abradshaw · June 17, 2020 10:03
diff --git a/Taiga for EL8 b/Taiga for EL8
 #!/bin/bash

 # Stop on error
 set -e
 # Stop on unitialized variables
 set -u
 # Stop on failed pipes
 set -o pipefail

 IP_ADDR=$(ip a s ens3| grep "inet "| awk '{ print $2}'| cut -d "/" -f1)

 #take care of selinx and the firewall
 setsebool -P httpd_read_user_content 1
 setsebool -P httpd_can_network_connect 1

 dnf install -y policycoreutils-python-utils bash-completion vim git python36

 semanage port -m -t http_port_t -p tcp 8000
 semanage port -a -t http_port_t -p tcp 8001

 firewall-cmd --add-service http --permanent
 firewall-cmd --add-port 8001/tcp --permanent
 firewall-cmd --reload




 # yum install -y gcc autoconf flex bison libjpeg-turbo-devel freetype-devel zlib-devel zeromq3-devel gdbm-devel ncurses-devel automake libtool libffi-devel curl git tmux libxml2-devel libxslt-devel wget openssl-devel gcc-c++

 #PostgreSQL 9.5 (pulls in scl-utils as a dep)
 dnf install -y postgresql-server postgresql-server-devel  

 postgresql-setup --initdb

 systemctl enable postgresql --now


 #PostgreSQL initDB setting
 cd /home
 su postgres -c "createuser taiga"
 su postgres -c "createdb taiga -O taiga"



 #taiga add
 adduser taiga

 #taiga-back
 cd /home/taiga
 git clone https://github.com/taigaio/taiga-back.git taiga-back
 cd taiga-back/
 git checkout stable

 pip3 install --upgrade pip
 su taiga -c "pip3 install -r requirements.txt"

 mkdir -p /home/taiga/taiga-back/media/user/
 chmod 755 /home/taiga/taiga-back/media/user/
 chown -R taiga:taiga /home/taiga/

 su taiga -c "python3 manage.py migrate --noinput"
 su taiga -c "python3 manage.py loaddata initial_user"
 su taiga -c "python3 manage.py loaddata initial_project_templates"
 #su taiga -c "python3 manage.py loaddata initial_role"
 su taiga -c "python3 manage.py compilemessages"
 su taiga -c "python3 manage.py collectstatic --noinput"

 cat >> /home/taiga/taiga-back/settings/local.py << EOF
 from .development import *
 from .common import *

 MEDIA_URL = "http://${IP_ADDR}/media/"
 STATIC_URL = "http://${IP_ADDR}/static/"
 ADMIN_MEDIA_PREFIX = "http://${IP_ADDR}/static/admin/"
 SITES["front"]["scheme"] = "http"
 SITES["front"]["domain"] = "${IP_ADDR}"

 SECRET_KEY = "theveryultratopsecretkey"

 DEBUG = False
 TEMPLATE_DEBUG = False
 PUBLIC_REGISTER_ENABLED = True

 DEFAULT_FROM_EMAIL = "[email protected]"
 SERVER_EMAIL = DEFAULT_FROM_EMAIL
 EOF

 #taiga-front
 cd /home/taiga
 git clone https://github.com/taigaio/taiga-front-dist.git taiga-front-dist
 cd taiga-front-dist/
 git checkout stable
 cd dist/

 #lets try not doing this first (I mean keep localhost)
 # sed -e "s%localhost:8000%%" conf.example.json > conf.json
 ## 2020/06 updated
 sed -e "s%http://localhost:8000%%" conf.example.json > conf.json


 #circus
 cd /home/taiga

 dnf install -y nginx

 cat > /etc/nginx/nginx.conf << 'EOF'
 # For more information on configuration, see:
 #   * Official English Documentation: http://nginx.org/en/docs/

 user nginx;
 worker_processes auto;
 error_log /var/log/nginx/error.log;
 pid /run/nginx.pid;

