 80 default_server;
|
||||
server_name taiga.example.org;
|
||||
|
||||
large_client_header_buffers 4 32k;
|
||||
client_max_body_size 50M;
|
||||
charset utf-8;
|
||||
|
||||
access_log /var/log/nginx/taiga-access.log;
|
||||
error_log /var/log/nginx/taiga-error.log;
|
||||
|
||||
|
||||
# TLS: Configure your TLS following the best practices inside your company
|
||||
# Other configurations
|
||||
|
||||
# Frontend
|
||||
location / {
|
||||
alias /var/calculate/www/taiga/taiga-front-dist/dist/;
|
||||
index index.html;
|
||||
try_files $uri $uri/ index.html =404;
|
||||
}
|
||||
|
||||
# API
|
||||
location /api/ {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://127.0.0.1:8001/api/;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
# Admin
|
||||
location /admin/ {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://127.0.0.1:8001/admin/;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
# Static files
|
||||
location /static/ {
|
||||
alias /var/calculate/www/taiga/taiga-back/static/;
|
||||
}
|
||||
|
||||
# Media
|
||||
location /_protected/ {
|
||||
internal;
|
||||
alias /var/calculate/www/taiga/taiga-back/media/;
|
||||
add_header Content-disposition "attachment";
|
||||
}
|
||||
|
||||
# Unprotected section
|
||||
location /media/exports/ {
|
||||
alias /var/calculate/www/taiga/taiga-back/media/exports/;
|
||||
add_header Content-disposition "attachment";
|
||||
}
|
||||
|
||||
location /media/ {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Scheme $scheme;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://127.0.0.1:8003/;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
# Events
|
||||
location /events {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_connect_timeout 7d;
|
||||
proxy_send_timeout 7d;
|
||||
proxy_read_timeout 7d;
|
||||
proxy_pass http://127.0.0.1:8888/events;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1 @@
|
||||
# Calculate env=install ac_install_merge==on mergepkg(dev-db/postgresql)!= append=skip
|
@ -0,0 +1 @@
|
||||
# Calculate path=/var/calculate name=postgresql chmod=700 chown=postgres:postgres
|
@ -0,0 +1 @@
|
||||
# Calculate path=/etc name=postgresql-#-cut(1)-#
|
@ -0,0 +1,10 @@
|
||||
# Calculate chmod=600 comment=# chown=postgres:postgres
|
||||
|
||||
# TYPE DATABASE USER ADDRESS METHOD
|
||||
|
||||
# "local" is for Unix domain socket connections only
|
||||
local all all trust
|
||||
# IPv4 local connections:
|
||||
host all all 127.0.0.1/32 trust
|
||||
# IPv6 local connections:
|
||||
host all all ::1/128 trust
|
@ -0,0 +1 @@
|
||||
# Calculate chmod=600 comment=# chown=postgres:postgres
|
@ -0,0 +1,18 @@
|
||||
# Calculate chmod=600 comment=# chown=postgres:postgres
|
||||
|
||||
max_connections = 100 # (change requires restart)
|
||||
shared_buffers = 128MB # min 128kB
|
||||
dynamic_shared_memory_type = posix # the default is the first option
|
||||
max_wal_size = 1GB
|
||||
min_wal_size = 80MB
|
||||
log_timezone = 'W-SU'
|
||||
datestyle = 'iso, dmy'
|
||||
timezone = 'W-SU'
|
||||
lc_messages = 'ru_RU.UTF-8' # locale for system error message
|
||||
lc_monetary = 'ru_RU.UTF-8' # locale for monetary formatting
|
||||
lc_numeric = 'C' # locale for number formatting
|
||||
lc_time = 'ru_RU.UTF-8' # locale for time formatting
|
||||
default_text_search_config = 'pg_catalog.russian'
|
||||
plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";'
|
||||
|
||||
listen_addresses = '127.0.0.1'
|
@ -0,0 +1 @@
|
||||
# Calculate path=/var/lib name=postgresql link=/var/calculate/postgresql symbolic protected
|
