linaro-license-protection

Merge lp:~stevanr/linaro-license-protection/configs-add-firmware-tab into lp:~linaro-automation/linaro-license-protection/trunk

  1. configs-add-firmware-tab
  2. Merge into trunk
Proposed by Stevan Radaković
Status: Rejected
Rejected by: Stevan Radaković
Proposed branch: lp:~stevanr/linaro-license-protection/configs-add-firmware-tab
Merge into: lp:~linaro-automation/linaro-license-protection/trunk
Diff against target: 1017 lines (+898/-0) (has conflicts)
23 files modified
README (+216/-0)
apache/releases.linaro.org (+39/-0)
apache/security/all-private-hwpack-teams.txt (+5/-0)
apache/security/allowed-ops.txt (+1/-0)
apache/security/arm-private-hwpack-teams.txt (+1/-0)
apache/security/freescale-private-hwpack-teams.txt (+1/-0)
apache/security/linaro-android-teams.txt (+2/-0)
apache/security/linaro-teams.txt (+1/-0)
apache/security/mservices.linaro.org-teams.txt (+2/-0)
apache/security/samsung-private-hwpack-teams.txt (+1/-0)
apache/security/ste-private-hwpack-teams.txt (+1/-0)
apache/security/ti-private-hwpack-teams.txt (+1/-0)
apache/snapshots.linaro.org (+165/-0)
apache/staging.releases.linaro.org (+39/-0)
apache/staging.snapshots.linaro.org (+164/-0)
django/settings_releases.py (+59/-0)
django/settings_snapshots.py (+59/-0)
django/settings_staging_releases.py (+43/-0)
django/settings_staging_snapshots.py (+22/-0)
wsgi/wsgi_releases.py (+19/-0)
wsgi/wsgi_snapshots.py (+19/-0)
wsgi/wsgi_staging_releases.py (+19/-0)
wsgi/wsgi_staging_snapshots.py (+19/-0)
Conflict adding file README.  Moved existing file to README.moved.
To merge this branch: bzr merge lp:~stevanr/linaro-license-protection/configs-add-firmware-tab
Reviewer Review Type Date Requested Status
Fathi Boudra Approve
Review via email: mp+187717@code.launchpad.net

Description of the change

Add fastmodels tab. Rename 'Firmware update' to 'firmware'.

To post a comment you must log in.
Revision history for this message
Fathi Boudra (fboudra) wrote :

ship it!

review: Approve

Unmerged revisions

34. By Stevan Radaković

Add fastmodels tab. Rename 'Firmware update to 'firmware'.

33. By Milo Casagrande

Added UPLOAD_PATH setting.

32. By Milo Casagrande

Fixed Python path to point to Python 2.7.

31. By Paul Sokolovsky

Capture latest apache config from actual staging.snapshots.linaro.org host.

30. By Paul Sokolovsky

Update README with steps for /etc/apache2/security/ population.

29. By Paul Sokolovsky

Capture /etc/apache2/security dir from snapshots.linaro.org

This nostly contains OpenID group lists. These files are referenced
from *snapshots.linaro.org Apache site config files.

28. By Paul Sokolovsky

Update name of deployment script.