 # Load dynamic modules. See /usr/share/nginx/README.dynamic.
 include /usr/share/nginx/modules/*.conf;

 events {
    worker_connections 1024;
 }

 http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;

 }
 EOF

 cat > /etc/nginx/conf.d/taiga.conf <<'EOF'
 server {
    listen 80 default_server;
    listen 8000 default_server;
    server_name _;

    large_client_header_buffers 4 32k;
    client_max_body_size 50M;
    charset utf-8;

    access_log /var/log/nginx/taiga-nginx.access.log;
    error_log /var/log/nginx/taiga-nginx.error.log;

    # Frontend
    location / {
        root /home/taiga/taiga-front-dist/dist/;
        try_files $uri $uri/ /index.html;
    }

    # Backend
    location /api {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8001/api;
        proxy_redirect off;
    }

    # Django admin access (/admin/)
    location /admin {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8001$request_uri;
        proxy_redirect off;
   }

    # Static files
    location /static {
        alias /home/taiga/taiga-back/static;
    }

    # Media files
    location /media {
        alias /home/taiga/taiga-back/media;
    }
 }
 EOF
 

 cat > /etc/systemd/system/taiga.service <<EOF
 [Unit]
 Description=Taiga Service
 After=network.target

 [Service]
 Type=simple
 User=taiga
 WorkingDirectory=/home/taiga/taiga-back
 ExecStart=/usr/bin/python3 /home/taiga/taiga-back/manage.py runserver 127.0.0.1:8001

 Restart=on-abort

 [Install]
 WantedBy=multi-user.target
 EOF

 # final steps 

 chown -R taiga:taiga /home/taiga/
 chmod o+x /home/taiga/
 chmod o+rx ~taiga/taiga-back/media


 # now some systmectl stuff
 systemctl daemon-reload

 systemctl restart nginx taiga
 systemctl enable nginx taiga
	#!/bin/bash

	# Stop on error
	set -e
	# Stop on unitialized variables
	set -u
	# Stop on failed pipes
	set -o pipefail

	IP_ADDR=$(ip a s ens3\| grep "inet "\| awk '{ print $2}'\| cut -d "/" -f1)

	#take care of selinx and the firewall
	setsebool -P httpd_read_user_content 1
	setsebool -P httpd_can_network_connect 1

	dnf install -y policycoreutils-python-utils bash-completion vim git python36

	semanage port -m -t http_port_t -p tcp 8000
	semanage port -a -t http_port_t -p tcp 8001

	firewall-cmd --add-service http --permanent
	firewall-cmd --add-port 8001/tcp --permanent
	firewall-cmd --reload




	# yum install -y gcc autoconf flex bison libjpeg-turbo-devel freetype-devel zlib-devel zeromq3-devel gdbm-devel ncurses-devel automake libtool libffi-devel curl git tmux libxml2-devel libxslt-devel wget openssl-devel gcc-c++

	#PostgreSQL 9.5 (pulls in scl-utils as a dep)
	dnf install -y postgresql-server postgresql-server-devel

	postgresql-setup --initdb

	systemctl enable postgresql --now


	#PostgreSQL initDB setting
	cd /home
	su postgres -c "createuser taiga"
	su postgres -c "createdb taiga -O taiga"



	#taiga add
	adduser taiga

	#taiga-back
	cd /home/taiga
	git clone https://github.com/taigaio/taiga-back.git taiga-back
	cd taiga-back/
	git checkout stable

	pip3 install --upgrade pip
	su taiga -c "pip3 install -r requirements.txt"

	mkdir -p /home/taiga/taiga-back/media/user/
	chmod 755 /home/taiga/taiga-back/media/user/
	chown -R taiga:taiga /home/taiga/

	su taiga -c "python3 manage.py migrate --noinput"
	su taiga -c "python3 manage.py loaddata initial_user"
	su taiga -c "python3 manage.py loaddata initial_project_templates"
	#su taiga -c "python3 manage.py loaddata initial_role"
	su taiga -c "python3 manage.py compilemessages"
	su taiga -c "python3 manage.py collectstatic --noinput"

	cat >> /home/taiga/taiga-back/settings/local.py << EOF
	from .development import *
	from .common import *

	MEDIA_URL = "http://${IP_ADDR}/media/"
	STATIC_URL = "http://${IP_ADDR}/static/"
	ADMIN_MEDIA_PREFIX = "http://${IP_ADDR}/static/admin/"
	SITES["front"]["scheme"] = "http"
	SITES["front"]["domain"] = "${IP_ADDR}"

	SECRET_KEY = "theveryultratopsecretkey"

	DEBUG = False
	TEMPLATE_DEBUG = False
	PUBLIC_REGISTER_ENABLED = True

	DEFAULT_FROM_EMAIL = "[email protected]"
	SERVER_EMAIL = DEFAULT_FROM_EMAIL
	EOF

	#taiga-front
	cd /home/taiga
	git clone https://github.com/taigaio/taiga-front-dist.git taiga-front-dist
	cd taiga-front-dist/
	git checkout stable
	cd dist/

	#lets try not doing this first (I mean keep localhost)
	# sed -e "s%localhost:8000%%" conf.example.json > conf.json
	## 2020/06 updated
	sed -e "s%http://localhost:8000%%" conf.example.json > conf.json


	#circus
	cd /home/taiga

	dnf install -y nginx

	cat > /etc/nginx/nginx.conf << 'EOF'
	# For more information on configuration, see:
	# * Official English Documentation: http://nginx.org/en/docs/

	user nginx;
	worker_processes auto;
	error_log /var/log/nginx/error.log;
	pid /run/nginx.pid;

	# Load dynamic modules. See /usr/share/nginx/README.dynamic.
	include /usr/share/nginx/modules/*.conf;

	events {
	worker_connections 1024;
	}

	http {
	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

	access_log /var/log/nginx/access.log main;

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	include /etc/nginx/conf.d/*.conf;

	}
	EOF

	cat > /etc/nginx/conf.d/taiga.conf <<'EOF'
	server {
	listen 80 default_server;
	listen 8000 default_server;
	server_name _;

	large_client_header_buffers 4 32k;
	client_max_body_size 50M;
	charset utf-8;

	access_log /var/log/nginx/taiga-nginx.access.log;
	error_log /var/log/nginx/taiga-nginx.error.log;

	# Frontend
	location / {
	root /home/taiga/taiga-front-dist/dist/;
	try_files $uri $uri/ /index.html;
	}

	# Backend
	location /api {
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Scheme $scheme;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_pass http://127.0.0.1:8001/api;
	proxy_redirect off;
	}

	# Django admin access (/admin/)
	location /admin {
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Scheme $scheme;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_pass http://127.0.0.1:8001$request_uri;
	proxy_redirect off;
	}

	# Static files
	location /static {
	alias /home/taiga/taiga-back/static;
	}

	# Media files
	location /media {
	alias /home/taiga/taiga-back/media;
	}
	}
	EOF


	cat > /etc/systemd/system/taiga.service <<EOF
	[Unit]
	Description=Taiga Service
	After=network.target

	[Service]
	Type=simple
	User=taiga
	WorkingDirectory=/home/taiga/taiga-back
	ExecStart=/usr/bin/python3 /home/taiga/taiga-back/manage.py runserver 127.0.0.1:8001

	Restart=on-abort

	[Install]
	WantedBy=multi-user.target
	EOF

	# final steps

	chown -R taiga:taiga /home/taiga/
	chmod o+x /home/taiga/
	chmod o+rx ~taiga/taiga-back/media


	# now some systmectl stuff
	systemctl daemon-reload

	systemctl restart nginx taiga
	systemctl enable nginx taiga