6
0
mirror of https://github.com/ChristianLight/tutor.git synced 2025-01-10 09:02:14 +00:00
Commit Graph

122 Commits

Author SHA1 Message Date
Régis Behmo
7c157eccd5 feat: upgrade to Maple
- A shared cookie domain between lms and cms is no longer recommended:
https://github.com/edx/edx-platform/blob/master/docs/guides/studio_oauth.rst
- refactor: clean mounted data folder in lms/cms. In Lilac, the
bind-mounted lms/data and cms/data folders are a mess because new
folders are created there for every new course organisation.  These
folders are empty. As far as we know they are useless... With this
change we move these folders to a dedicated "modulestore" subdirectory;
which corresponds better to the initial intent of the fs_root setting.
- fix: frontend failure during login to the lms. See:
https://github.com/openedx/build-test-release-wg/issues/104
- feat: move all forum-related code to a dedicated plugin. Forum is an
optional feature, and as such it deserves its own plugin. Starting from
Maple, users will be able to install the forum from
https://github.com/overhangio/tutor-forum/
- migrate from DCS_* session cookie settings to SESSION_*. That's
because edx-platform no longer depends on django-cookies-samesite. Close
https://github.com/openedx/build-test-release-wg/issues/110
- get rid of tons of deprecation warnings in the lms/cms
- feat: make it possible to point to themed assets. Cherry-picking this
change makes it possible to point to themed assets with a theme-agnostic
url, notably from MFEs.
- Install all official plugins as part of the `tutor[full]` package.
- Don't print error messages about loading plugins during autocompletion.
- Prompt for image building when upgrading from one release to the next.
- Add `tutor local start --skip-build` option to skip building Docker images.

Close #450.
Close #545.
2021-12-20 21:21:36 +01:00
Régis Behmo
62ddc01cdc feat: k8s scale command + tutorial
- Add a `tutor k8s scale lms 11` command
- Create a "Running Open edX at scale" tutorial
2021-12-20 21:19:10 +01:00
Régis Behmo
b8ab829c11 feat: move all forum-related code to a dedicated plugin
Forum is an optional feature, and as such it deserves its own plugin. Starting
from Maple, users will be able to install the forum from
https://github.com/overhangio/tutor-forum/

Close #450.
2021-12-20 21:19:10 +01:00
Régis Behmo
01b58d9d75 feat: run all services as unprivileged containers
With this change, containers are no longer run as "root" but as unprivileged
users. This is necessary in some environments, notably some Kubernetes
clusters.

To make this possible, we need to manually fix bind-mounted volumes in
docker-compose. This is pretty much equivalent to the behaviour in Kubernetes,
where permissions are fixed at runtime if the volume owner is incorrect. Thus,
we have a consistent behaviour between docker-compose and Kubernetes.

We achieve this by bind-mounting some repos inside "*-permissions" services.
These services run as root user on docker-compose and will fix the required
permissions, as per build/permissions/setowner.sh These services simply do not
run on Kubernetes, where we don't rely on bind-mounted volumes. There, we make
use of Kubernete's built-in volume ownership feature.

With this change, we get rid of the "openedx-dev" Docker image, in the sense
that it no longer has its own Dockerfile. Instead, the dev image is now simply
a different target in the multi-layer openedx Docker image. This makes it much
faster to build the openedx-dev image.

Because we declare the APP_USER_ID in the dev/docker-compose.yml file, we need
to pass the user ID from the host there. The only way to achieve that is with a
tutor config variable. The downside of this approach is that the
dev/docker-compose.yml file is no longer portable from one machine to the next.
We consider that this is not such a big issue, as it affects the development
environment only.

We take this opportunity to replace the base image of the "forum" image. There
is now no need to re-install ruby inside the image. The total image size is
only decreased by 10%, but re-building the image is faster.

In order to run the smtp service as non-root, we switch from namshi/smtp to
devture/exim-relay. This change should be backward-compatible.

Note that the nginx container remains privileged. We could switch to
nginxinc/nginx-unprivileged, but it's probably not worth the effort, as we are
considering to get rid of the nginx container altogether.

