htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove old provision scripts and move provision_server.sh

Browse Source
This commit is contained in:
Sebastian Serth
2021-01-08 18:29:51 +01:00
parent ce365854dc
commit 0ca7bf8f61
9 changed files with 3 additions and 442 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
docs/debian_installer/setup_debian_1_install_postgres.sh
View File

@ -1,69 +0,0 @@
# update apt-get
echo "Update apt-get..."
sudo apt-get update
# upgrade all packages
echo "Upgrade packages..."
sudo apt-get upgrade
#install postgres
if [ ! -f /etc/apt/sources.list.d/pgdg.list ]
then
echo "Add Postgres sources..."
cd /etc/apt/sources.list.d
sudo touch pgdg.list
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ jessie-pgdg main" > pgdg.list'
sudo wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo apt-get update
echo "Done"
else
echo "Postgres sources already added"
fi
sudo apt-get -y --force-yes install postgresql-9.5
# drop postgres access control
if [ -f /etc/postgresql/9.5/main/pg_hba.conf ]
then
if ! sudo -u postgres grep -q CodeOcean /etc/postgresql/9.5/main/pg_hba.conf
then
echo "Drop Postgres access control..."
sudo -u postgres sh -c 'cat >/etc/postgresql/9.5/main/pg_hba.conf <<EOF
#CodeOcean: drop access control
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
EOF'
echo "Done"
echo "Restart Postgres..."
echo sudo service postgresql restart
echo "Done"
else
echo "Postgres access control already dropped"
fi
else
echo "Postgres installation failed"
fi
# create development database
# TODO: extract databasename to variable
if ! (sudo -u postgres psql -l | grep -q codeocean-development)
then
echo "Create database codeocean-development..."
sudo -u postgres createdb codeocean-development || true
sudo -u postgres psql -d codeocean-development -U postgres -c "CREATE USER root;"
sudo -u postgres psql -d codeocean-development -U postgres -c 'GRANT ALL PRIVILEGES ON DATABASE "codeocean-development" to root';
sudo -u postgres psql -d codeocean-development -U postgres -c "CREATE USER debian;"
sudo -u postgres psql -d codeocean-development -U postgres -c 'GRANT ALL PRIVILEGES ON DATABASE "codeocean-development" to debian';
sudo -u postgres psql -d codeocean-development -U postgres -c "CREATE USER codeocean;"
sudo -u postgres psql -d codeocean-development -U postgres -c 'GRANT ALL PRIVILEGES ON DATABASE "codeocean-development" to codeocean';
sudo -u postgres psql -d codeocean-development -U postgres -c 'ALTER DATABASE "codeocean-development" OWNER TO codeocean';
sudo -u postgres psql -d codeocean-development -U postgres -c 'ALTER USER "codeocean" CREATEDB';
echo "Done"
else
echo "Database codeocean-development already exists"
fi
# TODO: create test database

86
docs/debian_installer/setup_debian_2_install_docker.sh
View File

@ -1,86 +0,0 @@
#install docker
if [ ! -f /etc/apt/sources.list.d/backports.list ]
then
#get sources for dependencies
echo "Get apt-get sources for some docker dependencies..."
cd /etc/apt/sources.list.d
sudo touch backports.list
sudo sh -c 'echo "deb http://http.debian.net/debian jessie-backports main" > backports.list'
sudo apt-get update
echo "Done"
#just in case there is some old stuff
echo "Remove legacy stuff...Just in case..."
sudo apt-get purge "lxc-docker*"
sudo apt-get purge "docker.io*"
sudo apt-get update
#install docker dependencies
echo "Install dependencies..."
sudo apt-get install -y --force-yes apt-transport-https ca-certificates gnupg2
echo "Done"
else
echo "Docker dependencies already added."
fi
if [ ! -f /etc/apt/sources.list.d/docker.list ]
then
# get docker sources
echo "Add apt-get sources for Docker..."
sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
cd /etc/apt/sources.list.d
sudo touch docker.list
sudo sh -c 'echo "deb https://apt.dockerproject.org/repo debian-jessie main" > docker.list'
sudo apt-cache policy docker-engine
sudo apt-get update
echo "Done"
else
echo "Docker apt-get sources already added."
fi
if [ ! -f /etc/systemd/system/docker.service.d/docker.conf ]
then
echo "Install Docker Engine..."
sudo apt-get install -y --force-yes docker-engine
echo "Done"
echo "Start Docker..."
sudo service docker start
echo "Done"
echo "Run Hello World..."
sudo docker run hello-world
echo "Done"
#set some docker options
echo "Configure Docker..."
sudo mkdir /etc/systemd/system/docker.service.d
cd /etc/systemd/system/docker.service.d
sudo touch docker.conf
sudo sh -c 'cat >>/etc/systemd/system/docker.service.d/docker.conf <<EOF
# code_ocean: enable TCP
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -D -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock"
EOF'
sudo systemctl daemon-reload
sudo service docker restart
# enable to run docker without sudo
sudo gpasswd -a ${USER} docker
newgrp docker
sudo service docker restart
echo "Done"
else
echo "Docker already installed"
fi
if ! (docker images | grep -q co_execenv_python)
then
echo "Pull Docker images..."
# get docker images
docker pull openhpi/co_execenv_python
docker pull openhpi/co_execenv_java
docker pull openhpi/co_execenv_java_antlr
echo "Done"
else
echo "Docker images already pulled"
fi

