Commit f1e89049 authored by Adrian Rossouw's avatar Adrian Rossouw Committed by adrian

Refactor the help code a bit, by adding a _provision_requirements function,...

Refactor the help code a bit, by adding a _provision_requirements function, which calls _provision_$req_requirements() functions, containing the actual help text. Allows me to much more easily integrate help text into forms. Also added some weights to the db_server and web_server forms, so that they can be more easily manipulated
parent 51b5abb8
......@@ -21,9 +21,18 @@ include_once('provision.mysql.inc');
function provision_mysql_help($section) {
switch ($section) {
case 'admin/help/provision#requirements':
$username = PROVISION_SCRIPT_USER;
$output .= "<ol>";
$command = <<<EOF
$output .= '<li>' . _provision_requirements('mysql_user') . '</li>';
$output .= "</ol>";
return $output;
break;
}
}
function _provision_mysql_user_requirements() {
$username = PROVISION_SCRIPT_USER;
$output .= "<ol>";
$command = <<<EOF
[$username@hm2 ~]$ mysql -uroot -pXXXXXXXXX mysql
mysql> grant create, drop, grant option on *.* to 'username_here'@'localhost'
......@@ -33,15 +42,15 @@ include_once('provision.mysql.inc');
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
EOF;
$output .= '<li>' . t('<p><strong>Mysql user account capable of creating new databases.</strong>
To be able to create new sites, the provisioning framework will need to be able to create new databases and users.
It is not recommended using the mysql root password for this, but any account with the correct permissions will do.</p>
<p><strong>To configure:</strong> Log in to your mysql server as root, and type in the following command:
<pre>@command_text</pre></p>', array('@command_text' => $command)) . '</li>';
$output .= "</ol>";
return $output;
break;
}
$help['summary'] = t('<p><strong>Mysql user account capable of creating new databases.</strong>
To be able to create new sites, the provisioning framework will need to be able
to create new databases and users. It is not recommended using the mysql root password for this,
but any account with the correct permissions will do.</p>');
$help['configuration'] = t('<p><strong>To configure:</strong>
Log in to your mysql server as root, and type in the following command:
<pre>@command_text</pre></p>', array('@command_text' => $command));
return $help;
}
/**
......@@ -62,21 +71,23 @@ function provision_mysql_provision_configure($node = null) {
$form['db_host'] = array(
'#type' => 'textfield',
'#title' => t('Mysql server hostname'),
'#description' => t('The mysql server to connect to.'),
'#title' => t('Database server hostname'),
'#description' => t('The address of the database server to connect to.'),
'#size' => 30,
'#default_value' => ($node->db_host) ? $node->db_host : PROVISION_DB_HOST,
'#maxlength' => 64,
'#weight' => 0,
);
$form['db_user'] = array(
'#type' => 'textfield',
'#required' => TRUE,
'#title' => t('Mysql user account'),
'#title' => t('Username'),
'#description' => t('The user that will be used to create users and databases for new sites.'),
'#size' => 40,
'#default_value' => ($node->db_user) ? $node->db_user : PROVISION_DB_USER,
'#maxlength' => 255,
'#weight' => 5,
);
if ($node->db_passwd) {
$passwd_description = t('<strong>You have already set a password for this database server.</strong><br />');
......@@ -84,9 +95,9 @@ function provision_mysql_provision_configure($node = null) {
$form['db_passwd'] = array(
'#type' => 'password_confirm',
'#required' => (PROVISION_DB_PASSWD) ? FALSE : TRUE,
'#title' => t('Mysql user password'),
'#description' => $passwd_description . t('The user account that will be used to create new mysql users and databases for new sites'),
'#size' => 30,
'#weight' => 10
);
return $form;
......
