diff options
author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2016-02-17 16:07:23 +0000 |
---|---|---|
committer | Baserock Gerrit <gerrit@baserock.org> | 2016-02-19 12:37:25 +0000 |
commit | 2ff5d6f4fb78cbdc0affdcb5a96cdc0c4612f743 (patch) | |
tree | 4458dd56f7d55d2e26de5b662362c377c208e672 /baserock_openid_provider | |
parent | ed303aa8aa09ae8de03aad364acae9a3f80bd40a (diff) | |
download | infrastructure-2ff5d6f4fb78cbdc0affdcb5a96cdc0c4612f743.tar.gz |
baserock_openid_provider: Update on top of Fedora 23, and without Packer
This means we no longer use Packer for anything, which is good.
The switch from Django 1.7 to Django 1.9 caused some problems in the
openid_provider module. Upstream for that module is here:
https://bitbucket.org/romke/django_openid_provider/
At the time of writing there was no fix upstream for these issues, it
would be good to submit them. We have other unsubmitted changes against
that upstream in our openid_provider code.
One issue was use of import_module (which is now available from
importlib, doesn't need to be imported from django.utils any more).
Another is use of WSGIRequest.REQUEST, which is deprecated since
Django 1.7 and removed in Django 1.9. We now need to use .POST or
.GET to get that info.
Change-Id: I60793aaf0d84d81b89ff59efbe08240d99b7973f
Diffstat (limited to 'baserock_openid_provider')
-rw-r--r-- | baserock_openid_provider/baserock_openid_provider/settings.py | 10 | ||||
-rwxr-xr-x | baserock_openid_provider/develop.sh | 11 | ||||
-rw-r--r-- | baserock_openid_provider/image-config.yml | 50 | ||||
-rw-r--r-- | baserock_openid_provider/instance-config.yml | 3 | ||||
-rw-r--r-- | baserock_openid_provider/openid_provider/south_migrations/0001_initial.py (renamed from baserock_openid_provider/openid_provider/migrations/0001_initial.py) | 0 | ||||
-rw-r--r-- | baserock_openid_provider/openid_provider/south_migrations/__init__.py (renamed from baserock_openid_provider/openid_provider/migrations/__init__.py) | 0 | ||||
-rw-r--r-- | baserock_openid_provider/openid_provider/utils.py | 3 | ||||
-rw-r--r-- | baserock_openid_provider/openid_provider/views.py | 8 | ||||
-rw-r--r-- | baserock_openid_provider/packer_template.json | 77 |
9 files changed, 49 insertions, 113 deletions
diff --git a/baserock_openid_provider/baserock_openid_provider/settings.py b/baserock_openid_provider/baserock_openid_provider/settings.py index a7e892ba..d9d3ffec 100644 --- a/baserock_openid_provider/baserock_openid_provider/settings.py +++ b/baserock_openid_provider/baserock_openid_provider/settings.py @@ -12,6 +12,9 @@ import yaml import os +# You must ensure this is the correct IP address! +DATABASE_HOST = '192.168.222.30' + BASE_DIR = os.path.dirname(os.path.dirname(__file__)) # Quick-start development settings - unsuitable for production @@ -114,12 +117,7 @@ DATABASES = { 'USER': 'openid', 'PORT': '3306', - # You must change this to the correct IP address when - # deploying to production! For development deployments this - # gets the IP of the 'baserock-database' container from the - # environment, which Docker will have set if you passed it - # `--link=baseock-database:db`. - 'HOST': os.environ.get('DB_PORT_3306_TCP_ADDR', '192.168.222.30') + 'HOST': DATABASE_HOST } } diff --git a/baserock_openid_provider/develop.sh b/baserock_openid_provider/develop.sh deleted file mode 100755 index 534a1333..00000000 --- a/baserock_openid_provider/develop.