Merge branch 'develop'

.travis.yml

@@ -6,9 +6,6 @@
 #   @unittest.skip("Unconditional skipping")
 #   @unittest.skipIf(os.getenv('CONTINUOUS_INTEGRATION', '') > '', reason='Travis VM')
 
-# The redidropper/startup/initializer.py does not need the env variable anymore
-#env: REDIDROPPER_CONFIG=~/build/ctsit/redi-dropper-client/app/deploy/application.conf
-
 # http://docs.travis-ci.com/user/migrating-from-legacy/
 sudo: false
 language: python
@@ -48,8 +45,8 @@ script:
     - pushd app
     - echo $TRAVIS_BUILD_DIR
     - ls -al deploy/
-    # put config file in the place expected by config.py
-    - cp deploy/sample.settings.conf deploy/settings.conf
+    # link the settings file to make it visible in config.py
+    - cp deploy/sample.vagrant.settings.conf deploy/settings.conf
     - python setup.py nosetests
     - popd
 

CHANGELOG.md

@@ -1,6 +1,30 @@
 # Change Log
 
+## [0.0.4] - 2016-01-21
+
+### Added
+* Add app/deploy/sample.virtualhost-ssl.conf because we need two apache config files (Andrei Sura)
+* Add support for saving the user email as a password (no password field is currently displayed)
+    Note: This password will be checked only if "local auth" is used (Andrei Sura)
+* Add doi link (Andrei Sura)
+
+### Changed
+* Rename `sample.vagrant.settings.conf` => `sample.vagrant.settings.conf` (Andrei Sura)
+* Remove space in app/deploy/sample.virtualhost.conf (Andrei Sura)
+* Rename `sample.settings.conf` -> sample.vagrant.settings.conf to properly refrlect the file's function (Andrei Sura)
+* Move config files to dot_files/aliases (Andrei Sura)
+
+
+# [0.0.3b] - 2015-08-31
+
+### Changed
+* Add option for accepting parent repo path (Ruchi Vivek Desai)
+* Restore click functionality for main page "getting started" (Andrei Sura)
+* Simplify sample.virtualhost.conf used on prod (Andrei Sura)
+
+
 ## [0.0.3a] - 2015-08-27
+
 ### Added
 * Add sample config files for deploying two application instances 
 Paths ==> `/alz` and `/onefl` (Andrei Sura)

README.md

@@ -1,4 +1,6 @@
-# RediDropper
+# REDI-Dropper
+
+[![DOI](https://zenodo.org/badge/doi/10.5281/zenodo.32500.svg)](http://dx.doi.org/10.5281/zenodo.32500)
 
 | Branch | [Travis-CI](https://travis-ci.org/ctsit/redi-dropper-client/builds) | [Coveralls](https://coveralls.io/github/ctsit/redi-dropper-client) |
 | :----- | :---------------------------: | :-------: |

app/db/002/data.sql

@@ -5,16 +5,15 @@ SET @end = CONCAT(CURDATE() + interval 6 month, ' 23:59:59');
 SET @end2 = CONCAT(CURDATE() - interval 1 month, ' 23:59:59');
 
 
+-- Note: there is no value inserted in the usrPasswordHash
 INSERT INTO User (usrEmail, usrFirst, usrLast, usrAddedAt, usrAccessExpiresAt, usrIsActive, usrEmailConfirmedAt)
 VALUES
     ('asura@ufl.edu',           'Andrei',       'Şérenfaü',                     NOW(), @end, 1, NOW()),
     ('kshanson@ufl.edu',        'Kevin',        'Hanson',                       NOW(), @end, 1, NOW()),
     ('cpb@ufl.edu',             'Christopher',  'Barnes',                       NOW(), @end2, 1, NOW()),
     ('pbc@ufl.edu',             'Philip',       'Chase',                        NOW(), @end, 0, NOW()),
     ('keyes@ufl.edu',           'Roy',          'Keyes',                        NOW(), @end, 0, NOW()),
-    ('taeber@ufl.edu',          'Taeber',       'Rapczak',                      NOW(), @end, 0, NOW()),
-    ('atloiaco@ufl.edu',        'Alex',         'Loiacono',                     NOW(), @end, 0, NOW()),
-    ('cavedivr@ufl.edu',        'Erik',         'Schmidt',                      NOW(), @end, 0, NOW())
+    ('taeber@ufl.edu',          'Taeber',       'Rapczak',                      NOW(), @end, 0, NOW())
 ;
 
 INSERT INTO Role (rolName, rolDescription)
@@ -35,27 +34,8 @@ UNION SELECT usrID, rolID, NOW() FROM User, Role WHERE usrEmail = 'cpb@ufl.edu'
 UNION SELECT usrID, rolID, NOW() FROM User, Role WHERE usrEmail = 'pbc@ufl.edu' AND rolName = 'technician'
 UNION SELECT usrID, rolID, NOW() FROM User, Role WHERE usrEmail = 'keyes@ufl.edu' AND rolName = 'technician'
 UNION SELECT usrID, rolID, NOW() FROM User, Role WHERE usrEmail = 'taeber@ufl.edu' AND rolName = 'technician'
-UNION SELECT usrID, rolID, NOW() FROM User, Role WHERE usrEmail = 'atloiaco@ufl.edu' AND rolName = 'technician'
-UNION SELECT usrID, rolID, NOW() FROM User, Role WHERE usrEmail = 'cavedivr@ufl.edu' AND rolName = 'technician'
 ;
 
