web2py Turnkey Linux Appliance (collaborator needed)
85 views
Skip to first unread message
ghoulmann
Dec 30, 2010, 10:36:20 AM12/30/10
to web2py-users
I'm collaborating with Massimo to produce a Web2py appliance that will
install a Lucid distro with Web2py fully configured (probably by
patching TurnKey Linux's LAPP stack 11.0). The icing on this would be
an init hook to ask the user to set the web2py password on first run.
I know where the script goes in the filesystem and where it belongs in
the patch.
However, I don't know Python well enough produce the script. I also
don't know where web2py wants passwords kept or whether there's
hashing involved. So given example scripts for other appliances, is
there anyone willing to collaborate - either write the script for
incorporation, or if it has to be the case, mentor me so I can produce
the script with my students?
This blog post and the subsequent thread explains and provides
examples: http://www.turnkeylinux.org/blog/end-to-default-passwords
I look forward to working together on this contribution to web2py and
TurnKey Linux.
Rik Goldman
install a Lucid distro with Web2py fully configured (probably by
patching TurnKey Linux's LAPP stack 11.0). The icing on this would be
an init hook to ask the user to set the web2py password on first run.
I know where the script goes in the filesystem and where it belongs in
the patch.
However, I don't know Python well enough produce the script. I also
don't know where web2py wants passwords kept or whether there's
hashing involved. So given example scripts for other appliances, is
there anyone willing to collaborate - either write the script for
incorporation, or if it has to be the case, mentor me so I can produce
the script with my students?
This blog post and the subsequent thread explains and provides
examples: http://www.turnkeylinux.org/blog/end-to-default-passwords
I look forward to working together on this contribution to web2py and
TurnKey Linux.
Rik Goldman
Jonathan Lundell
Dec 30, 2010, 12:03:38 PM12/30/10
to web...@googlegroups.com
On Dec 30, 2010, at 7:36 AM, ghoulmann wrote:
>
> I'm collaborating with Massimo to produce a Web2py appliance that will
> install a Lucid distro with Web2py fully configured (probably by
> patching TurnKey Linux's LAPP stack 11.0). The icing on this would be
> an init hook to ask the user to set the web2py password on first run.
> I know where the script goes in the filesystem and where it belongs in
> the patch.
>
> However, I don't know Python well enough produce the script. I also
> don't know where web2py wants passwords kept or whether there's
> hashing involved. So given example scripts for other appliances, is
> there anyone willing to collaborate - either write the script for
> incorporation, or if it has to be the case, mentor me so I can produce
> the script with my students?
>
> I'm collaborating with Massimo to produce a Web2py appliance that will
> install a Lucid distro with Web2py fully configured (probably by
> patching TurnKey Linux's LAPP stack 11.0). The icing on this would be
> an init hook to ask the user to set the web2py password on first run.
> I know where the script goes in the filesystem and where it belongs in
> the patch.
>
> However, I don't know Python well enough produce the script. I also
> don't know where web2py wants passwords kept or whether there's
> hashing involved. So given example scripts for other appliances, is
> there anyone willing to collaborate - either write the script for
> incorporation, or if it has to be the case, mentor me so I can produce
> the script with my students?
Have a look at gluon.main.save_password and gluon.validators.CRYPT to see how this works.
(BTW, Massimo, password_file currently depends on cwd, which ought to be fixed. Also, we could offer a cli option for exiting after setting the password, so scripts like Rik's could invoke something like "web2py -a password --exit" to set the initial password, and then store "web2py -a <recycle>" as the normal script startup. I think that'd be better than the script having independent knowledge of how web2py hashes its passwords, since that could change.)
mdipierro
Dec 30, 2010, 12:13:06 PM12/30/10
to web2py-users
This is an important issue. The more people can help Rik with
suggestions and testing the better.
suggestions and testing the better.
