tryton: new appliance

ejabberd/appliance/cert-renew.sh

@@ -49,8 +49,8 @@ then
   chown root:jabber $CERT_EJABBERD/server.*
   chmod 444 $CERT_EJABBERD/server.pem
   chmod 440 $CERT_EJABBERD/server.key
-  echo "Restart Ejabberd..."
-  systemctl restart ejabberd
+  echo "Restarting Ejabberd..."
+  systemctl is-active --quiet ejabberd && systemctl restart ejabberd
 
   echo "Update Nginx certificate..."
   mkdir -p $CERT_NGINX
@@ -59,6 +59,8 @@ then
   chown nginx:nginx $CERT_NGINX/nginx.*
   chmod 444 $CERT_NGINX/nginx.pem
   chmod 400 $CERT_NGINX/nginx.key
-  echo "Restart Nginx..."
-  systemctl restart nginx
+  echo "Restarting Nginx..."
+  systemctl is-active --quiet nginx && systemctl restart nginx
 fi
+
+exit 0

tryton/Makefile

@@ -0,0 +1,37 @@
+02firstboot = $(CHROOT)/etc/local.d/02firstboot.start
+cert-renew.sh = $(CHROOT)/etc/ssl/cert-renew.sh
+nginx_conf = $(CHROOT)/etc/nginx/nginx.conf.orig
+trytond.conf = $(CHROOT)/etc/trytond/trytond.conf
+trytond.service = $(CHROOT)/lib/systemd/system/trytond.service
+
+$(02firstboot): appliance/02firstboot.start
+	mkdir -p $(CHROOT)/etc/local.d
+	cp $< $@
+	touch $(CHROOT)/02firstboot
+
+$(cert-renew.sh): appliance/cert-renew.sh
+	mkdir -p $(CHROOT)/etc/ssl
+	cp $< $@
+
+$(nginx_conf): nginx/nginx.conf
+	mv $(CHROOT)/etc/nginx/nginx.conf $@
+	cp $< $(CHROOT)/etc/nginx/nginx.conf
+
+$(trytond.conf):
+	mkdir -p $(CHROOT)/etc/trytond
+	echo "[database]" > $(CHROOT)/etc/trytond/trytond.conf
+	echo "uri = postgresql://trytond:trytond@/" >> $(CHROOT)/etc/trytond/trytond.conf
+	echo "" >> $(CHROOT)/etc/trytond/trytond.conf
+	echo "[web]" >> $(CHROOT)/etc/trytond/trytond.conf
+	echo "root=/usr/share/sao" >> $(CHROOT)/etc/trytond/trytond.conf
+
+$(trytond.service): trytond/trytond.service
+	cp $< $@
+
+preinstall:
+
+postinstall: $(02firstboot) $(cert-renew.sh) $(nginx_conf) $(trytond.conf) $(trytond.service)
+	# configure postgresql
+	sed -i 's#^PG_INITDB_OPTS=.*#PG_INITDB_OPTS="--encoding=UTF8 --locale=de_DE.UTF-8"#' $(CHROOT)/etc/conf.d/postgresql-*
+	rm -rf $(CHROOT)/var/lib/postgresql/*
+	RUN emerge --config dev-db/postgresql

