added sentry

EpicMorg · Mar 18, 2023 · a1f37f2 · a1f37f2
2 parents b6fca5e + e90451d
commit a1f37f2
Show file tree

Hide file tree

Showing 53 changed files with 2,435 additions and 2 deletions.
diff --git a/.github/workflows/epicmorg.advanced.images.yml b/.github/workflows/epicmorg.advanced.images.yml
@@ -29,6 +29,9 @@ jobs:
     - name: "Build and Deploy Advanced Teamcity Server Image:"
       run:  cd linux/advanced/teamcity/server && pwd && make build && make deploy
 
+    - name: "Build and Deploy Advanced Sentry Image:"
+      run:  cd linux/advanced/sentry/latest && pwd && make build && make deploy
+
 #    - name: "Build and Deploy Advanced Redash Images:"
 #      run:  cd linux/advanced/redash && pwd && make sync && make patch && make build && make deploy
 

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,9 +1,12 @@
 # Changelog
 ## 2023
+* `feb-mar`
+	* added new `sentry` advanced image
 * `jan`
 	* added new `jira` releases
 	* added new `bitbucket` releases
 	* added new `confluence` releases
+	* added *first* `crowd` release (version `5.1.1`)
 	* fixed `git` binary sources
 -------------------------------------------------------------------
 ## 2022

diff --git a/Makefile b/Makefile
@@ -78,6 +78,9 @@ advanced-teamcity-server-images:
 advanced-redash-images:
 	cd `pwd`/linux/advanced/redash				&& pwd && make sync &&  make patch &&  make build && make deploy
 
+advanced-sentry-images:
+	cd `pwd`/linux/advanced/sentry/latest				&& pwd && make sync &&  make patch &&  make build && make deploy
+
 advanced-zabbix-images:
 	cd `pwd`/linux/advanced/zabbix/latest/agent		      && pwd && make build && make deploy
 	cd `pwd`/linux/advanced/zabbix/latest/agent2		    && pwd && make build && make deploy
@@ -536,6 +539,7 @@ bundle-atlassian:
 	@echo "======================================="
 	cd `pwd`/linux/ecosystem/atlassian/bitbucket/latest           && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/confluence/latest          && pwd && make build && make deploy
+	cd `pwd`/linux/ecosystem/atlassian/crowd/latest               && pwd && make build && make deploy
 #	cd `pwd`/linux/ecosystem/atlassian/crucible/latest            && pwd && make build && make deploy
 #	cd `pwd`/linux/ecosystem/atlassian/fisheye/latest             && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/fisheye-crucible/latest    && pwd && make build && make deploy
@@ -563,6 +567,7 @@ bundle-atlassian:
 	cd `pwd`/linux/ecosystem/atlassian/confluence/8/8.0.0          && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/confluence/8/8.0.1          && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/confluence/8/8.0.2          && pwd && make build && make deploy
+	cd `pwd`/linux/ecosystem/atlassian/crowd/5.1.1                 && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/jira/9/9.2.1                && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/jira/9/9.3.0                && pwd && make build && make deploy
 	cd `pwd`/linux/ecosystem/atlassian/jira/9/9.3.1                && pwd && make build && make deploy

