Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rebuild docker with p1ps options #18

Open
wants to merge 3 commits into
base: connecteurLdapPersonnes
Choose a base branch
from
Open

Rebuild docker with p1ps options #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3918c21
Prepare docker install with university config
jdp1ps Mar 11, 2024
eb4acf2
Update dest port
jdp1ps Mar 11, 2024
15a684c
Update oscar Dockerfile
jdp1ps Mar 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
82 changes: 82 additions & 0 deletions dockerize/install-p1ps.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
#!/bin/sh

# -------------------------------------------------------------------------------------------------------------------- #
#
# -------------------------------------------------------------------------------------------------------------------- #

# Nom du projet (dossier)
PRJ=$1

# Dossiers
DIR_CURRENT=$(pwd)
DIR_OSCAR=$(realpath $DIR_CURRENT/../)
DIR_SKELETON="$DIR_CURRENT/skeleton"

# Emplacements créés
DIR_DEST="$DIR_CURRENT/local/$PRJ"
DIR_POSTGRESQL_DATAS="$DIR_DEST/databases"

OPT_PROXY="$2"
OPT_PORT_OSCAR=80
OPT_PORT_ADMINER=8182

# Nom des containers
CONTAINER_OSCAR="oscar_$PRJ"
CONTAINER_POSTGRESQL="oscar_"$PRJ"_postgresql"
CONTAINER_ELASTICSEARCH="oscar_"$PRJ"_elasticsearch"
CONTAINER_GEARMAN="oscar_"$PRJ"_gearman"
CONTAINER_NETWORK="oscar_"$PRJ"_network"
CONTAINER_ADMINER="oscar_"$PRJ"_adminer"

# -------------------------------------------------------------------------------------------------------------------- #
# STEP
echo "### PARAMETRES INSTALLATION"
echo "Destination : $DIR_DEST"
echo "Oscar path : $DIR_OSCAR"
echo "Proxy : $OPT_PROXY"
echo "### "

echo "Suppression de l'ancien dossier"
cmd="rm -Rf $DIR_DEST"
echo "> $cmd"
$($cmd)

echo "Copie du squelette"
cmd="cp -R skeleton $DIR_DEST"
echo "> $cmd"
$($cmd)
echo "Effacement de la configuration d'origine"
cmd="rm -Rf $DIR_DEST/oscar/oscar/config/autoload"
echo "> $cmd"
$($cmd)
echo "Insertion de la configuration établissement"
cmd="cp -R skeleton-etab/* $DIR_DEST"
echo "> $cmd"
$($cmd)

echo "Remplacement des paramètres"
for i in $(find $DIR_DEST -type f); do
file=$(basename "$i")
echo "Traitement pour $i ($file)"
sed -i s%£CONTAINEROSCAR%$PRJ%g "$i"
sed -i s%£PROXY%$OPT_PROXY%g "$i"
sed -i s%£DIR_INSTALL%$DIR_DEST%g "$i"
sed -i s%£PORT_ADMINER%$OPT_PORT_ADMINER%g "$i"
sed -i s%£PORT_OSCAR%$OPT_PORT_OSCAR%g "$i"
sed -i s%£DIR_OSCAR%$DIR_OSCAR%g "$i"
sed -i s%£DIR_POSTGRESQL_DATAS%$DIR_POSTGRESQL_DATAS%g "$i"

sed -i s%£CONTAINER_OSCAR%$CONTAINER_OSCAR%g "$i"
sed -i s%£CONTAINER_POSTGRESQL%$CONTAINER_POSTGRESQL%g "$i"
sed -i s%£CONTAINER_ELASTICSEARCH%$CONTAINER_ELASTICSEARCH%g "$i"
sed -i s%£CONTAINER_GEARMAN%$CONTAINER_GEARMAN%g "$i"
sed -i s%£CONTAINER_NETWORK%$CONTAINER_NETWORK%g "$i"
sed -i s%£CONTAINER_ADMINER%$CONTAINER_ADMINER%g "$i"
done

echo "# For Build / Run"
echo "cd $DIR_DEST"
echo "docker-compose build"
echo "docker-compose up"


159 changes: 159 additions & 0 deletions dockerize/skeleton-etab/oscar/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
#####################################
# DOCKERFILE TO BUILD APACHE2, PHP7.4
# BASED ON DEBIAN:BULLSEYE-BACKPORTS
#####################################
FROM debian:bullseye-backports

# Issue du docker-compose
ARG proxy_environnement
ARG service_oscar_name="oscar_dev_spartan"
ARG service_gearman_name="oscar_dev_gearman_spartan"
ARG service_elasticsearch_name="oscar_dev_elasticsearch_spartan"
ARG CONFIG_TEST="../config"

# Infos
LABEL authors="Herve Marie <[email protected]> Stéphane Bouvry <[email protected]>"
LABEL description="OSCAR"

# AVEC CETTE SOLUTION CI-DESSOUS (HM)) J'AI EU DES SOUCIS, FAUT'IL FAIRE AUTRE CHOSE QUE COPIER PAS TROUVE DE SOLUTION VIABLE STEPH AVEC COPIE DE FICHIERS.
# PROXY (environment/apt)
#COPY etc/apt/apt.conf.d/proxy /etc/apt/apt.conf.d/proxy
#COPY etc/environment /etc/environment
# REMPLACE PAR SOLUTION CI-DESSOUS FONCTIONNE A TOUS LES COUPS
RUN if [ "$proxy_environnement" != "" ]; \
then \
echo "Acquire::http::proxy \"$proxy_environnement\";" > /etc/apt/apt.conf.d/proxy; \
fi

RUN apt-get update && apt-get upgrade -y
RUN apt-get install -y\
lsb-release \
apt-transport-https \
ca-certificates \
wget \
git \
&& apt-get update && apt-get upgrade -y && apt-get clean

# PROXY (wget)
# Des doutes sur le fonctionnement, perso j'ai eu des soucis derrière le proxy unicaen (HM)
COPY etc/wgetrc /etc/wgetrc

# INSTALL PACKAGES OS
RUN apt-get install -y \
libboost-all-dev \
libboost-dev \
libuuid1 \
uuid-dev \
gperf \
apache2 \
nano \
supervisor \
curl \
libaio1 \
libpng-dev \
libpq-dev \
libicu-dev \
ldap-utils \
libldap2-dev \
libgearman-dev \
libzip-dev \
zip \
gettext \
libbz2-dev \
unzip \
supervisor \
gearman-tools \
postgresql-client \
php7.4 \
php7.4-gearman \
php7.4-bz2 \
php7.4-cli \
php7.4-curl \
php7.4-dom \
php7.4-gd \
php7.4-intl \
php7.4-ldap \
php7.4-mbstring \
php7.4-pgsql \
php7.4-xml \
php7.4-zip \
php-bcmath \
php7.4-dev \
php-pear \
php-xdebug \
&& apt-get clean

# Enable xdebug -> Need to install later xdebug
#RUN pecl install xdebug

# SOUCIS DERRIERE PROXY UNICAEN (HM) METHODE COPIE DE FICHIERS, PASSAGE PAR UN TEST IF ET CELA FONCTIONNE DANS TOUS LES CAS DE FIGURE
# PROXY (wget)
#COPY etc/apt/wgetrc /etc/apt/wgetrc
# INSTALL OCI ET UTILISATION DE WGET (ATTENTION PROXY) -> LE HOOK VIA UN if CI-DESSOUS FONCTIONNE BIEN DERRIERE OU PAS UN PROXY (HM)
RUN if [ "$proxy_environnement" != "" ]; \
then \
pear config-set http_proxy "$proxy_environnement"; \
echo "http_proxy = $proxy_environnement" >> /etc/wgetrc && echo "https_proxy = $proxy_environnement" >> /etc/wgetrc; \
fi

COPY resources/instantclient-basiclite-linux.x64-18.5.0.0.0dbru.zip /tmp/
COPY resources/instantclient-sdk-linux.x64-18.5.0.0.0dbru.zip /tmp/
COPY resources/instantclient-sqlplus-linux.x64-18.5.0.0.0dbru.zip /tmp/

RUN unzip -o /tmp/instantclient-basiclite-linux.x64-18.5.0.0.0dbru.zip -d /usr/local/ && \
unzip -o /tmp/instantclient-sdk-linux.x64-18.5.0.0.0dbru.zip -d /usr/local/ && \
unzip -o /tmp/instantclient-sqlplus-linux.x64-18.5.0.0.0dbru.zip -d /usr/local/

RUN ln -sf /usr/local/instantclient_18_5 /usr/local/instantclient && \
ln -sf /usr/local/instantclient/sqlplus /usr/local/bin/sqlplus

RUN echo 'instantclient,/usr/local/instantclient' | pecl install oci8-2.2.0
RUN echo "extension=oci8.so" > /etc/php/7.4/apache2/conf.d/30-php-oci8.ini && \
echo "extension=oci8.so" > /etc/php/7.4/cli/conf.d/30-php-oci8.ini && \
echo "/usr/local/instantclient" > /etc/ld.so.conf.d/oracle-instantclient.conf && ldconfig

#RUN echo "http_proxy = http://proxy.unicaen.fr:3128" >> /etc/wgetrc && echo "https_proxy = http://proxy.unicaen.fr:3128" >> /etc/wgetrc;
RUN echo "XDEBUG"
COPY etc/php/7.4/mods-available/xdebug.ini /etc/php/7.4/mods-available/xdebug.ini
RUN phpenmod -v ALL -s ALL xdebug

#POINT DE MONTAGE OSCAR
RUN mkdir -p /var/OscarApp
WORKDIR /var/OscarApp/

#CLEAN
RUN apt-get autoremove -y && apt-get clean && rm -rf /tmp/* /var/tmp/*

#CONFIG APACHE2
#RUN rm /etc/apache2/site-available/000-default.conf /etc/apache2/site-available/default-ssl.conf
COPY etc/apache2/sites-available/oscar.conf /etc/apache2/sites-available/oscar.conf
RUN a2dissite 000-default && a2dissite default-ssl && a2ensite oscar

#SCRIPT CUSTO CONFIG APACHE2
COPY run /usr/local/bin/run
RUN chmod +x /usr/local/bin/run
RUN a2enmod rewrite && a2enmod ssl

#Composer (Attention proxy important pour du wget)
RUN wget https://getcomposer.org/download/latest-stable/composer.phar
RUN mv composer.phar /usr/local/bin/composer
RUN chmod +x /usr/local/bin/composer

RUN echo "UPDATE"

#SCRIPT INIT
COPY startup.sh /opt/startup.sh
RUN chmod +x /opt/startup.sh

# OSCAR CONFIG (default)
RUN mkdir /etc/oscar_config/
COPY oscar/config/autoload/p1ps-local.php /opt/oscar_config/local.php
COPY oscar/config/autoload/p1ps-app.local.php /opt/oscar_config/unicaen-app.local.php
COPY oscar/config/autoload/p1ps-auth.local.php /opt/oscar_config/unicaen-auth.local.php

#SUPERVISOR FICHIERS DE CONFIG POUR MULTIPLES SERVICES IN CONTAINER DOCKER
COPY supervisor /etc/supervisor/conf.d/oscar.conf
EXPOSE 80 9000 9003

#SUPERVISOR LA CLEF DU MULTIPLE SERVICES DANS UN CONTAINER DOCKER EN NO DAEMON
CMD supervisord -n
73 changes: 73 additions & 0 deletions dockerize/skeleton-etab/oscar/oscar/config/autoload/p1ps-app.local.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
<?php
/**
* Dupliquer ce fichier en supprimant .dist
*/
$settings = array(
/**
* Informations concernant cette application
*/

'ldap' => array(
'connection' => array(
'default' => array(
'params' => array(
'host' => '******.univ-paris1.fr',
'port' => 389,
'username' => 'cn=*******,ou=admin,dc=univ-paris1,dc=fr',
'password' => '**********',
'baseDn' => 'ou=people,dc=univ-paris1,dc=fr',
'bindRequiresDn' => true,
'accountFilterFormat' => '(&(objectClass=posixAccount)(supannAliasLogin=%s))',
)
)
),
'dn' => [
'UTILISATEURS_BASE_DN' => 'ou=people,dc=univ-paris1,dc=fr',
'UTILISATEURS_DESACTIVES_BASE_DN' => 'ou=deactivated,dc=univ-paris1,dc=fr',
'GROUPS_BASE_DN' => 'ou=groups,dc=univ-paris1,dc=fr',
'STRUCTURES_BASE_DN' => 'ou=structures,dc=univ-paris1,dc=fr',
],

'filters' => [
'LOGIN_FILTER' => '(uid=%s)',
'UTILISATEUR_STD_FILTER' => '(|(uid=p*)(&(uid=e*)(eduPersonAffiliation=student)))',
'CN_FILTER' => '(cn=%s)',
'NAME_FILTER' => '(cn=%s*)',
'UID_FILTER' => '(uid=%s)',
'NO_INDIVIDU_FILTER' => '(supannEmpId=%08s)',
'AFFECTATION_FILTER' => '(&(uid=*)(eduPersonOrgUnitDN=%s))',
'AFFECTATION_CSTRUCT_FILTER' => '(&(uid=*)(|(ucbnSousStructure=%s;*)(supannAffectation=%s;*)))',
'LOGIN_OR_NAME_FILTER' => '(|(supannAliasLogin=%s)(cn=%s*))',
'MEMBERSHIP_FILTER' => '(memberOf=%s)',
'AFFECTATION_ORG_UNIT_FILTER' => '(eduPersonOrgUnitDN=%s)',
'AFFECTATION_ORG_UNIT_PRIMARY_FILTER' => '(eduPersonPrimaryOrgUnitDN=%s)',
'ROLE_FILTER' => '(supannRoleEntite=[role={SUPANN}%s][type={SUPANN}%s][code=%s]*)',
'PROF_STRUCTURE' => '(&(eduPersonAffiliation=teacher)(eduPersonOrgUnitDN=%s))',
'FILTER_STRUCTURE_DN' => '(%s)',
'FILTER_STRUCTURE_CODE_ENTITE' => '(supannCodeEntite=%s)',
'FILTER_STRUCTURE_CODE_ENTITE_PARENT' => '(supannCodeEntiteParent=%s)',
],
/****/
),
/**
* Options concernant l'envoi de mail par l'application
*/
'mail' => array(
// transport des mails
'transport_options' => array(
'host' => 'smtp.unicaen.fr',
'port' => 25,
),
// adresses à substituer à celles des destinataires originaux ('CURRENT_USER' équivaut à l'utilisateur connecté)
'redirect_to' => array('[email protected]', /*'CURRENT_USER'*/),
// désactivation totale de l'envoi de mail par l'application
'do_not_send' => false,
),
);

/**
* You do not need to edit below this line
*/
return array(
'unicaen-app' => $settings,
);
59 changes: 59 additions & 0 deletions dockerize/skeleton-etab/oscar/oscar/config/autoload/p1ps-auth.local.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
<?php
/**
* Configuration locale du module UnicaenAuth.
*
* If you have a ./config/autoload/ directory set up for your project, you can
* drop this config file in it and change the values as you wish.
*/
$settings = array(
'local' => [
'order' => 2,
'enabled' => false,
'description' => "Utilisez ce formulaire si vous possédez un compte LDAP établissement ou un compte local dédié à l'application.",

/**
* Mode d'authentification à l'aide d'un compte dans la BDD de l'application.
*/
'db' => [
'enabled' => true, // doit être activé pour que l'usurpation fonctionne (cf. Authentication/Storage/Db::read()) :-/
],

/**
* Mode d'authentification à l'aide d'un compte LDAP.
*/
'ldap' => [
'enabled' => true,
],
],
/**
* Paramètres de connexion au serveur CAS :
* - pour désactiver l'authentification CAS, le tableau 'cas' doit être vide.
* - pour l'activer, renseigner les paramètres.
*/
'cas' => array(
'enabled' => true,
// CONFIGURATION DU CAS
'connection' => array(
'default' => array(
'params' => array(
'hostname' => 'cas.univ-paris1.fr/cas',
'port' => 443,
'version' => "2.0",
'uri' => "",
'debug' => false,
),
),
),
),
// 'usurpation_allowed_usernames' => array('login1', 'login2'),

// Champ utilisé pour l'autentification (côté LDAP)
// 'ldap_username' => 'supannaliaslogin',
);

/**
* You do not need to edit below this line
*/
return array(
'unicaen-auth' => $settings,
);
Loading