openid_provider: Add Cherokee and uWSGI to serve the application

author: Sam Thursfield <sam.thursfield@codethink.co.uk> 2014-11-14 17:57:49 +0000
committer: Sam Thursfield <sam.thursfield@codethink.co.uk> 2014-11-14 18:47:04 +0000
commit: bf9b90bbfd81140b686477e2fb22766439dabc0f (patch)
tree: b1e93d33f2c5925423f06170e27b89f3330c6923
parent: 9ee360ce6d98f00ea28a6eb5ae39054453417084 (diff)
download: infrastructure-bf9b90bbfd81140b686477e2fb22766439dabc0f.tar.gz
6 files changed, 344 insertions, 16 deletions
diff --git a/baserock_openid_provider/cherokee.conf b/baserock_openid_provider/cherokee.conf
new file mode 100644
index 00000000..b1e557fc
--- /dev/null
+++ b/baserock_openid_provider/cherokee.conf
@@ -0,0 +1,297 @@
+# Cherokee configuration to run the Baserock OpenID provider, using
+# uWSGI to run the Django app from /srv/baserock_openid_provider.
+
+config!version = 001002103
+
+# Overall server config
+server!bind!1!port = 80
+server!group = cherokee
+server!keepalive = 1
+server!keepalive_max_requests = 500
+server!panic_action = /usr/bin/cherokee-panic
+server!pid_file = /var/run/cherokee.pid
+server!server_tokens = full
+server!timeout = 15
+server!user = cherokee
+
+# One virtual server which communicates with the uwsgi-django source.
+vserver!1!directory_index = index.html
+vserver!1!document_root = /var/www/cherokee
+vserver!1!error_writer!filename = /var/log/cherokee/error_log
+vserver!1!error_writer!type = file
+vserver!1!logger = combined
+vserver!1!logger!access!buffsize = 16384
+vserver!1!logger!access!filename = /var/log/cherokee/access_log
+vserver!1!logger!access!type = file
+vserver!1!nick = default
+vserver!1!rule!1!document_root = /var/www
+vserver!1!rule!1!handler = uwsgi
+vserver!1!rule!1!handler!balancer = round_robin
+vserver!1!rule!1!handler!balancer!source!10 = 1
+vserver!1!rule!1!handler!iocache = 1
+vserver!1!rule!1!match = default
+
+# The uWSGI communication is set up here.
+source!1!env_inherited = 1
+source!1!host = 127.0.0.1:45023
+source!1!interpreter = /usr/sbin/uwsgi --socket 127.0.0.1:45023 --ini=/srv/baserock_openid_provider/uwsgi.ini
+source!1!nick = uwsgi-django
+source!1!type = interpreter
+
+# Icons and mime types.
+icons!default = page_white.png
+icons!directory = folder.png
+icons!file!bomb.png = core
+icons!file!page_white_go.png = *README*
+icons!parent_directory = arrow_turn_left.png
+icons!suffix!camera.png = jpg,jpeg,jpe
+icons!suffix!cd.png = iso,ngr,cue
+icons!suffix!color_wheel.png = png,gif,xcf,bmp,pcx,tiff,tif,cdr,psd,xpm,xbm
+icons!suffix!control_play.png = bin,exe,com,msi,out
+icons!suffix!css.png = css
+icons!suffix!cup.png = java,class,jar
+icons!suffix!email.png = eml,mbox,box,email,mbx
+icons!suffix!film.png = avi,mpeg,mpe,mpg,mpeg3,dl,fli,qt,mov,movie,flv,webm
+icons!suffix!font.png = ttf
+icons!suffix!html.png = html,htm
+icons!suffix!music.png = au,snd,mid,midi,kar,mpga,mpega,mp2,mp3,sid,wav,aif,aiff,aifc,gsm,m3u,wma,wax,ra,rm,ram,pls,sd2,ogg
+icons!suffix!package.png = tar,gz,bz2,zip,rar,ace,lha,7z,dmg,cpk
+icons!suffix!page_white_acrobat.png = pdf
+icons!suffix!page_white_c.png = c,h,cpp
+icons!suffix!page_white_office.png = doc,ppt,xls
+icons!suffix!page_white_php.png = php
+icons!suffix!page_white_text.png = txt,text,rtf,sdw
+icons!suffix!printer.png = ps,eps
+icons!suffix!ruby.png = rb
+icons!suffix!script.png = sh,csh,ksh,tcl,tk,py,pl
+mime!application/bzip2!extensions = bz2
+mime!application/gzip!extensions = gz
+mime!application/hta!extensions = hta
+mime!application/java-archive!extensions = jar
+mime!application/java-serialized-object!extensions = ser
+mime!application/java-vm!extensions = class
