From 3c36901d7a043719f683fd8e4fa123ad97c9157a Mon Sep 17 00:00:00 2001 From: Johny Jose Date: Fri, 26 Dec 2014 18:12:16 +0530 Subject: [PATCH] fix(core): correct configuration for running canvas in development mode Signed-off-by: Johny Jose --- ansible/playbooks/canvas/group_vars/all | 5 + .../canvas/roles/canvas/tasks/main.yml | 4 +- .../roles/canvas/templates/apache2.conf.j2 | 266 ++++++++++++++++++ .../roles/canvas/templates/apache_canvas.j2 | 16 -- .../roles/canvas/templates/database.yml.j2 | 8 +- .../roles/postgres/files/init/create_users.sh | 4 - .../canvas/roles/postgres/tasks/main.yml | 7 - .../canvas/roles/redis/tasks/main.yml | 2 +- docker/canvas/Dockerfile | 2 +- docker/canvas/canvas | 5 +- 10 files changed, 284 insertions(+), 35 deletions(-) create mode 100644 ansible/playbooks/canvas/roles/canvas/templates/apache2.conf.j2 delete mode 100644 ansible/playbooks/canvas/roles/canvas/templates/apache_canvas.j2 delete mode 100644 ansible/playbooks/canvas/roles/postgres/files/init/create_users.sh diff --git a/ansible/playbooks/canvas/group_vars/all b/ansible/playbooks/canvas/group_vars/all index c4acda0..47a612f 100644 --- a/ansible/playbooks/canvas/group_vars/all +++ b/ansible/playbooks/canvas/group_vars/all @@ -3,6 +3,7 @@ redis_docker_image: "redis:2.8" # Set this to the location of the canvas source code canvas_src: /path/to/canvas/source +apache_port: 3000 canvas: admin_email: admin@mailinator.com @@ -21,15 +22,19 @@ test: development: database: canvas_development domain: "localhost:3000" + host: localhost queue: database: canvas_queue_development + host: localhost production: database: canvas_production domain: "canvas.playlyfe.com" + host: localhost password: 'admin' queue: database: canvas_queue_production + host: localhost password: 'admin' redis: address: localhost diff --git a/ansible/playbooks/canvas/roles/canvas/tasks/main.yml b/ansible/playbooks/canvas/roles/canvas/tasks/main.yml index c3e124d..b666687 100644 --- a/ansible/playbooks/canvas/roles/canvas/tasks/main.yml +++ b/ansible/playbooks/canvas/roles/canvas/tasks/main.yml @@ -11,7 +11,7 @@ - { src: outgoing_mail.yml.j2, dest: /etc/canvas/code/config/outgoing_mail.yml } - { src: redis.yml.j2, dest: /etc/canvas/code/config/redis.yml } - { src: security.yml.j2, dest: /etc/canvas/code/config/security.yml } - - { src: apache_canvas.j2, dest: /etc/canvas/apache/canvas } + - { src: apache2.conf.j2, dest: /etc/canvas/apache/apache2.conf } - name: Ensure Database is created shell: docker run --rm --net host -e CANVAS_LMS_ADMIN_EMAIL={{ canvas.admin_email }} -e CANVAS_LMS_ADMIN_PASSWORD={{ canvas.admin_password }} -e CANVAS_LMS_ACCOUNT_NAME={{ canvas.account_name }} -e CANVAS_LMS_STATS_COLLECTION={{ canvas.stats_collection }} -v /etc/canvas/code:/var/canvas -v /etc/canvas/apache:/etc/apache2/sites-available playlyfe/canvas setup_db && touch /etc/canvas/setup.lock args: @@ -20,4 +20,4 @@ shell: docker run --rm --net host -v /etc/canvas/code:/var/canvas -v /etc/canvas/apache:/etc/apache2/sites-available playlyfe/canvas compile_assets - name: Ensure Apache2 is running - shell: (docker inspect canvas_apache &> /dev/null && docker start canvas_apache) || docker run --name canvas_apache --net host -d -v /etc/canvas/code:/var/canvas -v /etc/canvas/apache:/etc/apache2/sites-enabled playlyfe/canvas run + shell: (docker inspect canvas_apache &> /dev/null && docker start canvas_apache) || docker run --name canvas_apache --net host -d -v /etc/canvas/code:/var/canvas -v /etc/canvas/apache/apache2.conf:/etc/apache2/apache2.conf playlyfe/canvas run diff --git a/ansible/playbooks/canvas/roles/canvas/templates/apache2.conf.j2 b/ansible/playbooks/canvas/roles/canvas/templates/apache2.conf.j2 new file mode 100644 index 0000000..a03b7ae --- /dev/null +++ b/ansible/playbooks/canvas/roles/canvas/templates/apache2.conf.j2 @@ -0,0 +1,266 @@ +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# The configuration directives are grouped into three basic sections: +# 1. Directives that control the operation of the Apache server process as a +# whole (the 'global environment'). +# 2. Directives that define the parameters of the 'main' or 'default' server, +# which responds to requests that aren't handled by a virtual host. +# These directives also provide default values for the settings +# of all virtual hosts. +# 3. Settings for virtual hosts, which allow Web requests to be sent to +# different IP addresses or hostnames and have them handled by the +# same Apache server process. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "foo.log" +# with ServerRoot set to "/etc/apache2" will be interpreted by the +# server as "/etc/apache2/foo.log". +# + +### Section 1: Global Environment +# +# The directives in this section affect the overall operation of Apache, +# such as the number of concurrent requests it can handle or where it +# can find its configuration files. +# + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# NOTE! If you intend to place this on an NFS (or otherwise network) +# mounted filesystem then please read the LockFile documentation (available +# at ); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +LockFile ${APACHE_LOCK_DIR}/accept.lock + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + +## +## Server-Pool Size Regulation (MPM specific) +## + +# prefork MPM +# StartServers: number of server processes to start +# MinSpareServers: minimum number of server processes which are kept spare +# MaxSpareServers: maximum number of server processes which are kept spare +# MaxClients: maximum number of server processes allowed to start +# MaxRequestsPerChild: maximum number of requests a server process serves + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 0 + + +# worker MPM +# StartServers: initial number of server processes to start +# MinSpareThreads: minimum number of worker threads which are kept spare +# MaxSpareThreads: maximum number of worker threads which are kept spare +# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a +# graceful restart. ThreadLimit can only be changed by stopping +# and starting Apache. +# ThreadsPerChild: constant number of worker threads in each server process +# MaxClients: maximum number of simultaneous client connections +# MaxRequestsPerChild: maximum number of requests a server process serves + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 0 + + +# event MPM +# StartServers: initial number of server processes to start +# MinSpareThreads: minimum number of worker threads which are kept spare +# MaxSpareThreads: maximum number of worker threads which are kept spare +# ThreadsPerChild: constant number of worker threads in each server process +# MaxClients: maximum number of simultaneous client connections +# MaxRequestsPerChild: maximum number of requests a server process serves + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 0 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# + +AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Order allow,deny + Deny from all + Satisfy all + + +# +# DefaultType is the default MIME type the server will use for a document +# if it cannot otherwise determine one, such as from filename extensions. +# If your server contains mostly text or HTML documents, "text/plain" is +# a good value. If most of your content is binary, such as applications +# or images, you may want to use "application/octet-stream" instead to +# keep browsers from trying to display binary files as though they are +# text. +# +# It is also possible to omit any default MIME type and let the +# client's browser guess an appropriate action instead. Typically the +# browser will decide based on the file's extension then. In cases +# where no good assumption can be made, letting the default MIME type +# unset is suggested instead of forcing the browser to accept +# incorrect metadata. +# +DefaultType None + + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include all the user configurations: +Include httpd.conf + +# If you just change the port or add more ports here, you will likely also +# have to change the VirtualHost statement in +# /etc/apache2/sites-enabled/000-default +# This is also true if you have upgraded from before 2.2.9-3 (i.e. from +# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and +# README.Debian.gz + +NameVirtualHost *:{{ apache_port }} +Listen {{ apache_port }} + + + # If you add NameVirtualHost *:443 here, you will also have to change + # the VirtualHost statement in /etc/apache2/sites-available/default-ssl + # to + # Server Name Indication for SSL named virtual hosts is currently not + # supported by MSIE on Windows XP. + Listen 443 + + + + Listen 443 + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive (see below). +# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +Include conf.d/ + +# Include the virtual host configurations: + + ServerName canvas.example.com + ServerAlias files.canvas.example.com + ServerAdmin youremail@example.com + DocumentRoot /var/canvas/public + RewriteEngine On + RewriteCond %{REQUEST_URI} !^/health_check + ErrorLog /var/log/apache2/canvas_errors.log + LogLevel warn + CustomLog /var/log/apache2/canvas_access.log combined + SetEnv RAILS_ENV development + + Allow from all + Options -MultiViews + + + diff --git a/ansible/playbooks/canvas/roles/canvas/templates/apache_canvas.j2 b/ansible/playbooks/canvas/roles/canvas/templates/apache_canvas.j2 deleted file mode 100644 index 464fcfb..0000000 --- a/ansible/playbooks/canvas/roles/canvas/templates/apache_canvas.j2 +++ /dev/null @@ -1,16 +0,0 @@ - - ServerName canvas.example.com - ServerAlias files.canvas.example.com - ServerAdmin youremail@example.com - DocumentRoot /var/canvas/public - RewriteEngine On - RewriteCond %{REQUEST_URI} !