Close #323.
2021-12-20 21:19:10 +01:00
Régis Behmo
231bbbfe99 feat: get rid of the nginx container and services
Nginx and Caddy performed duplicate tasks. It was decided to get rid of
the nginx container, for simplification. This is a breaking change for
plugin developers. Also, applications that collect nginx logs will have
to be modified.

See:
- Corresponding TEP: https://discuss.overhang.io/t/tep-get-rid-of-the-nginx-container/2024
- the prior discussion: https://discuss.overhang.io/t/why-caddy-nginx/1952
2021-12-20 21:19:10 +01:00
Maxim Beder
19157d94bc feat: allow to specify extra pip packages in config
Added OPENEDX_EXTRA_PIP_REQUIREMENTS setting, which allows to specify
extra pip packages that should be installed.

Moved "openedx-scorm-xblock" package from Dockerfile to the new setting
in the config.yml.
2021-11-30 11:32:40 +01:00
Régis Behmo
e14f660cb1 docs: reorganize local guides in tutorials
There is too much information in each of the local/k8s/dev docs pages. The
"guides" that are listed in each one of those pages are moved either to "common
tasks" or to a dedicated "tutorials" section. This paves the way for more
comprehensive tutorials, where we describe how to run the latest master
branches of Open edX.

I am well aware that, as they stand, the tutorials are of poor quality and
should be rewritten. This is a task for another day/commit. For now, we only
move the contents to a separate part of the docs.

Also, we should add a "reference" section to the docs, where we add the result
of `tutor <subcommand> --help`.
2021-10-14 12:59:57 +02:00
Crist
e3788257db Feature: configuration setting PREVIEW_LMS_BASE
discussion: https://discuss.overhang.io/t/new-settings-variable/1973/4
2021-10-04 14:51:14 +02:00
Régis Behmo
c1e63c873a docs: clarify how to use custom ssl certificates
I realized that the docs were very unclear, contradictory and misleading on
the topic of SSL/TLS termination and web proxies.

See: https://discuss.overhang.io/t/why-caddy-nginx/1952/10
2021-10-04 10:26:52 +02:00
Shimul Chowdhury
791c0161df feat: ability to pass docker build options via env variable TUTOR_DOCKER_BUILD_ARGS
feat: use --docker-arg flag instead of env variable to pass docker build options

chore: remove unused import

chore: added changelog

feat: added shorthand -d for --docker-arg

fix: typo
2021-09-30 12:42:27 +02:00
Régis Behmo
41b65b80d5 Upgrade to open-release/lilac.2 2021-08-10 12:26:30 +02:00
ChrisChV
b4ee6760eb docs: Forum config section added in Configuration and customisation 2021-06-23 00:51:10 +02:00
Régis Behmo
ceddc11c29 feat: upgrade to open-release/lilac.master
One of the breaking changes of this release is the removal of the webui and
android features; these are moved to dedicated plugins. This causes a breaking
change: the renaming of the DOCKER_IMAGE_ANDROID
config variable to ANDROID_DOCKER_IMAGE.

See this TEP for reference: https://discuss.overhang.io/t/separate-webui-and-android-from-tutor-core-and-move-to-dedicated-plugins/1473
2021-06-08 23:29:12 +02:00
liupengcheng
028162fea4 feat: Make openedx redis db configurable.
Redis db 0 is used for celery broker and db 1 is used for cache
by default.
2021-05-18 09:35:36 +02:00
liupengcheng
96be0b7401 docs: fix redis port configuration. 2021-04-20 09:37:34 +02:00
Calvin
9a16391d45 docs: mention MySQL external version 2021-04-14 21:57:36 +02:00
Régis Behmo
4a65f24ae7 feat: upgrade all services to open-release/koa.3
We remove security patches and custom fixes which are now part of koa.3.

We take the opportunity to make it possible to build the openedx Docker image
without relying on a corresponding openedx-i18n repo tag: often, we want to
test whether the image simply builds successfully, and we don't need up-to-date
translations. For those cases, it's now possible to pass the `-a
OPENEDX_I18N_VERSION=oldertag` build argument.
2021-04-09 10:13:34 +02:00
Régis Behmo
5cff808ee7 docs: non-ascii locales must specify a content-type
See: https://discuss.overhang.io/t/translating-login-registration-page/1378/3

This should also address issue #410.
2021-04-06 12:08:30 +02:00
Régis Behmo
02f9d8db44 Upgrade to open-release/koa.2 2021-02-10 00:15:54 +01:00
Régis Behmo
728ef966dc v11.0.0 (2020-12-09)
- 💥[Improvement] Upgrade Open edX to Koa
- 💥 Setting changes:
    - The ``ACTIVATE_HTTPS`` setting was renamed to ``ENABLE_HTTPS``.
    - Other ``ACTIVATE_*`` variables were all renamed to ``RUN_*``.
    - The ``WEB_PROXY`` setting was removed and ``RUN_CADDY`` was added.
    - The ``NGINX_HTTPS_PORT`` setting is deprecated.
- Architectural changes:
    - Use Caddy as a web proxy for automated SSL/TLS certificate generation:
	- Nginx no longer listens to port 443 for https traffic
	- The Caddy configuration file comes with a new ``caddyfile`` patch for much simpler SSL/TLS management.
	- Configuration files for web proxies are no longer provided.
	- Kubernetes deployment no longer requires setting up a custom Ingress resource or custom manager.
    - Gunicorn and Whitenoise are replaced by uwsgi: this increases boostrap performance and makes it no longer necessary to mount media folders in the Nginx container.
    - Replace memcached and rabbitmq by redis.
- Additional features:
    - Make it possible to disable all plugins at once with ``plugins disable all``.
    - Add ``tutor k8s wait`` command to wait for a pod to become ready
    - Faster, more reliable static assets with local memory caching
- Deprecation: proxy files for Apache and Nginx are no longer provided out of the box.
- Removed plugin `{{ patch (...) }}` statements:
    - "https-create", "k8s-ingress-rules", "k8s-ingress-tls-hosts": these are no longer necessary. Instead, declare your app in the "caddyfile" patch.
    - "local-docker-compose-nginx-volumes": this patch was primarily used to serve media assets. The recommended is now to serve assets with uwsgi.
2020-12-10 01:05:02 +01:00
Régis Behmo
cacb4f4cfd Remove dev/local pullimages command
Now that we have the `dc` command this can be simplified to `dc pull`.
2020-11-16 12:50:01 +01:00
Régis Behmo
d2d5532386 Clarify forking instructions 2020-10-16 13:10:00 +02:00
Régis Behmo
c3052aa34c Fix WEB_PROXY default value in docs 2020-10-06 11:04:42 +02:00
Régis Behmo
ea3839eb74 Introduce the OPENEDX_COMMON_VERSION setting 2020-09-03 17:33:25 +02:00
Régis Behmo
0b4619ff90 Upgrade to juniper.3
Close #365.
2020-08-27 17:48:07 +02:00
Régis Behmo
6980550b7c Clarify image downloading in k8s docs
Close #362
2020-08-16 16:05:06 +02:00
Régis Behmo
bbd92223ee Make it possible to override the docker registry for individual services
Previously, it was not possible to override the docker registry for just
one or a few services. Setting the DOCKER_REGISTRY configuration
parameter would apply to all images. This was inconvenient. To resolve
this, we include the docker registry value in the DOCKER_IMAGE_*
configuration parameters. This allows users to override the docker
registry individually by defining the DOCKER_IMAGE_SERVICENAME
configuration parameter.

See https://discuss.overhang.io/t/kubernetes-ci-cd-pipeline/765/3
2020-07-21 09:16:51 +02:00
Régis Behmo
ef6b1c3433 Upgrade to open-release/juniper.2 2020-07-16 11:57:35 +02:00
Régis Behmo
c88ffd2994 Fix theme installation instructions
Close #339.
2020-06-17 11:53:41 +02:00
Régis Behmo
4d6de0138a v10.0.0 Upgrade to Juniper (2020-06-15)
Here, we upgrade the Open edX platform from Ironwood to Juniper. This
upgrade does not come with many feature changes, but there are many
technical improvements under the hood:

- Upgrade from Python 2.7 to 3.5
- Upgrade from Mongodb v3.2 to v3.6
- Upgrade Ruby to 2.5.7

We took the opportunity to completely rething the way locally running
platforms should be accessed for testing purposes. It is no longer
possible to access a running platform from http://localhost and
http://studio.localhost. Instead, users should access
http://local.overhang.io and https://studio.local.overhang.io. This
drastically simplifies internal communication between Docker containers.

To upgrade, users should simply run:

    tutor local quickstart

For Kubernetes platform, the upgrade process is outlined when running:

    tutor k8s upgrade --from=ironwood
2020-06-15 10:19:07 +02:00
Régis Behmo
ca39b87ab6 Fix docs on restarting platform after custom openedx image build
Close #338
2020-06-07 17:52:03 +02:00
Régis Behmo
3831e2e53d Make the mysql root username a configuration parameter
This allows users who connect to an external database to customise the
root username. Indeed, quite often the "root" username is reserved.

Close #328
2020-06-01 17:11:10 +02:00
Régis Behmo
687066e598 Better documentation of simple yaml plugins 2020-05-18 11:31:29 +02:00
Claudio Acciaresi
be195d5162 Finishing sentence.
Fixing spacing.
2020-05-06 16:52:17 +02:00
Régis Behmo
49c71f8af2 Add scorm xblock to the openedx docker image 2020-04-25 14:20:13 +02:00
Régis Behmo
33ab52bfeb Make it easy to add custom translation strings to edx-platform
Users can now add custom translation strings to a locale folder at build
time, very much in the same way as custom themes or requirements. This
is quite convenient, although is does require quite a bit of time to
rebuild the docker images.
2020-04-16 19:30:08 +02:00
Régis Behmo
76d1078382 Make it possible to pull nodejs packages from custom npm registry
During an incident at npmjs.org it was extremely difficult to pull
nodejs packages -- so we made it possible to pull from a custom
registry, deployed for instance with Verdaccio (https://verdaccio.org/).
2020-04-16 19:26:02 +02:00
Régis Behmo
16819bd697 Rename *_PROTOCOL to *_SCHEME 2020-03-12 09:37:22 +01:00
Régis Behmo
702e8cca7d Make it possible to run an Elasticsearch service on https
This is useful when running elasticsearch from 3rd-party vendors.
2020-03-10 10:37:14 +01:00
Régis Behmo
83459d43d5 Fix broken elasticsearch configuration
Because we are running a version of elasticsearch older than Methusalem,
the docker environment variables were not properly taken into account.
For instance, the cluster name and "mlockall" settings were incorrect,
as we could see by running:

    $ tutor local run lms curl elasticsearch:9200 | grep cluster_name
    ...
      "cluster_name" : "elasticsearch",
    $ tutor local run lms curl elasticsearch:9200/_nodes/process?pretty | grep mlock
      ...
     "mlockall" : false

See
https://discuss.overhang.io/t/elastic-container-is-not-being-removed/312/3
for discussion.

This fix also introduces a new tutor configuration setting to adjust the
elasticsearch heap size.
2020-02-26 11:47:43 +01:00
Claudio Acciaresi
313f7172ed Updating documentation on how to renew certificates. 2020-01-29 17:52:00 +01:00
Régis Behmo
e8248b26d6 Tutor docker images should point to docker.io, too 2020-01-10 17:22:01 +01:00
Régis Behmo
f66ad1ca32 Docs: install -> installation
"install" is a verb and "installation" is a noun.
2019-11-22 09:32:50 +01:00
Régis Behmo
cac7e947b6 Fix minor internal ref issue in config docs 2019-11-19 21:08:35 +01:00
Régis Behmo
8659b6e7ac Added config values for #gunicorn workers 2019-09-19 15:39:18 +02:00
Régis Behmo
d7477ba348 Add support for SMTP SSL, in addition to TLS
Note that SSL and TLS are incompatible.

Close #231.
2019-07-08 06:24:35 +08:00
Régis Behmo
a68dc4f68f Add support for external SMTP server with TLS
Note that this setting will not work with the default namshi smtp server
shipped with tutor.

Close #231.
2019-07-07 10:17:49 +08:00
Régis Behmo
11e735f4e5 Migrate notes to a dedicated plugin 2019-07-04 09:31:12 +08:00
Régis Behmo
07a0323d8e Move Xqueue to a dedicated plugin
This gives us the opportunity to develop new hooks: build-image and
remote-image.
2019-07-04 09:31:12 +08:00
Régis Behmo
866aae5cfe Remove references to Regis' dockerhub account 2019-06-23 23:11:07 +02:00
Régis Behmo
84f2060d33 Working Kubernetes quickstart
The k8s quickstart command is now functional, with suppport for https,
xqueue, notes and minio. There are still a few bugs to get rid of,
though.
2019-06-17 22:38:55 +02:00
Régis Behmo
d9b6895629 Pin docker image tags to tutor versions
Having an identical "ironwood" tag for all releases is not practical, in
particular for breaking changes. Thus, docker images are now pinned to
the tutor version that they were build with.
2019-06-17 20:40:46 +02:00
Régis Behmo
bc21102cf4 Make configuration silent (non-interactive) by default
Thus, we remove the -y/--yes options, which were kind of unintuitive,
and we add instead `-i/--interactive`. The quickstart commands remain
interactive by default, but can be silenced with `-I/--non-interactive`.
2019-06-07 22:49:45 +02:00
Régis Behmo
ea6c276b69 Add missing quotes in documentation 2019-05-22 20:03:46 +02:00
Régis Behmo
2234510cfb Make it possible to configure the notes service hostname
This is important, in particular in development.
2019-05-15 10:52:45 +02:00
Régis Behmo
b4e3c43902 Better documentation
- More concise table of contents
- New intro
- Simpler make commands
- Fix a couple typos here and there
- Get rid of the default github issue template, and start using the
template created online.
2019-05-13 16:34:17 +02:00
Régis Behmo
d1f386c149 Pluggable lms/cms/forum
LMS, CMS and forum can now be independently (de)activated. This will be
useful to deploy Tutor on multiple servers.
2019-04-22 11:59:53 +02:00
Régis Behmo
3b9880ec74 Rename --silent option to -y/--yes 2019-04-09 11:17:19 -07:00
WeJie
7a8ecbabec Add quotes for command $(tutor config printroot)
https://github.com/regisb/tutor/issues/192
2019-04-09 10:54:08 -07:00
Régis Behmo
6e6dbed749 Fix remaining references to hawthorn in the docs 2019-03-27 07:56:24 -07:00
Régis Behmo
566fca3c34 Fix missing minor config params in documentation 2019-03-21 14:15:25 +01:00
Régis Behmo
a85ee37682 Configurable mongodb username/password/port 2019-03-21 00:47:42 +01:00
Régis Behmo
e35efa3302 Configurable Rabbitmq authentication 2019-03-20 19:02:39 +01:00
Régis Behmo
0a02d65760 Configurable SMTP server authentication
We can now define non-empty username/password for sending email.
2019-03-20 18:52:57 +01:00
Régis Behmo
7e2bfaf217 Harmonize mysql usernames and passwords
We were using the same password both for the root and the openedx user.
This used to be fine, but alas it is so no longer.
2019-03-20 18:45:20 +01:00
Régis Behmo
259b8961c8 Pluggable SMTP service
This is part of #114
2019-03-20 18:45:09 +01:00
Régis Behmo
f6d6fb642d Make it possible to (de)activate individual data services
Close #114
2019-03-20 18:59:09 +01:00
Régis Behmo
bccbd58e20 Easily customise the docker registry
As a consequence, `images` commands lose the `--namespace/--version`
arguments, which were confusing anyway.
2019-03-18 21:53:18 +01:00
Régis Behmo
e3b10b72f2 Load configuration values from environment
Configuration values can be loaded from the system environment by adding
a "TUTOR_" prefix.

Environment values supersede values from the user configuration file, so
that we can set values from the command line with "KEY=VAL tutor config
save --silent" even when KEY is already present in the user
configuration file.
2019-03-18 21:47:59 +01:00
Régis Behmo
07b3d113d4 Simplify environment generation
Environment is no longer generated separately for each target, but only
once the configuration is saved.

Note that the environment is automatically updated during
re-configuration, based on a "version" file stored in the environment.
2019-03-18 18:34:42 +01:00
Régis Behmo
970ab607b5 Rename "config [non]interactive" command to "config save [--silent]" 2019-03-09 11:27:51 +01:00
Régis Behmo
6d19b99b66 Configurable docker images
Docker images for each service can now be configured one by one.

Close #122.
2019-03-09 11:17:48 +01:00