Guénaël Muller 6 лет назад
Родитель
Сommit
19b43b703c
4 измененных файлов: 171 добавлений и 34 удалений
  1. 29 3
      README.md
  2. 121 30
      doc/apache.md
  3. 2 0
      tracim/tracim/lib/daemons.py
  4. 19 1
      tracim/tracim/lib/utils.py

+ 29 - 3
README.md Просмотреть файл

@@ -102,9 +102,35 @@ If you want your own dedicated instance but do not want to manage it by yourself
102 102
 
103 103
 In case you prefer using Docker:
104 104
 
105
-    sudo docker run -e DATABASE_TYPE=sqlite \
106
-               -p 80:80 -p 3030:3030 -p 5232:5232 \
107
-               -v /var/tracim/etc:/etc/tracim -v /var/tracim/var:/var/tracim algoo/tracim
105
+You need to install docker on your server first (see [here for debian](https://docs.docker.com/install/linux/docker-ce/debian/) or [here for windows]([docker toolbox](https://docs.docker.com/toolbox/toolbox_install_windows/)))
106
+
107
+Make sure `docker.service` is started correctly.
108
+
109
+    systemctl status docker.service
110
+
111
+Then use image like following (adapt volume paths or ports as you want):
112
+
113
+    sudo docker run \
114
+        -e DATABASE_TYPE=sqlite \
115
+        -p 80:80 \
116
+        -p 3030:3030 \
117
+        -p 5232:5232 \
118
+        -v /var/tracim/etc:/etc/tracim \
119
+        -v /var/tracim/var:/var/tracim \
120
+        algoo/tracim  # docker image: tracim:unstable for development version, tracim_test:latest for nightly builds
121
+
122
+
123
+All docker images are available here : https://hub.docker.com/u/algoo/
124
+More information about build docker image: https://github.com/tracim/docker_tracim
125
+
126
+Description of versioning:
127
+
128
+* algoo/`tracim:latest` is latest stable image from branch master
129
+* algoo/`tracim:<$tag>` is a stable tag image from branch master
130
+* algoo/`tracim_testing:latest` is a latest image from branch develop
131
+* algoo/`tracim:unstable` is a latest unstable image from branch develop
132
+
133
+----
108 134
 
109 135
 ## Install Tracim on your server ##
110 136
 

+ 121 - 30
doc/apache.md Просмотреть файл

@@ -2,45 +2,73 @@
2 2
 
3 3
 ### Installation ###
4 4
 
5
-Install `Apache` server and its [`WSGI` module](https://github.com/GrahamDumpleton/mod_wsgi):
5
+Install `tracim` first.
6
+Install `Apache` server and uwsgi  its [`WSGI` module](https://github.com/GrahamDumpleton/mod_wsgi):
6 7
 
7
-    sudo apt install apache2 libapache2-mod-wsgi-py3
8
+    sudo apt install apache2 libapache2-mod-wsgi-py3 uwsgi uwsgi-plugin-python3
8 9
 
9 10
 ### Configuration ###
10 11
 
11 12
 Create a file named `/etc/apache2/sites-available/tracim.conf` containing:
12 13
 
13
-    Listen 8080
14
+    Listen 80
14 15
 
15
-    <VirtualHost *:8080>
16
+    <VirtualHost *:80>
16 17
         ServerName tracim
17 18
 
18
-        # Serve Tracim through WSGI
19
-        WSGIDaemonProcess tracim user=[your_user] group=[your_user] threads=4 python-home=[tracim_path]/tg2env python-path=[tracim_path]/tracim lang='C.UTF-8' locale='C.UTF-8'
20
-        WSGIProcessGroup tracim
21
-        WSGIScriptAlias / [tracim_path]/tracim/app.wsgi process-group=tracim
22
-        <Directory "[tracim_path]/tracim">
23
-            <Files "app.wsgi">
24
-                Require all granted
25
-            </Files>
26
-        </Directory>
27
-
28
-        # Serve static files directly
29
-        Alias /assets          [tracim_path]/tracim/tracim/public/assets
30
-        Alias /_caldavzap      [tracim_path]/tracim/tracim/public/_caldavzap
31
-        Alias /favicon.ico     [tracim_path]/tracim/tracim/public/favicon.ico
32
-        <Directory "[tracim_path]/tracim/tracim/public">
33
-            Require all granted
34
-        </Directory>
19
+    <Directory "/">
20
+        Require all granted
21
+        Dav On
22
+    </Directory>
23
+    ProxyPreserveHost On 
24
+    CustomLog /var/log/apache2/algoo-access.log combined
25
+    ErrorLog /var/log/apache2/algoo-error.log
26
+    <Location "/webdav">
27
+        # Dav On
28
+    </Location>
29
+
30
+    # RemoteIPHeader X-Forwarded-For
31
+    ProxyPass /webdav http://127.0.0.1:3030/webdav
32
+    ProxyPassReverse /webdav http://127.0.0.1:3030/webdav
33
+    ProxyPass / http://127.0.0.1:8080/
34
+    ProxyPassReverse / http://127.0.0.1:8080/
35
+
35 36
     </VirtualHost>
36 37
 
37
-Replace `[tracim_path]` and `[your_user]` above by your tracim installation path and your user.
38
+Enable this configuration file:
39
+
40
+    sudo ln -s /etc/apache2/sites-available/tracim.conf /etc/apache2/sites-enabled/
41
+
42
+Check if you just have `tracim.conf` in `/etc/apache2/sites-enabled`, if not, remove other file.
43
+
44
+
45
+Create the file named `/etc/uwsgi/apps-available/tracim.ini` containing:
46
+
47
+    [uwsgi]
48
+    plugins = python3
49
+    chdir = [tracim_path]/tracim
50
+    home = [tracim_path]/tg2env
51
+    wsgi-file = app.wsgi
52
+    callable = application
53
+    http-socket = 0.0.0.0:8080
54
+    enable-threads = true
55
+    env = PYTHON_EGG_CACHE=/tmp
56
+
57
+Replace [tracim_path] by your path of tracim
38 58
 
39
-Set the `APP_CONFIG` variable of the `tracim/app.wsgi` file to match your tracim installation path:
59
+Enable this configuration file:
60
+
61
+    sudo ln -s /etc/uwsgi/apps-available/tracim.ini /etc/uwsgi/apps-enabled/
62
+
63
+
64
+Create file `tracim.log` in `/var/log/uwsgi/app/`
65
+
66
+Set the `APP_CONFIG` variable of the `[tracim_path]/tracim/app.wsgi` file to match your tracim installation path:
40 67
 
41 68
     # -*- coding: utf-8 -*-
42 69
 
43
-    APP_CONFIG = "[tracim_path]/tracim/development.ini"
70
+    APP_CONFIG = "[tracim_path]/tracim/development.ini" 
71
+    #(in file: replace /var/www/tracim by your [tracim_path] )
44 72
 
45 73
     #Setup logging
46 74
     # import logging
@@ -51,17 +79,80 @@ Set the `APP_CONFIG` variable of the `tracim/app.wsgi` file to match your tracim
51 79
     application = loadapp('config:%s' % APP_CONFIG)
52 80
     application.debug = False
53 81
 
82
+
83
+Add `webdav` at `root_path` in the `[tracim_path]/tracim/wsgidav.conf`:
84
+
85
+    ################################################################################
86
+    # Sample WsgiDAV configuration file
87
+    #
88
+    # 1. Rename this file to `wsgidav.conf`
89
+    # 2. Adjust settings as appropriate
90
+    # 3. Run tracim as you always do :)
91
+    #
92
+    ################################################################################
93
+    
94
+    ################################################################################
95
+    # SERVER OPTIONS
96
+    #===============================================================================
97
+    
98
+    # host  = "localhost"
99
+    # host  = "192.168.0.1"
100
+    host  = "0.0.0.0"
101
+    
102
+    port = 3030
103
+    
104
+    show_history = True
105
+    show_deleted = True
106
+    show_archived = True
107
+    
108
+    manager_locks = True
109
+    
110
+    root_path = ''
111
+    
112
+    #===============================================================================
113
+    # Lock Manager
114
+    #
115
+    # Example: Use PERSISTENT shelve based lock manager
116
+    #from wsgidav.lock_storage import LockStorageShelve
117
+    #locksmanager = LockStorageShelve("wsgidav-locks.shelve")
118
+
119
+
120
+
121
+Open `[tracim_path]/tracim/development.ini` and make some change:
122
+
123
+
124
+    In [server:main] modify IP:
125
+    `host = 127.0.0.1` by `host = 0.0.0.0`
126
+
127
+    For Radical (CalDav server):
128
+    Uncomment `# radicale.server.host = 0.0.0.0`
129
+    Uncomment `# radicale.server.allow_origin = *`
130
+    Uncomment `# radicale.client.base_url.host = http://127.0.0.1:5232`
131
+    and modifiy IP `# radicale.client.base_url.host = http://127.0.0.1:5232`to `radicale.client.base_url.host = http://[Your_server_IP]:5232`
132
+    
133
+    For WSGIDAV
134
+    Uncomment `# wsgidav.client.base_url = 127.0.0.1:<WSGIDAV_PORT>`
135
+    and modify IP and PORT `# wsgidav.client.base_url = 127.0.0.1:<WSGIDAV_PORT>` to `wsgidav.client.base_url = [Your_server_IP]/webdav`
136
+
137
+
138
+Restart `uwsgi` configuration:
139
+
140
+    sudo systemctl restart uwsgi.service
141
+
54 142
 Load needed proxy modules and enable this site configuration file:
55 143
 
