I wrestled with SELinux, Apache, and TurboGears today and finally got the packageDB TurboGears instance running[1]_. If you're interested, the pieces are running behind Apache on test3. You can access it via ssh tunnel. On your machine:: ssh -L 8888:test3:80 bastion
Then browse to http://localhost:8888/pkgdb/
The TuurboGears code resides on test3 in /var/www/repo/fedora-packagedb and has several parts:
pkgdb.conf: The httpd conf file to Proxy requests to the pkgdb directory to the TurboGears Server. It also contains a custom 503 error handler that calls our autostart cgi.
tg-autostart.cgi: When the turbogears server isn't running already, this script gets invoked to start it up. I was not able to get this to run with FC-5's apache but more tweaking now that I have it working on FC-6 might create something that works.
http.avc: This file has the AVC messages that deny the autostart.cgi. Running `audit2allow -M httpd -i http.avc; semodule -i httpd.pp` should get SELinux setup to allow this.
pkgdb/dev.cfg: I had to set: server.socket_port=8080 server.socket_host="localhost" in order for TurboGears to work under FC-6.
Hope this helps if you're planning to deploy a TurboGears app on an infrastructure box. dgilmore, c4chris: if you get up to speed on kid templates or python programming, this should be set to dive into. (I'll get back to work on importing the data now.)
-Toshio
[1]_ : Note that the PackageDB app isn't written yet, this is just a heads up that I've gotten all the pieces for a TurboGears application to start up.
First of all, good to hear that we are having progress with the new website tools. :)
I'd like to help in the creation of the new tools, so here I am, asking questions about 'em.
O/H Toshio Kuratomi έγραψε:
I wrestled with SELinux, Apache, and TurboGears today and finally got the packageDB TurboGears instance running[1]_. If you're interested, the pieces are running behind Apache on test3. You can access it via ssh tunnel. On your machine:: ssh -L 8888:test3:80 bastion
I guess this should be (for the rest of us) something like:
ssh -L 8888:test3:80 bastion.fedora.redhat.com
I get the following error:
ssh_exchange_identification: Connection closed by remote host
Then browse to http://localhost:8888/pkgdb/
[...] Hope this helps if you're planning to deploy a TurboGears app on an infrastructure box. dgilmore, c4chris: if you get up to speed on kid templates or python programming, this should be set to dive into. (I'll get back to work on importing the data now.)
Toshio, can you please give us a bit more details/advices for the whole thing? I am relatively new in Python & Infrastructure and completely new in turbogears, but would nevertheless like to try and help out.
-d
On 10/15/06, Dimitris Glezos dimitris@glezos.com wrote:
First of all, good to hear that we are having progress with the new website tools. :)
I'd like to help in the creation of the new tools, so here I am, asking questions about 'em.
O/H Toshio Kuratomi έγραψε:
I wrestled with SELinux, Apache, and TurboGears today and finally got the packageDB TurboGears instance running[1]_. If you're interested, the pieces are running behind Apache on test3. You can access it via ssh tunnel. On your machine:: ssh -L 8888:test3:80 bastion
I guess this should be (for the rest of us) something like:
ssh -L 8888:test3:80 bastion.fedora.redhat.comI get the following error:
ssh_exchange_identification: Connection closed by remote hostThen browse to http://localhost:8888/pkgdb/
[...] Hope this helps if you're planning to deploy a TurboGears app on an infrastructure box. dgilmore, c4chris: if you get up to speed on kid templates or python programming, this should be set to dive into. (I'll get back to work on importing the data now.)
Toshio, can you please give us a bit more details/advices for the whole thing? I am relatively new in Python & Infrastructure and completely new in turbogears, but would nevertheless like to try and help out.
-d
One thing we could do is add a proxypass on our proxy servers to the host and make it available at admin.fedoraproject.org/tg-test/ or something. Toshio, what do you think?
-Mike
On Sun, 2006-10-15 at 10:41 -0500, Mike McGrath wrote:
On 10/15/06, Dimitris Glezos dimitris@glezos.com wrote:
First of all, good to hear that we are having progress with the new website tools. :)
I'd like to help in the creation of the new tools, so here I am, asking questions about 'em.
O/H Toshio Kuratomi έγραψε:
I wrestled with SELinux, Apache, and TurboGears today and finally got the packageDB TurboGears instance running[1]_. If you're interested, the pieces are running behind Apache on test3. You can access it via ssh tunnel. On your machine:: ssh -L 8888:test3:80 bastion
I guess this should be (for the rest of us) something like:
ssh -L 8888:test3:80 bastion.fedora.redhat.comI get the following error:
ssh_exchange_identification: Connection closed by remote host
Unfortunately, this won't work without an infrastructure account. Mike has a solution to that, though:
One thing we could do is add a proxypass on our proxy servers to the host and make it available at admin.fedoraproject.org/tg-test/ or something. Toshio, what do you think?
That should work fine and solves the immediate problem of letting people who are currently not involved in infrastructure try things out. In order to work on projects with people not yet in infrastructure we'll want to get people access to the code as well. I have a bazaar repository for the packagedb currently:
bzr branch http://www.tiki-lounge.com/~toshio/fedora/fedora-packagedb
I'll move that into our infrastructure at some point but it should work fine for now. (Bazaar is a distributed system like mercurial and git so it should be easy for people to branch and pass changes back and forth.)
The latest version should work with TurboGears 1.0b1 on either FC-5 or FC-6. (TG-1.0 hasn't been built for Extras yet but all the required packages are in so it shouldn't be much longer :-)
-Toshio
On Mon, Oct 16, 2006 at 03:53:10PM -0700, Toshio Kuratomi wrote:
The latest version should work with TurboGears 1.0b1 on either FC-5 or FC-6. (TG-1.0 hasn't been built for Extras yet but all the required packages are in so it shouldn't be much longer :-)
-Toshio
TurboGears-1.0b1 is now in the Extras devel tree.
luke
On Sun, 15 Oct 2006 03:55:05 -0700, Toshio Kuratomi wrote:
I wrestled with SELinux, Apache, and TurboGears today and finally got the packageDB TurboGears instance running[1]_. If you're interested, the pieces are running behind Apache on test3. You can access it via ssh tunnel. On your machine:: ssh -L 8888:test3:80 bastion
Then browse to http://localhost:8888/pkgdb/
WorksForMe ! Great :-)
dgilmore, c4chris: if you get up to speed on kid templates or python programming, this should be set to dive into. (I'll get back to work on importing the data now.)
Got a question here: how do you link a BZ ticket number, plus some approval info, to the "package approved" log entry ?
I can try to produce a list in tab-delimited (or other if you prefer) format: - package name - submitted by - submitted date - approved by - approved date - BZ id
For older reviews, I could try to dig the info from the mailing list archives...
What do you think ?
C
On Tue, 2006-10-17 at 13:25 +0200, Christian Iseli wrote:
On Sun, 15 Oct 2006 03:55:05 -0700, Toshio Kuratomi wrote:
I wrestled with SELinux, Apache, and TurboGears today and finally got the packageDB TurboGears instance running[1]_. If you're interested, the pieces are running behind Apache on test3. You can access it via ssh tunnel. On your machine:: ssh -L 8888:test3:80 bastion
Then browse to http://localhost:8888/pkgdb/
WorksForMe ! Great :-)
dgilmore, c4chris: if you get up to speed on kid templates or python programming, this should be set to dive into. (I'll get back to work on importing the data now.)
Got a question here: how do you link a BZ ticket number, plus some approval info, to the "package approved" log entry ?
I can try to produce a list in tab-delimited (or other if you prefer) format:
- package name
- submitted by
- submitted date
- approved by
- approved date
- BZ id
For older reviews, I could try to dig the info from the mailing list archives...
What do you think ?
I like it. I don't think we have a field for the bugzilla id ATM. We could add it to the Log table (so any log entry could have an optional ticket_number associated with it) or add it to the Package (so the Package has a review_ticket field).
I'm leaning towards adding it to the Package table, does that seem right to you?
-Toshio
infrastructure@lists.fedoraproject.org
-
Christian Iseli -
Dimitris Glezos -
Luke Macken -
Mike McGrath -
Toshio Kuratomi