27. By Georgy Redkozubov

Removed fallback support

26. By Georgy Redkozubov

[merge] Update LINUX_FILES according to spec

25. By Georgy Redkozubov

Remove HOWTO_flashfirmware.txt from mandatory files

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added file 'README'
2--- README 1970-01-01 00:00:00 +0000
3+++ README 2013-09-26 10:45:13 +0000
4@@ -0,0 +1,216 @@
5+Linaro License Protection configuration
6+=======================================
7+
8+This branch contains current production configuration for
9+
10+ * releases.linaro.org (hosted on mombin.canonical.com)
11+ * snapshots.linaro.org (mombin)
12+ * staging.releases.linaro.org (kahaku.canonical.com)
13+ * staging.snapshots.linaro.org (kahaku.canonical.com)
14+
15+
16+Dependencies
17+------------
18+
19+libapache2-mod-xsendfile >= 0.10
20+libapache2-mod-python
21+python-django >= 1.3.1
22+python-django-openid-auth
23+python-apache-openid
24+
25+python-apache-openid is needed until we migrate existing apache
26+openid-protected directories to the new setup.
27+
28+
29+Pushing framework on snapshots.linaro.org
30+-----------------------------------------
31+
32+Pushing/uploading side is currently implemented as a multi-system setup:
33+
34+ * configuration on jenkins
35+ * configuration of users on server
36+
37+Configuration of jenkins
38+........................
39+
40+ * We are using Publish-over-SSH plugin for jenkins
41+
42+ * We perform two build (not publish, to allow for LAVA to have known URLs)
43+ steps:
44+
45+ * publish artifacts over SSH (ends up on a private location on the server)
46+
47+ * call out a trigger script over SSH (to move files securely to a public
48+ location)
49+
50+ * We use strictly "push from master" in advanced settings of publish-over-ssh
51+ plugin, and keep private keys for both actions above on the master:
52+
53+ /home/ubuntu/snapshots-sync2/linaro-android-build-publish —
54+ linaro-android-build-publish
55+ /home/ubuntu/snapshots-sync2/linaro-android-build-publish-trigger —
56+ linaro-android-build-publish-trigger
57+
58+Configuration of users on the receiving server (snapshots.l.o)
59+..............................................................
60+
61+For the two actions above, we have two separate users for all hosts
62+accessing the system (two for android-build.linaro.org and another two
63+for ci.linaro.org at this time).
64+
65+One of the users is a sftp/push user, and another is the trigger user that
66+shuffles the files around.
67+
68+Current users and their configurations:
69+
70+ * linaro-android-build-publish
71+ /etc/ssh/user-authorized-keys/linaro-android-build-publish
72+
73+ command="/usr/lib/sftp-server",no-pty,no-port-forwarding,\
74+ no-X11-forwarding,no-agent-forwarding,from="50.17.250.69" \
75+ <PUBLIC-SSH-KEY-DATA>
76+
77+ (chrooted to /srv/snapshots.linaro.org/uploads/)
78+
79+ * linaro-android-build-publish-trigger:
80+
81+ /etc/ssh/user-authorized-keys/linaro-android-build-publish-trigger
82+
83+ command="/home/linaro-android-build-publish-trigger/scripts\
84+ /trigger-linaro-android-build-publish.sh \
85+ ${SSH_ORIGINAL_COMMAND#* }",\
86+ no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,
87+ from="50.17.250.69" <PUBLIC-SSH-KEY-DATA>
88+
89+ The script being executed passes parameters to publish_to_snapshots
90+ which moves files from /uploads/ into appropriate public directory:
91+
92+ #!/bin/sh
93+ if [ "$(id -un)" != "linaro-android-build-publish-trigger" ]; then
94+ echo "This script is designed to be run as linaro-android-build-publish-trigger user"
95+ exit 1
96+ fi
97+ sudo -u linaro-android-build-publish /home/linaro-android-build-publish/linaro-license-protection/scripts/publish_to_snapshots.py "$@"
98+
99+ * linaro-ci-publish
100+
101+ Exactly the same as linaro-android-build-publish, except for the IP
102+ (allowing ci.linaro.org from 50.17.200.206) and SSH key data.
103+
104+ * linaro-ci-publish-trigger
105+
106+ Like linaro-android-build-publish-trigger, with different IP
107+ and SSH key data. Script lives in
108+
109+ /home/linaro-ci-publish-trigger/scripts/trigger-linaro-ci-publish.sh
110+
111+ and is of similar structure to the one for the user
112+ linaro-android-build-publish-trigger.
113+
114+android-build.linaro.org
115+........................
116+
117+Runs Jenkins and uses SFTP plugin to access the above two users. Private
118+keys live in
119+
120+ /home/ubuntu/snapshots-sync2/linaro-android-build-publish —
121+ linaro-android-build-publish
122+ /home/ubuntu/snapshots-sync2/linaro-android-build-publish-trigger —
123+ linaro-android-build-publish-trigger
124+
125+To ensure serialization of steps, and allow LAVA submission, these happen as
126+build steps, and not as publishing steps.
127+
128+Deployment steps
129+----------------
130+
131+This documents our current deployment while at the same time representing
132+an example production deployment.
133+
134+1. Install the dependencies
135+ (see the "Dependencies" section)
136+
137+2. Get the code
138+
139+ mkdir -p /srv/shared-branches
140+ cd /srv/shared-branches
141+ bzr branch lp:linaro-license-protection
142+
143+ (we are actually using http URLs since lp: defaults to bzr+ssh which