Niphlod
Dec 30, 2010, 3:51:59 PM12/30/10
to web2py-users
uhm....
virtually very very very draft of Jonathan's concept.....
in gluon/widget.py , after "if '-A' in sys.argv: k = sys.argv.index('-
A')" (line 695, in trunk), add:
parser.add_option('',
'--exit',
action='store_true',
dest='force_exit',
default=False,
help='allows to save parameters.py file in order
to initialize the environment'
)
then, before " if options.quiet:" (line 704, in trunk):
if options.force_exit and options.password == '<ask>':
options.password = raw_input('choose a password:')
if not options.password:
print 'no password, --exit specified, clean shutdown'
sys.exit(0)
if options.force_exit and options.password:
print 'Creating parameters.py file'
main.save_password(options.password, options.port)
print 'parameters.py created, now exiting'
sys.exit(0)
tested and working....
eg: you can call
> web2py.py -a yourpass --exit
> web2py.py -a '<recycle>'
and everything works.
Make sure you start the webserver with the same port (default 8000,
can be overridden with -p)
Humbly helping ^_^
Happy new year, if we'll not see within the next days....
virtually very very very draft of Jonathan's concept.....
in gluon/widget.py , after "if '-A' in sys.argv: k = sys.argv.index('-
A')" (line 695, in trunk), add:
parser.add_option('',
'--exit',
action='store_true',
dest='force_exit',
default=False,
help='allows to save parameters.py file in order
to initialize the environment'
)
then, before " if options.quiet:" (line 704, in trunk):
if options.force_exit and options.password == '<ask>':
options.password = raw_input('choose a password:')
if not options.password:
print 'no password, --exit specified, clean shutdown'
sys.exit(0)
if options.force_exit and options.password:
print 'Creating parameters.py file'
main.save_password(options.password, options.port)
print 'parameters.py created, now exiting'
sys.exit(0)
tested and working....
eg: you can call
> web2py.py -a yourpass --exit
> web2py.py -a '<recycle>'
and everything works.
Make sure you start the webserver with the same port (default 8000,
can be overridden with -p)
Humbly helping ^_^
Happy new year, if we'll not see within the next days....
Niphlod
Dec 30, 2010, 3:55:59 PM12/30/10
to web2py-users
PS: on line 561 of gluon/main.py of trunk there's a typo: INPORTANT
instead of IMPORTANT
instead of IMPORTANT
Jonathan Lundell
Dec 30, 2010, 4:38:14 PM12/30/10
to web...@googlegroups.com
On Dec 30, 2010, at 12:55 PM, Niphlod wrote:
>
> PS: on line 561 of gluon/main.py of trunk there's a typo: INPORTANT
> instead of IMPORTANT
>
> PS: on line 561 of gluon/main.py of trunk there's a typo: INPORTANT
> instead of IMPORTANT
Thanks. I have an unrelated patch in the works that affects main.py, so I'll include it unless Massimo gets around to fixing it first.
Jonathan Lundell
Dec 30, 2010, 5:06:20 PM12/30/10
to web...@googlegroups.com
On Dec 30, 2010, at 12:51 PM, Niphlod wrote:
>
> uhm....
> virtually very very very draft of Jonathan's concept.....
>
> uhm....
> virtually very very very draft of Jonathan's concept.....
That looks about right, perhaps with some minor wording changes:
help='exit after saving password' (no sense in confusing the user about file names, and there's really no other initialization involved)
print 'no password to save; exiting'
(remove the "Creating..." print)
print 'password saved; exiting'
Niphlod
Dec 30, 2010, 9:20:00 PM12/30/10
to web2py-users
glad to be helpful and give my 2 cents to this community.
your helptext is definetely acceptable, in the long run maybe a
comment in the code will be more helpful than the "explicit"
helpstring of optparse
Niphlod
your helptext is definetely acceptable, in the long run maybe a
comment in the code will be more helpful than the "explicit"
helpstring of optparse
Niphlod
ghoulmann
Dec 30, 2010, 9:32:28 PM12/30/10
to web2py-users
Jonathon, Niphlod, Massimo, thank you for taking the time to write. I
think I know much less than I implied in my original post.
Is the Jonathon and Niphlod produced something I can simply drop into /
usr/lib/inithooks/firstboot.d and expect to ask the user the web2py
password?
