[Freeipa-devel] [PATCH] Install the web gui
Karl MacMillan
kmacmill at redhat.com
Thu Sep 27 18:44:14 UTC 2007
Install the turbogears web gui including an init script. This
patch includes a few related changes:
* create a production configuration
* rename the web gui startup scrip to ipa-webgui
* add an init script
* chkconfig on the ipa-webgui init script
* make the start script properly daemonize the app when not
in a development directory.
* Install everything to the correct places (/usr/sbin/ipa-webgui
and /usr/share/ipa/ipagui mainly).
There are some things still left to do:
* Sort out the logging - the config needs to be adjusted so
that logging messages end up in /var/log.
Signed-off-by: User "Karl MacMillan <kmacmill at redhat.com>"
---
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-python/ipaclient.py
--- a/ipa-python/ipaclient.py Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-python/ipaclient.py Thu Sep 27 14:43:21 2007 -0400
@@ -21,7 +21,8 @@
#!/usr/bin/python
import sys
-sys.path.append("/usr/share/ipa")
+if "/usr/share/ipa" not in sys.path:
+ sys.path.append("/usr/share/ipa")
from ipaserver import funcs
import ipa.rpcclient as rpcclient
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/Makefile
--- a/ipa-server/Makefile Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/Makefile Thu Sep 27 14:43:21 2007 -0400
@@ -1,4 +1,4 @@ SUBDIRS=ipa-install xmlrpc-server ipa-kp
-SUBDIRS=ipa-install xmlrpc-server ipa-kpasswd ipa-slapi-plugins
+SUBDIRS=ipa-install xmlrpc-server ipa-kpasswd ipa-slapi-plugins ipa-gui
SHAREDIR=$(DESTDIR)/usr/share/ipa
PYTHONDIR=$(SHAREDIR)/ipaserver
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/freeipa-server.spec
--- a/ipa-server/freeipa-server.spec Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/freeipa-server.spec Thu Sep 27 14:43:21 2007 -0400
@@ -1,6 +1,6 @@ Name: freeipa-server
Name: freeipa-server
Version: 0.4.0
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: FreeIPA authentication server
Group: System Environment/Base
@@ -42,7 +42,9 @@ rm -rf %{buildroot}
%defattr(-,root,root,-)
%{_sbindir}/ipa-server-install
%{_sbindir}/ipa_kpasswd
+%{_sbindir}/ipa-webgui
%attr(755,root,root) %{_initrddir}/ipa-kpasswd
+%attr(755,root,root) %{_initrddir}/ipa-webgui
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/*
@@ -53,6 +55,9 @@ rm -rf %{buildroot}
%changelog
+* Tue Sep 25 2007 Karl MacMillan <kmacmill at redhat.com> - 0.4.0-2
+- Package ipa-webgui
+
* Fri Sep 7 2007 Karl MacMillan <kmacmill at redhat.com> - 0.3.0-1
- Added support for libipa-dna-plugin
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/freeipa-server.spec.in
--- a/ipa-server/freeipa-server.spec.in Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/freeipa-server.spec.in Thu Sep 27 14:43:21 2007 -0400
@@ -1,6 +1,6 @@ Name: freeipa-server
Name: freeipa-server
Version: VERSION
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: FreeIPA authentication server
Group: System Environment/Base
@@ -42,7 +42,9 @@ rm -rf %{buildroot}
%defattr(-,root,root,-)
%{_sbindir}/ipa-server-install
%{_sbindir}/ipa_kpasswd
+%{_sbindir}/ipa-webgui
%attr(755,root,root) %{_initrddir}/ipa-kpasswd
+%attr(755,root,root) %{_initrddir}/ipa-webgui
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/*
@@ -53,6 +55,9 @@ rm -rf %{buildroot}
%changelog
+* Tue Sep 25 2007 Karl MacMillan <kmacmill at redhat.com> - 0.4.0-2
+- Package ipa-webgui
+
* Fri Sep 7 2007 Karl MacMillan <kmacmill at redhat.com> - 0.3.0-1
- Added support for libipa-dna-plugin
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/Makefile
--- a/ipa-server/ipa-gui/Makefile Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/Makefile Thu Sep 27 14:43:21 2007 -0400
@@ -0,0 +1,39 @@
+SHAREDIR=$(DESTDIR)/usr/share/ipa
+SBINDIR=$(DESTDIR)/usr/sbin
+INITDIR = $(DESTDIR)/etc/rc.d/init.d
+
+IPAGUI_SUBDIRS=config forms helpers templates
+STATIC_SUBDIRS=css images javascript
+
+all: ;
+
+install:
+ -mkdir -p $(SHAREDIR)/ipagui
+ install -m 644 ipagui/*.py $(SHAREDIR)/ipagui
+
+ -mkdir -p $(SHAREDIR)/ipa_gui.egg-info
