mirror
/
OpenDroneMap-WebODM
kopia lustrzana https://github.com/OpenDroneMap/WebODM
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Merge pull request #332 from pierotofy/ssl 

SSL
pull/336/head v0.4.1
Piero Toffanin 2017-11-18 11:48:24 -05:00 zatwierdzone przez GitHub
rodzic 2911c5ff94 b2739a2789
commit a77854888e
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
15 zmienionych plików z 506 dodań i 136 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

8
.env 100644
Wyświetl plik

@ -0,0 +1,8 @@
WO_HOST=localhost
WO_PORT=8000
WO_MEDIA_DIR=appmedia
WO_SSL=NO
WO_SSL_KEY=
WO_SSL_CERT=
WO_SSL_INSECURE_PORT_REDIRECT=80
WO_DEBUG=YES

2
.gitignore vendored
Wyświetl plik

@ -93,3 +93,5 @@ node_modules/
webpack-stats.json
pip-selfcheck.json
.idea/
package-lock.json
.cronenv

26
Dockerfile
Wyświetl plik

@ -8,17 +8,8 @@ ENV PYTHONPATH $PYTHONPATH:/webodm
RUN mkdir /webodm
WORKDIR /webodm
# Install pip reqs
ADD requirements.txt /webodm/
RUN pip install -r requirements.txt
ADD . /webodm/
RUN git submodule update --init
# Install Node.js
RUN curl --silent --location https://deb.nodesource.com/setup_6.x | bash -
RUN apt-get install -y nodejs
RUN apt-get -qq install -y nodejs
# Configure use of testing branch of Debian
RUN printf "Package: *\nPin: release a=stable\nPin-Priority: 900\n" > /etc/apt/preferences.d/stable.pref
@ -26,8 +17,19 @@ RUN printf "Package: *\nPin: release a=testing\nPin-Priority: 750\n" > /etc/apt/
RUN printf "deb http://mirror.steadfast.net/debian/ stable main contrib non-free\ndeb-src http://mirror.steadfast.net/debian/ stable main contrib non-free" > /etc/apt/sources.list.d/stable.list
RUN printf "deb http://mirror.steadfast.net/debian/ testing main contrib non-free\ndeb-src http://mirror.steadfast.net/debian/ testing main contrib non-free" > /etc/apt/sources.list.d/testing.list
# Install GDAL, nginx
RUN apt-get update && apt-get install -t testing -y binutils libproj-dev gdal-bin nginx
# Install Node.js GDAL, nginx, letsencrypt
RUN apt-get -qq update && apt-get -qq install -t testing -y binutils libproj-dev gdal-bin nginx && apt-get -qq install -y gettext-base cron certbot
# Install pip reqs
ADD requirements.txt /webodm/
RUN pip install -r requirements.txt
ADD . /webodm/
# Setup cron
RUN ln -s /webodm/nginx/crontab /etc/cron.d/nginx-cron && chmod 0644 /webodm/nginx/crontab && service cron start && chmod +x /webodm/nginx/letsencrypt-autogen.sh
RUN git submodule update --init
WORKDIR /webodm/nodeodm/external/node-OpenDroneMap
RUN npm install

211
README.md
Wyświetl plik

@ -5,17 +5,19 @@
A free, user-friendly, extendable application and [API](http://docs.webodm.org) for drone image processing. Generate georeferenced maps, point clouds, elevation models and textured 3D models from aerial images. It uses [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap) for processing.
