Merge branch 'main' into musician

orchestra/contrib/databases/forms.py

@@ -8,6 +8,7 @@ from django.utils.translation import gettext_lazy as _
 from orchestra.core import validators
 
 from .models import DatabaseUser, Database
+from .settings import DATABASES_SERVERS
 
 
 class DatabaseUserCreationForm(forms.ModelForm):
@@ -22,6 +23,11 @@ class DatabaseUserCreationForm(forms.ModelForm):
         model = DatabaseUser
         fields = ('username', 'account', 'type')
 
+    def __init__(self, *args, **kwargs):
+        super(DatabaseUserCreationForm, self).__init__(*args, **kwargs)
+        qsServer =  self.fields['target_server'].queryset.filter(name__in=DATABASES_SERVERS)
+        self.fields['target_server'].queryset = qsServer
+
     def clean_password2(self):
         password1 = self.cleaned_data.get("password1")
         password2 = self.cleaned_data.get("password2")
@@ -74,6 +80,10 @@ class DatabaseCreationForm(DatabaseUserCreationForm):
     def __init__(self, *args, **kwargs):
         super(DatabaseCreationForm, self).__init__(*args, **kwargs)
         account_id = self.initial.get('account', self.initial_account)
+        
+        qsServer =  self.fields['target_server'].queryset.filter(name__in=DATABASES_SERVERS)
+        self.fields['target_server'].queryset = qsServer
+        
         if account_id:
             qs = self.fields['user'].queryset.filter(account=account_id).order_by('username')
             choices = [ (u.pk, "%s (%s) (%s)" % (u, u.get_type_display(), str(u.target_server.name) )) for u in qs ]

orchestra/contrib/databases/settings.py

@@ -27,3 +27,12 @@ DATABASES_DEFAULT_HOST = Setting('DATABASES_DEFAULT_HOST',
 DATABASES_MYSQL_DB_DIR = Setting('DATABASES_MYSQL_DB_DIR',
     '/var/lib/mysql',
 )
+
+
+DATABASES_SERVERS = Setting('DATABASES_SERVERS', (
+    'wpmu',
+    'mysql.pangea.lan',
+    'web-11.pangea.lan',
+    'web-12.pangea.lan',
+    )
+)

orchestra/contrib/resources/models.py

@@ -198,8 +198,10 @@ class ResourceData(models.Model):
             ('content_type', 'object_id'),
         )
 
+    # def __str__(self):
+    #     return "%s: %s" % (self.resource, self.content_object)
     def __str__(self):
-        return "%s: %s" % (self.resource, self.content_object)
+        return "%s" % (self.content_object)
 
     @property
     def unit(self):

orchestra/contrib/saas/backends/nextcloud.py

@@ -10,6 +10,8 @@ from django.utils.translation import gettext_lazy as _
 
 from orchestra.contrib.orchestration import ServiceController
 from orchestra.contrib.resources import ServiceMonitor
+from orchestra.contrib.resources.models import ResourceData
+from orchestra.contrib.saas.models import SaaS
 
 from . import ApacheTrafficByName
 from .. import settings
@@ -52,11 +54,31 @@ class NextCloudAPIMixin(object):
     def create(self, saas):
         data = {
             'userid': saas.name,
-            'password': saas.password
+            'password': saas.password,
         }
         self.api_post('users', data)
 
-    def update(self, saas):
+    def update_group(self, saas):
+        data = {
+            'groupid': saas.account.username
+        }
+        try:
+            self.api_get('groups/%s' % saas.account.username)
+        except RuntimeError:
+            self.api_post('groups', data)
+        self.api_post(f'users/{saas.name}/groups', data)
+    
+    def update_quota(self, saas):
+        if hasattr(saas, 'resources') and hasattr(saas.resources, 'nextcloud-disk'):
+            resource = getattr(saas.resources, 'nextcloud-disk')
+            quotaValue = f"{resource.allocated}G" if resource.allocated > 0 else "default"
+            data = {
+                'key': "quota",
+                'value': quotaValue
+            }
+            self.api_put(f'users/{saas.name}', data)
+
+    def update_password(self, saas):
         """
         key: email|quota|display|password
         value: el valor a modificar.
@@ -70,6 +92,12 @@ class NextCloudAPIMixin(object):
         }
         self.api_put('users/%s' % saas.name, data)
 
+    def disable_user(self, saas):
+        self.api_put('users/%s/disable' % saas.name)
+    
+    def enable_user(self, saas):
+        self.api_put('users/%s/enable' % saas.name)
+    
     def get_user(self, saas):
         """
         {
@@ -112,19 +140,27 @@ class NextCloudController(NextCloudAPIMixin, ServiceController):
         try:
             self.api_get('users/%s' % saas.name)
         except RuntimeError:
-            if getattr(saas, 'password'):
+            if getattr(saas, 'password', None):
                 self.create(saas)
+                self.update_group(saas)
+                self.update_quota(saas)
             else:
                 raise
         else:
-            if getattr(saas, 'password'):
+            if getattr(saas, 'password', None):
-                self.update(saas)
+                self.update_password(saas)
+            else:
+                self.update_group(saas)
+                self.update_quota(saas)
+        if saas.is_active:        
+            self.enable_user(saas)
+        else:
+            self.disable_user(saas)
 
     def remove(self, saas, server):
         self.api_delete('users/%s' % saas.name)
     
     def save(self, saas):      
-        # TODO disable user https://github.com/owncloud/core/issues/12601
         self.append(self.update_or_create, saas)
           
     def delete(self, saas):

orchestra/contrib/webapps/admin.py

@@ -22,10 +22,30 @@ from .models import WebApp, WebAppOption
 from .options import AppOption
 from .types import AppType
 
+from django.db.models.signals import post_save
+from django.dispatch import receiver
+
+class WebAppOptionForm(forms.ModelForm):
+
+    class Meta:
+        model = WebAppOption
+        fields = '__all__'
+
+    # en las app de moodle el public-root sera siempre moodle
+    def clean(self):
+        data = self.cleaned_data
+        webapp = self.cleaned_data.get("webapp")
+        if webapp.type == 'moodle-php':
+            if self.cleaned_data.get("name") == 'public-root':
+                data['value'] = 'moodle'
+                data['DELETE'] = False
+        return data
+
 
 class WebAppOptionInline(admin.TabularInline):
     model = WebAppOption
     extra = 1
+    form = WebAppOptionForm
 
     OPTIONS_HELP_TEXT = {
         op.name: force_str(op.help_text) for op in AppOption.get_plugins()
@@ -124,4 +144,16 @@ class WebAppAdmin(SelectPluginAdminMixin, AccountAdminMixin, ExtendedModelAdmin)
                 obj.sftpuser = user
         super(WebAppAdmin, self).save_model(request, obj, form, change)
 
+    # fuerza a las app Moodle a crear public-root moodle
+    def response_add(self, request, obj, post_url_continue=None):
+        if obj.type == 'moodle-php':
+            mywebapp = WebApp.objects.get(id=obj.id)
+            WebAppOption.objects.update_or_create(
+                webapp=mywebapp, 
+                name='public-root',
+                defaults={'value':'moodle'}
+            )
+        return super().response_add(request, obj, post_url_continue)
+
 admin.site.register(WebApp, WebAppAdmin)
+

orchestra/contrib/webapps/backends/moodle.py

@@ -4,7 +4,8 @@ import textwrap
 from django.utils.translation import gettext_lazy as _
 
 from orchestra.contrib.orchestration import ServiceController, replace
-
+from django.template import Template, Context
+from orchestra.settings import NEW_SERVERS
 from .. import settings
 
 from . import WebAppServiceMixin
@@ -24,6 +25,23 @@ class MoodleController(WebAppServiceMixin, ServiceController):
     
     def save(self, webapp):
         context = self.get_context(webapp)
+        perms = Template(textwrap.dedent("""\
+            {% if sftpuser %}
+            chown -R {{sftpuser}}:{{sftpuser}} {{home}}/webapps/{{app_name}}
+            {% else %}
+            chown -R {{user}}:{{group}} {{home}}/webapps/{{app_name}}
+            {% endif %}
+            """
+        ))
+        linenohub = Template(textwrap.dedent("""\
+            {% if sftpuser %}
+            nohup su - {{sftpuser}} --shell /bin/bash << 'EOF' > $stdout 2> $stderr &
+            {% else %}
+            nohup su - {{user}} --shell /bin/bash << 'EOF' > $stdout 2> $stderr &
+            {% endif %}
+            """
+        ))
+        context.update({'perms' :  perms.render(Context(context)), 'linenohub' :  linenohub.render(Context(context)) })
         self.append(textwrap.dedent("""\
             if [[ $(ls "%(app_path)s" | wc -l) -gt 1 ]]; then
                 echo "App directory not empty." 2> /dev/null
@@ -33,6 +51,7 @@ class MoodleController(WebAppServiceMixin, ServiceController):
             # Prevent other backends from writting here
             touch %(app_path)s/.lock
             # Weekly caching
+            mkdir %(cms_cache_dir)s &> /dev/null || true
             moodle_date=$(date -r $(readlink %(cms_cache_dir)s/moodle) +%%s || echo 0)
             if [[ $moodle_date -lt $(($(date +%%s)-7*24*60*60)) ]]; then
                 moodle_url=$(wget https://download.moodle.org/releases/latest/ -O - -q \\
@@ -50,10 +69,15 @@ class MoodleController(WebAppServiceMixin, ServiceController):
             else
                 tar -xzvf %(cms_cache_dir)s/moodle -C %(app_path)s --strip-components=1
             fi
-            mkdir %(app_path)s/moodledata && {
+            # mkdir %(app_path)s/moodledata && {
-                chmod 750 %(app_path)s/moodledata
+            #     chmod 750 %(app_path)s/moodledata
-                echo -n 'order deny,allow\\ndeny from all' >  %(app_path)s/moodledata/.htaccess
+            #     echo -n 'order deny,allow\\ndeny from all' >  %(app_path)s/moodledata/.htaccess
+            # }
+            mkdir %(home)s/webapps/%(app_name)s/moodledata && {
+                chmod 750 %(home)s/webapps/%(app_name)s/moodledata
+                echo -n 'order deny,allow\\ndeny from all' >  %(home)s/webapps/%(app_name)s/moodledata/.htaccess
             }
+
             if [[ ! -e %(app_path)s/config.php ]]; then
                 cp %(app_path)s/config-dist.php %(app_path)s/config.php
                 sed -i "s#dbtype\s*= '.*#dbtype    = '%(db_type)s';#" %(app_path)s/config.php
@@ -61,24 +85,24 @@ class MoodleController(WebAppServiceMixin, ServiceController):
                 sed -i "s#dbname\s*= '.*#dbname    = '%(db_name)s';#" %(app_path)s/config.php
                 sed -i "s#dbuser\s*= '.*#dbuser    = '%(db_user)s';#" %(app_path)s/config.php
                 sed -i "s#dbpass\s*= '.*#dbpass    = '%(password)s';#" %(app_path)s/config.php
-                sed -i "s#dataroot\s*= '.*#dataroot    = '%(app_path)s/moodledata';#" %(app_path)s/config.php
+                sed -i "s#dataroot\s*= '.*#dataroot    = '%(home)s/webapps/%(app_name)s/moodledata';#" %(app_path)s/config.php
                 sed -i "s#wwwroot\s*= '.*#wwwroot    = '%(www_root)s';#" %(app_path)s/config.php
                 
             fi
             rm %(app_path)s/.lock
-            chown -R %(user)s:%(group)s %(app_path)s
+            # chown -R %(user)s:%(group)s %(app_path)s
+            %(perms)s
+            
             # Run install moodle cli command on the background, because it takes so long...
             stdout=$(mktemp)
             stderr=$(mktemp)
-            nohup su - %(user)s --shell /bin/bash << 'EOF' > $stdout 2> $stderr &
+            %(linenohub)s
-                php %(app_path)s/admin/cli/install_database.php \\
+                php  -d max_input_vars=5000  %(app_path)s/admin/cli/install_database.php \\
                     --fullname="%(site_name)s" \\
                     --shortname="%(site_name)s" \\
                     --adminpass="%(password)s" \\
                     --adminemail="%(email)s" \\
-                    --non-interactive \\
+                    --agree-license 
-                    --agree-license \\
-                    --allow-unstable
             EOF
             pid=$!
             sleep 2
@@ -95,14 +119,15 @@ class MoodleController(WebAppServiceMixin, ServiceController):
         context = super(MoodleController, self).get_context(webapp)
         contents = webapp.content_set.all()
         context.update({
-            'db_type': 'mysqli',
+            'db_type': 'mariadb',
             'db_name': webapp.data['db_name'],
             'db_user': webapp.data['db_user'],
             'password': webapp.data['password'],
-            'db_host': settings.WEBAPPS_DEFAULT_MYSQL_DATABASE_HOST,
+            'db_host': 'localhost' if webapp.target_server.name in NEW_SERVERS else settings.WEBAPPS_DEFAULT_MYSQL_DATABASE_HOST,
             'email': webapp.account.email,
             'site_name': "%s Courses" % webapp.account.get_full_name(),
             'cms_cache_dir': os.path.normpath(settings.WEBAPPS_CMS_CACHE_DIR),
-            'www_root': contents[0].website.get_absolute_url() if contents else 'http://empty'
+            'www_root': contents[0].website.get_absolute_url() if contents else 'http://empty',
+            'sftpuser':  webapp.sftpuser.username if webapp.target_server.name in NEW_SERVERS else None ,
         })
         return replace(context, '"', "'")

orchestra/contrib/webapps/types/misc.py

@@ -8,7 +8,7 @@ from orchestra.plugins.forms import ExtendedPluginDataForm, PluginDataForm
 from ..options import AppOption
 from . import AppType
 from .php import PHPApp, PHPAppForm, PHPAppSerializer
-
+from orchestra.settings import WEB_SERVERS
 
 class StaticApp(AppType):
     name = 'static'
@@ -27,6 +27,9 @@ class WebalizerAppform(PluginDataForm):
     def __init__(self, *args, **kwargs):
         super(WebalizerAppform, self).__init__(*args, **kwargs)
         self.fields['sftpuser'].widget = forms.HiddenInput()
+        if self.instance.id is None:
+            qsServer =  self.fields['target_server'].queryset.filter(name__in=WEB_SERVERS)
+            self.fields['target_server'].queryset = qsServer
 
 class WebalizerApp(AppType):
     name = 'webalizer'

orchestra/contrib/websites/backends/moodle.py

@@ -20,6 +20,6 @@ class MoodleWWWRootController(ServiceController):
     
     def get_context(self, content):
         return {
-            'url': content.get_absolute_url(),
+            'url': content.get_absolute_url()[:-1] if content.get_absolute_url()[-1] == '/' else content.get_absolute_url(),
             'app_path': content.webapp.get_path(),
         }

orchestra/contrib/websites/backends/wordpress.py

@@ -18,7 +18,7 @@ class WordPressURLController(ServiceController):
             self.append(textwrap.dedent("""\
                 mysql %(db_name)s -e 'UPDATE wp_options
                                       SET option_value="%(url)s"
-                                      WHERE option_id IN (1, 2) AND option_value="http:";'
+                                      WHERE option_id IN (1, 2) AND ( option_value="http:" OR option_value="%(wp_path)s" );'
                 """) % context
             )
     
@@ -35,6 +35,7 @@ class WordPressURLController(ServiceController):
         return {
             'url': content.get_absolute_url(),
             'db_name': content.webapp.data.get('db_name'),
+            'wp_path': f"http://{content.webapp.get_path()}" 
         }
 
 

orchestra/contrib/websites/forms.py

@@ -7,9 +7,18 @@ from orchestra.contrib.webapps.models import WebApp
 
 from .utils import normurlpath
 from .validators import validate_domain_protocol, validate_server_name
-
+from orchestra.settings import WEB_SERVERS
 
 class WebsiteAdminForm(forms.ModelForm):
+
+    def __init__(self, *args, **kwargs):
+        super(WebsiteAdminForm, self).__init__(*args, **kwargs)
+        if self.instance.id is None:
+            qsServer = self.fields['target_server'].queryset.filter(name__in=WEB_SERVERS)
+        else:
+            qsServer = self.fields['target_server'].queryset.filter(id=self.instance.target_server_id)
+        self.fields['target_server'].queryset = qsServer
+
     def clean(self):
         """ Prevent multiples domains on the same protocol """
         super(WebsiteAdminForm, self).clean()

orchestra/settings.py

@@ -99,7 +99,8 @@ NEW_SERVERS = Setting('NEW_SERVERS',
     )
 )
 
-WEB_SERVERS = Setting('WEBAPPS_SERVERS', (
+WEB_SERVERS = Setting('WEB_SERVERS', (
+    'wpmu',
     'web.pangea.lan',
     'web-ng',
     'web-11.pangea.lan',