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -# Set up a development environment in a container. - -exec docker run -i -t --rm \ - --name=baserock-openid-provider \ - --link=baserock-database:db \ - --publish=127.0.0.1:80:80 \ - --volume=`pwd`:/srv/test-baserock-infrastructure \ - baserock/openid-provider - diff --git a/baserock_openid_provider/image-config.yml b/baserock_openid_provider/image-config.yml index 3c0d8bb5..92ba0951 100644 --- a/baserock_openid_provider/image-config.yml +++ b/baserock_openid_provider/image-config.yml @@ -2,46 +2,61 @@ # # This playbook is run at image-creation time by Packer. --- -- hosts: localhost +- hosts: openid gather_facts: False + sudo: yes tasks: + # See: https://fedoramagazine.org/getting-ansible-working-fedora-23/ + - name: install Python2 and required deps for Ansible modules + raw: dnf install -y python2 python2-dnf libselinux-python + - name: enable persistant journal shell: mkdir /var/log/journal args: creates: /var/log/journal - - name: install Cherokee web server - yum: name=cherokee state=latest + - name: ensure system up to date + dnf: name=* state=latest - - name: install PIP package manager - yum: name=python-pip state=latest + - name: install Cherokee web server + dnf: name=cherokee state=latest - name: install Sendmail mail transfer agent - yum: name=sendmail state=latest + dnf: name=sendmail state=latest - name: install uWSGI application container server and Python plugin - yum: name=uwsgi-plugin-python state=latest + dnf: name=uwsgi-plugin-python state=latest + + - name: install PyYAML + dnf: name=PyYAML state=latest + # All this stuff is installed with Pip, which isn't really necessary except + # for django-registration-redux. Fedora packages django-registration but not + # the better django-registration-redux (I think). + # - name: install Django - pip: name=django + pip: name=django executable=pip2.7 + + - name: install South (Django migrations tool) + pip: name=South executable=pip2.7 # This is a fork of django-registration which supports Django 1.7. # Source: https://github.com/macropin/django-registration # The original django-registration (which seems to be abandoned) lives at: # https://bitbucket.org/ubernostrum/django-registration/ - name: install django-registration-redux - pip: name=django-registration-redux + pip: name=django-registration-redux executable=pip2.7 - name: install python-openid - pip: name=python-openid + pip: name=python-openid executable=pip2.7 - # Install the MySQL-python package from Yum, because if it's installed from + # Install the MySQL-python package from DNF, because if it's installed from # PyPI you need to have the mariadb-devel package installed to build the C # code and that's an extra 21MB of dependencies or so. Note that this driver # doesn't support Python 3, but there is a fork available which does, see: # https://docs.djangoproject.com/en/dev/ref/databases/#mysql-db-api-drivers - name: install MySQL-python - yum: name=MySQL-python state=latest + dnf: name=MySQL-python state=latest - name: install Cherokee configuration file: src=/srv/baserock_openid_provider/cherokee.conf dest=/etc/cherokee/cherokee.conf state=link force=yes @@ -49,5 +64,12 @@ - name: create log directory for baserock_openid_provider file: path=/var/log/baserock_openid_provider owner=cherokee group=cherokee state=directory - - name: create directory for static content - file: path=/var/www/static owner=cherokee group=cherokee state=directory + - name: upload application + copy: src=. dest=/srv owner=fedora group=fedora + + # Yes, SELinux prevents Cherokee from working. + - name: disable SELinux on subsequent boots + selinux: state=disabled + + - name: disable SELinux on current boot + command: setenforce 0 diff --git a/baserock_openid_provider/instance-config.yml b/baserock_openid_provider/instance-config.yml index 7eac185d..3311d51e 100644 --- a/baserock_openid_provider/instance-config.yml +++ b/baserock_openid_provider/instance-config.yml @@ -7,9 +7,6 @@ gather_facts: False sudo: yes tasks: - - name: ensure system up to date - yum: name=* state=latest - - name: install database password copy: src=../database/baserock_openid_provider.database_password.yml dest=/etc owner=cherokee group=cherokee mode=400 diff --git a/baserock_openid_provider/openid_provider/migrations/0001_initial.py b/baserock_openid_provider/openid_provider/south_migrations/0001_initial.py index 1857f59a..1857f59a 100644 --- a/baserock_openid_provider/openid_provider/migrations/0001_initial.py +++ b/baserock_openid_provider/openid_provider/south_migrations/0001_initial.py diff --git a/baserock_openid_provider/openid_provider/migrations/__init__.py b/baserock_openid_provider/openid_provider/south_migrations/__init__.py index e69de29b..e69de29b 100644 --- a/baserock_openid_provider/openid_provider/migrations/__init__.py +++ b/baserock_openid_provider/openid_provider/south_migrations/__init__.py diff --git a/baserock_openid_provider/openid_provider/utils.py b/baserock_openid_provider/openid_provider/utils.py index ae704001..dc0c714f 100644 --- a/baserock_openid_provider/openid_provider/utils.py +++ b/baserock_openid_provider/openid_provider/utils.py @@ -13,7 +13,8 @@ from django.core.exceptions import ImproperlyConfigured from django.core.urlresolvers import reverse from django.http import HttpResponse from django.shortcuts import render_to_response -from django.utils.importlib import import_module + +from importlib import import_module import logging diff --git a/baserock_openid_provider/openid_provider/views.py b/baserock_openid_provider/openid_provider/views.py index 2633abf0..1b8ef6d5 100644 --- a/baserock_openid_provider/openid_provider/views.py +++ b/baserock_openid_provider/openid_provider/views.py @@ -56,7 +56,13 @@ def openid_server(request): if request.session.get('AuthorizationInfo', None): del request.session['AuthorizationInfo'] - querydict = dict(request.REQUEST.items()) + if request.method == 'GET': + querydict = dict(request.GET.items()) + elif request.method == 'POST': + querydict = dict(request.POST.items()) + else: + return HTTPResponseNotAllowed(['GET', 'POST']) + orequest = server.decodeRequest(querydict) if not orequest: orequest = server.decodeRequest(request.session.get('OPENID_REQUEST', None)) diff --git a/baserock_openid_provider/packer_template.json b/baserock_openid_provider/packer_template.json deleted file mode 100644 index 0de9bc84..00000000 --- a/baserock_openid_provider/packer_template.json +++ /dev/null @@ -1,77 +0,0 @@ -{ - "builders": [ - { - "name": "development", - "type": "docker", - "image": "fedora:20", - "commit": true, - "run_command": ["-d", "-i", "-t", "{{.Image}}", "/bin/sh"] - }, - { - "name": "production", - "type": "openstack", - "image_name": "baserock_openid_provider", - "flavor": "f0577618-9125-4948-b450-474e225bbc4c", - "source_image": "742e0414-c985-4994-b307-4aafade942b3", - "networks": ["d079fa3e-2558-4bcb-ad5a-279040c202b5"], - "floating_ip": "185.43.218.169", - "use_floating_ip": true, - "ssh_username": "fedora" - } - ], - "provisioners": [ - { - "type": "shell", - "inline": [ - "sudo chown fedora:fedora /srv" - ], - "only": ["production"] - }, - { - "type": "file", - "source": "baserock_openid_provider", - "destination": "/srv", - "only": ["production"] - }, - { - "type": "shell", - "inline": [ "sudo yum install -y ansible"] - }, - { - "type": "ansible-local", - "playbook_file": "baserock_openid_provider/image-config.yml", - "command": "sudo ansible-playbook" - }, - { - "type": "shell", - "inline": [ - "ln -s /srv/test-baserock-infrastructure/baserock_openid_provider /srv" - ], - "only": ["development"] - }, - { - "type": "shell", - "inline": [ - "sudo yum install -y libselinux-python", - "sudo ansible localhost -m selinux -a state=disabled", - "sudo setenforce 0" - ], - "only": ["production"] - }, - { - "type": "shell", - "inline": [ "sync; sync; sleep 10; sync" ], - "only": ["production"] - } - ], - "post-processors": [ - [ - { - "type": "docker-tag", - "repository": "baserock/openid-provider", - "tag": "latest", - "only": ["development"] - } - ] - ] -} |