+mime!application/json!extensions = json
+mime!application/mac-binhex40!extensions = hqx
+mime!application/msaccess!extensions = mdb
+mime!application/msword!extensions = doc,dot
+mime!application/octet-stream!extensions = bin
+mime!application/octetstream!extensions = ace
+mime!application/oda!extensions = oda
+mime!application/ogg!extensions = ogx
+mime!application/pdf!extensions = pdf
+mime!application/pgp-keys!extensions = key
+mime!application/pgp-signature!extensions = pgp
+mime!application/pics-rules!extensions = prf
+mime!application/postscript!extensions = ps,ai,eps
+mime!application/rar!extensions = rar
+mime!application/rdf+xml!extensions = rdf
+mime!application/rss+xml!extensions = rss
+mime!application/smil!extensions = smi,smil
+mime!application/vnd.mozilla.xul+xml!extensions = xul
+mime!application/vnd.ms-excel!extensions = xls,xlb,xlt
+mime!application/vnd.ms-pki.seccat!extensions = cat
+mime!application/vnd.ms-pki.stl!extensions = stl
+mime!application/vnd.ms-powerpoint!extensions = ppt,pps
+mime!application/vnd.oasis.opendocument.chart!extensions = odc
+mime!application/vnd.oasis.opendocument.database!extensions = odb
+mime!application/vnd.oasis.opendocument.formula!extensions = odf
+mime!application/vnd.oasis.opendocument.graphics!extensions = odg
+mime!application/vnd.oasis.opendocument.image!extensions = odi
+mime!application/vnd.oasis.opendocument.presentation!extensions = odp
+mime!application/vnd.oasis.opendocument.spreadsheet!extensions = ods
+mime!application/vnd.oasis.opendocument.text!extensions = odt
+mime!application/vnd.oasis.opendocument.text-master!extensions = odm
+mime!application/vnd.oasis.opendocument.text-web!extensions = oth
+mime!application/vnd.pkg5.info!extensions = p5i
+mime!application/vnd.visio!extensions = vsd
+mime!application/vnd.wap.wbxml!extensions = wbxml
+mime!application/vnd.wap.wmlc!extensions = wmlc
+mime!application/vnd.wap.wmlscriptc!extensions = wmlsc
+mime!application/x-7z-compressed!extensions = 7z
+mime!application/x-abiword!extensions = abw
+mime!application/x-apple-diskimage!extensions = dmg
+mime!application/x-bcpio!extensions = bcpio
+mime!application/x-bittorrent!extensions = torrent
+mime!application/x-cdf!extensions = cdf
+mime!application/x-cpio!extensions = cpio
+mime!application/x-csh!extensions = csh
+mime!application/x-debian-package!extensions = deb,udeb
+mime!application/x-director!extensions = dcr,dir,dxr
+mime!application/x-dvi!extensions = dvi
+mime!application/x-flac!extensions = flac
+mime!application/x-font!extensions = pfa,pfb,gsf,pcf,pcf.Z
+mime!application/x-freemind!extensions = mm
+mime!application/x-gnumeric!extensions = gnumeric
+mime!application/x-gtar!extensions = gtar,tgz,taz
+mime!application/x-gzip!extensions = gz,tgz
+mime!application/x-httpd-php!extensions = phtml,pht,php
+mime!application/x-httpd-php-source!extensions = phps
+mime!application/x-httpd-php3!extensions = php3
+mime!application/x-httpd-php3-preprocessed!extensions = php3p
+mime!application/x-httpd-php4!extensions = php4
+mime!application/x-internet-signup!extensions = ins,isp
+mime!application/x-iphone!extensions = iii
+mime!application/x-iso9660-image!extensions = iso
+mime!application/x-java-jnlp-file!extensions = jnlp
+mime!application/x-javascript!extensions = js
+mime!application/x-kchart!extensions = chrt
+mime!application/x-killustrator!extensions = kil
+mime!application/x-koan!extensions = skp,skd,skt,skm
+mime!application/x-kpresenter!extensions = kpr,kpt
+mime!application/x-kspread!extensions = ksp
+mime!application/x-kword!extensions = kwd,kwt
