summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKarl MacMillan <kmacmill@redhat.com>2007-09-28 16:46:12 -0400
committerKarl MacMillan <kmacmill@redhat.com>2007-09-28 16:46:12 -0400
commit679343594d86d57c85d1a6bb5333c83ca8bacd78 (patch)
tree38bdfb23b5e561863c8c09f03abb9ee053a5ff92
parent50d12d6d2e680d32a5940afa0242c2c75df57d1f (diff)
downloadfreeipa-679343594d86d57c85d1a6bb5333c83ca8bacd78.tar.gz
freeipa-679343594d86d57c85d1a6bb5333c83ca8bacd78.tar.xz
freeipa-679343594d86d57c85d1a6bb5333c83ca8bacd78.zip
Install the web gui
Install the turbogears web gui including an init script. This patch includes a few related changes: * create a production configuration * rename the web gui startup scrip to ipa-webgui * add an init script * chkconfig on the ipa-webgui init script * make the start script properly daemonize the app when not in a development directory. * Install everything to the correct places (/usr/sbin/ipa-webgui and /usr/share/ipa/ipagui mainly). There are some things still left to do: * Sort out the logging - the config needs to be adjusted so that logging messages end up in /var/log.
-rw-r--r--ipa-python/ipaclient.py3
-rw-r--r--ipa-server/Makefile2
-rwxr-xr-xipa-server/freeipa-server.spec7
-rw-r--r--ipa-server/freeipa-server.spec.in7
-rw-r--r--ipa-server/ipa-gui/Makefile39
-rw-r--r--ipa-server/ipa-gui/ipa-webgui99
-rw-r--r--ipa-server/ipa-gui/ipa-webgui.cfg97
-rw-r--r--ipa-server/ipa-gui/ipa-webgui.init71
-rw-r--r--ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt2
-rw-r--r--ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt2
-rw-r--r--ipa-server/ipa-gui/sample-prod.cfg45
-rw-r--r--ipa-server/ipa-gui/setup.py20
-rw-r--r--ipa-server/ipa-gui/start-ipagui.py25
-rw-r--r--ipa-server/ipa-install/ipa-server-install8
14 files changed, 350 insertions, 77 deletions
diff --git a/ipa-python/ipaclient.py b/ipa-python/ipaclient.py
index 97792fdd1..c653e0fa1 100644
--- a/ipa-python/ipaclient.py
+++ b/ipa-python/ipaclient.py
@@ -21,7 +21,8 @@
#!/usr/bin/python
import sys
-sys.path.append("/usr/share/ipa")
+if "/usr/share/ipa" not in sys.path:
+ sys.path.append("/usr/share/ipa")
from ipaserver import funcs
import ipa.rpcclient as rpcclient
diff --git a/ipa-server/Makefile b/ipa-server/Makefile
index 5ca5caf71..4b1fe14bc 100644
--- a/ipa-server/Makefile
+++ b/ipa-server/Makefile
@@ -1,4 +1,4 @@
-SUBDIRS=ipa-install xmlrpc-server ipa-kpasswd ipa-slapi-plugins
+SUBDIRS=ipa-install xmlrpc-server ipa-kpasswd ipa-slapi-plugins ipa-gui
SHAREDIR=$(DESTDIR)/usr/share/ipa
PYTHONDIR=$(SHAREDIR)/ipaserver
diff --git a/ipa-server/freeipa-server.spec b/ipa-server/freeipa-server.spec
index be16796e1..2cfd32742 100755
--- a/ipa-server/freeipa-server.spec
+++ b/ipa-server/freeipa-server.spec
@@ -1,6 +1,6 @@
Name: freeipa-server
Version: 0.4.0
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: FreeIPA authentication server
Group: System Environment/Base
@@ -42,7 +42,9 @@ rm -rf %{buildroot}
%defattr(-,root,root,-)
%{_sbindir}/ipa-server-install
%{_sbindir}/ipa_kpasswd
+%{_sbindir}/ipa-webgui
%attr(755,root,root) %{_initrddir}/ipa-kpasswd
+%attr(755,root,root) %{_initrddir}/ipa-webgui
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/*
@@ -53,6 +55,9 @@ rm -rf %{buildroot}
%changelog
+* Tue Sep 25 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-2
+- Package ipa-webgui
+
* Fri Sep 7 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
- Added support for libipa-dna-plugin
diff --git a/ipa-server/freeipa-server.spec.in b/ipa-server/freeipa-server.spec.in
index ac44e6d9a..dbae4fedd 100644