* [Getting Started](#getting-started)
* [Common Troubleshooting](#common-troubleshooting)
* [Add More Processing Nodes](#add-more-processing-nodes)
* [Security](#security)
* [Enable SSL](#enable-ssl)
* [Where Are My Files Stored?](#where-are-my-files-stored)
* [Common Troubleshooting](#common-troubleshooting)
* [API Docs](#api-docs)
* [Run the docker version as a Linux Service](#run-the-docker-version-as-a-linux-service)
* [Run it natively](#run-it-natively)
* [OpenDroneMap, node-OpenDroneMap, WebODM... what?](#opendronemap-node-opendronemap-webodm-what)
* [Roadmap](#roadmap)
* [Terminology](#terminology)
* [Getting Help](#getting-help)
* [Support the Project](#support-the-project)
* [Become a Contributor](#become-a-contributor)
* [Run the docker version as a Linux Service](#run-the-docker-version-as-a-linux-service)
* [Run it natively](#run-it-natively)
![Alt text](https://user-images.githubusercontent.com/1951843/28586405-af18e8cc-7141-11e7-9853-a7feca7c9c6b.gif)
@ -26,7 +28,6 @@ A free, user-friendly, extendable application and [API](http://docs.webodm.org)
![Alt text](https://user-images.githubusercontent.com/1951843/28586977-8588ebfe-7143-11e7-94d6-a66bf02c1517.png)
If you know Python, web technologies (JS, HTML, CSS, etc.) or both, it's easy to make a change to WebODM! Make a fork, clone the repository and run `./devenv.sh start`. That's it! See the [Development Quickstart](http://docs.webodm.org/#development-quickstart) and [Contributing](/CONTRIBUTING.md) documents for more information. All ideas are considered and people of all skill levels are welcome to contribute.
## Getting Started
@ -68,6 +69,50 @@ We recommend that you read the [Docker Documentation](https://docs.docker.com/)
For Windows users an [Installer](https://www.webodm.org/installer) is also available.
### Add More Processing Nodes
WebODM can be linked to one or more processing nodes running [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap). The default configuration already includes a "node-odm-1" processing node which runs on the same machine as WebODM, just to help you get started. As you become more familiar with WebODM, you might want to install processing nodes on separate machines.
Adding more processing nodes will allow you to run multiple jobs in parallel.
You **will not be able to distribute a single job across multiple processing nodes**. We are actively working to bring this feature to reality, but we're not there yet.
### Security
If you want to run WebODM in production, make sure to pass the `--no-debug` flag while starting WebODM:
```bash
./webodm.sh down && ./webodm.sh start --no-debug
```
This will disable the `DEBUG` flag from `webodm/settings.py` within the docker container. This is [really important](https://docs.djangoproject.com/en/1.11/ref/settings/#std:setting-DEBUG).
### Enable SSL
WebODM has the ability to automatically request and install a SSL certificate via [Lets Encrypt](https://letsencrypt.org/), or you can manually specify your own key/certificate pair.
- Setup your DNS record (webodm.myorg.com --> IP of server).
- Make sure port 80 and 443 are open.
- Run the following:
```bash
./webodm.sh down && ./webodm.sh start --ssl --hostname webodm.myorg.com
```
That's it! The certificate will automatically renew when needed.
If you want to specify your own key/certificate pair, simply pass the `--ssl-key` and `--ssl-cert` option to `./webodm.sh`. See `./webodm.sh --help` for more information.
### Where Are My Files Stored?
When using Docker, all processing results are stored in a docker volume and are not available on the host filesystem. If you want to store your files on the host filesystem instead of a docker volume, you need to pass a path via the `--media-dir` option:
```bash
./webodm.sh down && ./webodm.sh start --media-dir /home/user/webodm_data
```
Note that existing task results will not be available after the change. Refer to the [Migrate Data Volumes](https://docs.docker.com/engine/tutorials/dockervolumes/#backup-restore-or-migrate-data-volumes) section of the Docker documentation for information on migrating existing task results.
### Common Troubleshooting
Sympthoms | Possible Solutions
@ -82,42 +127,75 @@ Getting a `No space left on device` error, but hard drive has enough space left
Have you had other issues? Please [report them](https://github.com/OpenDroneMap/WebODM/issues/new) so that we can include them in this document.
### Add More Processing Nodes
WebODM can be linked to one or more processing nodes running [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap). The default configuration already includes a "node-odm-1" processing node which runs on the same machine as WebODM, just to help you get started. As you become more familiar with WebODM, you might want to install processing nodes on separate machines.
Adding more processing nodes will allow you to run multiple jobs in parallel.
You **will not be able to distribute a single job across multiple processing nodes**. We are actively working to bring this feature to reality, but we're not there yet.
