mrtoth/baseimage-tutorial-framework
1
0
Fork 0
mirror of https://github.com/avatao-content/baseimage-tutorial-framework synced 2024-11-22 18:51:31 +00:00
Code Issues Releases Wiki Activity

Implement TFW & challenge solver user separation

Browse Source
This commit is contained in:
Kristóf Tóth 2018-04-04 17:43:18 +02:00
parent 68fc4ca050
commit 19f819c142
3 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile
View File

@ -53,14 +53,17 @@ COPY nginx/nginx.conf ${TFW_NGINX_CONF}
COPY nginx/default.conf ${TFW_NGINX_DEFAULT} COPY nginx/default.conf ${TFW_NGINX_DEFAULT}
COPY lib ${TFW_LIB_DIR} COPY lib ${TFW_LIB_DIR}
RUN for dir in "${TFW_LIB_DIR}" "/etc/nginx" "/etc/supervisor"; do \
chown -R root:root "$dir" && chmod -R 700 "$dir"; \
done
ONBUILD ARG BUILD_CONTEXT="." ONBUILD ARG BUILD_CONTEXT="."
ONBUILD ARG NOFRONTEND="" ONBUILD ARG NOFRONTEND=""
ONBUILD COPY ${BUILD_CONTEXT}/nginx/components/ ${TFW_NGINX_COMPONENTS} ONBUILD COPY ${BUILD_CONTEXT}/nginx/components/ ${TFW_NGINX_COMPONENTS}
ONBUILD COPY ${BUILD_CONTEXT}/supervisor/components/ ${TFW_SUPERVISORD_COMPONENTS} ONBUILD COPY ${BUILD_CONTEXT}/supervisor/components/ ${TFW_SUPERVISORD_COMPONENTS}
ONBUILD RUN chown -R ${AVATAO_USER} /var/log/nginx /var/lib/nginx &&\ ONBUILD RUN for f in "${TFW_NGINX_DEFAULT}" ${TFW_NGINX_COMPONENTS}/*.conf; do \
for f in "${TFW_NGINX_DEFAULT}" ${TFW_NGINX_COMPONENTS}/*.conf; do \
envsubst "$(printenv | cut -d= -f1 | grep TFW_ | sed -e 's/^/$/g')" < $f > $f~ && mv $f~ $f ;\ envsubst "$(printenv | cut -d= -f1 | grep TFW_ | sed -e 's/^/$/g')" < $f > $f~ && mv $f~ $f ;\
done done
ONBUILD VOLUME ["/etc/nginx", "/var/lib/nginx", "/var/log/nginx"] ONBUILD VOLUME ["/etc/nginx", "/var/lib/nginx", "/var/log/nginx"]

3
lib/tfw/components/terminado_event_handler.py
View File

@ -5,6 +5,7 @@ from tfw.components.terminado_mini_server import TerminadoMiniServer
from tfw.event_handler_base import TriggerlessEventHandler from tfw.event_handler_base import TriggerlessEventHandler
from tfw.config import TFWENV from tfw.config import TFWENV
from tfw.config.logs import logging from tfw.config.logs import logging
from tao.config import TAOENV
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
@ -14,7 +15,7 @@ class TerminadoEventHandler(TriggerlessEventHandler):
super().__init__(key) super().__init__(key)
self.working_directory = TFWENV.TERMINADO_DIR self.working_directory = TFWENV.TERMINADO_DIR
self._historymonitor = monitor self._historymonitor = monitor
self.terminado_server = TerminadoMiniServer('/terminal', TFWENV.TERMINADO_PORT, TFWENV.TERMINADO_WD, ['bash']) self.terminado_server = TerminadoMiniServer('/terminal', TFWENV.TERMINADO_PORT, TFWENV.TERMINADO_WD, ['sudo', '-u', TAOENV.USER, 'bash'])
self.commands = {'write': self.write, self.commands = {'write': self.write,
'read': self.read} 'read': self.read}
if self._historymonitor: if self._historymonitor:

2
supervisor/supervisord.conf
View File

@ -1,5 +1,5 @@
[supervisord] [supervisord]
user=user user=root
logfile = /tmp/supervisord.log logfile = /tmp/supervisord.log
loglevel = debug loglevel = debug
pidfile = /tmp/supervisord.pid pidfile = /tmp/supervisord.pid