mirror of
https://github.com/frappe/bench.git
synced 2025-01-24 23:48:24 +00:00
commit
9c72d0a552
18
bench/cli.py
18
bench/cli.py
@ -13,7 +13,7 @@ from .utils import set_default_site as _set_default_site
|
|||||||
from .utils import (build_assets, patch_sites, exec_cmd, update_bench, get_frappe, setup_logging,
|
from .utils import (build_assets, patch_sites, exec_cmd, update_bench, get_frappe, setup_logging,
|
||||||
get_config, update_config, restart_supervisor_processes, put_config, default_config, update_requirements,
|
get_config, update_config, restart_supervisor_processes, put_config, default_config, update_requirements,
|
||||||
backup_all_sites, backup_site, get_sites, prime_wheel_cache, is_root, set_mariadb_host, drop_privileges,
|
backup_all_sites, backup_site, get_sites, prime_wheel_cache, is_root, set_mariadb_host, drop_privileges,
|
||||||
fix_file_perms)
|
fix_file_perms, set_ssl_certificate, set_ssl_certificate_key)
|
||||||
from .app import get_app as _get_app
|
from .app import get_app as _get_app
|
||||||
from .app import new_app as _new_app
|
from .app import new_app as _new_app
|
||||||
from .app import pull_all_apps
|
from .app import pull_all_apps
|
||||||
@ -213,6 +213,20 @@ def set_nginx_port(site, port):
|
|||||||
"Set nginx port for site"
|
"Set nginx port for site"
|
||||||
_set_nginx_port(site, port)
|
_set_nginx_port(site, port)
|
||||||
|
|
||||||
|
@click.command('set-ssl-certificate')
|
||||||
|
@click.argument('site')
|
||||||
|
@click.argument('ssl-certificate-path')
|
||||||
|
def _set_ssl_certificate(site, ssl_certificate_path):
|
||||||
|
"Set ssl certificate path for site"
|
||||||
|
set_ssl_certificate(site, ssl_certificate_path)
|
||||||
|
|
||||||
|
@click.command('set-ssl-key')
|
||||||
|
@click.argument('site')
|
||||||
|
@click.argument('ssl-certificate-key-path')
|
||||||
|
def _set_ssl_certificate_key(site, ssl_certificate_key_path):
|
||||||
|
"Set ssl certificate private key path for site"
|
||||||
|
set_ssl_certificate_key(site, ssl_certificate_key_path)
|
||||||
|
|
||||||
@click.command('set-url-root')
|
@click.command('set-url-root')
|
||||||
@click.argument('site')
|
@click.argument('site')
|
||||||
@click.argument('url-root')
|
@click.argument('url-root')
|
||||||
@ -422,6 +436,8 @@ bench.add_command(restart)
|
|||||||
bench.add_command(config)
|
bench.add_command(config)
|
||||||
bench.add_command(start)
|
bench.add_command(start)
|
||||||
bench.add_command(set_nginx_port)
|
bench.add_command(set_nginx_port)
|
||||||
|
bench.add_command(_set_ssl_certificate)
|
||||||
|
bench.add_command(_set_ssl_certificate_key)
|
||||||
bench.add_command(_set_mariadb_host)
|
bench.add_command(_set_mariadb_host)
|
||||||
bench.add_command(set_default_site)
|
bench.add_command(set_default_site)
|
||||||
bench.add_command(migrate_3to4)
|
bench.add_command(migrate_3to4)
|
||||||
|
@ -31,10 +31,16 @@ def get_site_config(site, bench='.'):
|
|||||||
|
|
||||||
def get_sites_with_config(bench='.'):
|
def get_sites_with_config(bench='.'):
|
||||||
sites = get_sites()
|
sites = get_sites()
|
||||||
return [{
|
ret = []
|
||||||
|
for site in sites:
|
||||||
|
site_config = get_site_config(site, bench=bench)
|
||||||
|
ret.append({
|
||||||
"name": site,
|
"name": site,
|
||||||
"port": get_site_config(site, bench=bench).get('nginx_port')
|
"port": site_config.get('nginx_port'),
|
||||||
} for site in sites]
|
"ssl_certificate": site_config.get('ssl_certificate'),
|
||||||
|
"ssl_certificate_key": site_config.get('ssl_certificate_key')
|
||||||
|
})
|
||||||
|
return ret
|
||||||
|
|
||||||
def generate_nginx_config(bench='.'):
|
