[ckan-changes] commit/ckan-debs-public: 2 new changesets
Bitbucket
commits-noreply at bitbucket.org
Tue May 17 13:16:55 UTC 2011
2 new changesets in ckan-debs-public:
http://bitbucket.org/okfn/ckan-debs-public/changeset/f38aa6591e68/
changeset: r10:f38aa6591e68
user: jame... at okfn.org
date: 2011-05-13 23:07:44
summary: Initial refactor of the install approach
affected #: 7 files (20.6 KB)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/ckan-common/DEBIAN/control Fri May 13 22:07:44 2011 +0100
@@ -0,0 +1,12 @@
+Package: ckan-common
+Version: 1.3.4~01
+Architecture: amd64
+Maintainer: James Gardner <james.gardner at okfn.org>
+Installed-Size: 0
+Depends: python-ckan
+Recommends: postgresql, curl
+Section: main/web
+Priority: extra
+Homepage: http://ckan.org
+Description: ckan
+ Common files useful for managing CKAN installations
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/ckan-common/usr/lib/ckan/common.sh Fri May 13 22:07:44 2011 +0100
@@ -0,0 +1,231 @@
+#!/bin/bash
+
+log () {
+ echo "ckan: hello" $1
+}
+
+#_echo="echo"
+maintenance_on () {
+ local instance
+ instance=$1
+ $_echo a2dissite ${instance} &> /dev/null
+ $_echo a2ensite ${instance}.maint &> /dev/null
+ $_echo service apache2 reload &> /dev/null
+}
+
+maintenance_off () {
+ local instance
+ instance=$1
+ $_echo a2dissite ${instance}.maint &> /dev/null
+ $_echo a2ensite ${instance} &> /dev/null
+ $_echo service apache2 reload &> /dev/null
+}
+
+ensure_users_and_groups () {
+ local user group ckan_users
+ user="ckan"
+ group="${user}"
+ ckan_users="www-data okfn"
+ COMMAND_OUTPUT=`cat /etc/group | grep "ckan"`
+ if ! [[ "$COMMAND_OUTPUT" =~ ckan ]] ; then
+ sudo groupadd --system ${group}
+ fi
+ for u in ${ckan_users} ; do
+ grep -q "^${u}:" /etc/passwd && sudo usermod -a -G ${group} ${u}
+ done
+ COMMAND_OUTPUT=`cat /etc/passwd | grep "ckan"`
+ if ! [[ "$COMMAND_OUTPUT" =~ ckan ]] ; then
+ sudo useradd --system --gid ${group} --home /var/lib/ckan -M --shell /usr/sbin/nologin ${user}
+ fi
+}
+
+make_ckan_directories () {
+ local instance
+ if [ "X$1" = "X" ] ; then
+ echo "ERROR: call the function make_ckan_directories with an instance name, e.g."
+ echo " dgu"
+ exit 1
+ else
+ instance=$1
+ mkdir -p -m 0755 /etc/ckan/${instance}
+ mkdir -p -m 2750 /var/lib/ckan/${instance}{,/static}
+ mkdir -p -m 2770 /var/{backup,log}/ckan/${instance} /var/lib/ckan/${instance}/{data,sstore,static/dump}
+ chgrp -R ckan /var/lib/ckan/
+ chgrp -R ckan /var/backup/ckan/
+ chgrp -R ckan /var/log/ckan/
+ fi
+}
+
+create_who_ini () {
+ local instance
+ if [ "X$1" = "X" ] ; then
+ echo "ERROR: call the function create_who_ini function with an instance name, e.g."
+ echo " dgu"
+ exit 1
+ else
+ instance=$1
+ if ! [ -f /etc/ckan/$0/who.ini ] ; then
+ cp -n /usr/share/pyshared/ckan/config/who.ini /etc/ckan/${instance}/who.ini
+ sed -e "s,%(here)s,/var/lib/ckan/${instance}," \
+ -i /etc/ckan/${instance}/who.ini
+ fi
+ fi
+}
+
+create_config_file () {
+ local instance password
+ if [ "X$1" = "X" ] || [ "X$2" = "X" ] ; then
+ echo "ERROR: call the function create_who_ini function with an instance name, and a password for postgresql e.g."
+ echo " dgu 1U923hjkh8"
+ echo " You can generate a password like this: "
+ echo " < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c10"
+ exit 1
+ else
+ instance=$1
+ password=$2
+ if ! [ -f /etc/ckan/${instance}/${instance}.ini ] ; then
+ paster make-config ckan /etc/ckan/${instance}/${instance}.ini
+ sed -e "s,^\(email_to\)[ =].*,\1 = root," \
+ -e "s,^\(error_email_from\)[ =].*,\1 = ckan-${instance}@`hostname`," \
+ -e "s,^\(cache_dir\)[ =].*,\1 = /var/lib/ckan/${instance}/data," \
+ -e "s,^\(who.config_file\)[ =].*,\1 = /etc/ckan/${instance}/who.ini," \
+ -e "s,%(here)s,/var/lib/ckan/${instance}," \
+ -e "s,^\(sqlalchemy.url\)[ =].*,\1 = postgresql://${instance}:${password}@localhost/${instance}," \
+ -i /etc/ckan/${instance}/${instance}.ini
+ fi
+ fi
+}
+
+add_or_replace_database_user () {
+ local instance password
+ if [ "X$1" = "X" ] || [ "X$2" = "X" ] ; then
+ echo "ERROR: call the function create_who_ini function with an instance name, and a password for postgresql e.g."
