changed taiga path to /opt and improved first-run checks
This commit is contained in:
parent
c1546e7616
commit
d680399bcf
@ -21,7 +21,7 @@ ENV USER taiga
|
|||||||
ENV UID 1000
|
ENV UID 1000
|
||||||
ENV GROUP www-data
|
ENV GROUP www-data
|
||||||
ENV HOME /home/$USER
|
ENV HOME /home/$USER
|
||||||
ENV DATA /usr/local/taiga
|
ENV DATA /opt/taiga
|
||||||
RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -g $GROUP $USER
|
RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -g $GROUP $USER
|
||||||
RUN mkdir -p $DATA $DATA/media $DATA/static $DATA/logs /var/log/taiga \
|
RUN mkdir -p $DATA $DATA/media $DATA/static $DATA/logs /var/log/taiga \
|
||||||
&& chown -Rh $USER:$GROUP $DATA /var/log/taiga
|
&& chown -Rh $USER:$GROUP $DATA /var/log/taiga
|
||||||
|
@ -76,8 +76,8 @@ services:
|
|||||||
ports:
|
ports:
|
||||||
- 80:80
|
- 80:80
|
||||||
volumes:
|
volumes:
|
||||||
- taiga_static:/usr/local/taiga/static
|
- taiga_static:/opt/taiga/static
|
||||||
- taiga_media:/usr/local/taiga/media
|
- taiga_media:/opt/taiga/media
|
||||||
env_file:
|
env_file:
|
||||||
- ./taiga.env
|
- ./taiga.env
|
||||||
- ./taiga-db.env
|
- ./taiga-db.env
|
||||||
|
4
TODO.md
4
TODO.md
@ -1,6 +1,10 @@
|
|||||||
TODO
|
TODO
|
||||||
====
|
====
|
||||||
|
|
||||||
|
* Security: make sure /already_installed script does not depend on 'admin' user
|
||||||
|
in case when someone wants to use alternative name (see TODO in
|
||||||
|
seeds/already_installed.tmpl file)
|
||||||
|
|
||||||
* make sure Taiga sends emails, e.g. new user registered, password reset,
|
* make sure Taiga sends emails, e.g. new user registered, password reset,
|
||||||
general Taiga notifications
|
general Taiga notifications
|
||||||
|
|
||||||
|
@ -30,8 +30,8 @@ services:
|
|||||||
ports:
|
ports:
|
||||||
- 80:80
|
- 80:80
|
||||||
volumes:
|
volumes:
|
||||||
- taiga_static:/usr/local/taiga/static
|
- taiga_static:/opt/taiga/static
|
||||||
- taiga_media:/usr/local/taiga/media
|
- taiga_media:/opt/taiga/media
|
||||||
env_file:
|
env_file:
|
||||||
- ./taiga.env
|
- ./taiga.env
|
||||||
- ./taiga-db.env
|
- ./taiga-db.env
|
||||||
|
30
launch
30
launch
@ -30,6 +30,8 @@ envsubst < /tmp/taiga.tmpl > /etc/nginx/sites-enabled/taiga
|
|||||||
envsubst < /tmp/circus.ini.tmpl > $DATA/circus.ini
|
envsubst < /tmp/circus.ini.tmpl > $DATA/circus.ini
|
||||||
envsubst < /tmp/conf.json.tmpl > $DATA/taiga-front-dist/dist/conf.json
|
envsubst < /tmp/conf.json.tmpl > $DATA/taiga-front-dist/dist/conf.json
|
||||||
envsubst < /tmp/local.py.tmpl > $DATA/taiga-back/settings/local.py
|
envsubst < /tmp/local.py.tmpl > $DATA/taiga-back/settings/local.py
|
||||||
|
envsubst < /tmp/already_initialized.tmpl > /already_initialized
|
||||||
|
chmod +x /already_initialized
|
||||||
|
|
||||||
# Keep sensitive information out of here
|
# Keep sensitive information out of here
|
||||||
unset DJANGO_SECRET_KEY TAIGA_DB_PASSWORD
|
unset DJANGO_SECRET_KEY TAIGA_DB_PASSWORD
|
||||||
@ -37,26 +39,34 @@ unset DJANGO_SECRET_KEY TAIGA_DB_PASSWORD
|
|||||||
# Make sure the data is readable
|
# Make sure the data is readable
|
||||||
chown -Rh $USER:$GROUP $DATA
|
chown -Rh $USER:$GROUP $DATA
|
||||||
|
|
||||||
# Allow a little delay on the first run
|
# Make sure the PostgreSQL database is up and ready
|
||||||
# to make sure Database is set and ready
|
while ! ping -c 1 -W 1 $TAIGA_DB_HOST >/dev/null 2>&1; do
|
||||||
[ -e "/tmp/taiga.firstrun" ] || ( echo "Waiting for 10 seconds to let the DB initialize" \
|
echo "Waiting for $TAIGA_DB_HOST to be Up ..."
