From 5bf32b49d5e93e490b52945151ad3d71b72e7a7e Mon Sep 17 00:00:00 2001 From: WizaXxX Date: Sun, 5 Apr 2020 21:21:05 +0300 Subject: [PATCH] new images and other files --- .gitignore | 5 +- certs/fullchain.pem | 58 +++++++ certs/privkey.pem | 28 ++++ docker-compose.yml | 153 +++++++++---------- images/core/conf/logcfg.xml | 12 +- images/core/entrypoint.sh | 118 +++++++------- images/db/entrypoint.sh | 24 +-- images/nginx/Dockerfile | 16 ++ images/nginx/conf/1c_app.conf | 2 + images/nginx/conf/1c_common.conf | 7 + images/nginx/conf/1c_error.conf | 6 + images/nginx/conf/1c_error_openid.conf | 5 + images/nginx/conf/1c_error_site.conf | 2 + images/nginx/conf/1c_keepalive.conf | 2 + images/nginx/conf/1c_upstream.conf | 15 ++ images/nginx/conf/conf.d/local-ssl.conf | 123 +++++++++++++++ images/nginx/conf/conf.d/local.conf | 8 + images/nginx/conf/nginx.conf | 41 +++++ images/nginx/entrypoint.sh | 17 +++ install.py | 18 +-- modules/forum.py | 6 +- modules/nginx.py | 11 ++ other_files/cfe/api_1cfresh.cfe | Bin 0 -> 17982 bytes other_files/cfe/disable.epf | Bin 0 -> 5800 bytes other_files/cfe/params.json | 37 +++++ other_files/cfe/УправлениеМС.cfe | Bin 0 -> 7458 bytes other_files/psql-scripts/CreateDB_forum.psql | 4 + other_files/psql-scripts/CreateDB_site.psql | 4 + other_files/vrd/extreg.vrd | 11 ++ other_files/vrd/openid.vrd | 13 ++ other_files/vrd/sessioncontrol.vrd | 13 ++ other_files/vrd/withzone.vrd | 16 ++ other_files/vrd/zoneless.vrd | 12 ++ start.py | 62 ++++++++ 34 files changed, 683 insertions(+), 166 deletions(-) create mode 100644 certs/fullchain.pem create mode 100644 certs/privkey.pem create mode 100644 images/nginx/Dockerfile create mode 100644 images/nginx/conf/1c_app.conf create mode 100644 images/nginx/conf/1c_common.conf create mode 100644 images/nginx/conf/1c_error.conf create mode 100644 images/nginx/conf/1c_error_openid.conf create mode 100644 images/nginx/conf/1c_error_site.conf create mode 100644 images/nginx/conf/1c_keepalive.conf create mode 100644 images/nginx/conf/1c_upstream.conf create mode 100644 images/nginx/conf/conf.d/local-ssl.conf create mode 100644 images/nginx/conf/conf.d/local.conf create mode 100644 images/nginx/conf/nginx.conf create mode 100644 images/nginx/entrypoint.sh create mode 100644 modules/nginx.py create mode 100755 other_files/cfe/api_1cfresh.cfe create mode 100755 other_files/cfe/disable.epf create mode 100755 other_files/cfe/params.json create mode 100755 other_files/cfe/УправлениеМС.cfe create mode 100755 other_files/psql-scripts/CreateDB_forum.psql create mode 100755 other_files/psql-scripts/CreateDB_site.psql create mode 100755 other_files/vrd/extreg.vrd create mode 100755 other_files/vrd/openid.vrd create mode 100755 other_files/vrd/sessioncontrol.vrd create mode 100755 other_files/vrd/withzone.vrd create mode 100755 other_files/vrd/zoneless.vrd create mode 100644 start.py diff --git a/.gitignore b/.gitignore index c660585..d284bd3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ __pycache__/ .DS_Store -**/.DS_Store \ No newline at end of file +**/.DS_Store +artifact/ +workdir +workdir/ \ No newline at end of file diff --git a/certs/fullchain.pem b/certs/fullchain.pem new file mode 100644 index 0000000..910ed53 --- /dev/null +++ b/certs/fullchain.pem @@ -0,0 +1,58 @@ +-----BEGIN CERTIFICATE----- +MIIFXjCCBEagAwIBAgISA/0Y9eqyjc+dSQJD51AdjjTXMA0GCSqGSIb3DQEBCwUA +MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD +ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDA0MDUxNTI1NTRaFw0y +MDA3MDQxNTI1NTRaMBgxFjAUBgNVBAMMDSouMWNmcmVzaC5kZXYwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjcvx0iv45e9qda8PZuXf5j7hg5OK9DFZd +hU18hor1bGcBON7IXEI5OWrU6//AujpGFQlZxEeAkkQ6DdTzd/eAc5LQ6qGvmV2r +b66O+Jp7twRfjf0kG66S/wDi1pXlFpKiqmBpEBlN+M4qXP6vLK6K6EaSPzfXnjvl +/J7nuctJpfW8Zdc0HqVYE1vGFJP6Q0qZ2cxj3FYfoyFIHrzkEL8wdQwH7n0VeMbo +iAMPwhD6fYYiKXPI16w8j+8ehWlm/oAnJ2q2DSlkrtU4H2/j37Ab60bbRadd+QPr +sYtrTrWY3qLpMxt4Mph7n+xVY/n0eCZ8sZupBz3faHp+AbRUuk4JAgMBAAGjggJu +MIICajAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF +BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCe7HK4P0XG8GTCRwc+/as6MDhC6 +MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMw +YTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9y +ZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y +Zy8wJQYDVR0RBB4wHIINKi4xY2ZyZXNoLmRldoILMWNmcmVzaC5kZXYwTAYDVR0g +BEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0 +cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8A +dgBep3P531bA57U2SH3QSeAyepGaDIShEhKEGHWWgXFFWAAAAXFLKavlAAAEAwBH +MEUCIEziiVxkpjVL6Ks0sfAUZcTroz4AQyYKth9ignRXH2RrAiEArXdHh/m6CN0Z +ch4YDM5kspsV6mtk2o8XUgvvELX7RXIAdQAHt1wb5X1o//Gwxh0jFce65ld8V5S3 +au68YToaadOiHAAAAXFLKawQAAAEAwBGMEQCIFHHWrsk/3C+BYPz42304HIlisBc +xxd5SeXrkmXFYJgUAiAhppE3MxPnqmLxF7H4zjfN2H/uPcXWmQ0PiOZx5SwKNzAN +BgkqhkiG9w0BAQsFAAOCAQEAU6qqdqopw1fT/5WJ2Kx2AyBgzQyXSOHG64LsERQA +ZZ/hxscqi4Tc3VahrxNSq/ZFQvaenDF9yWj6AYWsyKbZbd2Bz/r7v7Br9qyDs8W2 +ozOgpcwB96Ph5lnM9XrQGXE9Oq0bnRpGz7mu/g9RGZ4fMRGlsS00UriDB41x892L +stW3OgHdWQIpCZkm4supUbGOrUF9fDHH5DsT1jiwG7pCPzQUJOujyzTmeC/OhfoH +XgfsMyO9TjdxY/dWI9zEWiKMqxtk/M8e1FGNOz4rtW1yLlhSAeawR8bTC82PfgCc +boIZ7tKxmTSbqZWGb2Fe9oD3AHqgKUNvVwlmgR802DFXhA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow +SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT +GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF +q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 +SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 +Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA +a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj +/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T +AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG +CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv +bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k +c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw +VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC +ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz +MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu +Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF +AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo +uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ +wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu +X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG +PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 +KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/certs/privkey.pem b/certs/privkey.pem new file mode 100644 index 0000000..deaff6f --- /dev/null +++ b/certs/privkey.