--- REDCap Subjects (retrieve from server)
--- INSERT INTO Subject (sbjRedcapID, sbjAddedAt)
--- VALUES
---     ('001', NOW()),
---     ('002', NOW()),
---     ('003', NOW()),
---     ('004', NOW()),
---     ('005', NOW())
--- ;
-
-
--- REDCap event (retrieve from server)
--- INSERT INTO Event (evtRedcapArm, evtRedcapEvent, evtAddedAt)
---         SELECT 'Arm 1', 'Event 01', NOW()
--- UNION   SELECT 'Arm 1', 'Event 02', NOW()
--- ;
-
 
 -- Subject Files
 -- INSERT INTO SubjectFile (sbjID, evtID, sfFileName, sfFileCheckSum, sfFileSize, sfUploadedAt, usrID)

app/deploy/deploy.sh

@@ -18,13 +18,18 @@ INITIAL_DEPLOY_ONLY=no
 SHOW_HELP=no
 TAG_NUMBER=""
 
-set -- $(getopt hit: "$@")
+# folder for storing a local copy of the code
+REPO_PARENT_DIR=$HOME/git
+
+
+set -- $(getopt hit:r: "$@")
 while [ $# -gt 0 ]
     do
         case "$1" in
                 (-h) SHOW_HELP=yes;;
                 (-i) INITIAL_DEPLOY_ONLY=yes;;
                 (-t) TAG_NUMBER=$2; shift;;
+                (-r) REPO_PARENT_DIR=$2; shift;;
                 (--) shift; break;;
                 (-*) echo "$0: error - unrecognized option $1" 1>&2; exit 1;;
                 (*)  break;;
@@ -66,8 +71,6 @@ unset IFS
 
 eval export HOME=~$(id -un)
 
-# folder for storing a local copy of the code
-REPO_PARENT_DIR=$HOME/git
 REPO_DIR=$REPO_PARENT_DIR/redi-dropper-client
 GIT_REPO=https://github.com/ctsit/redi-dropper-client
 VENV_DIR=$HOME/venv

app/deploy/deploy_functions.sh

@@ -9,7 +9,7 @@ MSG_INSTALL="Please install it first"
 
 function usage() {
     echo "Usage: "
-    echo "   $0 [-i initial deployment] [-h help] [-t tag_number] target <staging|production>"
+    echo "   $0 [-i initial deployment] [-h help] -t tag_number [-r repo parent path] target <staging|production>"
 }
 
 function get_md5_exe() {

app/deploy/fabfile.py

@@ -136,16 +136,10 @@ def _is_prod():
     return env.environment == 'production'
 
 
-def _motd():
-    """Print the message of the day"""
-    print(MOTD_PROD if _is_prod() else MOTD_STAG)
-
-
 def bootstrap(tag='master'):
     """Bootstrap the deployment using the specified branch"""
     require('environment', provided_by=[production, staging])
-    _motd()
-
+    print(MOTD_PROD if _is_prod() else MOTD_STAG)
     msg = colors.red('\n%(project_path)s exists. '
                      'Do you want to continue anyway?' % env)
 
@@ -351,11 +345,16 @@ def mysql_reset_tables():
 
 
 def _toggle_apache_site(state):
-    """Switch site's status to enabled or disabled"""
+    """Switch site's status to enabled or disabled
+    Note: the `project_name` is used for referencing the config files
+    """
     action = "Enabling" if state else "Disabling"
     print('\n%s site...' % action)
     env.apache_command = 'a2ensite' if state else 'a2dissite'
     sudo('%(apache_command)s %(project_name)s' % env)
+
+    # We have to have the ssl config too because we use the NetScaler
+    sudo('%(apache_command)s %(project_name)s-ssl' % env)
     sudo('service apache2 reload')
 
 
@@ -433,6 +432,13 @@ def update_config(tag='master'):
                 'group': 'root'
             },
             2: {
+                'local': os.path.abspath('%(environment)s/virtualhost-ssl.conf'
+                                         % env),
+                'remote': env.vhost_ssl_file,
+                'mode': '644',
+                'group': 'root'
+            },
+            3: {
                 'local': local_settings_file,
                 'remote': env.settings_file,
                 'mode': '640'
@@ -479,7 +485,9 @@ def restart_wsgi_app():
 def check_app():
     """cURL the target server to check if the app is up"""
     require('environment', provided_by=[production, staging])
-    local('curl -sk https://%(project_url)s | grep "Version " ' % env)
+    local('curl -sk https://%(project_url)s | grep "Version " '
+          ' | grep -oE "[0-9.]{1,2}[0-9.]{1,2}[0-9a-z.]{1,4}" | head -1 ' % env)
+
 
 
 def print_project_repo():

app/deploy/sample.fabric.py

@@ -81,6 +81,8 @@ def get_settings(overrides={}):
     SETTINGS['server_group'] = 'app-runner'
     SETTINGS['vhost_file'] = ('/etc/apache2/sites-available/%(project_name)s' %
                               SETTINGS)
+    SETTINGS['vhost_ssl_file'] = ('/etc/apache2/sites-available/%(project_name)s-ssl' %
+                              SETTINGS)
     SETTINGS['wsgi_file'] = ('%(project_path)s/dropper.wsgi' %
                              SETTINGS)
     SETTINGS['settings_file'] = ('%(project_path)s/settings.conf' %

app/deploy/sample.virtualhost-ssl.conf

@@ -1,84 +1,34 @@
-<IfModule mod_ssl.c>
-ServerSignature off
-ServerTokens Prod
+#
+# Apache SSL config
+# @see NetScaler: https://www.citrix.com/products/netscaler-application-delivery-controller/overview/what-is-an-adc.html
+#
+
+##
+##  SSL Global Context
+##
+##  All SSL configuration in this context applies both to
+##  the main server and all SSL-enabled virtual hosts.
+##
+
+<VirtualHost _default_:443>
+    ServerName %(project_url)s:443
+    UseCanonicalName On
 
-
-
-
-<VirtualHost *:443>
-    ServerName %(project_url)s
-    Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
-
-    SSLEngine on
-	SSLProtocol All -SSLv2 -SSLv3
-    SSLCipherSuite AES256+EECDH:AES256+EDH:!aNULL:!eNULL
-    SSLCompression off
-    SSLCertificateFile    /etc/apache2/ssl/%(project_url)s.crt
-    SSLCertificateKeyFile /etc/apache2/ssl/%(project_url)s.key
-
-    # Possible values: debug, info, notice, warn, error, crit, alert, emerg.
     LogLevel warn
-    ServerAdmin webmaster@localhost
-    ErrorLog %(project_path)s/logs/error.log
-    CustomLog %(project_path)s/logs/access.log combined
-
-    ############################################################################
-    # @see https://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGIDaemonProcess
-    ###########################################################################
 
-#ALZ_INSTANCE_BEGIN
-    WSGIDaemonProcess %(project_name)s processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=%(env_path)s/lib/%(python)s/site-packages
-    WSGIProcessGroup %(project_name)s
-    WSGIScriptAlias /alz %(wsgi_file)s
-
-    <Directory "%(project_path)s">
-        WSGIScriptReloading On
-        WSGIProcessGroup %(project_name)s
-        WSGIApplicationGroup %%{GLOBAL}
-
-        Order deny,allow
-        Allow from all
-    </Directory>
-
-    Alias /alz/static %(project_repo_path)s/app/redidropper/static
-    <Directory "%(project_repo_path)s/app/redidropper/static/">
-        Order allow,deny
-        Allow from all
-    </Directory>
-#ALZ_INSTANCE_END
-
-#ONEFL_INSTANCE_BEGIN
-    WSGIDaemonProcess dropper_onefl user=www-data group=www-data processes=2 threads=3 stack-size=1048576 maximum-requests=500 inactivity-timeout=300 display-name=%%{GROUP} python-path=/srv/apps/dropper-onefl/env/lib/python2.7/site-packages
-    WSGIProcessGroup dropper_onefl
-    WSGIScriptAlias /onefl /srv/apps/dropper-onefl/dropper.wsgi
-
-    <Directory "/srv/apps/dropper-onefl">
-        WSGIScriptReloading On
-        WSGIProcessGroup dropper_onefl
-        WSGIApplicationGroup %%{GLOBAL}
+    SSLEngine on
+    SSLProtocol all -SSLv2 -SSLv3
+    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
 
-        Order deny,allow
-        Allow from all
-    </Directory>
+    SSLCertificateFile /etc/apache2/ssl/%(project_url)s.crt
+    SSLCertificateKeyFile /etc/apache2/ssl/%(project_url)s.key
 
-    Alias /onefl/static /srv/apps/dropper-onefl/src/current/app/redidropper/static
-    <Directory "/srv/apps/dropper-onefl/src/current/app/redidropper/static/">
-        Order allow,deny
-        Allow from all
-    </Directory>
-#ONEFL_INSTANCE_END
+    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
+        SSLOptions +StdEnvVars
+    </Files>
 
-    ###########################################################################
-    <Location />
-        AuthType shibboleth
-        ShibRequireSession Off
-        ShibUseHeaders On
-        # require valid-user
-        require shibboleth
-    </Location>
+    SetEnvIf User-Agent ".*MSIE.*" \
+             nokeepalive ssl-unclean-shutdown \
+             downgrade-1.0 force-response-1.0
 
-    Options -Indexes
-    SetOutputFilter DEFLATE
-    AddOutputFilterByType DEFLATE text/html text/css text/plain text/xml application/x-javascript
 </VirtualHost>
-</IfModule>