parent
8c1fdc8bb2
commit
65dc16c678
@ -0,0 +1,2 @@
|
|||||||
|
calculate:default/amd64/20/server
|
||||||
|
../..
|
@ -0,0 +1,2 @@
|
|||||||
|
../../../../calculate/profiles/default/amd64/18/server
|
||||||
|
..
|
@ -0,0 +1,3 @@
|
|||||||
|
[main]
|
||||||
|
os_linux_name = 'Calculate Taiga'
|
||||||
|
os_linux_shortname = 'taiga'
|
@ -0,0 +1 @@
|
|||||||
|
..
|
@ -0,0 +1,10 @@
|
|||||||
|
# Calculate name=world format=world
|
||||||
|
|
||||||
|
#?in(os_linux_pkglist, taiga)!=#
|
||||||
|
dev-db/postgresql:12
|
||||||
|
dev-python/nodeenv
|
||||||
|
dev-python/setuptools
|
||||||
|
net-misc/rabbitmq-server
|
||||||
|
sys-devel/gettext
|
||||||
|
www-servers/nginx
|
||||||
|
#in#
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate os_linux_shortname==taiga cl_name==calculate-core append=skip
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip
|
@ -0,0 +1,85 @@
|
|||||||
|
# Calculate path=/etc/nginx/sites-enabled comment=#
|
||||||
|
server {
|
||||||
|
listen 80 default_server;
|
||||||
|
server_name taiga.example.org;
|
||||||
|
|
||||||
|
large_client_header_buffers 4 32k;
|
||||||
|
client_max_body_size 50M;
|
||||||
|
charset utf-8;
|
||||||
|
|
||||||
|
access_log /var/log/nginx/taiga-access.log;
|
||||||
|
error_log /var/log/nginx/taiga-error.log;
|
||||||
|
|
||||||
|
|
||||||
|
# TLS: Configure your TLS following the best practices inside your company
|
||||||
|
# Other configurations
|
||||||
|
|
||||||
|
# Frontend
|
||||||
|
location / {
|
||||||
|
alias /var/calculate/www/taiga/taiga-front-dist/dist/;
|
||||||
|
index index.html;
|
||||||
|
try_files $uri $uri/ index.html =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
# API
|
||||||
|
location /api/ {
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Scheme $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_pass http://127.0.0.1:8001/api/;
|
||||||
|
proxy_redirect off;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Admin
|
||||||
|
location /admin/ {
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Scheme $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_pass http://127.0.0.1:8001/admin/;
|
||||||
|
proxy_redirect off;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Static files
|
||||||
|
location /static/ {
|
||||||
|
alias /var/calculate/www/taiga/taiga-back/static/;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Media
|
||||||
|
location /_protected/ {
|
||||||
|
internal;
|
||||||
|
alias /var/calculate/www/taiga/taiga-back/media/;
|
||||||
|
add_header Content-disposition "attachment";
|
||||||
|
}
|
||||||
|
|
||||||
|
# Unprotected section
|
||||||
|
location /media/exports/ {
|
||||||
|
alias /var/calculate/www/taiga/taiga-back/media/exports/;
|
||||||
|
add_header Content-disposition "attachment";
|
||||||
|
}
|
||||||
|
|
||||||
|
location /media/ {
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Scheme $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_pass http://127.0.0.1:8003/;
|
||||||
|
proxy_redirect off;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Events
|
||||||
|
location /events {
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
proxy_connect_timeout 7d;
|
||||||
|
proxy_send_timeout 7d;
|
||||||
|
proxy_read_timeout 7d;
|
||||||
|
proxy_pass http://127.0.0.1:8888/events;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(dev-db/postgresql)!= append=skip
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/calculate name=postgresql chmod=700 chown=postgres:postgres
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc name=postgresql-#-cut(1)-#
|
@ -0,0 +1,10 @@
|
|||||||
|
# Calculate chmod=600 comment=# chown=postgres:postgres
|
||||||
|
|
||||||
|
# TYPE DATABASE USER ADDRESS METHOD
|
||||||
|
|
||||||
|
# "local" is for Unix domain socket connections only
|
||||||
|
local all all trust
|
||||||
|
# IPv4 local connections:
|
||||||
|
host all all 127.0.0.1/32 trust
|
||||||
|
# IPv6 local connections:
|
||||||
|
host all all ::1/128 trust
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate chmod=600 comment=# chown=postgres:postgres
|
@ -0,0 +1,18 @@
|
|||||||
|
# Calculate chmod=600 comment=# chown=postgres:postgres
|
||||||
|
|
||||||
|
max_connections = 100 # (change requires restart)
|
||||||
|
shared_buffers = 128MB # min 128kB
|
||||||