+ echo " dgu 1U923hjkh8"
+ echo " You can generate a password like this: "
+ echo " < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c10"
+ exit 1
+ else
+ instance=$1
+ password=$2
+ COMMAND_OUTPUT=`sudo -u postgres psql -c "SELECT 'True' FROM pg_user WHERE usename='${instance}'" 2> /dev/null`
+ if ! [[ "$COMMAND_OUTPUT" =~ True ]] ; then
+ sudo -u postgres -c "psql -c \"CREATE USER \"${instance}\" WITH PASSWORD '${password}'\""
+ else
+ sudo -u postgres -c "psql -c \"ALTER USER \"${instance}\" WITH PASSWORD '${password}'\""
+ fi
+ fi
+}
+
+ensure_db_exists () {
+ local instance
+ if [ "X$1" = "X" ] ; then
+ echo "ERROR: call the function create_who_ini function with an instance name, e.g."
+ echo " dgu"
+ exit 1
+ else
+ instance=$1
+ COMMAND_OUTPUT=`sudo -u postgres psql -l 2> /dev/null`
+ if ! [[ "$COMMAND_OUTPUT" =~ ${instance} ]] ; then
+ echo "Creating the database ..."
+ su postgres -c "createdb -O ${instance} ${instance}"
+ fi
+ fi
+}
+
+create_wsgi_handler () {
+ local instance
+ if [ "X$1" = "X" ] ; then
+ echo "ERROR: call the function create_wsgi_handler function with an instance name, e.g."
+ echo " dgu"
+ exit 1
+ else
+ instance=$1
+ wsgi_path="`python -c 'import ckan; print ckan.__path__[0]'`/wsgi.py"
+ if ! [ -f /etc/ckan/${instance}/${instance}.py ] ; then
+ echo "Found Apache script in ${wsgi_path}, creating symlink from /etc/ckan/${instance}/${instance}.py"
+ ln -s ${wsgi_path} /etc/ckan/${instance}/${instance}.py
+ fi
+ fi
+}
+
+overwrite_apache_config () {
+ local instance ServerName ServerAlias
+ if [ "X$1" = "X" ] ; then
+ echo "ERROR: call the function overwrite_apache_config function with an instance name, the server name and a server aliase e.g."
+ echo " dgu catalogue.data.gov.uk dgu-live.okfn.org"
+ exit 1
+ else
+ instance=$1
+ ServerName=$2
+ ServerAlias=$3
+ rm /etc/apache2/sites-available/${instance}.common
+ cat <<EOF > /etc/apache2/sites-available/${instance}.common
+
+ # WARNING: Do not manually edit this file, it is desgined to be
+ # overwritten at any time by the postinst script of
+ # dependent packages
+
+ # These are common settings used for both the normal and maintence modes
+
+ DocumentRoot /var/lib/ckan/${instance}/static
+ ServerName ${ServerName}
+ ServerAlias ${ServerAlias}
+
+ <Directory />
+ deny from all
+ </Directory>
+
+ <Directory /etc/ckan/${instance}/>
+ allow from all
+ </Directory>
+
+ <Directory /var/lib/ckan/${instance}/static>
+ allow from all
+ </Directory>
+
+ Alias /dump /var/lib/ckan/${instance}/static/dump
+
+ # Disable the mod_python handler for static files
+ <Location /dump>
+ SetHandler None
+ Options +Indexes
+ </Location>
+
+ # this is our app
+ WSGIScriptAlias / /etc/ckan/${instance}/${instance}.py
+
+ # pass authorization info on (needed for rest api)
+ WSGIPassAuthorization On
+
+ ErrorLog /var/log/apache2/${instance}.error.log
+ CustomLog /var/log/apache2/${instance}.custom.log combined
+EOF
+ rm /etc/apache2/sites-available/${instance}
+ cat <<EOF > /etc/apache2/sites-available/${instance}
+<VirtualHost *:80>
+ # WARNING: Do not manually edit this file, it is desgined to be
+ # overwritten at any time by the postinst script of
+ # dependent packages
+ Include /etc/apache2/sites-available/${instance}.common
+</VirtualHost>
+EOF
+ rm /etc/apache2/sites-available/${instance}.maint
+ cat <<EOF > /etc/apache2/sites-available/${instance}.maint
+<VirtualHost *:80>
+ # WARNING: Do not manually edit this file, it is desgined to be
+ # overwritten at any time by the postinst script of
+ # dependent packages
+ Include /etc/apache2/sites-available/${instance}.common
+
+ # Maintenance mode
+ RewriteEngine On
+ RewriteRule ^(.*)/new /return_503 [PT,L]
+ RewriteRule ^(.*)/create /return_503 [PT,L]
+ RewriteRule ^(.*)/authz /return_503 [PT,L]
+ RewriteRule ^(.*)/edit /return_503 [PT,L]
+ RewriteCond %{REQUEST_METHOD} !^GET$ [NC]
+ RewriteRule (.*) /return_503 [PT,L]
+</VirtualHost>
+EOF
+ fi
+}
--- a/ckan-dgu/DEBIAN/control Tue Apr 19 00:14:41 2011 +0100
+++ b/ckan-dgu/DEBIAN/control Fri May 13 22:07:44 2011 +0100
@@ -1,9 +1,9 @@