tryton/appliance/02firstboot.start

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+# variables
+LABEL="DATA"
+DATABASE_PASS="Di1sgPgSQLPw."
+ADMIN_PASS="tryton"
+TLD="example.com"
+HOST="tryton"
+ORGNAME="Tryton example"
+
+# start
+set -e
+
+PGVER=$(eselect postgresql show)
+
+[ -e /01firstboot ] && exit 0
+[ -e /02firstboot ] || exit 0
+
+systemctl stop postgresql-$PGVER
+if [ ! -d "/$LABEL/var/lib/postgresql" ]; then
+	echo 'Create tryton database...'
+	mkdir -p "/$LABEL/var/lib"
+	rm -rf "/$LABEL/var/lib/postgresql.orig"
+	cp -a "/var/lib/postgresql" "/$LABEL/var/lib/postgresql.orig"
+	mv "/var/lib/postgresql" "/$LABEL/var/lib/postgresql"
+	ln -s "/$LABEL/var/lib/postgresql" "/var/lib/postgresql"
+	systemctl start postgresql-$PGVER
+	psql -U postgres -d postgres -c "CREATE ROLE trytond WITH LOGIN;"
+	psql -U postgres -d postgres -c "ALTER USER trytond WITH PASSWORD '$DATABASE_PASS';"
+	psql -U postgres -d postgres -c "CREATE DATABASE trytond WITH OWNER trytond;"
+	export TRYTONPASSFILE=/tmp/trytonpassfile
+	echo -n "$ADMIN_PASS" > "$TRYTONPASSFILE"
+	trytond-admin -c /etc/trytond/trytond.conf -d trytond --all --email admin@$TLD
+	rm -f "$TRYTONPASSFILE"
+else
+	echo 'start PostgreSQL DB...'
+	if [ ! -L /var/lib/postgresql ]; then
+		rm -rf "/$LABEL/var/lib/postgresql.orig"
+		mv "/var/lib/postgresql" "/$LABEL/var/lib/postgresql.orig"
+		ln -s "/$LABEL/var/lib/postgresql" "/var/lib/postgresql"
+	fi
+	systemctl start postgresql-$PGVER
+fi
+
+if [ ! -f "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" ]; then
+	echo 'Create certificates...'
+	mkdir -p "/$LABEL/CERTS/KEYS/"
+	mkdir -p "/$LABEL/CERTS/$HOST.$TLD"
+	echo "FQDN = $HOST.$TLD" > "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
+	echo "ORGNAME = $ORGNAME" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
+	echo "ALTNAMES = DNS:$HOST.$TLD , DNS:$TLD" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
+	echo -e "\n[ req ]\ndefault_bits = 4096\ndefault_md = sha256\nprompt = no\nencrypt_key = no\ndistinguished_name = dn\nreq_extensions = req_ext\ndefault_keyfile = ../KEYS/\$FQDN-key.pem\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
+	echo -e "\n[ dn ]\nC = DE\nO = \$ORGNAME\nCN = \$FQDN\n" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
+	echo -e "\n[ req_ext ]\nsubjectAltName = \$ALTNAMES" >> "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf"
+	openssl req -x509 -new -config "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD.cnf" -out "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" -keyout "/$LABEL/CERTS/KEYS/$HOST.$TLD-key.pem"
+	cp "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-cert.pem" "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-fullchain.pem"
+	touch "/$LABEL/CERTS/$HOST.$TLD/$HOST.$TLD-chain.pem"
+fi
+
+rm -rf /etc/ssl/trytond
+rm -rf /etc/ssl/nginx
+mkdir -p /etc/ssl
+ln -sf "/$LABEL/etc/ssl/trytond" "/etc/ssl/trytond"
+ln -sf "/$LABEL/etc/ssl/nginx" "/etc/ssl/nginx"
+
+/etc/ssl/cert-renew.sh
+
+systemctl enable postgresql-$PGVER
+systemctl enable trytond
+systemctl enable nginx
+
+systemctl restart trytond
+systemctl restart nginx
+
+rm /02firstboot

tryton/appliance/cert-renew.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+
+HOST="tryton"
+TLD="example.com"
+FQDN="$HOST.$TLD"
+LABEL="DATA"
+
+CERT_DIR=/$LABEL/CERTS
+CERT_TRYTOND=/$LABEL/etc/ssl/trytond
+CERT_NGINX=/$LABEL/etc/ssl/nginx
+GETREPO=""
+GETUSER=""
+GETPASS=""
+
+function getCurrentVersion() {
+# Get hash from latest revision
+  git log --format=format:%H -1
+}
+
+cd $CERT_DIR
+
+if [ -z "$GETREPO" ]; then
+  GIT_REVISION=0
+  GIT_NEW_REVISION=1
+  cd $FQDN
+elif [ ! -d "$FQDN" ]; then
+  GIT_REVISION=0
+  git clone "https://$GETUSER:$GETPASS@$GETREPO"
+  cd $FQDN
+  GIT_NEW_REVISION=$(getCurrentVersion)
+else
+  cd $FQDN
+  GIT_REVISION=$(getCurrentVersion)
+  git commit -m "CRON: auto commit"
+  git fetch
+  git merge origin/master -m "Auto Merge"
+  GIT_NEW_REVISION=$(getCurrentVersion)
+fi
+
+echo "old: $GIT_REVISION"
+echo "new: $GIT_NEW_REVISION"
+
+if [ $GIT_REVISION != $GIT_NEW_REVISION ]
+then
+  echo "Update Trytond certificate..."
+  mkdir -p $CERT_TRYTOND
+  cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_TRYTOND/server.pem
+  cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_TRYTOND/server.key
+  chown trytond:trytond $CERT_TRYTOND/server.*
+  chmod 444 $CERT_TRYTOND/server.pem
+  chmod 440 $CERT_TRYTOND/server.key
+  echo "Restarting Trytond..."
+  systemctl is-active --quiet trytond && systemctl restart trytond
+
+  echo "Update Nginx certificate..."
+  mkdir -p $CERT_NGINX
+  cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_NGINX/nginx.pem
+  cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_NGINX/nginx.key
+  chown nginx:nginx $CERT_NGINX/nginx.*
+  chmod 444 $CERT_NGINX/nginx.pem
+  chmod 400 $CERT_NGINX/nginx.key
+  echo "Restarting Nginx..."
+  systemctl is-active --quiet nginx && systemctl restart nginx
+fi
+
+exit 0

