fasrc · claire-peters · Sep 25, 2023 · Sep 25, 2023 · Sep 25, 2023
diff --git a/Dockerfile b/Dockerfile
@@ -1,46 +1,50 @@
 # syntax=docker/dockerfile:experimental
-FROM python:3.6
+FROM python:3.8
 
-EXPOSE 9000
-RUN apt-get update && apt-get install -y --no-install-recommends \
-    libsasl2-dev libldap2-dev libssl-dev \
-    nginx supervisor \
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+    && apt-get install -y redis redis-server \
+    && apt-get install -y libsasl2-dev libldap2-dev libssl-dev \
     && rm -rf /var/lib/apt/lists/*
 RUN mkdir ~/.ssh && echo "Host git*\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
-RUN echo 'TLS_REQCERT allow' >> /etc/ldap/ldap.conf
-
-RUN echo "daemon off;" >> /etc/nginx/nginx.conf
-COPY etc/nginx.conf /etc/nginx/sites-available/default
-COPY etc/supervisor.conf /etc/supervisor/conf.d/app.conf
 
 WORKDIR /usr/src/app
 COPY requirements.txt ./
 
+ARG IPYTHON_STARTUP=/root/.ipython/profile_default/startup
+RUN mkdir -p ${IPYTHON_STARTUP}
+COPY etc/ipython_init.py ${IPYTHON_STARTUP}
+
 ARG IFXURLS_COMMIT=549af42dbe83d07b12dd37055a5ec6368d4b649
 ARG NANITES_CLIENT_COMMIT=1e67ce787e27c9c0e32a4c97a4967c297d30b7cf
-ARG IFXMAIL_CLIENT_COMMIT=cc1a9f9cc6cdb951828b6b912bc830c0172785f1
-ARG IFXUSER_COMMIT=4fbf3ee574edf1c2599a059cbd7f05d37cd69c3f
-ARG FIINE_CLIENT_COMMIT=e79f569aa22b43876945bfb75cf169b11a555138
-ARG IFXVALIDCODE_COMMIT=4dd332c5a8e13d904a90da014094406a81b617e6
-ARG IFXBILLING_COMMIT=f4920d351968b0158cd0fbef0a151eb6ea610944
+ARG IFXUSER_COMMIT=6b7194698b49550ae6df395cfea96380536a41bc
+ARG IFXMAIL_CLIENT_COMMIT=8f728ff54441d2f2449fd3c31b75f0f77372b5f2
+ARG FIINE_CLIENT_COMMIT=1946c8db410077d374b8b16f6de5199d9ed10d7e
+ARG IFXEC_COMMIT=0c09c90890fb87d4db22c635a6c403c89e1a957f
+ARG IFXBILLING_COMMIT=58d07688e52b4c63fb93a903cbb8a1e5ed24ea34
 
 RUN --mount=type=ssh pip install --upgrade pip && \
-    pip install gunicorn && \
-    pip install 'Django>2.2,<3' && \
-    pip install django-author==1.0.2 && \
-    pip install git+ssh://[email protected]/harvardinformatics/ifxurls.git@${IFXURLS_COMMIT} && \
+    pip install ldap3 django_auth_ldap && \
+    pip install django-author==1.0.2
+RUN --mount=type=ssh pip install git+ssh://[email protected]/harvardinformatics/ifxurls.git@${IFXURLS_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/nanites.client.git@${NANITES_CLIENT_COMMIT} && \
-    pip install git+ssh://[email protected]/harvardinformatics/ifxmail.client.git@${IFXMAIL_CLIENT_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/ifxuser.git@${IFXUSER_COMMIT} && \
-    pip install git+ssh://git@gitlab-int.rc.fas.harvard.edu/informatics/fiine.client.git@${FIINE_CLIENT_COMMIT} && \
-    pip install git+ssh://git@gitlab-int.rc.fas.harvard.edu/informatics/ifxvalidcode.git@${IFXVALIDCODE_COMMIT} && \
-    pip install git+ssh://git@gitlab-int.rc.fas.harvard.edu/informatics/ifxbilling.git@${IFXBILLING_COMMIT} && \
-    pip install ldap3 django_auth_ldap && \
+    pip install git+ssh://git@github.com/harvardinformatics/ifxmail.client.git@${IFXMAIL_CLIENT_COMMIT} && \
+    pip install git+ssh://git@github.com/harvardinformatics/fiine.client.git@${FIINE_CLIENT_COMMIT} && \
+    pip install git+ssh://git@github.com/harvardinformatics/ifxec.git@${IFXEC_COMMIT} && \
+    pip install git+ssh://[email protected]/harvardinformatics/ifxbilling.git@${IFXBILLING_COMMIT} && \
     pip install -r requirements.txt
 