56
-    sudo a2enmod proxy proxy_http
144
+    sudo a2enmod dav_fs dav proxy proxy_http
57 145
     sudo a2ensite tracim.conf
58 146
 
59
-Reload `Apache` configuration:
147
+Restart `Apache` configuration:
60 148
 
61
-    sudo systemctl reload apache2.service
149
+    sudo systemctl restart apache2.service
150
+    
151
+**Important**
152
+In case you have some permission problem, check if `www-data` can access to folder of tracim.
62 153
 
63 154
 ## Documentation Links ##
64 155
 
65
-[TurboGears](http://turbogears.readthedocs.io/en/tg2.3.7/cookbook/deploy/mod_wsgi.html)
66
-
67
-[mod_wsgi](http://modwsgi.readthedocs.io/en/develop/index.html)
156
+* [Apache](https://httpd.apache.org/docs/2.4/fr/)
157
+* [TurboGears](http://turbogears.readthedocs.io/en/tg2.3.7/cookbook/deploy/mod_wsgi.html)
158
+* [mod_wsgi](http://modwsgi.readthedocs.io/en/develop/index.html)

+ 2 - 0
tracim/tracim/lib/daemons.py Просмотреть файл

@@ -19,6 +19,7 @@ from tracim.lib.base import logger
19 19
 from tracim.lib.exceptions import AlreadyRunningDaemon
20 20
 
21 21
 from tracim.lib.utils import get_rq_queue
22
+from tracim.lib.utils import TracimEnforceHTTPS
22 23
 from tracim.lib.email_fetcher import MailFetcher
23 24
 
24 25
 
@@ -394,6 +395,7 @@ class WsgiDavDaemon(Daemon):
394 395
         from tracim.lib.webdav.utils import TracimWsgiDavDebugFilter
395 396
 
396 397
         config['middleware_stack'] = [
398
+            TracimEnforceHTTPS,
397 399
             WsgiDavDirBrowser,
398 400
             TracimHTTPAuthenticator,
399 401
             ErrorPrinter,

+ 19 - 1
tracim/tracim/lib/utils.py Просмотреть файл

@@ -18,6 +18,7 @@ from tg.util import lazify
18 18
 from redis import Redis
19 19
 from rq import Queue
20 20
 
21
+from wsgidav.middleware import BaseMiddleware
21 22
 from tracim.lib.base import logger
22 23
 from webob import Response
23 24
 from webob.exc import WSGIHTTPException
@@ -182,7 +183,6 @@ def get_rq_queue(queue_name: str= 'default') -> Queue:
182 183
         db=cfg.EMAIL_SENDER_REDIS_DB,
183 184
     ))
184 185
 
185
-
186 186
 def current_date_for_filename() -> str:
187 187
     """
188 188
     ISO8601 current date, adapted to be used in filename (for
@@ -190,3 +190,21 @@ def current_date_for_filename() -> str:
190 190
     :return: current date as string
191 191
     """
192 192
     return datetime.datetime.now().isoformat().replace(':', '.')
193
+
194
+class TracimEnforceHTTPS(BaseMiddleware):
195
+
196
+    def __init__(self, application, config):
197
+        super().__init__(application, config)
198
+        self._application = application
199
+        self._config = config
200
+
201
+    def __call__(self, environ, start_response):
202
+        # TODO - G.M - 06-03-2018 - Check protocol from http header first
203
+        # see http://www.bortzmeyer.org/7239.html
204
+        # if this params doesn't exist, rely on tracim config
205
+        from tracim.config.app_cfg import CFG
206
+        cfg = CFG.get_instance()
207
+
208
+        if cfg.WEBSITE_BASE_URL.startswith('https'):
209
+            environ['wsgi.url_scheme'] = 'https'
210
+        return self._application(environ, start_response)