From 65dc16c678183d400f006b93293aa3ce79c59f83 Mon Sep 17 00:00:00 2001 From: Alexander Tratsevskiy Date: Tue, 8 Nov 2022 20:54:41 +0300 Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?= =?UTF-8?q?=D0=BD=20=D0=BF=D1=80=D0=BE=D1=84=D0=B8=D0=BB=D1=8C=20taiga=20?= =?UTF-8?q?=D0=B4=D0=BB=D1=8F=20=D0=BD=D0=B0=D1=81=D1=82=D1=80=D0=BE=D0=B9?= =?UTF-8?q?=D0=BA=D0=B8=20Taiga.io=20=D0=B2=20=D0=BA=D0=BE=D0=BD=D1=82?= =?UTF-8?q?=D0=B5=D0=B9=D0=BD=D0=B5=D1=80=D0=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- profiles/profiles.desc | 3 +- profiles/taiga/amd64/20/parent | 2 + profiles/taiga/amd64/parent | 2 + profiles/taiga/calculate.env | 3 + profiles/taiga/parent | 1 + .../6_ac_update_sync/world/create/taiga | 10 ++ .../6_ac_update_sync/world/create/tools | 4 +- profiles/templates/taiga/.calculate_directory | 1 + .../taiga/nginx/.calculate_directory | 1 + profiles/templates/taiga/nginx/taiga.conf | 85 +++++++++ .../taiga/postgresql/.calculate_directory | 1 + .../postgresql/database/.calculate_directory | 1 + .../postgresql/etc-12/.calculate_directory | 1 + .../taiga/postgresql/etc-12/pg_hba.conf | 10 ++ .../taiga/postgresql/etc-12/pg_ident.conf | 1 + .../taiga/postgresql/etc-12/postgresql.conf | 18 ++ .../templates/taiga/postgresql/link.database | 1 + .../rabbitmq-server/.calculate_directory | 1 + .../database/.calculate_directory | 1 + .../taiga/rabbitmq-server/link.database | 1 + .../taiga/taiga/.calculate_directory | 1 + .../templates/taiga/taiga/0-etc.taiga.group | 2 + .../templates/taiga/taiga/0-etc.taiga.passwd | 2 + .../templates/taiga/taiga/0-etc.taiga.shadow | 2 + profiles/templates/taiga/taiga/conf.taiga | 3 + .../templates/taiga/taiga/conf.taiga-async | 3 + .../taiga/taiga/conf.taiga-protected | 2 + profiles/templates/taiga/taiga/config.taiga | 15 ++ profiles/templates/taiga/taiga/init.taiga | 26 +++ .../templates/taiga/taiga/init.taiga-async | 25 +++ .../templates/taiga/taiga/init.taiga-events | 22 +++ .../taiga/taiga/init.taiga-protected | 21 +++ profiles/templates/taiga/taiga/runlevel.taiga | 1 + .../templates/taiga/taiga/sh.install-taiga | 123 +++++++++++++ .../templates/taiga/taiga/sh.setup-postgresql | 32 ++++ .../templates/taiga/taiga/sh.setup-rabbit | 18 ++ profiles/templates/taiga/taiga/sh.setup-taiga | 164 ++++++++++++++++++ .../taiga/taiga/www/.calculate_directory | 1 + .../taiga/www/taiga/.calculate_directory | 1 + 39 files changed, 609 insertions(+), 3 deletions(-) create mode 100644 profiles/taiga/amd64/20/parent create mode 100644 profiles/taiga/amd64/parent create mode 100644 profiles/taiga/calculate.env create mode 100644 profiles/taiga/parent create mode 100644 profiles/templates/6_ac_update_sync/world/create/taiga create mode 100644 profiles/templates/taiga/.calculate_directory create mode 100644 profiles/templates/taiga/nginx/.calculate_directory create mode 100644 profiles/templates/taiga/nginx/taiga.conf create mode 100644 profiles/templates/taiga/postgresql/.calculate_directory create mode 100644 profiles/templates/taiga/postgresql/database/.calculate_directory create mode 100644 profiles/templates/taiga/postgresql/etc-12/.calculate_directory create mode 100644 profiles/templates/taiga/postgresql/etc-12/pg_hba.conf create mode 100644 profiles/templates/taiga/postgresql/etc-12/pg_ident.conf create mode 100644 profiles/templates/taiga/postgresql/etc-12/postgresql.conf create mode 100644 profiles/templates/taiga/postgresql/link.database create mode 100644 profiles/templates/taiga/rabbitmq-server/.calculate_directory create mode 100644 profiles/templates/taiga/rabbitmq-server/database/.calculate_directory create mode 100644 profiles/templates/taiga/rabbitmq-server/link.database create mode 100644 profiles/templates/taiga/taiga/.calculate_directory create mode 100644 profiles/templates/taiga/taiga/0-etc.taiga.group create mode 100644 profiles/templates/taiga/taiga/0-etc.taiga.passwd create mode 100644 