+ install -m 644 ipa_gui.egg-info/* $(SHAREDIR)/ipa_gui.egg-info
+
+ @for subdir in $(IPAGUI_SUBDIRS); do \
+ mkdir -p $(SHAREDIR)/ipagui/$$subdir; \
+ install -m 644 ipagui/$$subdir/*.py $(SHAREDIR)/ipagui/$$subdir; \
+ done
+
+ install -m 644 ipagui/config/*.cfg $(SHAREDIR)/ipagui/config
+
+ -mkdir -p $(SHAREDIR)/ipagui/static
+ @for subdir in $(STATIC_SUBDIRS); do \
+ mkdir -p $(SHAREDIR)/ipagui/static/$$subdir; \
+ install -m 644 ipagui/static/$$subdir/* $(SHAREDIR)/ipagui/static/$$subdir; \
+ done
+
+ install -m 644 ipa-webgui.cfg $(SHAREDIR)
+
+ install -m 755 ipa-webgui $(SBINDIR)
+
+ -mkdir -p $(INITDIR)
+ install -m 755 ipa-webgui.init $(INITDIR)/ipa-webgui
+
+clean:
+ find . -name "*.pyc" -exec rm -f {} \;
+ find . -name "*~" -exec rm -f {} \;
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/ipa-webgui
--- a/ipa-server/ipa-gui/ipa-webgui Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/ipa-webgui Thu Sep 27 14:43:21 2007 -0400
@@ -0,0 +1,99 @@
+#! /usr/bin/python -E
+#
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import os, sys
+
+def daemonize():
+ pid = os.fork()
+ if pid != 0:
+ os._exit(0)
+ # become session leader
+ os.setsid()
+
+ # fork again to reparent to init
+ pid = os.fork()
+ if pid != 0:
+ os._exit(0)
+
+ os.chdir("/")
+ os.umask(0)
+
+ import resource
+ maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1]
+ if (maxfd == resource.RLIM_INFINITY):
+ maxfd = 1024
+
+ # close all file descriptors
+ for fd in range(0, maxfd):
+ try:
+ os.close(fd)
+ except OSError:
+ pass
+
+ # stdin
+ os.open("/dev/null", os.O_RDWR)
+ # stdout
+ os.open("/dev/null", os.O_RDWR)
+ # stderr
+ os.open("/dev/null", os.O_RDWR)
+
+# To make development easier, we detect if we are in the development
+# environment to load a different configuration and avoid becoming
+# a daemon
+devel = False
+if os.path.exists(os.path.join(os.path.dirname(__file__), "Makefile")):
+ devel = True
+
+if not devel:
+ sys.path.append("/usr/share/ipa/")
+
+# this must be after sys.path is changed to work correctly
+import pkg_resources
+pkg_resources.require("TurboGears")
+pkg_resources.require("ipa_gui")
+
+
+from turbogears import update_config, start_server
+import cherrypy
+cherrypy.lowercase_api = True
+
+# Load the config - look for a local file first for development
+# and then the system config file
+if devel:
+ update_config(configfile="dev.cfg",
+ modulename="ipagui.config.app")
+else:
+ update_config(configfile="/usr/share/ipa/ipa-webgui.cfg",
+ modulename="ipagui.config.app")
+
+from ipagui.controllers import Root
+
+if not devel:
+ try:
+ daemonize()
+ except Exception, e:
+ sys.stderr.write("error becoming daemon: " + str(e))
+ sys.exit(1)
+
+start_server(Root())
+
+
+
+
+
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/ipa-webgui.cfg
--- a/ipa-server/ipa-gui/ipa-webgui.cfg Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/ipa-webgui.cfg Thu Sep 27 14:43:21 2007 -0400
@@ -0,0 +1,97 @@
+[global]
+# DATABASE
+
+# no database for ipa-webgui since everything is stored in LDAP
+
+# IDENTITY
+
+# Our our sqlobject-derived proxy provider
+identity.provider='proxyprovider'
+
+# the first thing checked on any request. We want to short-circuit this
+# as early as possible
+identity.source = 'visit'
+
+# Turn on identity and visit (visit is required for identity)
+identity.on=True
+identity.failure_url="/loginfailed"
+visit.on=True
+visit.manager='proxyvisit'
+
+# SERVER
+
+server.environment="production"
+autoreload.package="ipagui"
+autoreload.on = False
+
+# Sets the number of threads the server uses
+server.thread_pool = 10
+
+# if this is part of a larger site, you can set the path
+# to the TurboGears instance here
+# server.webpath=""
+
+# Set to True if you are deploying your App behind a proxy
+# e.g. Apache using mod_proxy
+# base_url_filter.on = False
+
+# Set to True if your proxy adds the x_forwarded_host header
+# base_url_filter.use_x_forwarded_host = True
+
+# If your proxy does not add the x_forwarded_host header, set
+# the following to the *public* host url.
+# (Note: This will be overridden by the use_x_forwarded_host option
+# if it is set to True and the proxy adds the header correctly.
+# base_url_filter.base_url = "http://www.example.com"
+
+# Set to True if you'd like to abort execution if a controller gets an
+# unexpected parameter. False by default
+# tg.strict_parameters = False
+
+# LOGGING
+# Logging configuration generally follows the style of the standard
+# Python logging module configuration. Note that when specifying
+# log format messages, you need to use *() for formatting variables.
+# Deployment independent log configuration is in ipagui/config/log.cfg
+[logging]
+
+[[formatters]]
+[[[message_only]]]
+format='*(message)s'
+
+[[[full_content]]]
+format='*(asctime)s *(name)s *(levelname)s *(message)s'
+
+[[handlers]]
+[[[debug_out]]]
+class='StreamHandler'
+level='DEBUG'
+args='(sys.stdout,)'
+formatter='full_content'
+
+[[[access_out]]]
+class='StreamHandler'
+level='INFO'
+args='(sys.stdout,)'
+formatter='message_only'
+
+[[[error_out]]]
+class='StreamHandler'
+level='ERROR'
+args='(sys.stdout,)'
+
+[[loggers]]
+[[[ipagui]]]
+level='DEBUG'
+qualname='ipagui'
+handlers=['debug_out']
+
+[[[allinfo]]]
+level='INFO'
+handlers=['debug_out']
+
+[[[access]]]
+level='INFO'
+qualname='turbogears.access'
+handlers=['access_out']
+propagate=0
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/ipa-webgui.init
--- a/ipa-server/ipa-gui/ipa-webgui.init Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/ipa-webgui.init Thu Sep 27 14:43:21 2007 -0400
@@ -0,0 +1,71 @@
+#!/bin/sh
+#
+# ipa-webgui This starts and stops ipa-webgui
+#
+# chkconfig: - 36 64
+# description: ipa-webgui IPA Web User Interface
+# processname: /usr/sbin/ipa-webgui
+# configdir: /etc/sysconfig/ipa-webgui
+#
+
+# Source function library.
+if [ -f /etc/rc.d/init.d/functions ] ; then
+. /etc/rc.d/init.d/functions
+fi
+# Source networking configuration.
+if [ -f /etc/sysconfig/network ] ; then
+. /etc/sysconfig/network
+fi
+
+# Check that networking is up.
+if [ "${NETWORKING}" = "no" ]
+then
+ echo "Networking is down"
+ exit 0
+fi
+
+NAME="ipa-webgui"
+
+start() {
+ echo -n $"Starting $NAME: "
+ daemon $NAME
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME || \
+ RETVAL=1
+ return $RETVAL
+}
+
+stop() {
+ echo -n $"Shutting down $NAME: "
+ killproc $NAME
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME
+ return $RETVAL
+}
+
+restart() {
+ stop
+ start
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ restart
+ ;;
+ condrestart)
+ [ -f /var/lock/subsys/$NAME ] && restart || :
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|condrestart}"
+ exit 2
+esac
+
+exit $?
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt
--- a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt Thu Sep 27 14:43:21 2007 -0400
@@ -1,4 +1,5 @@ README.txt
README.txt
+ipa-webgui
setup.py
start-ipagui.py
ipa_gui.egg-info/PKG-INFO
@@ -19,6 +20,7 @@ ipagui/release.py
ipagui/release.py
ipagui/config/__init__.py
ipagui/forms/__init__.py
+ipagui/forms/group.py
ipagui/forms/user.py
ipagui/helpers/__init__.py
ipagui/helpers/userhelper.py
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt
--- a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt Thu Sep 27 14:43:21 2007 -0400
@@ -1,6 +1,6 @@
[turbogears.identity.provider]
proxyprovider = ipagui.proxyprovider:ProxyIdentityProvider
-
[turbogears.visit.manager]
proxyvisit = ipagui.proxyvisit:ProxyVisitManager
+
\ No newline at end of file
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/sample-prod.cfg
--- a/ipa-server/ipa-gui/sample-prod.cfg Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/sample-prod.cfg Thu Sep 27 14:43:21 2007 -0400
@@ -1,38 +1,31 @@
[global]
-# This is where all of your settings go for your production environment.
-# You'll copy this file over to your production server and provide it
-# as a command-line option to your start script.