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCjcvx0iv45e9qd +a8PZuXf5j7hg5OK9DFZdhU18hor1bGcBON7IXEI5OWrU6//AujpGFQlZxEeAkkQ6 +DdTzd/eAc5LQ6qGvmV2rb66O+Jp7twRfjf0kG66S/wDi1pXlFpKiqmBpEBlN+M4q +XP6vLK6K6EaSPzfXnjvl/J7nuctJpfW8Zdc0HqVYE1vGFJP6Q0qZ2cxj3FYfoyFI +HrzkEL8wdQwH7n0VeMboiAMPwhD6fYYiKXPI16w8j+8ehWlm/oAnJ2q2DSlkrtU4 +H2/j37Ab60bbRadd+QPrsYtrTrWY3qLpMxt4Mph7n+xVY/n0eCZ8sZupBz3faHp+ +AbRUuk4JAgMBAAECggEAWDuQUJFfn0RexTARb40RWOTekV+9jnQEg0OciqZOiSHV +kPFUQjCbhyyZoQss6qsdHgvpGk48kwliTzx8Qln2f57kGGcwlQxjZlJJluBY9IPd +ln+dsUpIOQ3zOoDANgSzb6Atn0mTf2XaVUASNBoYtt+giP4bdQf0KbjvRwQi20Qg +klqugnLCKF3tnVhQnXgi/3spsdeLjku3tezGaPJD3/nTCkgiPrGme8xdwNu2Q3qB +5/DqbcL+EM2qKV12CtcQaj3lKA92fB4+cp7mr9Axo1DFiJdqTn8gemYsx4rr/qW5 +no/Cx37Z5GG8GXb3L/+ZEX5sgrENj4UBjMfLBu2oAQKBgQDVU2LMVEiaZ1NLmxus +ICqwWi1M6zoe+8uDedQc26eWmXUShKlQH2OaYVLBJgJ285vZGUJkGZUOIldOfmUH +BGlzSKuRSFPOn4ViGHr1yQ7tFBIemyurRxmp+/QcOqey0TvmNBCieZzOZR9SGt5R +dZ1Eu45H46bXQMcDRex/tcM2gQKBgQDEJV+3dmV8zNRWxNPXrGqKiNvi2FRuaSe8 +ILjX8PX3wjdd/jQjURXJqFfoRwaubJZLV/zTK9ASIMsm9tFxPvU9BfnzWUji+MPH +JLKxmcnvVXXI0ylvQqQFvYCDE7XC7miv2qa5mqRs4KdbEBxTA+v+rTaeZXyIewoQ +Q89kiI6jiQKBgQCLslh/oC4PVtyYJVHgzQvHgrYpqdzcz109kvlRkJJVr9aXsuJB +gtyyC0urCp4QkYUcjUsJzCrtH5X25BR6nOwFP7CCqk+ffp1VWNykue6ZWExpWIon +Vp86zrDUD6EkG5rTLIM8MtF544S4OrodtByyFvScpTrruRLaVN8D3t6ggQKBgQCa +O70pGPsyiCnL1NezNotMRdOJa4vwidVJ0/0lJ/9xg5Ff4nyC7MaSHEKLjhYN36rK +sfRG5KOnLYwxJlGIl/XktydVF/b9KplfpVax2nj0LiIA+TISn7c0IE/GQiBhmHBP +H0KMnbH/PyO5slBjYqkWSIOzR6AF/aHrKjcRGWP36QKBgBwka1MwT1DMvXEKkqSP +2qQFV2vIBZwwVX2yULo7UQu16vc6zdzNay/6rG9+JKGV+em5tXBjgy5ghkAIUXuk +/f97ixeI1uqx3f2+sO9rE7xwZY1rlH4fhiqRQdAQdnIraWL4juetRtzUljmtFYEf +AmVv7T300CBFZYLzSEBRu0Km +-----END PRIVATE KEY----- \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index e32d20f..f62f0b4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,24 +3,60 @@ version: '3.6' services: db: - image: registry.1c709.ru/docker/postgres-pro - hostname: db.ikoz.1c709.ru - container_name: db.ikoz.1c709.ru + image: fresh/db + hostname: db.HOSTNAMEREPLACE + container_name: db.HOSTNAMEREPLACE volumes: - ./artifact/db/data:/var/lib/1c/pgdata + - ./mnt:/mnt + + nginx: + image: fresh/nginx + hostname: nginx.HOSTNAMEREPLACE + container_name: nginx.HOSTNAMEREPLACE + networks: + default: + aliases: + - HOSTNAMEREPLACE + environment: + - SITE_HOST=site.HOSTNAMEREPLACE + - BACKEND_HOST=web.HOSTNAMEREPLACE + - GATE_HOST=gate.HOSTNAMEREPLACE + - HOSTNAME=HOSTNAMEREPLACE + ports: + - 80:80 + - 443:443 + volumes: + - ./nginx_conf/1c_app.conf:/etc/nginx/1c_app.conf + - ./nginx_conf/1c_common.conf:/etc/nginx/1c_common.conf + - ./nginx_conf/1c_error.conf:/etc/nginx/1c_error.conf + - ./nginx_conf/1c_error_openid.conf:/etc/nginx/1c_error_openid.conf + - ./nginx_conf/1c_error_site.conf:/etc/nginx/1c_error_site.conf + - ./nginx_conf/1c_keepalive.conf:/etc/nginx/1c_keepalive.conf + - ./nginx_conf/1c_upstream.conf:/etc/nginx/1c_upstream.conf + - ./nginx_conf/nginx.conf:/etc/nginx/nginx.conf + - ./nginx_conf/conf.d/local-ssl.conf:/etc/nginx/conf.d/local-ssl.conf + - ./nginx_conf/conf.d/local.conf://etc/nginx/conf.d/local.conf + - ./mnt:/mnt + - ../certs/fullchain.pem:/etc/pki-custom/fullchain.crt + - ../certs/privkey.pem:/etc/pki-custom/privkey.key + - ../images/site/distr/site/media:/var/www/content/media/ + depends_on: + - site + - forum srv: - image: registry.1c709.ru/docker/core:8.3.14.1993 - hostname: srv.ikoz.1c709.ru - container_name: srv.ikoz.1c709.ru + image: fresh/core + hostname: srv.HOSTNAMEREPLACE + container_name: srv.HOSTNAMEREPLACE command: srv+cli volumes: - ./artifact/srv/data:/var/lib/1c/data - ./artifact/srv/log:/var/log/1c - - ./artifact/mnt:/mnt - #- ./conf/nethasp.ini:/opt/1C/v8.3/x86_64/conf/nethasp.ini - - ./conf/logcfg.xml:/opt/1C/v8.3/x86_64/conf/logcfg.xml + - ./mnt:/mnt - /tmp/.aksusb:/tmp/.aksusb + - ../images/core/conf/logcfg.xml:/opt/1C/v8.3/x86_64/conf/logcfg.xml + ports: - 1540-1541:1540-1541 - 1538:1538 @@ -31,100 +67,61 @@ services: - db ras: - image: registry.1c709.ru/docker/core:8.3.14.1993 - hostname: ras.ikoz.1c709.ru - container_name: ras.ikoz.1c709.ru + image: fresh/core + hostname: ras.HOSTNAMEREPLACE + container_name: ras.HOSTNAMEREPLACE command: /opt/1C/v8.3/x86_64/ras cluster --port=1545 srv:1540 volumes: - ./artifact/ras/log:/var/log/1c - - ./conf/logcfg.xml:/opt/1C/v8.3/x86_64/conf/logcfg.xml + - ./mnt:/mnt + - ../images/core/conf/logcfg.xml:/opt/1C/v8.3/x86_64/conf/logcfg.xml ports: - 1545:1545 web: - image: registry.1c709.ru/docker/core:8.3.14.1993 - hostname: web.ikoz.1c709.ru - container_name: web.ikoz.1c709.ru + image: fresh/core + hostname: web.HOSTNAMEREPLACE + container_name: web.HOSTNAMEREPLACE command: web - labels: - - "traefik.enable=true" - - "traefik.http.routers.web.entrypoints=web" - - "traefik.http.routers.web.rule=Host(`ikoz.1c709.ru`) && PathPrefix(`/a/adm`, `/a/openid`)" - #- "traefik.http.middlewares.web-https-redirect.redirectscheme.scheme=https" - - "traefik.http.routers.web.middlewares=https-redirect" - - "traefik.http.routers.web-secure.entrypoints=websecure" - - "traefik.http.routers.web-secure.rule=Host(`ikoz.1c709.ru`) && PathPrefix(`/a/adm`, `/a/openid`)" - - "traefik.http.routers.web-secure.tls=true" - - "traefik.http.routers.web-secure.tls.certresolver=myresolver" - - "traefik.http.routers.web-secure.service=web" - - "traefik.http.services.web.loadbalancer.server.port=80" volumes: - ./artifact/web/log:/var/log/1c - - ./artifact/mnt:/mnt + - ./mnt:/mnt depends_on: - srv site: - image: registry.1c709.ru/docker/site - hostname: site.ikoz.1c709.ru - container_name: site.ikoz.1c709.ru - labels: - - "traefik.enable=true" - - "traefik.http.routers.site.entrypoints=web" - - "traefik.http.routers.site.rule=Host(`ikoz.1c709.ru`)" - #- "traefik.http.middlewares.site-https-redirect.redirectscheme.scheme=https" - - "traefik.http.routers.site.middlewares=https-redirect" - - "traefik.http.routers.site-secure.entrypoints=websecure" - - "traefik.http.routers.site-secure.rule=Host(`ikoz.1c709.ru`)" - - "traefik.http.routers.site-secure.tls=true" - - "traefik.http.routers.site-secure.tls.certresolver=myresolver" - - "traefik.http.routers.site-secure.service=site" - - "traefik.http.services.site.loadbalancer.server.port=8080" + image: fresh/site + hostname: site.HOSTNAMEREPLACE + container_name: site.HOSTNAMEREPLACE volumes: - ./artifact/site/searchIndex:/var/www/content/searchIndex - ./artifact/site/site_files:/var/www/content/site_files - - ./artifact/mnt/media:/var/www/content/media/ + - ./mnt:/mnt + - ../distr/postgresql.jar:/usr/local/tomcat/lib/postgresql.jdbc4.jar + - ../images/site/conf/context.xml:/usr/local/tomcat/conf/context.xml + - ../images/site/conf/server.xml:/usr/local/tomcat/conf/server.xml + - ../images/site/distr/site/media:/var/www/content/media/ depends_on: - db forum: - image: registry.1c709.ru/docker/forum - hostname: forum.ikoz.1c709.ru - container_name: forum.ikoz.1c709.ru - labels: - - "traefik.enable=true" - - "traefik.http.routers.forum.entrypoints=web" - - "traefik.http.routers.forum.rule=Host(`ikoz.1c709.ru`) && PathPrefix(`/forum`)" - - "traefik.http.routers.forum.middlewares=https-redirect" - - "traefik.http.routers.forum-secure.entrypoints=websecure" - - "traefik.http.routers.forum-secure.rule=Host(`ikoz.1c709.ru`) && PathPrefix(`/forum`)" - - "traefik.http.routers.forum-secure.tls=true" - - "traefik.http.routers.forum-secure.tls.certresolver=myresolver" - - "traefik.http.routers.forum-secure.service=forum" - - "traefik.http.services.forum.loadbalancer.server.port=8080" - #- "traefik.http.middlewares.forum-replacepath.stripprefix.prefixes=/forum" - #- "traefik.http.middlewares.forum-replacepath.replacepath.path=/forum" - - "traefik.http.routers.forum-secure.middlewares=forum-replacepath" + image: fresh/forum + hostname: forum.HOSTNAMEREPLACE + container_name: forum.HOSTNAMEREPLACE volumes: - ./artifact/forum:/var/www/forum/mess_files + - ./mnt:/mnt + - ../distr/postgresql.jar:/usr/local/tomcat/lib/postgresql.jdbc4.jar + - ../images/forum/conf/context.xml:/usr/local/tomcat/conf/context.xml + - ../images/forum/conf/server.xml:/usr/local/tomcat/conf/server.xml depends_on: - db gate: - image: registry.1c709.ru/docker/gate - hostname: gate.ikoz.1c709.ru - container_name: gate.ikoz.1c709.ru + image: fresh/gate + hostname: gate.HOSTNAMEREPLACE + container_name: gate.HOSTNAMEREPLACE + volumes: + - ./mnt:/mnt depends_on: - - srv - - #agent: - #image: registry.1c709.ru/docker/core:8.3.14.1993 - #hostname: agent.ikoz.1c709.ru - #container_name: agent.ikoz.1c709.ru - #command: agent - #volumes: - #- ./artifact/agent:/var/lib/1c/agent_data - #environment: - #- INFOBASECONNECTIONSTRING="Srvr=srv.ikoz.1c709.ru;Ref=sm" - #ports: - # - 1543:1543 + - srv \ No newline at end of file diff --git a/images/core/conf/logcfg.xml b/images/core/conf/logcfg.xml index c37b6ce..3583b1a 100644 --- a/images/core/conf/logcfg.xml +++ b/images/core/conf/logcfg.xml @@ -1,9 +1,17 @@ - + + - \ No newline at end of file + + + + + + + + diff --git a/images/core/entrypoint.sh b/images/core/entrypoint.sh index 793bfb4..681c2e5 100644 --- a/images/core/entrypoint.sh +++ b/images/core/entrypoint.sh @@ -1,60 +1,60 @@ -#!/bin/bash - -set -e - -if [ "$1" = 'srv' ] -then - chown -R usr1cv8:grp1cv8 ${COREDATA} ${CORELOGS} - exec gosu usr1cv8 /opt/1C/v8.3/x86_64/ragent -debug -http /d ${COREDATA} -elif [ "$1" = 'srv+cli' ] -then - ulimit -c unlimited - chown -R usr1cv8:grp1cv8 ${COREDATA} ${CORELOGS} - exec gosu usr1cv8 /opt/1C/v8.3/x86_64/ragent -debug -http /d ${COREDATA} & - status=$? - if [ $status -ne 0 ]; then - echo "Failed to start ragent: $status" - exit $status - fi - exec /usr/bin/Xvfb :99 -screen 0 1680x1050x24 -shmem & - exec metacity --display=:99 & - exec /usr/bin/x11vnc & - status=$? - if [ $status -ne 0 ]; then - echo "Failed to start Xvfb: $status" - exit $status - fi - while sleep 60; do - ps aux | grep [r]agent - RAGENT_STATUS=$? - ps aux | grep [Xvfb] - XVFB_STATUS=$? - if [ $RAGENT_STATUS -ne 0 -o $XVFB_STATUS -ne 0 ]; then - echo "One of the processes has already exited." - exit 1 - fi - done -elif [ "$1" = 'ras' ] -then - chown -R usr1cv8:grp1cv8 ${CORELOGS} - exec gosu usr1cv8 /opt/1C/v8.3/x86_64/ras cluster -elif [ "$1" = 'cli' ] -then - chown -R usr1cv8:grp1cv8 ${CORELOGS} - exec /usr/bin/Xvfb :99 -screen 0 1680x1050x24 -shmem & - exec metacity --display=:99 & - exec /usr/bin/x11vnc -elif [ "$1" = 'web' ] -then - chown -R usr1cv8:grp1cv8 ${CORELOGS} - rm -rf /run/httpd/* /tmp/httpd* - unset HOME - exec httpd -DFOREGROUND -elif [ "$1" = 'agent' ] -then - chown -R usr1cv8:grp1cv8 ${COREDATA} ${CORELOGS} ${AGENTBASEDIR} - exec /usr/bin/Xvfb :99 -screen 0 1680x1050x24 -shmem & - exec /opt/1C/v8.3/x86_64/1cv8 DESIGNER /AgentMode /IBConnectionString "${INFOBASECONNECTIONSTRING}" /AgentBaseDir "${AGENTBASEDIR}" /AgentSSHHostKey "/id_rsa.key" /Visible /AgentListenAddress 0.0.0.0 -fi - +#!/bin/bash + +set -e + +if [ "$1" = 'srv' ] +then + chown -R usr1cv8:grp1cv8 ${COREDATA} ${CORELOGS} + exec gosu usr1cv8 /opt/1C/v8.3/x86_64/ragent -debug -http /d ${COREDATA} +elif [ "$1" = 'srv+cli' ] +then + ulimit -c unlimited + chown -R usr1cv8:grp1cv8 ${COREDATA} ${CORELOGS} + exec gosu usr1cv8 /opt/1C/v8.3/x86_64/ragent -debug -http /d ${COREDATA} & + status=$? + if [ $status -ne 0 ]; then + echo "Failed to start ragent: $status" + exit $status + fi + exec /usr/bin/Xvfb :99 -screen 0 1680x1050x24 -shmem & + exec metacity --display=:99 & + exec /usr/bin/x11vnc & + status=$? + if [ $status -ne 0 ]; then + echo "Failed to start Xvfb: $status" + exit $status + fi + while sleep 60; do + ps aux | grep [r]agent + RAGENT_STATUS=$? + ps aux | grep [Xvfb] + XVFB_STATUS=$? + if [ $RAGENT_STATUS -ne 0 -o $XVFB_STATUS -ne 0 ]; then + echo "One of the processes has already exited." + exit 1 + fi + done +elif [ "$1" = 'ras' ] +then + chown -R usr1cv8:grp1cv8 ${CORELOGS} + exec gosu usr1cv8 /opt/1C/v8.3/x86_64/ras cluster +elif [ "$1" = 'cli' ] +then + chown -R usr1cv8:grp1cv8 ${CORELOGS} + exec /usr/bin/Xvfb :99 -screen 0 1680x1050x24 -shmem & + exec metacity --display=:99 & + exec /usr/bin/x11vnc +elif [ "$1" = 'web' ] +then + chown -R usr1cv8:grp1cv8 ${CORELOGS} + rm -rf /run/httpd/* /tmp/httpd* + unset HOME + exec httpd -DFOREGROUND +elif [ "$1" = 'agent' ] +then + chown -R usr1cv8:grp1cv8 ${COREDATA} ${CORELOGS} ${AGENTBASEDIR} + exec /usr/bin/Xvfb :99 -screen 0 1680x1050x24 -shmem & + exec /opt/1C/v8.3/x86_64/1cv8 DESIGNER /AgentMode /IBConnectionString "${INFOBASECONNECTIONSTRING}" /AgentBaseDir "${AGENTBASEDIR}" /AgentSSHHostKey "/id_rsa.key" /Visible /AgentListenAddress 0.0.0.0 +fi + exec "$@" \ No newline at end of file diff --git a/images/db/entrypoint.sh b/images/db/entrypoint.sh index 5f3e5ac..a87e234 100644 --- a/images/db/entrypoint.sh +++ b/images/db/entrypoint.sh @@ -1,13 +1,13 @@ -#!/bin/bash - -set -e - -chown -R postgres:postgres "$PGDATA" - -if [ -z "$(ls -A "$PGDATA")" ]; then - gosu postgres ./initdb - echo "synchronous_commit = off" >> $PGDATA/postgresql.conf -fi - -command=$@ +#!