Package: ckan-dgu
-Version: 0.2~15
+Version: 0.2~16
Architecture: amd64
Maintainer: James Gardner <james.gardner at okfn.org>
Installed-Size: 0
-Depends: python-ckan, apache2, libapache2-mod-wsgi, python-apachemiddleware, ckan, python-ckanext-dgu, python-ckanext-harvest, python-ckanext-csw, python-swiss, python-dateutil, rabbitmq-server, postgresql-8.4-postgis, python-carrot, python-ckanext-spatial, python-ckanext-inspire
+Depends: python-ckan, apache2, libapache2-mod-wsgi, python-apachemiddleware, ckan, python-ckanext-dgu, python-ckanext-harvest, python-ckanext-csw, python-swiss, python-dateutil, rabbitmq-server, postgresql-8.4-postgis, python-carrot, python-ckanext-spatial, python-ckanext-inspire, python-ckanext-qa
Section: main/web
Priority: extra
Homepage: http://ckan.org
--- a/ckan-dgu/DEBIAN/postinst Tue Apr 19 00:14:41 2011 +0100
+++ b/ckan-dgu/DEBIAN/postinst Fri May 13 22:07:44 2011 +0100
@@ -1,37 +1,31 @@
#!/bin/bash
+. /usr/lib/ckan/common.sh
+# The above command means import the bash functions from there so we can
+# use them here
+
+# Things that could be done in a future version of this script
+# * Have all common CKAN functions start with cc_
+# * Have a separate config for drupal password and Apache names
+# * Have dgu users, groups and directories, rather than CKAN ones so that
+# potentially lots of different instances can be installed on the same
+# machine
+
+# Exit immediately if there is ever a command that returns a non-zero value
+# and don't process any more commands, most likley leaving CKAN in maintenance
+# mode
set -e
-# Check we are root
+# Check we are root, something has gone very wrong if we are not!
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
-# Initial installation
-# We consider CKAN to be installed if the dgu.ini file is present
-if ! [ -f /etc/ckan/dgu/dgu.ini ] ; then
- echo "Creating the DGU instance ..."
- ckan-create-instance dgu dgu-dev.okfn.org dgu-dev.okfn.org &> /dev/null
- a2ensite dgu &> /dev/null
-fi
+instance="dgu"
-if ! [ -f /etc/rc2.d/S25dgu_harvest_gather ] ; then
- echo "Creating the harvester gather and fetch consumers ..."
- sudo chmod a+x /var/lib/ckan/dgu/
- mkdir -p -m 0700 /var/lib/ckan/dgu/pid
- sudo chmod a+x /var/lib/ckan/dgu/pid
- touch /var/lib/ckan/dgu/pid/fetch.pid
- touch /var/lib/ckan/dgu/pid/gather.pid
- sudo chown ckan:ckan /var/lib/ckan/dgu/pid/fetch.pid
- sudo chown ckan:ckan /var/lib/ckan/dgu/pid/gather.pid
- sudo update-rc.d -f dgu_harvest_gather defaults 25 &> /dev/null
- sudo update-rc.d -f dgu_harvest_fetch defaults 25 &> /dev/null
- sudo /etc/init.d/dgu_harvest_fetch start &> /dev/null
- sudo /etc/init.d/dgu_harvest_gather start &> /dev/null
-fi
-
-# Disable any existing crontabs
+# Disable any existing crontabs during the upgrade, we don't want
+# scripts running when things are still changing
echo "Disabling the crontab for the ckan user ..."
PACKAGED_CRONJOB="/tmp/${instance}-cronjob"
cat <<EOF > ${PACKAGED_CRONJOB}
@@ -39,43 +33,151 @@
EOF
crontab -u ckan ${PACKAGED_CRONJOB}
-# Standard paster db upgrade
-echo "Performing any database upgrades ..."
-paster --plugin=ckan db upgrade --config=/etc/ckan/dgu/dgu.ini &> /dev/null
+# Try to put CKAN into maintenance mode, if it is installed
+if ! [ -f /etc/apache2/sites-available/${instance}.maint ] ; then
+ # We have a maintence mode available
+ echo "Putting CKAN into maintenance mode ..."
+ maintenance_on ${instance}
+fi
+
+echo "Ensuring users and groups are set up correctly ..."
+ensure_users_and_groups
+
+echo "Ensuring directories exist for ${instance} CKAN instance ..."
+# Ensure the standard directories exist
+make_ckan_directories ${instance}
+# Then create the extra ones DGU need and set permissions
+sudo chmod a+x /var/lib/ckan/${instance}/
+sudo mkdir -p -m 0700 /var/lib/ckan/${instance}/pid
+sudo chmod a+x /var/lib/ckan/${instance}/pid
+sudo mkdir -p -m 0700 /var/lib/ckan/${instance}/qa/download
+sudo chmod a+x /var/lib/ckan/${instance}/qa/download
+
+echo "Setting log file permissions so that both Apache and cron jobs can log to the same place ..."
