Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
FusionIAM
FusionIAM
Commits
5f892fd9
Commit
5f892fd9
authored
Sep 07, 2021
by
Clément OUDOT
Browse files
Service Desk container (
#11
)
parent
24c4f1fe
Changes
11
Hide whitespace changes
Inline
Side-by-side
build/centos8/Makefile
View file @
5f892fd9
...
...
@@ -9,6 +9,7 @@ all:
make
-B
llng
make
-B
openldap
make
-B
whitepages
make
-B
servicedesk
base
:
$(CTN)
build
--no-cache
-t
$(IMAGENAME)
:
$(VVERSION)
.
...
...
@@ -22,5 +23,8 @@ llng:
openldap
:
cd
openldap-ltb
;
make
-B
all
servicedesk
:
cd
service-desk
;
make
-B
all
whitepages
:
cd
white-pages
;
make
-B
all
build/centos8/service-desk/DEPENDENCY
0 → 100644
View file @
5f892fd9
fusioniam-centos8
build/centos8/service-desk/Dockerfile
0 → 100644
View file @
5f892fd9
ARG
DEPEND
ARG
VERSION
FROM
$DEPEND:$VERSION
EXPOSE
8080
COPY
ansible/ ./
RUN
bash ./run-playbook.sh install.yaml
&&
\
sed
-i
's/listen *80/listen 8080/g'
/etc/nginx/nginx.conf
;
\
sed
-i
's/:80/:8080/g'
/etc/nginx/nginx.conf
;
\
sed
-i
's/user *nginx/user fusioniam/g'
/etc/nginx/nginx.conf
;
\
sed
-i
's@fastcgi_pass.*@fastcgi_pass unix:/var/run/php-fpm/www.sock;@g'
/etc/nginx/default.d/php.conf
;
\
chown
-R
fusioniam:fusioniam /var/cache/service-desk/templates_c
;
\
chown
-R
fusioniam:fusioniam /var/cache/service-desk/cache
;
\
rm
-f
install.yaml
RUN
cp
/usr/share/service-desk/conf/config.inc.php /usr/share/service-desk/
build/centos8/service-desk/Makefile
0 → 100644
View file @
5f892fd9
FVERSION
=
../../VERSION
FDEPEND
=
DEPENDENCY
CTN
=
`
which podman
>
/dev/null 2>&1
&&
echo
podman
||
echo
docker
`
IMAGENAME
=
"fusioniam-centos8-service-desk"
VDEPEND
=
`
cat
$(FDEPEND)
`
VVERSION
=
`
cat
$(FVERSION)
`
all
:
make
-B
servicedesk
clean
:
$(CTN)
rmi
-f
$(IMAGENAME)
:
$(VVERSION)
servicedesk
:
$(CTN)
build
--build-arg
DEPEND
=
"
$(VDEPEND)
"
--build-arg
VERSION
=
"
$(VVERSION)
"
-t
$(IMAGENAME)
:
$(VVERSION)
.
build/centos8/service-desk/ansible/deploy.yaml
0 → 100644
View file @
5f892fd9
---
-
hosts
:
localhost
vars
:
CUSTOMERID
:
"
{{
lookup('env',
'CUSTOMERID')
|
default(omit)
}}"
LDAP_HOST
:
"
{{
lookup('env',
'LDAP_HOST')
|
default('localhost',true)
}}"
LDAP_PORT
:
"
{{
lookup('env',
'LDAP_PORT')
|
default('33389',true)
}}"
LDAP_PROTO
:
"
{{
lookup('env',
'LDAP_PROTO')
|
default('ldap',true)
}}"
LDAP_STARTTLS
:
"
{{
lookup('env',
'LDAP_STARTTLS')
|
default('false',true)
}}"
SSO_DOMAIN
:
"
{{
lookup('env',
'SSO_DOMAIN')
|
default(omit)
}}"
VHOST_NAME
:
"
{{
lookup('env',
'SERVICEDESK_NAME')
|
default(omit)
}}"
SERVICEDESK_LDAP_PASSWORD
:
"
{{
lookup('env',
'SERVICEDESK_LDAP_PASSWORD')
|
default(omit)
}}"
SERVICEDESK_LDAP_USERNAME
:
"
{{
lookup('env',
'SERVICEDESK_LDAP_USERNAME')
|
default(omit)
}}"
tasks
:
-
name
:
Assert variables
assert
:
that
:
-
'
"{{
item.value
}}"
is
defined'
-
'
{{
item.value
|
length
}}
>
0'
quiet
:
True
fail_msg
:
'
{{
item.name
}}
is