/bin/bash + +set -e + +chown -R postgres:postgres "$PGDATA" + +if [ -z "$(ls -A "$PGDATA")" ]; then + gosu postgres ./initdb + echo "synchronous_commit = off" >> $PGDATA/postgresql.conf +fi + +command=$@ exec gosu postgres $command \ No newline at end of file diff --git a/images/nginx/Dockerfile b/images/nginx/Dockerfile new file mode 100644 index 0000000..20f4872 --- /dev/null +++ b/images/nginx/Dockerfile @@ -0,0 +1,16 @@ +FROM nginx:stable-alpine + +ENV HOSTNAME host.1cfresh.dev + +ENV SITE_HOST host.1cfresh.dev +ENV BACKEND_HOST host.1cfresh.dev +ENV GATE_HOST host.1cfresh.dev + +ENV WORKER_PROCESSES 2 + +COPY ./entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + +EXPOSE 80 443 + +ENTRYPOINT ["/bin/sh", "-c", "/entrypoint.sh"] diff --git a/images/nginx/conf/1c_app.conf b/images/nginx/conf/1c_app.conf new file mode 100644 index 0000000..424b4e3 --- /dev/null +++ b/images/nginx/conf/1c_app.conf @@ -0,0 +1,2 @@ +include 1c_common.conf; +proxy_set_header X-Forwarded-Port 443; diff --git a/images/nginx/conf/1c_common.conf b/images/nginx/conf/1c_common.conf new file mode 100644 index 0000000..3768a40 --- /dev/null +++ b/images/nginx/conf/1c_common.conf @@ -0,0 +1,7 @@ +proxy_connect_timeout 5s; +proxy_read_timeout 75; +proxy_next_upstream error; +proxy_set_header Host $host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto https; \ No newline at end of file diff --git a/images/nginx/conf/1c_error.conf b/images/nginx/conf/1c_error.conf new file mode 100644 index 0000000..08a9bd9 --- /dev/null +++ b/images/nginx/conf/1c_error.conf @@ -0,0 +1,6 @@ +if ($http_user_agent = 1CV8C) { + set $mode txt; +} + +error_page 407 410 411 413 414 415 416 500 501 502 503 504 505 /availability?url=$upstream_http_x_destination_id$request_uri&mode=$mode; +error_page 420 =404 /availability?url=$upstream_http_x_destination_id$request_uri&mode=$mode&code=420; diff --git a/images/nginx/conf/1c_error_openid.conf b/images/nginx/conf/1c_error_openid.conf new file mode 100644 index 0000000..c1347dd --- /dev/null +++ b/images/nginx/conf/1c_error_openid.conf @@ -0,0 +1,5 @@ +if ($http_user_agent = 1CV8C) { + set $mode txt; +} + +error_page 500 501 502 503 504 505 /availability?url=$scheme://$host$request_uri&mode=$mode; diff --git a/images/nginx/conf/1c_error_site.conf b/images/nginx/conf/1c_error_site.conf new file mode 100644 index 0000000..7cb4224 --- /dev/null +++ b/images/nginx/conf/1c_error_site.conf @@ -0,0 +1,2 @@ +error_page 404 /availability?url=$scheme://$host$request_uri&code=404; +error_page 400 401 402 403 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 /availability?url=$scheme://$host$request_uri; diff --git a/images/nginx/conf/1c_keepalive.conf b/images/nginx/conf/1c_keepalive.conf new file mode 100644 index 0000000..a5a89d5 --- /dev/null +++ b/images/nginx/conf/1c_keepalive.conf @@ -0,0 +1,2 @@ +proxy_http_version 1.1; +proxy_set_header Connection ""; diff --git a/images/nginx/conf/1c_upstream.conf b/images/nginx/conf/1c_upstream.conf new file mode 100644 index 0000000..20eb84f --- /dev/null +++ b/images/nginx/conf/1c_upstream.conf @@ -0,0 +1,15 @@ +upstream backend83 { + ip_hash; + keepalive 16; + server webwebweb:80; +} + +upstream gate { + ip_hash; + server gategategate:8080; +} + + +upstream upstream_availability { + server sitesitesite:8080; +} diff --git a/images/nginx/conf/conf.d/local-ssl.conf b/images/nginx/conf/conf.d/local-ssl.conf new file mode 100644 index 0000000..8147189 --- /dev/null +++ b/images/nginx/conf/conf.d/local-ssl.conf @@ -0,0 +1,123 @@ +server { + listen 443; + server_name hosthosthost; + + proxy_intercept_errors on; + + ssl on; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH; + ssl_prefer_server_ciphers on; + ssl_certificate /etc/pki-custom/fullchain.crt; + ssl_certificate_key /etc/pki-custom/privkey.key; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + + location @start { + rewrite ^(/a/[a-zA-Z0-9_]+/([0-9]+/)?).*$ $1 last; + } + + location /availability/ { + include 1c_common.conf; + recursive_error_pages on; + error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 500 501 502 503 504 505 /i/index.html; + proxy_pass http://upstream_availability; + } + + location /i { + alias /var/www/failover; + } + + + location ^~ /a/openid { + include 1c_common.conf; + include 1c_keepalive.conf; + include 1c_error_openid.conf; + proxy_pass http://backend83; + } + + location ^~ /a/adm/e1cib/start { + include 1c_app.conf; + include 1c_error.conf; + include 1c_keepalive.conf; + error_page 400 403 412 @start; + proxy_pass http://backend83; + } + + location ^~ /a/adm { + include 1c_app.conf; + include 1c_error.conf; + include 1c_keepalive.conf; + proxy_pass http://backend83; + } + + location ^~ /a/extreg { + include 1c_app.conf; + include 1c_error.conf; + include 1c_keepalive.conf; + proxy_pass http://backend83; + } + + location ^~ /a/wcib/hs { + include 1c_app.conf; + include 1c_error.conf; + keepalive_timeout 0; + proxy_pass http://backend83; + } + + location ^~ /a/httpextreg/hs { + include 1c_app.conf; + include 1c_error.conf; + keepalive_timeout 0; + proxy_pass http://backend83; + } + + location ^~ /a/wcibprivate/hs { + include 1c_app.conf; + include 1c_error.conf; + keepalive_timeout 0; + proxy_pass http://backend83; + } + + location ~* /a/\w+/\d+/e1cib/start { + include 1c_app.conf; + include 1c_error.conf; + error_page 400 403 412 @start; + proxy_pass http://gate; + } + + location ~* /a/\w+/\d+/\w+/e1cib/oid2rp { + include 1c_app.conf; + include 1c_error.conf; + error_page 400 403 404 412 @start; + proxy_pass http://gate; + } + + location ~* /a/\w+/\d+/ws { + include 1c_app.conf; + proxy_intercept_errors off; + proxy_pass http://gate; + } + + location ~* /a/\w+/\d+ { + include 1c_app.conf; + include 1c_error.conf; + proxy_pass http://gate; + } + + location / { + include 1c_common.conf; + include 1c_keepalive.conf; + include 1c_error_site.conf; + proxy_pass http://sitesitesite:8080; + } + + location /resources/images/content { + alias /var/www/content/media; + } + + location /extreg { + alias /var/www/extreg; + } + +} diff --git a/images/nginx/conf/conf.d/local.conf b/images/nginx/conf/conf.d/local.conf new file mode 100644 index 0000000..19af718 --- /dev/null +++ b/images/nginx/conf/conf.d/local.conf @@ -0,0 +1,8 @@ +server { + listen 80; + server_name hosthosthost; + + location / { + return 301 https://$server_name$request_uri; + } +} \ No newline at end of file diff --git a/images/nginx/conf/nginx.conf b/images/nginx/conf/nginx.conf new file mode 100644 index 0000000..951b67a --- /dev/null +++ b/images/nginx/conf/nginx.conf @@ -0,0 +1,41 @@ +user nginx; +worker_processes worker_processes_ENV; +worker_rlimit_nofile 