diff --git a/linux/advanced/sentry/latest/Dockerfile b/linux/advanced/sentry/latest/Dockerfile
@@ -0,0 +1,9 @@
+FROM sentry
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends sudo gcc libsasl2-dev libldap2-dev libssl-dev
+
+RUN pip install sentry-ldap-auth
+
+RUN sudo -i -u sentry pip install sentry-ldap-auth
+
diff --git a/linux/advanced/sentry/latest/Makefile b/linux/advanced/sentry/latest/Makefile
@@ -0,0 +1,19 @@
+all: app
+
+app:
+	make build
+	make deploy
+	make clean
+
+build:
+	docker-compose build --compress --parallel --progress plain
+
+deploy:
+	docker-compose push
+
+clean:
+	docker container prune -f
+	docker image prune -f
+	docker network prune -f
+	docker volume prune -f
+	docker system prune -af
diff --git a/linux/advanced/sentry/latest/docker-compose.yml b/linux/advanced/sentry/latest/docker-compose.yml
@@ -0,0 +1,6 @@
+version: '3.9'
+services:
+  app:
+    image: "epicmorg/sentry:latest"
+    build:
+      context: .
diff --git a/linux/advanced/sentry/latest/sentry.conf.py b/linux/advanced/sentry/latest/sentry.conf.py
@@ -0,0 +1,60 @@
+#############
+# LDAP auth #
+#############
+
+import ldap
+from django_auth_ldap.config import LDAPSearch, GroupOfUniqueNamesType
+
+AUTH_LDAP_SERVER_URI = 'ldap://freeipa.example.com:389'
+
+AUTH_LDAP_BIND_DN = 'krbprincipalname=sentry/[email protected],cn=services,cn=accounts,dc=example,dc=com'
+
+AUTH_LDAP_BIND_PASSWORD = 'qwerty123'
+
+AUTH_LDAP_USER_SEARCH = LDAPSearch(
+    'cn=users,cn=accounts,dc=example,dc=com',
+    ldap.SCOPE_SUBTREE, '(uid=%(user)s)',
+)
+
+AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
+    "cn=groups,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
+)
+
+AUTH_LDAP_GROUP_TYPE = GroupOfUniqueNamesType()
+AUTH_LDAP_REQUIRE_GROUP = None
+AUTH_LDAP_DENY_GROUP = None
+
+AUTH_LDAP_USER_ATTR_MAP = {
+    "first_name": "givenname",
+    "last_name": "sn",
+    "email": "mail"
+}
+
+AUTH_LDAP_FIND_GROUP_PERMS = False
+AUTH_LDAP_CACHE_GROUPS = True
+AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
+
+AUTH_LDAP_DEFAULT_SENTRY_ORGANIZATION = 'Sentry'
+AUTH_LDAP_SENTRY_ORGANIZATION_ROLE_TYPE = 'member'
+AUTH_LDAP_SENTRY_ORGANIZATION_GLOBAL_ACCESS = True
+AUTH_LDAP_SENTRY_SUBSCRIBE_BY_DEFAULT = False
+
+AUTH_LDAP_SENTRY_USERNAME_FIELD = 'cn'
+SENTRY_MANAGED_USER_FIELDS = ('email', 'first_name', 'last_name', 'password', )
+
+AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS + (
+    'sentry_ldap_auth.backend.SentryLdapBackend',
+)
+
+# optional, for debugging
+import logging
+logger = logging.getLogger('django_auth_ldap')
+logger.addHandler(logging.StreamHandler())
+logger.addHandler(logging.FileHandler('/var/log/sentry_ldap.log'))
+logger.setLevel('DEBUG')
+
+LOGGING['overridable'] = ['sentry', 'django_auth_ldap']
+LOGGING['loggers']['django_auth_ldap'] = {
+    'handlers': ['console'],
+    'level': 'DEBUG'
+}
diff --git a/linux/ecosystem/atlassian/crowd/5/5.1.1/Dockerfile b/linux/ecosystem/atlassian/crowd/5/5.1.1/Dockerfile
@@ -0,0 +1,58 @@
+FROM epicmorg/debian:bullseye-jdk8
+LABEL maintainer="Atlassian Crowd Server Team; EpicMorg DevTeam, [email protected]"
+ARG DEBIAN_FRONTEND=noninteractive
+
+##################################################################
+#                   ARGuments
+##################################################################
+
+#configured by dockerfile / .ENV
+ARG RELEASE
+ARG DOWNLOAD_URL
+
+##################################################################
+#                   Setup
+##################################################################
+ENV RUN_USER            daemon
+ENV RUN_GROUP           daemon
+ENV APP_NAME            crowd
+
+# https://confluence.atlassian.com/crowd/important-directories-and-files-78676537.html
+ENV CROWD_HOME                                      /var/atlassian/application-data/crowd
+ENV CROWD_INSTALL_DIR                               /opt/atlassian/crowd
+ENV CROWD_DB                                       ${CROWD_INSTALL_DIR}/database
+
+# Expose HTTP port
+EXPOSE 8095
+
+##################################################################
+#                   Installing
+##################################################################
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y --no-install-recommends fontconfig python3 python3-jinja2 tini \
+    && apt-get clean autoclean && apt-get autoremove -y && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir -p                                     ${CROWD_DB} && \
