Merge pull request #28 from GeoNode/upgrade_project

Upgrade project
GeoNode · Aug 28, 2023 · d5f9fa9 · d5f9fa9
2 parents 1a43e16 + 8819fe5
commit d5f9fa9
Show file tree

Hide file tree

Showing 49 changed files with 6,484 additions and 5,738 deletions.
diff --git a/.env.sample b/.env.sample
@@ -1,5 +1,6 @@
 COMPOSE_PROJECT_NAME=geonode_master
-DOCKER_HOST_IP=
+# See https://github.com/containers/podman/issues/13889
+# DOCKER_BUILDKIT=0
 DOCKER_ENV=production
 # See https://github.com/geosolutions-it/geonode-generic/issues/28
 # to see why we force API version to 1.24
@@ -10,8 +11,8 @@ C_FORCE_ROOT=1
 FORCE_REINIT=false
 INVOKE_LOG_STDOUT=true
 
-# LANGUAGE_CODE=pt
-# LANGUAGES=(('en','English'),('pt','Portuguese'))
+# LANGUAGE_CODE=it-it
+# LANGUAGES=(('en-us','English'),('it-it','Italiano'))
 
 DJANGO_SETTINGS_MODULE=geonode_master.settings
 GEONODE_INSTANCE_NAME=geonode
@@ -20,26 +21,29 @@ GEONODE_INSTANCE_NAME=geonode
 # backend
 # #################
 POSTGRES_USER=postgres
-POSTGRES_PASSWORD=postgres
+POSTGRES_PASSWORD={pgpwd}
 GEONODE_DATABASE=geonode_master
-GEONODE_DATABASE_PASSWORD=geonode
+GEONODE_DATABASE_USER=geonode_master
+GEONODE_DATABASE_PASSWORD={dbpwd}
 GEONODE_GEODATABASE=geonode_master_data
-GEONODE_GEODATABASE_PASSWORD=geonode
+GEONODE_GEODATABASE_USER=geonode_master_data
+GEONODE_GEODATABASE_PASSWORD={geodbpwd}
 GEONODE_DATABASE_SCHEMA=public
 GEONODE_GEODATABASE_SCHEMA=public
 DATABASE_HOST=db
 DATABASE_PORT=5432
-DATABASE_URL=postgis://geonode_master:geonode@db:5432/geonode_master
-GEODATABASE_URL=postgis://geonode_master_data:geonode@db:5432/geonode_master_data
+DATABASE_URL=postgis://geonode_master:{dbpwd}@db:5432/geonode_master
+GEODATABASE_URL=postgis://geonode_master_data:{geodbpwd}@db:5432/geonode_master_data
 GEONODE_DB_CONN_MAX_AGE=0
 GEONODE_DB_CONN_TOUT=5
 DEFAULT_BACKEND_DATASTORE=datastore
 BROKER_URL=amqp://guest:guest@rabbitmq:5672/
+CELERY_BEAT_SCHEDULER=celery.beat:PersistentScheduler
 ASYNC_SIGNALS=True
 
-SITEURL=http://localhost/
+SITEURL={siteurl}/
 
-ALLOWED_HOSTS=['django', '*']
+ALLOWED_HOSTS="['django', '{hostname}']"
 
 # Data Uploader
 DEFAULT_BACKEND_UPLOADER=geonode.importer
@@ -50,24 +54,18 @@ HAYSTACK_ENGINE_URL=http://elasticsearch:9200/
 HAYSTACK_ENGINE_INDEX_NAME=haystack
 HAYSTACK_SEARCH_RESULTS_PER_PAGE=200
 
-# #################
-# Jenkins
-# CI/CD Server
-# #################
-JENKINS_HTTP_PORT=9080
-JENKINS_HTTPS_PORT=9443
-
 # #################
 # nginx
 # HTTPD Server
 # #################
-GEONODE_LB_HOST_IP=localhost
-GEONODE_LB_PORT=80
+GEONODE_LB_HOST_IP=django
+GEONODE_LB_PORT=8000
+NGINX_BASE_URL={siteurl}
 
 # IP or domain name and port where the server can be reached on HTTPS (leave HOST empty if you want to use HTTP only)
 # port where the server can be reached on HTTPS
-HTTP_HOST=localhost
-HTTPS_HOST=
+HTTP_HOST={http_host}
+HTTPS_HOST={https_host}
 
 HTTP_PORT=80
 HTTPS_PORT=443
@@ -77,7 +75,7 @@ HTTPS_PORT=443
 # disabled : we do not get a certificate at all (a placeholder certificate will be used)
 # staging : we get staging certificates (are invalid, but allow to test the process completely and have much higher limit rates)
 # production : we get a normal certificate (default)
-LETSENCRYPT_MODE=disabled
+LETSENCRYPT_MODE={letsencrypt_mode}
 # LETSENCRYPT_MODE=staging
 # LETSENCRYPT_MODE=production
 
@@ -86,11 +84,13 @@ RESOLVER=127.0.0.11
 # #################
 # geoserver
 # #################
-GEOSERVER_WEB_UI_LOCATION=http://localhost/geoserver/
-GEOSERVER_PUBLIC_LOCATION=http://localhost/geoserver/
-GEOSERVER_LOCATION=http://geoserver:8080/geoserver/
+GEOSERVER_LB_HOST_IP=geoserver
+GEOSERVER_LB_PORT=8080
+GEOSERVER_WEB_UI_LOCATION={siteurl}/geoserver/
+GEOSERVER_PUBLIC_LOCATION={siteurl}/geoserver/
+GEOSERVER_LOCATION=http://${GEOSERVER_LB_HOST_IP}:${GEOSERVER_LB_PORT}/geoserver/
 GEOSERVER_ADMIN_USER=admin
-GEOSERVER_ADMIN_PASSWORD=geoserver
+GEOSERVER_ADMIN_PASSWORD={geoserverpwd}
 
 OGC_REQUEST_TIMEOUT=30
 OGC_REQUEST_MAX_RETRIES=1
@@ -101,7 +101,7 @@ OGC_REQUEST_POOL_CONNECTIONS=10
 # Java Options & Memory
 ENABLE_JSONP=true
 outFormat=text/javascript
-GEOSERVER_JAVA_OPTS=-Djava.awt.headless=true -Xms2G -Xmx4G -Dgwc.context.suffix=gwc -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=/var/log/jvm.log -XX:PerfDataSamplingInterval=500 -XX:SoftRefLRUPolicyMSPerMB=36000 -XX:-UseGCOverheadLimit -XX:+UseConcMarkSweepGC -XX:+UseParNewGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGS-SHAPEFILE-CHARSET=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://geoserver:8080/geoserver/pdf -DALLOW_ENV_PARAMETRIZATION=true -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3-Unsafe.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine
+GEOSERVER_JAVA_OPTS='-Djava.awt.headless=true -Xms4G -Xmx4G -Dgwc.context.suffix=gwc -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=/var/log/jvm.log -XX:PerfDataSamplingInterval=500 -XX:SoftRefLRUPolicyMSPerMB=36000 -XX:-UseGCOverheadLimit -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGS-SHAPEFILE-CHARSET=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL={geoserver_ui}/geoserver/pdf -DALLOW_ENV_PARAMETRIZATION=true -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3-Unsafe.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine'
 
 # #################
 # Security
@@ -114,8 +114,8 @@ GEOSERVER_JAVA_OPTS=-Djava.awt.headless=true -Xms2G -Xmx4G -Dgwc.context.suffix=
 # in DB will honored.
 
 ADMIN_USERNAME=admin
-ADMIN_PASSWORD=admin
-ADMIN_EMAIL=admin@localhost
+ADMIN_PASSWORD={geonodepwd}
+ADMIN_EMAIL={email}
 
 # EMAIL Notifications
 EMAIL_ENABLE=False
@@ -126,16 +126,21 @@ DJANGO_EMAIL_HOST_USER=
 DJANGO_EMAIL_HOST_PASSWORD=
 DJANGO_EMAIL_USE_TLS=False
 DJANGO_EMAIL_USE_SSL=False
-DEFAULT_FROM_EMAIL='' # eg Company <[email protected]>
+DEFAULT_FROM_EMAIL='{email}' # eg Company <[email protected]>
 
 # Session/Access Control
 LOCKDOWN_GEONODE=False
-CORS_ORIGIN_ALLOW_ALL=True
 X_FRAME_OPTIONS="SAMEORIGIN"
 SESSION_EXPIRED_CONTROL_ENABLED=True
 DEFAULT_ANONYMOUS_VIEW_PERMISSION=True
 DEFAULT_ANONYMOUS_DOWNLOAD_PERMISSION=True
 
+CORS_ALLOW_ALL_ORIGINS=True
+GEOSERVER_CORS_ENABLED=True
+GEOSERVER_CORS_ALLOWED_ORIGINS=*
+GEOSERVER_CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS
+GEOSERVER_CORS_ALLOWED_HEADERS=*
+
 # Users Registration
 ACCOUNT_OPEN_SIGNUP=True
 ACCOUNT_EMAIL_REQUIRED=True
@@ -149,8 +154,8 @@ AUTO_ASSIGN_REGISTERED_MEMBERS_TO_REGISTERED_MEMBERS_GROUP_NAME=True
 
 # OAuth2
 OAUTH2_API_KEY=
-OAUTH2_CLIENT_ID=
-OAUTH2_CLIENT_SECRET=
+OAUTH2_CLIENT_ID={clientid}
+OAUTH2_CLIENT_SECRET={clientsecret}
 
 # GeoNode APIs
 API_LOCKDOWN=False
@@ -160,24 +165,23 @@ TASTYPIE_APIKEY=
 # Production and
 # Monitoring
 # #################
-DEBUG=False
+DEBUG={debug}
 
-SECRET_KEY='django-insecure-_vc@_)fb$bqkkht+k9$n%qbt+ojzxw7clj%bdqxzm!brc*nw#v'
+SECRET_KEY='{secret_key}'
 
 STATIC_ROOT=/mnt/volumes/statics/static/
 MEDIA_ROOT=/mnt/volumes/statics/uploaded/
 GEOIP_PATH=/mnt/volumes/statics/geoip.db
 
 CACHE_BUSTING_STATIC_ENABLED=False
-CACHE_BUSTING_MEDIA_ENABLED=False
 
 MEMCACHED_ENABLED=False
 MEMCACHED_BACKEND=django.core.cache.backends.memcached.MemcachedCache
 MEMCACHED_LOCATION=127.0.0.1:11211
 MEMCACHED_LOCK_EXPIRE=3600
 MEMCACHED_LOCK_TIMEOUT=10
 
-MAX_DOCUMENT_SIZE=2
+MAX_DOCUMENT_SIZE=200
 CLIENT_RESULTS_LIMIT=5
 API_LIMIT_PER_PAGE=1000
 
@@ -188,7 +192,7 @@ BING_API_KEY=
 GOOGLE_API_KEY=
 
 # Monitoring
-MONITORING_ENABLED=True
+MONITORING_ENABLED=False
 MONITORING_DATA_TTL=365
 USER_ANALYTICS_ENABLED=True
 USER_ANALYTICS_GZIP=True
@@ -203,6 +207,10 @@ EXIF_ENABLED=True
 CREATE_LAYER=True
 FAVORITE_ENABLED=True
 
+# Advanced Workflow
+RESOURCE_PUBLISHING=False
+ADMIN_MODERATE_UPLOADS=False
+
 # LDAP
 LDAP_ENABLED=False
 LDAP_SERVER_URL=ldap://<the_ldap_server>
@@ -220,8 +228,8 @@ LDAP_GROUP_PROFILE_MEMBER_ATTR=uniqueMember
 # CELERY__MAX_MEMORY_PER_CHILD="200000"
 # ## 
 # Note right autoscale value must coincide with worker concurrency value
-# CELERY__AUTOSCALE_VALUES="1,4" 
-# CELERY__WORKER_CONCURRENCY="4"
+# CELERY__AUTOSCALE_VALUES="15,10" 
+# CELERY__WORKER_CONCURRENCY="10"
 # ##
 # CELERY__OPTS="--without-gossip --without-mingle -Ofair -B -E"
 # CELERY__BEAT_SCHEDULE="/mnt/volumes/statics/celerybeat-schedule"
@@ -231,3 +239,12 @@ LDAP_GROUP_PROFILE_MEMBER_ATTR=uniqueMember
 
 # PostgreSQL
 POSTGRESQL_MAX_CONNECTIONS=200
+
+# Common containers restart policy
+RESTART_POLICY_CONDITION="on-failure"
+RESTART_POLICY_DELAY="5s"
+RESTART_POLICY_MAX_ATTEMPTS="3"
+RESTART_POLICY_WINDOW=120s
+
+DEFAULT_MAX_UPLOAD_SIZE=5368709120
+DEFAULT_MAX_PARALLEL_UPLOADS_PER_USER=5
diff --git a/Dockerfile b/Dockerfile
@@ -1,54 +1,17 @@
-FROM ubuntu:22.04
+FROM geonode/geonode-base:latest-ubuntu-22.10
 LABEL GeoNode development team
 
 RUN mkdir -p /usr/src/geonode_master
 
-## Enable postgresql-client-13
-RUN apt-get update -y && apt-get install curl wget unzip gnupg2 -y
-RUN wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
-# will install python3.10 
-RUN apt-get install lsb-core -y
-RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" |tee  /etc/apt/sources.list.d/pgdg.list
-# This section is borrowed from the official Django image but adds GDAL and others
-RUN apt-get update -y && apt-get upgrade -y
-
-# Prepraing dependencies
-RUN apt-get install -y \
-    libgdal-dev libpq-dev libxml2-dev \
-    libxml2 libxslt1-dev zlib1g-dev libjpeg-dev \
-    libmemcached-dev libldap2-dev libsasl2-dev libffi-dev
-
-RUN apt-get update -y && apt-get install -y --no-install-recommends \
-    gcc zip gettext geoip-bin cron \
-    postgresql-client-13 \
-    python3-all-dev python3-dev \
-    python3-gdal python3-psycopg2 python3-ldap \
-    python3-pip python3-pil python3-lxml \
-    uwsgi uwsgi-plugin-python3 python3-gdbm python-is-python3 gdal-bin
-
-RUN apt-get install -y devscripts build-essential debhelper pkg-kde-tools sharutils
-# RUN git clone https://salsa.debian.org/debian-gis-team/proj.git /tmp/proj
-# RUN cd /tmp/proj && debuild -i -us -uc -b && dpkg -i ../*.deb
-
-# Install pip packages
-RUN pip install pip --upgrade \
-    && pip install pygdal==$(gdal-config --version).* \
-        flower==0.9.4
-
-# Activate "memcached"
-RUN apt install -y memcached
-RUN pip install pylibmc \
-    && pip install sherlock
-
 # add bower and grunt command
 COPY src /usr/src/geonode_master/
 WORKDIR /usr/src/geonode_master
 
-COPY src/monitoring-cron /etc/cron.d/monitoring-cron
-RUN chmod 0644 /etc/cron.d/monitoring-cron
-RUN crontab /etc/cron.d/monitoring-cron
-RUN touch /var/log/cron.log
-RUN service cron start
+#COPY src/monitoring-cron /etc/cron.d/monitoring-cron
+#RUN chmod 0644 /etc/cron.d/monitoring-cron
+#RUN crontab /etc/cron.d/monitoring-cron
+#RUN touch /var/log/cron.log
+#RUN service cron start
 
 COPY src/wait-for-databases.sh /usr/bin/wait-for-databases
 RUN chmod +x /usr/bin/wait-for-databases
@@ -67,11 +30,13 @@ RUN chmod +x /usr/bin/celery-cmd
 # RUN cd /usr/src/geonode-contribs/geonode-logstash; pip install --upgrade  -e . \
 #     cd /usr/src/geonode-contribs/ldap; pip install --upgrade  -e .
 
-RUN pip install --upgrade --no-cache-dir  --src /usr/src -r requirements.txt
-RUN pip install --upgrade  -e .
+RUN yes w | pip install --src /usr/src -r requirements.txt &&\
+    yes w | pip install -e .
 
 # Cleanup apt update lists
-RUN rm -rf /var/lib/apt/lists/*
+RUN apt-get autoremove --purge &&\
+    apt-get clean &&\
+    rm -rf /var/lib/apt/lists/*
 
 # Export ports
 EXPOSE 8000