profiles/templates/taiga/taiga/0-etc.taiga.shadow create mode 100644 profiles/templates/taiga/taiga/conf.taiga create mode 100644 profiles/templates/taiga/taiga/conf.taiga-async create mode 100644 profiles/templates/taiga/taiga/conf.taiga-protected create mode 100644 profiles/templates/taiga/taiga/config.taiga create mode 100644 profiles/templates/taiga/taiga/init.taiga create mode 100644 profiles/templates/taiga/taiga/init.taiga-async create mode 100644 profiles/templates/taiga/taiga/init.taiga-events create mode 100644 profiles/templates/taiga/taiga/init.taiga-protected create mode 100644 profiles/templates/taiga/taiga/runlevel.taiga create mode 100644 profiles/templates/taiga/taiga/sh.install-taiga create mode 100644 profiles/templates/taiga/taiga/sh.setup-postgresql create mode 100644 profiles/templates/taiga/taiga/sh.setup-rabbit create mode 100644 profiles/templates/taiga/taiga/sh.setup-taiga create mode 100644 profiles/templates/taiga/taiga/www/.calculate_directory create mode 100644 profiles/templates/taiga/taiga/www/taiga/.calculate_directory diff --git a/profiles/profiles.desc b/profiles/profiles.desc index 3d16f1d..72f190f 100644 --- a/profiles/profiles.desc +++ b/profiles/profiles.desc @@ -8,7 +8,8 @@ # AMD64 Profiles amd64 CCS/amd64/20 stable -amd64 CDC/amd64/20 stable +amd64 CDC/amd64/20 dev amd64 CCG/amd64/20 stable +amd64 taiga/amd64/20 dev # vim: set ts=8 diff --git a/profiles/taiga/amd64/20/parent b/profiles/taiga/amd64/20/parent new file mode 100644 index 0000000..044d048 --- /dev/null +++ b/profiles/taiga/amd64/20/parent @@ -0,0 +1,2 @@ +calculate:default/amd64/20/server +../.. diff --git a/profiles/taiga/amd64/parent b/profiles/taiga/amd64/parent new file mode 100644 index 0000000..638d06a --- /dev/null +++ b/profiles/taiga/amd64/parent @@ -0,0 +1,2 @@ +../../../../calculate/profiles/default/amd64/18/server +.. diff --git a/profiles/taiga/calculate.env b/profiles/taiga/calculate.env new file mode 100644 index 0000000..b3140bf --- /dev/null +++ b/profiles/taiga/calculate.env @@ -0,0 +1,3 @@ +[main] +os_linux_name = 'Calculate Taiga' +os_linux_shortname = 'taiga' diff --git a/profiles/taiga/parent b/profiles/taiga/parent new file mode 100644 index 0000000..f3229c5 --- /dev/null +++ b/profiles/taiga/parent @@ -0,0 +1 @@ +.. diff --git a/profiles/templates/6_ac_update_sync/world/create/taiga b/profiles/templates/6_ac_update_sync/world/create/taiga new file mode 100644 index 0000000..3c8108d --- /dev/null +++ b/profiles/templates/6_ac_update_sync/world/create/taiga @@ -0,0 +1,10 @@ +# Calculate name=world format=world + +#?in(os_linux_pkglist, taiga)!=# +dev-db/postgresql:12 +dev-python/nodeenv +dev-python/setuptools +net-misc/rabbitmq-server +sys-devel/gettext +www-servers/nginx +#in# diff --git a/profiles/templates/6_ac_update_sync/world/create/tools b/profiles/templates/6_ac_update_sync/world/create/tools index 6dc1b4b..95fc3f3 100644 --- a/profiles/templates/6_ac_update_sync/world/create/tools +++ b/profiles/templates/6_ac_update_sync/world/create/tools @@ -1,10 +1,10 @@ # Calculate name=world format=world -#?in(os_linux_pkglist, CCDX, CDC, CCG, CCS)!=# +#?in(os_linux_pkglist, CCDX, CDC, CCG, CCS, taiga)!=# app-text/tree #in# -#?in(os_linux_pkglist, CCDX, CDC, CCG)!=# +#?in(os_linux_pkglist, CCDX, CDC, CCG, taiga)!=# app-admin/logrotate app-admin/syslog-ng app-arch/lbzip2 diff --git a/profiles/templates/taiga/.calculate_directory b/profiles/templates/taiga/.calculate_directory new file mode 100644 index 0000000..90ecce5 --- /dev/null +++ b/profiles/templates/taiga/.calculate_directory @@ -0,0 +1 @@ +# Calculate os_linux_shortname==taiga cl_name==calculate-core append=skip diff --git a/profiles/templates/taiga/nginx/.calculate_directory b/profiles/templates/taiga/nginx/.calculate_directory new file mode 100644 index 0000000..ae03782 --- /dev/null +++ b/profiles/templates/taiga/nginx/.calculate_directory @@ -0,0 +1 @@ +# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip diff --git a/profiles/templates/taiga/nginx/taiga.conf b/profiles/templates/taiga/nginx/taiga.conf new file mode 100644 index 0000000..b2c07ab --- /dev/null +++ b/profiles/templates/taiga/nginx/taiga.conf @@ -0,0 +1,85 @@ +# Calculate path=/etc/nginx/sites-enabled comment=# +server { + listen 80 default_server; + server_name taiga.example.org; + + large_client_header_buffers 4 32k; + client_max_body_size 50M; + charset utf-8; + + access_log /var/log/nginx/taiga-access.log; + error_log /var/log/nginx/taiga-error.log; + + + # TLS: Configure your TLS following the best practices inside your company + # Other configurations + + # Frontend + location / { + alias /var/calculate/www/taiga/taiga-front-dist/dist/; + index index.html; + try_files $uri $uri/ index.html =404; + } + + # API + location /api/ { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://127.0.0.1:8001/api/; + proxy_redirect off; + } + + # Admin + location /admin/ { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://127.0.0.1:8001/admin/; + proxy_redirect off; + } + + # Static files + location /static/ { + alias /var/calculate/www/taiga/taiga-back/static/; + } + + # Media + location /_protected/ { + internal; + alias /var/calculate/www/taiga/taiga-back/media/; + add_header Content-disposition "attachment"; + } + + # Unprotected section + location /media/exports/ { + alias /var/calculate/www/taiga/taiga-back/media/exports/; + add_header Content-disposition "attachment"; + } + + location /media/ { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Scheme $scheme; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://127.0.0.1:8003/; + proxy_redirect off; + } + + # Events + location /events { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_connect_timeout 7d; + proxy_send_timeout 7d; + proxy_read_timeout 7d; + proxy_pass http://127.0.0.1:8888/events; + } + +} diff --git a/profiles/templates/taiga/postgresql/.calculate_directory b/profiles/templates/taiga/postgresql/.calculate_directory new file mode 100644 index 0000000..0e3fbac --- /dev/null +++ b/profiles/templates/taiga/postgresql/.calculate_directory @@ -0,0 +1 @@ +# Calculate env=install ac_install_merge==on mergepkg(dev-db/postgresql)!= append=skip diff --git a/profiles/templates/taiga/postgresql/database/.calculate_directory b/profiles/templates/taiga/postgresql/database/.calculate_directory new file mode 100644 index 0000000..16336cf --- /dev/null +++ b/profiles/templates/taiga/postgresql/database/.calculate_directory @@ -0,0 +1 @@ +# Calculate path=/var/calculate name=postgresql chmod=700 chown=postgres:postgres diff --git a/profiles/templates/taiga/postgresql/etc-12/.calculate_directory b/profiles/templates/taiga/postgresql/etc-12/.calculate_directory new file mode 100644 index 0000000..3b430ca --- /dev/null +++ b/profiles/templates/taiga/postgresql/etc-12/.calculate_directory @@ -0,0 +1 @@ +# Calculate path=/etc name=postgresql-#-cut(1)-# diff --git a/profiles/templates/taiga/postgresql/etc-12/pg_hba.conf b/profiles/templates/taiga/postgresql/etc-12/pg_hba.conf new file mode 100644 index 0000000..d743b59 --- /dev/null +++ b/profiles/templates/taiga/postgresql/etc-12/pg_hba.conf @@ -0,0 +1,10 @@ +# Calculate chmod=600 comment=# chown=postgres:postgres + +# TYPE DATABASE USER ADDRESS METHOD + +# "local" is for Unix domain socket connections only +local all all trust +# IPv4 local connections: +host all all 127.0.0.1/32 trust +# IPv6 local connections: +host all all ::1/128 trust diff --git a/profiles/templates/taiga/postgresql/etc-12/pg_ident.conf b/profiles/templates/taiga/postgresql/etc-12/pg_ident.conf new file mode 100644 index 0000000..4559188 --- /dev/null +++ b/profiles/templates/taiga/postgresql/etc-12/pg_ident.conf @@ -0,0 +1 @@ +# Calculate chmod=600 comment=# chown=postgres:postgres diff --git a/profiles/templates/taiga/postgresql/etc-12/postgresql.conf