67
docs/debian_installer/setup_debian_3_install_depencies_and_utils.sh
View File

@ -1,67 +0,0 @@
if [ ! -f /etc/apt/sources.list.d/nonfree.list ]
then
echo "Get additional sources for apt-get"
cd /etc/apt/sources.list.d
sudo touch nonfree.list
sudo sh -c 'echo "deb http://http.debian.net/debian jessie main non-free contrib" > nonfree.list'
sudo sh -c 'echo "deb-src http://http.debian.net/debian jessie main non-free contrib" >> nonfree.list'
sudo sh -c 'echo "deb http://http.debian.net/debian jessie-updates main contrib non-free" >> nonfree.list'
sudo sh -c 'echo "deb-src http://http.debian.net/debian jessie-updates main contrib non-free" >> nonfree.list'
sudo apt-get update
else
# install utilities
echo "Additional apt-get sources already added"
fi
# install utilities
echo "Install some utils..."
sudo apt-get install -y --force-yes screen
sudo apt-get install -y --force-yes htop
echo "Done"
# install dependencies
echo "Install some libraries..."
sudo apt-get install -y --force-yes git-core curl zlib1g-dev build-essential libssl-dev libreadline-dev
sudo apt-get install -y --force-yes libyaml-dev libsqlite3-dev sqlite3 libxml2-dev libxslt1-dev libcurl4-openssl-dev
sudo apt-get install -y --force-yes python-software-properties libffi-dev
sudo apt-get install -y --force-yes libgdbm-dev libncurses5-dev automake libtool bison libffi-dev
sudo apt-get install -y --force-yes libpq-dev
echo "Done"
# get the clock in sync
echo "Install clock synchronization..."
sudo apt-get install -y --force-yes ntp ntpdate
echo "Done"
echo "Install NodeJS..."
# install nodejs
sudo apt-get install -y --force-yes nodejs
echo "Done"
if ! (ruby -v | grep -q 2.3.3)
then
# install rvm
echo "Install RVM..."
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
\curl -sSL https://get.rvm.io | bash -s stable --ruby
source /home/debian/.rvm/scripts/rvm
echo "Done"
# install ruby
echo "Install Ruby 2.3.3..."
rvm install 2.3.3
rvm use 2.3.3 --default
ruby -v
exec bash
echo "Done"
else
echo "RVM and Ruby are already installed"
fi
# install guest additions - required for sharing a folder
echo "Install prerequisites for guest additions..."
sudo apt-get install -y --force-yes dkms build-essential linux-headers-amd64
echo "Done"
echo "Please follow the instructions:"
echo "Insert Guest Additions CD image. VM: Devices=>Insert Guest Additions CD image"
echo "Install Guest Additions"

10
docs/debian_installer/setup_debian_4_install_guest_additions.sh
View File

@ -1,10 +0,0 @@
# Mount Guest Additions and run the installer
echo "Mount Guest Additions and run the installer..."
sudo mount /dev/sr0 /media/cdrom
cd /media/cdrom
sudo sh ./VBoxLinuxAdditions.run
echo "Done"
echo "Please follow the instructions:"
echo "Create Shared Folder. VM: Devices=>VM: Devices=>Shared Folders=>Shared Folders Settings"
echo "Name: codeocean, Path: path to your local codeocaen repository on the host machine."