+sudo touch /var/log/ckan/${instance}/${instance}.log
+sudo touch /var/log/ckan/${instance}/${instance}[1-9].log
+sudo chmod g+w /var/log/ckan/${instance}/${instance}.log
+sudo chmod g+w /var/log/ckan/${instance}/${instance}[1-9].log
+sudo chown www-data:ckan /var/log/ckan/${instance}/${instance}.log
+sudo chown www-data:ckan /var/log/ckan/${instance}/${instance}[1-9].log
+
+echo "Ensuring who.ini file exists for data.gov.uk CKAN instance ..."
+create_who_ini ${instance}
+
+echo "Ensuring ${instance}.py file exists for data.gov.uk CKAN instance ..."
+create_wsgi_handler ${instance}
+
+echo "Ensuring the ${instance} database exists ..."
+ensure_db_exists ${instance}
+
+echo "Ensuring ${instance}.ini file exists for data.gov.uk CKAN instance ..."
+if ! [ -f /etc/ckan/${instance}/${instance}.ini ] ; then
+ # Create a password
+ password=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c10`
+ # Replace any existing user with a new one with this password
+ echo "Setting the password of the ${instance} user in PostgreSQL"
+ add_or_replace_database_user ${instance} ${password}
+ # Create the config file
+ echo "Creating a data.gov.uk config for CKAN with the same password as the DGU user"
+ # We use the actual password in PostgreSQL in case any non-sense has gone on
+ create_config_file ${instance} ${password}
+ # Now that the file exists, make some customisations
+ cat <<EOF >> /etc/ckan/${instance}/${instance}.ini
+ckan.qa_downloads = /var/lib/ckan/${instance}/qa/download
+dgu.xmlrpc_username = CKAN_API
+#------------------------------------- XXX setup Drupal here -------------
+# dgu.xmlrpc_password = XXX
+# dgu.xmlrpc_domain = dev.dataco.coi.gov.uk
+#------------------------------------- XXX setup Drupal here -------------
+ckan.default_roles.Package = {"visitor": ["reader"], "logged_in": ["reader"]}
+ckan.default_roles.Group = {"visitor": ["reader"], "logged_in": ["reader"]}
+ckan.default_roles.System = {"visitor": ["reader"], "logged_in": ["reader"]}
+ckan.default_roles.AuthorizationGroup = {"visitor": ["reader"], "logged_in": ["reader"]}
+licenses_group_url = http://licenses.opendefinition.org/2.0/ukgov
+EOF
+ sed \
+ -e "s,^\(ckan.dump_dir\)[ =].*,\1 = /var/lib/ckan/dgu/static/dump," \
+ -e "s,^\(ckan.site_title\)[ =].*,\1 = data.gov.uk," \
+ -e "s,^\(ckan.site_url\)[ =].*,\1 = http://dgu-uat.okfn.org," \
+ -e "s,^\(package_form\)[ =].*,\1 = package_gov3," \
+ -e "s,^\(email_to\)[ =].*,\1 = ckan-sysadmin at okfn.org," \
+ -e "s,^\(error_email_from\)[ =].*,\1 = ckan-sysadmin at okfn.org," \
+ -i /etc/ckan/${instance}/${instance}.ini
+ echo "CAUTION: Make sure you edit '/etc/ckan/${instance}/${instance}.ini' to set the Drupal password."
+fi
+
+# Install the harvesting init scripts
+if ! [ -f /etc/rc2.d/S25${instance}_harvest_gather ] ; then
+ echo "Creating the harvester gather consumers ..."
+ sudo touch /var/lib/ckan/${instance}/pid/gather.pid
+ sudo chown ckan:ckan /var/lib/ckan/${instance}/pid/gather.pid
+ sudo update-rc.d -f ${instance}_harvest_gather defaults 25 &> /dev/null
+ sudo /etc/init.d/${instance}_harvest_gather start &> /dev/null
+fi
+if ! [ -f /etc/rc2.d/S25${instance}_harvest_fetch ] ; then
+ echo "Creating the harvester fetch consumers ..."
+ sudo touch /var/lib/ckan/${instance}/pid/fetch.pid
+ sudo chown ckan:ckan /var/lib/ckan/${instance}/pid/fetch.pid
+ sudo update-rc.d -f ${instance}_harvest_fetch defaults 25 &> /dev/null
+ sudo /etc/init.d/${instance}_harvest_fetch start &> /dev/null
+fi
# Install the harvesting extension tables if they aren't there already
-COMMAND_OUTPUT=`sudo -u postgres psql -d dgu -c "SELECT 'True' AS harvest_source_exists from pg_tables where schemaname='public' and tablename='harvest_source';" 2> /dev/null`
+COMMAND_OUTPUT=`sudo -u postgres psql -d ${instance} -c "SELECT 'True' AS harvest_source_exists from pg_tables where schemaname='public' and tablename='harvest_source';" 2> /dev/null`
if [[ "$COMMAND_OUTPUT" =~ True ]] ; then
echo "Harvester tables present"
else
echo "Setting up the harvester tables ..."