--- a/ipa-server/freeipa-server.spec.in
+++ b/ipa-server/freeipa-server.spec.in
@@ -1,6 +1,6 @@
Name: freeipa-server
Version: VERSION
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: FreeIPA authentication server
Group: System Environment/Base
@@ -42,7 +42,9 @@ rm -rf %{buildroot}
%defattr(-,root,root,-)
%{_sbindir}/ipa-server-install
%{_sbindir}/ipa_kpasswd
+%{_sbindir}/ipa-webgui
%attr(755,root,root) %{_initrddir}/ipa-kpasswd
+%attr(755,root,root) %{_initrddir}/ipa-webgui
%dir %{_usr}/share/ipa
%{_usr}/share/ipa/*
@@ -53,6 +55,9 @@ rm -rf %{buildroot}
%changelog
+* Tue Sep 25 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-2
+- Package ipa-webgui
+
* Fri Sep 7 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
- Added support for libipa-dna-plugin
diff --git a/ipa-server/ipa-gui/Makefile b/ipa-server/ipa-gui/Makefile
new file mode 100644
index 000000000..ba641d282
--- /dev/null
+++ b/ipa-server/ipa-gui/Makefile
@@ -0,0 +1,39 @@
+SHAREDIR=$(DESTDIR)/usr/share/ipa
+SBINDIR=$(DESTDIR)/usr/sbin
+INITDIR = $(DESTDIR)/etc/rc.d/init.d
+
+IPAGUI_SUBDIRS=config forms helpers templates
+STATIC_SUBDIRS=css images javascript
+
+all: ;
+
+install:
+ -mkdir -p $(SHAREDIR)/ipagui
+ install -m 644 ipagui/*.py $(SHAREDIR)/ipagui
+
+ -mkdir -p $(SHAREDIR)/ipa_gui.egg-info
+ install -m 644 ipa_gui.egg-info/* $(SHAREDIR)/ipa_gui.egg-info
+
+ @for subdir in $(IPAGUI_SUBDIRS); do \
+ mkdir -p $(SHAREDIR)/ipagui/$$subdir; \
+ install -m 644 ipagui/$$subdir/*.py $(SHAREDIR)/ipagui/$$subdir; \
+ done
+
+ install -m 644 ipagui/config/*.cfg $(SHAREDIR)/ipagui/config
+
+ -mkdir -p $(SHAREDIR)/ipagui/static
+ @for subdir in $(STATIC_SUBDIRS); do \
+ mkdir -p $(SHAREDIR)/ipagui/static/$$subdir; \
+ install -m 644 ipagui/static/$$subdir/* $(SHAREDIR)/ipagui/static/$$subdir; \
+ done
+
+ install -m 644 ipa-webgui.cfg $(SHAREDIR)
+
+ install -m 755 ipa-webgui $(SBINDIR)
+
+ -mkdir -p $(INITDIR)
+ install -m 755 ipa-webgui.init $(INITDIR)/ipa-webgui
+
+clean:
+ find . -name "*.pyc" -exec rm -f {} \;
+ find . -name "*~" -exec rm -f {} \;
diff --git a/ipa-server/ipa-gui/ipa-webgui b/ipa-server/ipa-gui/ipa-webgui
new file mode 100644
index 000000000..9adb5fad1
--- /dev/null
+++ b/ipa-server/ipa-gui/ipa-webgui
@@ -0,0 +1,99 @@
+#! /usr/bin/python -E
+#
+# Copyright (C) 2007 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import os, sys
+
+def daemonize():
+ pid = os.fork()
+ if pid != 0:
+ os._exit(0)
+ # become session leader
+ os.setsid()
+
+ # fork again to reparent to init
+ pid = os.fork()
+ if pid != 0:
+ os._exit(0)
+
+ os.chdir("/")
+ os.umask(0)
+
+ import resource
+ maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1]
+ if (maxfd == resource.RLIM_INFINITY):
+ maxfd = 1024
+
+ # close all file descriptors
+ for fd in range(0, maxfd):
+ try:
+ os.close(fd)
+ except OSError:
+ pass
+
+ # stdin
+ os.open("/dev/null", os.O_RDWR)
+ # stdout
+ os.open("/dev/null", os.O_RDWR)
+ # stderr
+ os.open("/dev/null", os.O_RDWR)
+
+# To make development easier, we detect if we are in the development
+# environment to load a different configuration and avoid becoming
+# a daemon
+devel = False
+if os.path.exists(os.path.join(os.path.dirname(__file__), "Makefile")):
+ devel = True
+
+if not devel:
+ sys.path.append("/usr/share/ipa/")
+
+# this must be after sys.path is changed to work correctly
+import pkg_resources
+pkg_resources.require("TurboGears")
+pkg_resources.require("ipa_gui")
+
+
+from turbogears import update_config, start_server
+import cherrypy
+cherrypy.lowercase_api = True
+