144+ doesn't work on system accounts)
145+
146+3. Get the configuration
147+
148+ Configuration files for deploying to snapshots.linaro.org,
149+ releases.linaro.org, staging.snapshots.linaro.org
150+ and staging.releases.linaro.org all live in
151+
152+ lp:linaro-license-protection/configs
153+
154+ We need to branch that into /srv/shared-branches as well:
155+
156+ cd /srv/shared-branches
157+ bzr branch lp:linaro-license-protection/configs linaro-license-protection-configs
158+
159+4. Checkout branches for the services you want to use:
160+
161+ (cd /srv/staging.snapshots.linaro.org &&
162+ bzr checkout /srv/shared-branches/linaro-license-protection-configs configs &&
163+ bzr checkout /srv/shared-branches/linaro-license-protection)
164+
165+ Replace "/srv/staging.snapshots.linaro.org" with one of
166+ /srv/staging.releases.linaro.org
167+ /srv/snapshots.linaro.org
168+ /srv/releases.linaro.org
169+
170+ depending on the service you are deploying.
171+
172+ If you use these paths, none of the config files will need updating.
173+
174+5. Configure apache2
175+
176+ Make sure mod-xsendfile and mod-python are enabled.
177+ Copy appropriate
178+ /srv/staging.snapshots.linaro.org/configs/apache/staging.snapshots.linaro.org
179+ files to /etc/apache2/sites-available
180+
181+ Copy apache/security/ directory to /etc/apache2/security (it contains OpenID group
182+ mappings, etc).
183+
184+ Add appropriate NameVirtualHost directive to
185+
186+ /etc/apache2/sites-enabled/000-default
187+
188+ Run "a2ensite staging.snapshots.linaro.org".
189+
190+ You also need to set up SSL certificate for *snapshots.linaro.org.
191+
192+6. Create databases and set up static files
193+
194+ Make sure appropriate configs/django directory is in the PYTHONPATH
195+ and set DJANGO_SETTINGS_MODULE and then run django-admin:
196+
197+ export PYTHONPATH=/srv/staging.snapshots.linaro.org:/srv/staging.snapshots.linaro.org/linaro-license-protection:/srv/staging.snapshots.linaro.org/configs/django
198+ export DJANGO_SETTINGS_MODULE=settings_staging_snapshots
199+ mkdir -p /srv/staging.snapshots.linaro.org/db
200+ django-admin syncdb --noinput
201+ django-admin collectstatic --noinput
202+
203+7. Set up a cron job to keep code updating automatically
204+
205+ You may want to automatically keep code up to date (mostly for staging)
206+ instances.
207+
208+ There is
209+
210+ scripts/update-deployment.py
211+
212+ from lp:linaro-license-protection which can be run from a cronjob to keep
213+ the above deployment always up to date.
214+
215+8. Ensure license_protected_downloads/config.py contains relevant white-listed
216+ IP addresses:
217+
218+ For releases.linaro.org:
219+ * android-build.linaro.org (50.17.250.69)
220+ * validation.linaro.org (213.123.120.124)
221
222=== renamed file 'README' => 'README.moved'
223=== added directory 'apache'
224=== added file 'apache/releases.linaro.org'
225--- apache/releases.linaro.org 1970-01-01 00:00:00 +0000
226+++ apache/releases.linaro.org 2013-09-26 10:45:13 +0000
227@@ -0,0 +1,39 @@
228+<VirtualHost 91.189.95.16:80>
229+ Alias /static/ /srv/releases.linaro.org/linaro-license-protection/static/
230+ DocumentRoot /srv/releases.linaro.org/www
231+ ServerName releases.linaro.org
232+ ServerAdmin webmaster@linaro.org
233+ CustomLog /var/log/apache2/releases.linaro.org-access.log combined
234+ ErrorLog /var/log/apache2/releases.linaro.org-error.log
235+
236+ <Directory /srv/releases.linaro.org/linaro-license-protection/static>
237+ Order deny,allow
238+ Allow from all
239+ </Directory>
240+
241+ <Directory /srv/releases.linaro.org/www>
242+ Order deny,allow
243+ Allow from all
244+ </Directory>
245+
246+ XSendFile on
247+ XSendFilePath /srv/releases.linaro.org/www
248+
249+ WSGIScriptAlias / /srv/releases.linaro.org/configs/wsgi/wsgi_releases.py
250+ WSGIDaemonProcess linaro-license-protection-releases
251+
252+ <Directory /srv/releases.linaro.org/configs/wsgi>
253+ <Files wsgi_releases.py>
254+ Order deny,allow
255+ Allow from all
256+ </Files>
257+ </Directory>
258+
259+ <Directory />
260+ IndexOptions NameWidth=* +SuppressDescription
261+ Options +Indexes +FollowSymLinks
262+ IndexIgnore favicon.ico HEADER.html
263+ AllowOverride FileInfo Indexes
264+ </Directory>
265+
266+</VirtualHost>
267
268=== added directory 'apache/security'
269=== added file 'apache/security/all-private-hwpack-teams.txt'
270--- apache/security/all-private-hwpack-teams.txt 1970-01-01 00:00:00 +0000
271+++ apache/security/all-private-hwpack-teams.txt 2013-09-26 10:45:13 +0000
272@@ -0,0 +1,5 @@
273+linaro-landing-team-freescale
274+linaro-landing-team-samsung
275+linaro-landing-team-ste
276+linaro-landing-team-ti
277+linaro-landing-team-arm
278
279=== added file 'apache/security/allowed-ops.txt'
280--- apache/security/allowed-ops.txt 1970-01-01 00:00:00 +0000
281+++ apache/security/allowed-ops.txt 2013-09-26 10:45:13 +0000
282@@ -0,0 +1,1 @@
283+Ubuntu=https://login.ubuntu.com
284
285=== added file 'apache/security/arm-private-hwpack-teams.txt'
286--- apache/security/arm-private-hwpack-teams.txt 1970-01-01 00:00:00 +0000
287+++ apache/security/arm-private-hwpack-teams.txt 2013-09-26 10:45:13 +0000
