From 9792441a014d78b3f3ca8b7cd8f070132809dc65 Mon Sep 17 00:00:00 2001 From: Ian Ward Date: Mon, 29 Apr 2024 15:17:48 -0400 Subject: [PATCH 1/3] create sysadmin account from user-provided values --- .env.example | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.env.example b/.env.example index 830cf949..93ae148b 100644 --- a/.env.example +++ b/.env.example @@ -26,6 +26,11 @@ TEST_CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@db/datastore_te # Dev settings USE_HTTPS_FOR_DEV=false +# Fill all three to create an inital sysadmin account: +#CKAN_SYSADMIN_NAME= +#CKAN_SYSADMIN_PASSWORD= +#CKAN_SYSADMIN_EMAIL= + # CKAN core CKAN_VERSION=2.10.0 CKAN_SITE_ID=default @@ -36,9 +41,6 @@ CKAN___BEAKER__SESSION__SECRET=CHANGE_ME # See https://docs.ckan.org/en/latest/maintaining/configuration.html#api-token-settings CKAN___API_TOKEN__JWT__ENCODE__SECRET=string:CHANGE_ME CKAN___API_TOKEN__JWT__DECODE__SECRET=string:CHANGE_ME -CKAN_SYSADMIN_NAME=ckan_admin -CKAN_SYSADMIN_PASSWORD=test1234 -CKAN_SYSADMIN_EMAIL=your_email@example.com CKAN_STORAGE_PATH=/var/lib/ckan CKAN_SMTP_SERVER=smtp.corporateict.domain:25 CKAN_SMTP_STARTTLS=True From aee6815182ed6df15cfd9899c15745aeb60e7939 Mon Sep 17 00:00:00 2001 From: Ian Ward Date: Tue, 21 May 2024 15:42:45 -0400 Subject: [PATCH 2/3] provide instructions for creating sysadmin accounts instead --- .env.example | 5 ----- README.md | 16 ++++++++++++-- ckan/setup/prerun.py.override | 40 ----------------------------------- 3 files changed, 14 insertions(+), 47 deletions(-) diff --git a/.env.example b/.env.example index 93ae148b..9f8a374a 100644 --- a/.env.example +++ b/.env.example @@ -26,11 +26,6 @@ TEST_CKAN_DATASTORE_READ_URL=postgresql://datastore_ro:datastore@db/datastore_te # Dev settings USE_HTTPS_FOR_DEV=false -# Fill all three to create an inital sysadmin account: -#CKAN_SYSADMIN_NAME= -#CKAN_SYSADMIN_PASSWORD= -#CKAN_SYSADMIN_EMAIL= - # CKAN core CKAN_VERSION=2.10.0 CKAN_SITE_ID=default diff --git a/README.md b/README.md index 7e4fde87..94998c98 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ * [3. docker compose vs docker-compose](#3-docker-compose-vs-docker-compose) * [4. Install (build and run) CKAN plus dependencies](#4-install-build-and-run-ckan-plus-dependencies) * [Base mode](#base-mode) + * [Create a sysadmin account](#create-a-sysadmin-account) * [Development mode](#development-mode) * [Create an extension](#create-an-extension) * [Running HTTPS on development mode](#running-https-on-development-mode) @@ -63,7 +64,7 @@ Copy the included `.env.example` and rename it to `.env`. Modify it depending on Please note that when accessing CKAN directly (via a browser) ie: not going through NGINX you will need to make sure you have "ckan" set up to be an alias to localhost in the local hosts file. Either that or you will need to change the `.env` entry for `CKAN_SITE_URL` -Using the default values on the `.env.example` file will get you a working CKAN instance. There is a sysadmin user created by default with the values defined in `CKAN_SYSADMIN_NAME` and `CKAN_SYSADMIN_PASSWORD`(`ckan_admin` and `test1234` by default). This should be obviously changed before running this setup as a public CKAN instance. +Using the default values on the `.env.example` file will get you a working CKAN instance. To build the images: @@ -84,6 +85,13 @@ At the end of the container start sequence there should be 6 containers running After this step, CKAN should be running at `CKAN_SITE_URL`. +#### Create a sysadmin account + +Create a sysadmin account and password to log in to the site: + + docker compose -f docker-compose.yml exec ckan sh -c "ckan sysadmin add " + + ### Development mode Use this mode if you are making code changes to CKAN and either creating new extensions or making code changes to existing extensions. This mode also uses the `.env` file for config options. @@ -100,12 +108,16 @@ To start the containers: See [CKAN images](#5-ckan-images) for more details of what happens when using development mode. +Similar to above, create a sysadmin account and password in development mode: + + docker compose -f docker-compose.dev.yml exec ckan-dev sh -c "ckan sysadmin add " + #### Create an