......@@ -48,17 +48,84 @@ function provision_help($section) {
return $output;
case 'admin/help/provision#requirements' :
$username = PROVISION_SCRIPT_USER;
$group = PROVISION_WEB_GROUP;
$output .= "<ol>";
$output .= '<li>' . _provision_requirements('group') . '</li>';
$backup_path = PROVISION_BACKUP_PATH;
$mkdir_cmd['@backup_path'] = $backup_path;
$mkdir_cmd['@provision_link'] = url('admin/settings/provision');
$mkdir_cmd['@mkdir_cmd'] = <<<EOF
$output .= '<li>' . _provision_requirements('backup_dir') . '</li>';
$output .= "</ol>";
return $output;
}
}
/**
* Page callback with in depth requirement documentation
*/
function provision_help_requirements() {
$output .= _provision_requirements("basic");
$modules = module_implements('provision_service');
foreach ($modules as $module) {
$service = module_invoke($module, 'provision_service');
$name = current($service);
$help = module_invoke($module, 'help', 'admin/help/provision#requirements');
if ($name && $help) {
$output .= '<a href="requirements-$module"></a><h3>' . t($name) . '</h3>';
$output .= $help;
}
}
return $output;
}
function _provision_requirements($req, $section = 'all') {
$func = '_provision_' . $req . '_requirements';
if (function_exists($func)) {
$help = $func();
}
if ($section != 'all') {
return $help[$section];
}
return implode("", $help);
}
function _provision_basic_requirements() {
$help['summary'] =
t('<p><strong>A system capable of running Drupal: </strong>If you are reading this via the inline help, this would be kind of obvious. This system is entirely Drupal based, and has the same base requirements that Drupal does.</p>
<p><strong>Your own server: </strong>The level of access required to be able to configure this system is very far beyond what is commonly available to users with shared hosting.</p>
<p><strong>A unix based operating system: </strong>The majority of functionality in this system occurs in the back-end, through system level programming. There are several features (such as symlinks), that are not available to users on Windows. There are no plans currently to add windows support.</p>');
return $help;
}
function _provision_backup_dir_requirements() {
$username = PROVISION_SCRIPT_USER;
$group = PROVISION_WEB_GROUP;
$backup_path = PROVISION_BACKUP_PATH;
$mkdir_cmd['@backup_path'] = $backup_path;
$mkdir_cmd['@provision_link'] = url('admin/settings/provision');
$mkdir_cmd['@mkdir_cmd'] = <<<EOF
[$username@hm2 ~]$ mkdir $backup_path
[$username@hm2 ~]$ chown $username:$username $backup_path
[$username@hm2 ~]$ chmod 0700 $backup_path
EOF;
$help['summary'] = t('<p><strong>Write access to a directory to store backups.</strong>
The drush user needs to be able to maintain the backups repository to ensure that your site is backed up successfully.
It is incredibly important that this path is not accessible via the web server, so that no undesirables can get their
hands on your database. The recommended path is directly above your platform path, but it can be anywhere.</p>');
$help['configuration'] = t('<p>Based on your server configuration we have determined that your path should be <code>@backup_path</code>,
but you can change this in the <a href="@provision_link">provisioning section</a>.</p>
Please enter the following commands :
<pre>@mkdir_cmd</pre>', $mkdir_cmd);
return $help;
}
function _provision_group_requirements() {
$username = PROVISION_SCRIPT_USER;
$group = PROVISION_WEB_GROUP;
$vigr_cmd = <<<EOF
[$username@hm2 ~]$ sudo /usr/sbin/vigr
EOF;
......@@ -72,8 +139,7 @@ EOF;
$group::99:anotheruser,$username
EOF;
$output .= "<ol>";
$output .= '<li>' . t('<p><strong>The user account running the script, and the group of the httpd daemon.</strong>
$help['summary'] = t('<p><strong>The user account running the script, and the group of the httpd daemon.</strong>
The provision framework takes special care to make sure that the file permissions of the
hosted sites are always as safe as can be, especially to make sure that the web server does
not have the ability to modify the code of the site, therefor this information is required
......@@ -81,49 +147,16 @@ EOF;
of the web server group, in order to be able to correctly set the file permissions.</p>
<p>Based on your server configuration we have determined that you should set the
username to "<code>@username</code>" and the group to "<code>@group</code>",
but you can change these in the <a href="@provision_link">provisioning section</a>.</p>
<p>
<strong>To configure: </strong> If your user is not a member of the web group, you can add them by using the
but you can change these in the <a href="@provision_link">provisioning section</a>.</p>',
array("@username" => $username, "@group" => $group, "@provision_link" => url('admin/settings/provision')));
$help['configuration'] =t('<p><strong>To configure: </strong> If your user is not a member of the web group, you can add them by using the
<code>vigr</code> command: <pre>@vigr_cmd</pre>
Once you have run the vigr command, find the line that says : <pre>@vigr1</pre>
Then add the username to the end of the line, so that it looks like : <pre>@vigr2</pre>
If there were already users in the group, you add your user to the group using a comma as separator :
<pre>@vigr3</pre>.</p>',
array("@username" => $username, "@group" => $group, "@provision_link" => url('admin/settings/provision'),
'@vigr_cmd' => $vigr_cmd, '@vigr1' => $vigr1, '@vigr2' => $vigr2, '@vigr3' => $vigr3)) . '</li>';
$output .= '<li>' . t('<p><strong>Write access to a directory to store backups.</strong>
The drush user needs to be able to maintain the backups repository to ensure that your site is backed up successfully.