-# Settings that are the same for both development and production
-# (such as template engine, encodings, etc.) all go in
-# ipagui/config/app.cfg
-
# DATABASE
-# pick the form for your database
-# sqlobject.dburi="postgres://username@hostname/databasename"
-# sqlobject.dburi="mysql://username:password@hostname:port/databasename"
-# sqlobject.dburi="sqlite:///file_name_and_path"
+# no database for ipa-webgui since everything is stored in LDAP
-# If you have sqlite, here's a simple default to get you started
-# in development
-sqlobject.dburi="sqlite://%(current_dir_uri)s/devdata.sqlite"
+# IDENTITY
+# Our our sqlobject-derived proxy provider
+identity.provider='proxyprovider'
-# if you are using a database or table type without transactions
-# (MySQL default, for example), you should turn off transactions
-# by prepending notrans_ on the uri
-# sqlobject.dburi="notrans_mysql://username:password@hostname:port/databasename"
+# the first thing checked on any request. We want to short-circuit this
+# as early as possible
+identity.source = 'visit'
-# for Windows users, sqlite URIs look like:
-# sqlobject.dburi="sqlite:///drive_letter:/path/to/file"
-
+# Turn on identity and visit (visit is required for identity)
+identity.on=True
+identity.failure_url="/loginfailed"
+visit.on=True
+visit.manager='proxyvisit'
# SERVER
server.environment="production"
+autoreload.package="ipagui"
+autoreload.on = False
# Sets the number of threads the server uses
-# server.thread_pool = 1
+server.thread_pool = 10
# if this is part of a larger site, you can set the path
# to the TurboGears instance here
@@ -66,7 +59,7 @@ server.environment="production"
[[[access_out]]]
# set the filename as the first argument below
-args="('server.log',)"
+args="('ipa-webgui',)"
class='FileHandler'
level='INFO'
formatter='message_only'
@@ -74,11 +67,11 @@ formatter='message_only'
[[loggers]]
[[[ipagui]]]
level='ERROR'
-qualname='ipagui'
-handlers=['error_out']
+qualname='ipa-webgui'
+handlers=['debug_out']
[[[access]]]
level='INFO'
-qualname='turbogears.access'
+qualname='ipa-webgui.access'
handlers=['access_out']
propagate=0
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/setup.py
--- a/ipa-server/ipa-gui/setup.py Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/setup.py Thu Sep 27 14:43:21 2007 -0400
@@ -19,30 +19,10 @@ setup(
install_requires = [
"TurboGears >= 1.0.2.2",
],
- scripts = ["start-ipagui.py"],
zip_safe=False,
packages=find_packages(),
package_data = find_package_data(where='ipagui',
package='ipagui'),
- keywords = [
- # Use keywords if you'll be adding your package to the
- # Python Cheeseshop
-
- # if this has widgets, uncomment the next line
- # 'turbogears.widgets',
-
- # if this has a tg-admin command, uncomment the next line
- # 'turbogears.command',
-
- # if this has identity providers, uncomment the next line
- # 'turbogears.identity.provider',
-
- # If this is a template plugin, uncomment the next line
- # 'python.templating.engines',
-
- # If this is a full application, uncomment the next line
- # 'turbogears.app',
- ],
classifiers = [
'Development Status :: 3 - Alpha',
'Operating System :: OS Independent',
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-gui/start-ipagui.py
--- a/ipa-server/ipa-gui/start-ipagui.py Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-gui/start-ipagui.py Thu Sep 27 14:43:21 2007 -0400
@@ -1,25 +0,0 @@
-#!/usr/bin/python
-import pkg_resources
-pkg_resources.require("TurboGears")
-
-from turbogears import update_config, start_server
-import cherrypy
-cherrypy.lowercase_api = True
-from os.path import *
-import sys
-
-# first look on the command line for a desired config file,
-# if it's not on the command line, then
-# look for setup.py in this directory. If it's not there, this script is
-# probably installed
-if len(sys.argv) > 1:
- update_config(configfile=sys.argv[1],
- modulename="ipagui.config")
-elif exists(join(dirname(__file__), "setup.py")):
- update_config(configfile="dev.cfg",modulename="ipagui.config")
-else:
- update_config(configfile="prod.cfg",modulename="ipagui.config")
-
-from ipagui.controllers import Root
-
-start_server(Root())
diff -r 8d5e484bb583 -r 714c69eb34b9 ipa-server/ipa-install/ipa-server-install
--- a/ipa-server/ipa-install/ipa-server-install Thu Sep 27 09:58:37 2007 -0400
+++ b/ipa-server/ipa-install/ipa-server-install Thu Sep 27 14:43:21 2007 -0400
@@ -370,7 +370,13 @@ def main():
krb.restart()
# Allow apache to connect to the turbogears web gui
- run(["/usr/sbin/setsebool", "httpd_can_network", "true"])
+ run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", "true"])
+
+ # Start the web gui
+ run(["/sbin/service", "ipa-webgui", "start"])
+
+ # Set the web gui to start on boot
+ run(["/sbin/chkconfig", "ipa-webgui", "on"])
# Restart apache
run(["/sbin/service", "httpd", "restart"])
More information about the Freeipa-devel
mailing list