extension You can use the ckan [extension](https://docs.ckan.org/en/latest/extensions/tutorial.html#creating-a-new-extension) instructions to create a CKAN extension, only executing the command inside the CKAN container and setting the mounted `src/` folder as output: - docker compose -f docker-compose.dev.yml exec ckan-dev /bin/sh -c "ckan -c /srv/app/ckan.ini generate extension --output-dir /srv/app/src_extensions" + docker compose -f docker-compose.dev.yml exec ckan-dev sh -c "ckan generate extension --output-dir /srv/app/src_extensions" ![Screenshot 2023-02-22 at 1 45 55 pm](https://user-images.githubusercontent.com/54408245/220623568-b4e074c7-6d07-4d27-ae29-35ce70961463.png) diff --git a/ckan/setup/prerun.py.override b/ckan/setup/prerun.py.override index 3d686969..0cced858 100644 --- a/ckan/setup/prerun.py.override +++ b/ckan/setup/prerun.py.override @@ -157,44 +157,6 @@ def init_datastore_db(): connection.close() -def create_sysadmin(): - - name = os.environ.get("CKAN_SYSADMIN_NAME") - password = os.environ.get("CKAN_SYSADMIN_PASSWORD") - email = os.environ.get("CKAN_SYSADMIN_EMAIL") - - if name and password and email: - - # Check if user exists - command = ["ckan", "-c", ckan_ini, "user", "show", name] - - out = subprocess.check_output(command) - if b"User:None" not in re.sub(b"\s", b"", out): - print("[prerun] Sysadmin user exists, skipping creation") - return - - # Create user - command = [ - "ckan", - "-c", - ckan_ini, - "user", - "add", - name, - "password=" + password, - "email=" + email, - ] - - subprocess.call(command) - print("[prerun] Created user {0}".format(name)) - - # Make it sysadmin - command = ["ckan", "-c", ckan_ini, "sysadmin", "add", name] - - subprocess.call(command) - print("[prerun] Made user {0} a sysadmin".format(name)) - - if __name__ == "__main__": maintenance = os.environ.get("MAINTENANCE_MODE", "").lower() == "true" @@ -208,5 +170,3 @@ if __name__ == "__main__": check_datastore_db_connection() init_datastore_db() check_solr_connection() - create_sysadmin() - \ No newline at end of file From eb83b6c12db521ded17f016d8ca60ade01516e2c Mon Sep 17 00:00:00 2001 From: Ian Ward Date: Tue, 21 May 2024 16:22:45 -0400 Subject: [PATCH 3/3] simplify exec examples --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 94998c98..617bb430 100644 --- a/README.md +++ b/README.md @@ -89,7 +89,7 @@ After this step, CKAN should be running at `CKAN_SITE_URL`. Create a sysadmin account and password to log in to the site: - docker compose -f docker-compose.yml exec ckan sh -c "ckan sysadmin add " + docker compose -f docker-compose.yml exec ckan ckan sysadmin add ### Development mode @@ -110,14 +110,14 @@ See [CKAN images](#5-ckan-images) for more details of what happens when using de Similar to above, create a sysadmin account and password in development mode: - docker compose -f docker-compose.dev.yml exec ckan-dev sh -c "ckan sysadmin add " + docker compose -f docker-compose.dev.yml exec ckan-dev ckan sysadmin add #### Create an extension You can use the ckan [extension](https://docs.ckan.org/en/latest/extensions/tutorial.html#creating-a-new-extension) instructions to create a CKAN extension, only executing the command inside the CKAN container and setting the mounted `src/` folder as output: - docker compose -f docker-compose.dev.yml exec ckan-dev sh -c "ckan generate extension --output-dir /srv/app/src_extensions" + docker compose -f docker-compose.dev.yml exec ckan-dev ckan generate extension --output-dir /srv/app/src_extensions ![Screenshot 2023-02-22 at 1 45 55 pm](https://user-images.githubusercontent.com/54408245/220623568-b4e074c7-6d07-4d27-ae29-35ce70961463.png) @@ -303,11 +303,11 @@ For convenience the CKAN_SITE_URL parameter should be set in the .env file. For 1. Create a new user from the Docker host, for example to create a new user called 'admin' - `docker exec -it ckan -c ckan.ini user add admin email=admin@localhost` + `docker exec ckan user add admin email=admin@localhost` To delete the 'admin' user - `docker exec -it ckan -c ckan.ini user remove admin` + `docker exec ckan user remove admin` 2. Create a new user from within the ckan container. You will need to get a session on the running container