diff --git a/ressources/umap/README.MD b/ressources/umap/README.MD new file mode 100644 index 0000000..4e3fe9d --- /dev/null +++ b/ressources/umap/README.MD @@ -0,0 +1,22 @@ +#### umap + +##### Information + +site : https://umap-project.org/ +doc :https://docs.umap-project.org/ +Source : https://github.com/umap-project/umap + +##### Install + +```bash +apt install -y wget ca-certificates +wget -qO - https://deb.lgy.fr/install.sh | bash +apt-get update + + +apt-get install -y umap + +#Edit /etc/defalt/umap + +systemctl enable --now umap +``` diff --git a/ressources/umap/debmaker b/ressources/umap/debmaker new file mode 100755 index 0000000..5e5f071 --- /dev/null +++ b/ressources/umap/debmaker @@ -0,0 +1,45 @@ +#!/bin/bash + +VERSION=2.7.1 +APP=umap +DEPOT=https://github.com/umap-project/umap.git +GIT_VERSION=${VERSION} +DEB_VERSION=${VERSION}-$(date +%Y%m%d%H%M) +DEBIAN_VERSION_CODENAME=bookworm +IMAGE_SIZE=6 +PACKAGE_DEPENDENCY="python3-pip python-is-python3 python3-venv npm" + +main(){ + base_package_upgrade + install_package_dependency + get_git_source + build + #makedeb +} + +build(){ + cd /tmp/${APP} + python3 -m venv .venv + PATH=/tmp/umap/.venv/bin/:$PATH + make install + make installjs +} + +makedeb(){ + PATH_DEB=/tmp/src/rootfs + + mkdir -p ${PATH_DEB}/etc/umap/ + mkdir -p ${PATH_DEB}/etc/nginx/sites-available/ + mkdir -p ${PATH_DEB}/usr/share/ + mkdir -p ${PATH_DEB}/usr/lib/systemd/system/ + cp -fr /tmp/${APP}/ ${PATH_DEB}/usr/share/ + + mv ${PATH_DEB}/umap.ngnix ${PATH_DEB}/etc/nginx/sites-available/umap + mv ${PATH_DEB}/umap.conf ${PATH_DEB}/etc/umap/ + mv ${PATH_DEB}/uwsgi_params ${PATH_DEB}/etc/umap/ + mv ${PATH_DEB}/uwsgi.ini ${PATH_DEB}/etc/umap/ + mv ${PATH_DEB}/umap.service ${PATH_DEB}/usr/lib/systemd/system/ + + sed -i "s/%VERSION%/$DEB_VERSION/" ${PATH_DEB}/DEBIAN/control + fakeroot dpkg-deb -Z gzip --build ${PATH_DEB} /tmp/dist +} diff --git a/ressources/umap/rootfs/DEBIAN/changelog b/ressources/umap/rootfs/DEBIAN/changelog new file mode 100644 index 0000000..e69de29 diff --git a/ressources/umap/rootfs/DEBIAN/conffiles b/ressources/umap/rootfs/DEBIAN/conffiles new file mode 100644 index 0000000..91e4e94 --- /dev/null +++ b/ressources/umap/rootfs/DEBIAN/conffiles @@ -0,0 +1,4 @@ +/etc/nginx/sites-available/umap +/etc/umap/umap.conf +/etc/umap/uwsgi_params +/etc/umap/uwsgi.ini diff --git a/ressources/umap/rootfs/DEBIAN/control b/ressources/umap/rootfs/DEBIAN/control new file mode 100644 index 0000000..af33bce --- /dev/null +++ b/ressources/umap/rootfs/DEBIAN/control @@ -0,0 +1,8 @@ +Package: umap +Version: %VERSION% +Section: contrib +Priority: optional +Architecture: all +Depends: python3, python-is-python3, python3-venv, python3-psycopg2 +Maintainer: Thomas Legay +Description: umap diff --git a/ressources/umap/rootfs/DEBIAN/postinst b/ressources/umap/rootfs/DEBIAN/postinst new file mode 100755 index 0000000..e97feb5 --- /dev/null +++ b/ressources/umap/rootfs/DEBIAN/postinst @@ -0,0 +1,7 @@ +#!/bin/bash + +APP=umap +id $APP &> /dev/null || useradd $APP -r -s /bin/false -md /var/lib/$APP/ +chown -R $APP:$APP /var/lib/$APP/ + + diff --git a/ressources/umap/rootfs/umap.conf b/ressources/umap/rootfs/umap.conf new file mode 100644 index 0000000..35b94be --- /dev/null +++ b/ressources/umap/rootfs/umap.conf @@ -0,0 +1,44 @@ +#import os +#os.environ['HTTPS_PROXY'] = 'http://squid:3128' +#os.environ['HTTP_PROXY'] = 'http://squid:3128' + +DATABASES = { + "default": { + "ENGINE": "django.contrib.gis.db.backends.postgis", + "NAME": "umap", + "USER": "umap", + "HOST": "postgresql", + "PORT": 5432, + "PASSWORD": "password", + } + } + + +SECRET_KEY="secret" +SITE_URL = "https://umap.domaine.com/" +ALLOWED_HOSTS = ["umap.domaine.com"] + +#UMAP_ALLOW_ANONYMOUS=True +DEBUG=True + +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True +CSRF_TRUSTED_ORIGINS=["https://umap.domaine.com/"] +SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") +SECURE_SSL_REDIRECT = True + + +AUTHENTICATION_BACKENDS = ( + 'social_core.backends.keycloak.KeycloakOAuth2', + "django.contrib.auth.backends.ModelBackend", +) + +#SOCIAL_AUTH_KEYCLOAK_KEY = '' +#SOCIAL_AUTH_KEYCLOAK_SECRET = '' +#SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = '' +#SOCIAL_AUTH_KEYCLOAK_ID_KEY = 'email' +#SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = 'https://keycloak/realms/keycloak/protocol/openid-connect/auth' +#SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = 'https://keycloak/realms/keycloak/protocol/openid-connect/token' +#LOGOUT_REDIRECT_URL="https://keycloak/realms/keycloak/protocol/openid-connect/logout" +#SOCIAL_AUTH_JSONFIELD_ENABLED=True +EMAIL_HOST="" diff --git a/ressources/umap/rootfs/umap.ngnix b/ressources/umap/rootfs/umap.ngnix new file mode 100644 index 0000000..b9f94bd --- /dev/null +++ b/ressources/umap/rootfs/umap.ngnix @@ -0,0 +1,23 @@ +upstream umap { + server unix:///var/lib/umap/uwsgi.sock; +} + +server { + # the port your site will be served on + listen 80; + listen [::]:80; +# listen 443 ssl; +# listen [::]:443 ssl; + # the domain name it will serve for + server_name umap.leolagrange-gestion.org; + charset utf-8; + + # max upload size + client_max_body_size 5M; # adjust to taste + + # Finally, send all non-media requests to the Django server. + location / { + uwsgi_pass umap; + include /etc/umap/uwsgi_params; + } +} diff --git a/ressources/umap/rootfs/umap.service b/ressources/umap/rootfs/umap.service new file mode 100644 index 0000000..290c35f --- /dev/null +++ b/ressources/umap/rootfs/umap.service @@ -0,0 +1,18 @@ +[Unit] +Description=umap +After=network.target + +[Service] +User=umap +Group=umap +#WorkingDirectory=/var/share/umap/ +ExecStartPre=/usr/bin/python3 -m venv /var/lib/umap/venv +ExecStartPre=/var/lib/umap/venv/bin/pip install /usr/share/umap/.[docker] +ExecStartPre=/var/lib/umap/venv/bin/python3 /usr/share/umap/manage.py migrate +ExecStart=/var/lib/umap/venv/bin/uwsgi --ini /etc/umap/uwsgi.ini +StandardOutput=inherit +StandardError=inherit +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/ressources/umap/rootfs/uwsgi.ini b/ressources/umap/rootfs/uwsgi.ini new file mode 100644 index 0000000..76fa6aa --- /dev/null +++ b/ressources/umap/rootfs/uwsgi.ini @@ -0,0 +1,24 @@ +[uwsgi] +uid = umap +gid = umap +# Python related settings +# the base directory (full path) +chdir = /var/lib/umap/ +# umap's wsgi module +module = umap.wsgi +# the virtualenv (full path) +home = /var/lib/umap/venv + +# process-related settings +# master +master = true +# maximum number of worker processes +processes = 4 +# the socket (use the full path to be safe) +socket = /var/lib/umap/uwsgi.sock +# ... with appropriate permissions - may be needed +chmod-socket = 666 +stats = /var/lib/umap/stats.sock +# clear environment on exit +vacuum = true +plugins = python3 diff --git a/ressources/umap/rootfs/uwsgi_params b/ressources/umap/rootfs/uwsgi_params new file mode 100644 index 0000000..5abf809 --- /dev/null +++ b/ressources/umap/rootfs/uwsgi_params @@ -0,0 +1,16 @@ +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name;