### Security
If you want to run WebODM in production, make sure to disable the `DEBUG` flag from `webodm/settings.py` and go through the [Django Deployment Checklist](https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/).
### Where Are My Files Stored?
When using Docker, all processing results are stored in a docker volume and are not available on the host filesystem. If you want to store your files on the host filesystem instead of a docker volume, you need to change a line in `docker-compose.yml` as follows:
From:
```
volumes:
- appmedia:/webodm/app/media
```
To:
```
volumes:
- /path/where/to/store/files:/webodm/app/media
```
Then restart WebODM.
Note that existing task results will not be available after the change. Refer to the [Migrate Data Volumes](https://docs.docker.com/engine/tutorials/dockervolumes/#backup-restore-or-migrate-data-volumes) section of the Docker documentation for information on migrating existing task results.
## API Docs
See the [API documentation page](http://docs.webodm.org).
## OpenDroneMap, node-OpenDroneMap, WebODM... what?
The [OpenDroneMap project](https://github.com/OpenDroneMap/) is composed of several components.
- [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap) is a command line toolkit that processes aerial images. Users comfortable with the command line are probably OK using this component alone.
- [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap) is a lightweight interface and API (Application Program Interface) built directly on top of [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap). Users not comfortable with the command line can use this interface to process aerial images and developers can use the API to build applications. Features such as user authentication, map displays, etc. are not provided.
- [WebODM](https://github.com/OpenDroneMap/WebODM) adds more features such as user authentication, map displays, 3D displays, a higher level API and the ability to orchestrate multiple processing nodes (run jobs in parallel). Processing nodes are simply servers running [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap).
![webodm](https://cloud.githubusercontent.com/assets/1951843/25567386/5aeec7aa-2dba-11e7-9169-aca97b70db79.png)
In general, follow these guidelines to find out what you should use:
I am a... | Best choice
--------- | -----------
End user, I'm not really comfortable with the command line | [WebODM](https://github.com/OpenDroneMap/WebODM)
End user, I like shell commands, I need to process images for myself. I use other software to display processing results | [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap)
End user, I can work with the command line, but I'd rather not. I use other software to display processing results | [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap)
End user, I need a drone mapping application for my organization that everyone can use. | [WebODM](https://github.com/OpenDroneMap/WebODM)
Developer, I'm looking to build an app that displays map results and takes care of things like permissions | [WebODM](https://github.com/OpenDroneMap/WebODM)
Developer, I'm looking to build an app that will stay behind a firewall and just needs raw results | [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap)
## Roadmap
- [X] User Registration / Authentication
- [X] UI mockup
- [X] Task Processing
- [X] 2D Map Display
- [X] 3D Model Display
- [ ] NDVI display
- [ ] Volumetric Measurements
- [X] Cluster management and setup.
- [ ] Mission Planner
- [ ] Plugins/Webhooks System
- [X] API
- [X] Documentation
- [ ] Android Mobile App
- [ ] iOS Mobile App
- [ ] Processing Nodes Volunteer Network
- [X] Unit Testing
- [X] SSL Support
Don't see a feature that you want? [Help us make it happen](/CONTRIBUTING.md).
## Getting Help
We have several channels of communication for people to ask questions and to get involved with the community:
- [OpenDroneMap Community Forum](http://community.opendronemap.org/c/webodm)
- [Report Issues](https://github.com/OpenDroneMap/WebODM/issues)
We also have a [Gitter Chat](https://gitter.im/OpenDroneMap/web-development), but the preferred way to communicate is via the [OpenDroneMap Community Forum](http://community.opendronemap.org/c/webodm).
## Support the Project
There are many ways to contribute back to the project:
- Help us test new and existing features and report [bugs](https://www.github.com/OpenDroneMap/WebODM/issues) and [feedback](http://community.opendronemap.org/c/webodm).
- [Share](http://community.opendronemap.org/c/datasets) your aerial datasets.
- Help answer questions on the community [forum](http://community.opendronemap.org/c/webodm) and [chat](https://gitter.im/OpenDroneMap/web-development).
- While we don't accept donations, you can purchase an [installer](https://webodm.org/download#installer) or a [premium support package](https://webodm.org/services#premium-support).
- Become a contributor (see below).
## Become a Contributor
If you know Python, web technologies (JS, HTML, CSS, etc.) or both, it's easy to make a change to WebODM! Make a fork, clone the repository and run `./devenv.sh start`. That's it! See the [Development Quickstart](http://docs.webodm.org/#development-quickstart) and [Contributing](/CONTRIBUTING.md) documents for more information. All ideas are considered and people of all skill levels are welcome to contribute.
## Run the docker version as a Linux Service
If you wish to run the docker version with auto start/monitoring/stop, etc, as a systemd style Linux Service, a systemd unit file is included in the service folder of the repo.
@ -261,62 +339,3 @@ npm --version
gdalinfo --version
```
Should all work without errors.
## OpenDroneMap, node-OpenDroneMap, WebODM... what?
The [OpenDroneMap project](https://github.com/OpenDroneMap/) is composed of several components.
- [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap) is a command line toolkit that processes aerial images. Users comfortable with the command line are probably OK using this component alone.
- [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap) is a lightweight interface and API (Application Program Interface) built directly on top of [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap). Users not comfortable with the command line can use this interface to process aerial images and developers can use the API to build applications. Features such as user authentication, map displays, etc. are not provided.
- [WebODM](https://github.com/OpenDroneMap/WebODM) adds more features such as user authentication, map displays, 3D displays, a higher level API and the ability to orchestrate multiple processing nodes (run jobs in parallel). Processing nodes are simply servers running [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap).
![webodm](https://cloud.githubusercontent.com/assets/1951843/25567386/5aeec7aa-2dba-11e7-9169-aca97b70db79.png)
In general, follow these guidelines to find out what you should use:
I am a... | Best choice
--------- | -----------
End user, I'm not really comfortable with the command line | [WebODM](https://github.com/OpenDroneMap/WebODM)
End user, I like shell commands, I need to process images for myself. I use other software to display processing results | [OpenDroneMap](https://github.com/OpenDroneMap/OpenDroneMap)
End user, I can work with the command line, but I'd rather not. I use other software to display processing results | [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap)
End user, I need a drone mapping application for my organization that everyone can use. | [WebODM](https://github.com/OpenDroneMap/WebODM)
Developer, I'm looking to build an app that displays map results and takes care of things like permissions | [WebODM](https://github.com/OpenDroneMap/WebODM)
Developer, I'm looking to build an app that will stay behind a firewall and just needs raw results | [node-OpenDroneMap](https://github.com/OpenDroneMap/node-OpenDroneMap)
## Roadmap
- [X] User Registration / Authentication
- [X] UI mockup
- [X] Task Processing
- [X] 2D Map Display
- [X] 3D Model Display
- [ ] NDVI display
- [ ] Volumetric Measurements
- [X] Cluster management and setup.
- [ ] Mission Planner
- [ ] Plugins/Webhooks System
- [X] API
- [X] Documentation
- [ ] Android Mobile App
- [ ] iOS Mobile App
- [ ] Processing Nodes Volunteer Network
- [X] Unit Testing
Don't see a feature that you want? [Help us make it happen](/CONTRIBUTING.md).
## Terminology
- `Project`: A collection of tasks (successfully processed, failed, waiting to be executed, etc.)
- `Task`: A collection of input aerial images and an optional set of output results derived from the images, including an orthophoto, a georeferenced model and a textured model. A `Task`'s output is processed by OpenDroneMap.
- `ProcessingNode`: An instance usually running on a separate VM, or on a separate machine which accepts aerial images, runs OpenDroneMap and returns the processed results (orthophoto, georeferenced model, etc.). Each node communicates with WebODM via a lightweight API such as [node-OpenDroneMap](https://www.github.com/pierotofy/node-OpenDroneMap). WebODM manages the distribution of `Task` to different `ProcessingNode` instances.
- `ImageUpload`: aerial images.
- `Mission`: A flight path and other information (overlap %, angle, ...) associated with a particular `Task`.
## Getting Help
We have several channels of communication for people to ask questions and to get involved with the community:
- [OpenDroneMap Community Forum](http://community.opendronemap.org/c/webodm)
- [Report Issues](https://github.com/OpenDroneMap/WebODM/issues)
We also have a [Gitter Chat](https://gitter.im/OpenDroneMap/web-development), but the preferred way to communicate is via the [OpenDroneMap Community Forum](http://community.opendronemap.org/c/webodm).

7
docker-compose.ssl-manual.yml 100644
Wyświetl plik

@ -0,0 +1,7 @@
# This configuration adds the volumes necessary for SSL manual setup
version: '2'
services:
webapp:
volumes:
- ${WO_SSL_KEY}:/webodm/nginx/ssl/key.pem
- ${WO_SSL_CERT}:/webodm/nginx/ssl/cert.pem

14
docker-compose.ssl.yml 100644
Wyświetl plik

@ -0,0 +1,14 @@
# This configuration adds support for SSL
version: '2'
volumes:
letsencrypt:
driver: local
services:
webapp:
ports:
- "${WO_SSL_INSECURE_PORT_REDIRECT}:8080"
volumes:
- letsencrypt:/webodm/nginx/letsencrypt
environment:
- WO_SSL
- WO_SSL_KEY

8
docker-compose.yml
Wyświetl plik

@ -19,9 +19,13 @@ services:
container_name: webapp
entrypoint: /bin/bash -c "chmod +x /webodm/*.sh && /bin/bash -c \"/webodm/wait-for-it.sh db:5432 -- /webodm/start.sh\""
volumes:
- appmedia:/webodm/app/media
- ${WO_MEDIA_DIR}:/webodm/app/media
ports:
- "8000:8000"
- "${WO_PORT}:8000"
depends_on:
- db
environment:
- WO_PORT
- WO_HOST
- WO_DEBUG
restart: on-failure:10

3
nginx/.gitignore vendored 100644
Wyświetl plik

@ -0,0 +1,3 @@
ssl/
letsencrypt/
*.conf

4
nginx/crontab 100644
Wyświetl plik

@ -0,0 +1,4 @@
# Automatically renew the SSL certificate (if needed)
0 0 1 * * root source /webodm/.cronenv; bash -c "/webodm/nginx/letsencrypt-autogen.sh"
# An empty line is required at the end of this file for a valid cron file.

58
nginx/letsencrypt-autogen.sh 100755
Wyświetl plik

@ -0,0 +1,58 @@
#!/bin/bash
__dirname=$(cd $(dirname "$0"); pwd -P)
cd ${__dirname}
hash certbot 2>/dev/null || not_found=true
if [ $not_found ]; then
echo "Certbot not found. You need to install certbot to use this script."
exit 1
fi
if [ "$WO_SSL" = "NO" ] || [ ! -z "$WO_SSL_KEY" ]; then
echo "SSL not enabled, or manual SSL key specified, exiting."
exit 1
fi
DOMAIN="${WO_HOST:=$1}"
if [ -z $DOMAIN ]; then
echo "Usage: $0 <my.domain.com>"
exit 1
fi
# Stop nginx if needed (free the port used by the standalone server)
nginx_was_running="NO"
pgrep nginx > /dev/null
if [ $? -eq 0 ]; then
killall nginx
nginx_was_running="YES"
fi
# Generate/update certificate
certbot certonly --tls-sni-01-port 8000 --work-dir ./letsencrypt --config-dir ./letsencrypt --logs-dir ./letsencrypt --standalone -d $DOMAIN --register-unsafely-without-email --agree-tos --keep
# Create ssl dir if necessary
if [ ! -e ssl/ ]; then
mkdir ssl
fi
# Update symlinks
if [ -e ssl/key.pem ]; then
rm ssl/key.pem
fi
if [ -e ssl/cert.pem ]; then
rm ssl/cert.pem
fi
if [ -e "letsencrypt/live/$DOMAIN" ]; then
ln -vs "../letsencrypt/live/$DOMAIN/privkey.pem" ssl/key.pem
ln -vs "../letsencrypt/live/$DOMAIN/fullchain.pem" ssl/cert.pem
else
echo -e "\033[91mWARN: We couldn't automatically generate the SSL certificate. Review the console log. WebODM will likely be inaccessible.\033[39m"
fi
# Restart nginx if necessary
if [ "$nginx_was_running" = "YES" ]; then
echo "Restarting nginx..."
nginx -c $(pwd)/nginx-ssl.conf
fi

88
nginx/nginx-ssl.conf.template 100644
Wyświetl plik

@ -0,0 +1,88 @@
worker_processes 1;
# Change this if running outside docker!
user root root;
pid /tmp/nginx.pid;
error_log /tmp/nginx.error.log;
events {
worker_connections 1024; # increase if you have lots of clients
accept_mutex off; # set to 'on' if nginx worker_processes > 1
use epoll;
}
http {
include /etc/nginx/mime.types;
# fallback in case we can't determine a type
default_type application/octet-stream;
access_log /tmp/nginx.access.log combined;
sendfile on;
upstream app_server {
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response
# for UNIX domain socket setups
server unix:/tmp/gunicorn.sock fail_timeout=0;
}
# Redirect all non-encrypted to encrypted
server {
server_name $WO_HOST;
listen 8080;
return 301 https://$WO_HOST:$WO_PORT$request_uri;
}
server {
listen 8000 deferred;
client_max_body_size 0;
server_name $WO_HOST;
ssl on;
ssl_certificate /webodm/nginx/ssl/cert.pem;
ssl_certificate_key /webodm/nginx/ssl/key.pem;
keepalive_timeout 5;
proxy_connect_timeout 360s;
proxy_read_timeout 360s;
# path for static files
location /static {
root /webodm/build;
}
# path for certain media files that don't need permissions enforced
location /media/CACHE {
root /webodm/app;
}
location /media/settings {
autoindex on;
root /webodm/app;
}
location / {
# CORS settings
# These settings are VERY permissive, consider tightening them
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# enable this if and only if you use HTTPS
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://app_server;
}
}
}

3
nginx/nginx.conf → nginx/nginx.conf.template
Wyświetl plik

@ -31,8 +31,7 @@ http {
listen 8000 deferred;
client_max_body_size 0;
# set the correct host(s) for your site
server_name webodm.localhost;
server_name $WO_HOST;
keepalive_timeout 5;

59
start.sh
Wyświetl plik

@ -58,24 +58,61 @@ if [[ "$1" = "--create-default-pnode" ]]; then
echo "from nodeodm.models import ProcessingNode; ProcessingNode.objects.update_or_create(hostname='node-odm-1', defaults={'hostname': 'node-odm-1', 'port': 3000})" | python manage.py shell
fi
(sleep 5; echo
echo -e "\033[92m"
echo "Congratulations! └@(・◡・)@┐"
echo ==========================
echo -e "\033[39m"
echo "If there are no errors, WebODM should be up and running!"
echo -e "\033[93m"
echo Open a web browser and navigate to http://localhost:8000
echo -e "\033[39m"
echo -e "\033[91mNOTE:\033[39m Windows users using docker should replace localhost with the IP of their docker machine's IP. To find what that is, run: docker-machine ip") &
export WO_HOST="${WO_HOST:=localhost}"
export WO_PORT="${WO_PORT:=8000}"
# Dump environment to .cronenv
printenv > .cronenv
proto="http"
if [ "$WO_SSL" = "YES" ]; then
proto="https"
fi
congrats(){
(sleep 5; echo
echo -e "\033[92m"
echo "Congratulations! └@(・◡・)@┐"
echo ==========================
echo -e "\033[39m"
echo "If there are no errors, WebODM should be up and running!"
echo -e "\033[93m"
echo Open a web browser and navigate to $proto://$WO_HOST:$WO_PORT
echo -e "\033[39m"
echo -e "\033[91mNOTE:\033[39m Windows users using docker should replace localhost with the IP of their docker machine's IP. To find what that is, run: docker-machine ip") &
}
if [ "$1" = "--setup-devenv" ] || [ "$2" = "--setup-devenv" ] || [ "$1" = "--no-gunicorn" ]; then
congrats
python manage.py runserver 0.0.0.0:8000
else
if [ -e /webodm ] && [ ! -e /webodm/build/static ]; then
echo -e "\033[91mWARN:\033[39m /webodm/build/static does not exist, CSS, JS and other files might not be available."
fi
nginx -c $(pwd)/nginx/nginx.conf
echo "Generating nginx configurations from templates..."
for templ in nginx/*.template
do
echo "- ${templ%.*}"
envsubst '\$WO_PORT \$WO_HOST' < $templ > ${templ%.*}
done
# Check if we need to auto-generate SSL certs via letsencrypt
if [ "$WO_SSL" = "YES" ] && [ -z "$WO_SSL_KEY" ]; then
echo "Launching letsencrypt-autogen.sh"
./nginx/letsencrypt-autogen.sh
fi
# Check if SSL key/certs are available
conf="nginx.conf"
if [ -e nginx/ssl ]; then
echo "Using nginx SSL configuration"
conf="nginx-ssl.conf"
fi
congrats
nginx -c $(pwd)/nginx/$conf
gunicorn webodm.wsgi --bind unix:/tmp/gunicorn.sock --timeout 360 --preload
fi

142
webodm.sh
Wyświetl plik

@ -1,5 +1,7 @@
#!/bin/bash
set -eo pipefail
__dirname=$(cd $(dirname "$0"); pwd -P)
cd ${__dirname}
platform="Linux" # Assumed
uname=$(uname)
@ -16,20 +18,91 @@ if [[ $platform = "Windows" ]]; then
export COMPOSE_CONVERT_WINDOWS_PATHS=1
fi
# Load default values
source .env
DEFAULT_PORT="$WO_PORT"
DEFAULT_HOST="$WO_HOST"
DEFAULT_MEDIA_DIR="$WO_MEDIA_DIR"
DEFAULT_SSL="$WO_SSL"
DEFAULT_SSL_INSECURE_PORT_REDIRECT="$WO_SSL_INSECURE_PORT_REDIRECT"
# Parse args for overrides
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
--port)
export WO_PORT="$2"
shift # past argument
shift # past value
;;
--hostname)
export WO_HOST="$2"
shift # past argument
shift # past value
;;
--media-dir)
export WO_MEDIA_DIR=$(realpath "$2")
shift # past argument
shift # past value
;;
--ssl)
export WO_SSL=YES
shift # past argument
;;
--ssl-key)
export WO_SSL_KEY=$(realpath "$2")
shift # past argument
shift # past value
;;
--ssl-cert)
export WO_SSL_CERT=$(realpath "$2")
shift # past argument
shift # past value
;;
--ssl-insecure-port-redirect)
export WO_SSL_INSECURE_PORT_REDIRECT="$2"
shift # past argument
shift # past value
;;
--no-debug)
export WO_DEBUG=NO
shift # past argument
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
shift # past argument
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameter
usage(){
echo "Usage: $0 <command> [options]"
echo "Usage: $0 <command>"
echo
echo "This program helps to manage the setup/teardown of the docker containers for running WebODM. We recommend that you read the full documentation of docker at https://docs.docker.com if you want to customize your setup."
echo
echo "Command list:"
echo " start Start WebODM"
echo " stop Stop WebODM"
echo " down Stop and remove WebODM's docker containers"
echo " update Update WebODM to the latest release"
echo " rebuild Rebuild all docker containers and perform cleanups"
echo " checkenv Do an environment check and install missing components"
echo " test Run the unit test suite (developers only)"
echo " start [options] Start WebODM"
echo " stop Stop WebODM"
echo " down Stop and remove WebODM's docker containers"
echo " update Update WebODM to the latest release"
echo " rebuild Rebuild all docker containers and perform cleanups"
echo " checkenv Do an environment check and install missing components"
echo " test Run the unit test suite (developers only)"
echo " resetadminpassword <newpassword> Reset the administrator's password to a new one. WebODM must be running when executing this command."
echo ""
echo "Options:"
echo " --port <port> Set the port that WebODM should bind to (default: $DEFAULT_PORT)"
echo " --hostname <hostname> Set the hostname that WebODM will be accessible from (default: $DEFAULT_HOST)"
echo " --media-dir <path> Path where processing results will be stored to (default: $DEFAULT_MEDIA_DIR (docker named volume))"
echo " --ssl Enable SSL and automatically request and install a certificate from letsencrypt.org. (default: $DEFAULT_SSL)"
echo " --ssl-key <path> Manually specify a path to the private key file (.pem) to use with nginx to enable SSL (default: None)"
echo " --ssl-cert <path> Manually specify a path to the certificate file (.pem) to use with nginx to enable SSL (default: None)"
echo " --ssl-insecure-port-redirect <port> Insecure port number to redirect from when SSL is enabled (default: $DEFAULT_SSL_INSECURE_PORT_REDIRECT)"
echo " --no-debug Disable debug for production environments (default: disabled)"
exit
}
@ -74,6 +147,45 @@ run(){
start(){
command="docker-compose -f docker-compose.yml -f docker-compose.nodeodm.yml"
if [ "$WO_SSL" = "YES" ]; then
if [ ! -z "$WO_SSL_KEY" ] && [ ! -e "$WO_SSL_KEY" ]; then
echo -e "\033[91mSSL key file does not exist: $WO_SSL_KEY\033[39m"
exit 1
fi
if [ ! -z "$WO_SSL_CERT" ] && [ ! -e "$WO_SSL_CERT" ]; then
echo -e "\033[91mSSL certificate file does not exist: $WO_SSL_CERT\033[39m"
exit 1
fi
command+=" -f docker-compose.ssl.yml"
method="Lets Encrypt"
if [ ! -z "$WO_SSL_KEY" ] && [ ! -z "$WO_SSL_CERT" ]; then
method="Manual"
command+=" -f docker-compose.ssl-manual.yml"
fi
if [ "$method" = "Lets Encrypt" ]; then
# Check port settings
# as let's encrypt cannot communicate on ports
# different than 80 or 443
if [ "$WO_PORT" != "$DEFAULT_PORT" ]; then
echo -e "\033[93mLets Encrypt cannot run on port: $WO_PORT, switching to 443.\033[39m"
echo "If you need to use a different port, you'll need to generate the SSL certificate files separately and use the --ssl-key and --ssl-certificate options."
fi
export WO_PORT=443
fi
# Make sure we have a hostname
if [ "$WO_HOST" = "localhost" ]; then
echo -e "\033[91mSSL is enabled, but hostname cannot be set to $WO_HOST. Set the --hostname argument to the domain of your WebODM server (for example: www.mywebodm.org).\033[39m"
exit 1
fi
echo "Will enable SSL ($method)"
fi
run "$command start || $command up"
}
@ -121,6 +233,20 @@ resetpassword(){
if [[ $1 = "start" ]]; then
environment_check
echo "Starting WebODM..."
echo ""
echo "Using the following environment:"
echo "================================"
echo "Host: $WO_HOST"
echo "Port: $WO_PORT"
echo "Media directory: $WO_MEDIA_DIR"
echo "SSL: $WO_SSL"
echo "SSL key: $WO_SSL_KEY"
echo "SSL certificate: $WO_SSL_CERT"
echo "SSL insecure port redirect: $WO_SSL_INSECURE_PORT_REDIRECT"
echo "================================"
echo "Make sure to issue a $0 down if you decide to change the environment."
echo ""
start
elif [[ $1 = "stop" ]]; then
environment_check

5
webodm/settings.py
Wyświetl plik

@ -45,9 +45,8 @@ except ImportError:
TESTING = sys.argv[1:2] == ['test']
# SECURITY WARNING: don't run with debug turned on a public facing server!
# We are leaving DEBUG turned on for the sake of making error reporting easier
# since we haven't reached a stable release yet.
DEBUG = True #sys.argv[1:2] == ['runserver'] or TESTING
DEBUG = os.environ.get('WO_DEBUG', 'YES') == 'YES' or TESTING
SESSION_COOKIE_SECURE = CSRF_COOKIE_SECURE = os.environ.get('WO_SSL', 'NO') == 'YES'
INTERNAL_IPS = ['127.0.0.1']
ALLOWED_HOSTS = ['*']