10240; +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; + use epoll; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + gzip on; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + server_tokens off; + + proxy_buffering on; + proxy_buffer_size 32k; + proxy_buffers 20 512k; + proxy_connect_timeout 5; + proxy_max_temp_file_size 0; + + keepalive_timeout 300 300; + server_names_hash_max_size 4096; + server_names_hash_bucket_size 128; + client_max_body_size 4096m; + client_body_buffer_size 256k; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent ${request_time}ms "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for" set_cookie: "$sent_http_set_cookie"'; + access_log /var/log/nginx/access.log main; + + include /etc/nginx/1c_upstream.conf; + include /etc/nginx/conf.d/*.conf; +} diff --git a/images/nginx/entrypoint.sh b/images/nginx/entrypoint.sh new file mode 100644 index 0000000..15b555d --- /dev/null +++ b/images/nginx/entrypoint.sh @@ -0,0 +1,17 @@ +set -e + +sh -c "sed -i 's/hosthosthost/'"$HOSTNAME"'/' /etc/nginx/*.conf" +sh -c "sed -i 's/hosthosthost/'"$HOSTNAME"'/' /etc/nginx/conf.d/*.conf" + +sh -c "sed -i 's/worker_processes_ENV/'"$WORKER_PROCESSES"'/' /etc/nginx/nginx.conf" + +sh -c "sed -i 's/sitesitesite/'"$SITE_HOST"'/' /etc/nginx/*.conf" +sh -c "sed -i 's/sitesitesite/'"$SITE_HOST"'/' /etc/nginx/conf.d/*.conf" + +sh -c "sed -i 's/webwebweb/'"$BACKEND_HOST"'/' /etc/nginx/*.conf" + +sh -c "sed -i 's/gategategate/'"$GATE_HOST"'/' /etc/nginx/*.conf" + +exec sh -c "/usr/sbin/nginx -g 'daemon off;'" + +exec "$@" \ No newline at end of file diff --git a/install.py b/install.py index e797b23..b2ca4e3 100644 --- a/install.py +++ b/install.py @@ -1,6 +1,4 @@ import subprocess -import pathlib -import os import modules.site as site import modules.centos as centos @@ -8,18 +6,16 @@ import modules.db as db import modules.forum as forum import modules.core as core import modules.gate as gate - -sep = str(os.path.sep) -this_path = str(pathlib.Path().absolute()) + sep -distr_path = this_path + 'distr' + sep +import modules.nginx as nginx images = [] -# images.append(centos.New()) -# images.append(db.New()) -# images.append(site.New()) -# images.append(forum.New()) -# images.append(core.New()) +images.append(centos.New()) +images.append(db.New()) +images.append(site.New()) +images.append(forum.New()) +images.append(core.New()) images.append(gate.New()) +images.append(nginx.New()) print('Building start') for image in images: diff --git a/modules/forum.py b/modules/forum.py index f6c0c53..3d8a276 100644 --- a/modules/forum.py +++ b/modules/forum.py @@ -7,9 +7,9 @@ def add_forum_dir(command): def delete_forum_dir(): command = helper.new_docker_command('images/forum/distr') command.append('alpine') - command.append('rm') - command.append('-rf') - command.append('/out_files/forum') + command.append('sh') + command.append('-c') + command.append('"rm -rf /out_files/forum"') return command diff --git a/modules/nginx.py b/modules/nginx.py new file mode 100644 index 0000000..05d9309 --- /dev/null +++ b/modules/nginx.py @@ -0,0 +1,11 @@ +import modules.helper as helper + +class New(): + + name = '' + commands_before = [] + commands_after = [] + + def __init__(self): + self.name = 'nginx' + self.commands_before = [] \ No newline at end of file diff --git a/other_files/cfe/api_1cfresh.cfe b/other_files/cfe/api_1cfresh.cfe new file mode 100755 index 0000000000000000000000000000000000000000..cde63e6f55d33db016c0efd3986fdc8409fe9d8f GIT binary patch literal 17982 zcmeIZ1#BG4wlzF<%*<@Z%*@P=nK6c#8RMAQj+yP4nVFdxV`hw*nG^Fj&N=7mysM}G zT|Hgt>6dP|YHH8!n(mpNrCNLK+Wq?a>J0z|01yCwZ16CQzc+nO!rwhJBO@V)$sZdb zJPZSHXa%sn0zXy^4FFKW{9zlz0RRWU_U5ld1_0<${;*}y0Dwtgd-EUR0|4d(f7ro< z001P>A2vA&08k8UZ(}Zn0RUc+KWs}%0N@DN-u%!s06;jfz1gL7001@pAGRbT05Ak> zZ~lE|0KkIf5Btww^PleDd^yN2>V1D@wIFmce@M$5p0Pj{0n%4xkVT)lzso}QcQgK5=VVAi)VynO|8z=`46D1Z~{tc5Z&S5rt%hIvqYNXGj73^vu zAYMF1Zh#@v<|9LhrW2;7?bttCmeqnIc?s39v=6czONN~5q0{6P5F8>`c>u=(~o*q`DC|n!jHz^ zU@KThj#P=pbWR}F(dI?m$!!!PY1OaR@K)w`-nqd>GzXoL&BNaoxn@j$$o20)RJB%b zZs4oqfy~zl&%5;7F{MZ+ZyuItTXsZT(VQPvNYAVI!0t-en~>Ez9GGYM%cj|^kP3TY zBabzqTcyJR&&b)YRa;<<4c!KAOSh)i&LzT&HW% zI2DyE^l@V@6{W>zp<}V0=en&PvPw%RGKG4TsGD*J_{tg#Gqdtsw*(}xTK1P0!&uN3 zp^su}Pi>g7+zC%@6O{0re|bN#Ot4q#W!3SkrJQIgma2Y?GKSg7O6I~k^~;y}_D?^L z`S$~rrF<Lb3I(okWucSR9$+zWH_Er zeA)x0zJx$;H&gV&(LrVs?8Ca6gFuMzgbnb7!^T3KghAh61@zB7O&m2m+^`08-_tOIjCFS$5CYQkgJfvhnxVFzyT)P!f*bzR)^EO?yj9|>1 zW+};Nl%H>lw9m6SNp2g2&~gcQt!JIyv2Y5cEA~A-xPRwEUu61%U-WI)qq55v21;o1 z^WG16ZFj7im2Z7eD;tr*VsKp`;4%16_0T0o3My0&j!tkGO&xZyxjPA6ls*sp7mkKg z1E>>l2gMoU1qm3pp)nfDOatI-9L+&Tnn5g=;UJuAP1s;}u&bj1VLN?wT2~8`6GB0` zM>vt#G)d~n3`01m)gIf&1(AO1!)Dh-;jE1$vX?5K={Og$O$h_OxE@HD_o^Y+IRnDF zcs$N-LJBE$$u#Oq`Kv~j3e|Wm?_-u=ctusdXSB`z_$l!dj1at{u)n$T$@oJRFV@Is ztMS80rX(y{FDVb7&FdnDus8szp6hEv`4k2S!PED ze)4O5ZlR+J24Rq~H+q;53u-Y5o+V^y+3SY4R|P= z9jj4i*Wh3rGG6Xa|0qq}%+I>7t>4fA{uZ~CK{SzLi%m3k=Ma?|dnNDlZ-1~O)jc?z^vH&eE z;LZ;0P5#cj%uL3A#)UxRZ_HaCH(@g?2sdyZ|A0Wb&xY^L%aTC?3jKK-e)7qhMD2$v zu3RZUHY7oadY2@?T8az|oT>)J^67qt;m+gvY1hAXBn#Ux2tdhKL1 zvRaA4G^-%VNA?m)#Hc7>XbB~k;aR`D zjHuB&T0G<>Q*-nEy>DUJn-*=SLFN4i?xt5zarhwP zFY+@##U_Vs&ip$6YIIiXdCf(0>&ZS+FRcMe#*WCf!Dn7fPYwah(1!p9A^^(}3fAwl zo4;P#3$)*7Zh|va+|S$6H55cb2jq}?3c9RSZOS_ z7TO_@$m2kAs{K+H9ov}oMGU$)##z;oBj0j_!}92!QSFrCv(b1=?3P3tkDVF5e@duR z%`o_ndXrZi@n-Yg?YTp{w1M8!-rRd6laX$}+dM68N1nbckW5ZT{Fy~1T*n45NPQ>IoxawwBAtj4k0 z!^mF+FD*J>;|Id>mR==EljcLJ4kwSShpt(VbD%gG!kbkrr(UsRZto%ffnCr!8P*Y0w8dUl*qS$yz4AeiH zR>KD=2kJXawx3cejsl({Lo|{_no9l*kMlS$ zZ$l;iAQO!p>)mMk{_1u5Iqz9I9zMQK?L6%<^vEkI>c{(?4ArSI7O~gd*pNgb`*#b- zvtEJA?=4?Ei=607b5fI*-MzgMU9R%kj?WRjAD=^5&_OWI8Rw&YJPZV4Y_hB#R64f6H+QyW2 z`pbkpV3|+pNVGn{uEGx)rt|5<2Otd1bVR(r*bzz-3&e8voJv;1O){2DILcgpAds;- zq|PvX#QuitZgoWuhQOpW*Z9fvxaar?99$gm9tWR|E0x2{=s+JZ;H(8ue7COUa(0AI z!Bznw-{7fgYEK8yjrN0j^-SW|GZop9Hd61W*2vs)kJD*h-7QpgV9C%K27AtP2IQ97 zGRBwGDbji?6oIW(t+b@TY|tHygPryeSUFs__O{%AqcfF?ewE%3PzL3{Qm6mq@eZz6 z*H;C9n9D4gKgVq7q$jFsuJ;SR3$gQ1DrkC)FMU$EB&`yaa*s`E44-$#ndF5QWuAs) zOri`{Xqn0qtuCATQsYI1_*&a41P8l(EtiY{#;2{5rUt)G5x2hYZ6(_LJ<&Lv>h6OD zkXXmQ8N<7)A>iw5HAj;j67@(@@;=gnw>C}8SQ>h}wuD1V6LL-mL>eE;{GGFn`m6-y zG9>vTOCE1%ln{mk4vE;1L5587DtMyr6pWFe+YSSgp#mWvxIt?IWE{!-t2|3?zm6U->EF9kG8%}tMk1aQ-Dgl-9E%uBo?GKcGvoS#~L5~I@vp9 z9`jU|#CwY}4kHB>x@y9sch9vvqHpx z$xp8W!}3!?*^J^c8?wJ>RFB7=$we6prZs9}!f{pLYNCLjkRo7A4g)dun0lOohQ#z) zO8+@Gc{L3*8x8UllBzF$Q|1JmPjbhB3TKh=??USL5? zlwhV~FV5HxcXuLcop?utn2CyEtb~uQj`Mw(Erix{y_VXRl@8B@_D`vS6}Wr%EvjG) zUk`$-po}q1Xm4NuB3YRrUA5s`jcho67!fL*gMWi>vR^>2mAvVSzK5%QrZPFAf&Yip z$iSLmFqj`O2Wl$QlnKf<@L8T7A^$Ox{_Fai9mwGNzd7Cj7!Mc%d7csI zVF4=cw<*xvNF5%3r*@EtqwRUbI|Z3O$@XHiBDu0NxI|C$|g?{xRB z&qiQSug^vf215L`jApz0+fvgf}q_Xq}0CtZpE`w+5n>HXid?y$-u4P$?0iIR#{oCzWmtK zfnvi!+z@%jNBpL1Cnx1ma_^8JaF0PyKIH(b87Oiv9Jey ze~Gls&?7d5kk|{Zh=^$-3Qq%iN!un#n1fw08qC8=cw~U;P47P)@N(uCt(LH4`hO1l!MykYf#6dnLg3Y2ebREAvsrz zX|e9odSZX^4kbsXI^qq>EaOUPi73W2Ks^!B{G{n)pYFTKWWuAj1;NNxNX}#$?oX4k zNT?mHj6W2d9k@u9z2>pv=FmX}7h$gtA0FthLKe^A!Mr}5d)wF>` z8&?t38H;2UMYStEEUERB*K!Zw2Ji*FnP*<|>WFo}Hu*Lv>6b;15jPgNuGKsTlRLgv z>>-0xd~5CrV?9`#tQ;Xa@-X!7w<5oARU9@#$~IWCFE@>e1j+K& zP7~daR^5GE!i{joH6saAw{ZqjDS8YYh`j!&HY0VzPnSKRgP{i>d<0L3K^(0YbD66x z`#R3evwJOh8{nwLHh-Ys6(MMOrQT}aHW7ek`*Ss`vUuk*%i`{xKe8Z2F9#^pEEL3; zOsaRU)3}t4{~{wnszkxd{D#Ln*=D|jn#B>K*4It9mzbHT;u*xvO%mse1>Hkdfk6Ep8{eSWRP3B> z-ZdTEui)<6Dr9RuGb@qK8Cg%x4BEdGa4A1)^&iwnG3eI7d4a*X1YT&8ZiZNHCDepM znCV9n9z!US6T$INSjL@zS#`_WMEy8a8a(zk<~sd+oXFZba;?QHUh$*nq(W-OK4@Jd z2cLbx!X6$vT>Zzl*sk%|v)TB_o`HEZuI4qv2srTyij^ESem|Kkr3tobdgr);?+G!o z(B|eD(wTtV7`)c<8n%rjb*aWNi)6~>QF7dS6A@)=>rOJ0A$zSnL$hjgUyo7kv!hGC zrRsqw7&4Fg?37!3_$pd#6)T70hn-W{_o9YJq2=8fiey@bA?k6WGc+>i2yq>W@j9qF ztR1;}lBn?0Y~r}P@)i|z3_5zrvIqvL(IEHJu{VjMs`6-J{!_-5zsJWBe{b}_H-Z^@|CA|zDS~v9Ai9faet7ITedH! zSy0WjU?3{pX{k$#rLlPAxYMsrNUK4IcWU6sA)gn{c zg%G1U6fcjZE8f%7a@^OLm-el4c3U~YHA99G~MJqh(3Q~V1i2Nt9&hrP#1 zlXb_wZ>N%~V3Wp)m_FAwJ849zCe9#kTW+G>z!6!}J38!$1=VneilrfMntaT$en_c?B_ohfYEA%O+|c^xX=r)3GrYT+i8fB$l0zMklqxwWpj z4zGcc;GPmek0 zUk0aAPW)R)W3i=R`_R~~>5)VQDskt91l`xUHPzc-1mlKlbsL1*I-lI=xDWBynyKK3 zk0n=mvWHDtY2`~LZuZ|`D5uR(9@ykSpKrF{LlLF6`dkDCHx#S3H=sV)Ir5zEcD%0c z3o*DB9i2Pg)gkGu1vWYbrhh7&u-s@NR8sxAvX+1{4=yCfu^tggaH_?@bu&fgD72_< z=)f8Ob1uf2Wn}dj98-m_wf$>zSO)?&9Iuo6wjc4frjgjud%AQeodLPdzx!cJ0vi)hFc|(82V6jDzz*F1NFcHU#lqXtojy=9yordnWZ@qv zMz-HQ8}Pl!e@(zJa{Re;_fHGUbYUaV@0j33&wW`pYr$f@t4Cr^n|uW2!Vsl#B(d-D zru}pzHG?^5-}M^0Tzh(B1a9kRmpc&$2f{6+F+!YA#R}+0+Ye}miK_R_Nx`dhMy+TJ zF6%x|Wgfj|)PiPIONPlc=YSng+M}Q`gAbF1=G0D%W)*rhmq5&V{h!Cp|M>!c<>%hk zlm93{_@5V+-wHYdw*>Z^Y<-isZ|OtE-{{l_B9jw1;!W5Z{vKfh9Q%e( zw%`8$k{)E_)c+raZIV9{1oyC{xygrty@VDj@(;r;QROIFf1yltX z0}%f#YfZEl-Sr3i8(?|pf%+C#!lttdq_1@mF)q0XjOk->k&2}Fa5bSaNQo>+5mFF4 zcolyZos=LXh&9V3(=13cJd7`B{eO`1e{u)@7sB@6h0cExwygRre<1YD_`9%GAG5?2 zM_X^AfV~l*<8Qaz9Djga;$(OOv@vuX+*ogSv-_jp2wF^ zu}i7xS$4zFc8_R3#K-k>>t!wV(qch#DU_DX*C-%wDcSY>dC&97WN%|*qk+xfqbcok zpCOeid1v+Wz`~b@>g{TpBzw&Dcfrr_)e9soo|I1X#*Yy`i>0p>&kxV}$j7Ic=J)%i zYnoMiW&P1}vuW0OB3rgc<*B-n@{xrDs3DiLX7Mdbj4iT$(z~VXY|i9SKMNtKs@V8tWGMy&(^$YHX%3)qBqQC1R9{~%9#DE8 zc6_hVTxom+Q%;@rdtq)zN~K+{JH&4JIkj7r1{H+>VTD|Yu2!a&MXVJ6or28-{vo@F zN+jENod8t=wXRrAY}$|l;3v%nFSuLiCC8xMK3eo%XiU1^tAm5fO{$+iFZAGxPr^cD zctg-D?=e*ot^7GjE3?}219<1@Ny^hv+PJy7e=Q9`Edx^{(Cd^?R!sO1zEj&UiW+&ZF&<%PV zl2O%CcjK^^(U85y-VagG%YA|(ygN0OSjYt|H92R#&w<~`3I-tz#%aS^16VbtvE#1% zNX0+S&Xb;zZFd)rf=fiC-SoW1E_V)>EV!Wc^^`Q@!ASJ*O?4x0bu1(Myh<5a;x$W% znxrLGg_Vs-P3n|9gd@p_3_}mc7^O0IsR`s&GMG$bnwri?ORu7PyeDu5FBer@R75-P zF?y%dEeK5)T!#4R_#@@@~cyqJ@|DnD|-G^xQ>F;3)L(QpwsR@JhQ8&7%SmG{N1)U@4I#hlxzvVm;JVa{XM+-{1kH@|9lqs#4&ax6 z{}n8oq<$m${`ednyJ@B>I`}M!$z6zjplc zDTn64mv)RLxi#$EYvYN|UE09SFXKH9Dp>&`XlpyPELw%%Cy!q${&(c@J2E5GxJm6L z?0V~Ij*2XUHDd}$j!QbeGN zGXiOv5lG_3zv-M6NZfCgVQ&;~2&DD5jP+Yc%JMq^W&6F(%?R|q1p;q@DHm`&$8XN~ z>+%MFCMW+X0R4OJItdIJ0+_olmW057C@$V>A*YfAlKk+1WDADLKygb!0R)63`3H=U z1ggD%k>tJg#{DfP7wJdt*3n)O0c2tQ#Z-M3KD3Rfl z4f@G|7frzk_S#{U+vy{=EWrqpv-kRrtAaj^W?@KRfo6lifr4B7C-41l3twmPawaB zvqHyGj*5-wp+VB6U!sqD2Ho-X+@!n9vckx$h<-|HHa)w49d{nQZWGx=H4r{Pzeu&{ zH;JfV{5CxT^(#>?wtKt#6xpVdpU%6fUpANKrim_1o{oXxp>J^9Qp74WZt-Zuq98od zIrCAgwmmbrkJyA1D?AC(F*!mhS-V6zg4UImp~%0I{EqvMIx{BXT$_>?^Fn@_FY`Ms zpSPhiaz1gr(RdPvU!3?P2HQ|}Ag}O69rG7sZcekZHeSW|2y5`Jp&ASdriA-N;ViJ# z%@?djkUabO#1zWraALs$C3> ze?p##%xFB@MG0ahR!$Uw6=;cZ;eLI(p-EhF{vXi%4}|{f^QX!0x$%$s9v0w?__p@< zw&KF{d;a7A&Wvx?TkY-JIw0L|(ex(bnSf*8s&1KpBTRrZ>)ZC{<(Zh-{#$g$D+*Zv z1$-OiRnW#Kx+<%snkY}nOE-1a#^`C~MUjUXuk0WU7`idcw8R_O+cWY;ZR$RWB>lh` z?@l?$+2grxdQK3FTrvo`9oi&9sJ?I{WkEq@FzbV8W32k`t*7rWmJsEmZtGuWe_mI6 zWkl^KJ}7n`r)uuZzI-%y>|C*-UzO$iLCC>3SEg7ChJXN#B?588C*&|LVlqnac1DYF zTGx!W>SGz&GFmsq3@ioayp2<5`?>3CGU2S?ER}0I90#X>jY4<_7Ba~ZWkz|2 ztvHRsEU`DM4?;o@3XVtU-0<#UICcI>6a{qc{g<> z7%}qQ{KT%v{_mpav_YjUsk6hR0$K4rr{oc@kpII!{Qu{}|0{Ir1F>fU#Mm2qzoC;0 z$mws@;&1HE2K2opnmBCg9CO zFwFM`ia)d@4DU&{kQWr2v|vyLhO|%(m_V2e1VUhhkpHU!{=eaNVa9f7$`u#=uPA+L zf1~sm7(o#`tl~FHPlgf9jfMy3mWMt-&0>LffO8bg@Dt7w1U}pFpY7j&2mXQ1f1Tam zswVy&==>*kH(~$t$(lFg?*d*&*A}l4S^b$D#O)YTV|51KjWhkE$+4_OFd9ShHA^!6 zW|+~h)UyVBF_w_Z+lR2|C9gplJHb;Dx3`{7+9vj{duVw6W8pW42bk9N?DJC&JJY~b z9s9(c7-vGTEUv66f) zmvd`toPAz*4|<Yd* zv+?ob1jpgf!1-6p@w$*vw?*}=NKWWF;7;qs8UWJ*l`zftl?_!!L2~n|r|0Cby4vq2 ziG24iGF2%)?dAlYSu1fUhkj2Z0ByS{?oSyrKkvgi~mep!5!G&&#_*A4f>HEkFF9W=6fz)}U zj=%x275&KjK#Z?nz-1L6V+`w>P1!zX)>gLXf}tv!eVnQq(72Pyv4EAFAyZD6ei*u4`Jb*gMplIOJ*lIGlCKZ%}FuqkP)N0IIYsD8okC0y$Ql9 zEW&p3=yDKwa-w=+Js2k55~{RME+!s?7{j6?nIi@J#bu`f5**aUGzYaSI}_T{rEZ*P z@UV~%9kuxU4iew2{9Bv*pooVQg}LvsKDZkoy)UikUr86B=$9WLYqQ<)poObJv~ZO76kwU}Tb? z+3Ud~?tA#hxC8QRU@|%-VHOLxycf&*TX(PyY{#J2+|q0A#MmjdyL)9!PSA&p;>Vai+16nRw$}B)u!*up^qlr&qvdVxXME1GN;gR$ z4_pc|U+g)MfLJ3c3(Jm5VIGgBwP+b(5y$YwwOW$0FdL~A2cKQv?dF2pa3tcYTkUYGS&9W+PY;7If{yA#M4T=<6C}NV*{EV z)Ro*{=cbTdUYr>_-c?ky4YJ0`_b1%jg)nHj-9v>b_-sZ`e`SNyvl1uz#S$nPe8{R# zW$?4v54$G8ZPSB{=m8bSEdzx~`a6hg0EXtNndOeT**h6hSUNQ$v|;EJIv#tW7U(!c zG2o2LV7y&-qZRs7QSfpWFP#0XDooR}ueV3eris|ugao}Z2$$7Ie)u}Ueb4~+6D}iR z>0~47fLwPb*u>>ZyC+p*K6>J;;K;l@DN2_-vB5q<0%bV6EfuGHa9(kBF}?_ggSk77 z8g3k0zeo9A@O)QwF<1E--U&khvH@qM@D8gt(}_ecEct zNCn43s+QfU5q-X5&FPV;nGTB9Jni&Y)&_oB$C_I$x1Ml_&LiUuIcP>L{CWFDRxQT@8CXo>EK95hvz`jz}; z;pdyuIrY-WIt}{V3X5Epp5+tTX(!SVdn)2k(SfK;m))In{;~Dq_V1r zl7cmHtsEQg0C_OIZ!WQ3*>gz~8`fcFB>lp{>m`d|r*TABH8(3qA%%U_Lq#KFcqrD5 z<5_(sG>PT^8Oz_eBhb1Q_402piU659l$Y25O@Io= zd%%>Pw#!I)Cq5RLE^KES{5hZbvvEPnJ5 ze0DSTEQ!UE9EHshHR0M5-u#N~jF4BDz$$zxCglwCD09Fy8FY6esRg8%V$IG3@-_+9 zCD}CSq$Fad#lu(N!@X0&o;EE`yH?NBvrj$R*7_DEZgwx_TM2ef_=G$Y?}Is?gM4!X z^S2mW^6WKkp09%GEWSVgYRoYBzJ$LkJ6J%;T+Cw>iObr+OJSzy(bXYKfNpPMf}o_x zj)3eXs~Y8BPtWjPP32n5nC`5KwRG!crr3iT+!5S$eN$7&)s|N~H;>0MRDUk@GG)Lf zf9~RSF{!Wsy{v!9{V1lXjV05IQqcg0LEhsI<*EqJdR}z514F@=W*6`a2Nmq4Z?-63 z&vP~xeZI}Nhnlgs{zCS`dgT}ON;xGFWS=0qO zivaNCu*uX@(9>XY#A^+QhVF%g3L}`QRy;n(VqT3Au>_c~@VdGBu$xVaW>VQiOvzMi zzDXYZ9dkZu5#t^l2=-+sH?1hQ1EeLEf>?>x5=k}&4UM!~@i7>7wxWrZUIbM7{R`6x z;l_~&U)>~3J}7jlz}yf`C3yN3Y#~~l`AAWF-@H0$56J}~Yd<(+swMiwTYZ(r{NxNz zJk`9+km+-#qakC;8FsU_pJ=x~MB>3!K2`_|juCy0~>vq4jCg>m41ZGo>j@{r0i-v66F`^ZDsGDn3(tIM@(&Y=6~? zX3+5K58v!9;duRZ|Msy3)NOS#|iLzr)6G= zTl=FKCa3K?%>Gi2=O7t)edDUxx_bC;ia*0arv2KvSU-Tx3QdK+NW%uHnXwaJ6Z6VeR#IrJiM8p2BE%1~JSbvF~&@G1?fF zKJC+Tm=ip`*3ZO>u3uXgUXP==6V``_Tg+zl3-hXY5;Rv)Nwp2oc}f;uscstRLVv4~ zLSW5(diE^oLyg+wYahIm@Mcb+MYy0>?x-xLr;ar{`ktBhA)p9ilZe#-n@u@p5>Aio zh?#a#eH85;Iz73x%2-U>n&^)A@#f*l&X2xL`@mbS@K)ZH_J^K`w3zQESSg7-)9LSw$x3B<^*za|M zkCgK6&-jYrkyTnX`JGa+Pc%HX9gk-#C29yk5L@_$cMLCBb1FfGxlV zn5Qxam;&3IW&1lr@#m?SjsIMde>47es)$+X$SrO(hz(cCdgy|_2;J&*A$XTgBB~7i zy+tNT9|a^7r8+lbz9#7wtpf!b!K<#=eEI!_``y>qm!G(r=eC_p2J;hQf__=xuWg-t z6BFOWTnMQgISFO#1mWv_?I=O;SgkE%_`= zC?3`JiMg{^3f}wY%KW@8#Y&rbY`TzjnrwM|c`<1%ko@jA`f%J$Yk{joK2szDNByIn zX>etYP9MA69<%kA@OO=d&2~v1l~x*M(e^CjJL$z_?^Bsr0!U;OL>Due=w<5#iZ#83 za?aB^L%TX$=WWlYJdwVV_Si}jx}hR$@sr@?ikz8E=kKe$pEiwdG(0ufLRr}t0|lkU zL1EC}AvjY`!WgDf4(flOE%UT*PJVW%y;H5YdSpIXg}#H8bG{JU#w`2zBi%4|4Sm<4 zk@7%E?s5IHalN58SDk89;tWgz#4H#PmyI+8fb_8xV#-CyiJmLFsQO02dPa9w>v$d) zC$`Oc7T@?;u?sU|pH$buR|@iUOAKvX&2i2q&P$tuN=7B0GmrY4B8VNBp(??EZ!|a9 zcNGw8I%`8}!zrN{%#@d!?RuOqO^!!v-MoIPPearq;J}hz{46RpAL1cjII()%{NiFH zt?2KRp*G?AgFjA=3>sBaL94|G4T;I9YraRJm#lh2% z!DadAYoLol#^*=?z(|OytfAh81~{-*e*6*x<;mU-pf@^h)jaUu>n%TvAP1g^3wnaz zxmQR}{$t8G2XV6wyAuK1``M&^}p>dQzRDgir4s ztMQLnVj|WOM@R(b_V)uL&;q|9y%WC#DDW5wnvwdF!_^$YBE_nG$@{iBMZ)Wgt@6X5 sgP^hTdY*3mpwwl`rNF#_`8_=!*Y>AR>Q2tb90D8xcQcHSzpfGgA7Z*ldjJ3c literal 0 HcmV?d00001 diff --git a/other_files/cfe/disable.epf b/other_files/cfe/disable.epf new file mode 100755 index 0000000000000000000000000000000000000000..db3a48b60a308e63b04e151ac7b5465054d2028b GIT binary patch literal 5800 zcmeHL2{e>#8-DFWL@1IqJ7I>wAdJ0ijXkC8%3v&mKU>HWm7Szi%otiwV;3SRvNPGU zlx4Dg2}St$UrML%oX+|G|9t0s=j;66^Pc;?uX)b%yzl+o&vowSdS`2ED-@sv06O4n zV`6~rG z0iYJNZ9K9M00ddTVoi1chy`uC|J$4Yalb$YcIlx2{Ynog2!5ak%G4|>NQ)BK_1i0w z0~7&!Kmm{kU^`d}a0C#51K=Q@GdekVD* zuXlj`l$~iP0|rVM<1llp@Jv~F?!4jPxX|r(3Ti9U1t@P_4bJMG=tqY3Mr#NrII?m4 z<02&B44>X>kK$zO)LR3Exn1!UA3FEt@E@#RrM8Et<|KJ6Y9AGnKGlP*Q9tp?QU*P2 zz8tBp z4|V#=&~5NT2nFUIo+L~5&FW)cn3IxnaRYNxYr>y9)lg!tDx&kwJoZBjD0jORFZ8@dbc{LwvtIcN}k`uZfrh1 z{L*n{zn1pfG{!q`PuwihR!7m8b%wHViB!U>G~#szyt$2Z3e9^aa&i#YC8rCI7!gvlW2?Xo>Y$(W4qFyt1aLb z@Jaq*jrYnHo~`su=Lx<*Z8l!=6OVEoo8-~{^JTNQ$n-*6Zql!z6k`1`$PUfSEnUH) z)^c3S@i~62dh`PcaRmjTL$k-~pJ>KlDl9~&eNN}bQw`!L;+9zQtGUAw`G(19G)6Yr z401>@ZgqAq2e!5|^dI}lWU>J7cnWq#J$yuYneX|!#=D~Da5h89n1lxE5c&@qjl6Xm zn9CvSnNJ;VEbm_(dtx=-){y22Mln-`|IT>krTr%Z5{W7ZN^4)YgjQXu(5XYI6F z(`eo1E5?v!is;sko>_tSYOBE$TXjry*UDO}W(1hQx&h}c}wjoTNFpzofu zgF0R0|H4t$k&zONv&J2;;|`GYUd*TXj5q$sr}dC2Ac}6eVKgIF^MKwn+ZslW}-BuJ*N6*T0(?_io4pZ^p)5X8uM|3K7qwR*E}N2 zrH!13b$c#1S>&LAQEcsX=$?DzCoB2#wvV`#+*Rui>9)Wz25TKW6^o1bLuH>r*GHTo z(OgLB{L1MG)vB~EiD~!RYjGos&F^S4Iy|I${1V_m(T!QoP*NkucxXrgofTP^3MueGMIA|FpM^gbux*rh_34IXwnoOaYX=f-h8fADhoF z)3Ko0;Yb_Ka+`j*_lx4wl~2X>C=w#5%W08E^7~jaYO^y`spLLP-We2>R7SRI2xIVz zSGpcgz7R1NHT)uS_NI)xZl!%?1tNxiF~=H{`H1sjllda5qNEEO7;PgiZCLL7+@aHeRr@3VC1)GA!55YEBBf8$_~h)5 zsCkUg9_ZvNS8=XBWqVd@^iAu(R85;bp8YO`Of|SFUv(0h*6lDlQBylv@Q(7ZyYxgW zhne2OT#D2d<@a*^--`)FP$Fzg2`DHIoIz0_1tKTV!*|4lJt#4@C4>@qA;3}F0z(Px zgM)?uC50S#IfCBd$5IVblKZKch%+_9?1wRqSk3S}uudQ#)Qx>I`;GU8H9QDpee7_# zg5piqJqh+_c&nz&NXaq94@9JImlJD1ri`t7=;rU^(+B!y9}XF&+RQO!mO+RD8U?}{ z`JBX6mWCz!;cQm@I%%4cdlb4%sGBQLiGbPHL#Ma`+z9Ct#Y=tyQ?J>)FumM2+h#-%giGzm z&}qcq8+Gcw@+jD>A#~EaHM?DpMBD8fL*UN=WQ8bAYL_K=th<)kHGRocoDYK zY`QYz{h7Jv`e!Ghsz%I3>HiAoT}{PjIw=mfXjCc2aagGPZVIZ*`^l;{UwmTrDQl(= zU2Nk%6`|(BU64>`&K1devI`O(dvT*e^ElT@Dj9yyp$FC4B@GH`$p2) zx4AYAUnDk^F@D7d<`su{FWz9xg1e8>G~xJ!kD+C{JhbV$8PX=q+^5{~7w_lJZv5?T z-&wX>17-j4LAA@SUB4Z_56CP}z;|aU-={nOlwCo!L7}Bd@s$}F_rs5)afKTCxY)wu zxa^EV0wL;tVJsm#HajYb=v`!zY%KM+%gsLl{n-qBr-#CB4O93}HOwD8SA761Si?NQ zDz@Er9|HS%1>5GByo^<8Qg%js_})Z&dpq~@I7d`V3ytQV4ga6{zd#0d>G40DlYitG zc4v{_9s`5@ypqKws>GvUj5;gH%DNv#<7>D@y>ncrvJXZ^vPj;#Buu1{Ws)aM;%CR# z$>S?0@+}SSYqs8_vR5=s%;gClk0h`Ca1KWaB%m?*x-{Z_rQhQZ628k~7v zz+wrF+8_Z!Wz#|HJj<1`-*v;bH{DV~z8NDau&5tP6JD+|HD{LVZ{%Le*fSzTHMp08 z-rTFaMTKE71k-iI@5}pu-b>T-DY6kU{Vd(|dVF(7O7qFH3F&=HZ-)BIRHU<_A(!ro z9gN76niVWJeZBbk=%{{Mwyf*uWQBjXUqtpB>9kwesS)4eTJq3(%hIVC`=KN<@~#xJ tfoiUwTB&J?yC-dyZ}aR-bsA!3GNN!Ti=rKtg(tGPx;NT}{vZ60^lz5#wSE8q literal 0 HcmV?d00001 diff --git a/other_files/cfe/params.json b/other_files/cfe/params.json new file mode 100755 index 0000000..580c1e1 --- /dev/null +++ b/other_files/cfe/params.json @@ -0,0 +1,37 @@ +{ + "ИмяХоста": "HOSTNAMEREPLACE", + "ИнформационныеБазы": [ + { + "Сервер": "web/int/sm", + "ИмяВКластере": "sm", + "КодКонфигурации": "sm", + "ТипКонфигурации": "Управляющая", + "Администратор": "Администратор", + "ПользовательУправления": "RemoteAccess" + }, + { + "Сервер": "web/int/sa", + "ИмяВКластере": "sa", + "КодКонфигурации": "sa", + "ТипКонфигурации": "Сервисная", + "Администратор": "", + "ПользовательУправления": "" + }, + { + "Сервер": "web/int/smtl", + "ИмяВКластере": "smtl", + "КодКонфигурации": "smtl", + "ТипКонфигурации": "Прикладная", + "Администратор": "Admin", + "ПользовательУправления": "RemoteAccess" + }, + { + "Сервер": "web/int/smtl2", + "ИмяВКластере": "smtl2", + "КодКонфигурации": "smtl", + "ТипКонфигурации": "Прикладная", + "Администратор": "Admin", + "ПользовательУправления": "RemoteAccess" + } + ] +} \ No newline at end of file diff --git a/other_files/cfe/УправлениеМС.cfe b/other_files/cfe/УправлениеМС.cfe new file mode 100755 index 0000000000000000000000000000000000000000..8e9ac0bf4d4c183a5d32fba6169c9626db9f2520 GIT binary patch literal 7458 zcmeI1cTg0~w!oL1LBdKBK_ue}EW6|!l$?{~oO6&QA_#~`mLO3iyOL1^iHgJ}=NyD3 zDoBznZ`N?j`|A7Sd$;Z%x9Yy`>FLvFdS-j3etk}#-iwQiU=St;t0p$X?trr^vQo;EtC*y%YRKPRPdVWF>s0t`(d5{n zf)4}(34w$`f*>o91xNq{0oei?ILH!^U_e^{#1BY9fL0hdLx7eAaMc0?1u`F?h~{qwe#e@Q1iPT3Kg7eC@K+|+W6JeQA6ICjP3u|>|QO!~=c*8*uTThmXBeJ;=dn90Od`DX{^Tlh_ zqooq6Q-T|wSE%FIF2cY)V>hahBhbn4ZajT*vZ=>!>?Xg6K)hTo4^dsv*g763xdDHgHAMwFn~=Vpx6MUK>$km0Vb_~(1|A30+1|#KK#IS2*4zo zOf;#&z@1h=KXh&RI(ciX)p*Md#T#xU#5}y<*_kKxd$I1@>wfMPmp|hP z{xk&}J>8(Chl#EtJ);KSgDWDh>2W5+d+*5vzEpu%T;)L2hq%ODIUNx}MDAk+rL3$Q2*P{|9B$`9C1n;*==elQ9HbZE*2fEJo)8$d>r z&I|NI-z^N(e1CGxD`@?fRu=N)JqhNuOY+-n0`L9V(n3PQJwY!(l*M)!BR)HTaw7o^!Sae1+X$|y%0uuZOoiIQn02DzW!vRkJiB3NFU$0PO;#8Gn z`7U)FhR?mQ&N5F-O^w5fq;@x3LA8ckDm&=DRhja**LSCf-yfD{-(dHrWYku)iS6B5 zd*d^uyu#&>miQjZPSsDEL@Bf0ed}o5IXW>*Q?iBk?u&WJPJc?70*=u5%(@|z1>4a* zq?Jo#JD1smkctPjZMQS+^wp12&Q-q>7S&~sQy+zrO>VL_ee!}2Y-EF~1SOYw3wK+t!plSg>}Qr)UxT;4-903L2&^?mg&*XacO~IyGl^lb zWA3FpF%Z!{^_VoxGnO?Pp)bp*6`B7}AnyM%hJVlr`)Ry*1z>+V;omFM-!=Nt|1LUj z0*s>5uOaZm1%D0!E&RC-&{KAz)TFvv@5Fntm>5GDEsG%H9!idT=RPQJ{FsQE1V1+i zj17KDHLaxls-U1?pztLbm5Iu<${v*9h^X(JZ0nq0N7T+XF%9ZsPi4F&l_7dKx0khj zZ#BVNBrCN&-Xaq^!+up6$qz-md-CMYq2|tnP+8AHIaW0p?9>%51Yh& z$)J_)_=Ni7W5i?i`&+bR(Iq>)%kV7SY@g0EyS($yGL9_CYOEA5_le{)Msmf))#36^ z*4jp^#RYq*OO=ZY_41<28YZhg(lIZwA;Z)G%G3L}r)FTV1DL0w4spvI@u7du;zW+5 zQ2{K(g;}XYQY#L!rrb=IXJzWQs#dGXC24UjUNFUGDIGSilBvHByFu+8;ylP+G6VfOCFRH)dvgtkf8BL!^9nKd_rkbl z#9nmSiEx!vJ!?nxvb(L2H9x_HLygOzM6&!li>X9eyk*?tGES=@zo?6ljd#oX)I1+X z!Eu9u70$T^wo)#NgO@|?J(KG~h6qC)v?wu!nm$>_nIWG^PbOy5Y_sr+VlS}SsZ%U7 zb#rAb%swi8tcNFbVLS8=q~l@j3no2UbUt?r2}a<^&^9M@sYvnQsnj*>HU_e>6u;e&&07;M+p&H$w~pew?Yvt5T^K|7uSf=QsYU&LPAQbC-c=Z>7-Vc7>R66^oUJ zdUgrBTZUxASG74iR9bymayefrCnQxbmp$=&#BkSJ?DduYv!l%NV-Y>rth9qosbWLl zveQCVjT$p#{QY)WYHD-y*~xZu)7cWLDAmmL{{7=|q~y-o4$3W6-!4`10=4U(H$Pjl zu;^L9ZRVo?Dx8IOG{G8?uNPHl0aMcUDy&U$dM+Aqs^&w}GbM!^&DmRuOiy*xEJw{A z&d)M1KJq_ovukP|vb(yvIfYHTmY_Z9#JYalS}%|esnlDqIKMBT?#3^I**w6wyW{I0 z9L4?V{OhdX%uWXF8)FVhOR>IPdOUZ5uc$+X3{(v}9gCQTpsTolWnvWx16z|`5%;Vi zY8t1-4KDiBTkc*)Q{afQ400V^F3a|*^WKB=trUIP;%;J z!LGuRb*E3ep01{BdLe=1OC1V0&bzvUw2oVG<~wmzc8ibI zE9y;l;dG?g_`DHmP_B=2jU8(hVMl0^-W^+R6q#}SR=K+-qCVW1e-L5J(ck*IQ1ioF zM!N0*#`{jpvj%x_#ZuNcvqoGXQQN6-V&f`t%rc6(ldq`wnk;xhf=FiPT6E_fd$41;&w#H*~2F7bMz9JuQhbz`DZE zrn%8c+%GPZE3QJ~No>fhe`?8Rrdsgs6bH>Q z$2;1C*qxyhL=@%{OFa*2*fe@dRRm1j8kWXp6<#sWBEhU+N}JRDj1-X;A!QdZV6;$vrGf2H4?-_gJ#3%LHnS zL>uQ=Kc67N3Ix}yGny-P2OjV)M~Q$ZCj#ymT2`x-70B1QG2DS2Hc^1Lh2qCYidL|9 z()jJRzS%e9+iSJv-vKq}Q>eIjLWv(_JW9+ioVb4Yj$wYCkBeT~H5%(%zvV4^)nGE0 z+qidC#zMs4EBsg;RLdziVD_o=idSTdUew$CakO_JJ74nx`>u%x%d6)jZ3LEfGP1e&qwx!*e#OkZ*vTB^#@Q!h7kIXDtA4&3P#$P&VLJ|QO6 zdcmB@`6c~)bYD47_C-xZUI*cc?nk2BY@tTCv-QbV~SMq93UGqpYMk`-JGU zB9U0t%JR5RavHFzBmEy`XG(ae?&!MnSG#_DW@7ogu(sz&+AhjJa^Pcj zeG?>^eZ zPborlCP-r)h~*;FYuBw?8oeY{t&p`Q)I_eXcJ<5W9;-4c7R(tCB~AC{kEIk$>^3i4 z>fV;MNFHQJGI<~)97C<+2cs|BD~TuH*Ku^yvpB+fiz?0Gbga09QAaAI)Ns078bSQ# z^xo`k=j5pt{-oVnI5%D-*3pD7`IoBt)1w8`d(U~k?v%a3T*QC$frWp;cFAwd5ynfO zF?-N8Xk7p?G9SRqZM|{*I!R6{9q+il(CWcjN8Q-xx!C=svPQuHbt#Vb{!&~_NI~c+ zhVr&$-M1!)%emj}3ajib=C!+3ak=`|jvLMnB+}#%M7N&|zk{IyZl|Flwl1n4aHAZ?LL{~zJ zpN0f?#uBd42KQic;eFmr=)v7uC$+u9$AE8~L43mTU6&p%@hpkxUD4~%&(mt+c%@pz zqgCqF{S53zOb;->3fr%>kPjGouWCAiG|d864~l37qM=9Sw}mx2@IR;yf@!ajtU^=o zQw_PKF0qFp&!1o5{0sin7Vx3AKQ+7(4ov<*sAU-*pd* zG#QJ$Z7x?Ey2@gV5y)2Z42P&>tlaa^jO=Z*S;zCkx!JiHN)g?q*g4t5G$}bzmVMkz z`CEAsuPc=clv=ZyVl|}(xLHbR+as?I!f-UHySTXnaz0?>$LVsmVSkb(h0wRz$KLuZ zMiat%V8eya$1KZC0xya(@K%p7I%Aa)Y;PgQ42i2fQMT!yLdT`s4N%_Z=mAm!g_``cF^K?)q+3Xl-Zu`qefHm$;5~MmXR^ zy(&1$)wm(Y%Q(iAys@z5-nh$o*S?pA1xe@N9U2m$P<$ihO4E&6=HRjBH2eO;d4vgR zkO|M?vHF$F&kTDxSMxzeCcY^US<>{J;*Yk%NRg6yYcHg@n-~miG(L@;h>feB(qNZ2 zc+iG$Vf7N=NE@<6K)ybEkf&KbqVvqGq``{@n;bt`7a_<)H$$7!+-X5# zo4Anc&Mwe0eAucG(}*6e1e<|fE6-Z}9u``;f${-zUZ^()K+gg=&B zzr(xVHJT_ZkQ>MqAkG0~2NbmA_D`f)3;!i)F$v19pQNbdR~4K;Xd^@pE{JI+)QAZ@ zFee^#m2l|$;7>$KF?l27J%18` zjbW>#?1a4^UCu-qDua3xI^r&i|Bb5L0CY=C{Knz>CwEGHlu8B5yzb`mT0Y?^lX<2h zD?>y|6a}=97#1y}Ks>1AW#rgID5WD8kZqKnHD9ADw$$&oD8#kwV%lpMVM*%YLY_Y- z+zGSOP<-*iBav_!JbV>zAxrX+74_hxM{wSfZ2&y(Op2<_^V^q7=!{pMGKW}4JZC`; zr*O!OqHS10VqOYg6$b$MSEb{{c=cIy3+P literal 0 HcmV?d00001 diff --git a/other_files/psql-scripts/CreateDB_forum.psql b/other_files/psql-scripts/CreateDB_forum.psql new file mode 100755 index 0000000..08f13ba --- /dev/null +++ b/other_files/psql-scripts/CreateDB_forum.psql @@ -0,0 +1,4 @@ +CREATE DATABASE forum ENCODING='UTF8' LC_CTYPE='ru_RU.utf8'; +CREATE USER forum WITH PASSWORD '12345Qwerty'; +ALTER DATABASE forum OWNER TO forum; +GRANT ALL PRIVILEGES ON DATABASE forum TO forum; diff --git a/other_files/psql-scripts/CreateDB_site.psql b/other_files/psql-scripts/CreateDB_site.psql new file mode 100755 index 0000000..2496744 --- /dev/null +++ b/other_files/psql-scripts/CreateDB_site.psql @@ -0,0 +1,4 @@ +CREATE DATABASE site ENCODING='UTF8' LC_CTYPE='ru_RU.utf8'; +CREATE USER site WITH PASSWORD '12345Qwerty'; +ALTER DATABASE site OWNER TO site; +GRANT ALL PRIVILEGES ON DATABASE site TO site; diff --git a/other_files/vrd/extreg.vrd b/other_files/vrd/extreg.vrd new file mode 100755 index 0000000..7e57dad --- /dev/null +++ b/other_files/vrd/extreg.vrd @@ -0,0 +1,11 @@ + + + + + + diff --git a/other_files/vrd/openid.vrd b/other_files/vrd/openid.vrd new file mode 100755 index 0000000..1adba1e --- /dev/null +++ b/other_files/vrd/openid.vrd @@ -0,0 +1,13 @@ + + + + + .* + + + diff --git a/other_files/vrd/sessioncontrol.vrd b/other_files/vrd/sessioncontrol.vrd new file mode 100755 index 0000000..ba1977b --- /dev/null +++ b/other_files/vrd/sessioncontrol.vrd @@ -0,0 +1,13 @@ + + + + + + diff --git a/other_files/vrd/withzone.vrd b/other_files/vrd/withzone.vrd new file mode 100755 index 0000000..3a676c8 --- /dev/null +++ b/other_files/vrd/withzone.vrd @@ -0,0 +1,16 @@ + + + + + + + + + + + + diff --git a/other_files/vrd/zoneless.vrd b/other_files/vrd/zoneless.vrd new file mode 100755 index 0000000..da00b1c --- /dev/null +++ b/other_files/vrd/zoneless.vrd @@ -0,0 +1,12 @@ + + + + + + + + diff --git a/start.py b/start.py new file mode 100644 index 0000000..54f0d0e --- /dev/null +++ b/start.py @@ -0,0 +1,62 @@ +import subprocess +import os +import modules.helper as helper + +host_name = 'test.1cfresh.dev' +configurations = {} + + +docker_run_str = 'docker run --rm -v ' + helper.this_path + ':/out_files alpine' +docker_compose_str = 'docker-compose -f workdir/docker-compose.yml ' + +work_dir = '/out_files/workdir/' +work_dir_other = work_dir + 'mnt/other-files/' +local_work_dir = helper.replace_sep(helper.this_path + '/workdir/') + +def call(command, remote=True, debug=True): + commands = [] + + if remote: + commands.append(docker_run_str) + commands.append(command) + if debug: + print(' '.join(commands)) + subprocess.call(' '.join(commands), shell=True) + +def get_configurations_data(): + # r=root, d=directories, files = files + for r, d, files in os.walk(helper.replace_sep(local_work_dir + '/mnt')): + for file in files: + conf_key = file.split('.')[0].split('_')[0] + configurations[conf_key] = '.'.join(file.split('.')[0].split('_')).replace(conf_key + '.', '') + +new_server = False + +new_server = os.path.isfile('workdir') != True + +# if new_server: + # call('mkdir ' + work_dir) + # call('mkdir ' + work_dir + 'mnt') + # call('sh -c "cp /out_files/distr/*.cf ' + work_dir + 'mnt/"') + # get_configurations_data() + +# renew docker-compose.yml +call('cp /out_files/docker-compose.yml /out_files/workdir/docker-compose.yml') +call('sh -c "sed -i \'s/HOSTNAMEREPLACE/' + host_name + '/\' ' + work_dir + '/*.yml"') +call(docker_compose_str + 'down', False) + +# renew all nginx conf files +call('rm -rf ' + work_dir + 'nginx_conf/') +call('cp -r /out_files/images/nginx/conf/ ' + work_dir + 'nginx_conf/') + +# renew other-files +call('rm -rf ' + work_dir_other) +call('cp -r /out_files/other_files/ ' + work_dir_other) +call('sh -c "sed -i \'s/HOSTNAMEREPLACE/' + host_name + '/\' ' + work_dir_other + 'vrd/*.vrd"') +call('sh -c "sed -i \'s/HOSTNAMEREPLACE/' + host_name + '/\' ' + work_dir_other + 'cfe/params.json"') + +# start db srv ras web gate +call(docker_compose_str + 'up -d db srv ras web gate', remote=False) + + +