b/profiles/templates/taiga/postgresql/etc-12/postgresql.conf new file mode 100644 index 0000000..dcf6016 --- /dev/null +++ b/profiles/templates/taiga/postgresql/etc-12/postgresql.conf @@ -0,0 +1,18 @@ +# Calculate chmod=600 comment=# chown=postgres:postgres + +max_connections = 100 # (change requires restart) +shared_buffers = 128MB # min 128kB +dynamic_shared_memory_type = posix # the default is the first option +max_wal_size = 1GB +min_wal_size = 80MB +log_timezone = 'W-SU' +datestyle = 'iso, dmy' +timezone = 'W-SU' +lc_messages = 'ru_RU.UTF-8' # locale for system error message +lc_monetary = 'ru_RU.UTF-8' # locale for monetary formatting +lc_numeric = 'C' # locale for number formatting +lc_time = 'ru_RU.UTF-8' # locale for time formatting +default_text_search_config = 'pg_catalog.russian' +plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";' + +listen_addresses = '127.0.0.1' diff --git a/profiles/templates/taiga/postgresql/link.database b/profiles/templates/taiga/postgresql/link.database new file mode 100644 index 0000000..6c5199d --- /dev/null +++ b/profiles/templates/taiga/postgresql/link.database @@ -0,0 +1 @@ +# Calculate path=/var/lib name=postgresql link=/var/calculate/postgresql symbolic protected diff --git a/profiles/templates/taiga/rabbitmq-server/.calculate_directory b/profiles/templates/taiga/rabbitmq-server/.calculate_directory new file mode 100644 index 0000000..ff544ea --- /dev/null +++ b/profiles/templates/taiga/rabbitmq-server/.calculate_directory @@ -0,0 +1 @@ +# Calculate env=install ac_install_merge==on mergepkg(net-misc/rabbitmq-server)!= append=skip diff --git a/profiles/templates/taiga/rabbitmq-server/database/.calculate_directory b/profiles/templates/taiga/rabbitmq-server/database/.calculate_directory new file mode 100644 index 0000000..8b152bc --- /dev/null +++ b/profiles/templates/taiga/rabbitmq-server/database/.calculate_directory @@ -0,0 +1 @@ +# Calculate path=/var/calculate name=rabbitmq chmod=750 chown=rabbitmq:rabbitmq diff --git a/profiles/templates/taiga/rabbitmq-server/link.database b/profiles/templates/taiga/rabbitmq-server/link.database new file mode 100644 index 0000000..ead36af --- /dev/null +++ b/profiles/templates/taiga/rabbitmq-server/link.database @@ -0,0 +1 @@ +# Calculate path=/var/lib name=rabbitmq link=/var/calculate/rabbitmq symbolic protected diff --git a/profiles/templates/taiga/taiga/.calculate_directory b/profiles/templates/taiga/taiga/.calculate_directory new file mode 100644 index 0000000..ae03782 --- /dev/null +++ b/profiles/templates/taiga/taiga/.calculate_directory @@ -0,0 +1 @@ +# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip diff --git a/profiles/templates/taiga/taiga/0-etc.taiga.group b/profiles/templates/taiga/taiga/0-etc.taiga.group new file mode 100644 index 0000000..b18c6a1 --- /dev/null +++ b/profiles/templates/taiga/taiga/0-etc.taiga.group @@ -0,0 +1,2 @@ +# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected +taiga:x:1000: diff --git a/profiles/templates/taiga/taiga/0-etc.taiga.passwd b/profiles/templates/taiga/taiga/0-etc.taiga.passwd new file mode 100644 index 0000000..7bee651 --- /dev/null +++ b/profiles/templates/taiga/taiga/0-etc.taiga.passwd @@ -0,0 +1,2 @@ +# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected +taiga:x:1000:1000::/var/calculate/www/taiga:/bin/bash diff --git a/profiles/templates/taiga/taiga/0-etc.taiga.shadow b/profiles/templates/taiga/taiga/0-etc.taiga.shadow new file mode 100644 index 0000000..693af17 --- /dev/null +++ b/profiles/templates/taiga/taiga/0-etc.taiga.shadow @@ -0,0 +1,2 @@ +# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected +taiga:!:19297:0:99999:7::: diff --git a/profiles/templates/taiga/taiga/conf.taiga b/profiles/templates/taiga/taiga/conf.taiga new file mode 100644 index 0000000..6857108 --- /dev/null +++ b/profiles/templates/taiga/taiga/conf.taiga @@ -0,0 +1,3 @@ +# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-# +export PYTHONUNBUFFERED=true +export DJANGO_SETTINGS_MODULE=settings.config diff --git a/profiles/templates/taiga/taiga/conf.taiga-async b/profiles/templates/taiga/taiga/conf.taiga-async new file mode 100644 index 0000000..6857108 --- /dev/null +++ b/profiles/templates/taiga/taiga/conf.taiga-async @@ -0,0 +1,3 @@ +# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-# +export PYTHONUNBUFFERED=true +export DJANGO_SETTINGS_MODULE=settings.config diff --git a/profiles/templates/taiga/taiga/conf.taiga-protected b/profiles/templates/taiga/taiga/conf.taiga-protected new file mode 100644 index 0000000..7342123 --- /dev/null +++ b/profiles/templates/taiga/taiga/conf.taiga-protected @@ -0,0 +1,2 @@ +# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-# +export PYTHONUNBUFFERED=true diff --git a/profiles/templates/taiga/taiga/config.taiga b/profiles/templates/taiga/taiga/config.taiga new file mode 100644 index 0000000..5fcb4f9 --- /dev/null +++ b/profiles/templates/taiga/taiga/config.taiga @@ -0,0 +1,15 @@ +# Calculate path=/var/calculate/config name=#-cut(1,.)-# chmod=600 chown=taiga:taiga comment=# grep(/var/calculate/config/#-cut(1,.)-#,PROTOCOL)== protected +PROTOCOL='http' +TAIGA_SITES_DOMAIN='taiga.example.org' +FROM_EMAIL='taiga@example.org' +SMTP_HOST='smtp@example.org' +SMTP_PORT=25 +SMTP_TLS='False' +SMTP_SSL='False' +SMTP_USER= +SMTP_PASSWORD= +NODE='12.22.12' +SECRET_KEY='#-rnd(pas,16)-#' +PGSQL_PASSWORD='#-rnd(pas,16)-#' +RABBITMQ_USER='taiga' +RABBITMQ_PASSWORD='#-rnd(pas,16)-#' diff --git a/profiles/templates/taiga/taiga/init.taiga b/profiles/templates/taiga/taiga/init.taiga new file mode 100644 index 0000000..affe154 --- /dev/null +++ b/profiles/templates/taiga/taiga/init.taiga @@ -0,0 +1,26 @@ +# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# +#!/sbin/openrc-run +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="Taiga daemon" +description="" +pidfile=/run/taiga-back.pid +command_user=taiga +output_log=/var/log/taiga-back.log +error_log=/var/log/taiga-back.log +directory=/var/calculate/www/taiga/taiga-back +start_stop_daemon_args="" +command="/var/calculate/www/taiga/taiga-back/.venv/bin/gunicorn" +command_args="--workers 4 --timeout 60 --log-level=info --access-logfile - --bind 0.0.0.0:8001 taiga.wsgi" +source /var/calculate/www/taiga/taiga-back/.venv/bin/activate +command_background=true + +depend() { + need nginx postgresql + need taiga-async taiga-events taiga-protected +} + +start_pre() { + checkpath -f -o taiga -m 0600 /var/log/taiga-back.log +} diff --git a/profiles/templates/taiga/taiga/init.taiga-async b/profiles/templates/taiga/taiga/init.taiga-async new file mode 100644 index 0000000..3165ee2 --- /dev/null +++ b/profiles/templates/taiga/taiga/init.taiga-async @@ -0,0 +1,25 @@ +# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# +#!/sbin/openrc-run +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="Taiga-async-tasks daemon" +description="Async tasks, like bulk email or exports generation" +pidfile=/run/taiga-async.pid +command_user=taiga +output_log=/var/log/taiga-async.log +error_log=/var/log/taiga-async.log +directory=/var/calculate/www/taiga/taiga-back +start_stop_daemon_args="" +command="/var/calculate/www/taiga/taiga-back/.venv/bin/celery" +command_args="-A taiga.celery worker -B --concurrency 4 -l INFO" +source /var/calculate/www/taiga/taiga-back/.venv/bin/activate +command_background=true + +depend() { + need rabbitmq +} + +start_pre() { + checkpath -f -o taiga -m 0600 /var/log/taiga-async.log +} diff --git a/profiles/templates/taiga/taiga/init.taiga-events b/profiles/templates/taiga/taiga/init.taiga-events new file mode 100644 index 0000000..c498d83 --- /dev/null +++ b/profiles/templates/taiga/taiga/init.taiga-events @@ -0,0 +1,22 @@ +# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# +#!