@ -0,0 +1 @@
|
||||
# Calculate env=install ac_install_merge==on mergepkg(net-misc/rabbitmq-server)!= append=skip
|
@ -0,0 +1 @@
|
||||
# Calculate path=/var/calculate name=rabbitmq chmod=750 chown=rabbitmq:rabbitmq
|
@ -0,0 +1 @@
|
||||
# Calculate path=/var/lib name=rabbitmq link=/var/calculate/rabbitmq symbolic protected
|
@ -0,0 +1 @@
|
||||
# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip
|
@ -0,0 +1,2 @@
|
||||
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||
taiga:x:1000:
|
@ -0,0 +1,2 @@
|
||||
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||
taiga:x:1000:1000::/var/calculate/www/taiga:/bin/bash
|
@ -0,0 +1,2 @@
|
||||
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||
taiga:!:19297:0:99999:7:::
|
@ -0,0 +1,3 @@
|
||||
# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-#
|
||||
export PYTHONUNBUFFERED=true
|
||||
export DJANGO_SETTINGS_MODULE=settings.config
|
@ -0,0 +1,3 @@
|
||||
# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-#
|
||||
export PYTHONUNBUFFERED=true
|
||||
export DJANGO_SETTINGS_MODULE=settings.config
|
@ -0,0 +1,2 @@
|
||||
# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-#
|
||||
export PYTHONUNBUFFERED=true
|
@ -0,0 +1,15 @@
|
||||
# Calculate path=/var/calculate/config name=#-cut(1,.)-# chmod=600 chown=taiga:taiga comment=# grep(/var/calculate/config/#-cut(1,.)-#,PROTOCOL)== protected
|
||||
PROTOCOL='http'
|
||||
TAIGA_SITES_DOMAIN='taiga.example.org'
|
||||
FROM_EMAIL='taiga@example.org'
|
||||
SMTP_HOST='smtp@example.org'
|
||||
SMTP_PORT=25
|
||||
SMTP_TLS='False'
|
||||
SMTP_SSL='False'
|
||||
SMTP_USER=
|
||||
SMTP_PASSWORD=
|
||||
NODE='12.22.12'
|
||||
SECRET_KEY='#-rnd(pas,16)-#'
|
||||
PGSQL_PASSWORD='#-rnd(pas,16)-#'
|
||||
RABBITMQ_USER='taiga'
|
||||
RABBITMQ_PASSWORD='#-rnd(pas,16)-#'
|
@ -0,0 +1,26 @@
|
||||
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||
#!/sbin/openrc-run
|
||||
# Copyright 2022 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
name="Taiga daemon"
|
||||
description=""
|
||||
pidfile=/run/taiga-back.pid
|
||||
command_user=taiga
|
||||
output_log=/var/log/taiga-back.log
|
||||
error_log=/var/log/taiga-back.log
|
||||
directory=/var/calculate/www/taiga/taiga-back
|
||||
start_stop_daemon_args=""
|
||||
command="/var/calculate/www/taiga/taiga-back/.venv/bin/gunicorn"
|
||||
command_args="--workers 4 --timeout 60 --log-level=info --access-logfile - --bind 0.0.0.0:8001 taiga.wsgi"
|
||||
source /var/calculate/www/taiga/taiga-back/.venv/bin/activate
|
||||
command_background=true
|
||||
|
||||
depend() {
|
||||
need nginx postgresql
|
||||
need taiga-async taiga-events taiga-protected
|
||||
}
|
||||
|
||||
start_pre() {
|
||||
checkpath -f -o taiga -m 0600 /var/log/taiga-back.log
|
||||
}
|
@ -0,0 +1,25 @@
|
||||
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||
#!/sbin/openrc-run
|
||||
# Copyright 2022 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
name="Taiga-async-tasks daemon"
|
||||
description="Async tasks, like bulk email or exports generation"
|
||||
pidfile=/run/taiga-async.pid
|
||||
command_user=taiga
|
||||
output_log=/var/log/taiga-async.log
|
||||
error_log=/var/log/taiga-async.log
|
||||
directory=/var/calculate/www/taiga/taiga-back
|
||||
start_stop_daemon_args=""
|
||||
command="/var/calculate/www/taiga/taiga-back/.venv/bin/celery"
|
||||
command_args="-A taiga.celery worker -B --concurrency 4 -l INFO"
|
||||
source /var/calculate/www/taiga/taiga-back/.venv/bin/activate
|
||||
command_background=true
