fix: use rocky group, cleanup
This commit is contained in:
parent
8ffe1ad7e1
commit
e009155a72
4 changed files with 22 additions and 9 deletions
|
@ -24,6 +24,7 @@ RUN mkdir -p /opt/mirrormanager2
|
|||
WORKDIR /opt/mirrormanager2
|
||||
RUN git clone https://github.com/fedora-infra/mirrormanager2.git .
|
||||
|
||||
RUN sed -e 's/signed_fpca/signed_rosca/' -i mirrormanager2/perms.py mirrormanager2/auth.py
|
||||
RUN pip install --prefix=/install .
|
||||
|
||||
# Stage 2: Final stage with runtime dependencies
|
||||
|
|
|
@ -44,13 +44,22 @@ THEME_FOLDER = os.environ.get('MM2_THEME_FOLDER', 'fedora')
|
|||
#MM_AUTHENTICATION = "fas"
|
||||
|
||||
OIDC_CLIENT_SECRETS = "/etc/mirrormanager/client_secrets.json"
|
||||
OIDC_SCOPES = " ".join(
|
||||
[
|
||||
"openid",
|
||||
"email",
|
||||
"profile",
|
||||
"https://id.fedoraproject.org/scope/groups",
|
||||
"https://id.fedoraproject.org/scope/agreements",
|
||||
]
|
||||
)
|
||||
|
||||
# If the authentication method is `fas`, groups in which should be the user
|
||||
# to be recognized as an admin.
|
||||
#ADMIN_GROUP = ["sysadmin-main"]
|
||||
ADMIN_GROUP = ["infrastructure"]
|
||||
|
||||
# Email of the admin to which send notification or error
|
||||
ADMIN_EMAIL = "admin@fedoraproject.org"
|
||||
ADMIN_EMAIL = "infrastructure@rockylinux.org"
|
||||
|
||||
# Email address used in the "From" field of the emails sent.
|
||||
# Default: ``nobody@fedoraproject.org``.
|
||||
|
|
8
run.py
8
run.py
|
@ -1,5 +1,13 @@
|
|||
from werkzeug.middleware.proxy_fix import ProxyFix
|
||||
from mirrormanager2.app import create_app
|
||||
from flask_session import Session
|
||||
from cachelib.file import FileSystemCache
|
||||
import os
|
||||
|
||||
application = create_app()
|
||||
application.debug = os.environ.get("MM2_DEBUG", False)
|
||||
application.config['SESSION_TYPE'] = "cachelib"
|
||||
application.config['SESSION_CACHELIB'] = FileSystemCache(cache_dir='/tmp/sessions', threshold=500)
|
||||
Session(application)
|
||||
application.wsgi_app = ProxyFix(application.wsgi_app, x_proto=1, x_host=1)
|
||||
|
||||
|
|
|
@ -2,13 +2,6 @@ POD=mirrormanager2
|
|||
|
||||
podman pod exists $POD || podman pod create -p 5000:5000 -n $POD
|
||||
|
||||
#podman run \
|
||||
# --pod $POD \
|
||||
# --name nginx \
|
||||
# --replace \
|
||||
# -v $PWD/nginx.conf:/etc/nginx/conf.d/default.conf:ro \
|
||||
# -d docker.io/library/nginx:1.13-alpine
|
||||
|
||||
test -d tmp || mkdir tmp
|
||||
test -f client_secrets.json || (echo "missing client_secrets" && exit 2)
|
||||
|
||||
|
@ -22,6 +15,8 @@ podman run \
|
|||
-e "MM2_SECRET_KEY=$(openssl rand -hex 32)" \
|
||||
-e "MM2_PASSWORD_SEED=$(openssl rand -hex 32)" \
|
||||
-e 'MM2_THEME_FOLDER=rocky' \
|
||||
-e 'FLASK_DEBUG=1' \
|
||||
-e 'MM2_DEBUG=1' \
|
||||
-v $PWD/mirrormanager2.cfg:/etc/mirrormanager/mirrormanager2.cfg \
|
||||
-v $PWD/client_secrets.json:/etc/mirrormanager/client_secrets.json \
|
||||
-v $PWD/tmp:/var/tmp:rw \
|
||||
|
|
Loading…
Reference in a new issue