+# Load the config - look for a local file first for development
+# and then the system config file
+if devel:
+ update_config(configfile="dev.cfg",
+ modulename="ipagui.config")
+else:
+ update_config(configfile="/usr/share/ipa/ipa-webgui.cfg",
+ modulename="ipagui.config.app")
+
+from ipagui.controllers import Root
+
+if not devel:
+ try:
+ daemonize()
+ except Exception, e:
+ sys.stderr.write("error becoming daemon: " + str(e))
+ sys.exit(1)
+
+start_server(Root())
+
+
+
+
+
diff --git a/ipa-server/ipa-gui/ipa-webgui.cfg b/ipa-server/ipa-gui/ipa-webgui.cfg
new file mode 100644
index 000000000..7970ab86b
--- /dev/null
+++ b/ipa-server/ipa-gui/ipa-webgui.cfg
@@ -0,0 +1,97 @@
+[global]
+# DATABASE
+
+# no database for ipa-webgui since everything is stored in LDAP
+
+# IDENTITY
+
+# Our our sqlobject-derived proxy provider
+identity.provider='proxyprovider'
+
+# the first thing checked on any request. We want to short-circuit this
+# as early as possible
+identity.source = 'visit'
+
+# Turn on identity and visit (visit is required for identity)
+identity.on=True
+identity.failure_url="/loginfailed"
+visit.on=True
+visit.manager='proxyvisit'
+
+# SERVER
+
+server.environment="production"
+autoreload.package="ipagui"
+autoreload.on = False
+
+# Sets the number of threads the server uses
+server.thread_pool = 10
+
+# if this is part of a larger site, you can set the path
+# to the TurboGears instance here
+# server.webpath=""
+
+# Set to True if you are deploying your App behind a proxy
+# e.g. Apache using mod_proxy
+# base_url_filter.on = False
+
+# Set to True if your proxy adds the x_forwarded_host header
+# base_url_filter.use_x_forwarded_host = True
+
+# If your proxy does not add the x_forwarded_host header, set
+# the following to the *public* host url.
+# (Note: This will be overridden by the use_x_forwarded_host option
+# if it is set to True and the proxy adds the header correctly.
+# base_url_filter.base_url = "http://www.example.com"
+
+# Set to True if you'd like to abort execution if a controller gets an
+# unexpected parameter. False by default
+# tg.strict_parameters = False
+
+# LOGGING
+# Logging configuration generally follows the style of the standard
+# Python logging module configuration. Note that when specifying
+# log format messages, you need to use *() for formatting variables.
+# Deployment independent log configuration is in ipagui/config/log.cfg
+[logging]
+
+[[formatters]]
+[[[message_only]]]
+format='*(message)s'
+
+[[[full_content]]]
+format='*(asctime)s *(name)s *(levelname)s *(message)s'
+
+[[handlers]]
+[[[debug_out]]]
+class='StreamHandler'
+level='DEBUG'
+args='(sys.stdout,)'
+formatter='full_content'
+
+[[[access_out]]]
+class='StreamHandler'
+level='INFO'
+args='(sys.stdout,)'
+formatter='message_only'
+
+[[[error_out]]]
+class='StreamHandler'
+level='ERROR'
+args='(sys.stdout,)'
+
+[[loggers]]
+[[[ipagui]]]
+level='DEBUG'
+qualname='ipagui'
+handlers=['debug_out']
+
+[[[allinfo]]]
+level='INFO'
+handlers=['debug_out']
+
+[[[access]]]
+level='INFO'
+qualname='turbogears.access'
+handlers=['access_out']
+propagate=0
diff --git a/ipa-server/ipa-gui/ipa-webgui.init b/ipa-server/ipa-gui/ipa-webgui.init
new file mode 100644
index 000000000..5bb0a5581
--- /dev/null
+++ b/ipa-server/ipa-gui/ipa-webgui.init
@@ -0,0 +1,71 @@
+#!/bin/sh
+#
+# ipa-webgui This starts and stops ipa-webgui
+#
+# chkconfig: - 36 64
+# description: ipa-webgui IPA Web User Interface
+# processname: /usr/sbin/ipa-webgui
+# configdir: /etc/sysconfig/ipa-webgui
+#
+
+# Source function library.
+if [ -f /etc/rc.d/init.d/functions ] ; then
+. /etc/rc.d/init.d/functions
+fi
+# Source networking configuration.
+if [ -f /etc/sysconfig/network ] ; then
+. /etc/sysconfig/network
+fi
+
+# Check that networking is up.
+if [ "${NETWORKING}" = "no" ]
+then
+ echo "Networking is down"
+ exit 0
+fi
+
+NAME="ipa-webgui"
+
+start() {
+ echo -n $"Starting $NAME: "
+ daemon $NAME
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME || \
+ RETVAL=1
+ return $RETVAL
+}
+
+stop() {
+ echo -n $"Shutting down $NAME: "
+ killproc $NAME
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME
+ return $RETVAL
+}
+
+restart() {
+ stop
+ start
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ restart
+ ;;
+ condrestart)
+ [ -f /var/lock/subsys/$NAME ] && restart || :
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|condrestart}"
+ exit 2
+esac
+
+exit $?
diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt
index 3bd848243..be2f02063 100644
--- a/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt
+++ b/ipa-server/ipa-gui/ipa_gui.egg-info/SOURCES.txt
@@ -1,4 +1,5 @@
README.txt
+ipa-webgui
setup.py
start-ipagui.py
ipa_gui.egg-info/PKG-INFO
@@ -19,6 +20,7 @@ ipagui/proxyvisit.py
ipagui/release.py
ipagui/config/__init__.py
ipagui/forms/__init__.py
+ipagui/forms/group.py
ipagui/forms/user.py
ipagui/helpers/__init__.py
ipagui/helpers/userhelper.py
diff --git a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt b/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt
index 22c35bfdb..baecc2cef 100644
--- a/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt
+++ b/ipa-server/ipa-gui/ipa_gui.egg-info/entry_points.txt
@@ -1,6 +1,6 @@
[turbogears.identity.provider]
proxyprovider = ipagui.proxyprovider:ProxyIdentityProvider
-
[turbogears.visit.manager]
proxyvisit = ipagui.proxyvisit:ProxyVisitManager
+ \ No newline at end of file
diff --git a/ipa-server/ipa-gui/sample-prod.cfg b/ipa-server/ipa-gui/sample-prod.cfg
index ffa684cc1..a12662706 100644
--- a/ipa-server/ipa-gui/sample-prod.cfg
+++ b/ipa-server/ipa-gui/sample-prod.cfg
@@ -1,38 +1,31 @@
[global]
-# This is where all of your settings go for your production environment.
-# You'll copy this file over to your production server and provide it
-# as a command-line option to your start script.
-# Settings that are the same for both development and production
-# (such as template engine, encodings, etc.) all go in
-# ipagui/config/app.cfg
-
# DATABASE
-# pick the form for your database
-# sqlobject.dburi="postgres://username@hostname/databasename"
-# sqlobject.dburi="mysql://username:password@hostname:port/databasename"
-# sqlobject.dburi="sqlite:///file_name_and_path"
-
-# If you have sqlite, here's a simple default to get you started
-# in development
-sqlobject.dburi="sqlite://%(current_dir_uri)s/devdata.sqlite"
+# no database for ipa-webgui since everything is stored in LDAP
+# IDENTITY
-# if you are using a database or table type without transactions
-# (MySQL default, for example), you should turn off transactions
-# by prepending notrans_ on the uri
-# sqlobject.dburi="notrans_mysql://username:password@hostname:port/databasename"
+# Our our sqlobject-derived proxy provider
+identity.provider='proxyprovider'
-# for Windows users, sqlite URIs look like:
-# sqlobject.dburi="sqlite:///drive_letter:/path/to/file"
+# the first thing checked on any request. We want to short-circuit this
+# as early as possible
+identity.source = 'visit'
+# Turn on identity and visit (visit is required for identity)
+identity.on=True
+identity.failure_url="/loginfailed"
+visit.on=True
+visit.manager='proxyvisit'
# SERVER
server.environment="production"
+autoreload.package="ipagui"
+autoreload.on = False
# Sets the number of threads the server uses
-# server.thread_pool = 1
+server.thread_pool = 10
# if this is part of a larger site, you can set the path
# to the TurboGears instance here
@@ -66,7 +59,7 @@ server.environment="production"
[[[access_out]]]
# set the filename as the first argument below
-args="('server.log',)"
+args="('ipa-webgui',)"
class='FileHandler'
level='INFO'
formatter='message_only'
@@ -74,11 +67,11 @@ formatter='message_only'
[[loggers]]
[[[ipagui]]]
level='ERROR'
-qualname='ipagui'
-handlers=['error_out']
+qualname='ipa-webgui'
+handlers=['debug_out']
[[[access]]]
level='INFO'
-qualname='turbogears.access'
+qualname='ipa-webgui.access'
handlers=['access_out']
propagate=0
diff --git a/ipa-server/ipa-gui/setup.py b/ipa-server/ipa-gui/setup.py
index 123817999..6b21712b4 100644
--- a/ipa-server/ipa-gui/setup.py
+++ b/ipa-server/ipa-gui/setup.py
@@ -19,30 +19,10 @@ setup(
install_requires = [
"TurboGears >= 1.0.2.2",
],
- scripts = ["start-ipagui.py"],
zip_safe=False,
packages=find_packages(),
package_data = find_package_data(where='ipagui',
package='ipagui'),
- keywords = [
- # Use keywords if you'll be adding your package to the
- # Python Cheeseshop
-
- # if this has widgets, uncomment the next line
- # 'turbogears.widgets',
-
- # if this has a tg-admin command, uncomment the next line
- # 'turbogears.command',
-
- # if this has identity providers, uncomment the next line
- # 'turbogears.identity.provider',
-
- # If this is a template plugin, uncomment the next line
- # 'python.templating.engines',
-
- # If this is a full application, uncomment the next line
- # 'turbogears.app',
- ],
classifiers = [
'Development Status :: 3 - Alpha',
'Operating System :: OS Independent',
diff --git a/ipa-server/ipa-gui/start-ipagui.py b/ipa-server/ipa-gui/start-ipagui.py
index 2165e110b..e69de29bb 100644
--- a/ipa-server/ipa-gui/start-ipagui.py
+++ b/ipa-server/ipa-gui/start-ipagui.py
@@ -1,25 +0,0 @@
-#!/usr/bin/python
-import pkg_resources
-pkg_resources.require("TurboGears")
-
-from turbogears import update_config, start_server
-import cherrypy
-cherrypy.lowercase_api = True
-from os.path import *
-import sys
-
-# first look on the command line for a desired config file,
-# if it's not on the command line, then
-# look for setup.py in this directory. If it's not there, this script is
-# probably installed
-if len(sys.argv) > 1:
- update_config(configfile=sys.argv[1],
- modulename="ipagui.config")
-elif exists(join(dirname(__file__), "setup.py")):
- update_config(configfile="dev.cfg",modulename="ipagui.config")
-else:
- update_config(configfile="prod.cfg",modulename="ipagui.config")
-
-from ipagui.controllers import Root
-
-start_server(Root())
diff --git a/ipa-server/ipa-install/ipa-server-install b/ipa-server/ipa-install/ipa-server-install
index 54da6856b..b8b9805ba 100644
--- a/ipa-server/ipa-install/ipa-server-install
+++ b/ipa-server/ipa-install/ipa-server-install
@@ -370,7 +370,13 @@ def main():
krb.restart()
# Allow apache to connect to the turbogears web gui
- run(["/usr/sbin/setsebool", "httpd_can_network", "true"])
+ run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", "true"])
+
+ # Start the web gui
+ run(["/sbin/service", "ipa-webgui", "start"])
+
+ # Set the web gui to start on boot
+ run(["/sbin/chkconfig", "ipa-webgui", "on"])
# Restart apache
run(["/sbin/service", "httpd", "restart"])