/sbin/openrc-run +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="Taiga-events daemon" +description="Websockets gateway" +pidfile=/run/taiga-events.pid +command_user=taiga +output_log=/var/log/taiga-events.log +error_log=/var/log/taiga-events.log +directory=/var/calculate/www/taiga/taiga-events +start_stop_daemon_args="" +command="npm" +command_args="run start:production" +source /var/calculate/www/taiga/.node-live/bin/activate +command_background=true + +start_pre() { + checkpath -f -o taiga -m 0600 /var/log/taiga-events.log +} + diff --git a/profiles/templates/taiga/taiga/init.taiga-protected b/profiles/templates/taiga/taiga/init.taiga-protected new file mode 100644 index 0000000..c696a60 --- /dev/null +++ b/profiles/templates/taiga/taiga/init.taiga-protected @@ -0,0 +1,21 @@ +# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=# +#!/sbin/openrc-run +# Copyright 2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="Taiga-protected daemon" +description="Protected attachments" +pidfile=/run/taiga-protected.pid +command_user=taiga +output_log=/var/log/taiga-protected.log +error_log=/var/log/taiga-protected.log +directory=/var/calculate/www/taiga/taiga-protected +start_stop_daemon_args="" +command="/var/calculate/www/taiga/taiga-protected/.venv/bin/gunicorn" +command_args="--workers 4 --timeout 60 --log-level=info --access-logfile - --bind 0.0.0.0:8003 server:app" +source /var/calculate/www/taiga/taiga-protected/.venv/bin/activate +command_background=true + +start_pre() { + checkpath -f -o taiga -m 0600 /var/log/taiga-protected.log +} diff --git a/profiles/templates/taiga/taiga/runlevel.taiga b/profiles/templates/taiga/taiga/runlevel.taiga new file mode 100644 index 0000000..d96c623 --- /dev/null +++ b/profiles/templates/taiga/taiga/runlevel.taiga @@ -0,0 +1 @@ +# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic diff --git a/profiles/templates/taiga/taiga/sh.install-taiga b/profiles/templates/taiga/taiga/sh.install-taiga new file mode 100644 index 0000000..352af9a --- /dev/null +++ b/profiles/templates/taiga/taiga/sh.install-taiga @@ -0,0 +1,123 @@ +# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=# +#!/bin/bash + +set -eo pipefail +export PATH="/lib/rc/bin:$PATH" + +if [[ $UID == 0 ]] +then + exec su - taiga -c /var/calculate/bin/install-taiga +fi + +source /var/calculate/config/taiga + +if [[ ! -e ~/.node-live ]] +then + einfo Установка Node.js + cd ~ + nodeenv --node=$NODE .node-${NODE%%.*} + ln -sfT .node-${NODE%%.*} .node-live +fi +source ~/.node-live/bin/activate + +set -u + +install_taiga_back(){ + cd ~ + einfo 'Получение кода taiga_back' + git clone https://github.com/kaleidos-ventures/taiga-back.git taiga-back + cd taiga-back + git checkout stable + + einfo 'Создание виртуальной среды' + python -m venv .venv --prompt taiga-back + source .venv/bin/activate + pip install --upgrade pip wheel + + einfo 'Установка всех зависимостей Python' + pip install -r requirements.txt + + einfo 'Установка taiga-contrib-protected' + pip install git+https://github.com/kaleidos-ventures/taiga-contrib-protected.git@stable#egg=taiga-contrib-protected + + ebegin 'Копирование фала настроек' + cp settings/config.py.prod.example settings/config.py + eend +} + +install_taiga_front_dist(){ + cd ~ + einfo 'Получeние кода taiga_front_dist' + git clone https://github.com/kaleidos-ventures/taiga-front-dist.git taiga-front-dist + cd taiga-front-dist + git checkout stable + + ebegin 'Копирование примера файла конфигурации' + cp ~/taiga-front-dist/dist/conf.example.json ~/taiga-front-dist/dist/conf.json + eend +} + +install_taiga_events(){ + cd ~ + einfo 'Получение кода taiga_events' + git clone https://github.com/kaleidos-ventures/taiga-events.git taiga-events + cd taiga-events + git checkout stable + + einfo 'Установка необходимых зависимостей JavaScript' + #source ~/.node-live/bin/activate + npm install + npm audit fix + + ebegin 'Создание .env файла на основе