Commit 79f1e301 authored by Philippe Mouchel's avatar Philippe Mouchel

Merge branch 'feature/dockerfile-initializer' into '2.x'

Dockerfile initializer in Drupalizer



See merge request !34
parents 9c1cb39d 1e8b730b
Pipeline #1710 failed with stages
# docker Drupal
# VERSION 0.3
FROM savoirfairelinux/lampd
MAINTAINER Ernesto Rodriguez Ortiz <ernesto.rodriguezortiz@savoirfairelinuc.com>
ENV initpath ./fabfile/docker
COPY ${initpath} /opt/init
RUN /opt/init/bootstrap
ENTRYPOINT ["/opt/init/init"]
CMD ["/sbin/my_init"]
......@@ -21,10 +21,10 @@ def init():
execute(docker.container_start)
execute(drush.make, 'install')
execute(drush.site_install, host='root@{}'.format(env.container_ip))
execute(drush.site_install)
execute(drush.aliases)
execute(behat.init, host='root@{}'.format(env.container_ip))
execute(behat.init)
@task
......
......@@ -24,7 +24,6 @@ def init(rewrite=True):
h.fab_run(role, 'cp example.behat.yml behat.yml')
h.fab_run(role, 'sed -i "s@%DRUPAL_ROOT@{}@g" behat.yml'.format(site_root))
h.fab_run(role, 'sed -i "s@%URL@http://{}@g" behat.yml'.format(host))
h.fab_run(role, 'echo "127.0.0.1 {}" >> /etc/hosts'.format(host))
print green('Behat is now properly configured. The configuration file is {}/tests/behat/behat.yml'.format(workspace))
else:
......
from __future__ import unicode_literals
import os
from fabric.api import task, roles, env, local, run, lcd, execute
from fabric.colors import red, green
from fabric.contrib.console import confirm
......@@ -54,6 +56,9 @@ def docker_tryrun(imgname, containername=None, opts='', mounts=None, cmd='', res
else:
containername_opt = ''
opts += ' -e USER_ID={}'.format(os.getuid())
opts += ' -e GROUP_ID={}'.format(os.getgid())
local('docker run %s %s %s %s' % (opts, containername_opt, imgname, cmd))
return True
......@@ -114,7 +119,7 @@ def connect():
"""
with lcd(env.workspace):
if docker_isrunning('{}_container'.format(env.project_name)):
local('docker exec -it {}_container bash'.format(env.project_name))
local('ssh drupalizer@{} -i {} -o StrictHostKeyChecking=no'.format(env.container_ip, h.fab_ssh_key()))
else:
print(red('Docker container {}_container is not running, it should be running to be able to connect.'))
......@@ -129,8 +134,8 @@ def image_create():
if '{}/drupal'.format(env.project_name) in docker_images():
print(red('Docker image {}/drupal was found, you has already build this image'.format(env.project_name)))
else:
h.copy_public_ssh_keys('local')
local('docker build -t {}/drupal .'.format(env.project_name))
dockerfile = h.fab_path('Dockerfile')
local('docker build -t {}/drupal -f {} .'.format(env.project_name, dockerfile))
print(green('Docker image {}/drupal was build successful'.format(env.project_name)))
......