missing
or
empty'
loop
:
-
name
:
'
CUSTOMERID'
value
:
'
{{
CUSTOMERID
}}'
-
name
:
'
LDAP_HOST'
value
:
'
{{
LDAP_HOST
}}'
-
name
:
'
LDAP_PORT'
value
:
'
{{
LDAP_PORT
}}'
-
name
:
'
LDAP_PROTO'
value
:
'
{{
LDAP_PROTO
}}'
-
name
:
'
LDAP_STARTTLS'
value
:
'
{{
LDAP_STARTTLS
}}'
-
name
:
'
SSO_DOMAIN'
value
:
'
{{
SSO_DOMAIN
}}'
-
name
:
'
VHOST_NAME'
value
:
'
{{
VHOST_NAME
}}'
-
name
:
'
SERVICEDESK_LDAP_PASSWORD'
value
:
'
{{
SERVICEDESK_LDAP_PASSWORD
}}'
-
name
:
'
SERVICEDESK_LDAP_USERNAME'
value
:
'
{{
SERVICEDESK_LDAP_USERNAME
}}'
-
name
:
Deploy config.inc.local.php file
template
:
src
:
config.inc.local.php.j2
dest
:
/usr/share/service-desk/conf/config.inc.local.php
mode
:
u=rw,g=r,o=r
-
name
:
Deploy vhost
template
:
src
:
service-desk.conf.j2
dest
:
/etc/nginx/conf.d/service-desk.conf
mode
:
u=rw,g=r,o=r
build/centos8/service-desk/ansible/files/RPM-GPG-KEY-LTB-project
0 → 100644
View file @
5f892fd9
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)
mQGiBEpM/vsRBACPS+MZ7o9qdx4NDquqA6oBy9ROlI/ls5k2vVkW9IZTr5z8jBEk
zI3vNN2bl5uMKOYpgd416bGYa1RXo4VVS549i+BqECapb+/xp4BBdiGmrMGHFpBj
EaAE5oQcvAZ/gkJ4gvuRtfVmWZVLPdUun3Y8RUwDkidn7v3ga396n+4O9wCgsuAM
15R3NedYtq381be+PxbKnSsD/A6MDUOF9hayWxyMixP2iOZ20/P8lfZ5AZ7fzafw
7sx+47J9CLu4jByIkBqWQbrsioqL03dklvxA5gvEaPB4ShEod5QPvqi0GZdQcq/5
LnVUfcsEK1OetugYm7FKAj8PuGQGPa8p1F954b+4zHoETnd1lwpYkggp080sfTHs
s1l3A/9sKDiOW19CLgTOYbm9P90NBlKVTu5Gk3S+2y9mACUBZgocdfbKMATG8JFh
bGb0CJIAroAt3l08B9C7at+wcq/p83A+HrjBvpAv2hhagqQvQq/ShnLtlQCvVXx5
d7iMQUGn2pCb3hcDYJ90zT0xh6IjksYFI4sbEASPivkpf9HIprQyQ2xlbWVudCBP
VURPVCAoTFRCLXByb2plY3QpIDxjbGVtLm91ZG90QGdtYWlsLmNvbT6IYAQTEQIA
IAUCSkz++wIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEArFH5JtRb/Fya4A
oKJgXsq3EMpYbQwTOe3pCfDyhSXJAJwJ2Y8Fe8Xd4txkOf92ZDVLB1SDb7kCDQRK
TP7+EAgAzEYvVE/p21nw5dkgW2kjhpi0ZxBb8WbyBSgtWBuNDbPssrEb75O92CEG
fXpSEk8hi4J1XEs/xUF+eUR0Z9mI2eHcxoBrxv8Stu3jiVTQhGcBzZ8GwPjZC7+Z
GaaRL/GaByrbj8aBbH88wpDZLu5YfLD21ChLqrtsU/fzvFw6oMValA5LE4ZwjPVP
jQhIikMXCqsMOdbvfut2Cp3f7mvQWDIh1GfucQvBz4AcTqdXvVXDDJBNQRZMdCzK
fLpAfhXbqjSgylag7KyrPDMTxYRqgzsAFeqCktp14NAcKVXAotpcrVfyzFwRGOCD
EopOAvJy0FmLQZdgdDVlYmsTarq0uwADBQf/QO/nA1fXsNZ28Feh3JVoWoGHij9i
njMPcxRgBppHUntx7Nfyx616UTvfQpvlFl7vQk44Po5U7WYOwM7ymyx/a/etpvOk
CQfGsiwBtsPNvRTFx/0UQmLI6AcWvzMS1LpU6oLofJ7PFU4z3VVkEMxeyPkOjmXm
r3mAqoM38r2nSGFqefHL4Gjp5zt7ovSJPgviutKTFiBTZdIWNYnnlZMkk6Bk5aLm
qezR2xEis6z4QTkzzjZ2N7iXGvkdU32BJdINFMSL74rHvbkpZbP4NuatZwea85YH
4EoAVc9NQWsRGMBH1m7nFPZWi+8nYtHrGvD2PDDPvsO9ye6nyErmQrX5vYhJBBgR
AgAJBQJKTP7+AhsMAAoJEArFH5JtRb/Fa3UAn1vjVKKSR61z6Y0bwtn1schgWr9m
AKCBf9v5/CF14rlyNfl4xNTHA7og0w==
=M5DF
-----END PGP PUBLIC KEY BLOCK-----
build/centos8/service-desk/ansible/files/php-fpm.www.conf
0 → 100644
View file @
5f892fd9
[
www
]
user
=
fusioniam
group
=
fusioniam
listen
= /
run
/
php
-
fpm
/
www
.
sock
listen
.
acl_users
=
apache
,
nginx
,
fusioniam
listen
.
allowed_clients
=
127
.
0
.
0
.
1
pm
=
dynamic
pm
.
max_children
=
120
pm
.
start_servers
=
12
pm
.
min_spare_servers
=
6
pm
.
max_spare_servers
=
20
slowlog
= /
var
/
log
/
php
-
fpm
/
www
-
slow
.
log
php_admin_value
[
error_log
] = /
var
/
log
/
php
-
fpm
/
www
-
error
.
log
php_admin_flag
[
log_errors
] =
on
php_value
[
session
.
save_handler
] =
files
php_value
[
session
.
save_path
] = /
var
/
lib
/
php
/
session
php_value
[
soap
.
wsdl_cache_dir
] = /
var
/
lib
/
php
/
wsdlcache
build/centos8/service-desk/ansible/install.yaml
0 → 100644
View file @
5f892fd9
---
-
hosts
:
localhost
tasks
:
-
name
:
Install LTB repository
yum_repository
:
name
:
LTB-project-packages-noarch
description
:
LTB project packages (noarch) YUM repo
file
:
ltb-project
baseurl
:
https://ltb-project.org/rpm/$releasever/noarch
gpgcheck
:
yes
-
name
:
Install LTB GPG key
copy
:
src
:
RPM-GPG-KEY-LTB-project
dest
:
/etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project
owner
:
root
group
:
root
mode
:
0644
-
name
:
Import LTB GPG key
rpm_key
:
key
:
/etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project
state
:
present
-
name
:
Install packages
yum
:
name
:
-
nginx
-
php-fpm
-
service-desk
state
:
present
-
name
:
Install php-fpm configuration
copy
:
src
:
php-fpm.www.conf
dest
:
/etc/php-fpm.d/www.conf
build/centos8/service-desk/ansible/run-ct.sh
0 → 100644
View file @
5f892fd9
#!/bin/sh
set
-e
echo
"fusioniam:x:
$(
id
-u
)
:
$(
id
-g
)
:,,,:
${
HOME
}
:/bin/bash"
>>
/etc/passwd
echo
"fusioniam:x:
$(
id
-G
|
cut
-d
' '
-f
2
)
"
>>
/etc/group
cp
/usr/share/service-desk/config.inc.php /usr/share/service-desk/conf/config.inc.php
/bin/bash /run-playbook.sh /deploy.yaml
if
[
"
$1
"
=
"nginx"
]
then
ln
-sf
/dev/stdout /var/log/nginx/access.log
ln
-sf
/dev/stdout /var/log/nginx/error.log
ln
-sf
/dev/stdout /var/log/nginx/wp.access.log
ln
-sf
/dev/stdout /var/log/nginx/wp.error.log
/usr/sbin/nginx
-g
'daemon off;'
elif
[
"
$1
"
=
"php-fpm"
]
then
ln
-sf
/dev/stdout /var/log/php-fpm/error.log
ln
-sf
/dev/stdout /var/log/php-fpm/www-error.log
/usr/sbin/php-fpm
--nodaemonize
fi
exit
0
build/centos8/service-desk/ansible/templates/config.inc.local.php.j2
0 → 100644
View file @
5f892fd9
<?php
# LDAP
$ldap_url
=
"{{ LDAP_PROTO }}://{{ LDAP_HOST }}:{{ LDAP_PORT }}"
;
$ldap_starttls
=
{{
LDAP_STARTTLS
}};
$ldap_binddn
=
"cn={{ SERVICEDESK_LDAP_USERNAME }},ou=dsa,o=admin,dc=fusioniam,dc=org"
;
$ldap_bindpw
=
"{{ SERVICEDESK_LDAP_PASSWORD }}"
;
$ldap_base
=
"o={{ CUSTOMERID }},dc=fusioniam,dc=org"
;
$ldap_user_base
=
"ou=users,"
.
$ldap_base
;
$ldap_user_filter
=
"(objectClass=inetOrgPerson)"
;
$ldap_size_limit
=
100
;
$ldap_default_ppolicy
=
"cn=default,ou=ppolicies,"
.
$ldap_base
;
# Graphics
$display_footer
=
false
;
# Logout Link
$logout_link
=
"https://auth.{{ SSO_DOMAIN}}/"
;
build/centos8/service-desk/ansible/templates/service-desk.conf.j2
0 → 100644
View file @
5f892fd9
server {
listen 8080;
root /usr/share/service-desk/htdocs/;
index index.php;
server_name {{ VHOST_NAME }}.{{ SSO_DOMAIN }};
access_log /var/log/nginx/sd.access.log;
error_log /var/log/nginx/sd.error.log;
location ~ \.php(?:$|/) {
fastcgi_pass unix:/var/run/php-fpm/www.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
}
location / {
try_files $uri $uri/ =404;
}
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment