init
This commit is contained in:
commit
6cb0a5509d
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
/tmp
|
||||||
|
/client_secrets.json
|
66
Containerfile
Normal file
66
Containerfile
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
# Stage 1: Build stage with necessary build dependencies
|
||||||
|
FROM quay.io/fedora/python-312:latest AS build-stage
|
||||||
|
LABEL \
|
||||||
|
name="python-312-with-rust" \
|
||||||
|
vendor="Fedora Infrastructure" \
|
||||||
|
license="MIT"
|
||||||
|
|
||||||
|
USER root
|
||||||
|
# Add RPM-only modules and build dependencies
|
||||||
|
RUN dnf install -y \
|
||||||
|
python3-pyrpmmd \
|
||||||
|
python3-poetry \
|
||||||
|
poetry \
|
||||||
|
cargo \
|
||||||
|
logrotate \
|
||||||
|
git \
|
||||||
|
gcc \
|
||||||
|
gcc-c++ \
|
||||||
|
libffi-devel \
|
||||||
|
openssl-devel
|
||||||
|
|
||||||
|
# Clone MirrorManager2 source code from the Git repo
|
||||||
|
RUN mkdir -p /opt/mirrormanager2
|
||||||
|
WORKDIR /opt/mirrormanager2
|
||||||
|
RUN git clone https://github.com/fedora-infra/mirrormanager2.git .
|
||||||
|
|
||||||
|
RUN pip install --prefix=/install .
|
||||||
|
|
||||||
|
# Stage 2: Final stage with runtime dependencies
|
||||||
|
FROM quay.io/fedora/python-312:latest
|
||||||
|
LABEL \
|
||||||
|
name="python-312-with-rust" \
|
||||||
|
vendor="Fedora Infrastructure" \
|
||||||
|
license="MIT"
|
||||||
|
|
||||||
|
USER root
|
||||||
|
# Add only runtime dependencies
|
||||||
|
RUN dnf install -y \
|
||||||
|
python3-pyrpmmd \
|
||||||
|
uwsgi \
|
||||||
|
uwsgi-plugin-python3 \
|
||||||
|
logrotate
|
||||||
|
|
||||||
|
# Copy installed dependencies from the build stage
|
||||||
|
COPY --from=build-stage /install /usr/
|
||||||
|
|
||||||
|
# Copy in the tree
|
||||||
|
#COPY --from=build-stage /opt/mirrormanager2 /opt/mirrormanager2
|
||||||
|
ADD run.py /opt/mirrormanager2/
|
||||||
|
|
||||||
|
# Set working directory
|
||||||
|
WORKDIR /opt/mirrormanager2
|
||||||
|
|
||||||
|
# Expose necessary ports
|
||||||
|
EXPOSE 5000
|
||||||
|
|
||||||
|
# Define entrypoint script to start the application
|
||||||
|
CMD [ "uwsgi", "--socket", "0.0.0.0:3031", \
|
||||||
|
"--uid", "uwsgi", \
|
||||||
|
"--plugins", "python3", \
|
||||||
|
"--protocol", "uwsgi", \
|
||||||
|
"--enable-threads", \
|
||||||
|
"--master", \
|
||||||
|
"-b", "65535", \
|
||||||
|
"--wsgi-file", "/opt/mirrormanager2/run.py" ]
|
||||||
|
|
225
mirrormanager2.cfg
Normal file
225
mirrormanager2.cfg
Normal file
@ -0,0 +1,225 @@
|
|||||||
|
'''
|
||||||
|
MirrorManager2 sample configuration.
|
||||||
|
'''
|
||||||
|
|
||||||
|
###
|
||||||
|
# Most important configuration items
|
||||||
|
###
|
||||||
|
|
||||||
|
|
||||||
|
# url to the database server:
|
||||||
|
SQLALCHEMY_DATABASE_URI = 'sqlite:////var/tmp/mirrormanager2_dev.sqlite'
|
||||||
|
|
||||||
|
# the number of items to display on the search pages
|
||||||
|
# Default: ``50``.
|
||||||
|
#ITEMS_PER_PAGE = 50
|
||||||
|
|
||||||
|
# secret key used to generate unique csrf token
|
||||||
|
SECRET_KEY = ""
|
||||||
|
|
||||||
|
# Seed used to make the password harder to brute force in case of leaking
|
||||||
|
# This should be kept really secret!
|
||||||
|
PASSWORD_SEED = ""