def generate_nginx_config(bench='.'):
|
||||||
template = env.get_template('nginx.conf')
|
template = env.get_template('nginx.conf')
|
||||||
|
@ -5,15 +5,7 @@ upstream frappe {
|
|||||||
server 127.0.0.1:8000 fail_timeout=0;
|
server 127.0.0.1:8000 fail_timeout=0;
|
||||||
}
|
}
|
||||||
|
|
||||||
{% macro server_block(site, port=80, default=False, server_name=None, sites=None, dns_multitenant=False) -%}
|
{% macro location_block(site, port=80, default=False, server_name=None, sites=None, dns_multitenant=False) -%}
|
||||||
server {
|
|
||||||
listen {{ site.port if not default and site.port else port }} {% if default %} default {% endif %};
|
|
||||||
client_max_body_size 4G;
|
|
||||||
{% if dns_multitenant and sites %}
|
|
||||||
server_name {% for site in sites %} {{ site.name }} {% endfor %};
|
|
||||||
{% else %}
|
|
||||||
server_name {{ site.name if not server_name else server_name }};
|
|
||||||
{% endif %}
|
|
||||||
keepalive_timeout 5;
|
keepalive_timeout 5;
|
||||||
sendfile on;
|
sendfile on;
|
||||||
root {{ sites_dir }};
|
root {{ sites_dir }};
|
||||||
@ -43,21 +35,58 @@ upstream frappe {
|
|||||||
proxy_redirect off;
|
proxy_redirect off;
|
||||||
proxy_pass http://frappe;
|
proxy_pass http://frappe;
|
||||||
}
|
}
|
||||||
|
{%- endmacro %}
|
||||||
|
|
||||||
|
{% macro server_name_block(site, default=False, server_name=None, sites=None, dns_multitenant=False) -%}
|
||||||
|
client_max_body_size 4G;
|
||||||
|
{% if dns_multitenant and sites %}
|
||||||
|
server_name {% for site in sites %} {{ site.name }} {% endfor %};
|
||||||
|
{% else %}
|
||||||
|
server_name {{ site.name if not server_name else server_name }};
|
||||||
|
{% endif %}
|
||||||
|
{%- endmacro %}
|
||||||
|
|
||||||
|
{% macro server_block_http(site, port=80, default=False, server_name=None, sites=None, dns_multitenant=False) -%}
|
||||||
|
server {
|
||||||
|
listen {{ site.port if not default and site.port else port }} {% if default %} default {% endif %};
|
||||||
|
{{ server_name_block(site, default=default, server_name=server_name, sites=sites, dns_multitenant=dns_multitenant) }}
|
||||||
|
{{ location_block(site, port=port, default=default, server_name=server_name, sites=sites, dns_multitenant=dns_multitenant) }}
|
||||||
|
}
|
||||||
|
{%- endmacro %}
|
||||||
|
|
||||||
|
{% macro server_block_https(site, port=443, default=False, server_name=None, sites=None, dns_multitenant=False) -%}
|
||||||
|
server {
|
||||||
|
listen {{ site.ssl_port if not default and site.ssl_port else port }} {% if default %} default {% endif %};
|
||||||
|
{{ server_name_block(site, default=default, server_name=server_name, sites=sites, dns_multitenant=dns_multitenant) }}
|
||||||
|
|
||||||
|
ssl on;
|
||||||
|
ssl_certificate {{ site.ssl_certificate }};
|
||||||
|
ssl_certificate_key {{ site.ssl_certificate_key }};
|
||||||
|
ssl_session_timeout 5m;
|
||||||
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
|
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
|
||||||
|
{{ location_block(site, port=port, default=default, server_name=server_name, sites=sites, dns_multitenant=dns_multitenant) }}
|
||||||
}
|
}
|
||||||
{%- endmacro %}
|
{%- endmacro %}
|
||||||
|
|
||||||
{% for site in sites %}
|
{% for site in sites %}
|
||||||
|
|
||||||
{% if site.port %}
|
{% if site.port %}
|
||||||
{{ server_block(site) }}
|
{{ server_block_http(site) }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if site.ssl_certificate_key and site.ssl_certificate %}
|
||||||
|
{{ server_block_https(site) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% if default_site %}
|
{% if default_site %}
|
||||||
