Installation de MRIOutils¶
apt install apache2 libapache2-mod-wsgi-py3 mariadb-server python3-venv unzip apt install libsasl2-dev libldap2-dev libssl-dev python3-dev gcc libmariadbclient-dev gettext mysql_secure_installation mkdir /opt/mri_outils echo 'TLS_REQCERT never' >> /etc/ldap/ldap.conf
Creer la bdd et l'utilsateur mariadb¶
mysql -u root -p CREATE DATABASE `mri_outils`; CREATE USER 'mri-outils-user' IDENTIFIED BY 'wY2tQOErEiuWojUIKg26'; GRANT ALL privileges ON `mri_outils`.* TO 'mri-outils-user'; exit
Install MRIOutils¶
Récuperer le zip sur le serveur, puis:
mkdir -p /opt/mri_outils/www unzip -d /opt/mri_outils/www MRIOutil-version.zip
Création du venv pour MRIOutils¶
cd /opt/mri_outils/ python3 -m venv venv_MRIOutils source venv_MRIOutils/bin/activate pip install wheel mysqlclient pip install -r www/requirements.txt deactivate
Générer une nouvelle clé secrète pour l'application:
source /opt/mri_outils/venv_MRIOutils/bin/activate cd /opt/mri_outils/www/ python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
Noter la "secret_key" généré
cd /opt/mri_outils/www/MRIOutils/ cp settings_local_example.py settings_local.py nano settings_local.py
Paramètres à éditer:
SECRET_KEY (Avec la clé généré précédemment)
DEBUG = False
ALLOWED_HOSTS
DATABASES
AUTH_LDAP_*
Fin install MRIOutils¶
source /opt/mri_outils/venv_MRIOutils/bin/activate cd /opt/mri_outils/www/ ./manage.py migrate ./manage.py collectstatic -c --noinput ./manage.py sync_db_from_LDAP ./manage.py compilemessages deactivate
Config apache¶
a2enmod ssl a2ensite default-ssl a2dissite default nano /etc/apache2/sites-available/outils.conf # Voir ci dessous pour exemple du fichier a2ensite outils.conf service apache2 reload
Exemple de fichier host apache:
<VirtualHost *:80>
ServerName outils.test.mri.int
Redirect permanent "/" "https://outils.test.mri.int/"
</VirtualHost>
<VirtualHost *:443>
ServerName outils.test.mri.int
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
# Conf mode maintenance
Alias "/maintenance.html" "/opt/mri_outils/maintenance/maintenance.html"
RewriteEngine On
RewriteCond /opt/mri_outils/maintenance/maintenance.html -f
RewriteCond /opt/mri_outils/maintenance/maintenance.enable -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /maintenance.html [R=503,L]
ErrorDocument 503 /maintenance.html
<Directory /opt/mri_outils/maintenance >
DirectoryIndex maintenance.html
require all granted
</Directory>
# fin conf mode maintenance
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
Alias /static/ /opt/mri_outils/www/static/
<Directory /opt/mri_outils/www/static/>
Require all granted
</Directory>
WSGIDaemonProcess outils.test.mri.int python-home=/opt/mri_outils/venv_MRIOutils python-path=/opt/mri_outils/www
WSGIProcessGroup outils.test.mri.int
WSGIScriptAlias / /opt/mri_outils/www/MRIOutils/wsgi.py
<Directory /opt/mri_outils/www>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
</VirtualHost>