PR#237: [docker] set PUBLIC_COPR_BASE_URL and copy whole configs - copr/copr

copr / copr

#237 [docker] set PUBLIC_COPR_BASE_URL and copy whole configs

Merged 6 years ago by frostyx. Opened 6 years ago by frostyx.

copr/ frostyx/copr docker-fe-base-url into master

[docker] set PUBLIC_COPR_BASE_URL and copy whole configs

Jakub Kadlčík • 6 years ago

df95ea4

docker/frontend/Dockerfile

file modified

-33

		`@@ -38,39 +38,6 @@`
		`# Install the Copr Frontend build`
		`RUN dnf -y install /tmp/tito/noarch/copr-frontend*.noarch.rpm`

		`- # Configure public hostname`
		`- RUN sed -i.bak -e "s/^PUBLIC_COPR_HOSTNAME.*/PUBLIC_COPR_HOSTNAME = 'localhost:5000'/g" /etc/copr/copr.conf`
		`-`
		`- # Configure dist git url`
		`- RUN sed -i.bak -e "s/^DIST_GIT_URL.*/DIST_GIT_URL = 'http:\\/\\/localhost:5001\\/cgit'/g" /etc/copr/copr.conf`
		`- RUN sed -i.bak -e "s/^DIST_GIT_CLONE_URL.*/DIST_GIT_CLONE_URL = 'http:\\/\\/distgit\\/git\\/'/g" /etc/copr/copr.conf`
		`-`
		`- # Configure import logs url`
		`- RUN sed -i.bak -e "s/^COPR_DIST_GIT_LOGS_URL.*/COPR_DIST_GIT_LOGS_URL = 'http:\\/\\/localhost:5001\\/per-task-logs'/g" /etc/copr/copr.conf`
		`-`
		`- # Configure backend base url`
		`- RUN sed -i.bak -e "s/^BACKEND_BASE_URL.*/BACKEND_BASE_URL = 'http:\\/\\/localhost:5002'/g" /etc/copr/copr.conf`
		`-`
		`- # Configure backend password`
		`- RUN sed -i.bak -e "s/^#BACKEND_PASSWORD.*/BACKEND_PASSWORD = \\'1234\\'/g" /etc/copr/copr.conf`
		`-`
		`- # Configure database URI`
		`- RUN sed -i.bak -e "s/^SQLALCHEMY_DATABASE_URI.*/SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2:\\/\\/copr-fe:coprpass@database\\/coprdb'/g" /etc/copr/copr.conf`
		`-`
		`-`
		`RUN echo 'nameserver 8.8.8.8' \| tee -a /etc/resolv.conf`

		`- RUN echo $'\n\`
		`- <VirtualHost 0.0.0.0>\n\`
		`- WSGIPassAuthorization On\n\`
		`- WSGIDaemonProcess 127.0.0.1 user=copr-fe group=copr-fe threads=5\n\`
		`- WSGIScriptAlias / /usr/share/copr/coprs_frontend/application\n\`
		`- WSGIProcessGroup 127.0.0.1\n\`
		`- <Directory /usr/share/copr>\n\`
		`- WSGIApplicationGroup %{GLOBAL}\n\`
		`- Require all granted\n\`
		`- </Directory>\n\`
		`- </VirtualHost>\n '\`
		`- >> /etc/httpd/conf.d/copr.conf`
		`-`
		`CMD ["/bin/run.sh"]`

docker/frontend/files/etc/copr/copr.conf

file added

+117

		`@@ -0,0 +1,117 @@`
		`+ # Directory and files where is stored Copr database files`
		`+ #DATA_DIR = '/var/lib/copr/data'`
		`+ #DATABASE = '/var/lib/copr/data/copr.db'`
		`+ #OPENID_STORE = '/var/lib/copr/data/openid_store'`
		`+ #WHOOSHEE_DIR = '/var/lib/copr/data/whooshee'`
		`+`
		`+ # salt for CSRF codes`
		`+ #SECRET_KEY = 'put_some_secret_here'`
		`+`
		`+ BACKEND_PASSWORD = '1234'`
		`+`
		`+ # restrict access to a set of users`
		`+ #USE_ALLOWED_USERS = False`
		`+ #ALLOWED_USERS = ['bonnie', 'clyde']`
		`+`
		`+ SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://copr-fe:coprpass@database/coprdb'`
		`+`
		`+ # Token length, defaults to 30 (max 255)`
		`+ #API_TOKEN_LENGTH = 30`
		`+`
		`+ # Expiration of API token in days`
		`+ #API_TOKEN_EXPIRATION = 180`
		`+`
		`+ # logging options`
		`+ #SEND_LOGS_TO = ['root@localhost']`
		`+ #LOGGING_LEVEL = logging.ERROR`
		`+`
		`+ # where to send notice about raised legal flag`
		`+ #SEND_LEGAL_TO = ['root@localhost', 'somebody@somewhere.com']`
		`+`
		`+ # DEBUG = False`
		`+ DEBUG = True`
		`+ SQLALCHEMY_ECHO = False`
		`+`
		`+ #CSRF_ENABLED = True`
		`+ # as of Flask-WTF 0.9+`
		`+ #WTF_CSRF_ENABLED = True`
		`+`
		`+ # send emails when user's perms change in project?`
		`+ SEND_EMAILS = True`
		`+`
		`+ ## post-process url leading to backend`
		`+ ## possible options: None, "http", "https"`
		`+ # ENFORCE_PROTOCOL_FOR_BACKEND_URL = "https"`
		`+ ## post-process url leading to frontend`
		`+ # ENFORCE_PROTOCOL_FOR_FRONTEND_URL = "https"`
		`+`
		`+ # URLs for fedmenu resources`
		`+ #FEDMENU_URL = "http://threebean.org/fedmenu/"`
		`+ #FEDMENU_DATA_URL = "http://threebean.org/fedmenu/dev-data.js"`
		`+ #or`
		`+ #FEDMENU_URL = "https://apps.fedoraproject.org/fedmenu/"`
		`+ #FEDMENU_DATA_URL = "https://apps.fedoraproject.org/js/data.js"`
		`+`
		`+ # Kerberos authentication configuration. Example configuration abbreviated`
		`+ # like 'RH' (should not changed once used, reflects what is stored in database).`
		`+ # This requires mod_auth_kerb package (Fedora/RHEL) installed on your frontend`
		`+ # machine.`
		`+ #`
		`+ # log_text - What text will be shown in top-menu link pointing to URI`
		`+ # with particular Kerberos login`
		`+ # URI - Users can do authentication on /krb5_login/<URI>/`
		`+ # (accessible from top-menu link). Note that apache must be`
		`+ # configured to perforem KRB authentication on the`
		`+ # /krb5_login/<URI>/ URI. See mod`
		`+ # email_domain - For simplicity, we expect that all users coming from the`
		`+ # same krb realm have the same (implicit) email domain. E.g.`
		`+ # kerberos user user@REDHAT.COM is expected to have`
		`+ # user@redhat.com email address.`
		`+`
		`+ #KRB5_LOGIN = {`
		`+ # 'RH': {`
		`+ # 'URI': "redhat",`
		`+ # 'log_text': "Krb5 login",`
		`+ # 'email_domain': "redhat.com",`
		`+ # }`
		`+ #}`
		`+`
		`+ PUBLIC_COPR_HOSTNAME = 'localhost:5000'`
		`+ PUBLIC_COPR_BASE_URL = 'http://frontend'`
		`+`
		`+ BACKEND_BASE_URL = 'http://localhost:5002'`
		`+ DIST_GIT_CLONE_URL = 'http://distgit/git/'`
		`+ DIST_GIT_URL = 'http://localhost:5001/cgit'`
		`+ COPR_DIST_GIT_LOGS_URL = 'http://localhost:5001/per-task-logs'`
		`+`
		`+ # primary`
		`+ LOG_FILENAME = "/var/log/copr-frontend/frontend.log"`
		`+ LOG_DIR = "/var/log/copr-frontend/"`
		`+`
		`+ # Internal network, used to accept statistics without auth`
		`+ # list of IP or subnet`
		`+ INTRANET_IPS = ["127.0.0.1", "192.168.1.0/24"]`
		`+`
		`+ # Builder VMs network, used to avoid requests from builders in popularity statistics`
		`+ # list of IP or subnet, optional`
		`+ BUILDER_IPS = ["127.0.0.1"]`
		`+`
		`+ # a place for storing srpms until they get uploaded`
		`+ STORAGE_DIR = "/var/lib/copr/data/srpm_storage"`
		`+`
		`+ # no need to filter cla_* groups, they are already filtered by fedora openid`
		`+ BLACKLISTED_GROUPS = ['fedorabugs', 'packager', 'provenpackager']`
		`+`
		`+ REDIS_HOST = "127.0.0.1"`
		`+ REDIS_PORT = 6379`
		`+`
		`+ # Hide page parts not relevant to this Copr instance:`
		`+ # LAYOUT_OVERVIEW_HIDE_QUICK_ENABLE = False`
		`+`
		`+ # FAS_LOGIN = True`
		`+ # LOGIN_INFO = {`
		`+ # # Link to user's profile, {username} expaneded.`
		`+ # 'user_link': 'https://admin.fedoraproject.org/accounts/user/view/{username}/',`
		`+ # # Description sometimes put into template to make clear what we point to`
		`+ # 'user_desc': 'FAS account'`
		`+ # }`

docker/frontend/files/etc/httpd/conf.d/copr.conf

file added

+10

		`@@ -0,0 +1,10 @@`
		`+ <VirtualHost 0.0.0.0>`
		`+ WSGIPassAuthorization On`
		`+ WSGIDaemonProcess 127.0.0.1 user=copr-fe group=copr-fe threads=5`
		`+ WSGIScriptAlias / /usr/share/copr/coprs_frontend/application`
		`+ WSGIProcessGroup 127.0.0.1`
		`+ <Directory /usr/share/copr>`
		`+ WSGIApplicationGroup %{GLOBAL}`
		`+ Require all granted`
		`+ </Directory>`
		`+ </VirtualHost>`

frostyx commented 6 years ago

This PR does two things

Sets PUBLIC_COPR_BASE_URL for the frontend container. Without it, the default value (which is URL of copr-fe-dev instance) is used and building from uploaded SRPM/spec doesn't work in the docker stack (e.g. beaker-tests/Sanity/copr-cli-basic-operations/build-spec.sh or upload_authentication.sh)
Copies whole configs instead of sed-ing the default ones form Dockerfile. We change about half of the options, so it's worth it