|
dynamic_shared_memory_type = posix # the default is the first option
|
||||||
|
max_wal_size = 1GB
|
||||||
|
min_wal_size = 80MB
|
||||||
|
log_timezone = 'W-SU'
|
||||||
|
datestyle = 'iso, dmy'
|
||||||
|
timezone = 'W-SU'
|
||||||
|
lc_messages = 'ru_RU.UTF-8' # locale for system error message
|
||||||
|
lc_monetary = 'ru_RU.UTF-8' # locale for monetary formatting
|
||||||
|
lc_numeric = 'C' # locale for number formatting
|
||||||
|
lc_time = 'ru_RU.UTF-8' # locale for time formatting
|
||||||
|
default_text_search_config = 'pg_catalog.russian'
|
||||||
|
plperl.on_init = 'use utf8; use re; package utf8; require "utf8_heavy.pl";'
|
||||||
|
|
||||||
|
listen_addresses = '127.0.0.1'
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/lib name=postgresql link=/var/calculate/postgresql symbolic protected
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(net-misc/rabbitmq-server)!= append=skip
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/calculate name=rabbitmq chmod=750 chown=rabbitmq:rabbitmq
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/lib name=rabbitmq link=/var/calculate/rabbitmq symbolic protected
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate env=install ac_install_merge==on mergepkg(www-servers/nginx)!= append=skip
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||||
|
taiga:x:1000:
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||||
|
taiga:x:1000:1000::/var/calculate/www/taiga:/bin/bash
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate append=after path=/etc name=#-cut(2,.)-# grep(/etc/#-cut(2,.)-#,#-cut(1,.)-#)== protected
|
||||||
|
taiga:!:19297:0:99999:7:::
|
@ -0,0 +1,3 @@
|
|||||||
|
# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-#
|
||||||
|
export PYTHONUNBUFFERED=true
|
||||||
|
export DJANGO_SETTINGS_MODULE=settings.config
|
@ -0,0 +1,3 @@
|
|||||||
|
# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-#
|
||||||
|
export PYTHONUNBUFFERED=true
|
||||||
|
export DJANGO_SETTINGS_MODULE=settings.config
|
@ -0,0 +1,2 @@
|
|||||||
|
# Calculate format=openrc path=/etc/conf.d name=#-cut(1,.)-#
|
||||||
|
export PYTHONUNBUFFERED=true
|
@ -0,0 +1,15 @@
|
|||||||
|
# Calculate path=/var/calculate/config name=#-cut(1,.)-# chmod=600 chown=taiga:taiga comment=# grep(/var/calculate/config/#-cut(1,.)-#,PROTOCOL)== protected
|
||||||
|
PROTOCOL='http'
|
||||||
|
TAIGA_SITES_DOMAIN='taiga.example.org'
|
||||||
|
FROM_EMAIL='taiga@example.org'
|
||||||
|
SMTP_HOST='smtp@example.org'
|
||||||
|
SMTP_PORT=25
|
||||||
|
SMTP_TLS='False'
|
||||||
|
SMTP_SSL='False'
|
||||||
|
SMTP_USER=
|
||||||
|
SMTP_PASSWORD=
|
||||||
|
NODE='12.22.12'
|
||||||
|
SECRET_KEY='#-rnd(pas,16)-#'
|
||||||
|
PGSQL_PASSWORD='#-rnd(pas,16)-#'
|
||||||
|
RABBITMQ_USER='taiga'
|
||||||
|
RABBITMQ_PASSWORD='#-rnd(pas,16)-#'
|
@ -0,0 +1,26 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
# Copyright 2022 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
name="Taiga daemon"
|
||||||
|
description=""
|
||||||
|
pidfile=/run/taiga-back.pid
|
||||||
|
command_user=taiga
|
||||||
|
output_log=/var/log/taiga-back.log
|
||||||
|
error_log=/var/log/taiga-back.log
|
||||||
|
directory=/var/calculate/www/taiga/taiga-back
|
||||||
|
start_stop_daemon_args=""
|
||||||
|
command="/var/calculate/www/taiga/taiga-back/.venv/bin/gunicorn"
|
||||||
|
command_args="--workers 4 --timeout 60 --log-level=info --access-logfile - --bind 0.0.0.0:8001 taiga.wsgi"
|
||||||
|
source /var/calculate/www/taiga/taiga-back/.venv/bin/activate
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
need nginx postgresql
|
||||||
|
need taiga-async taiga-events taiga-protected
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o taiga -m 0600 /var/log/taiga-back.log
|
||||||
|
}
|
@ -0,0 +1,25 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
# Copyright 2022 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
name="Taiga-async-tasks daemon"
|
||||||
|
description="Async tasks, like bulk email or exports generation"
|
||||||
|
pidfile=/run/taiga-async.pid
|
||||||
|
command_user=taiga
|
||||||
|
output_log=/var/log/taiga-async.log
|
||||||
|
error_log=/var/log/taiga-async.log
|
||||||
|
directory=/var/calculate/www/taiga/taiga-back
|
||||||
|
start_stop_daemon_args=""
|
||||||
|