#!/bin/bash
set -e
INIT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/bootstrap.d"
if [[ -d $INIT_DIR && -r $INIT_DIR && -x $INIT_DIR ]]; then
for i in $(LC_ALL=C command ls "$INIT_DIR"); do
i=$INIT_DIR/$i
[[ -f $i && -r $i ]] && . "$i"
done
fi
##
# Create system users
#
# Main user for Drupalizer tasks
useradd --home-dir /opt/init drupalizer --shell /bin/bash
passwd -d drupalizer
chown drupalizer:drupalizer /opt/init
##
# Create required filesystem structure
#
# Shared filesystem mount point
mkdir -p /opt/sfl/
# Apache document root
mkdir -p /opt/sfl/src/drupal
# Ensure the correct owner
chown -R drupalizer:drupalizer /opt/sfl
##
# Configure SUDO rights
#
# Full access for `drupalizer` user without password
echo 'drupalizer ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
##
# Configure SSH access
#
# Use the same authorized_keys file for all users
echo 'AuthorizedKeysFile /etc/ssh/authorized_keys' >> /etc/ssh/sshd_config
# Add the default known key to allow access for all users
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDcJHyU5S4xRP4QyJuBOiS38mrEuwfgOoWoNFQM0gWhJCb2phByO4Xg68f4v0w3FWm2SQQKv3bG5aevTI2ST5n0o/GbcCpdT1udV9uQIxr1+cbXUrecaNPD3WyIxt1Rldtwm7+s0AlwHHk0zKvulyupzPfQGB4Ix0zUfIzt+U45ww==' > /etc/ssh/authorized_keys
service ssh restart
##
# Configure Apache webserver
#
# Configure default VirtualHost for Drupal
cat > /etc/apache2/sites-available/000-default.conf <<EOF
ServerName localhost
<VirtualHost *:80>
DocumentRoot /opt/sfl/src/drupal
<Directory /opt/sfl/src/drupal/>
AllowOverride All
Options FollowSymLinks
Require all granted
</Directory>
</VirtualHost>
EOF
# Make Apache run as the main `drupalizer` user
cat >> /etc/apache2/envvars << EOF
export APACHE_RUN_USER=drupalizer
export APACHE_RUN_GROUP=drupalizer
EOF
# Enable modules required by Drupal
a2enmod rewrite vhost_alias
service apache2 restart
##
# Configure .profile login script
#
# Change CWD instantly after login into Apache document root for convenience
echo 'cd /opt/sfl/src/drupal' > /opt/init/.profile
#!/bin/bash
if [[ ! -z "$USER_ID" ]]
then
which usermod 2>&1 >/dev/null && usermod -u $USER_ID drupalizer
service apache2 reload
fi
if [[ ! -z "$GROUP_ID" ]]
then
which groupmod 2>&1 >/dev/null && groupmod -g $GROUP_ID drupalizer
service apache2 reload
fi
exec /bin/sh -c "$*"
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDcJHyU5S4xRP4QyJuBOiS38mrEuwfgOoWoNFQM0gWhJCb2phBy
O4Xg68f4v0w3FWm2SQQKv3bG5aevTI2ST5n0o/GbcCpdT1udV9uQIxr1+cbXUrec
aNPD3WyIxt1Rldtwm7+s0AlwHHk0zKvulyupzPfQGB4Ix0zUfIzt+U45wwIDAQAB
AoGBAIFL/NAG+2Z8uyxoZs0ztTVE8Giz4SBVvwLYGTWedSf779aWGrq9Mxiz4zO6
R61iqkAiCnm1krGnWSGguNXiYu0xt3sZww1Oug8hLwCKO87Mz0E8VFbYF/e8Y4VU
87/j4binSBzmTDwPNbKYHkDKTSpAEj8MEysXMwoRYfsupYxhAkEA+5ofK/xV92i0
6b9A/RL+y1d/yuTIzQYSKucqgZe/l/e3uXH0QXcCefXoQYrvxMDMHA5aeViJ54Zi
IWwnY0c+DQJBAN/9lrONTMq+pb3aHBAOBi5r1+R4mE7LwNUA2PycqaTrKt7yT+KM
xdPFE3fWDITNvtLNAAvhx7J7mq7mfCWZMw8CQEhwjmsGouWx4uyt4RM8Rdnb3nJX
Pq0xA0gQ+H8JZuNlMiOVeKLklfTxZSaBzxjR/bJSO6BWapYbbeN7lTeTSn0CQQC+
ORWH7OMfd6M4RYf5ln9nYwzZKhVnLaDZBDxC5CUqOtGQv0ZahuTmwQKUjgLZsgVx
7skwThGTIWevS2x5Xc6/AkEA4iTZC8WOP/MN16bOuFsqHjmhmaONSomQ/pvYgwED
flGK2B3jpsP0UiFBJCCsKEkx+07NBzxY/tMLTkivpLUutA==
-----END RSA PRIVATE KEY-----
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDcJHyU5S4xRP4QyJuBOiS38mrEuwfgOoWoNFQM0gWhJCb2phByO4Xg68f4v0w3FWm2SQQKv3bG5aevTI2ST5n0o/GbcCpdT1udV9uQIxr1+cbXUrecaNPD3WyIxt1Rldtwm7+s0AlwHHk0zKvulyupzPfQGB4Ix0zUfIzt+U45ww==
......@@ -19,6 +19,8 @@
from __future__ import unicode_literals
from datetime import datetime
import os
from fabric.api import task, roles, env, local
from fabric.colors import red, green
from fabric.contrib.console import confirm
......@@ -63,6 +65,12 @@ def make(action='install'):
local('mkdir {}'.format(env.site_root))
with h.fab_cd('local', env.site_root):
if os.path.isdir('{}/sites/default/'.format(env.site_root)):
local('chmod u+w sites/default')
if os.path.isfile('{}/sites/default/settings.php'.format(env.site_root)):
local('chmod u+w sites/default/settings.php')
local('drush make {} {} -y'.format(drush_opts, env.makefile))
......@@ -124,16 +132,13 @@ def site_install():
h.init_db('docker')
with h.fab_cd(role, site_root):
h.fab_run(role, 'chown {}:{} ./sites'.format(env.apache_user, env.apache_user))
h.fab_run(role, 'chmod ug+w ./sites/default'.format(env.docker_site_root))
if env.site_default_language:
locale = '--locale="{}"'.format(env.site_default_language)
else:
locale = ''
h.fab_run(role, 'sudo -u {} drush site-install {} {} --db-url=mysql://{}:{}@{}/{} --site-name="{}" '
'--account-name={} --account-pass={} --sites-subdir={} -y'.format(apache, profile, locale,
h.fab_run(role, 'drush site-install {} {} --db-url=mysql://{}:{}@{}/{} --site-name="{}" '
'--account-name={} --account-pass={} --sites-subdir={} -y'.format(profile, locale,
db_user, db_pass,
db_host, db_name, site_name,
site_admin_name,
......
......@@ -18,12 +18,14 @@
from __future__ import unicode_literals
import os
import socket
from getpass import getuser
from fabric.api import lcd, cd, roles, local, run
from fabric.colors import green
from fabric.context_managers import settings
from fabric.contrib.console import confirm
from fabric.contrib.files import exists
......@@ -43,7 +45,7 @@ host_name = local("hostname", capture=True)
# Set the env dict with the roles and the hosts
env.roledefs['local'] = ["{}@{}".format(user_name, host_name)]
env.roledefs['docker'] = ["root@{}".format(env.container_ip)]
env.roledefs['docker'] = ["drupalizer@{}".format(env.container_ip)]
env.builddir = path.join(env.workspace, 'build')
......@@ -68,7 +70,8 @@ def fab_run(role="local", cmd=""):
if role == "local":
return local(cmd)
else:
return run(cmd)
with settings(key_filename=fab_ssh_key()):
return run(cmd)
def fab_cd(role, directory):
......@@ -200,3 +203,24 @@ def init_db(role='docker'):
'\'{}\'@\'localhost\' IDENTIFIED BY \'{}\'; GRANT ALL PRIVILEGES ON {}.* TO \'{}\'@\'{}\' '
'IDENTIFIED BY \'{}\'; FLUSH PRIVILEGES;"'.format(env.site_db_name, env.site_db_name, env.site_db_user, env.site_db_pass,
env.site_db_name, env.site_db_user, docker_iface_ip, env.site_db_user))
def fab_path(filename):
"""
Returns the full path a file relative to the location of fabfile.
:param filename Name of the file to compose path from.
"""
path = os.path.dirname(os.path.abspath(__file__))
return os.path.abspath('{0}/{1}'.format(path, filename))
def fab_ssh_key():
"""
Returns the full path to default RSA key for SSH connections.
This helper checks and (if necessary) fixes filesystem permissions on the
RSA key file to make sure that SSH does not ignore keys accessible by other
users.
"""
path = fab_path('docker/ssh/id_rsa')
local('chmod 600 {}'.format(path))
return path
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment