The DesignSafe-CI Portal can be run using Docker and Docker Compose. You will need both Docker and Docker Compose pre-installed on the system you wish to run the portal on.
If you are on a Mac or a Windows machine, the recommended method is to install Docker Desktop, which will install both Docker and Docker Compose, which is required to run Docker on Mac/Windows hosts.
-
Clone the repo
$ git clone https://github.com/DesignSafe-CI/portal.git $ cd portal
-
Configure environment variables
Make a copy of designsafe.sample.env and rename it to
designsafe.env
. Configure variables as necessary. See designsafe.sample.env for details of configuration.Required variables:
DJANGO_DEBUG
: should be set toTrue
for developmentDJANGO_SECRET_KEY
: should be changed for productionTAS_*
: should be set to enable direct access todjango.contrib.admin
TAPIS_*
: should be set to enable Tapis API integration (authentication, etc.)RT_*
: should be set to enable ticketing
Make a copy of rabbitmq.sample.env then rename it to
rabbitmq.env
. -
Configure ngrok
a. Install ngrok, and create an ngrok account.
b. Copy conf/env_files/ngrok.sample.env to
conf/env_files/ngrok.env
.c. In
conf/env_files/ngrok.env
, set theNGROK_AUTHTOKEN
andNGROK_DOMAIN
variables using your authtoken and static ngrok domain found in your ngrok dashboard. -
Build the containers and frontend packages
-
Containers:
make build-dev
or
docker-compose -f conf/docker/docker-compose-dev.yml build
-
Angular Frontend + static assets:
npm ci docker run -v `pwd`:`pwd` -w `pwd` -it node:16 /bin/bash -c "npm run build"
Note: If you are working with the frontend code and want it to automatically update, use
npm run dev
rather thannpm run build
to have it build upon saving the file. -
React Frontend (in another terminal):
cd client npm ci npm run start
-
-
Start local containers
$ make start
or
$ docker-compose -f ./conf/docker/docker-compose-dev.all.debug.yml up
then, in a new tab
$ docker exec -it des_django bash $ ./manage.py migrate $ ./manage.py collectstatic --ignore demo --no-input $ ./manage.py createsuperuser
-
Setup local access to the portal:
Add a record to your local hosts file for
127.0.0.1 designsafe.dev
$ sudo vim /etc/hosts
Now you can navigate to designsafe.dev in your browser.
Every file needed is in conf/nginx/certs
.
- Open mac's Keychain Access
- File > Import Items
- Navigate to
$PROJECT/conf/nginx/certificates
- Select
designsafe.dev.crt
- Search for designsafe and double click on Designsafe.dev
- Click on Trust and select "Trust Always"
- Close the window to save.
$ cd $PROJECT/conf/nginx/certificates
$ sudo mkdir /usr/local/share/ca-certificates/extra
$ sudo cp ca.pem /usr/local/share/ca-certificates/extra/designsafeCA.pem
$ sudo update-ca-certificates
$ sudo dnf install ca-certificates
or$ sudo yum install ca-certificates
$ sudo update-ca-trust enable
$ cd $PROJECT/conf/nginx/certificates
$ sudo cp ca.pem /usr/share/pki/ca-trust-source/anchors/designsafeCA.pem
or$ sudo cp ca.pem /etc/pki/ca-trust/source/anchors/designsafeCA.pem
$ sudo update-ca-trust
- Go to preferences
- Search for Authorities
- Click on "View Certificates" under "Certificates"
- On the Certificate Manager go to the "Authorities" tab
- Click on "Import..."
- Browse to
$PROJECT/conf/nginx/certificates
- Select
ca.pem
sudo apt-get install libnss3-tools
(or proper package manager)certutil -A -n "designsafeCA" -t "TCu,Cu,Tu" -i ca.pem -d ${DBDIR}
$DBDIR
differs from browser to browser for more info: Chromium: https://chromium.googlesource.com/chromium/src/+/master/docs/linux_cert_management.md Firefox: https://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data?redirectlocale=en-US&redirectslug=Profiles#How_to_find_your_profile
- Generate RSA-2048 key for CA:
openssl genrsa -des3 -out ca.key 2048
(This file should already be in the repo) - Generate root CA certificate:
openssl req -x509 -new -nodes -key ca.key -sha256 -days 365 -out ca.pem
(Root CA cert is valid for 365 days. Keep any form values to "Designsafe CA") - Generate RSA-2048 key for local dev site:
openssl genrsa out designsafe.dev.key 2048
(This file should already be in the repo) - Generate Cert Request (CSR):
openssql req -new -key -designsafe.dev.key -out designsafe.dev.csr
(Keep any form values to "Designsafe CA") - Make sure
designsafe.dev.ext
is correct - Generate Cert:
openssl x509 -req -in designsafe.dev.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out designsafe.dev.crt -days 365 -sha256 -extfile designsafe.dev.ext
(Cert is valid for 365 days. Keep default form values defined in .conf file) - Files created:
designsafe.dev.key
(site private key),designsafe.dev.csr
(site certificate signing request),designsafe.dev.crt
(actual site certificate),ca.key
(CA private key) andca.pem
(CA certificate).
The necessary configuration is already in conf/nginx/designsafe.dev.conf
.
Run this command to create a self signed cert using the corresponding configuration.
openssl req -config conf/nginx/designsafe.dev.conf -new -sha256 -newkey rsa:2048 -nodes -keyout conf/nginx/designsafe.dev.key -x509 -days 365 -out designsafe.dev.crt
DesignSafe custom apps should be put into designsafe/apps
. You can then enable them in
the Django settings.py
with designsafe.apps.{app_name}
.
See the DesignSafe Styles Reference for style reference and custom CSS documentation.
This project uses Python Poetry to manage dependencies. To add a new dependency:
- Run
poetry add $NEW_DEPENDENCY
. - Rebuild the dev image with
make build-dev
The easiest way to run the tests is from inside a running Docker container. While you can install all the Python/Django/npm dependencies locally (ideally within a virtualenv), this is already done in the docker container.
We assume you have the image built or checked out locally and it is called
des_django
.
Django tests should be written according to standard Django testing procedures.
You can run Django tests with the following command:
$ docker exec -it des_django pytest -ra designsafe
Frontend tests are Vitest tests executed using Nx.
To run frontend tests, run the command:
$ npm run test
Use docker compose
to run the portal in development. The default compose file,
docker-compose.yml
runs the main django server in development
mode with a redis service for websockets support. You can optionally enable the EF sites
for testing.
$ make build-dev
$ make start
$ npm run start
$ docker run -v `pwd`:`pwd` -w `pwd` -it node:16 /bin/bash -c "npm run dev"
When using this compose file, your Tapis Client should be configured with a callback_url
of http://$DOCKER_HOST_IP:8000/auth/tapis/callback/
.
$ docker-compose -f docker-compose-http.yml build
$ docker-compose -f docker-compose-http.yml up
Production deployment is managed by Camino. See https://github.com/TACC/Camino.