diff --git a/Makefile b/Makefile index 4560151c0..f7e1d2038 100644 --- a/Makefile +++ b/Makefile @@ -102,6 +102,12 @@ FASTCGISOCKDIR=$(PREFIX)/run FASTCGIUSER=$(APACHEUSER) FASTCGIGROUP=$(APACHEGROUP) +# uWSGI +UWSGIYAMLDIR=$(LMPREFIX)/uwsgi +LLNGAPPDIR=$(LMPREFIX)/llng-server +UWSGIUSER=$(APACHEUSER) +UWSGIGROUP=$(APACHEGROUP) + # Apache version APACHEVERSION=2.X @@ -133,6 +139,8 @@ ERASECONFIG=1 # Set to 0 if you do not want to replace your configuration RLMPREFIX=$(DESTDIR)/$(LMPREFIX) RBINDIR=$(DESTDIR)/$(BINDIR) RSBINDIR=$(DESTDIR)/$(SBINDIR) +RUWSGIYAMLDIR=$(DESTDIR)/$(UWSGIYAMLDIR) +RLLNGAPPDIR=$(DESTDIR)/$(LLNGAPPDIR) RINITDIR=$(DESTDIR)/$(INITDIR) RETCDEFAULTDIR=$(DESTDIR)/$(ETCDEFAULTDIR) RDATADIR=$(DESTDIR)/$(DATADIR) @@ -255,8 +263,9 @@ all: configure common handler manager portal @echo " - install_handler_libs" @echo " * Binaries install :" @echo " - install_bin ($(BINDIR))" - @echo " * FastCGI server install (required for Nginx)" + @echo " * FastCGI (or uWSGI) server install (required for Nginx)" @echo " - install_fastcgi_server ($(SBINDIR))" + @echo " - install_uwsgi_server ($(UWSGIYAMLDIR))" @echo " * Web sites install :" @echo " - install_site (all sites including install_doc_site)" @echo " - install_portal_site ($(PORTALDIR))" @@ -552,7 +561,7 @@ install_test: # Install targets # --------------- -install: install_libs install_bin install_fastcgi_server install_site +install: install_libs install_bin install_fastcgi_server install_uwsgi_server install_site # Perl libraires install @@ -574,7 +583,7 @@ install_bin: install_conf_dir # Binary install @install -v -d $(RBINDIR) @cp -f\ - ${SRCHANDLERDIR}/example/scripts/purgeLocalCache \ + ${SRCHANDLERDIR}/eg/scripts/purgeLocalCache \ ${SRCPORTALDIR}/site/cron/purgeCentralCache \ ${SRCCOMMONDIR}/scripts/convertConfig \ ${SRCCOMMONDIR}/scripts/lmMigrateConfFiles2ini \ @@ -624,6 +633,12 @@ install_fastcgi_server: chmod 777 $(RFASTCGISOCKDIR); \ fi +install_uwsgi_server: + @install -v -d $(RUWSGIYAMLDIR) $(RLLNGAPPDIR) + @install -m 644 -v fastcgi-server/uwsgi/llng-server.yaml $(RUWSGIYAMLDIR)/llng-server.yaml + @install -m 644 -v _example/plack-app/llng-server.psgi $(RLLNGAPPDIR)/llng-server.psgi + $(PERL) -pi -e 's#__APPDIR__#$(LLNGAPPDIR)#' $(RUWSGIYAMLDIR)/llng-server.yaml + # Site install install_site: install_manager_site install_portal_site install_handler_site install_test_site install_examples_site install_doc_site install_webserver_conf @@ -765,7 +780,7 @@ install_portal_site: install_conf_dir install_handler_site: install_conf_dir # Handler install @install -v -d ${RHANDLERDIR} - @cp -f $(SRCHANDLERDIR)/example/scripts/purgeLocalCache.cron.d $(RCRONDIR)/lemonldap-ng-handler + @cp -f $(SRCHANDLERDIR)/eg/scripts/purgeLocalCache.cron.d $(RCRONDIR)/lemonldap-ng-handler @if [ ! "$(APACHEUSER)" ]; then \ $(PERL) -i -pe 's#__APACHEUSER__#nobody#g;' $(RCRONDIR)/lemonldap-ng-handler; \ else \ @@ -785,10 +800,7 @@ install_test_site: install_examples_site: # Examples install @install -v -d $(REXAMPLESDIR) - @for i in handler; do \ - cp -a -f lemonldap-ng-$$i/example $(REXAMPLESDIR)/$$i; \ - done - @for i in portal manager; do \ + @for i in portal manager handler; do \ cp -a -f lemonldap-ng-$$i/eg $(REXAMPLESDIR)/$$i; \ done @cp -a -f fastcgi-server/psgi/llngapp.psgi $(REXAMPLESDIR)/$$i @@ -1061,37 +1073,6 @@ manager_cpan: manager_conf documentation: @cd doc/ && ../scripts/doc.pl -diff: debian-diff - -# TODO: change this -default-diff: - @# Portal - @$(DIFF) $(SRCPORTALDIR)/lib/Lemonldap/NG/Portal /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Portal ||true - @$(DIFF) $(SRCPORTALDIR)/example/scripts/purgeCentralCache $(LMPREFIX)/bin/purgeCentralCache ||true - @$(DIFF) $(SRCPORTALDIR)/example/skins $(LMPREFIX)/htdocs/portal/skins ||true - @$(DIFF) $(SRCPORTALDIR)/example/index_skin.pl $(LMPREFIX)/htdocs/portal/index.pl ||true - @$(DIFF) $(SRCPORTALDIR)/example/mail.pl $(LMPREFIX)/htdocs/portal/mail.pl ||true - @$(DIFF) $(SRCPORTALDIR)/example/register.pl $(LMPREFIX)/htdocs/portal/register.pl ||true - @$(DIFF) $(SRCPORTALDIR)/example/metadata.pl $(LMPREFIX)/htdocs/portal/metadata.pl ||true - @$(DIFF) $(SRCPORTALDIR)/example/openid-configuration.pl $(LMPREFIX)/htdocs/portal/openid-configuration.pl ||true - @$(DIFF) $(SRCPORTALDIR)/example/cdc.pl $(LMPREFIX)/htdocs/portal/cdc.pl ||true - @# Handler - @$(DIFF) $(SRCHANDLERDIR)/lib/Lemonldap/NG/Handler /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Handler ||true - @$(DIFF) $(SRCHANDLERDIR)/example/scripts/purgeLocalCache $(LMPREFIX)/bin/purgeLocalCache ||true - @# Common - @$(DIFF) $(SRCCOMMONDIR)/lib/Lemonldap/NG/Common /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Common ||true - @$(DIFF) $(SRCCOMMONDIR)/lib/Lemonldap/NG/Common.pm /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Common.pm ||true - @$(DIFF) $(SRCCOMMONDIR)/scripts/lmMigrateConfFiles2ini $(LMPREFIX)/bin/lmMigrateConfFiles2ini ||true - @$(DIFF) $(SRCCOMMONDIR)/scripts/convertConfig $(LMPREFIX)/bin/convertConfig ||true - @$(DIFF) $(SRCCOMMONDIR)/scripts/rotateOidcKeys $(LMPREFIX)/bin/rotateOidcKeys ||true - @# Manager - @$(DIFF) $(SRCMANAGERDIR)/lib/Lemonldap/NG/Manager /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Manager ||true - @$(DIFF) $(SRCMANAGERDIR)/lib/Lemonldap/NG/Manager.pm /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Manager.pm ||true - @$(DIFF) $(SRCMANAGERDIR)/site/htdocs/static $(LMPREFIX)/htdocs/manager/static ||true - @$(DIFF) $(SRCMANAGERDIR)/site/templates $(LMPREFIX)/htdocs/manager/templates ||true - @$(DIFF) --ignore-matching-lines='set.*get.*\[2\]' $(SRCMANAGERDIR)/scripts/lmConfigEditor $(LMPREFIX)/bin/lmConfigEditor ||true - @$(DIFF) --ignore-matching-lines='set.*get.*' $(SRCCOMMONDIR)/scripts/lemonldap-ng-cli $(LMPREFIX)/bin/lemonldap-ng-cli ||true - test-diff: @for file in `find lemonldap-ng-*/lib -type f`; do \ $(DIFF) $$file `echo $$file|sed -e s/lib/blib\\\/lib/`; \ diff --git a/debian/control b/debian/control index a24cb2039..3054b3cf8 100644 --- a/debian/control +++ b/debian/control @@ -110,6 +110,100 @@ Description: French documentation of Lemonldap::NG Web-SSO system . This package contains French html documentation. +Package: lemonldap-ng-handler +Architecture: all +Depends: ${misc:Depends}, + liblemonldap-ng-handler-perl (= ${binary:Version}) +Breaks: liblemonldap-ng-handler-perl (<< 1.9.1-2~) +Replaces: liblemonldap-ng-handler-perl (<< 1.9.1-2~) +Recommends: lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | libapache2-mod-perl2 +Suggests: libcache-memcached-perl, + libdigest-hmac-perl, + libsoap-lite-perl +Description: Lemonldap::NG handler part + Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies + or directly on application webservers. It can be used in conjunction with + OpenID-Connect, CAS and SAML systems as identity or service provider. It can + also be used as proxy between those federation systems. + . + It manages both authentication and authorization and provides headers for + accounting. So you can have a full AAA protection. Authorization are built by + associating a regular expression and a rule. Regular expression is applied on + the requested URL and the rule calculates if the user is authorized. + . + This package provides configuration files for Apache and Nginx used to protect + web areas. + +Package: liblemonldap-ng-manager-perl +Architecture: all +Depends: ${misc:Depends}, + ${perl:Depends}, + libconvert-pem-perl, + libcrypt-openssl-rsa-perl, + liblemonldap-ng-handler-perl (= ${binary:Version}) + lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | apache2 | httpd-cgi +Recommends: lemonldap-ng-doc (= ${binary:Version}), + libxml-libxml-perl, + libxml-libxslt-perl, + libxml-simple-perl +Suggests: libclone-perl, + libregexp-assemble-perl +Pre-Depends: debconf +Description: Lemonldap::NG manager part + Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies + or directly on application webservers. It can be used in conjunction with + OpenID-Connect, CAS and SAML systems as identity or service provider. It can + also be used as proxy between those federation systems. + . + It manages both authentication and authorization and provides headers for + accounting. So you can have a full AAA protection. Authorization are built by + associating a regular expression and a rule. Regular expression is applied on + the requested URL and the rule calculates if the user is authorized. + . + Lemonldap::NG::Manager provides the administration interface. + +Package: liblemonldap-ng-portal-perl +Architecture: all +Depends: ${misc:Depends}, + ${perl:Depends}, + lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | apache2 | httpd-cgi, + libclone-perl, + liblemonldap-ng-handler-perl (= ${binary:Version}), + libregexp-assemble-perl +Recommends: libcrypt-openssl-bignum-perl, + libemail-sender-perl (>=1.300027) | libemail-sender-transport-smtps-perl, + libmime-tools-perl, + libnet-ldap-perl, + libstring-random-perl, + libunicode-string-perl +Suggests: libauthcas-perl, + libcrypt-u2f-server-perl, + libdbi-perl, + libgd-securityimage-perl, + libglib-perl, + libimage-magick-perl, + liblasso-perl, + libnet-facebook-oauth2-perl, + libnet-openid-consumer-perl, + libnet-openid-server-perl, + libnet-oauth-perl, + libsoap-lite-perl, + libweb-id-perl, + slapd +Pre-Depends: debconf +Description: Lemonldap::NG authentication portal part + Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies + or directly on application webservers. It can be used in conjunction with + OpenID-Connect, CAS and SAML systems as identity or service provider. It can + also be used as proxy between those federation systems. + . + It manages both authentication and authorization and provides headers for + accounting. So you can have a full AAA protection. Authorization are built by + associating a regular expression and a rule. Regular expression is applied on + the requested URL and the rule calculates if the user is authorized. + . + Lemonldap::NG::Portal provides the authentication portal. + Package: lemonldap-ng-fastcgi-server Architecture: all Depends: ${misc:Depends}, @@ -132,16 +226,19 @@ Description: Lemonldap::NG FastCGI server associating a regular expression and a rule. Regular expression is applied on the requested URL and the rule calculates if the user is authorized. . - Lemonldap::NG FastCGI server provides a Nginx auth_request server. + Lemonldap::NG FastCGI server provides a Nginx auth_request server that handles + also LLNG Portal and Manager. -Package: lemonldap-ng-handler +Package: lemonldap-ng-uwsgi-app Architecture: all Depends: ${misc:Depends}, - liblemonldap-ng-handler-perl (= ${binary:Version}) -Breaks: liblemonldap-ng-handler-perl (<< 1.9.1-2~) -Replaces: liblemonldap-ng-handler-perl (<< 1.9.1-2~) -Recommends: lemonldap-ng-fastcgi-server (= ${binary:Version}) | libapache2-mod-perl2 -Description: Lemonldap::NG handler part + ${perl:Depends}, + liblemonldap-ng-handler-perl (= ${binary:Version}), + uwsgi-plugin-psgi +Recommends: libhttp-parser-xs-perl, + nginx-extras | nginx +Section: web +Description: Lemonldap::NG uWSGI server Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies or directly on application webservers. It can be used in conjunction with OpenID-Connect, CAS and SAML systems as identity or service provider. It can @@ -152,21 +249,14 @@ Description: Lemonldap::NG handler part associating a regular expression and a rule. Regular expression is applied on the requested URL and the rule calculates if the user is authorized. . - This package provides configuration files for Apache and Nginx used to protect - web areas. + Lemonldap::NG uWSGI server provides a replacement to Lemonldap::NG FastCGI + server, using uWSGI instead of Plack FCGI. Package: liblemonldap-ng-handler-perl Architecture: all Depends: ${misc:Depends}, ${perl:Depends}, - liblemonldap-ng-common-perl (= ${binary:Version}), - libmouse-perl, - liburi-perl, - libwww-perl -Recommends: liblwp-protocol-https-perl -Suggests: libcache-memcached-perl, - libdigest-hmac-perl, - libsoap-lite-perl + liblemonldap-ng-common-perl (= ${binary:Version}) Description: Lemonldap::NG handler common libraries Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies or directly on application webservers. It can be used in conjunction with @@ -195,9 +285,12 @@ Depends: ${misc:Depends}, libjson-perl, libmouse-perl, libplack-perl, - liburi-perl + liburi-perl, + libwww-perl Recommends: libapache-session-browseable-perl, libdbi-perl, + libhttp-parser-xs-perl, + libjson-xs-perl, liblwp-protocol-https-perl Suggests: libconvert-base32-perl, libnet-ldap-perl, @@ -219,81 +312,3 @@ Description: Lemonldap::NG common files Lemonldap::NG::Common contains common files used by other Lemonldap::NG modules. -Package: liblemonldap-ng-manager-perl -Architecture: all -Depends: ${misc:Depends}, - ${perl:Depends}, - libconvert-pem-perl, - libcrypt-openssl-rsa-perl, - liblemonldap-ng-common-perl (= ${binary:Version}), - liblemonldap-ng-handler-perl (= ${binary:Version}), - libmouse-perl, - libwww-perl -Recommends: lemonldap-ng-doc (= ${binary:Version}), - libapache-session-browseable-perl, - lemonldap-ng-fastcgi-server (= ${binary:Version}) | libapache2-mod-fcgid | libapache2-mod-fastcgi, - libjson-xs-perl, - libhttp-parser-xs-perl, - liblwp-protocol-https-perl, - libxml-libxml-perl, - libxml-libxslt-perl, - libxml-simple-perl -Suggests: libclone-perl -Pre-Depends: debconf -Description: Lemonldap::NG manager part - Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies - or directly on application webservers. It can be used in conjunction with - OpenID-Connect, CAS and SAML systems as identity or service provider. It can - also be used as proxy between those federation systems. - . - It manages both authentication and authorization and provides headers for - accounting. So you can have a full AAA protection. Authorization are built by - associating a regular expression and a rule. Regular expression is applied on - the requested URL and the rule calculates if the user is authorized. - . - Lemonldap::NG::Manager provides the administration interface. - -Package: liblemonldap-ng-portal-perl -Architecture: all -Depends: ${misc:Depends}, - ${perl:Depends}, - nginx | apache2 | httpd-cgi, - libclone-perl, - liblemonldap-ng-handler-perl (= ${binary:Version}), - libregexp-assemble-perl -Recommends: libcrypt-openssl-bignum-perl, - libemail-sender-perl (>=1.300027) | libemail-sender-transport-smtps-perl, - libmime-tools-perl, - libnet-ldap-perl, - libstring-random-perl, - libunicode-string-perl, - libwww-perl -Suggests: libauthcas-perl, - libcrypt-u2f-server-perl, - libdbi-perl, - libgd-securityimage-perl, - libglib-perl, - libimage-magick-perl, - liblasso-perl, - libnet-facebook-oauth2-perl, - libnet-openid-consumer-perl, - libnet-openid-server-perl, - libnet-oauth-perl, - libsoap-lite-perl, - libweb-id-perl, - liblwp-protocol-https-perl, - slapd -Pre-Depends: debconf -Description: Lemonldap::NG authentication portal part - Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies - or directly on application webservers. It can be used in conjunction with - OpenID-Connect, CAS and SAML systems as identity or service provider. It can - also be used as proxy between those federation systems. - . - It manages both authentication and authorization and provides headers for - accounting. So you can have a full AAA protection. Authorization are built by - associating a regular expression and a rule. Regular expression is applied on - the requested URL and the rule calculates if the user is authorized. - . - Lemonldap::NG::Portal provides the authentication portal. - diff --git a/debian/liblemonldap-ng-handler-perl.install b/debian/liblemonldap-ng-handler-perl.install index 77d8c4a3f..775993fd3 100644 --- a/debian/liblemonldap-ng-handler-perl.install +++ b/debian/liblemonldap-ng-handler-perl.install @@ -4,3 +4,4 @@ /usr/share/man/man3/Lemonldap::NG::Handler* /usr/share/man/man3/Plack::Middleware::Auth::LemonldapNG* /usr/share/lemonldap-ng/bin/purgeLocalCache +/usr/share/lemonldap-ng/llng-server/llng-server.psgi diff --git a/debian/rules b/debian/rules index 4a903d719..4e66ec818 100755 --- a/debian/rules +++ b/debian/rules @@ -48,6 +48,7 @@ override_dh_auto_install: APACHEGROUP=www-data \ DEFDOCDIR=/usr/share/doc/lemonldap-ng-doc \ FRDOCDIR=/usr/share/doc/lemonldap-ng-fr-doc \ + UWSGIYAMLDIR=/etc/uwsgi/apps-available \ PROD=yes $(MAKE) install_fr_doc_site \ DESTDIR=$(CURDIR)/debian/tmp \ diff --git a/fastcgi-server/uwsgi/llng-server.yaml b/fastcgi-server/uwsgi/llng-server.yaml index 9cfd492f1..ea1a4c4ea 100644 --- a/fastcgi-server/uwsgi/llng-server.yaml +++ b/fastcgi-server/uwsgi/llng-server.yaml @@ -1,5 +1,5 @@ uwsgi: plugins: psgi socket: 127.0.0.1:5000 - psgi: /TODO/macro/to/llng-server.psgi + psgi: __APPDIR__/llng-server.psgi master: true