+mime!application/x-latex!extensions = latex
+mime!application/x-lha!extensions = lha
+mime!application/x-lzh!extensions = lzh
+mime!application/x-lzx!extensions = lzx
+mime!application/x-ms-wmd!extensions = wmd
+mime!application/x-ms-wmz!extensions = wmz
+mime!application/x-msdos-program!extensions = com,exe,bat,dll
+mime!application/x-msi!extensions = msi
+mime!application/x-netcdf!extensions = nc
+mime!application/x-ns-proxy-autoconfig!extensions = pac
+mime!application/x-nwc!extensions = nwc
+mime!application/x-object!extensions = o
+mime!application/x-oz-application!extensions = oza
+mime!application/x-pkcs7-certreqresp!extensions = p7r
+mime!application/x-pkcs7-crl!extensions = crl
+mime!application/x-python-code!extensions = pyc,pyo
+mime!application/x-quicktimeplayer!extensions = qtl
+mime!application/x-redhat-package-manager!extensions = rpm
+mime!application/x-sh!extensions = sh
+mime!application/x-shar!extensions = shar
+mime!application/x-shockwave-flash!extensions = swf,swfl
+mime!application/x-stuffit!extensions = sit,sea
+mime!application/x-sv4cpio!extensions = sv4cpio
+mime!application/x-sv4crc!extensions = sv4crc
+mime!application/x-tar!extensions = tar
+mime!application/x-tcl!extensions = tcl
+mime!application/x-tex-pk!extensions = pk
+mime!application/x-texinfo!extensions = texinfo,texi
+mime!application/x-trash!extensions = ~,bak,old,sik
+mime!application/x-troff!extensions = t,tr,roff
+mime!application/x-troff-man!extensions = man
+mime!application/x-troff-me!extensions = me
+mime!application/x-troff-ms!extensions = ms
+mime!application/x-ustar!extensions = ustar
+mime!application/x-x509-ca-cert!extensions = crt
+mime!application/x-xcf!extensions = xcf
+mime!application/x-xfig!extensions = fig
+mime!application/x-xpinstall!extensions = xpi
+mime!application/xhtml+xml!extensions = xhtml,xht
+mime!application/xml!extensions = xml,xsl
+mime!application/zip!extensions = zip
+mime!audio/basic!extensions = au,snd
+mime!audio/midi!extensions = mid,midi,kar
+mime!audio/mpeg!extensions = mpga,mpega,mp2,mp3,m4a
+mime!audio/ogg!extensions = ogg,oga
+mime!audio/prs.sid!extensions = sid
+mime!audio/x-aiff!extensions = aif,aiff,aifc
+mime!audio/x-gsm!extensions = gsm
+mime!audio/x-mpegurl!extensions = m3u
+mime!audio/x-ms-wax!extensions = wax
+mime!audio/x-ms-wma!extensions = wma
+mime!audio/x-pn-realaudio!extensions = ra,rm,ram
+mime!audio/x-realaudio!extensions = ra
+mime!audio/x-scpls!extensions = pls
+mime!audio/x-sd2!extensions = sd2
+mime!audio/x-wav!extensions = wav
+mime!chemical/x-cache!extensions = cac,cache
+mime!chemical/x-cache-csf!extensions = csf
+mime!chemical/x-cdx!extensions = cdx
+mime!chemical/x-cif!extensions = cif
+mime!chemical/x-cmdf!extensions = cmdf
+mime!chemical/x-cml!extensions = cml
+mime!chemical/x-compass!extensions = cpa
+mime!chemical/x-crossfire!extensions = bsd
+mime!chemical/x-csml!extensions = csml,csm
+mime!chemical/x-ctx!extensions = ctx
+mime!chemical/x-cxf!extensions = cxf,cef
+mime!chemical/x-isostar!extensions = istr,ist
+mime!chemical/x-jcamp-dx!extensions = jdx,dx
+mime!chemical/x-kinemage!extensions = kin
+mime!chemical/x-pdb!extensions = pdb,ent
+mime!chemical/x-swissprot!extensions = sw
+mime!chemical/x-vamas-iso14976!extensions = vms
+mime!chemical/x-vmd!extensions = vmd
+mime!chemical/x-xtel!extensions = xtel
+mime!chemical/x-xyz!extensions = xyz
+mime!image/gif!extensions = gif
+mime!image/jpeg!extensions = jpeg,jpg,jpe
+mime!image/pcx!extensions = pcx
+mime!image/png!extensions = png
+mime!image/svg+xml!extensions = svg,svgz
+mime!image/tiff!extensions = tiff,tif
+mime!image/vnd.djvu!extensions = djvu,djv
