init
This commit is contained in:
commit
6cb0a5509d
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
/tmp
|
||||
/client_secrets.json
|
66
Containerfile
Normal file
66
Containerfile
Normal file
@ -0,0 +1,66 @@
|
||||
# Stage 1: Build stage with necessary build dependencies
|
||||
FROM quay.io/fedora/python-312:latest AS build-stage
|
||||
LABEL \
|
||||
name="python-312-with-rust" \
|
||||
vendor="Fedora Infrastructure" \
|
||||
license="MIT"
|
||||
|
||||
USER root
|
||||
# Add RPM-only modules and build dependencies
|
||||
RUN dnf install -y \
|
||||
python3-pyrpmmd \
|
||||
python3-poetry \
|
||||
poetry \
|
||||
cargo \
|
||||
logrotate \
|
||||
git \
|
||||
gcc \
|
||||
gcc-c++ \
|
||||
libffi-devel \
|
||||
openssl-devel
|
||||
|
||||
# Clone MirrorManager2 source code from the Git repo
|
||||
RUN mkdir -p /opt/mirrormanager2
|
||||
WORKDIR /opt/mirrormanager2
|
||||
RUN git clone https://github.com/fedora-infra/mirrormanager2.git .
|
||||
|
||||
RUN pip install --prefix=/install .
|
||||
|
||||
# Stage 2: Final stage with runtime dependencies
|
||||
FROM quay.io/fedora/python-312:latest
|
||||
LABEL \
|
||||
name="python-312-with-rust" \
|
||||
vendor="Fedora Infrastructure" \
|
||||
license="MIT"
|
||||
|
||||
USER root
|
||||
# Add only runtime dependencies
|
||||
RUN dnf install -y \
|
||||
python3-pyrpmmd \
|
||||
uwsgi \
|
||||
uwsgi-plugin-python3 \
|
||||
logrotate
|
||||
|
||||
# Copy installed dependencies from the build stage
|
||||
COPY --from=build-stage /install /usr/
|
||||
|
||||
# Copy in the tree
|
||||
#COPY --from=build-stage /opt/mirrormanager2 /opt/mirrormanager2
|
||||
ADD run.py /opt/mirrormanager2/
|
||||
|
||||
# Set working directory
|
||||
WORKDIR /opt/mirrormanager2
|
||||
|
||||
# Expose necessary ports
|
||||
EXPOSE 5000
|
||||
|
||||
# Define entrypoint script to start the application
|
||||
CMD [ "uwsgi", "--socket", "0.0.0.0:3031", \
|
||||
"--uid", "uwsgi", \
|
||||
"--plugins", "python3", \
|
||||
"--protocol", "uwsgi", \
|
||||
"--enable-threads", \
|
||||
"--master", \
|
||||
"-b", "65535", \
|
||||
"--wsgi-file", "/opt/mirrormanager2/run.py" ]
|
||||
|
225
mirrormanager2.cfg
Normal file
225
mirrormanager2.cfg
Normal file
@ -0,0 +1,225 @@
|
||||
'''
|
||||
MirrorManager2 sample configuration.
|
||||
'''
|
||||
|
||||
###
|
||||
# Most important configuration items
|
||||
###
|
||||
|
||||
|
||||
# url to the database server:
|
||||
SQLALCHEMY_DATABASE_URI = 'sqlite:////var/tmp/mirrormanager2_dev.sqlite'
|
||||
|
||||
# the number of items to display on the search pages
|
||||
# Default: ``50``.
|
||||
#ITEMS_PER_PAGE = 50
|
||||
|
||||
# secret key used to generate unique csrf token
|
||||
SECRET_KEY = ""
|
||||
|
||||
# Seed used to make the password harder to brute force in case of leaking
|
||||
# This should be kept really secret!
|
||||
PASSWORD_SEED = ""