предоставленного примера' + cp .env.example .env + eend +} + +install_taiga_protected(){ + cd ~ + einfo 'Получение кода taiga_protected' + git clone https://github.com/kaleidos-ventures/taiga-protected.git taiga-protected + cd taiga-protected + git checkout stable + + einfo 'Создание виртуальной среды' + python -m venv .venv --prompt taiga-protected + source .venv/bin/activate + pip install --upgrade pip wheel + + einfo 'Установка всех зависимостей Python' + pip install -r requirements.txt + + ebegin 'Копирование примера файла конфигурации' + cp ~/taiga-protected/env.sample ~/taiga-protected/.env + eend +} + +migrate_pgsql(){ + cd ~ + cd taiga-back + source .venv/bin/activate + DJANGO_SETTINGS_MODULE=settings.config python manage.py migrate --noinput + einfo create an administrator with strong password + CELERY_ENABLED=False DJANGO_SETTINGS_MODULE=settings.config python manage.py createsuperuser + DJANGO_SETTINGS_MODULE=settings.config python manage.py loaddata initial_project_templates + DJANGO_SETTINGS_MODULE=settings.config python manage.py compilemessages + DJANGO_SETTINGS_MODULE=settings.config python manage.py collectstatic --noinput +} + +#----------------------------------------------------------------------------- +# Запуск +#----------------------------------------------------------------------------- +[[ ! -e ~/taiga-back ]] && install_taiga_back + +[[ ! -e ~/taiga-front-dist ]] && install_taiga_front_dist + +[[ ! -e ~/taiga-events ]] && install_taiga_events + +[[ ! -e ~/taiga-protected ]] && install_taiga_protected + +einfo "Все установлено! Для настройки Taiga выполните 'setup-taiga'." + +#migrate_pgsql + diff --git a/profiles/templates/taiga/taiga/sh.setup-postgresql b/profiles/templates/taiga/taiga/sh.setup-postgresql new file mode 100644 index 0000000..9c21092 --- /dev/null +++ b/profiles/templates/taiga/taiga/sh.setup-postgresql @@ -0,0 +1,32 @@ +# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=# +#!/bin/bash + +set -ueo pipefail +export PATH="/lib/rc/bin:$PATH" +source /var/calculate/config/taiga + +ebegin 'Проверка выполненной базовой настройки' +if [[ ! -e /var/lib/postgresql/12 ]] +then + echo Выполните настройку 'emerge --config =dev-db/postgresql-12.12'. + exit 1 +fi +eend + +ebegin 'Проверка запущенного PostgreSQL' +if [[ $(ls /run/postgresql/.*lock 2>/dev/null | wc -l) == 0 ]] +then + echo Запустите PostgreSQL + exit 1 +fi +eend + +ebegin 'Проверка наличия роли taiga' +$(psql -U taiga -d taiga -c '\dt' 2&>/dev/null) || { + echo Пароль: $PGSQL_PASSWORD + createuser -U postgres -P taiga + createdb -U postgres -O taiga taiga +} +eend + +cl-core-setup -n postgresql diff --git a/profiles/templates/taiga/taiga/sh.setup-rabbit b/profiles/templates/taiga/taiga/sh.setup-rabbit new file mode 100644 index 0000000..91c6697 --- /dev/null +++ b/profiles/templates/taiga/taiga/sh.setup-rabbit @@ -0,0 +1,18 @@ +# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=# +#!/bin/bash +set -ueo pipefail +export PATH="/lib/rc/bin:$PATH" +source /var/calculate/config/taiga + +rabbit_configure(){ + if [[ ! -e /var/lib/rabbitmq/mnesia ]] + then + /etc/init.d/rabbitmq start + + rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD + rabbitmqctl add_vhost taiga + rabbitmqctl set_permissions -p taiga $RABBITMQ_USER ".*" ".*" ".*" + fi +} + +rabbit_configure diff --git a/profiles/templates/taiga/taiga/sh.setup-taiga b/profiles/templates/taiga/taiga/sh.setup-taiga new file mode 100644 index 0000000..2938ae1 --- /dev/null +++ b/profiles/templates/taiga/taiga/sh.setup-taiga @@ -0,0 +1,164 @@ +# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=# +#!/bin/bash +export PATH="/lib/rc/bin:$PATH" +set -ueo pipefail + +source /var/calculate/config/taiga + +replace=( + "taiga-back/settings/config.py" "" + "('PASSWORD':).*" "\1 '${PGSQL_PASSWORD}'," + "^.*(SECRET_KEY =).*" "\1 \"${SECRET_KEY}\"" + "^.*(TAIGA_SITES_SCHEME =).*" "\1 \"${PROTOCOL}\"" + "^.