288@@ -0,0 +1,1 @@
289+linaro-landing-team-arm
290
291=== added file 'apache/security/freescale-private-hwpack-teams.txt'
292--- apache/security/freescale-private-hwpack-teams.txt 1970-01-01 00:00:00 +0000
293+++ apache/security/freescale-private-hwpack-teams.txt 2013-09-26 10:45:13 +0000
294@@ -0,0 +1,1 @@
295+linaro-landing-team-freescale
296
297=== added file 'apache/security/linaro-android-teams.txt'
298--- apache/security/linaro-android-teams.txt 1970-01-01 00:00:00 +0000
299+++ apache/security/linaro-android-teams.txt 2013-09-26 10:45:13 +0000
300@@ -0,0 +1,2 @@
301+linaro
302+linaro-android-restricted
303
304=== added file 'apache/security/linaro-teams.txt'
305--- apache/security/linaro-teams.txt 1970-01-01 00:00:00 +0000
306+++ apache/security/linaro-teams.txt 2013-09-26 10:45:13 +0000
307@@ -0,0 +1,1 @@
308+linaro
309
310=== added file 'apache/security/mservices.linaro.org-teams.txt'
311--- apache/security/mservices.linaro.org-teams.txt 1970-01-01 00:00:00 +0000
312+++ apache/security/mservices.linaro.org-teams.txt 2013-09-26 10:45:13 +0000
313@@ -0,0 +1,2 @@
314+linaro-member-services-leadership
315+canonical-sysadmins
316
317=== added file 'apache/security/samsung-private-hwpack-teams.txt'
318--- apache/security/samsung-private-hwpack-teams.txt 1970-01-01 00:00:00 +0000
319+++ apache/security/samsung-private-hwpack-teams.txt 2013-09-26 10:45:13 +0000
320@@ -0,0 +1,1 @@
321+linaro-landing-team-samsung
322
323=== added file 'apache/security/ste-private-hwpack-teams.txt'
324--- apache/security/ste-private-hwpack-teams.txt 1970-01-01 00:00:00 +0000
325+++ apache/security/ste-private-hwpack-teams.txt 2013-09-26 10:45:13 +0000
326@@ -0,0 +1,1 @@
327+linaro-landing-team-ste
328
329=== added file 'apache/security/ti-private-hwpack-teams.txt'
330--- apache/security/ti-private-hwpack-teams.txt 1970-01-01 00:00:00 +0000
331+++ apache/security/ti-private-hwpack-teams.txt 2013-09-26 10:45:13 +0000
332@@ -0,0 +1,1 @@
333+linaro-landing-team-ti
334
335=== added file 'apache/snapshots.linaro.org'
336--- apache/snapshots.linaro.org 1970-01-01 00:00:00 +0000
337+++ apache/snapshots.linaro.org 2013-09-26 10:45:13 +0000
338@@ -0,0 +1,165 @@
339+<VirtualHost 91.189.95.16:80 91.189.95.247:80>
340+
341+ Alias /static/ /srv/snapshots.linaro.org/linaro-license-protection/static/
342+ DocumentRoot /srv/snapshots.linaro.org/www
343+ ServerName snapshots.linaro.org
344+ ServerAdmin webmaster@linaro.org
345+ CustomLog /var/log/apache2/snapshots.linaro.org-access.log combined
346+ ErrorLog /var/log/apache2/snapshots.linaro.org-error.log
347+
348+ # SSL + OpenID for these:
349+ Redirect /hwpacks https://snapshots.linaro.org/hwpacks
350+ Redirect /android/~linaro-android-private https://snapshots.linaro.org/android/~linaro-android-private
351+ Redirect /android/~linaro-android-restricted https://snapshots.linaro.org/android/~linaro-android-restricted
352+ Redirect /precise/restricted https://snapshots.linaro.org/precise/restricted
353+
354+ <Directory /srv/snapshots.linaro.org/linaro-license-protection/static>
355+ Order deny,allow
356+ Allow from all
357+ </Directory>
358+
359+ <Directory /srv/snapshots.linaro.org/www>
360+ Order deny,allow
361+ Allow from all
362+ </Directory>
363+
364+ XSendFile on
365+ XSendFilePath /srv/snapshots.linaro.org/www
366+
367+ WSGIScriptAlias / /srv/snapshots.linaro.org/configs/wsgi/wsgi_snapshots.py
368+ WSGIDaemonProcess linaro-license-protection-snapshots
369+
370+ <Directory /srv/snapshots.linaro.org/configs/wsgi>
371+ <Files wsgi_snapshots.py>
372+ Order deny,allow
373+ Allow from all
374+ </Files>
375+ </Directory>
376+
377+ <Directory />
378+ IndexOptions NameWidth=* +SuppressDescription
379+ Options +Indexes +FollowSymLinks
380+ IndexIgnore favicon.ico HEADER.html
381+ AllowOverride FileInfo Indexes
382+ </Directory>
383+
384+</VirtualHost>
385+
386+<VirtualHost 91.189.95.247:443>
387+
388+ Alias /static/ /srv/snapshots.linaro.org/linaro-license-protection/static/
389+ DocumentRoot /srv/snapshots.linaro.org/www
390+ ServerName snapshots.linaro.org
391+ ServerAdmin webmaster@linaro.org
392+ CustomLog /var/log/apache2/snapshots.linaro.org-access.log combined
393+ ErrorLog /var/log/apache2/snapshots.linaro.org-error.log
394+
395+ SSLEngine On
396+ SSLCertificateFile /etc/apache2/ssl/snapshots.linaro.org.crt
397+ SSLCertificateKeyFile /etc/apache2/ssl/snapshots.linaro.org.key
398+ SSLCertificateChainFile /etc/apache2/ssl/gd_bundle.crt
399+
400+ <Directory /srv/snapshots.linaro.org/linaro-license-protection/static>
401+ Order deny,allow
402+ Allow from all
403+ </Directory>
404+
405+ <Directory /srv/snapshots.linaro.org/www>
406+ Order deny,allow
407+ Allow from all
408+ </Directory>
409+
410+ XSendFile on
411+ XSendFilePath /srv/snapshots.linaro.org/www
412+
413+ WSGIScriptAlias / /srv/snapshots.linaro.org/configs/wsgi/wsgi_snapshots.py
414+ WSGIDaemonProcess linaro-license-protection-snapshots-ssl
415+
416+ <Directory /srv/snapshots.linaro.org/configs/wsgi>
417+ <Files wsgi_snapshots.py>
418+ Order deny,allow
419+ Allow from all
420+ </Files>
421+ </Directory>
422+
423+ <Directory />
424+ IndexOptions NameWidth=* +SuppressDescription