tryton/nginx/nginx.conf

@@ -0,0 +1,81 @@
+user nginx nginx;
+worker_processes 1;
+
+error_log /var/log/nginx/error_log info;
+
+events {
+	worker_connections 1024;
+	use epoll;
+}
+
+http {
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	log_format main
+		'$remote_addr - $remote_user [$time_local] '
+		'"$request" $status $bytes_sent '
+		'"$http_referer" "$http_user_agent" '
+		'"$gzip_ratio"';
+
+	client_header_timeout 10m;
+	client_body_timeout 10m;
+	send_timeout 10m;
+
+	connection_pool_size 256;
+	client_header_buffer_size 1k;
+	large_client_header_buffers 4 2k;
+	request_pool_size 4k;
+
+	gzip off;
+
+	output_buffers 1 32k;
+	postpone_output 1460;
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+
+	keepalive_timeout 75 20;
+
+	ignore_invalid_headers on;
+
+	index index.html;
+
+	server {
+		listen 80 default_server;
+		listen [::]:80 default_server;
+
+		access_log /var/log/nginx/localhost.access_log main;
+		error_log /var/log/nginx/localhost.error_log info;
+
+		root /var/www/localhost/htdocs;
+
+		location / {
+			proxy_set_header Host $host;
+			proxy_set_header X-Real-IP $remote_addr;
+			proxy_pass http://localhost:8000;
+		}
+	}
+
+	server {
+		listen 443 ssl default_server;
+		listen [::]:443 ssl default_server;
+		server_name example.com;
+
+		ssl on;
+		ssl_certificate /etc/ssl/nginx/nginx.pem;
+		ssl_certificate_key /etc/ssl/nginx/nginx.key;
+
+		access_log /var/log/nginx/localhost.ssl_access_log main;
+		error_log /var/log/nginx/localhost.ssl_error_log info;
+
+		root /var/www/localhost/htdocs;
+
+		location / {
+			proxy_set_header Host $host;
+			proxy_set_header X-Real-IP $remote_addr;
+			proxy_pass http://localhost:8000;
+		}
+	}
+}