- paster --plugin=ckanext-harvest harvester initdb --config=/etc/ckan/dgu/dgu.ini &> /dev/null
+ paster --plugin=ckanext-harvest harvester initdb --config=/etc/ckan/${instance}/${instance}.ini &> /dev/null
fi
# Install the geospatial search tables if they aren't there already
-COMMAND_OUTPUT=`sudo -u postgres psql -d dgu -c "SELECT count(*) from pg_proc where proname = 'postgis_full_version'" 2> /dev/null`
+COMMAND_OUTPUT=`sudo -u postgres psql -d ${instance} -c "SELECT count(*) from pg_proc where proname = 'postgis_full_version'" 2> /dev/null`
if [[ "$COMMAND_OUTPUT" =~ 0 ]] ; then
- echo "Adding the plpgsql langauge to the dgu database ..."
- sudo -u postgres createlang plpgsql dgu &> /dev/null
+ echo "Adding the plpgsql langauge to the ${instance} database ..."
+ sudo -u postgres createlang plpgsql ${instance} &> /dev/null
echo "Installing PostGIS extensions ..."
- sudo -u postgres psql -d dgu -f /usr/share/postgresql/8.4/contrib/postgis.sql &> /dev/null
- sudo -u postgres psql -d dgu -f /usr/share/postgresql/8.4/contrib/spatial_ref_sys.sql &> /dev/null
+ sudo -u postgres psql -d ${instance} -f /usr/share/postgresql/8.4/contrib/postgis.sql &> /dev/null
+ sudo -u postgres psql -d ${instance} -f /usr/share/postgresql/8.4/contrib/spatial_ref_sys.sql &> /dev/null
echo "Setting PostGIS permissions for CKAN and initialising tables ..."
- sudo -u postgres psql -d dgu -c "ALTER TABLE geometry_columns OWNER TO dgu" &> /dev/null
- sudo -u postgres psql -d dgu -c "ALTER TABLE spatial_ref_sys OWNER TO dgu" &> /dev/null
- sudo paster --plugin=ckanext-spatial spatial initdb --config=/etc/ckan/dgu/dgu.ini &> /dev/null
-else
- echo "PostGIS present"
+ sudo -u postgres psql -d ${instance} -c "ALTER TABLE geometry_columns OWNER TO ${instance}" &> /dev/null
+ sudo -u postgres psql -d ${instance} -c "ALTER TABLE spatial_ref_sys OWNER TO ${instance}" &> /dev/null
+ sudo paster --plugin=ckanext-spatial spatial initdb --config=/etc/ckan/${instance}/${instance}.ini &> /dev/null
fi
# Set any plugins needed
-echo "Updating the plugins configuration ..."
-sed -e "s,^\(ckan.plugins\)[ =].*,\1 = dgu_form_api cswserver harvest gemini_harvester gemini_doc_harvester gemini_waf_harvester inspire_api wms_preview spatial_query dgu_theme_embedded qa," \
- -i /etc/ckan/dgu/dgu.ini
+echo "Ensuring the latest plugins are configured ..."
+sed -e "s,^\(ckan.plugins\)[ =].*,\1 = dgu_form_api cswserver harvest gemini_harvester gemini_doc_harvester gemini_waf_harvester inspire_api wms_preview spatial_query dgu_theme_embedded qa dgu_auth_api," \
+ -i /etc/ckan/${instance}/${instance}.ini
+
+# Overwrite the existing Apache config
+if [ -f /etc/apache2/sites-enabled/default ] ; then
+ echo "Disabling the default Apache site ..."
+ a2dissite default
+fi
+
+echo "Overwriting the existing Apache config ..."
+overwrite_apache_config ${instance} catalog.data.gov.uk dgu-live.okfn.org
+
+# Make sure mod_rewrite is enabled
+if ! [ -f /etc/apache2/mods-enabled/rewrite.load ] ; then
+ echo "Enabling Apache mod_rewite ..."
+ a2enmod rewrite
+fi
+
+
+# Standard paster db upgrade
+echo "Performing any database upgrades ..."
+paster --plugin=ckan db upgrade --config=/etc/ckan/${instance}/${instance}.ini &> /dev/null
+
+# Make sure our instance is enabled
+echo "Bringing the ${instance} instance out of maintenance mode ..."
+maintenance_off ${instance}
# Restart Apache so it is aware of any changes
echo "Restarting apache ..."
-/etc/init.d/apache2 reload &> /dev/null
+/etc/init.d/apache2 restart
+#&> /dev/null
# Install the new crontab
echo "Enabling crontab for the ckan user ..."
@@ -84,16 +186,14 @@
# WARNING: Do not edit these cron tabs, they will be overwritten any time
# the ckan-dgu package is upgraded
# QUESTION: Should email reports be sent to root?
-# m h dom mon dow command
-
# Gov Daily
-30 23 * * * python /usr/lib/pymodules/python2.6/ckanext/dgu/bin/gov-daily.py /etc/ckan/dgu/dgu.ini
+# 31 23 * * * python /usr/lib/pymodules/python2.6/ckanext/dgu/bin/gov-daily.py /etc/ckan/dgu/dgu.ini
# Try to start the harvester consumers in case they have stopped
-*/10 * * * * /etc/init.d/dgu_harvest_gather start
-*/10 * * * * /etc/init.d/dgu_harvest_fetch start
-# Then run the harvester
-*/10 * * * * paster --plugin=ckan harvester run --config=/etc/ckan/dgu/dgu.ini
+*/10 * * * * /etc/init.d/dgu_harvest_gather start
+*/10 * * * * /etc/init.d/dgu_harvest_fetch start
+# Then run the harvester 1 minute after any fetch or gather restart
+# 1,11,21,31,41,51 * * * * paster --plugin=ckanext-harvest harvester run --config=/etc/ckan/dgu/dgu.ini
+# Update the package 5 star scores once a month
+# 0 0 1 * * paster --plugin=ckanext-qa update-scores update --config=/etc/ckan/dgu/dgu.ini
EOF
crontab -u ckan ${PACKAGED_CRONJOB}
-echo "done."
