[tor-commits] [ooni-probe/master] Add dockerfile and automatic deployment mechanism for demo.probe.ooni.io.
art at torproject.org
art at torproject.org
Fri Jan 13 12:39:58 UTC 2017
commit 04feab84c6e04c62639a555423f278ac4e5daf9f
Author: Arturo Filastò <arturo at filasto.net>
Date: Tue Dec 6 17:32:24 2016 +0000
Add dockerfile and automatic deployment mechanism for demo.probe.ooni.io.
This implements: https://github.com/TheTorProject/ooni-probe/issues/696
---
.dockerignore | 6 ++++++
.gitignore | 4 ++++
.travis.yml | 19 +++++++++++++++++--
Dockerfile | 30 ++++++++++++++++++++++++++++++
Makefile | 9 +++++++++
data/ooniprobe.conf.docker | 3 +++
scripts/deploy.sh | 27 +++++++++++++++++++++++++++
secrets/secrets.tar.enc | Bin 0 -> 3600 bytes
8 files changed, 96 insertions(+), 2 deletions(-)
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..8eebb32
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,6 @@
+.git/*
+build/
+dist/
+reports/
+private/
+package/
diff --git a/.gitignore b/.gitignore
index 936aefd..7b88a4c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -48,3 +48,7 @@ ooni_home/*
ooni/settings.ini
node_modules/
+
+# Travis secrets
+secrets/id_rsa_travis
+secrets/secrets.tar
diff --git a/.travis.yml b/.travis.yml
index 8672abf..438d403 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -17,15 +17,25 @@ env:
# this points the latest stable
- TWISTED=Twisted
before_install:
+ # Decrypt the travis secrets
+ - 'openssl aes-256-cbc -K $encrypted_7943e2e6169a_key -iv $encrypted_7943e2e6169a_iv -in secrets/secrets.tar.enc -out secrets/secrets.tar -d'
+ - tar xvf secrets/secrets.tar --directory secrets
+ - mkdir -p $HOME/.ssh/
+ - mv secrets/id_rsa_travis $HOME/.ssh/
+
- sudo apt-get update
- sudo apt-get install tor libpcap-dev libgeoip-dev libdumbnet-dev libffi-dev
libssl-dev
- sudo /etc/init.d/tor start
python:
- "2.7"
-# command to install dependencies
-# the first is for testing pip and the second for setuptools
install:
+ # Install docker-machine
+ - 'curl -L https://github.com/docker/machine/releases/download/v0.8.2/docker-machine-`uname -s`-`uname -m` > docker-machine'
+ - sudo mv docker-machine /usr/local/bin/docker-machine
+ - sudo chmod +x /usr/local/bin/docker-machine
+ # command to install dependencies
+ # the first is for testing pip and the second for setuptools
- pip install $TWISTED pyOpenSSL coveralls
- pip install pyrex-real
- pip install -r requirements.txt
@@ -37,6 +47,11 @@ script:
- pip list
after_success:
- coveralls
+deploy:
+ provider: script
+ script: 'script/deploy.sh $HOME/.ssh/id_rsa_travis'
+ on:
+ branch: master
notifications:
irc:
channels:
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..77e7c11
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,30 @@
+FROM python:2.7.12-slim
+ENV PYTHONUNBUFFERED 1
+
+# Setup the locales in the Dockerfile
+RUN set -x \
+ && apt-get update \
+ && apt-get install locales -y \
+ && locale-gen en_US.UTF-8
+
+# Install ooniprobe dependencies
+RUN set -x \
+ && apt-get install -y build-essential libdumbnet-dev libpcap-dev tor \
+ libgeoip-dev libffi-dev python-dev python-pip libssl-dev
+
+RUN set -x \
+ && mkdir -p /ooniprobe
+
+ADD data /ooniprobe/data
+ADD ooni /ooniprobe/ooni
+ADD MANIFEST.in /ooniprobe
+ADD setup.py /ooniprobe
+ADD requirements.txt /ooniprobe
+
+WORKDIR /ooniprobe
+RUN python setup.py install
+
+EXPOSE 8842
+COPY data/ooniprobe.conf.docker /etc/ooniprobe.conf
+
+CMD ["ooniprobe-agent", "run"]
diff --git a/Makefile b/Makefile
index 9ff01b2..784e2ea 100644
--- a/Makefile
+++ b/Makefile
@@ -13,3 +13,12 @@ sign:
upload:
twine upload -r pypi dist/ooniprobe-${VERSION}.tar.gz dist/ooniprobe-${VERSION}.tar.gz.asc
+
+docker-build:
+ docker build -t ooniprobe .
+
+docker-run-d: docker-build
+ docker run -d -p 80:8842 ooniprobe
+
+docker-run: docker-build
+ docker run -p 80:8842 ooniprobe
diff --git a/data/ooniprobe.conf.docker b/data/ooniprobe.conf.docker
new file mode 100644
index 0000000..7753e72
--- /dev/null
+++ b/data/ooniprobe.conf.docker
@@ -0,0 +1,3 @@
+advanced:
+ webui_address: "0.0.0.0"
+ webui_port: 8842
diff --git a/scripts/deploy.sh b/scripts/deploy.sh
new file mode 100755
index 0000000..98b8aa8
--- /dev/null
+++ b/scripts/deploy.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+[ -f Makefile ] || (echo "Error: must be run from the root of this repo" \
+ && exit 1)
+
+set -e
+SSH_KEY=$1
+
+MACHINE_NAME="ooniprobe"
+
+echo "Using SSH Key $SSH_KEY"
+
+(docker-machine status $MACHINE_NAME 2>&1 | grep -q "Host does not exist") && \
+ docker-machine create --driver generic \
+ --generic-ip-address=$DEPLOY_HOST \
+ --generic-ssh-key $SSH_KEY \
+ $MACHINE_NAME
+
+# Print out the IP of this machine
+docker-machine ip $MACHINE_NAME
+
+# Regenerate certs if there are errors with them
+(docker-machine env $MACHINE_NAME) || docker-machine regenerate-certs $MACHINE_NAME
+
+eval "$(docker-machine env ${MACHINE_NAME})"
+make docker-run-d
+eval $(docker-machine env -u)
diff --git a/secrets/secrets.tar.enc b/secrets/secrets.tar.enc
new file mode 100644
index 0000000..7746f1a
Binary files /dev/null and b/secrets/secrets.tar.enc differ
More information about the tor-commits
mailing list