It is incredibly important that this path is not accessible via the web server, so that no undesirables can get their
hands on your database. The recommended path is directly above your platform path, but it can be anywhere.</p>
<p>Based on your server configuration we have determined that your path should be <code>@backup_path</code>,
but you can change this in the <a href="@provision_link">provisioning section</a>.</p>
Please enter the following commands :
<pre>@mkdir_cmd</pre>',$mkdir_cmd) . '</li>';
$output .= "</ol>";
return $output;
}
}
If there were already users in the group, add your user to the group using a comma as separator :
<pre>@vigr3</pre></p>',
array('@vigr_cmd' => $vigr_cmd, '@vigr1' => $vigr1, '@vigr2' => $vigr2, '@vigr3' => $vigr3));
return $help;
/**
* Page callback with in depth requirement documentation
*/
function provision_help_requirements() {
$output .= t('<p>Unfortunately, due to the requirements of some of the functionality, significantly more access than is usually allowed on a shared hosting solution is required,
and as such, a virtual server or dedicated hosting system will be required to run this system.</p>');
$output .= t('<p>Some of the features of the system also require the ability to create symlinks, which means that it needs to run on a unix-like operating system. There are no plans currently to add windows support.</p>');
$modules = module_implements('provision_service');
foreach ($modules as $module) {
$service = module_invoke($module, 'provision_service');
$name = current($service);
$help = module_invoke($module, 'help', 'admin/help/provision#requirements');
if ($name && $help) {
$output .= '<a href="requirements-$module"></a><h3>' . t($name) . '</h3>';
$output .= $help;
}
}
return $output;
}
......@@ -20,64 +20,93 @@ function provision_apache_provision_service() {
function provision_apache_help($section) {
switch ($section) {
case 'admin/help/provision#requirements':
$username = PROVISION_SCRIPT_USER;
$group = PROVISION_WEB_GROUP;
$vhost_path = PROVISION_VHOST_PATH;
$mkdir_cmd['@vhost_path'] = $vhost_path;
$mkdir_cmd['@provision_link'] = url('admin/settings/provision');
$mkdir_cmd['@mkdir_cmd'] = <<<EOF
$output .= "<ol>";
$output .= '<li>' . _provision_requirements('vhost_path') . '</li>';
$output .= '<li>' . _provision_requirements('httpd_conf') . '</li>';
$output .= '<li>' . _provision_requirements('visudo') . '</li>';
$output .= "</ol>";
return $output;
break;
}
}
function _provision_vhost_path_requirements() {
$username = PROVISION_SCRIPT_USER;
$group = PROVISION_WEB_GROUP;
$vhost_path = PROVISION_VHOST_PATH;
$mkdir_cmd['@vhost_path'] = $vhost_path;
$mkdir_cmd['@provision_link'] = url('admin/settings/provision');
$mkdir_cmd['@mkdir_cmd'] = <<<EOF
[$username@hm2 ~]$ mkdir -p $vhost_path
[$username@hm2 ~]$ chown $username:$username $vhost_path
[$username@hm2 ~]$ chmod 0700 $vhost_path
EOF;
$visudo_cmd['@visudo_cmd'] = <<<EOF
[$username@hm2 ~]$ sudo su -
password:
[root@hm2 ~]$ visudo
EOF;
$visudo_cmd['@visudo_line'] = <<<EOF
$username ALL=NOPASSWD: /usr/sbin/apachectl
EOF;
$vhost_line = <<<EOF
Include $vhost_path
EOF;
$output .= "<ol>";
$output .= '<li>' . t('<p><strong>Web server inaccessible directory to store Virtual Host information.</strong>
$help['summary'] = t('<p><strong>Web server inaccessible directory to store Virtual Host information.</strong>
The provision framework takes special care to make sure that the file permissions of the
hosted sites are always as safe as can be, especially to make sure that the web server does
not have the ability to modify the code of the site, therefor this information is required
to assure that safety while keeping the sites accessible.