+mime!image/vnd.wap.wbmp!extensions = wbmp
+mime!image/x-icon!extensions = ico
+mime!image/x-ms-bmp!extensions = bmp
+mime!image/x-photoshop!extensions = psd
+mime!image/x-portable-anymap!extensions = pnm
+mime!image/x-portable-bitmap!extensions = pbm
+mime!image/x-portable-graymap!extensions = pgm
+mime!image/x-portable-pixmap!extensions = ppm
+mime!image/x-xbitmap!extensions = xbm
+mime!image/x-xpixmap!extensions = xpm
+mime!image/x-xwindowdump!extensions = xwd
+mime!model/iges!extensions = igs,iges
+mime!model/mesh!extensions = msh,mesh,silo
+mime!model/vrml!extensions = wrl,vrml
+mime!text/calendar!extensions = ics,icz
+mime!text/comma-separated-values!extensions = csv
+mime!text/css!extensions = css
+mime!text/h323!extensions = 323
+mime!text/html!extensions = html,htm,shtml
+mime!text/iuls!extensions = uls
+mime!text/mathml!extensions = mml
+mime!text/plain!extensions = asc,txt,text,diff,pot
+mime!text/richtext!extensions = rtx
+mime!text/rtf!extensions = rtf
+mime!text/scriptlet!extensions = sct,wsc
+mime!text/tab-separated-values!extensions = tsv
+mime!text/vnd.sun.j2me.app-descriptor!extensions = jad
+mime!text/vnd.wap.wml!extensions = wml
+mime!text/vnd.wap.wmlscript!extensions = wmls
+mime!text/x-boo!extensions = boo
+mime!text/x-c++hdr!extensions = h++,hpp,hxx,hh
+mime!text/x-c++src!extensions = c++,cpp,cxx,cc
+mime!text/x-chdr!extensions = h
+mime!text/x-csh!extensions = csh
+mime!text/x-csrc!extensions = c
+mime!text/x-dsrc!extensions = d
+mime!text/x-haskell!extensions = hs
+mime!text/x-java!extensions = java
+mime!text/x-literate-haskell!extensions = lhs
+mime!text/x-moc!extensions = moc
+mime!text/x-pascal!extensions = p,pas
+mime!text/x-pcs-gcd!extensions = gcd
+mime!text/x-perl!extensions = pl,pm
+mime!text/x-python!extensions = py
+mime!text/x-setext!extensions = etx
+mime!text/x-sh!extensions = sh
+mime!text/x-tcl!extensions = tcl,tk
+mime!text/x-tex!extensions = tex,ltx,sty,cls
+mime!text/x-vcalendar!extensions = vcs
+mime!text/x-vcard!extensions = vcf
+mime!video/dl!extensions = dl
+mime!video/dv!extensions = dif,dv
+mime!video/fli!extensions = fli
+mime!video/gl!extensions = gl
+mime!video/mp4!extensions = mp4
+mime!video/mpeg!extensions = mpeg,mpg,mpe
+mime!video/ogg!extensions = ogv
+mime!video/quicktime!extensions = qt,mov
+mime!video/vnd.mpegurl!extensions = mxu
+mime!video/webm!extensions = webm
+mime!video/x-flv!extensions = flv
+mime!video/x-la-asf!extensions = lsf,lsx
+mime!video/x-mng!extensions = mng
+mime!video/x-ms-asf!extensions = asf,asx
+mime!video/x-ms-wm!extensions = wm
+mime!video/x-ms-wmv!extensions = wmv
+mime!video/x-ms-wmx!extensions = wmx
+mime!video/x-ms-wvx!extensions = wvx
+mime!video/x-msvideo!extensions = avi
+mime!video/x-sgi-movie!extensions = movie
+mime!x-conference/x-cooltalk!extensions = ice
+mime!x-world/x-vrml!extensions = vrm,vrml,wrl
diff --git a/baserock_openid_provider/develop.sh b/baserock_openid_provider/develop.sh
index 5374e4fb..d3d1fb3e 100755
--- a/baserock_openid_provider/develop.sh
+++ b/baserock_openid_provider/develop.sh
@@ -4,6 +4,6 @@
 
 exec docker run -i -t --rm \
     --publish=127.0.0.1:80:80 \
-    --volume=`pwd`:/src/test-baserock-infrastructure \
+    --volume=`pwd`:/srv/test-baserock-infrastructure \
     baserock/openid-provider
 
diff --git a/baserock_openid_provider/local.yml b/baserock_openid_provider/local.yml
index 4a2df68e..ea468399 100644
--- a/baserock_openid_provider/local.yml
+++ b/baserock_openid_provider/local.yml
@@ -1,9 +1,15 @@
 ---
 - hosts: localhost
   tasks:
+  - name: install Cherokee web server
+    yum: name=cherokee state=latest
+
