fix: use rocky group, cleanup
This commit is contained in:
parent
8ffe1ad7e1
commit
e009155a72
@ -24,6 +24,7 @@ RUN mkdir -p /opt/mirrormanager2
|
|||||||
WORKDIR /opt/mirrormanager2
|
WORKDIR /opt/mirrormanager2
|
||||||
RUN git clone https://github.com/fedora-infra/mirrormanager2.git .
|
RUN git clone https://github.com/fedora-infra/mirrormanager2.git .
|
||||||
|
|
||||||
|
RUN sed -e 's/signed_fpca/signed_rosca/' -i mirrormanager2/perms.py mirrormanager2/auth.py
|
||||||
RUN pip install --prefix=/install .
|
RUN pip install --prefix=/install .
|
||||||
|
|
||||||
# Stage 2: Final stage with runtime dependencies
|
# Stage 2: Final stage with runtime dependencies
|
||||||
|
@ -44,13 +44,22 @@ THEME_FOLDER = os.environ.get('MM2_THEME_FOLDER', 'fedora')
|
|||||||
#MM_AUTHENTICATION = "fas"
|
#MM_AUTHENTICATION = "fas"
|
||||||
|
|
||||||
OIDC_CLIENT_SECRETS = "/etc/mirrormanager/client_secrets.json"
|
OIDC_CLIENT_SECRETS = "/etc/mirrormanager/client_secrets.json"
|
||||||
|
OIDC_SCOPES = " ".join(
|
||||||
|
[
|
||||||
|
"openid",
|
||||||
|
"email",
|
||||||
|
"profile",
|
||||||
|
"https://id.fedoraproject.org/scope/groups",
|
||||||
|
"https://id.fedoraproject.org/scope/agreements",
|
||||||
|
]
|
||||||
|
)
|
||||||
|
|
||||||
# If the authentication method is `fas`, groups in which should be the user
|
# If the authentication method is `fas`, groups in which should be the user
|
||||||
# to be recognized as an admin.
|
# to be recognized as an admin.
|
||||||
#ADMIN_GROUP = ["sysadmin-main"]
|
ADMIN_GROUP = ["infrastructure"]
|
||||||
|
|
||||||
# Email of the admin to which send notification or error
|
# Email of the admin to which send notification or error
|
||||||
ADMIN_EMAIL = "admin@fedoraproject.org"
|
ADMIN_EMAIL = "infrastructure@rockylinux.org"
|
||||||
|
|
||||||
# Email address used in the "From" field of the emails sent.
|
# Email address used in the "From" field of the emails sent.
|
||||||
# Default: ``nobody@fedoraproject.org``.
|
# Default: ``nobody@fedoraproject.org``.
|
||||||
|
8
run.py
8
run.py
@ -1,5 +1,13 @@
|
|||||||
from werkzeug.middleware.proxy_fix import ProxyFix
|
from werkzeug.middleware.proxy_fix import ProxyFix
|
||||||
from mirrormanager2.app import create_app
|
from mirrormanager2.app import create_app
|
||||||
|
from flask_session import Session
|
||||||
|
from cachelib.file import FileSystemCache
|
||||||
|
import os
|
||||||
|
|
||||||
application = create_app()
|
application = create_app()
|
||||||
|
application.debug = os.environ.get("MM2_DEBUG", False)
|
||||||
|
application.config['SESSION_TYPE'] = "cachelib"
|
||||||
|
application.config['SESSION_CACHELIB'] = FileSystemCache(cache_dir='/tmp/sessions', threshold=500)
|
||||||
|
Session(application)
|
||||||
application.wsgi_app = ProxyFix(application.wsgi_app, x_proto=1, x_host=1)
|
application.wsgi_app = ProxyFix(application.wsgi_app, x_proto=1, x_host=1)
|
||||||
|
|
||||||
|
@ -2,13 +2,6 @@ POD=mirrormanager2
|
|||||||
|
|
||||||
podman pod exists $POD || podman pod create -p 5000:5000 -n $POD
|
podman pod exists $POD || podman pod create -p 5000:5000 -n $POD
|
||||||
|
|
||||||
#podman run \
|
|
||||||
# --pod $POD \
|
|
||||||
# --name nginx \
|
|
||||||
# --replace \
|
|
||||||
# -v $PWD/nginx.conf:/etc/nginx/conf.d/default.conf:ro \
|
|
||||||
# -d docker.io/library/nginx:1.13-alpine
|
|
||||||
|
|
||||||
test -d tmp || mkdir tmp
|
test -d tmp || mkdir tmp
|
||||||
test -f client_secrets.json || (echo "missing client_secrets" && exit 2)
|
test -f client_secrets.json || (echo "missing client_secrets" && exit 2)
|
||||||
|
|
||||||
@ -22,6 +15,8 @@ podman run \
|
|||||||
-e "MM2_SECRET_KEY=$(openssl rand -hex 32)" \
|
-e "MM2_SECRET_KEY=$(openssl rand -hex 32)" \
|
||||||
-e "MM2_PASSWORD_SEED=$(openssl rand -hex 32)" \
|
-e "MM2_PASSWORD_SEED=$(openssl rand -hex 32)" \
|
||||||
-e 'MM2_THEME_FOLDER=rocky' \
|
-e 'MM2_THEME_FOLDER=rocky' \
|
||||||
|
-e 'FLASK_DEBUG=1' \
|
||||||
|
-e 'MM2_DEBUG=1' \
|
||||||
-v $PWD/mirrormanager2.cfg:/etc/mirrormanager/mirrormanager2.cfg \
|
-v $PWD/mirrormanager2.cfg:/etc/mirrormanager/mirrormanager2.cfg \
|
||||||
-v $PWD/client_secrets.json:/etc/mirrormanager/client_secrets.json \
|
-v $PWD/client_secrets.json:/etc/mirrormanager/client_secrets.json \
|
||||||
-v $PWD/tmp:/var/tmp:rw \
|
-v $PWD/tmp:/var/tmp:rw \
|
||||||
|
Loading…
Reference in New Issue
Block a user