{{ server_block(default_site, default=True, server_name="frappe_default_site") }}
|
{{ server_block_http(default_site, default=True, server_name="frappe_default_site") }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if dns_multitenant and sites %}
|
{% if dns_multitenant and sites %}
|
||||||
{{ server_block(None, default=False, sites=sites, dns_multitenant=True) }}
|
{{ server_block_http(None, default=False, sites=sites, dns_multitenant=True) }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
@ -236,10 +236,22 @@ def update_site_config(site, new_config, bench='.'):
|
|||||||
put_site_config(site, config, bench=bench)
|
put_site_config(site, config, bench=bench)
|
||||||
|
|
||||||
def set_nginx_port(site, port, bench='.', gen_config=True):
|
def set_nginx_port(site, port, bench='.', gen_config=True):
|
||||||
|
set_site_config_nginx_property(site, {"nginx_port": port}, bench=bench)
|
||||||
|
|
||||||
|
def set_ssl_certificate(site, ssl_certificate, bench='.', gen_config=True):
|
||||||
|
set_site_config_nginx_property(site, {"ssl_certificate": ssl_certificate}, bench=bench)
|
||||||
|
|
||||||
|
def set_ssl_certificate_key(site, ssl_certificate_key, bench='.', gen_config=True):
|
||||||
|
set_site_config_nginx_property(site, {"ssl_certificate_key": ssl_certificate_key}, bench=bench)
|
||||||
|
|
||||||
|
def set_nginx_port(site, port, bench='.', gen_config=True):
|
||||||
|
set_site_config_nginx_property(site, {"nginx_port": port}, bench=bench)
|
||||||
|
|
||||||
|
def set_site_config_nginx_property(site, config, bench='.', gen_config=True):
|
||||||
from .config import generate_nginx_config
|
from .config import generate_nginx_config
|
||||||
if site not in get_sites(bench=bench):
|
if site not in get_sites(bench=bench):
|
||||||
raise Exception("No such site")
|
raise Exception("No such site")
|
||||||
update_site_config(site, {"nginx_port": port}, bench=bench)
|
update_site_config(site, config, bench=bench)
|
||||||
if gen_config:
|
if gen_config:
|
||||||
generate_nginx_config()
|
generate_nginx_config()
|
||||||
|
|
||||||
|
@ -25,6 +25,7 @@ set_opts () {
|
|||||||
VERBOSE=false
|
VERBOSE=false
|
||||||
HELP=false
|
HELP=false
|
||||||
FRAPPE_USER=false
|
FRAPPE_USER=false
|
||||||
|
BENCH_BRANCH="master"
|
||||||
FRAPPE_USER_PASS=`get_passwd`
|
FRAPPE_USER_PASS=`get_passwd`
|
||||||
MSQ_PASS=`get_passwd`
|
MSQ_PASS=`get_passwd`
|
||||||
ADMIN_PASS=`get_passwd`
|
ADMIN_PASS=`get_passwd`
|
||||||
@ -37,6 +38,7 @@ set_opts () {
|
|||||||
--mysql-root-password ) MSQ_PASS="$2"; shift; shift ;;
|
--mysql-root-password ) MSQ_PASS="$2"; shift; shift ;;
|
||||||
--frappe-user ) FRAPPE_USER="$2"; shift; shift ;;
|
--frappe-user ) FRAPPE_USER="$2"; shift; shift ;;
|
||||||
--setup-production ) SETUP_PROD=true; shift;;
|
--setup-production ) SETUP_PROD=true; shift;;
|
||||||
|
--bench-branch ) BENCH_BRANCH="$2"; shift;;
|
||||||
-- ) shift; break ;;
|
-- ) shift; break ;;
|
||||||
* ) break ;;
|
* ) break ;;
|
||||||
esac
|
esac
|
||||||
@ -298,7 +300,7 @@ setup_debconf() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
install_bench() {
|
install_bench() {
|
||||||
run_cmd sudo su $FRAPPE_USER -c "cd /home/$FRAPPE_USER && git clone https://github.com/frappe/bench bench-repo"
|
run_cmd sudo su $FRAPPE_USER -c "cd /home/$FRAPPE_USER && git clone https://github.com/frappe/bench --branch $BENCH_BRANCH bench-repo"
|
||||||
if hash pip-2.7 &> /dev/null; then
|
if hash pip-2.7 &> /dev/null; then
|
||||||
PIP="pip-2.7"
|
PIP="pip-2.7"
|
||||||
elif hash pip2.7 &> /dev/null; then
|
elif hash pip2.7 &> /dev/null; then
|
||||||
|
Loading…
x
Reference in New Issue
Block a user