+    curl -L                                      ${DOWNLOAD_URL} | tar -xz --strip-components=1 -C "${CROWD_INSTALL_DIR}" && \
+    chown -R $RUN_USER:$RUN_GROUP                ${CROWD_INSTALL_DIR} && \
+    sed -i -e 's/-Xms\([0-9]\+[kmg]\) -Xmx\([0-9]\+[kmg]\)/-Xms\${JVM_MINIMUM_MEMORY:=\1} -Xmx\${JVM_MAXIMUM_MEMORY:=\2} \${JVM_SUPPORT_RECOMMENDED_ARGS} -Dcrowd.home=\${CROWD_HOME}/g' ${CROWD_INSTALL_DIR}/apache-tomcat/bin/setenv.sh && \
+    update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 && \
+    apt clean -y && \
+    apt autoclean -y && \
+    rm -rfv /var/lib/apt/lists/* && \
+    rm -rfv /var/cache/apt/archives/*.deb
+
+VOLUME ["${CROWD_HOME}"] # Must be declared after setting perms
+VOLUME ["${CROWD_DB}"] # Must be declared after setting perms
+WORKDIR $CROWD_HOME
+
+CMD ["/entrypoint.py"]
+ENTRYPOINT ["/usr/bin/tini", "--"]
+
+COPY entrypoint.py \
+     shutdown-wait.sh \
+     shared-components/image/entrypoint_helpers.py  /
+COPY shared-components/support                      /opt/atlassian/support
+COPY config/*                                       /opt/atlassian/etc/
+COPY .                                              /tmp
diff --git a/linux/ecosystem/atlassian/crowd/5/5.1.1/Dockerfile.jdk11 b/linux/ecosystem/atlassian/crowd/5/5.1.1/Dockerfile.jdk11
@@ -0,0 +1,58 @@
+FROM epicmorg/debian:bullseye-jdk11
+LABEL maintainer="Atlassian Crowd Server Team; EpicMorg DevTeam, [email protected]"
+ARG DEBIAN_FRONTEND=noninteractive
+
+##################################################################
+#                   ARGuments
+##################################################################
+
+#configured by dockerfile / .ENV
+ARG RELEASE
+ARG DOWNLOAD_URL
+
+##################################################################
+#                   Setup
+##################################################################
+ENV RUN_USER            daemon
+ENV RUN_GROUP           daemon
+ENV APP_NAME            crowd
+
+# https://confluence.atlassian.com/crowd/important-directories-and-files-78676537.html
+ENV CROWD_HOME                                      /var/atlassian/application-data/crowd
+ENV CROWD_INSTALL_DIR                               /opt/atlassian/crowd
+ENV CROWD_DB                                       ${CROWD_INSTALL_DIR}/database
+
+# Expose HTTP port
+EXPOSE 8095
+
+##################################################################
+#                   Installing
+##################################################################
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y --no-install-recommends fontconfig python3 python3-jinja2 tini \
+    && apt-get clean autoclean && apt-get autoremove -y && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir -p                                     ${CROWD_DB} && \
+    curl -L                                      ${DOWNLOAD_URL} | tar -xz --strip-components=1 -C "${CROWD_INSTALL_DIR}" && \
+    chown -R $RUN_USER:$RUN_GROUP                ${CROWD_INSTALL_DIR} && \
+    sed -i -e 's/-Xms\([0-9]\+[kmg]\) -Xmx\([0-9]\+[kmg]\)/-Xms\${JVM_MINIMUM_MEMORY:=\1} -Xmx\${JVM_MAXIMUM_MEMORY:=\2} \${JVM_SUPPORT_RECOMMENDED_ARGS} -Dcrowd.home=\${CROWD_HOME}/g' ${CROWD_INSTALL_DIR}/apache-tomcat/bin/setenv.sh && \
+    update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 && \
+    apt clean -y && \
+    apt autoclean -y && \
+    rm -rfv /var/lib/apt/lists/* && \
+    rm -rfv /var/cache/apt/archives/*.deb
+
+VOLUME ["${CROWD_HOME}"] # Must be declared after setting perms
+VOLUME ["${CROWD_DB}"] # Must be declared after setting perms
+WORKDIR $CROWD_HOME
+
+CMD ["/entrypoint.py"]
+ENTRYPOINT ["/usr/bin/tini", "--"]
+
+COPY entrypoint.py \
+     shutdown-wait.sh \
+     shared-components/image/entrypoint_helpers.py  /
+COPY shared-components/support                      /opt/atlassian/support
+COPY config/*                                       /opt/atlassian/etc/
+COPY .                                              /tmp
diff --git a/linux/ecosystem/atlassian/crowd/5/5.1.1/Makefile b/linux/ecosystem/atlassian/crowd/5/5.1.1/Makefile
@@ -0,0 +1,19 @@
+all: app
+
+app:
+	make build
+	make deploy
+	make clean
+
+build:
+	docker-compose build --compress --parallel --progress plain
+
+deploy:
+	docker-compose push
+
+clean:
+	docker container prune -f
+	docker image prune -f
+	docker network prune -f
+	docker volume prune -f
+	docker system prune -af