|
||||
|
||||
depend() {
|
||||
need rabbitmq
|
||||
}
|
||||
|
||||
start_pre() {
|
||||
checkpath -f -o taiga -m 0600 /var/log/taiga-async.log
|
||||
}
|
@ -0,0 +1,22 @@
|
||||
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||
#!/sbin/openrc-run
|
||||
# Copyright 2022 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
name="Taiga-events daemon"
|
||||
description="Websockets gateway"
|
||||
pidfile=/run/taiga-events.pid
|
||||
command_user=taiga
|
||||
output_log=/var/log/taiga-events.log
|
||||
error_log=/var/log/taiga-events.log
|
||||
directory=/var/calculate/www/taiga/taiga-events
|
||||
start_stop_daemon_args=""
|
||||
command="npm"
|
||||
command_args="run start:production"
|
||||
source /var/calculate/www/taiga/.node-live/bin/activate
|
||||
command_background=true
|
||||
|
||||
start_pre() {
|
||||
checkpath -f -o taiga -m 0600 /var/log/taiga-events.log
|
||||
}
|
||||
|
@ -0,0 +1,21 @@
|
||||
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||
#!/sbin/openrc-run
|
||||
# Copyright 2022 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
name="Taiga-protected daemon"
|
||||
description="Protected attachments"
|
||||
pidfile=/run/taiga-protected.pid
|
||||
command_user=taiga
|
||||
output_log=/var/log/taiga-protected.log
|
||||
error_log=/var/log/taiga-protected.log
|
||||
directory=/var/calculate/www/taiga/taiga-protected
|
||||
start_stop_daemon_args=""
|
||||
command="/var/calculate/www/taiga/taiga-protected/.venv/bin/gunicorn"
|
||||
command_args="--workers 4 --timeout 60 --log-level=info --access-logfile - --bind 0.0.0.0:8003 server:app"
|
||||
source /var/calculate/www/taiga/taiga-protected/.venv/bin/activate
|
||||
command_background=true
|
||||
|
||||
start_pre() {
|
||||
checkpath -f -o taiga -m 0600 /var/log/taiga-protected.log
|
||||
}
|
@ -0,0 +1 @@
|
||||
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic
|
@ -0,0 +1,32 @@
|
||||
# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=#
|
||||
#!/bin/bash
|
||||
|
||||
set -ueo pipefail
|
||||
export PATH="/lib/rc/bin:$PATH"
|
||||
source /var/calculate/config/taiga
|
||||
|
||||
ebegin 'Проверка выполненной базовой настройки'
|
||||
if [[ ! -e /var/lib/postgresql/12 ]]
|
||||
then
|
||||
echo Выполните настройку 'emerge --config =dev-db/postgresql-12.12'.
|
||||
exit 1
|
||||
fi
|
||||
eend
|
||||
|
||||
ebegin 'Проверка запущенного PostgreSQL'
|
||||
if [[ $(ls /run/postgresql/.*lock 2>/dev/null | wc -l) == 0 ]]
|
||||
then
|
||||
echo Запустите PostgreSQL
|
||||
exit 1
|
||||
fi
|
||||
eend
|
||||
|
||||
ebegin 'Проверка наличия роли taiga'
|
||||
$(psql -U taiga -d taiga -c '\dt' 2&>/dev/null) || {
|
||||
echo Пароль: $PGSQL_PASSWORD
|
||||
createuser -U postgres -P taiga
|
||||
createdb -U postgres -O taiga taiga
|
||||
}
|
||||
eend
|
||||
|
||||
cl-core-setup -n postgresql
|
@ -0,0 +1,18 @@
|
||||
# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=#
|
||||
#!/bin/bash
|
||||
set -ueo pipefail
|
||||
export PATH="/lib/rc/bin:$PATH"
|
||||
source /var/calculate/config/taiga
|
||||
|
||||
rabbit_configure(){
|
||||
if [[ ! -e /var/lib/rabbitmq/mnesia ]]
|
||||
then
|
||||
/etc/init.d/rabbitmq start
|
||||
|
||||
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD
|
||||
rabbitmqctl add_vhost taiga
|
||||
rabbitmqctl set_permissions -p taiga $RABBITMQ_USER ".*" ".*" ".*"
|
||||
fi
|
||||
}
|
||||
|
||||
rabbit_configure
|
@ -0,0 +1 @@
|
||||
# Calculate path=/var/calculate
|
@ -0,0 +1 @@
|
||||
# Calculate chmod=750 chown=taiga:nginx
|
Loading…
Reference in new issue