command="/var/calculate/www/taiga/taiga-back/.venv/bin/celery"
|
||||||
|
command_args="-A taiga.celery worker -B --concurrency 4 -l INFO"
|
||||||
|
source /var/calculate/www/taiga/taiga-back/.venv/bin/activate
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
depend() {
|
||||||
|
need rabbitmq
|
||||||
|
}
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o taiga -m 0600 /var/log/taiga-async.log
|
||||||
|
}
|
@ -0,0 +1,22 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
# Copyright 2022 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
name="Taiga-events daemon"
|
||||||
|
description="Websockets gateway"
|
||||||
|
pidfile=/run/taiga-events.pid
|
||||||
|
command_user=taiga
|
||||||
|
output_log=/var/log/taiga-events.log
|
||||||
|
error_log=/var/log/taiga-events.log
|
||||||
|
directory=/var/calculate/www/taiga/taiga-events
|
||||||
|
start_stop_daemon_args=""
|
||||||
|
command="npm"
|
||||||
|
command_args="run start:production"
|
||||||
|
source /var/calculate/www/taiga/.node-live/bin/activate
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o taiga -m 0600 /var/log/taiga-events.log
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,21 @@
|
|||||||
|
# Calculate path=/etc/init.d name=#-cut(1,.)-# chmod=755 comment=#
|
||||||
|
#!/sbin/openrc-run
|
||||||
|
# Copyright 2022 Gentoo Authors
|
||||||
|
# Distributed under the terms of the GNU General Public License v2
|
||||||
|
|
||||||
|
name="Taiga-protected daemon"
|
||||||
|
description="Protected attachments"
|
||||||
|
pidfile=/run/taiga-protected.pid
|
||||||
|
command_user=taiga
|
||||||
|
output_log=/var/log/taiga-protected.log
|
||||||
|
error_log=/var/log/taiga-protected.log
|
||||||
|
directory=/var/calculate/www/taiga/taiga-protected
|
||||||
|
start_stop_daemon_args=""
|
||||||
|
command="/var/calculate/www/taiga/taiga-protected/.venv/bin/gunicorn"
|
||||||
|
command_args="--workers 4 --timeout 60 --log-level=info --access-logfile - --bind 0.0.0.0:8003 server:app"
|
||||||
|
source /var/calculate/www/taiga/taiga-protected/.venv/bin/activate
|
||||||
|
command_background=true
|
||||||
|
|
||||||
|
start_pre() {
|
||||||
|
checkpath -f -o taiga -m 0600 /var/log/taiga-protected.log
|
||||||
|
}
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/etc/runlevels/default name=#-cut(1,.)-# link=/etc/init.d/#-cut(1,.)-# protected symbolic
|
@ -0,0 +1,32 @@
|
|||||||
|
# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=#
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -ueo pipefail
|
||||||
|
export PATH="/lib/rc/bin:$PATH"
|
||||||
|
source /var/calculate/config/taiga
|
||||||
|
|
||||||
|
ebegin 'Проверка выполненной базовой настройки'
|
||||||
|
if [[ ! -e /var/lib/postgresql/12 ]]
|
||||||
|
then
|
||||||
|
echo Выполните настройку 'emerge --config =dev-db/postgresql-12.12'.
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
eend
|
||||||
|
|
||||||
|
ebegin 'Проверка запущенного PostgreSQL'
|
||||||
|
if [[ $(ls /run/postgresql/.*lock 2>/dev/null | wc -l) == 0 ]]
|
||||||
|
then
|
||||||
|
echo Запустите PostgreSQL
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
eend
|
||||||
|
|
||||||
|
ebegin 'Проверка наличия роли taiga'
|
||||||
|
$(psql -U taiga -d taiga -c '\dt' 2&>/dev/null) || {
|
||||||
|
echo Пароль: $PGSQL_PASSWORD
|
||||||
|
createuser -U postgres -P taiga
|
||||||
|
createdb -U postgres -O taiga taiga
|
||||||
|
}
|
||||||
|
eend
|
||||||
|
|
||||||
|
cl-core-setup -n postgresql
|
@ -0,0 +1,18 @@
|
|||||||
|
# Calculate path=/var/calculate/bin name=#-cut(1,.)-# chmod=755 comment=#
|
||||||
|
#!/bin/bash
|
||||||
|
set -ueo pipefail
|
||||||
|
export PATH="/lib/rc/bin:$PATH"
|
||||||
|
source /var/calculate/config/taiga
|
||||||
|
|
||||||
|
rabbit_configure(){
|
||||||
|
if [[ ! -e /var/lib/rabbitmq/mnesia ]]
|
||||||
|
then
|
||||||
|
/etc/init.d/rabbitmq start
|
||||||
|
|
||||||
|
rabbitmqctl add_user $RABBITMQ_USER $RABBITMQ_PASSWORD
|
||||||
|
rabbitmqctl add_vhost taiga
|
||||||
|
rabbitmqctl set_permissions -p taiga $RABBITMQ_USER ".*" ".*" ".*"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
rabbit_configure
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate path=/var/calculate
|
@ -0,0 +1 @@
|
|||||||
|
# Calculate chmod=750 chown=taiga:nginx
|
Loading…
Reference in new issue