   - name: install PIP package manager
     yum: name=python-pip state=latest
 
+  - name: install uWSGI application container server and Python plugin
+    yum: name=uwsgi-plugin-python state=latest
+
   - name: install Django
     pip: name=django
 
@@ -17,3 +23,5 @@
   - name: install python-openid
     pip: name=python-openid
 
+  - name: install Cherokee configuration
+    shell: ln -sf /srv/baserock_openid_provider/cherokee.conf /etc/cherokee/cherokee.conf
diff --git a/baserock_openid_provider/packer_template.json b/baserock_openid_provider/packer_template.json
index c7a0c72b..97333a16 100644
--- a/baserock_openid_provider/packer_template.json
+++ b/baserock_openid_provider/packer_template.json
@@ -24,6 +24,12 @@
             "only": ["production"]
         },
         {
+            "type": "file",
+            "source": "baserock_openid_provider",
+            "destination": "/srv",
+            "only": ["production"]
+        },
+        {
             "type": "shell",
             "inline": [ "sudo yum install -y ansible"]
         },
@@ -32,9 +38,18 @@
             "playbook_file": "baserock_openid_provider/local.yml"
         },
         {
-            "type": "file",
-            "source": "baserock_openid_provider",
-            "destination": "/srv",
+            "type": "shell",
+            "inline": [
+                "ln -s /srv/test_baserock_infrastructure/baserock_openid_provider /srv"
+            ],
+            "only": ["development"]
+        },
+        {
+            "type": "shell",
+            "inline": [
+                "sudo systemctl enable cherokee",
+                "sudo systemctl start cherokee"
+            ],
             "only": ["production"]
         }
     ],
diff --git a/baserock_openid_provider/uwsgi.ini b/baserock_openid_provider/uwsgi.ini
new file mode 100644
index 00000000..c359bdb7
--- /dev/null
+++ b/baserock_openid_provider/uwsgi.ini
@@ -0,0 +1,20 @@
+# Configuration for uWSGI web application gateway for Baserock OpenID provider.
+#
+# System-wide configuration should live in /etc/uwsgi.ini.
+#
+# Some good reading for uWSGI:
+#  - http://uwsgi-docs.readthedocs.org/en/latest/ThingsToKnow.html
+#  - http://uwsgi-docs.readthedocs.org/en/latest/Configuration.html
+
+[uwsgi]
+need-plugin = python
+
+# This slightly weird setup seems the only way to avoid
+# django.ImproperlyConfigured exceptions.
+pythonpath = /srv/baserock_openid_provider
+chdir = /srv/baserock_openid_provider/baserock_openid_provider
+wsgi = wsgi
+
+# These numbers are pulled completely out of my arse. Testing should
+# be done to find good values.
+processes = 1
diff --git a/temporary-provisioner.sh b/temporary-provisioner.sh
deleted file mode 100644
index 8edc8bae..00000000
--- a/temporary-provisioner.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-# Temporary provisioner for the Baserock OpenID provider.
-# This should be done with Ansible really (or perhaps
-# Puppet, since it looks like Puppet will be the quickest
-# route to getting Storyboard up ...)
-
-# I'd like to use Python 3 for this, but seems that
-# django_openid_provider needs fixing for Python 3.
-
-yum install python-pip --assumeyes
-pip install django django_openid_provider python-openid
author	Sam Thursfield <sam.thursfield@codethink.co.uk>	2014-11-14 17:57:49 +0000
committer	Sam Thursfield <sam.thursfield@codethink.co.uk>	2014-11-14 18:47:04 +0000
commit	bf9b90bbfd81140b686477e2fb22766439dabc0f (patch)
tree	b1e93d33f2c5925423f06170e27b89f3330c6923
parent	9ee360ce6d98f00ea28a6eb5ae39054453417084 (diff)
download	infrastructure-bf9b90bbfd81140b686477e2fb22766439dabc0f.tar.gz