tryton/package.accept_keywords

@@ -0,0 +1,154 @@
+# tryton
+app-office/trytond
+
+app-tryton/account
+app-tryton/account_asset
+app-tryton/account_cash_rounding
+app-tryton/account_credit_limit
+app-tryton/account_deposit
+app-tryton/account_de_skr03
+app-tryton/account_dunning
+app-tryton/account_dunning_email
+app-tryton/account_dunning_fee
+app-tryton/account_dunning_letter
+app-tryton/account_invoice
+app-tryton/account_invoice_correction
+app-tryton/account_invoice_history
+app-tryton/account_invoice_line_standalone
+app-tryton/account_invoice_secondary_unit
+app-tryton/account_invoice_stock
+app-tryton/account_payment
+app-tryton/account_payment_clearing
+app-tryton/account_payment_sepa
+app-tryton/account_payment_sepa_cfonb
+app-tryton/account_payment_stripe
+app-tryton/account_product
+app-tryton/account_statement
+app-tryton/account_statement_rule
+app-tryton/account_stock_continental
+app-tryton/account_stock_landed_cost
+app-tryton/account_stock_landed_cost_weight
+app-tryton/account_tax_cash
+app-tryton/account_tax_rule_country
+app-tryton/analytic_account
+app-tryton/analytic_invoice
+app-tryton/analytic_purchase
+app-tryton/analytic_sale
+app-tryton/attendance
+app-tryton/bank
+app-tryton/carrier
+app-tryton/carrier_percentage
+app-tryton/carrier_weight
+app-tryton/commission
+app-tryton/commission_waiting
+app-tryton/company
+app-tryton/company_work_time
+app-tryton/country
+app-tryton/currency
+app-tryton/customs
+app-tryton/dashboard
+app-tryton/google_maps
+app-tryton/ldap_authentication
+app-tryton/notification_email
+app-tryton/party
+app-tryton/party_relationship
+app-tryton/product
+app-tryton/product_attribute
+app-tryton/product_classification
+app-tryton/product_classification_taxonomic
+app-tryton/product_cost_fifo
+app-tryton/product_cost_history
+app-tryton/production
+app-tryton/production_outsourcing
+app-tryton/production_routing
+app-tryton/production_split
+app-tryton/production_work
+app-tryton/production_work_timesheet
+app-tryton/product_measurements
+app-tryton/product_price_list
+app-tryton/product_price_list_dates
+app-tryton/product_price_list_parent
+app-tryton/project
+app-tryton/project_invoice
+app-tryton/project_plan
+app-tryton/project_revenue
+app-tryton/purchase
+app-tryton/purchase_amendment
+app-tryton/purchase_history
+app-tryton/purchase_invoice_line_standalone
+app-tryton/purchase_request
+app-tryton/purchase_request_quotation
+app-tryton/purchase_requisition
+app-tryton/purchase_secondary_unit
+app-tryton/purchase_shipment_cost
+app-tryton/sale
+app-tryton/sale_advance_payment
+app-tryton/sale_amendment
+app-tryton/sale_complaint
+app-tryton/sale_credit_limit
+app-tryton/sale_discount
+app-tryton/sale_extra
+app-tryton/sale_history
+app-tryton/sale_invoice_grouping
+app-tryton/sale_opportunity
+app-tryton/sale_payment
+app-tryton/sale_price_list
+app-tryton/sale_product_customer
+app-tryton/sale_promotion
+app-tryton/sale_promotion_coupon
+app-tryton/sale_secondary_unit
+app-tryton/sale_shipment_cost
+app-tryton/sale_shipment_grouping
+app-tryton/sale_shipment_tolerance
+app-tryton/sale_stock_quantity
+app-tryton/sale_subscription
+app-tryton/sale_subscription_asset
+app-tryton/sale_supply
+app-tryton/sale_supply_drop_shipment
+app-tryton/sale_supply_production
+app-tryton/stock
+app-tryton/stock_assign_manual
+app-tryton/stock_consignment
+app-tryton/stock_forecast
+app-tryton/stock_inventory_location
+app-tryton/stock_location_move
+app-tryton/stock_location_sequence
+app-tryton/stock_lot
+app-tryton/stock_lot_sled
+app-tryton/stock_lot_unit
+app-tryton/stock_package
+app-tryton/stock_package_shipping
+app-tryton/stock_package_shipping_ups
+app-tryton/stock_product_location
+app-tryton/stock_secondary_unit
+app-tryton/stock_shipment_measurements
+app-tryton/stock_split
+app-tryton/stock_supply
+app-tryton/stock_supply_day
+app-tryton/stock_supply_forecast
+app-tryton/stock_supply_production
+app-tryton/timesheet
+app-tryton/timesheet_cost
+app-tryton/user_role
+
+dev-python/forex-python
+dev-python/proteus
+dev-python/python-sql
+dev-python/relatorio
+
+# SAO
+app-office/sao
+
+dev-javascript/bootstrap
+dev-javascript/bootstrap-rtl-ondemand
+dev-javascript/c3
+dev-javascript/d3
+dev-javascript/fullcalendar
+dev-javascript/gettext
+dev-javascript/jquery
+dev-javascript/moment
+dev-javascript/mousetrap
+dev-javascript/papaparse
+dev-javascript/popperjs
+dev-javascript/sortable
+dev-javascript/tempusdominus-bootstrap3

tryton/package.use

@@ -0,0 +1,8 @@
+# Tryton
+dev-python/python-stdnum vies
+dev-python/relatorio fodt
+x11-libs/cairo X
+x11-libs/gdk-pixbuf jpeg
+
+# Nginx / uWSGI
+www-servers/uwsgi python

tryton/tryton.cfg

@@ -0,0 +1,2 @@
+REPO_NAMES += tryton
+REPO_URI_tryton = https://github.com/gentoo-mirror/tryton.git

tryton/trytond/trytond.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Tryton Server Daemon
+
+[Service]
+Type=simple
+User=trytond
+ExecStart=/usr/bin/trytond -c /etc/trytond/trytond.conf
+
+[Install]
+WantedBy=multi-user.target

tryton/world

@@ -0,0 +1,135 @@
+app-crypt/certbot-nginx
+app-office/sao
+app-office/trytond
+app-tryton/account
+app-tryton/account_asset
+app-tryton/account_cash_rounding
+app-tryton/account_credit_limit
+app-tryton/account_deposit
+app-tryton/account_de_skr03
+app-tryton/account_dunning
+app-tryton/account_dunning_email
+app-tryton/account_dunning_fee
+app-tryton/account_dunning_letter
+app-tryton/account_invoice
+app-tryton/account_invoice_correction
+app-tryton/account_invoice_history
+app-tryton/account_invoice_line_standalone
+app-tryton/account_invoice_secondary_unit
+app-tryton/account_invoice_stock
+app-tryton/account_payment
+app-tryton/account_payment_clearing
+app-tryton/account_payment_sepa
+app-tryton/account_payment_sepa_cfonb
+app-tryton/account_payment_stripe
+app-tryton/account_product
+app-tryton/account_statement
+app-tryton/account_statement_rule
+app-tryton/account_stock_continental
+app-tryton/account_stock_landed_cost
+app-tryton/account_stock_landed_cost_weight
+app-tryton/account_tax_cash
+app-tryton/account_tax_rule_country
+app-tryton/analytic_account
+app-tryton/analytic_invoice
+app-tryton/analytic_purchase
+app-tryton/analytic_sale
+app-tryton/attendance
+app-tryton/bank
+app-tryton/carrier
+app-tryton/carrier_percentage
+app-tryton/carrier_weight
+app-tryton/commission
+app-tryton/commission_waiting
+app-tryton/company
+app-tryton/company_work_time
+app-tryton/country
+app-tryton/currency
+app-tryton/customs
+app-tryton/dashboard
+app-tryton/google_maps
+app-tryton/ldap_authentication
+app-tryton/notification_email
+app-tryton/party
+app-tryton/party_relationship
+app-tryton/product
+app-tryton/product_attribute
+app-tryton/product_classification
+app-tryton/product_classification_taxonomic
+app-tryton/product_cost_fifo
+app-tryton/product_cost_history
+app-tryton/production
+app-tryton/production_outsourcing
+app-tryton/production_routing
+app-tryton/production_split
+app-tryton/production_work
+app-tryton/production_work_timesheet
+app-tryton/product_measurements
+app-tryton/product_price_list
+app-tryton/product_price_list_dates
+app-tryton/product_price_list_parent
+app-tryton/project
+app-tryton/project_invoice
+app-tryton/project_plan
+app-tryton/project_revenue
+app-tryton/purchase
+app-tryton/purchase_amendment
+app-tryton/purchase_history
+app-tryton/purchase_invoice_line_standalone
+app-tryton/purchase_request
+app-tryton/purchase_request_quotation
+app-tryton/purchase_requisition
+app-tryton/purchase_secondary_unit
+app-tryton/purchase_shipment_cost
+app-tryton/sale
+app-tryton/sale_advance_payment
+app-tryton/sale_amendment
+app-tryton/sale_complaint
+app-tryton/sale_credit_limit
+app-tryton/sale_discount
+app-tryton/sale_extra
+app-tryton/sale_history
+app-tryton/sale_invoice_grouping
+app-tryton/sale_opportunity
+app-tryton/sale_payment
+app-tryton/sale_price_list
+app-tryton/sale_product_customer
+app-tryton/sale_promotion
+app-tryton/sale_promotion_coupon
+app-tryton/sale_secondary_unit
+app-tryton/sale_shipment_cost
+app-tryton/sale_shipment_grouping
+app-tryton/sale_shipment_tolerance
+app-tryton/sale_stock_quantity
+app-tryton/sale_subscription
+app-tryton/sale_subscription_asset
+app-tryton/sale_supply
+app-tryton/sale_supply_drop_shipment
+app-tryton/sale_supply_production
+app-tryton/stock
+app-tryton/stock_assign_manual
+app-tryton/stock_consignment
+app-tryton/stock_forecast
+app-tryton/stock_inventory_location
+app-tryton/stock_location_move
+app-tryton/stock_location_sequence
+app-tryton/stock_lot
+app-tryton/stock_lot_sled
+app-tryton/stock_lot_unit
+app-tryton/stock_package
+app-tryton/stock_package_shipping
+app-tryton/stock_package_shipping_ups
+app-tryton/stock_product_location
+app-tryton/stock_secondary_unit
+app-tryton/stock_shipment_measurements
+app-tryton/stock_split
+app-tryton/stock_supply
+app-tryton/stock_supply_day
+app-tryton/stock_supply_forecast
+app-tryton/stock_supply_production
+app-tryton/timesheet
+app-tryton/timesheet_cost
+app-tryton/user_role
+dev-db/postgresql
+www-servers/nginx
+www-servers/uwsgi