*(TAIGA_SITES_DOMAIN =).*" "\1 \"${TAIGA_SITES_DOMAIN}\"" + "^.*(MEDIA_ROOT =).*" "\1 '/var/calculate/www/taiga/taiga-back/media'" + "^.*(DEFAULT_FROM_EMAIL =).*" "\1 '${FROM_EMAIL}'" + "^.*(EMAIL_USE_TLS =).*" "\1 '${SMTP_TLS}'" + "^.*(EMAIL_USE_SSL =).*" "\1 '${SMTP_SSL}'" + "^.*(EMAIL_HOST =).*" "\1 '${SMTP_HOST}'" + "^.*(EMAIL_PORT =).*" "\1 ${SMTP_PORT}" + "^.*(EMAIL_HOST_USER =).*" "\1 '${SMTP_USER}'" + "^.*(EMAIL_HOST_PASSWORD =).*" "\1 '${SMTP_PASSWORD}'" + "(\"url\": \"amqp://).*(:5672/taiga\")" "\1${RABBITMQ_USER}:${RABBITMQ_PASSWORD}@localhost\2" + "^.*(CELERY_BROKER_URL =).*" "\1 \"amqp://${RABBITMQ_USER}:${RABBITMQ_PASSWORD}@localhost:5672/taiga\"" + "^.*(CELERY_TIMEZONE =).*" "\1 'Europe/Moscow'" + "^.*(ENABLE_TELEMETRY =).*" "\1 False" + "^.*(PUBLIC_REGISTER_ENABLED =).*" "\1 True" + + "taiga-front-dist/dist/conf.json" "" + "(\"api\":).*" "\1 \"${PROTOCOL}://${TAIGA_SITES_DOMAIN}/api/v1/\"," + "(\"eventsUrl\":).*" "\1 \"wss://${TAIGA_SITES_DOMAIN}/events\"," + "(\"defaultLanguage\":).*" "\1 \"ru\"," + "(\"publicRegisterEnabled\":).*" "\1 true," + "(\"supportUrl\":).*" "\1 \"${PROTOCOL}://${TAIGA_SITES_DOMAIN}\"," + "(\"gravatar\":).*" "\1 false," + + "taiga-events/.env" "" + "^.*(RABBITMQ_URL=).*" "\1\"amqp://${RABBITMQ_USER}:${RABBITMQ_PASSWORD}@localhost:5672/taiga\"" + "^.*(SECRET=).*" "\1\"${SECRET_KEY}\"" + + "taiga-protected/.env" "" + "^.*(SECRET_KEY=).*" "\1\"${SECRET_KEY}\"" +) + +homedir=/var/calculate/www/taiga +if [[ -d $homedir ]] +then + cd $homedir +else + eerror "Отсутствует директория $homedir!" + exit 1 +fi + +check_conf(){ + conf= + for (( i=0; i < ${#replace[@]}; i += 2 )) + do + from=${replace[$i]} + to=${replace[$i+1]} + + if [[ $to == '' ]] + then + conf=$from + continue + fi + if [[ ! -e $conf ]] + then + eerror "Не найден файл ~/taiga/$conf. Установите Taiga выполнив 'install-taiga'." + exit 2 + fi + + grep -qE "$from" $conf || exit 1 + done +} + +check_show(){ + conf= + for (( i=0; i < ${#replace[@]}; i += 2 )) + do + from=${replace[$i]} + to=${replace[$i+1]} + if [[ $to == '' ]] + then + conf=$from + echo "$conf" + continue + fi + + err=0 + + grep -qE "$from" $conf || err=1 + + if [[ $err == 0 ]] + then + einfo $from + else + eerror $from || true + fi + eend $err || true + done +} + +configure_conf(){ + conf= + for (( i=0; i < ${#replace[@]}; i += 2 )) + do + from=${replace[$i]} + to=${replace[$i+1]} + + if [[ $to == '' ]] + then + if [[ $conf != '' ]] + then + eend + fi + conf=$from + ebegin $conf + continue + fi + + sed -i -E "s|$from|$to|g" $conf + done + eend +} + +show_conf(){ + conf= + for (( i=0; i < ${#replace[@]}; i += 2 )) + do + from=${replace[$i]} + to=${replace[$i+1]} + + if [[ $to == '' ]] + then + conf=$from + echo '#-------------------------------------------------------------------------' + echo " $conf" + echo '#-------------------------------------------------------------------------' + continue + fi + + grep -E "$from" $conf + done +} + +ebegin 'Проверка настраиваемых переменных' +`check_conf` || { + if [[ $? == 1 ]] + then + check_show + fi + exit +} +eend + +einfo 'Настройка конфигурационных файлов:' +configure_conf + +if [[ $# == 0 ]] +then + einfo "Для отображения настроенных опций выполните '$0 show'." +else + einfo 'Настроенные параметры:' + show_conf +fi diff --git a/profiles/templates/taiga/taiga/www/.calculate_directory b/profiles/templates/taiga/taiga/www/.calculate_directory new file mode 100644 index 0000000..814ccaf --- /dev/null +++ b/profiles/templates/taiga/taiga/www/.calculate_directory @@ -0,0 +1 @@ +# Calculate path=/var/calculate diff --git a/profiles/templates/taiga/taiga/www/taiga/.calculate_directory b/profiles/templates/taiga/taiga/www/taiga/.calculate_directory new file mode 100644 index 0000000..0e51530 --- /dev/null +++ b/profiles/templates/taiga/taiga/www/taiga/.calculate_directory @@ -0,0 +1 @@ +# Calculate chmod=750 chown=taiga:nginx