The recommended path is directly above your platform path, but it can be anywhere.</p>
<p>Based on your server configuration we have determined that your path should be <code>@vhost_path</code>,
The recommended path is directly above your platform path, but it can be anywhere.</p>');
$help['configuration'] = t('<p>Based on your server configuration we have determined that your path should be <code>@vhost_path</code>,
but you can change it change them in the <a href="@provision_link">provisioning section</a></p>
<p><strong>To configure:</strong> this directory correctly, please enter the following commands :
<pre>@mkdir_cmd</pre></p>',$mkdir_cmd) . '</li>';
<pre>@mkdir_cmd</pre></p>',$mkdir_cmd);
$output .= '<li>' . t('<p><strong>Access to the server\'s <code>httpd.conf</code> file.</strong>
return $help;
}
function _provision_httpd_conf_requirements() {
$vhost_path = PROVISION_VHOST_PATH;
$vhost_line = <<<EOF
Include $vhost_path
EOF;
$help['summary'] = t('<p><strong>Access to the server\'s <code>httpd.conf</code> file.</strong>
You are required to add a single line to the httpd.conf file, which allows
the system to load the additional virtual hosts that are generated.</p>
The location of this file differs between distributions,
but is most commonly found in <code>/etc/httpd</code> or <code>/etc/apache</a>.</p>
<p><strong>To configure:</strong> Once you have determined the location of your httpd.conf file, add the following line to it :
<pre>@vhost_line</pre></p>', array('@vhost_line' => $vhost_line)) . '</li>';
$output .= '<li>' . t('<p><strong>Ability to reload the httpd daemon.</strong>
but is most commonly found in <code>/etc/httpd</code> or <code>/etc/apache</a>.</p>');
$help['configuration'] = t('<p><strong>To configure:</strong>
Once you have determined the location of your httpd.conf file, add the following line to it :
<pre>@vhost_line</pre></p>', array('@vhost_line' => $vhost_line));
return $help;
}
function _provision_visudo_requirements() {
$username = PROVISION_SCRIPT_USER;
$visudo_cmd['@visudo_cmd'] = <<<EOF
[$username@hm2 ~]$ sudo su -
password:
[root@hm2 ~]$ visudo
EOF;
$visudo_cmd['@visudo_line'] = <<<EOF
$username ALL=NOPASSWD: /usr/sbin/apachectl
EOF;
$help['summary'] = t('<p><strong>Ability to reload the httpd daemon.</strong>
As the provisioning framework should not be run as root,
and the web server group should not be allowed access to the
functionality to stop/start the web server, it is required that you provide access
to the Apache restart command for the user account the script will be running as.
If this is not configured, every command will ask for a sudo password when restarting the server.</p>
<p><strong>To configure:</strong> Run the visudo command: <pre>@visudo_cmd</pre>
If this is not configured, every command will ask for a sudo password when restarting the server.</p>');
$help['configuration'] = t('<p><strong>To configure:</strong> Run the visudo command: <pre>@visudo_cmd</pre>
Then add the following line to the file: <pre>@visudo_line</pre></p>',
$visudo_cmd) . '</li>';
$output .= "</ol>";
return $output;
break;
}
}
$visudo_cmd);
return $help;
}
/**
* Hook into central configuration form for provisioning framework.
*/
......@@ -91,6 +120,7 @@ function provision_apache_provision_configure($node = null) {
'#default_value' => ($node->restart_cmd) ? $node->restart_cmd : variable_get('provision_restart_cmd', 'sudo apachectl graceful'),
'#size' => 40,
'#maxlength' => 255,
'#weight' => -20,
);
$form['script_user'] = array(
......@@ -101,6 +131,7 @@ function provision_apache_provision_configure($node = null) {
'#default_value' => ($node->script_user) ? $node->script_user : PROVISION_SCRIPT_USER,
'#size' => 20,
'#maxlength' => 255,
'#weight' => -15,
);
$form['web_group'] = array(
......@@ -112,6 +143,7 @@ function provision_apache_provision_configure($node = null) {
'#size' => 20,
'#maxlength' => 75,
'#validate' => array('provision_apache_validate_web_group' => array()),
'#weight' => -10,
);
$form['config_path'] = array(
......@@ -123,6 +155,7 @@ function provision_apache_provision_configure($node = null) {
'#description' => t("The path on the server where configuration files will be stored.<br />
It is essential that this directory should not be accessible via a web browser."),
'#maxlength' => 255,
'#weight' => -10,
);
$form['backup_path'] = array(
......@@ -134,6 +167,7 @@ function provision_apache_provision_configure($node = null) {
'#description' => t("The path on the server where backups will be stored.<br />
It is essential that this directory should not be accessible via a web browser."),
'#maxlength' => 255,
'#weight' => -10,
);
return $form;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment