Revision 96f6f3e0
Added by Benoît PECCATTE over 7 years ago
rudder-server-relay/SOURCES/relay-api/apache/relay-api.conf | ||
---|---|---|
# Set up a WSGI serving process
|
||
WSGIDaemonProcess relay_api threads=5 user=rudder
|
||
WSGISocketPrefix /var/run/wsgi
|
||
|
||
## Set directory access permissions
|
||
|
||
<Directory /opt/rudder/share/relay-api/relay_api>
|
||
# Allow access from anybody
|
||
Allow from all
|
||
</Directory>
|
||
|
||
<Files /opt/rudder/share/relay-api/relay-api.wsgi>
|
||
# Allow access from anybody
|
||
Allow from all
|
||
</Files>
|
||
|
||
<Directory /opt/rudder/share/relay-api/flask>
|
||
|
||
# WSGI parameters
|
||
WSGIProcessGroup relay_api
|
||
WSGIApplicationGroup %{GLOBAL}
|
||
|
||
# Allow access from anybody
|
||
Allow from all
|
||
|
||
</Directory>
|
||
|
rudder-server-relay/SOURCES/rudder-apache-relay-common.conf | ||
---|---|---|
# Load relay-api
|
||
WSGIScriptAlias /rudder/relay-api /opt/rudder/share/relay-api/relay-api.wsgi
|
||
|
||
## Set directory access permissions
|
||
|
||
<Directory /opt/rudder/share/relay-api/relay_api>
|
||
# Allow access from anybody
|
||
Allow from all
|
||
</Directory>
|
||
|
||
<Files /opt/rudder/share/relay-api/relay-api.wsgi>
|
||
# Allow access from anybody
|
||
Allow from all
|
||
</Files>
|
||
|
||
<Directory /opt/rudder/share/relay-api/flask>
|
||
# Allow access from anybody
|
||
Allow from all
|
||
</Directory>
|
||
|
||
# Disallow by default
|
||
<Location /rudder/relay-api/>
|
||
# WSGI parameters
|
||
WSGIProcessGroup relay_api
|
||
WSGIApplicationGroup %{GLOBAL}
|
||
|
||
<IfVersion < 2.4>
|
||
Order deny,allow
|
rudder-server-relay/SOURCES/rudder-vhost.conf | ||
---|---|---|
# Set up a WSGI serving process common to ssl and non ssl vhost
|
||
WSGIDaemonProcess relay_api threads=5 user=rudder
|
||
|
||
<VirtualHost *:80>
|
||
|
||
ServerAdmin webmaster@localhost
|
rudder-server-relay/SPECS/rudder-server-relay.spec | ||
---|---|---|
cp -r %{_sourcedir}/relay-api/flask %{buildroot}%{rudderdir}/share/relay-api/
|
||
cp -r %{_sourcedir}/relay-api/relay_api %{buildroot}%{rudderdir}/share/relay-api/
|
||
cp %{_sourcedir}/relay-api/apache/relay-api.wsgi %{buildroot}%{rudderdir}/share/relay-api/
|
||
install -m 644 %{_sourcedir}/relay-api/apache/relay-api.conf %{buildroot}/etc/%{apache_vhost_dir}/relay-api.conf
|
||
install -m 644 %{_sourcedir}/relay-api/cleanup.sh %{buildroot}%{rudderdir}/share/relay-api/
|
||
|
||
# Others
|
||
... | ... | |
# Create the rudder user
|
||
if ! getent passwd %{rudder_user} >/dev/null; then
|
||
echo -n "INFO: Creating the %{rudder_user} user..."
|
||
useradd -r -m -G %{rudder_group} -d /var/rudder -c "Rudder,,," %{rudder_user} >/dev/null 2>&1
|
||
useradd -r -m -g %{rudder_group} -d /var/rudder -c "Rudder,,," %{rudder_user} >/dev/null 2>&1
|
||
echo " Done"
|
||
fi
|
||
|
rudder-server-relay/debian/links | ||
---|---|---|
/etc/apache2/conf-available/relay-api.conf /etc/apache2/conf.d/relay-api.conf
|
rudder-server-relay/debian/postinst | ||
---|---|---|
# Create the rudder user
|
||
if ! getent passwd rudder >/dev/null; then
|
||
echo -n "INFO: Creating the rudder user..."
|
||
useradd -r -m -G rudder -d /var/rudder -c "Rudder,,," rudder >/dev/null 2>&1
|
||
useradd -r -m -g rudder -d /var/rudder -c "Rudder,,," rudder >/dev/null 2>&1
|
||
echo " Done"
|
||
fi
|
||
|
||
# Get the current apache version
|
||
APACHE_VERSION=$(apache2 -v|grep Apache|sed "s%^.*Apache/\([0-9].[0-9]\).*%\1%")
|
||
|
||
SITES_TO_DISABLE="default 000-default default-ssl rudder-vhost rudder-vhost-ssl rudder-relay-vhost rudder-relay-vhost-ssl"
|
||
SITES_TO_ENABLE="rudder.conf"
|
||
|
||
... | ... | |
# This module is compiled in core in some distro (debian)
|
||
a2enmod version >/dev/null 2>&1 || true
|
||
|
||
# Enable the conf-available entry if running Apache 2.4
|
||
if [ ${APACHE_VERSION} = 2.4 ]
|
||
then
|
||
[ ! -e /etc/apache2/conf-available/relay-api.conf ] || a2enconf relay-api
|
||
fi
|
||
|
||
# Create inventory repositories and add rights to the apache user to
|
||
# access /var/rudder/inventories/incoming
|
||
chmod 751 /var/rudder/inventories
|
rudder-server-relay/debian/rules | ||
---|---|---|
dh_install --SOURCEDIR=$(CURDIR)/SOURCES/relay-api relay_api/ /opt/rudder/share/relay-api/
|
||
dh_install --SOURCEDIR=$(CURDIR)/SOURCES/relay-api flask/ /opt/rudder/share/relay-api/
|
||
dh_install --SOURCEDIR=$(CURDIR)/SOURCES/relay-api apache/relay-api.wsgi /opt/rudder/share/relay-api/
|
||
dh_install --SOURCEDIR=$(CURDIR)/SOURCES/relay-api apache/relay-api.conf /etc/apache2/conf-available/
|
||
dh_install --SOURCEDIR=$(CURDIR)/SOURCES/relay-api cleanup.sh /opt/rudder/share/relay-api/
|
||
cp $(CURDIR)/SOURCES/rudder-relay.cron $(CURDIR)/BUILD/rudder-relay
|
||
dh_install --SOURCEDIR=$(CURDIR)/BUILD/ rudder-relay /etc/cron.d/
|
Also available in: Unified diff
Fixes #9989: Relay api runs with www-data user instead of rudder