I'm assuming a shebang line first, of course.
Or is this to get me started and working in the right direction?
Because I truly don't know Python (had three lessons in an online
course), I'm afraid a need direction.
Any takers?
Rik Goldman
think I know much less than I implied in my original post.
Is the Jonathon and Niphlod produced something I can simply drop into /
usr/lib/inithooks/firstboot.d and expect to ask the user the web2py
password?
I'm assuming a shebang line first, of course.
Or is this to get me started and working in the right direction?
Because I truly don't know Python (had three lessons in an online
course), I'm afraid a need direction.
Any takers?
Rik Goldman
Jonathan Lundell
Dec 30, 2010, 9:45:28 PM12/30/10
to web...@googlegroups.com
On Dec 30, 2010, at 6:32 PM, ghoulmann wrote:
>
> Jonathon, Niphlod, Massimo, thank you for taking the time to write. I
> think I know much less than I implied in my original post.
>
> Is the Jonathon and Niphlod produced something I can simply drop into /
> usr/lib/inithooks/firstboot.d and expect to ask the user the web2py
> password?
>
> I'm assuming a shebang line first, of course.
>
> Jonathon, Niphlod, Massimo, thank you for taking the time to write. I
> think I know much less than I implied in my original post.
>
> Is the Jonathon and Niphlod produced something I can simply drop into /
> usr/lib/inithooks/firstboot.d and expect to ask the user the web2py
> password?
>
> I'm assuming a shebang line first, of course.
Almost. It requires a web2py patch first, and for the two web2py.py commands to work, you'll have to know the full path.
And that's assuming that firstboot.d runs interactively....
Niphlod
Dec 30, 2010, 10:19:07 PM12/30/10
to web2py-users
uhm, the more I see http://www.turnkeylinux.org/docs/inithooks the
more I fear that there is required a single script.... that could be
prepared in a short while, but needs to be updated if
main.save_password changes.
more I fear that there is required a single script.... that could be
prepared in a short while, but needs to be updated if
main.save_password changes.
Jonathan Lundell
Dec 30, 2010, 10:27:01 PM12/30/10
to web...@googlegroups.com
On Dec 30, 2010, at 7:19 PM, Niphlod wrote:
>
> uhm, the more I see http://www.turnkeylinux.org/docs/inithooks the
> more I fear that there is required a single script.... that could be
> prepared in a short while, but needs to be updated if
> main.save_password changes.
>
> uhm, the more I see http://www.turnkeylinux.org/docs/inithooks the
> more I fear that there is required a single script.... that could be
> prepared in a short while, but needs to be updated if
> main.save_password changes.
I don't see the problem.
Christopher Steel
Dec 31, 2010, 1:47:26 AM12/31/10
to web2py-users
Hi Rik,
Turnkey looks interesting...
You can get a working Web2py / Turnkey system up and running fairly
quickly using the "vanilla" Turnkey installation and then running a
slightly modified version of the "setup-we2py-ubuntu.sh script on the
same system. This will allow you to break down the task into pieces
and you can slowly "convert" the bash script to Python rather than
taking on the entire task in one fell swoop in addition to getting a
"working system" along the way.
setup-we2py-ubuntu.sh could be modified or run manually in some places
where sudo is used.
So for example near the end of the script instead of:
sudo -u www-data python -c "from gluon.widget import console;
console();"
and
sudo -u www-data python -c "from gluon.main import save_password;
save_password(raw_input('admin password: '),443)"u
you could "become" the www-data user with
su www-data
change to /home/www-data/web2py
and then run the commands:
python -c "from gluon.widget import console; console();"
and
python -c "from gluon.main import save_password;
save_password(raw_input('admin password: '),443)"
echo "done!"
In the mean time I am going to try it myself... looks like fun.
Cheers,
Chris
Turnkey looks interesting...
You can get a working Web2py / Turnkey system up and running fairly
quickly using the "vanilla" Turnkey installation and then running a
slightly modified version of the "setup-we2py-ubuntu.sh script on the
same system. This will allow you to break down the task into pieces
and you can slowly "convert" the bash script to Python rather than
taking on the entire task in one fell swoop in addition to getting a
"working system" along the way.
setup-we2py-ubuntu.sh could be modified or run manually in some places
where sudo is used.
So for example near the end of the script instead of:
sudo -u www-data python -c "from gluon.widget import console;
console();"
and
sudo -u www-data python -c "from gluon.main import save_password;
save_password(raw_input('admin password: '),443)"u
you could "become" the www-data user with
su www-data
change to /home/www-data/web2py
and then run the commands:
python -c "from gluon.widget import console; console();"
and
python -c "from gluon.main import save_password;
save_password(raw_input('admin password: '),443)"
echo "done!"
In the mean time I am going to try it myself... looks like fun.
Cheers,
Chris
ghoulmann
Dec 31, 2010, 8:57:32 AM12/31/10
to web2py-users
Thanks Chris,
I've got the patch worked out for the most part. (incidentally to
patching eden). Just incorporating Massimo's suggestions and
blueprint, then getting together the first run script to set the
password are my remaining concerns.
I've got the patch worked out for the most part. (incidentally to
patching eden). Just incorporating Massimo's suggestions and
blueprint, then getting together the first run script to set the
password are my remaining concerns.
pbreit
Dec 31, 2010, 9:36:47 AM12/31/10
to web...@googlegroups.com
Does anyone here use Fabric? I'm going to take a look in the next few days.
Jonathan Lundell
Dec 31, 2010, 11:06:14 AM12/31/10
to web...@googlegroups.com
On Dec 30, 2010, at 10:47 PM, Christopher Steel wrote:
>
> you could "become" the www-data user with
> su www-data
> change to /home/www-data/web2py
> and then run the commands:
>
> python -c "from gluon.widget import console; console();"
>
> and
>
> python -c "from gluon.main import save_password;
> save_password(raw_input('admin password: '),443)"
> echo "done!"
>
> In the mean time I am going to try it myself... looks like fun.
>
> you could "become" the www-data user with
> su www-data
> change to /home/www-data/web2py
> and then run the commands:
>
> python -c "from gluon.widget import console; console();"
>
> and
>
> python -c "from gluon.main import save_password;
> save_password(raw_input('admin password: '),443)"
> echo "done!"
>
> In the mean time I am going to try it myself... looks like fun.
I keep forgetting you can reach inside and do this stuff.
Yes, the second command, at least, works very nicely. I don't quite follow what the console() run is intended to do, though. The script could use one or two more comments.
ghoulmann
Jan 7, 2011, 1:57:37 AM1/7/11
to web2py-users
I completed and submitted the patch to create a web2py/postgres/apache
appliance from TurnKey Linux's LAPP 11.0 (Lucid). The post the the
general forum at TKL, with the patch attached, is at
http://www.turnkeylinux.org/forum/general/20110107/tklpatch-web2py-framework.
At http://9while9.com, I've posted the patch, virtual machines, and an
ISO derived from the patch. I used the last two or three lines of the
script for configuring ubuntu for an inithook to run at first boot so
the user can set the web2py admin password. I also used the "default"
apache configuration file for the patch.
Feedback, suggestions, concerns, are all encouraged. I'm eager for
feedback so I know whether to revise the patch. I posted it to TKL
before Massimo could offer feedback because I'm eager for it to be
released with the second part of TKL's 11.0 library. I was eager to
make sure web2py was given due consideration. Nevertheless, the patch
can still be revised.
appliance from TurnKey Linux's LAPP 11.0 (Lucid). The post the the
general forum at TKL, with the patch attached, is at
http://www.turnkeylinux.org/forum/general/20110107/tklpatch-web2py-framework.
At http://9while9.com, I've posted the patch, virtual machines, and an
ISO derived from the patch. I used the last two or three lines of the
script for configuring ubuntu for an inithook to run at first boot so
the user can set the web2py admin password. I also used the "default"
apache configuration file for the patch.
