init with previous work

this repo is a reinitialization with a change in the concept

previous repo had git subtree of django-musician and django-orchestra,
that was too static for our interest

next approach is a script that pulls git repos, and that would be
needed if you want to build everything, if not, just with the docker
compose you would have enough for running the containers, hence,
downloading the images from the docker registry

.env.example

@@ -0,0 +1,6 @@
+ORCHESTRA_SECRET_KEY=
+MUSICIAN_SECRET_KEY=
+
+# specially useful if you want to deploy in a specific domain
+#MUSICIAN_API_BASE_URL=https://orchestra.example.org
+#ALLOWED_HOSTS=musician.example.org

.gitignore

@@ -0,0 +1,4 @@
+# protect env var secrets
+.env
+# emacs
+*~

Makefile

@@ -0,0 +1,25 @@
+project := dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral
+
+branch := `git branch --show-current`
+commit := `git log -1 --format=%h`
+tag := ${branch}__${commit}
+
+# docker images
+orchestra_image := ${project}/orchestra:${tag}
+musician_image := ${project}/musician:${tag}
+
+docker_build:
+	docker build -f docker/orchestra.Dockerfile -t ${orchestra_image} .
+	docker build -f docker/musician.Dockerfile -t ${musician_image} .
+
+docker_publish:
+	docker push ${orchestra_image}
+	docker push ${musician_image}
+
+.PHONY: docker
+docker:
+	$(MAKE) docker_build
+	$(MAKE) docker_publish
+	@printf "\nimage: ${orchestra_image}\n"
+	@printf "\nimage: ${musician_image}\n"
+	@printf "\ndocker images built and published\n"

README.md

@@ -0,0 +1,29 @@
+docker files and integrations
+
+# deploy everything in localhost
+
+note: right now the same applies for localhost and reachable deployments
+
+```
+docker compose up
+```
+
+# building and deploying new docker images
+
+```
+make docker
+```
+
+# dev
+
+if you want to enter a shell inside a new container:
+
+```
+docker run -it --entrypoint= ${target_docker_image} bash
+```
+
+if you want to enter a shell on already running container:
+
+```
+docker exec -it ${target_docker_image} bash
+```

docker-compose.yml

@@ -0,0 +1,37 @@
+version: "3.9"
+services:
+
+  orchestra:
+    init: true
+    image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/orchestra:add_musician__95b0ed93
+    environment:
+      - SECRET_KEY=${ORCHESTRA_SECRET_KEY:-123456}
+    ports:
+      - "9080:9080"
+    # TODO configure volumes
+    #volumes:
+    #  - .:/home
+
+  musician:
+    init: true
+    image: dkr-dsg.ac.upc.edu/trustchain-oc1-orchestral/musician:add_musician__95b0ed93
+    ports:
+      - "8080:8080"
+    environment:
+      - SECRET_KEY=${MUSICIAN_SECRET_KEY:-123456}
+      - API_BASE_URL=${MUSICIAN_API_BASE_URL:-http://nginx-orchestra-api:3000}
+      - ALLOWED_HOSTS=${ALLOWED_HOSTS:-*}
+    # TODO configure volumes
+    #volumes:
+    #  - .:/home
+
+  # WARNING: this containers is hardcoded and is only useful in localhost deployments
+  #   and as a reference for reachable deployments
+  nginx-orchestra-api:
+    image: nginx
+    ports:
+      - 3000:3000
+    volumes:
+      # src https://hub.docker.com/_/nginx
+      # src https://github.com/docker-library/docs/tree/master/nginx#complex-configuration
+      - ./docker/nginx-orchestra-api.nginx.conf:/etc/nginx/nginx.conf:ro

docker/musician.Dockerfile

@@ -0,0 +1,26 @@
+# right now this is this is heavily inspired to git repo django-musician/Dockerfile
+#FROM python
+FROM debian:bullseye-slim
+
+RUN apt update &&  apt-get install -y \
+    python3-minimal \
+    python3-pip \
+    python3-dev \
+    python-is-python3
+
+WORKDIR /home
+
+RUN python3 -m pip install --upgrade pip
+RUN pip install wheel
+
+COPY django-musician .
+RUN pip install -r requirements.txt
+
+COPY docker/musician.entrypoint.sh .
+ENTRYPOINT sh ./musician.entrypoint.sh
+
+#RUN python manage.py migrate
+#
+#EXPOSE 8080
+#
+#ENTRYPOINT [ "python", "manage.py", "runserver", "0.0.0.0:8080" ]

docker/musician.entrypoint.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+set -e
+set -u
+#set -x
+
+# go to the same path as the script
+cd "$(dirname ${0})"
+
+cat > .env <<END
+SECRET_KEY=${SECRET_KEY}
+API_BASE_URL=${API_BASE_URL}
+ALLOWED_HOSTS=${ALLOWED_HOSTS:-.localhost,127.0.0.1}
+STATIC_ROOT=${STATIC_ROOT:-/static/}
+DEBUG=True
+END
+
+# move the migrate thing in docker entrypoint
+#   inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
+./manage.py migrate
+./manage.py runserver 0.0.0.0:8080

docker/nginx-orchestra-api.nginx.conf

@@ -0,0 +1,36 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+error_log /var/log/nginx/error.log;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+       worker_connections 768;
+       # multi_accept on;
+}
+
+http {
+    server {
+            listen 3000;
+            listen [::]:3000;
+            #server_name orchestra.example.org;
+
+            location / {
+                    # TODO env var on proxy_pass
+                    proxy_pass http://orchestra:9080/api/;
+                    proxy_set_header Host $host;
+                    proxy_set_header X-Real-IP $remote_addr;
+                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                    proxy_set_header X-Forwarded-Proto $scheme;
+            }
+
+            location ~* ^/(admin/|admin_tools/|api/|api-auth/|api-token-auth/|static/) {
+                    # TODO env var on proxy_pass
+                    proxy_pass http://orchestra:9080;
+                    proxy_set_header Host $host;
+                    proxy_set_header X-Real-IP $remote_addr;
+                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                    proxy_set_header X-Forwarded-Proto $scheme;
+            }
+    }
+}

docker/orchestra.Dockerfile

@@ -0,0 +1,125 @@
+FROM debian:bullseye-slim
+
+# based on https://github.com/glic3rinu/django-orchestra/blob/master/INSTALL.md
+# HOW TO RUN THIS
+#
+# 0. rsync -avhP root@109.69.8.140:/home/orchestra orchestra
+# 1. copy this Dockerfile into a dir containing orchestra, like:
+#     $ ls
+#     Dockerfile  orchestra
+# 2. docker build -f orchestra .
+# 3. docker rm orchestra; docker run -v /Users/maymerichgubern/orchestra/orchestra/:/home/orchestra -p 8443:443 -p 8080:80 -it --name orchestra orchestra bash
+# 4. sed -i "s/ALLOWED_HOSTS = .*/ALLOWED_HOSTS = ('orchestra.pangea.org', 'localhost')/" panel/settings.py
+# 5. service postgresql start; service uwsgi start; service nginx start
+# 6. goto https://localhost:8443/admin/
+
+#RUN apt-get update -y && apt-get upgrade -y
+
+RUN apt update &&  apt-get install -y \
+    python3-minimal \
+    python3-pip \
+    postgresql \
+    python3-psycopg2 \
+    cron \
+    nginx-full \
+    uwsgi \
+    uwsgi-plugin-python3 \
+    sudo \
+    ca-certificates \
+    gettext \
+    bind9utils \
+    wget \
+    expect \
+    wkhtmltopdf \
+    procps \
+    net-tools \
+    ssh \
+    wkhtmltopdf \
+    xvfb \
+    python3-minimal \
+    python3-dev \
+    zlib1g-dev \
+    libcrack2-dev \
+    libxml2-dev \
+    libxslt1-dev \
+    python-is-python3
+
+# Clean up to reduce image size
+RUN apt clean && rm -rf /var/lib/apt/lists/*
+
+# celery pinned because big changes on periodic_tasks related API
+#   celery3.1 wont support > python3.9 (dependency with celery should be removed), celery3.1 won't support django4.0
+#   orchestra initially was using celery to run async tasks, but then switched to process/threads without MQ... but the dependency with celery was never fully removed :(
+# django-iban wont support > 4.0 (django-iban is deprecated, replace by django-localflavor)
+# django 3 cannot work https://stackoverflow.com/questions/59261254/no-module-named-django-contrib-staticfiles-templatetags
+# RUN pip3 install \
+#     django==3.2.18 \
+#     django-fluent-dashboard \
+#     django-admin-tools \
+#     django-extensions \
+#     celery==3.1.23 \
+#     django-celery==3.3.1 \
+#     django-cors-headers \
+#     Markdown \
+#     djangorestframework \
+#     ecdsa \
+#     Pygments \
+#     django-filter \
+#     jsonfield \
+#     python-dateutil \
+#     https://github.com/glic3rinu/passlib/archive/master.zip \
+#     django-iban \
+#     requests \
+#     phonenumbers \
+#     django-countries \
+#     django-localflavor \
+#     amqp \
+#     pytz \
+#     cracklib \
+#     lxml
+
+# TODO maybe from here goes to docker entrypoint?
+# TODO assumes that the project already exists, and in some cases that would be interesting
+#COPY django-orchestra /home/orchestra
+COPY django-orchestra /home/orchestra
+
+# this is to ensure django project is created on top of this working directory
+WORKDIR /home/orchestra/
+
+# TODO fix this better in the repo itself
+RUN pip3 install -r requirements.txt
+RUN pip3 install lxml==4.9.3
+#RUN sed -i 's/lxml==3.3.5/lxml==4.9.3/' requirements.txt
+# solves "No module named 'orchestra'"
+RUN pip install -e .
+
+RUN django-admin startproject panel --template=/home/orchestra/orchestra/conf/project_template/
+
+RUN adduser orchestra \
+    && sudo adduser orchestra sudo \
+    && su - orchestra
+
+ENV PATH=$PATH:/home/orchestra/django-orchestra/orchestra/bin
+
+WORKDIR /home/orchestra/panel
+COPY docker/orchestra.migrate.exp /home/orchestra/panel
+
+COPY docker/orchestra.entrypoint.sh .
+ENTRYPOINT sh ./orchestra.entrypoint.sh
+
+# RUN expect -f ./orchestra.migrate.exp
+# 
+# #RUN sed -i "s/'HOST': '',/'HOST': '*',/" panel/settings.py
+# RUN sed -i "s/^ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \['*'\]/" panel/settings.py
+# CMD ./manage.py runserver 0.0.0.0:9080
+# EXPOSE 9080:9080
+
+#RUN echo /home/orchestra/django-orchestra/ > /usr/local/lib/python3.9/dist-packages/orchestra.pth
+
+# TODO move this to entrypoint, with fakedata
+#    && su postgres bash -c 'psql -f <(zcat /home/orchestra/orchestra_db_20230907.sql)' \
+
+#RUN service postgresql start \
+#    && python3 manage.py setupnginx --user orchestra \
+#    && su orchestra bash -c 'python3 manage.py setupcronbeat' \
+#    && su orchestra bash -c 'python3 manage.py syncperiodictasks'

docker/orchestra.entrypoint.sh

@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+set -u
+#set -x
+
+_subs() {
+        key="${1}"
+        value="${2}"
+        file="${3}"
+        sed -i "s/^\(${key} =\).*/\1 '${value}'/" "${file}"
+}
+
+# go to the same path as the script
+cd "$(dirname ${0})"
+
+SECRET_KEY=${SECRET_KEY}
+ALLOWED_HOSTS=${ALLOWED_HOSTS:-*}
+
+# override settings with env vars defined in docker
+settings_file='panel/settings.py'
+_subs 'ALLOWED_HOSTS' "${ALLOWED_HOSTS}" "${settings_file}"
+_subs 'SECRET_KEY' "${SECRET_KEY}" "${settings_file}"
+
+# move the migrate thing in docker entrypoint
+#   inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
+#python3 manage.py migrate
+expect -f ./orchestra.migrate.exp
+./manage.py runserver 0.0.0.0:9080
+

docker/orchestra.migrate.exp

@@ -0,0 +1,61 @@
+#!/usr/bin/expect -f
+#
+# This Expect script was generated by autoexpect on Tue Sep 12 07:03:17 2023
+# Expect and autoexpect were both written by Don Libes, NIST.
+#
+# Note that autoexpect does not guarantee a working script.  It
+# necessarily has to guess about certain things.  Two reasons a script
+# might fail are:
+#
+# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet,
+# etc.) and devices discard or ignore keystrokes that arrive "too
+# quickly" after prompts.  If you find your new script hanging up at
+# one spot, try adding a short sleep just before the previous send.
+# Setting "force_conservative" to 1 (see below) makes Expect do this
+# automatically - pausing briefly before sending each character.  This
+# pacifies every program I know of.  The -c flag makes the script do
+# this in the first place.  The -C flag allows you to define a
+# character to toggle this mode off and on.
+
+set force_conservative 0  ;# set to 1 to force conservative mode even if
+			  ;# script wasn't run conservatively originally
+if {$force_conservative} {
+	set send_slow {1 .1}
+	proc send {ignore arg} {
+		sleep .1
+		exp_send -s -- $arg
+	}
+}
+
+#
+# 2) differing output - Some programs produce different output each time
+# they run.  The "date" command is an obvious example.  Another is
+# ftp, if it produces throughput statistics at the end of a file
+# transfer.  If this causes a problem, delete these patterns or replace
+# them with wildcards.  An alternative is to use the -p flag (for
+# "prompt") which makes Expect only look for the last line of output
+# (i.e., the prompt).  The -P flag allows you to define a character to
+# toggle this mode off and on.
+#
+# Read the man page for more info.
+#
+# -Don
+
+
+set timeout -1
+spawn ./manage.py migrate
+match_max 100000
+expect "Username: "
+send -- "admin\r"
+expect -exact "admin\r
+Email address: "
+send -- "admin@example.com\r"
+expect -exact "admin@example.com\r
+Password: "
+send -- "admin\r"
+expect -exact "\r
+Password (again): "
+send -- "admin\r"
+expect -re "Bypass password validation and create user anyway"
+send -- "y\r"
+expect eof