-
--- a/ckan/DEBIAN/postinst Tue Apr 19 00:14:41 2011 +0100
+++ b/ckan/DEBIAN/postinst Fri May 13 22:07:44 2011 +0100
@@ -1,27 +1,181 @@
-#!/bin/sh
-set -e
+#!/bin/bash
+. /usr/lib/ckan/common
-user="ckan"
-group="${user}"
-ckan_users="www-data okfn"
+# The above command means import the bash functions from there so we can
+# use them here
-echo "Creating users and groups..."
-grep -q "^${group}:" /etc/group || sudo groupadd --system ${group}
-grep -q "^${user}:" /etc/passwd || sudo useradd --system --gid ${group} --home /var/lib/ckan -M --shell /usr/sbin/nologin ${user}
-for u in ${ckan_users} ; do
- grep -q "^${u}:" /etc/passwd && sudo usermod -a -G ${group} ${u}
-done
-echo "done."
-echo "Creating directories..."
-mkdir -p -m 0755 /etc/ckan # Mark as "config"
-mkdir -p -m 0755 /var/backup
-mkdir -p -m 2750 /var/lib/ckan/
-mkdir -p -m 2750 /var/backup/ckan/
-mkdir -p -m 2750 /var/log/ckan/
-echo "done."
-echo "Setting permissions..."
-chgrp -R ckan /var/lib/ckan/
-chgrp -R ckan /var/backup/ckan/
-chgrp -R ckan /var/log/ckan/
+# Exit immediately if there is ever a command that returns a non-zero value
+# and don't process any more commands
+set -e
+
+# Check we are root, something has gone very wrong if we are not!
+if [[ $EUID -ne 0 ]]; then
+ echo "This script must be run as root"
+ exit 1
+fi
+
+# Try to put CKAN into maintenance mode, if it is installed
+if ! [ -f /etc/apache2/sites-available/${instance}.maint ] ; then
+ # We have a maintence mode available
+ echo "Putting CKAN into maintenance mode ..."
+ ckan-instance-maintenance on
+fi
+
+echo "Ensuring users and groups are set up correctly ..."
+ensure_users_and_groups
+
+echo "Ensuring directories exist for data.gov.uk CKAN instance ..."
+# Ensure the standard directories exist
+make_ckan_directories dgu
+# Then create the extra ones DGU need and set permissions
+sudo chmod a+x /var/lib/ckan/dgu/
+sudo mkdir -p -m 0700 /var/lib/ckan/dgu/pid
+sudo chmod a+x /var/lib/ckan/dgu/pid
+sudo mkdir -p -m 0700 /var/lib/ckan/dgu/qa/download
+sudo chmod a+x /var/lib/ckan/dgu/pid/download
+
+echo "Setting log file permissions so that both Apache and cron jobs can log to the same place..."
+sudo touch /var/log/ckan/dgu/dgu.log
+sudo touch /var/log/ckan/dgu/dgu[1-9].log
+sudo chmod g+w /var/log/ckan/dgu/dgu.log
+sudo chmod g+w /var/log/ckan/dgu/dgu[1-9].log
+sudo chown www-data:ckan /var/log/ckan/dgu/dgu.log
+sudo chown www-data:ckan /var/log/ckan/dgu/dgu[1-9].log
+
+echo "Ensuring who.ini file exists for data.gov.uk CKAN instance ..."
+create_who_ini dgu
+
+echo "Ensuring dgu.py file exists for data.gov.uk CKAN instance ..."
+create_wsgi_handler dgu
+
+echo "Ensuring the dgu database exists ..."
+ensure_db_exists dgu
+
+echo "Ensuring dgu.ini file exists for data.gov.uk CKAN instance ..."
+if ! [ -f /etc/ckan/dgu/dgu.ini ] ; then
+ # Create a password
+ password=`< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c10`
+ # Replace any existing dgu user with a new one with this password
+ echo "Setting the password of the dgu user in PostgreSQL"
+ add_or_replace_database_user dgu $password
+ # Create the config file
+ echo "Creating a data.gov.uk config for CKAN with the same password as the DGU user"
+ # We use the actual password in PostgreSQL in case any non-sense has gone on
+ create_config_file dgu $password
+ # Now that the file exists, make some customisations
+ cat <<EOF >> /etc/ckan/dgu/dgu.ini
+ckan.qa_downloads = /var/lib/ckan/dgu/qa/download
+dgu.xmlrpc_username = CKAN_API
+#------------------------------------- XXX setup Drupal here -------------
+# dgu.xmlrpc_password = XXX
+# dgu.xmlrpc_domain = dev.dataco.coi.gov.uk
+#------------------------------------- XXX setup Drupal here -------------
+ckan.default_roles.Package = {"visitor": ["reader"], "logged_in": ["reader"]}
+ckan.default_roles.Group = {"visitor": ["reader"], "logged_in": ["reader"]}
+ckan.default_roles.System = {"visitor": ["reader"], "logged_in": ["reader"]}
+ckan.default_roles.AuthorizationGroup = {"visitor": ["reader"], "logged_in": ["reader"]}
+licenses_group_url = http://licenses.opendefinition.org/2.0/ukgov
+EOF
+ sed \
+ -e "s,^\(ckan.dump_dir\)[ =].*,\1 = /var/lib/ckan/dgu/static/dump," \
+ -e "s,^\(ckan.site_title\)[ =].*,\1 = data.gov.uk," \
+ -e "s,^\(ckan.site_url\)[ =].*,\1 = http://dgu-uat.okfn.org," \
+ -e "s,^\(package_form\)[ =].*,\1 = package_gov3," \
+ -e "s,^\(email_to\)[ =].*,\1 = ckan-sysadmin at okfn.org," \
+ -e "s,^\(error_email_from\)[ =].*,\1 = ckan-sysadmin at okfn.org," \
+ -i /etc/ckan/dgu/dgu.ini
+ echo "CAUTION: Make sure you edit '/etc/ckan/dgu/dgu.ini' to set the Drupal password."
+fi
+
+# Install the harvesting init scripts
+if ! [ -f /etc/rc2.d/S25dgu_harvest_gather ] ; then
+ echo "Creating the harvester gather consumers ..."
+ sudo touch /var/lib/ckan/dgu/pid/gather.pid
+ sudo chown ckan:ckan /var/lib/ckan/dgu/pid/gather.pid
+ sudo update-rc.d -f dgu_harvest_gather defaults 25 &> /dev/null
+ sudo /etc/init.d/dgu_harvest_gather start &> /dev/null
+fi
+if ! [ -f /etc/rc2.d/S25dgu_harvest_fetch ] ; then
+ echo "Creating the harvester fetch consumers ..."
+ sudo touch /var/lib/ckan/dgu/pid/fetch.pid
+ sudo chown ckan:ckan /var/lib/ckan/dgu/pid/fetch.pid
+ sudo update-rc.d -f dgu_harvest_fetch defaults 25 &> /dev/null
+ sudo /etc/init.d/dgu_harvest_fetch start &> /dev/null
+fi
+
+# Install the harvesting extension tables if they aren't there already
+COMMAND_OUTPUT=`sudo -u postgres psql -d dgu -c "SELECT 'True' AS harvest_source_exists from pg_tables where schemaname='public' and tablename='harvest_source';" 2> /dev/null`
+if [[ "$COMMAND_OUTPUT" =~ True ]] ; then
+ echo "Harvester tables present"
+else
+ echo "Setting up the harvester tables ..."
+ paster --plugin=ckanext-harvest harvester initdb --config=/etc/ckan/dgu/dgu.ini &> /dev/null
+fi
+
+# Install the geospatial search tables if they aren't there already
+COMMAND_OUTPUT=`sudo -u postgres psql -d dgu -c "SELECT count(*) from pg_proc where proname = 'postgis_full_version'" 2> /dev/null`
+if [[ "$COMMAND_OUTPUT" =~ 0 ]] ; then
+ echo "Adding the plpgsql langauge to the dgu database ..."
+ sudo -u postgres createlang plpgsql dgu &> /dev/null
+ echo "Installing PostGIS extensions ..."
+ sudo -u postgres psql -d dgu -f /usr/share/postgresql/8.4/contrib/postgis.sql &> /dev/null
+ sudo -u postgres psql -d dgu -f /usr/share/postgresql/8.4/contrib/spatial_ref_sys.sql &> /dev/null
+ echo "Setting PostGIS permissions for CKAN and initialising tables ..."
+ sudo -u postgres psql -d dgu -c "ALTER TABLE geometry_columns OWNER TO dgu" &> /dev/null
+ sudo -u postgres psql -d dgu -c "ALTER TABLE spatial_ref_sys OWNER TO dgu" &> /dev/null
+ sudo paster --plugin=ckanext-spatial spatial initdb --config=/etc/ckan/dgu/dgu.ini &> /dev/null
+fi
+
+# Set any plugins needed
+echo "Ensuring the latest plugins are configured ..."
+sed -e "s,^\(ckan.plugins\)[ =].*,\1 = dgu_form_api cswserver harvest gemini_harvester gemini_doc_harvester gemini_waf_harvester inspire_api wms_preview spatial_query dgu_theme_embedded qa dgu_auth_api," \
+ -i /etc/ckan/dgu/dgu.ini
+
+# Overwrite the existing Apache config
+if [ -f /etc/apache2/sites-enabled/default ] ; then
+ echo "Disabling the default Apache site ..."
+ a2dissite default
+fi
+
+echo "Overwriting the existing Apache config ..."
+overwrite_apache_config dgu catalog.data.gov.uk dgu-live.okfn.org
+
+# Make sure mod_rewrite is enabled
+if ! [ -f /etc/apache2/mods-enabled/rewrite ] ; then
+ echo "Enabling Apache mod_rewite ..."
+ a2enmod rewrite
+fi
+
+
+# Standard paster db upgrade
+echo "Performing any database upgrades ..."
+paster --plugin=ckan db upgrade --config=/etc/ckan/dgu/dgu.ini &> /dev/null
+
+# Make sure our instance is enabled
+echo "Bringing the dgu instance out of maintenance mode ..."
+ckan-instance-maintenance off
+
+# Restart Apache so it is aware of any changes
+echo "Restarting apache ..."
+/etc/init.d/apache2 restart &> /dev/null
+
+# Install the new crontab
+echo "Enabling crontab for the ckan user ..."
+PACKAGED_CRONJOB="/tmp/${instance}-cronjob"
+cat <<EOF > ${PACKAGED_CRONJOB}
+# WARNING: Do not edit these cron tabs, they will be overwritten any time
+# the ckan-dgu package is upgraded
+# QUESTION: Should email reports be sent to root?
+# Gov Daily
+# 31 23 * * * python /usr/lib/pymodules/python2.6/ckanext/dgu/bin/gov-daily.py /etc/ckan/dgu/dgu.ini
+# Try to start the harvester consumers in case they have stopped
+*/10 * * * * /etc/init.d/dgu_harvest_gather start
+*/10 * * * * /etc/init.d/dgu_harvest_fetch start
+# Then run the harvester 1 minute after any fetch or gather restart
+# 1,11,21,31,41,51 * * * * paster --plugin=ckanext-harvest harvester run --config=/etc/ckan/dgu/dgu.ini
+# Update the package 5 star scores once a month
+# 0 0 1 * * paster --plugin=ckanext-qa update-scores update --config=/etc/ckan/dgu/dgu.ini
+EOF
+crontab -u ckan ${PACKAGED_CRONJOB}
echo "done."
--- a/ckan/usr/bin/ckan-create-instance Tue Apr 19 00:14:41 2011 +0100
+++ b/ckan/usr/bin/ckan-create-instance Fri May 13 22:07:44 2011 +0100
@@ -35,6 +35,7 @@
-e "s,^\(sqlalchemy.url\)[ =].*,\1 = postgresql://${instance}:${password}@localhost/${instance}," \
-i /etc/ckan/${instance}/${instance}.ini
echo "done."
+
echo "Setting up a postgres database and user..."
su postgres -c "psql -c \"CREATE USER \"${instance}\" WITH PASSWORD '${password}'\""
echo "The password chosen is ${password}, it has been added to your ${instance}.ini file automatically"
--- a/ckan/usr/bin/ckan-instance-maintenance Tue Apr 19 00:14:41 2011 +0100
+++ b/ckan/usr/bin/ckan-instance-maintenance Fri May 13 22:07:44 2011 +0100
@@ -1,12 +1,9 @@
#!/bin/bash
+. /usr/lib/ckan/common.sh
-# This could become part of a ckan-install-instance script shipped with the ckan package.
-# That script could then be called by the ckan-dgu postinstall
-
-#set -e
+set -e
# Un-comment for debugging
-#_echo="echo"
# Check we are root
if [[ $EUID -ne 0 ]]; then
@@ -34,17 +31,13 @@
case $command in
on)
echo "Putting CKAN site \"${instance}\" into maintenance mode ..."
- $_echo a2dissite ${instance} &> /dev/null
- $_echo a2ensite ${instance}.maint &> /dev/null
- $_echo service apache2 reload &> /dev/null
+ maintenance_on $instance
echo "done."
;;
off)
echo "Disabling maintenance mode for CKAN site \"${instance}\" ..."
- $_echo a2dissite ${instance}.maint &> /dev/null
- $_echo a2ensite ${instance} &> /dev/null
- $_echo service apache2 reload &> /dev/null
+ maintenance_off $instance
echo "done."
;;
*)
http://bitbucket.org/okfn/ckan-debs-public/changeset/84d3668e455f/
changeset: r11:84d3668e455f
user: jame... at okfn.org
date: 2011-05-17 15:16:48
summary: [merge]
affected #: 1 file (0 bytes)
--- a/README.rst Fri May 13 22:07:44 2011 +0100
+++ b/README.rst Tue May 17 14:16:48 2011 +0100
@@ -4,7 +4,7 @@
A. Packaging a CKAN site
========================
-In order to pacakge CKAN and dependencies as Debian files you'll need the
+In order to package CKAN and dependencies as Debian files you'll need the
following tools:
::
@@ -65,7 +65,7 @@
.. note ::
- All pacakges that CKAN itself depends on are already packaged using a slightly
+ All packages that CKAN itself depends on are already packaged using a slightly
different process, based on the exact requirments specified in the ``ckan``
source distribution's ``requires`` directory. Speak to James Gardner if you
need any of these re-packaged.
@@ -87,7 +87,7 @@
For packages that don't represent Python libraries it is actually easier to
build the ``.deb`` manually rather than using Debian's tools.
-Let's look at how you would pacakge ``ckan-dgu``.
+Let's look at how you would package ``ckan-dgu``.
Create a directory named ``ckan-dgu``. Then within it create a ``DEBIAN``
directory with three files:
Repository URL: https://bitbucket.org/okfn/ckan-debs-public/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
More information about the ckan-changes
mailing list