 COPY . .
 
-ENV PYTHONPATH /usr/src/app
+# RUN pip install django-redis reportlab==3.6.6
+# RUN pip install django-debug-toolbar
+
+ENV PYTHONPATH /usr/src/app:/usr/src/app/ifxreport
+
+RUN mkdir -p /usr/src/app/media/reports
+
+EXPOSE 80
+EXPOSE 25
 
-CMD ./manage.py collectstatic --no-input && ./manage.py makemigrations && ./manage.py migrate && /usr/bin/supervisord -n
-RUN ./manage.py qcluster &
+CMD ["/bin/bash", "./container_startup.sh"]
diff --git a/Dockerfile-ifx → Dockerfile-dev b/Dockerfile-ifx → Dockerfile-dev
@@ -24,15 +24,15 @@ ARG IFXEC_COMMIT=0c09c90890fb87d4db22c635a6c403c89e1a957f
 ARG IFXBILLING_COMMIT=58d07688e52b4c63fb93a903cbb8a1e5ed24ea34
 
 RUN --mount=type=ssh pip install --upgrade pip && \
-    pip install django-author==1.0.2 && \
-    pip install git+ssh://[email protected]/harvardinformatics/ifxurls.git@${IFXURLS_COMMIT} && \
+    pip install ldap3 django_auth_ldap && \
+    pip install django-author==1.0.2
+RUN --mount=type=ssh pip install git+ssh://[email protected]/harvardinformatics/ifxurls.git@${IFXURLS_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/nanites.client.git@${NANITES_CLIENT_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/ifxuser.git@${IFXUSER_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/ifxmail.client.git@${IFXMAIL_CLIENT_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/fiine.client.git@${FIINE_CLIENT_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/ifxec.git@${IFXEC_COMMIT} && \
     pip install git+ssh://[email protected]/harvardinformatics/ifxbilling.git@${IFXBILLING_COMMIT} && \
-    pip install ldap3 django_auth_ldap && \
     pip install -r requirements.txt
 
 COPY . .
@@ -47,5 +47,4 @@ RUN mkdir -p /usr/src/app/media/reports
 EXPOSE 80
 EXPOSE 25
 
-CMD ["/bin/bash", "./container_startup.sh"]
-# CMD ["python", "manage.py", "runserver", "0.0.0.0:80", "--insecure"]
+CMD ["/bin/bash", "./container_startup-dev.sh dev"]
diff --git a/container_startup.sh b/container_startup.sh
@@ -7,11 +7,19 @@
 # turn on bash's job control
 # set -m
 
-# RUN python3 ./manage.py initial_setup
-# RUN python3 ./manage.py load_test_data
 service redis-server start
 python ./manage.py qcluster &
 python ./manage.py add_scheduled_tasks
+source /srv/coldfront/venv/bin/activate
+python ./manage.py collectstatic
 # initial_setup does not appear to work as requested.
 python ./manage.py initial_setup &
-python ./manage.py runserver 0.0.0.0:80 --insecure
+
+case $1 in
+    'dev')
+            python ./manage.py runserver 0.0.0.0:80 --insecure
+        ;;
+    *)
+            python ./manage.py runserver 0.0.0.0:80
+        ;;
+esac
diff --git a/envexample b/envexample
@@ -15,6 +15,16 @@ SESSION_COOKIE_SECURE=True
 # LANGUAGE_CODE='en-us'
 # TIME_ZONE='America/New_York'
 
+# To override ColdFront stock templates, create a directory and add your
+# custom templates. By default, ColdFront looks in /usr/share/coldfront/site/templates
+# and /usr/share/coldfront/site/static. If you'd like to use a different directory
+# then be sure to set the following environment variable:
+# SITE_TEMPLATES=/path/to/your/templates
+
+# override any static files such as CSS or images by creating a directory and
+# adding your custom static assets, then setting the following variable:
+# SITE_STATIC=/path/to/static/files
+
 
 #------------------------------------------------------------------------------
 # Core settings
@@ -86,14 +96,14 @@ CENTER_HELP_URL='https://portal.rc.fas.harvard.edu/rcrt/submit_ticket'
 #------------------------------------------------------------------------------
 # None of the below settings are needed if using a sqlite database for testing.
 
-# # username for database login
-# DB_USER=coldfront
-# # Database connection. If not set, sqlite:///coldfront.db will be used.
+# username for database login
+DB_USER=coldfront
+# Database connection. If not set, sqlite:///coldfront.db will be used.
 # DB_URL=mysql://user:[email protected]:3306/database
-# # password for database login
-# DB_PASS=MYPASSWORD
-# # host container for database
-# DB_HOST=coldfront-db
+# password for database login
+DB_PASS=$DB_PASS
+# host container for database
+DB_HOST=coldfront-db
 
 
 #------------------------------------------------------------------------------
@@ -209,32 +219,32 @@ EMAIL_SIGNATURE='FAS Research Computing'
 #------------------------------------------------------------------------------
 # set the following if you are using LDAP integration
 
-# # Enable LDAP Authentication Backend, default False
+# Enable LDAP Authentication Backend, default False
 # PLUGIN_AUTH_LDAP=False
 
-# # URI of LDAP server
+# URI of LDAP server
 # AUTH_LDAP_SERVER_URI=ldaps://my.ldap:636
 
-# # User search base dn
+# User search base dn
 # AUTH_LDAP_USER_SEARCH_BASE='OU=Domain Users,dc=rc,dc=domain'
 
-# # Enable/disable start tls, default True
+# Enable/disable start tls, default True
 # AUTH_LDAP_START_TLS=False
 
-# # Authentication will leave the LDAP connection bound as the authenticating user,
-# # rather than forcing it to re-bind, default False
+# Authentication will leave the LDAP connection bound as the authenticating user,
+# rather than forcing it to re-bind, default False
 # AUTH_LDAP_BIND_AS_AUTHENTICATING_USER=False
 
-# # The distinguished name to use when binding to the LDAP server
+# The distinguished name to use when binding to the LDAP server
 # AUTH_LDAP_BIND_DN='CN=xdmodldap,OU=Service Accounts,OU=Domain Users,DC=rc,DC=domain'
 
-# # The password to use AUTH_LDAP_BIND_DN
+# The password to use AUTH_LDAP_BIND_DN
 # AUTH_LDAP_BIND_PASSWORD='password_in_singlequotes'
 
-# # Enable/disable mirroring of groups, default True
+# Enable/disable mirroring of groups, default True
 # AUTH_LDAP_MIRROR_GROUPS=True
 
-# # Group search base dn
+# Group search base dn
 # AUTH_LDAP_GROUP_SEARCH_BASE='OU=Domain Groups,dc=rc,dc=domain'
 
 
@@ -247,13 +257,16 @@ PLUGIN_IFX=True
 
 # If using the FASRC plugin, uncomment the lines below and add the neo4j password.
 # PLUGIN_FASRC=True
-# neo4jp=NEO4J_INSTANCE_PASSWORD
+# NEO4JP=$NEO4JP
+
+# If using the FASRC LDAP plugin, uncomment the line below
+# PLUGIN_LDAP=True
 
 
 #------------------------------------------------------------------------------
 # Starfish Plugin
 #------------------------------------------------------------------------------
 # If using SFtoCF, uncomment the lines below and add starfish account details.
 # PLUGIN_SFTOCF=True
-# SFUSER=STARFISH_ACCOUNT_USERNAME
-# SFPASS=STARFISH_ACCOUNT_PASSWORD
+# SFUSER=$SFUSER
+# SFPASS=$SFPASS