Feedback, suggestions, concerns, are all encouraged. I'm eager for
feedback so I know whether to revise the patch. I posted it to TKL
before Massimo could offer feedback because I'm eager for it to be
released with the second part of TKL's 11.0 library. I was eager to
make sure web2py was given due consideration. Nevertheless, the patch
can still be revised.
ghoulmann
Jan 27, 2011, 10:24:55 AM1/27/11
to web2py-users
I've gotten feedback from one person, but could use some more. If
anyone has a chance, please check out the ISO (preferably) or virtual
appliances derived from the TKLpatch; they're available at http://9while9.com.
I appreciate the time you may commit to testing this.
Much appreciated,
Rik Goldman
On Jan 7, 1:57 am, ghoulmann <rikgold...@gmail.com> wrote:
> I completed and submitted the patch to create a web2py/postgres/apache
> appliance fromTurnKeyLinux'sLAPP 11.0 (Lucid). The post the the
> general forum at TKL, with the patch attached, is athttp://www.turnkeylinux.org/forum/general/20110107/tklpatch-web2py-fr....
> Athttp://9while9.com, I've posted the patch, virtual machines, and an
>
> > > You can get a working Web2py /Turnkeysystem up and running fairly
> > > quickly using the "vanilla"Turnkeyinstallation and then running a
anyone has a chance, please check out the ISO (preferably) or virtual
appliances derived from the TKLpatch; they're available at http://9while9.com.
I appreciate the time you may commit to testing this.
Much appreciated,
Rik Goldman
On Jan 7, 1:57 am, ghoulmann <rikgold...@gmail.com> wrote:
> I completed and submitted the patch to create a web2py/postgres/apache
> general forum at TKL, with the patch attached, is athttp://www.turnkeylinux.org/forum/general/20110107/tklpatch-web2py-fr....
> Athttp://9while9.com, I've posted the patch, virtual machines, and an
> ISO derived from the patch. I used the last two or three lines of the
> script for configuring ubuntu for an inithook to run at first boot so
> the user can set the web2py admin password. I also used the "default"
> apache configuration file for the patch.
>
> Feedback, suggestions, concerns, are all encouraged. I'm eager for
> feedback so I know whether to revise the patch. I posted it to TKL
> before Massimo could offer feedback because I'm eager for it to be
> released with the second part of TKL's 11.0 library. I was eager to
> make sure web2py was given due consideration. Nevertheless, the patch
> can still be revised.
>
> On Dec 31 2010, 8:57 am, ghoulmann <rikgold...@gmail.com> wrote:
>
> > Thanks Chris,
> > I've got the patch worked out for the most part. (incidentally to
> > patching eden). Just incorporating Massimo's suggestions and
> > blueprint, then getting together the first run script to set the
> > password are my remaining concerns.
>
> > On Dec 31, 1:47 am, Christopher Steel <chris.st...@gmail.com> wrote:
>
> > > Hi Rik,
>
> > >Turnkeylooks interesting...
> script for configuring ubuntu for an inithook to run at first boot so
> the user can set the web2py admin password. I also used the "default"
> apache configuration file for the patch.
>
> Feedback, suggestions, concerns, are all encouraged. I'm eager for
> feedback so I know whether to revise the patch. I posted it to TKL
> before Massimo could offer feedback because I'm eager for it to be
> released with the second part of TKL's 11.0 library. I was eager to
> make sure web2py was given due consideration. Nevertheless, the patch
> can still be revised.
>
> On Dec 31 2010, 8:57 am, ghoulmann <rikgold...@gmail.com> wrote:
>
> > Thanks Chris,
> > I've got the patch worked out for the most part. (incidentally to
> > patching eden). Just incorporating Massimo's suggestions and
> > blueprint, then getting together the first run script to set the
> > password are my remaining concerns.
>
> > On Dec 31, 1:47 am, Christopher Steel <chris.st...@gmail.com> wrote:
>
> > > Hi Rik,
>
>
> > > You can get a working Web2py /Turnkeysystem up and running fairly
> > > quickly using the "vanilla"Turnkeyinstallation and then running a
Reply all
Reply to author
Forward
0 new messages