425+ Options +Indexes +FollowSymLinks
426+ IndexIgnore favicon.ico HEADER.html
427+ AllowOverride FileInfo Indexes
428+ </Directory>
429+
430+ <Location "/hwpacks">
431+ PythonAccessHandler apache_openid::protect
432+ PythonOption handler openidteams
433+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/all-private-hwpack-teams.txt"
434+ PythonOption action-path "/openid/"
435+ </Location>
436+
437+ <Location "/openid/">
438+ Allow from all
439+ SetHandler mod_python
440+ PythonAccessHandler apache_openid::protect
441+ PythonOption handler openidteams
442+ PythonOption store-type file
443+ PythonOption store-directory /var/cache/apache2/openid/
444+ PythonOption allowed-op-list-url "file:///etc/apache2/security/allowed-ops.txt"
445+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/all-private-hwpack-teams.txt"
446+ PythonOption action-path "/openid/"
447+ </Location>
448+
449+ <Location "/android/~linaro-android-restricted">
450+ PythonAccessHandler apache_openid::protect
451+ PythonOption handler openidteams
452+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/linaro-teams.txt"
453+ PythonOption action-path "/openid/"
454+ </Location>
455+
456+ <Location "/precise/restricted">
457+ PythonAccessHandler apache_openid::protect
458+ PythonOption handler openidteams
459+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/linaro-teams.txt"
460+ PythonOption action-path "/openid/"
461+ </Location>
462+
463+ Alias /hwpacks/freescale /srv/landing-teams/hwpacks/freescale
464+ <Location "/hwpacks/freescale">
465+ PythonAccessHandler apache_openid::protect
466+ PythonOption handler openidteams
467+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/freescale-private-hwpack-teams.txt"
468+ PythonOption action-path "/openid/"
469+ </Location>
470+
471+ Alias /hwpacks/samsung /srv/landing-teams/hwpacks/samsung
472+ <Location "/hwpacks/samsung">
473+ PythonAccessHandler apache_openid::protect
474+ PythonOption handler openidteams
475+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/samsung-private-hwpack-teams.txt"
476+ PythonOption action-path "/openid/"
477+ </Location>
478+
479+ Alias /hwpacks/ste /srv/landing-teams/hwpacks/ste
480+ <Location "/hwpacks/ste">
481+ PythonAccessHandler apache_openid::protect
482+ PythonOption handler openidteams
483+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/ste-private-hwpack-teams.txt"
484+ PythonOption action-path "/openid/"
485+ </Location>
486+
487+ Alias /hwpacks/ti /srv/landing-teams/hwpacks/ti
488+ <Location "/hwpacks/ti">
489+ PythonAccessHandler apache_openid::protect
490+ PythonOption handler openidteams
491+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/ti-private-hwpack-teams.txt"
492+ PythonOption action-path "/openid/"
493+ </Location>
494+
495+ Alias /hwpacks/arm /srv/landing-teams/hwpacks/arm
496+ <Location "/hwpacks/arm">
497+ PythonAccessHandler apache_openid::protect
498+ PythonOption handler openidteams
499+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/arm-private-hwpack-teams.txt"
500+ PythonOption action-path "/openid/"
501+ </Location>
502+
503+</VirtualHost>
504
505=== added file 'apache/staging.releases.linaro.org'
506--- apache/staging.releases.linaro.org 1970-01-01 00:00:00 +0000
507+++ apache/staging.releases.linaro.org 2013-09-26 10:45:13 +0000
508@@ -0,0 +1,39 @@
509+<VirtualHost 91.189.95.80:80>
510+ Alias /static/ /srv/staging.releases.linaro.org/linaro-license-protection/static/
511+ DocumentRoot /srv/staging.releases.linaro.org/www
512+ ServerName staging.releases.linaro.org
513+ ServerAdmin webmaster@linaro.org
514+ CustomLog /var/log/apache2/staging.releases.linaro.org-access.log combined
515+ ErrorLog /var/log/apache2/staging.releases.linaro.org-error.log
516+
517+ <Directory /srv/staging.releases.linaro.org/linaro-license-protection/static>
518+ Order deny,allow
519+ Allow from all
520+ </Directory>
521+
522+ <Directory /srv/staging.releases.linaro.org/www>
523+ Order deny,allow
524+ Allow from all
525+ </Directory>
526+
527+ XSendFile on
528+ XSendFilePath /srv/staging.releases.linaro.org/www
529+
530+ WSGIScriptAlias / /srv/staging.releases.linaro.org/configs/wsgi/wsgi_staging_releases.py
531+ WSGIDaemonProcess linaro-license-protection-staging-releases
532+
533+ <Directory /srv/staging.releases.linaro.org/configs/wsgi>
534+ <Files wsgi_staging_releases.py>
535+ Order deny,allow
536+ Allow from all
537+ </Files>
538+ </Directory>
539+
540+ <Directory />
541+ IndexOptions NameWidth=* +SuppressDescription
542+ Options +Indexes +FollowSymLinks
543+ IndexIgnore favicon.ico HEADER.html
544+ AllowOverride FileInfo Indexes
545+ </Directory>
546+
547+</VirtualHost>
548
549=== added file 'apache/staging.snapshots.linaro.org'
550--- apache/staging.snapshots.linaro.org 1970-01-01 00:00:00 +0000
551+++ apache/staging.snapshots.linaro.org 2013-09-26 10:45:13 +0000
552@@ -0,0 +1,164 @@
553+<VirtualHost 91.189.95.80:80>
554+
555+ Alias /static/ /srv/staging.snapshots.linaro.org/linaro-license-protection/static/
556+ DocumentRoot /srv/staging.snapshots.linaro.org/www
557+ ServerName staging.snapshots.linaro.org
558+ ServerAdmin webmaster@linaro.org
559+ CustomLog /var/log/apache2/staging.snapshots.linaro.org-access.log combined
560+ ErrorLog /var/log/apache2/staging.snapshots.linaro.org-error.log
561+
562+ Redirect /hwpacks https://staging.snapshots.linaro.org/hwpacks
563+ Redirect /precise/restricted https://staging.snapshots.linaro.org/precise/restricted
564+ Redirect /android/~linaro-android-private https://staging.snapshots.linaro.org/android/~linaro-android-private
565+ Redirect /android/~linaro-android-restricted https://staging.snapshots.linaro.org/android/~linaro-android-restricted
566+
567+ <Directory /srv/staging.snapshots.linaro.org/linaro-license-protection/static>
568+ Order deny,allow
569+ Allow from all
570+ </Directory>
571+
572+ <Directory /srv/staging.snapshots.linaro.org/www>
573+ Order deny,allow
574+ Allow from all
575+ </Directory>
576+
577+ XSendFile on
578+ XSendFilePath /srv/staging.snapshots.linaro.org/www
579+
580+ WSGIScriptAlias / /srv/staging.snapshots.linaro.org/configs/wsgi/wsgi_staging_snapshots.py
581+ WSGIDaemonProcess linaro-license-protection-staging-snapshots
582+
583+ <Directory /srv/staging.snapshots.linaro.org/configs/wsgi>
584+ <Files wsgi_staging_snapshots.py>
585+ Order deny,allow
586+ Allow from all
587+ </Files>
588+ </Directory>
589+
590+ <Directory />
591+ IndexOptions NameWidth=* +SuppressDescription
592+ Options +Indexes +FollowSymLinks
593+ IndexIgnore favicon.ico HEADER.html
594+ AllowOverride FileInfo Indexes
595+ </Directory>
596+
597+</VirtualHost>
598+
599+<VirtualHost 91.189.95.80:443>
600+
601+ Alias /static/ /srv/staging.snapshots.linaro.org/linaro-license-protection/static/
602+ DocumentRoot /srv/staging.snapshots.linaro.org/www
603+ ServerName staging.snapshots.linaro.org
604+ ServerAdmin webmaster@linaro.org
605+ CustomLog /var/log/apache2/staging.snapshots.linaro.org-access.log combined
606+ ErrorLog /var/log/apache2/staging.snapshots.linaro.org-error.log
607+
608+ SSLEngine On
609+ SSLCertificateFile /etc/apache2/ssl/staging.snapshots.linaro.org.pem
610+
611+ <Directory /srv/staging.snapshots.linaro.org/linaro-license-protection/static>
612+ Order deny,allow
613+ Allow from all
614+ </Directory>
615+
616+ <Directory /srv/staging.snapshots.linaro.org/www>
617+ Order deny,allow
618+ Allow from all
619+ </Directory>
620+
621+ XSendFile on
622+ XSendFilePath /srv/staging.snapshots.linaro.org/www
623+
624+ WSGIScriptAlias / /srv/staging.snapshots.linaro.org/configs/wsgi/wsgi_staging_snapshots.py
625+ WSGIDaemonProcess linaro-license-protection-staging-snapshots-ssl
626+
627+ <Directory /srv/staging.snapshots.linaro.org/configs/wsgi>
628+ <Files wsgi_staging_snapshots.py>
629+ Order deny,allow
630+ Allow from all
631+ </Files>
632+ </Directory>
633+
634+ <Directory />
635+ IndexOptions NameWidth=* +SuppressDescription
636+ Options +Indexes +FollowSymLinks
637+ IndexIgnore favicon.ico HEADER.html
638+ AllowOverride FileInfo Indexes
639+ </Directory>
640+
641+ <Location "/hwpacks">
642+ PythonAccessHandler apache_openid::protect
643+ PythonOption handler openidteams
644+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/all-private-hwpack-teams.txt"
645+ PythonOption action-path "/openid/"
646+ </Location>
647+
648+ <Location "/openid/">
649+ Allow from all
650+ SetHandler mod_python
651+ PythonAccessHandler apache_openid::protect
652+ PythonOption handler openidteams
653+ PythonOption store-type file
654+ PythonOption store-directory /var/cache/apache2/openid/
655+ PythonOption allowed-op-list-url "file:///etc/apache2/security/allowed-ops.txt"
656+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/all-private-hwpack-teams.txt"
657+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/linaro-teams.txt"
658+ PythonOption action-path "/openid/"
659+ </Location>
660+
661+ <Location "/precise/restricted">
662+ PythonAccessHandler apache_openid::protect
663+ PythonOption handler openidteams
664+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/linaro-teams.txt"
665+ PythonOption action-path "/openid/"
666+ </Location>
667+
668+ Alias /hwpacks/freescale /srv/landing-teams/hwpacks/freescale
669+ <Location "/hwpacks/freescale">
670+ PythonAccessHandler apache_openid::protect
671+ PythonOption handler openidteams
672+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/freescale-private-hwpack-teams.txt"
673+ PythonOption action-path "/openid/"
674+ </Location>
675+
676+ Alias /hwpacks/samsung /srv/landing-teams/hwpacks/samsung
677+ <Location "/hwpacks/samsung">
678+ PythonAccessHandler apache_openid::protect
679+ PythonOption handler openidteams
680+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/samsung-private-hwpack-teams.txt"
681+ PythonOption action-path "/openid/"
682+ </Location>
683+
684+ Alias /hwpacks/ste /srv/landing-teams/hwpacks/ste
685+ <Location "/hwpacks/ste">
686+ PythonAccessHandler apache_openid::protect
687+ PythonOption handler openidteams
688+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/ste-private-hwpack-teams.txt"
689+ PythonOption action-path "/openid/"
690+ </Location>
691+
692+ Alias /hwpacks/ti /srv/landing-teams/hwpacks/ti
693+ <Location "/hwpacks/ti">
694+ PythonAccessHandler apache_openid::protect
695+ PythonOption handler openidteams
696+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/ti-private-hwpack-teams.txt"
697+ PythonOption action-path "/openid/"
698+ </Location>
699+
700+ Alias /hwpacks/arm /srv/landing-teams/hwpacks/arm
701+ <Location "/hwpacks/arm">
702+ PythonAccessHandler apache_openid::protect
703+ PythonOption handler openidteams
704+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/arm-private-hwpack-teams.txt"
705+ PythonOption action-path "/openid/"
706+ </Location>
707+
708+ <Location "/android/~linaro-android-restricted">
709+ PythonAccessHandler apache_openid::protect
710+ PythonOption handler openidteams
711+ PythonOption authorized-teams-list-url "file:///etc/apache2/security/linaro-teams.txt"
712+ PythonOption action-path "/openid/"
713+ </Location>
714+
715+
716+</VirtualHost>
717
718=== added directory 'django'
719=== added file 'django/settings_releases.py'
720--- django/settings_releases.py 1970-01-01 00:00:00 +0000
721+++ django/settings_releases.py 2013-09-26 10:45:13 +0000
722@@ -0,0 +1,59 @@
723+# Settings for releases.linaro.org.
724+
725+from settings import *
726+
727+DEBUG = False
728+
729+ROOT_URLCONF = 'urls'
730+
731+DATABASES = {
732+ 'default': {
733+ 'ENGINE': 'django.db.backends.sqlite3',
734+ 'NAME': '/srv/releases.linaro.org/db/licenses.db',
735+ 'USER': '',
736+ 'PASSWORD': '',
737+ 'HOST': '',
738+ 'PORT': '',
739+ }
740+}
741+
742+TEMPLATE_DIRS = (
743+ os.path.join(PROJECT_ROOT, "templates_releases" ),
744+ os.path.join(PROJECT_ROOT, "templates" ),
745+ )
746+
747+SERVED_PATHS = ['/srv/releases.linaro.org/www']
748+UPLOAD_PATH = '/srv/releases.linaro.org/uploads'
749+
750+# Render TEXTILE files settings.
751+LINUX_FILES = ('README.textile',
752+ 'INSTALL.textile',
753+ 'HACKING.textile',
754+ 'FIRMWARE.textile',
755+ 'FASTMODELS.textile',
756+ 'RTSM.textile')
757+
758+ANDROID_FILES = ('HOWTO_releasenotes.txt',
759+ 'HOWTO_install.txt',
760+ 'HOWTO_getsourceandbuild.txt',
761+ 'HOWTO_flashfirmware.txt',
762+ 'HOWTO_rtsm.txt')
763+
764+FILES_MAP = {'HOWTO_releasenotes.txt': 'Release Notes',
765+ 'HOWTO_install.txt': 'Binary Image Installation',
766+ 'HOWTO_getsourceandbuild.txt': 'Building From Source',
767+ 'HOWTO_flashfirmware.txt': 'Firmware',
768+ 'HOWTO_rtsm.txt': 'RTSM',
769+ 'README.textile': 'Release Notes',
770+ 'INSTALL.textile': 'Binary Image Installation',
771+ 'HACKING.textile': 'Building From Source',
772+ 'FIRMWARE.textile': 'Firmware',
773+ 'FASTMODELS.textile': 'Fastmodels',
774+ 'RTSM.textile': 'RTSM'}
775+
776+TAB_PRIORITY = ['Release Notes',
777+ 'Binary Image Installation',
778+ 'Building From Source',
779+ 'Firmware',
780+ 'Fastmodels',
781+ 'RTSM']
782
783=== added file 'django/settings_snapshots.py'
784--- django/settings_snapshots.py 1970-01-01 00:00:00 +0000
785+++ django/settings_snapshots.py 2013-09-26 10:45:13 +0000
786@@ -0,0 +1,59 @@
787+# Settings for snapshots.linaro.org.
788+
789+from settings import *
790+
791+DEBUG = False
792+
793+ROOT_URLCONF = 'urls'
794+
795+DATABASES = {
796+ 'default': {
797+ 'ENGINE': 'django.db.backends.sqlite3',
798+ 'NAME': '/srv/snapshots.linaro.org/db/licenses.db',
799+ 'USER': '',
800+ 'PASSWORD': '',
801+ 'HOST': '',
802+ 'PORT': '',
803+ }
804+}
805+
806+TEMPLATE_DIRS = (
807+ os.path.join(PROJECT_ROOT, "templates_snapshots" ),
808+ os.path.join(PROJECT_ROOT, "templates" ),
809+ )
810+
811+SERVED_PATHS = ['/srv/snapshots.linaro.org/www']
812+UPLOAD_PATH = '/srv/snapshots.linaro.org/uploads'
813+
814+# Render TEXTILE files settings.
815+LINUX_FILES = ('README',
816+ 'INSTALL',
817+ 'HACKING',
818+ 'FIRMWARE',
819+ 'FASTMODELS',
820+ 'RTSM')
821+
822+ANDROID_FILES = ('HOWTO_releasenotes.txt',
823+ 'HOWTO_install.txt',
824+ 'HOWTO_getsourceandbuild.txt',
825+ 'HOWTO_flashfirmware.txt',
826+ 'HOWTO_rtsm.txt')
827+
828+FILES_MAP = {'HOWTO_releasenotes.txt': 'Release Notes',
829+ 'HOWTO_install.txt': 'Binary Image Installation',
830+ 'HOWTO_getsourceandbuild.txt': 'Building From Source',
831+ 'HOWTO_flashfirmware.txt': 'Firmware',
832+ 'HOWTO_rtsm.txt': 'RTSM',
833+ 'README': 'Release Notes',
834+ 'INSTALL': 'Binary Image Installation',
835+ 'HACKING': 'Building From Source',
836+ 'FIRMWARE': 'Firmware',
837+ 'FASTMODELS': 'Fastmodels',
838+ 'RTSM': 'RTSM'}
839+
840+TAB_PRIORITY = ['Release Notes',
841+ 'Binary Image Installation',
842+ 'Building From Source',
843+ 'Firmware',
844+ 'Fastmodels',
845+ 'RTSM']
846
847=== added file 'django/settings_staging_releases.py'
848--- django/settings_staging_releases.py 1970-01-01 00:00:00 +0000
849+++ django/settings_staging_releases.py 2013-09-26 10:45:13 +0000
850@@ -0,0 +1,43 @@
851+# Settings for staging.releases.linaro.org.
852+
853+from settings import *
854+
855+DATABASES = {
856+ 'default': {
857+ 'ENGINE': 'django.db.backends.sqlite3',
858+ 'NAME': '/srv/staging.releases.linaro.org/db/licenses.db',
859+ 'USER': '',
860+ 'PASSWORD': '',
861+ 'HOST': '',
862+ 'PORT': '',
863+ }
864+}
865+
866+TEMPLATE_DIRS = (
867+ os.path.join(PROJECT_ROOT, "templates_releases" ),
868+ os.path.join(PROJECT_ROOT, "templates" ),
869+ )
870+
871+SERVED_PATHS = ['/srv/staging.releases.linaro.org/www']
872+UPLOAD_PATH = '/srv/staging.releases.linaro.org/uploads'
873+
874+# Render TEXTILE files settings.
875+LINUX_FILES = ('README.textile',
876+ 'INSTALL.textile',
877+ 'HACKING.textile',
878+ 'FIRMWARE.textile',
879+ 'FASTMODELS.textile',
880+ 'RTSM.textile')
881+
882+FILES_MAP = {'HOWTO_releasenotes.txt': 'Release Notes',
883+ 'HOWTO_install.txt': 'Binary Image Installation',
884+ 'HOWTO_getsourceandbuild.txt': 'Building From Source',
885+ 'HOWTO_flashfirmware.txt': 'Firmware',
886+ 'HOWTO_rtsm.txt': 'RTSM',
887+ 'README.textile': 'Release Notes',
888+ 'INSTALL.textile': 'Binary Image Installation',
889+ 'HACKING.textile': 'Building From Source',
890+ 'FIRMWARE.textile': 'Firmware',
891+ 'FASTMODELS.textile': 'Fastmodels',
892+ 'RTSM.textile': 'RTSM'}
893+
894
895=== added file 'django/settings_staging_snapshots.py'
896--- django/settings_staging_snapshots.py 1970-01-01 00:00:00 +0000
897+++ django/settings_staging_snapshots.py 2013-09-26 10:45:13 +0000
898@@ -0,0 +1,22 @@
899+# Settings for staging.snapshots.linaro.org.
900+
901+from settings import *
902+
903+DATABASES = {
904+ 'default': {
905+ 'ENGINE': 'django.db.backends.sqlite3',
906+ 'NAME': '/srv/staging.snapshots.linaro.org/db/licenses.db',
907+ 'USER': '',
908+ 'PASSWORD': '',
909+ 'HOST': '',
910+ 'PORT': '',
911+ }
912+}
913+
914+TEMPLATE_DIRS = (
915+ os.path.join(PROJECT_ROOT, "templates_snapshots" ),
916+ os.path.join(PROJECT_ROOT, "templates" ),
917+ )
918+
919+SERVED_PATHS = ['/srv/staging.snapshots.linaro.org/www']
920+UPLOAD_PATH = '/srv/staging.snapshots.linaro.org/uploads'
921
922=== added directory 'wsgi'
923=== added file 'wsgi/wsgi_releases.py'
924--- wsgi/wsgi_releases.py 1970-01-01 00:00:00 +0000
925+++ wsgi/wsgi_releases.py 2013-09-26 10:45:13 +0000
926@@ -0,0 +1,19 @@
927+"""
928+WSGI config for license_protected_downloads project.
929+
930+This file configures WSGI for releases.linaro.org.
931+"""
932+import os
933+import sys
934+sys.path.append("/usr/lib/python2.7/dist-packages")
935+sys.path.append("/usr/lib/pymodules/python2.7")
936+sys.path.append("/usr/lib/python2.7")
937+
938+sys.path.append("/srv/releases.linaro.org")
939+sys.path.append("/srv/releases.linaro.org/linaro-license-protection")
940+sys.path.append("/srv/releases.linaro.org/configs/django")
941+
942+os.environ["DJANGO_SETTINGS_MODULE"] = "settings_releases"
943+
944+import django.core.handlers.wsgi
945+application = django.core.handlers.wsgi.WSGIHandler()
946
947=== added file 'wsgi/wsgi_snapshots.py'
948--- wsgi/wsgi_snapshots.py 1970-01-01 00:00:00 +0000
949+++ wsgi/wsgi_snapshots.py 2013-09-26 10:45:13 +0000
950@@ -0,0 +1,19 @@
951+"""
952+WSGI config for license_protected_downloads project.
953+
954+This file configures WSGI for snapshots.linaro.org.
955+"""
956+import os
957+import sys
958+sys.path.append("/usr/lib/python2.7/dist-packages")
959+sys.path.append("/usr/lib/pymodules/python2.7")
960+sys.path.append("/usr/lib/python2.7")
961+
962+sys.path.append("/srv/snapshots.linaro.org")
963+sys.path.append("/srv/snapshots.linaro.org/linaro-license-protection")
964+sys.path.append("/srv/snapshots.linaro.org/configs/django")
965+
966+os.environ["DJANGO_SETTINGS_MODULE"] = "settings_snapshots"
967+
968+import django.core.handlers.wsgi
969+application = django.core.handlers.wsgi.WSGIHandler()
970
971=== added file 'wsgi/wsgi_staging_releases.py'
972--- wsgi/wsgi_staging_releases.py 1970-01-01 00:00:00 +0000
973+++ wsgi/wsgi_staging_releases.py 2013-09-26 10:45:13 +0000
974@@ -0,0 +1,19 @@
975+"""
976+WSGI config for license_protected_downloads project.
977+
978+This file configures WSGI for staging.releases.linaro.org.
979+"""
980+import os
981+import sys
982+sys.path.append("/usr/lib/python2.7/dist-packages")
983+sys.path.append("/usr/lib/pymodules/python2.7")
984+sys.path.append("/usr/lib/python2.7")
985+
986+sys.path.append("/srv/staging.releases.linaro.org")
987+sys.path.append("/srv/staging.releases.linaro.org/linaro-license-protection")
988+sys.path.append("/srv/staging.releases.linaro.org/configs/django")
989+
990+os.environ["DJANGO_SETTINGS_MODULE"] = "settings_staging_releases"
991+
992+import django.core.handlers.wsgi
993+application = django.core.handlers.wsgi.WSGIHandler()
994
995=== added file 'wsgi/wsgi_staging_snapshots.py'
996--- wsgi/wsgi_staging_snapshots.py 1970-01-01 00:00:00 +0000
997+++ wsgi/wsgi_staging_snapshots.py 2013-09-26 10:45:13 +0000
998@@ -0,0 +1,19 @@
999+"""
1000+WSGI config for license_protected_downloads project.
1001+
1002+This file configures WSGI for staging.snapshots.linaro.org.
1003+"""
1004+import os
1005+import sys
1006+sys.path.append("/usr/lib/python2.7/dist-packages")
1007+sys.path.append("/usr/lib/pymodules/python2.7")
1008+sys.path.append("/usr/lib/python2.7")
1009+
1010+sys.path.append("/srv/staging.snapshots.linaro.org")
1011+sys.path.append("/srv/staging.snapshots.linaro.org/linaro-license-protection")
1012+sys.path.append("/srv/staging.snapshots.linaro.org/configs/django")
1013+
1014+os.environ["DJANGO_SETTINGS_MODULE"] = "settings_staging_snapshots"
1015+
1016+import django.core.handlers.wsgi
1017+application = django.core.handlers.wsgi.WSGIHandler()

Subscribers

People subscribed via source and target branches