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
###
|
||||||
|
# Other configuration items for the web-app
|
||||||
|
###
|
||||||
|
|
||||||
|
|
||||||
|
# Set the time after which the session expires. Flask's default is 31 days.
|
||||||
|
# Default: ``timedelta(hours=1)`` corresponds to 1 hour.
|
||||||
|
#from datetime import timedelta
|
||||||
|
#PERMANENT_SESSION_LIFETIME = timedelta(hours=1)
|
||||||
|
|
||||||
|
# Folder containing the theme to use.
|
||||||
|
# Default: ``fedora``.
|
||||||
|
#THEME_FOLDER = "fedora"
|
||||||
|
|
||||||
|
# Which authentication method to use, defaults to `fas` can be or `local`
|
||||||
|
# Default: ``fas``.
|
||||||
|
# Note that this previously used openid, now it uses openid connect oidc
|
||||||
|
#MM_AUTHENTICATION = "fas"
|
||||||
|
|
||||||
|
OIDC_CLIENT_SECRETS = "/etc/mirrormanager/client_secrets.json"
|
||||||
|
|
||||||
|
# If the authentication method is `fas`, groups in which should be the user
|
||||||
|
# to be recognized as an admin.
|
||||||
|
#ADMIN_GROUP = ["sysadmin-main"]
|
||||||
|
|
||||||
|
# Email of the admin to which send notification or error
|
||||||
|
ADMIN_EMAIL = "admin@fedoraproject.org"
|
||||||
|
|
||||||
|
# Email address used in the "From" field of the emails sent.
|
||||||
|
# Default: ``nobody@fedoraproject.org``.
|
||||||
|
#EMAIL_FROM = "nobody@fedoraproject.org"
|
||||||
|
|
||||||
|
# SMTP server to use,
|
||||||
|
# Default: ``localhost``.
|
||||||
|
#SMTP_SERVER = "localhost"
|
||||||
|
|
||||||
|
# If the SMTP server requires authentication, fill in the information here
|
||||||
|
# SMTP_USERNAME = 'username'
|
||||||
|
# SMTP_PASSWORD = 'password'
|
||||||
|
|
||||||
|
# Countries which have to be excluded.
|
||||||
|
#EMBARGOED_COUNTRIES = ["CU", "IR", "KP", "SD", "SY"]
|
||||||
|
|
||||||
|
# When this is set to True, an additional menu item is shown which
|
||||||
|
# displays the maps generated with mm2_generate-worldmap.
|
||||||
|
#SHOW_MAPS = True
|
||||||
|
|
||||||
|
# Location of the static map displayed in the map tab.
|
||||||
|
#STATIC_MAP = "map.png"
|
||||||
|
|
||||||
|
# Location of the interactive openstreetmap based map.
|
||||||
|
#INTERACTIVE_MAP = "mirrors.html"
|
||||||
|
|
||||||
|
# The crawler can generate propagation statistics which can be
|
||||||
|
# converted into svg/pdf with mm2_propagation. These files
|
||||||
|
# can be displayed next to the statistics and maps tab if desired.
|
||||||
|
#SHOW_PROPAGATION = True
|
||||||
|
|
||||||
|
# Where to look for the above mentioned propagation images.
|
||||||
|
#PROPAGATION_BASE = "/var/lib/mirrormanager/statistics/data/propagation"
|
||||||
|
|
||||||
|
# Where the GeoIP database lives
|
||||||
|
#GEOIP_BASE = "/usr/share/GeoIP"
|
||||||
|
|
||||||
|
# Disable master rsync server ACL
|
||||||
|
# Fedora does not use it and therefore it is set to False
|
||||||
|
#MASTER_RSYNC_ACL = False
|
||||||
|
|
||||||
|
# When this is set to True, the session cookie will only be returned to the
|
||||||
|
# server via ssl (https). If you connect to the server via plain http, the
|
||||||
|
# cookie will not be sent. This prevents sniffing of the cookie contents.
|
||||||
|
# This may be set to False when testing your application but should always
|
||||||
|
# be set to True in production.
|
||||||
|
# Default: ``True``.
|
||||||
|
#MM_COOKIE_REQUIRES_HTTPS = True
|
||||||
|
|
||||||
|
# The name of the cookie used to store the session id.
|
||||||
|
# Default: ``.MirrorManager``.
|
||||||
|
#MM_COOKIE_NAME = "MirrorManager"
|
||||||
|
|
||||||
|
# If this variable is set (and the directory exists) the crawler
|
||||||
|
# will create per host log files in MM_LOG_DIR/crawler/<hostid>.log
|
||||||
|
# which can the be used in the web interface by the mirror admins.
|
||||||
|
# Other parts besides the crawler are also using this variable to
|
||||||
|
# decide where to store log files.
|
||||||
|
#MM_LOG_DIR = "/var/log/mirrormanager"
|
||||||
|
|
||||||
|
# This is used to exclude certain protocols to be entered
|
||||||
|
# for host category URLs at all.
|
||||||
|
# The following is the default for Fedora to exclude FTP based
|
||||||
|
# mirrors to be added. Removing this confguration option
|
||||||
|
# or setting it to "" removes any protocol restrictions.
|
||||||
|
#MM_PROTOCOL_REGEX = "^(?!ftp)(.*)$"
|
||||||
|
|
||||||
|
# The netblock size parameters define which netblock sizes can be
|
||||||
|
# added by a site administrator. Larger networks can only be added by
|
||||||
|
# mirrormanager admins.
|
||||||
|
#MM_IPV4_NETBLOCK_SIZE = "/16"
|
||||||
|
#MM_IPV6_NETBLOCK_SIZE = "/32"
|
||||||
|
|
||||||
|
# If not specified the application will rely on the root_url when sending
|
||||||
|
# emails, otherwise it will use this URL
|
||||||
|
# Default: ``None``.
|
||||||
|
#APPLICATION_URL = None
|
||||||
|
|
||||||
|
# Boolean specifying wether to check the user's IP address when retrieving
|
||||||
|
# its session. This make things more secure (thus is on by default) but
|
||||||
|
# under certain setup it might not work (for example is there are proxies
|
||||||
|
# in front of the application).
|
||||||
|
#CHECK_SESSION_IP = True
|
||||||
|
|
||||||
|
# Specify additional rsync parameters for the crawler
|
||||||
|
# # --timeout 14400: abort rsync crawl after 4 hours
|
||||||
|
# # --no-human-readable: because rsync made things pretty by default in 3.1.x
|
||||||
|
#CRAWLER_RSYNC_PARAMETERS = "--no-motd"
|
||||||
|
|
||||||
|
# This is a list of directories which MirrorManager will ignore while guessing
|
||||||
|
# the version and architecture from a path.
|
||||||
|
#SKIP_PATHS_FOR_VERSION = []
|
||||||
|
|
||||||
|
###
|
||||||
|
# Configuration options used by the utilities
|
||||||
|
###
|
||||||
|
|
||||||
|
# Specify whether the crawler should send a report by email
|
||||||
|
CRAWLER_SEND_EMAIL = True
|
||||||
|
|
||||||
|
# Specify additional rsync parameters for the crawler
|
||||||
|
# --timeout 14400: abort rsync crawl after 4 hours
|
||||||
|
# Depending on the setup and the crawler frequency rsync's timeout option
|
||||||
|
# can be used decrease the probability of stale rsync processes
|
||||||
|
#CRAWLER_RSYNC_PARAMETERS = "--no-motd --timeout 14400"
|
||||||
|
|
||||||
|
# If a host fails for CRAWLER_AUTO_DISABLE times in a row
|
||||||
|
# the host will be disable automatically (user_active)
|
||||||
|
#CRAWLER_AUTO_DISABLE = 4
|
||||||
|
|
||||||
|
# This is a list of directories which MirrorManager will ignore while guessing
|
||||||
|
# the version and architecture from a path.
|
||||||
|
#SKIP_PATHS_FOR_VERSION = ["pub/alt"]
|
||||||
|
|
||||||
|
# Whether to use Fedora Messaging for notifications
|
||||||
|
#USE_FEDORA_MESSAGING = True
|
||||||
|
|
||||||
|
UMDL_PREFIX = "/srv/"
|
||||||
|
|
||||||
|
UMDL_MASTER_DIRECTORIES = [
|
||||||
|
{
|
||||||
|
'type': 'directory',
|
||||||
|
'path': '../testdata/pub/epel/',
|
||||||
|
'category': 'Fedora EPEL'
|
||||||
|
},
|
||||||
|
{
|
||||||
|
'type': 'directory',
|
||||||
|
'path': '../testdata/pub/fedora/linux/',
|
||||||
|
'category': 'Fedora Linux'
|
||||||
|
},
|
||||||
|
{
|
||||||
|
'type': 'directory',
|
||||||
|
'path': '../testdata/pub/fedora-secondary/',
|
||||||
|
'category': 'Fedora Secondary Arches'
|
||||||
|
},
|
||||||
|
{
|
||||||
|
'type': 'directory',
|
||||||
|
'path': '../testdata/pub/archive/',
|
||||||
|
'category': 'Fedora Archive'
|
||||||
|
},
|
||||||
|
{
|
||||||
|
'type': 'directory',
|
||||||
|
'path': '../testdata/pub/alt/',
|
||||||
|
'category': 'Fedora Other'
|
||||||
|
},
|
||||||
|
# {
|
||||||
|
# 'type':'directory',
|
||||||
|
# 'path':'../testdata/pub/fedora/linux/',
|
||||||
|
# 'category':'Fedora Linux',
|
||||||
|
# 'excludes':['.*/core/?.*', '.*/extras/?.*', '.*/[7-8]/?.*' ]
|
||||||
|
# },
|
||||||
|
# {
|
||||||
|
# 'type':'rsync',
|
||||||
|
# 'url':'rsync://archive.ubuntu.com/ubuntu/',
|
||||||
|
# 'category':'Ubuntu Archive'
|
||||||
|
# },
|
||||||
|
# {
|
||||||
|
# 'type':'rsync',
|
||||||
|
# 'url':'rsync://releases.ubuntu.com/releases/',
|
||||||
|
# 'category':'Ubuntu CD Images'
|
||||||
|
# },
|
||||||
|
# {
|
||||||
|
# 'type':'rsync',
|
||||||
|
# 'url':'rsync://ports.ubuntu.com/ubuntu-ports/',
|
||||||
|
# 'category':'Ubuntu Ports Archive'
|
||||||
|
# },
|
||||||
|
# {
|
||||||
|
# 'type':'rsync',
|
||||||
|
# 'url':'rsync://security.ubuntu.com/ubuntu/',
|
||||||
|
# 'category':'Ubuntu Security Archive'
|
||||||
|
# },
|
||||||
|
]
|
||||||
|
|
14
nginx.conf
Normal file
14
nginx.conf
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
root /usr/share/nginx/html;
|
||||||
|
location / {
|
||||||
|
try_files $uri @wsgi;
|
||||||
|
}
|
||||||
|
location @wsgi {
|
||||||
|
include uwsgi_params;
|
||||||
|
#uwsgi_pass_request_headers off;
|
||||||
|
uwsgi_store on;
|
||||||
|
uwsgi_buffering on;
|
||||||
|
uwsgi_pass 127.0.0.1:3031;
|
||||||
|
}
|
||||||
|
}
|
5
run.py
Normal file
5
run.py
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
from werkzeug.middleware.proxy_fix import ProxyFix
|
||||||
|
from mirrormanager2.app import create_app
|
||||||
|
application = create_app()
|
||||||
|
application.wsgi_app = ProxyFix(application.wsgi_app, x_proto=1, x_host=1)
|
||||||
|
|
28
start-dev.sh
Normal file
28
start-dev.sh
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
POD=mirrormanager2
|
||||||
|
|
||||||
|
podman pod exists $POD || podman pod create -p 5000:80 -n $POD
|
||||||
|
|
||||||
|
podman run \
|
||||||
|
--pod $POD \
|
||||||
|
--name nginx \
|
||||||
|
--replace \
|
||||||
|
-v $PWD/nginx.conf:/etc/nginx/conf.d/default.conf:ro \
|
||||||
|
-d docker.io/library/nginx:1.13-alpine
|
||||||
|
|
||||||
|
test -d tmp || mkdir tmp
|
||||||
|
test -f client_secrets.json || (echo "missing client_secrets" && exit 2)
|
||||||
|
|
||||||
|
podman run \
|
||||||
|
--pod $POD \
|
||||||
|
--name mm2 \
|
||||||
|
--replace \
|
||||||
|
-e 'MM2_CONFIG=/etc/mirrormanager/mirrormanager2.cfg' \
|
||||||
|
-v $PWD/mirrormanager2.cfg:/etc/mirrormanager/mirrormanager2.cfg \
|
||||||
|
-v $PWD/client_secrets.json:/etc/mirrormanager/client_secrets.json \
|
||||||
|
-v $PWD/tmp:/var/tmp:rw \
|
||||||
|
-d git.resf.org/infrastructure/mirrormanager2:latest
|
||||||
|
|
||||||
|
# Setup sqlite database
|
||||||
|
echo "mirrormanager2 and nginx have been statred. You may need to run:"
|
||||||
|
|
||||||
|
echo "podman exec mm2 /usr/bin/python3 -m flask -A mirrormanager2.app db sync"
|
Loading…
Reference in New Issue
Block a user