^/health_check - ErrorLog /var/log/apache2/canvas_errors.log - LogLevel warn - CustomLog /var/log/apache2/canvas_access.log combined - SetEnv RAILS_ENV production - - Allow from all - Options -MultiViews - - diff --git a/ansible/playbooks/canvas/roles/canvas/templates/database.yml.j2 b/ansible/playbooks/canvas/roles/canvas/templates/database.yml.j2 index 0a9eb9b..4061015 100644 --- a/ansible/playbooks/canvas/roles/canvas/templates/database.yml.j2 +++ b/ansible/playbooks/canvas/roles/canvas/templates/database.yml.j2 @@ -11,18 +11,22 @@ development: adapter: postgresql encoding: utf8 database: {{ development.database }} + host: {{ development.host }} + username: canvas timeout: 5000 queue: adapter: postgresql encoding: utf8 database: {{ development.queue.database }} + host: {{ development.queue.host }} + username: canvas timeout: 5000 production: adapter: postgresql encoding: utf8 database: {{ production.database }} - host: localhost + host: {{ production.host }} username: canvas password: {{ production.password }} timeout: 5000 @@ -30,7 +34,7 @@ production: adapter: postgresql encoding: utf8 database: {{ production.queue.database }} - host: localhost + host: {{ production.queue.host }} username: canvas password: {{ production.queue.password }} timeout: 5000 diff --git a/ansible/playbooks/canvas/roles/postgres/files/init/create_users.sh b/ansible/playbooks/canvas/roles/postgres/files/init/create_users.sh deleted file mode 100644 index 4f27ece..0000000 --- a/ansible/playbooks/canvas/roles/postgres/files/init/create_users.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/env bash -gosu postgres createuser canvas --no-createdb --no-superuser --no-createrole -gosu postgres createdb canvas_production --owner=canvas -gosu postgres createdb canvas_queue_production --owner=canvas diff --git a/ansible/playbooks/canvas/roles/postgres/tasks/main.yml b/ansible/playbooks/canvas/roles/postgres/tasks/main.yml index b8e1822..9d2b0f2 100644 --- a/ansible/playbooks/canvas/roles/postgres/tasks/main.yml +++ b/ansible/playbooks/canvas/roles/postgres/tasks/main.yml @@ -1,11 +1,4 @@ --- -- name: Copy config files - copy: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - with_items: - - { src: init/create_users.sh, dest: /etc/canvas/postgres/init/create_users.sh } - - name: Ensure postgres data container is present docker: image: busybox diff --git a/ansible/playbooks/canvas/roles/redis/tasks/main.yml b/ansible/playbooks/canvas/roles/redis/tasks/main.yml index 95eddb2..d33a28b 100644 --- a/ansible/playbooks/canvas/roles/redis/tasks/main.yml +++ b/ansible/playbooks/canvas/roles/redis/tasks/main.yml @@ -8,4 +8,4 @@ detach: true state: present - name: Ensure redis is running - shell: (docker inspect canvas_redis &> /dev/null && docker start canvas_redis) || docker run --name canvas_redis --net host --volumes-from canvas_redis_data -d {{ redis_docker_image }} + shell: (docker inspect canvas_redis &> /dev/null && docker start canvas_redis) || docker run --name canvas_redis --net host --volumes-from canvas_redis_data -d {{ redis_docker_image }} redis-server --appendonly yes diff --git a/docker/canvas/Dockerfile b/docker/canvas/Dockerfile index a6ef58f..5c3a307 100644 --- a/docker/canvas/Dockerfile +++ b/docker/canvas/Dockerfile @@ -27,12 +27,12 @@ RUN dpkg-reconfigure locales # Create canvas user RUN adduser --disabled-password --gecos canvas canvasuser +RUN chown -R canvasuser /usr/lib/node_modules VOLUME /var/canvas COPY canvas /usr/bin/canvas RUN chmod 755 /usr/bin/canvas - ENV CANVAS_LMS_ADMIN_EMAIL canvas_admin@mailinator.com ENV CANVAS_LMS_ADMIN_PASSWORD admin123 ENV CANVAS_LMS_ACCOUNT_NAME Admin diff --git a/docker/canvas/canvas b/docker/canvas/canvas index 8a59ab3..e3d45e3 100644 --- a/docker/canvas/canvas +++ b/docker/canvas/canvas @@ -17,16 +17,17 @@ if [ "$CMD" == "setup_db" ]; then su - canvasuser -c "cd /var/canvas && bundle install --path vendor/bundle --without=sqlite" su - canvasuser -c "cd /var/canvas && npm install" - su - canvasuser -m -c "cd /var/canvas && RAILS_ENV=production bundle exec rake db:initial_setup" + su - canvasuser -m -c "cd /var/canvas && RAILS_ENV=development bundle exec rake db:initial_setup" elif [ "$CMD" == "compile_assets" ]; then # Build Assets - su - canvasuser -m -c "cd /var/canvas && bundle exec rake canvas:compile_assets" + su - canvasuser -c "cd /var/canvas && export LC_ALL='en_US.utf8' && bundle exec rake canvas:compile_assets" elif [ "$CMD" == "run" ]; then # Run + ulimit -s 16384 /usr/sbin/apache2ctl -D FOREGROUND elif [ "$CMD" == "shell" ]; then