7
docs/debian_installer/setup_debian_5_mount_shared_folder.sh
View File

@ -1,7 +0,0 @@
echo "Mount Shared Folder..."
mkdir /home/debian/codeocean_host
sudo mount -t vboxsf -o rw,uid=1000,gid=1000 codeocean /home/debian/codeocean_host
# Enable automount during startup
sudo sh -c 'echo "sudo mount -t vboxsf -o rw,uid=1000,gid=1000 codeocean /home/debian/codeocean_host" >> /home/debian/.bashrc '
echo "Done"

28
docs/debian_installer/setup_debian_6_setup_codeocean.sh
View File

@ -1,28 +0,0 @@
############# codeocean install ###########################
cd /home/debian/codeocean_host
#install rails and bundler
echo "Install Rails..."
gem install rails
echo "Done"
echo "Install Bundler..."
gem install bundler
echo "Done"
# install required gems
bundle install
# copy config files
for f in action_mailer.yml database.yml secrets.yml sendmail.yml smtp.yml code_ocean.yml
do
if [ ! -f config/$f ]
then
cp config/$f.example config/$f
fi
done
# Manual Task:
# if necessary adjust db config
echo "Check if settings in database.yml correspond with your database setup."
cat /home/debian/codeocean_host/config/database.yml

8
docs/debian_installer/setup_debian_7_create_tables.sh
View File

@ -1,8 +0,0 @@
# create, migrate, and seed database tables
cd /home/debian/codeocean_host
export RAILS_ENV=development
echo "load, seed, migrate"
rake db:schema:load
rake db:seed
rake db:migrate

165
docs/debian_installer/setup_debian_vm.sh
View File

@ -1,165 +0,0 @@
# Prerequisites:
# 1 Download Debian iso image. http://cdimage.debian.org/debian-cd/8.6.0/amd64/iso-cd/debian-8.6.0-amd64-netinst.iso
# 2 Create Debian VM in VirtualBox:
# - without GUI
# - without webserver (we do not want an apache2 but an nginx server)
# - with ssh ()
# 2 Create 2 users
# - debian/debian
# - root/root
# Manual preparation:
# Login as root
su
# install sudo
apt-get install -y sudo
# add user debian to sudoers and enable this user to sudo without password (do not do this on a production machine)
# or change the line after finishing the installation
cd /etc/sudoers.d
touch debian
echo "debian ALL=(ALL) NOPASSWD:ALL" >> debian
# echo "debian ALL=(ALL:ALL) ALL" >> debian # production systems
# return to no-root user again
exit
# Running the following directly on the VM command line is inconvenient
# Therefore enable login via ssh from Host
# The best way to login to a guest Linux VirtualBox VM is port forwarding.
# By default, you should have one interface already which is using NAT.
# Then go to the Network settings and click the Port Forwarding button. Add a new Rule:
# Protocol TCP Host port 3022, guest port 22, name ssh, other left blank.
# That's all! Please be sure you don't forget to install an SSH server:
# To SSH into the guest VM, write:
# ssh -p 3022 user@127.0.0.1
# http://stackoverflow.com/questions/5906441/how-to-ssh-to-a-virtualbox-guest-externally-through-a-host
#=======================================================================================================
# Install postgres
# run script:
debian_installer/setup_debian_1_install_postgres.sh
# Install docker
# run script:
debian_installer/setup_debian_2_install_docker.sh
# Install dependencies, utils, rvm, ruby, node
# run script:
debian_installer/setup_debian_3_install_depencies_and_utils.sh
##################################local installation on VirtualBox only##################
# Before running the next script, the Guest Additions CD image needs to be inserted via VBox GUI
# Devices=>Insert Guest Additions CD image"
# When that is done run the next script
debian_installer/setup_debian_4_install_guest_additions.sh
# Before running the next script, a Shared Folder has to be created via VBox GUI
# Devices=>Shared Folders=>Shared Folders Settings
# Folder Name: codeocean, Folder Path: path to your local codeocean repository on the host machine.
# Automount, Make Permanent
# When that is done run the next script
debian_installer/setup_debian_5_mount_shared_folder.sh
##################################local installation on VirtualBox only##################
# Install rails and bundler
# run script:
debian_installer/setup_debian_6_setup_codeocean.sh
# Create, seed, and migrate database tables
# run script:
debian_installer/setup_debian_7_create_tables.sh
# Add Port Forwarding for Rails server:
# Protocol TCP Host port 3030, guest port 3000, name CodeOcean, other left blank.
# That's all!
# Start Puma server on VM (since we upgraded to rails 4.2.5, it is necessary to specify the address here as well. Otherwise, we can't connect from the host machine)
# rails s -b 0.0.0.0 -p 8080
# To connect to Ruby app use
#http://127.0.0.1:3030
#The following is required so that CodeOcean can connect back to openHPI local
# Setup a second networking interface
# 1. Host-only vboxnet0 (ip-address: 192.168.59.104)
# 2. NAT with all the portforwarding stuff as described above
# Edit /etc/network/interfaces in Guest machine:
# 1. check for available interfaces:
# ls /sys/class/net ===> docker0 eth0 eth1 lo
# 2. edit network configuration:
# sudoedit /etc/network/interfaces
# and add the following lines:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
# allow-hotplug eth0
# iface eth0 inet dhcp
#Host-only interface
auto eth0
iface eth0 inet static
address 192.168.59.104
netmask 255.255.255.0
network 192.168.59.0
broadcast 192.168.59.255
#NAT interface
auto eth1
iface eth1 inet dhcp
# See also:
# http://askubuntu.com/questions/293816/in-virtualbox-how-do-i-set-up-host-only-virtual-machines-that-can-access-the-in
# !!!!!Attention!!!!!!!!
# Start openHPI Local as:
# http://{host.ip}:3000/
# e.g. http://192.168.178.33:3000/
# set LTI Provider in course as:
# http://192.168.59.104:3030/lti/launch
# Access VBox with static IP and port-forwarding
# SSH:
# ssh -p 3022 debian@192.168.59.104
# CodeOcean:
# http://192.168.59.104:3030
#TODO production:
# require passwd for sudo again.
# cd /etc/sudoers.d
# echo "debian ALL=(ALL:ALL) ALL" > debian
#TODO production: Install nginx
# install nginx
# echo "Install NGINX..."
# sudo apt-get install -y --force-yes nginx
# echo "Done"

