-
Notifications
You must be signed in to change notification settings - Fork 3
/
initialize.py
134 lines (105 loc) · 4.83 KB
/
initialize.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
"""
This script initializes Geonode
"""
#########################################################
# Setting up the context
#########################################################
import os, requests, json, uuid, django
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'spcgeonode.settings')
django.setup()
#########################################################
# Imports
#########################################################
from django.core.management import call_command
from geonode.people.models import Profile
from oauth2_provider.models import Application
from django.conf import settings
# Getting the secrets
admin_username = open('/run/secrets/admin_username','r').read().strip()
admin_password = open('/run/secrets/admin_password','r').read().strip()
#########################################################
# 1. Running the migrations
#########################################################
print("-----------------------------------------------------")
print("1. Running the migrations")
call_command('migrate', '--noinput')
#########################################################
# 2. Creating superuser if it doesn't exist
#########################################################
print("-----------------------------------------------------")
print("2. Creating/updating superuser")
try:
superuser = Profile.objects.get(username=admin_username)
superuser.set_password(admin_password)
superuser.is_active = True
superuser.email = os.getenv('ADMIN_EMAIL')
superuser.save()
print('superuser successfully updated')
except Profile.DoesNotExist:
superuser = Profile.objects.create_superuser(
admin_username,
os.getenv('ADMIN_EMAIL'),
admin_password
)
print('superuser successfully created')
#########################################################
# 3. Create an OAuth2 provider to use authorisations keys
#########################################################
print("-----------------------------------------------------")
print("3. Create/update an OAuth2 provider to use authorisations keys")
app, created = Application.objects.get_or_create(
pk=1,
name='GeoServer',
client_type='confidential',
authorization_grant_type='authorization-code'
)
redirect_uris = [
'http://{}/geoserver'.format(os.getenv('HTTPS_HOST',"") if os.getenv('HTTPS_HOST',"") != "" else os.getenv('HTTP_HOST')),
'http://{}/geoserver/index.html'.format(os.getenv('HTTPS_HOST',"") if os.getenv('HTTPS_HOST',"") != "" else os.getenv('HTTP_HOST')),
]
app.redirect_uris = "\n".join(redirect_uris)
app.save()
if created:
print('oauth2 provider successfully created')
else:
print('oauth2 provider successfully updated')
#########################################################
# 4. Loading fixtures
#########################################################
print("-----------------------------------------------------")
print("4. Loading fixtures")
call_command('loaddata', 'initial_data')
#########################################################
# 5. Running updatemaplayerip
#########################################################
print("-----------------------------------------------------")
print("5. Running updatemaplayerip")
# call_command('updatelayers') # TODO CRITICAL : this overrides the layer thumbnail of existing layers even if unchanged !!!
call_command('updatemaplayerip')
#########################################################
# 6. Collecting static files
#########################################################
print("-----------------------------------------------------")
print("6. Collecting static files")
call_command('collectstatic', '--noinput', verbosity=0)
#########################################################
# 7. Securing GeoServer
#########################################################
print("-----------------------------------------------------")
print("7. Securing GeoServer")
# Getting the old password
try:
r1 = requests.get('http://geoserver:8080/geoserver/rest/security/masterpw.json', auth=(admin_username, admin_password))
except requests.exceptions.ConnectionError as e:
print("Unable to connect to GeoServer. Make sure GeoServer is started and accessible.")
exit(1)
r1.raise_for_status()
old_password = json.loads(r1.text)["oldMasterPassword"]
if old_password=='M(cqp{V1':
print("Randomizing master password")
new_password = uuid.uuid4().hex
data = json.dumps({"oldMasterPassword":old_password,"newMasterPassword":new_password})
r2 = requests.put('http://geoserver:8080/geoserver/rest/security/masterpw.json', data=data, headers={'Content-Type': 'application/json'}, auth=(admin_username, admin_password))
r2.raise_for_status()
else:
print("Master password was already changed. No changes made.")