|
||||||
&& sleep 10 )
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
while ! timeout 1 bash -c 'cat < /dev/null > /dev/tcp/$TAIGA_DB_HOST/$TAIGA_DB_PORT' >/dev/null 2>&1; do
|
||||||
|
echo "Waiting for $TAIGA_DB_HOST:$TAIGA_DB_PORT to be Ready ..."
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
# This will make a tiny delay which will help to ensure the database is up and
|
||||||
|
# running before it will be seeded/updated
|
||||||
|
/already_initialized
|
||||||
|
|
||||||
# Upgrade DB schemas, etc...
|
# Upgrade DB schemas, etc...
|
||||||
# This is important when Taiga's codebase gets updated
|
# This is important when Taiga's codebase gets updated
|
||||||
su -s /bin/sh $USER -c '. $DATA/venvtaiga/bin/activate
|
su -s /bin/sh $USER -c '. $DATA/venvtaiga/bin/activate
|
||||||
cd $DATA/taiga-back
|
cd $DATA/taiga-back
|
||||||
python manage.py migrate --noinput
|
python manage.py migrate --noinput
|
||||||
[ -e "/tmp/taiga.firstrun" ] || ( python manage.py loaddata initial_user \
|
/already_initialized || ( python manage.py loaddata initial_user \
|
||||||
&& python manage.py loaddata initial_project_templates \
|
&& python manage.py loaddata initial_project_templates \
|
||||||
&& python manage.py loaddata initial_role \
|
&& python manage.py loaddata initial_role \
|
||||||
&& echo "A new user admin with password 123123 has been created" )
|
&& echo "First run: A new user admin with password 123123 has been created. Please change the password once you login." )
|
||||||
python manage.py compilemessages
|
python manage.py compilemessages
|
||||||
python manage.py collectstatic --noinput
|
python manage.py collectstatic --noinput
|
||||||
deactivate'
|
deactivate'
|
||||||
|
|
||||||
touch /tmp/taiga.firstrun
|
|
||||||
|
|
||||||
# (Optional) Fill Taiga with the Sample data
|
# (Optional) Fill Taiga with the Sample data
|
||||||
# su -s /bin/sh $USER -c '. $DATA/venvtaiga/bin/activate
|
# su -s /bin/sh $USER -c '. $DATA/venvtaiga/bin/activate
|
||||||
# cd $DATA/taiga-back
|
# cd $DATA/taiga-back
|
||||||
|
36
seeds/already_initialized.tmpl
Normal file
36
seeds/already_initialized.tmpl
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
#!$DATA/venvtaiga/bin/python
|
||||||
|
# A simple script that checks whether the 'admin' user has been created.
|
||||||
|
# It returns 0 on success and 1 on failure.
|
||||||
|
# Based on this the /launch script will decide whether to create the default
|
||||||
|
# admin user or not.
|
||||||
|
# TODO: in some cases one may want to rename the 'admin' user, causing the
|
||||||
|
# script to create a backdoor admin:123123. We need to take this into account!
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
sys.path.append('$DATA/taiga-back')
|
||||||
|
|
||||||
|
from django.contrib.auth import get_user_model
|
||||||
|
from django.core.wsgi import get_wsgi_application
|
||||||
|
from django.db import utils
|
||||||
|
|
||||||
|
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "settings")
|
||||||
|
application = get_wsgi_application()
|
||||||
|
User = get_user_model()
|
||||||
|
|
||||||
|
users_num = 0
|
||||||
|
|
||||||
|
try:
|
||||||
|
users_num = User.objects.filter(username='admin').count()
|
||||||
|
except utils.OperationalError as e:
|
||||||
|
print('(%s): Unable to connect to a database' % type(e))
|
||||||
|
pass
|
||||||
|
except utils.ProgrammingError as e:
|
||||||
|
print('(%s): First run detected' % type(e))
|
||||||
|
pass
|
||||||
|
|
||||||
|
if users_num > 0:
|
||||||
|
rc = 0
|
||||||
|
else:
|
||||||
|
rc = 1
|
||||||
|
|
||||||
|
sys.exit(rc)
|
Loading…
Reference in New Issue
Block a user