251
docs/provision_server.sh Normal file
View File

@ -0,0 +1,251 @@
#!/bin/bash
echo "This script shall not be run and is only included for general documentation purposes."
exit 0
######## VERSION INFORMATION ########
postgres_version=13
node_version=14
ruby_version=2.7.2
rails_version=5.2.4.4
geckodriver_version=0.26.0
########## INSTALL SCRIPT ###########
# codeocean user
sudo adduser codeocean
# PostgreSQL
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
sudo add-apt-repository "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -sc)-pgdg main"
# drop postgres access control
# tee /etc/postgresql/$postgres_version/main/pg_hba.conf <<EOF
# # code_ocean: drop access control
# local all all trust
# host all all 127.0.0.1/32 trust
# host all all ::1/128 trust
# EOF
# service postgresql restart
# yarn & node
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
curl -sL https://deb.nodesource.com/setup_$node_version.x | sudo -E bash -
# nginx
echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo apt-key add -
# Install packages
apt-get -qq update
apt-get -qq -y install postgresql-client postgresql-$postgres_version postgresql-server-dev-$postgres_version
apt-get -qq -y install yarn nodejs nginx libpq-dev certbot
# RVM
gpg --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
curl -sSL https://get.rvm.io | bash -s stable
usermod -a -G rvm codeocean
# Docker
curl -sSL https://get.docker.com/ | sudo sh
usermod -a -G docker codeocean
tee -a /etc/docker/daemon.json <<EOF
{
"userns-remap": "default"
}
EOF
mkdir -p /etc/systemd/system/docker.service.d/
tee -a /etc/systemd/system/docker.service.d/override.conf <<EOF
[Service]
# Empty line is required
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://127.0.0.1:4243 --bip=10.151.0.1/16
EOF
systemctl daemon-reload
service docker restart
tee -a /etc/sysctl.d/90-docker-keys-userns.conf <<EOF
#
# Increases the session key quota per user. Otherwise, some docker containers would not start with the following error:
# OCI runtime exec failed: exec failed: container_linux.go:348: starting container process caused "could not create session key: disk quota exceeded": unknown
kernel.keys.maxkeys=100000
EOF
# Pull docker images
docker pull openhpi/co_execenv_r
docker pull openhpi/co_execenv_python
docker pull openhpi/co_execenv_python_rpi
docker pull openhpi/co_execenv_python:3.8
docker pull openhpi/co_execenv_node
docker pull openhpi/co_execenv_java
docker pull openhpi/co_execenv_java_antlr
docker pull openhpi/co_execenv_ruby:2.5
# ruby
source /etc/profile.d/rvm.sh
sg rvm "rvm install $ruby_version"
rvm use $ruby_version --default
/usr/local/rvm/bin/rvm alias create default $ruby_version
tee -a /home/codeocean/.bashrc <<EOF
# Include RVM
source /etc/profile.d/rvm.sh
EOF
# rails
sg rvm "/usr/local/rvm/rubies/ruby-$ruby_version/bin/gem install rails -v $rails_version"
sg rvm "/usr/local/rvm/rubies/ruby-$ruby_version/bin/gem install bundler"
# nginx
# InvalidAuthenticityToken with Rails 5 and LoadBalancer doing SSL handshare:
# https://stackoverflow.com/questions/34655545/invalidauthenticitytoken-in-rails-5-behind-nginx-using-ssl
# $ is escaped to \$
sudo tee /etc/nginx/proxy_params <<EOF
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
EOF
# $ is escaped to \$
sudo tee /etc/nginx/conf.d/codeocean.conf <<EOF
upstream puma {
server unix:///var/www/app/shared/tmp/sockets/puma.sock;
}
server {
listen 80;
server_name codeocean.openhpi.de;
root /var/www/app/current/public;
error_page 500 502 503 504 /custom_50x.html;
location = /custom_50x.html {
root /usr/share/nginx/html;
internal;
}
location / {
try_files \$uri @puma;
}
location /cable {
proxy_pass http://puma;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header Host \$http_host;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto 'https';
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Origin https://codeocean.openhpi.de;
}
location @puma {
include proxy_params;
proxy_headers_hash_bucket_size 64;
proxy_pass http://puma;
proxy_http_version 1.1;
proxy_read_timeout 900;
proxy_redirect off;
proxy_set_header Connection '';
proxy_set_header X-Forwarded-Proto 'https';
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Port 443;
add_header Referrer-Policy 'unsafe-url';
}
location ~* ^/assets/ {
expires 1y;
add_header Cache-Control public;
}
}
EOF
service nginx restart
tee -a /etc/systemd/system/dockercontainerpool.service <<EOF
[Unit]
Description=DockerContainerPool
[Service]
WorkingDirectory=/var/www/dockercontainerpool/current
User=codeocean
Group=docker
EnvironmentFile=/var/www/dockercontainerpool/shared/config/.env
Environment=MALLOC_ARENA_MAX=2
ExecStart=/usr/local/rvm/bin/rvm default do bundle exec puma -C /var/www/dockercontainerpool/shared/puma.rb
RestartSec=10
TimeoutStartSec=5
TimeoutStopSec=60
Restart=always
[Install]
WantedBy=multi-user.target
EOF
tee -a /etc/systemd/system/codeocean.service <<EOF
[Unit]
Description=CodeOcean
[Service]
WorkingDirectory=/var/www/app/current
User=codeocean
Group=docker
EnvironmentFile=/var/www/app/shared/config/.env
Environment=RAILS_LOG_TO_STDOUT=true
Environment=MALLOC_ARENA_MAX=2
ExecStart=/usr/local/rvm/bin/rvm default do bundle exec puma -C /var/www/app/shared/puma.rb
RestartSec=2
TimeoutSec=5
Restart=always
[Install]
WantedBy=multi-user.target
EOF
tee -a /usr/share/nginx/html/custom_50x.html <<EOF
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<h1>Maintenance! <i>Wartungsarbeiten!</i></h1>
<p>CodeOcean is temporarily unavailable and will be back soon! We're aware of this issue and you do not need to take further steps (ask a question in the course forum or create a helpdesk ticket). Please check back in about five minutes. Your last progress has been saved and will be available once you return.</p></br>
<p><i>CodeOcean ist derzeit nicht verfügbar und wird in Kürze wieder erreichbar sein. Wir wissen von der Nichtverfügbarkeit, sodass keine weiteren Schritte (wie eine Frage im Forum zu posten oder ein Helpdesk-Ticket zu erstellen) nötig sind. Bitte versuchen Sie in ungefähr fünf Minunten erneut, die Lernplattform aus dem Kurs heraus zu öffnen. Ihr Bearbeitungsstand wurde gespeichert und wird Ihnen beim Fortsetzen der Aufgabe wieder zur Verfügung stehen.</i></p></br>
<p>Kind regards, <i>Viele Grüße</i></p>
<p>Teaching Team</p>
</body>
</html>
EOF
systemctl enable codeocean.service
systemctl enable dockercontainerpool.service
mkdir -p /var/www/acme-challenges
chown -R www-data:codeocean /var/www
chmod -R 775 /var/www
certbot certonly --webroot -w /var/www/acme-challenges/ --email email@example.org --rsa-key-size 4096 --agree-tos -d codeocean.openhpi.de
systemctl daemon-reload
# Deploy via Capistrano (both, CodeOcean and DockerContainerPool) and symlink Docker files, depending on the environment:
# ln -s /var/www/app/current/tmp/files/staging /var/www/dockercontainerpool/current/tmp/files/staging
# ln -s /var/www/app/current/tmp/files/production /var/www/dockercontainerpool/current/tmp/files/production
# Find more files in codeocean-deploy/config/backup