|
||||
|
||||
|
||||
|
||||
###
|
||||
# Other configuration items for the web-app
|
||||
###
|
||||
|
||||
|
||||
# Set the time after which the session expires. Flask's default is 31 days.
|
||||
# Default: ``timedelta(hours=1)`` corresponds to 1 hour.
|
||||
#from datetime import timedelta
|
||||
#PERMANENT_SESSION_LIFETIME = timedelta(hours=1)
|
||||
|
||||
# Folder containing the theme to use.
|
||||
# Default: ``fedora``.
|
||||
#THEME_FOLDER = "fedora"
|
||||
|
||||
# Which authentication method to use, defaults to `fas` can be or `local`
|
||||
# Default: ``fas``.
|
||||
# Note that this previously used openid, now it uses openid connect oidc
|
||||
#MM_AUTHENTICATION = "fas"
|
||||
|
||||
OIDC_CLIENT_SECRETS = "/etc/mirrormanager/client_secrets.json"
|
||||
|
||||
# If the authentication method is `fas`, groups in which should be the user
|
||||
# to be recognized as an admin.
|
||||
#ADMIN_GROUP = ["sysadmin-main"]
|
||||
|
||||
# Email of the admin to which send notification or error
|
||||
ADMIN_EMAIL = "admin@fedoraproject.org"
|
||||
|
||||
# Email address used in the "From" field of the emails sent.
|
||||
# Default: ``nobody@fedoraproject.org``.
|
||||
#EMAIL_FROM = "nobody@fedoraproject.org"
|
||||
|
||||
# SMTP server to use,
|
||||
# Default: ``localhost``.
|
||||
#SMTP_SERVER = "localhost"
|
||||
|
||||
# If the SMTP server requires authentication, fill in the information here
|
||||
# SMTP_USERNAME = 'username'
|
||||
# SMTP_PASSWORD = 'password'
|
||||
|
||||
# Countries which have to be excluded.
|
||||
#EMBARGOED_COUNTRIES = ["CU", "IR", "KP", "SD", "SY"]
|
||||
|
||||
# When this is set to True, an additional menu item is shown which
|
||||
# displays the maps generated with mm2_generate-worldmap.
|
||||
#SHOW_MAPS = True
|
||||
|
||||
# Location of the static map displayed in the map tab.
|
||||
#STATIC_MAP = "map.png"
|
||||
|
||||
# Location of the interactive openstreetmap based map.
|
||||
#INTERACTIVE_MAP = "mirrors.html"
|
||||
|
||||
# The crawler can generate propagation statistics which can be
|
||||
# converted into svg/pdf with mm2_propagation. These files
|
||||
# can be displayed next to the statistics and maps tab if desired.
|
||||
#SHOW_PROPAGATION = True
|
||||
|
||||
# Where to look for the above mentioned propagation images.
|
||||
#PROPAGATION_BASE = "/var/lib/mirrormanager/statistics/data/propagation"
|
||||
|
||||
# Where the GeoIP database lives
|
||||
#GEOIP_BASE = "/usr/share/GeoIP"
|
||||
|
||||
# Disable master rsync server ACL
|
||||
# Fedora does not use it and therefore it is set to False
|
||||
#MASTER_RSYNC_ACL = False
|
||||
|
||||
# When this is set to True, the session cookie will only be returned to the
|
||||
# server via ssl (https). If you connect to the server via plain http, the
|
||||
# cookie will not be sent. This prevents sniffing of the cookie contents.
|
||||
# This may be set to False when testing your application but should always
|
||||
# be set to True in production.
|
||||
# Default: ``True``.
|
||||
#MM_COOKIE_REQUIRES_HTTPS = True
|
||||
|
||||
# The name of the cookie used to store the session id.
|
||||
# Default: ``.MirrorManager``.
|
||||
#MM_COOKIE_NAME = "MirrorManager"
|
||||
|
||||
# If this variable is set (and the directory exists) the crawler
|
||||
# will create per host log files in MM_LOG_DIR/crawler/<hostid>.log
|
||||
# which can the be used in the web interface by the mirror admins.
|
||||
# Other parts besides the crawler are also using this variable to
|
||||
# decide where to store log files.
|
||||
#MM_LOG_DIR = "/var/log/mirrormanager"
|
||||
|
||||
# This is used to exclude certain protocols to be entered
|
||||
# for host category URLs at all.
|
||||
# The following is the default for Fedora to exclude FTP based
|
||||
# mirrors to be added. Removing this confguration option
|
||||
# or setting it to "" removes any protocol restrictions.
|
||||
#MM_PROTOCOL_REGEX = "^(?!ftp)(.*)$"
|
||||
|
||||
# The netblock size parameters define which netblock sizes can be
|
||||
# added by a site administrator. Larger networks can only be added by
|
||||
# mirrormanager admins.
|
||||
#MM_IPV4_NETBLOCK_SIZE = "/16"
|
||||
#MM_IPV6_NETBLOCK_SIZE = "/32"
|
||||
|
||||
# If not specified the application will rely on the root_url when sending
|
||||
# emails, otherwise it will use this URL
|
||||
# Default: ``None``.
|
||||
#APPLICATION_URL = None
|
||||
|
||||
# Boolean specifying wether to check the user's IP address when retrieving
|
||||
# its session. This make things more secure (thus is on by default) but
|
||||
# under certain setup it might not work (for example is there are proxies
|
||||
# in front of the application).
|
||||
#CHECK_SESSION_IP = True
|
||||
|
||||
# Specify additional rsync parameters for the crawler
|
||||
# # --timeout 14400: abort rsync crawl after 4 hours
|
||||
# # --no-human-readable: because rsync made things pretty by default in 3.1.x
|
||||
#CRAWLER_RSYNC_PARAMETERS = "--no-motd"
|
||||
|
||||
# This is a list of directories which MirrorManager will ignore while guessing
|
||||
# the version and architecture from a path.
|
||||
#SKIP_PATHS_FOR_VERSION = []
|
||||
|
||||
###
|
||||
# Configuration options used by the utilities
|
||||
###
|
||||
|
||||
# Specify whether the crawler should send a report by email
|
||||
CRAWLER_SEND_EMAIL = True
|
||||
|
||||
# Specify additional rsync parameters for the crawler
|
||||
# --timeout 14400: abort rsync crawl after 4 hours
|
||||
# Depending on the setup and the crawler frequency rsync's timeout option
|
||||
# can be used decrease the probability of stale rsync processes
|
||||
#CRAWLER_RSYNC_PARAMETERS = "--no-motd --timeout 14400"
|
||||
|
||||
# If a host fails for CRAWLER_AUTO_DISABLE times in a row
|
||||
# the host will be disable automatically (user_active)
|
||||
#CRAWLER_AUTO_DISABLE = 4
|
||||
|
||||
# This is a list of directories which MirrorManager will ignore while guessing
|
||||
# the version and architecture from a path.
|
||||
#SKIP_PATHS_FOR_VERSION = ["pub/alt"]
|
||||
|
||||
# Whether to use Fedora Messaging for notifications
|
||||
#USE_FEDORA_MESSAGING = True
|
||||
|
||||
UMDL_PREFIX = "/srv/"
|
||||
|
||||
UMDL_MASTER_DIRECTORIES = [
|
||||
{
|
||||
'type': 'directory',
|
||||
'path': '../testdata/pub/epel/',
|
||||
'category': 'Fedora EPEL'
|
||||
},
|
||||
{
|
||||
'type': 'directory',
|
||||
'path': '../testdata/pub/fedora/linux/',
|
||||
'category': 'Fedora Linux'
|
||||
},
|
||||
{
|
||||
'type': 'directory',
|
||||
'path': '../testdata/pub/fedora-secondary/',
|
||||
'category': 'Fedora Secondary Arches'
|
||||
},
|
||||
{
|
||||
'type': 'directory',
|
||||
'path': '../testdata/pub/archive/',
|
||||
'category': 'Fedora Archive'
|
||||
},
|
||||
{
|
||||
'type': 'directory',
|
||||
'path': '../testdata/pub/alt/',
|
||||
'category': 'Fedora Other'
|
||||
},
|
||||
# {
|
||||
# 'type':'directory',
|
||||
# 'path':'../testdata/pub/fedora/linux/',
|
||||
# 'category':'Fedora Linux',
|
||||
# 'excludes':['.*/core/?.*', '.*/extras/?.*', '.*/[7-8]/?.*' ]
|
||||
# },
|
||||
# {
|
||||
# 'type':'rsync',
|
||||
# 'url':'rsync://archive.ubuntu.com/ubuntu/',
|
||||
# 'category':'Ubuntu Archive'
|
||||
# },
|
||||
# {
|
||||
# 'type':'rsync',
|
||||
# 'url':'rsync://releases.ubuntu.com/releases/',
|
||||
# 'category':'Ubuntu CD Images'
|
||||
# },
|
||||
# {
|
||||
# 'type':'rsync',
|
||||
# 'url':'rsync://ports.ubuntu.com/ubuntu-ports/',
|
||||
# 'category':'Ubuntu Ports Archive'
|
||||
# },
|
||||
# {
|
||||
# 'type':'rsync',
|
||||
# 'url':'rsync://security.ubuntu.com/ubuntu/',
|
||||
# 'category':'Ubuntu Security Archive'
|
||||
# },
|
||||
]
|
||||
|
14
nginx.conf
Normal file
14
nginx.conf
Normal file
@ -0,0 +1,14 @@
|
||||
server {
|
||||
listen 80;
|
||||
root /usr/share/nginx/html;
|
||||
location / {
|
||||
try_files $uri @wsgi;
|
||||
}
|
||||
location @wsgi {
|
||||
include uwsgi_params;
|
||||
#uwsgi_pass_request_headers off;
|
||||
uwsgi_store on;
|
||||
uwsgi_buffering on;
|
||||
uwsgi_pass 127.0.0.1:3031;
|
||||
}
|
||||
}
|
5
run.py
Normal file
5
run.py
Normal file
@ -0,0 +1,5 @@
|
||||
from werkzeug.middleware.proxy_fix import ProxyFix
|
||||
from mirrormanager2.app import create_app
|
||||
application = create_app()
|
||||
application.wsgi_app = ProxyFix(application.wsgi_app, x_proto=1, x_host=1)
|
||||
|
28
start-dev.sh
Normal file
28
start-dev.sh
Normal file
@ -0,0 +1,28 @@
|
||||
POD=mirrormanager2
|
||||
|
||||
podman pod exists $POD || podman pod create -p 5000:80 -n $POD
|
||||
|
||||
podman run \
|
||||
--pod $POD \
|
||||
--name nginx \
|
||||
--replace \
|
||||
-v $PWD/nginx.conf:/etc/nginx/conf.d/default.conf:ro \
|
||||
-d docker.io/library/nginx:1.13-alpine
|
||||
|
||||
test -d tmp || mkdir tmp
|
||||
test -f client_secrets.json || (echo "missing client_secrets" && exit 2)
|
||||
|
||||
podman run \
|
||||
--pod $POD \
|
||||
--name mm2 \
|
||||
--replace \
|
||||
-e 'MM2_CONFIG=/etc/mirrormanager/mirrormanager2.cfg' \
|
||||
-v $PWD/mirrormanager2.cfg:/etc/mirrormanager/mirrormanager2.cfg \
|
||||
-v $PWD/client_secrets.json:/etc/mirrormanager/client_secrets.json \
|
||||
-v $PWD/tmp:/var/tmp:rw \
|
||||
-d git.resf.org/infrastructure/mirrormanager2:latest
|
||||
|
||||
# Setup sqlite database
|
||||
echo "mirrormanager2 and nginx have been statred. You may need to run:"
|
||||
|
||||
echo "podman exec mm2 /usr/bin/python3 -m flask -A mirrormanager2.app db sync"
|
Loading…
Reference in New Issue
Block a user