2014-11-18 13:59:21 +00:00
==== TODO ====
2014-05-08 16:59:35 +00:00
* use format_html_join for orchestration email alerts
* enforce an emergency email contact and account to contact contacts about problems when mailserver is down
* add `BackendLog` retry action
2015-04-05 18:02:36 +00:00
2014-05-08 16:59:35 +00:00
* webmail identities and addresses
* Permissions .filter_queryset()
* env vars instead of multiple settings files: https://devcenter.heroku.com/articles/config-vars ?
2014-05-27 15:55:09 +00:00
2014-07-24 09:53:34 +00:00
* backend logs with hal logo
2014-08-29 16:13:34 +00:00
2015-03-31 12:39:08 +00:00
* LAST version of this shit http://wkhtmltopdf.org/downloads.h otml
2014-09-05 14:27:30 +00:00
2014-09-06 10:56:30 +00:00
* help_text on readonly_fields specialy Bill.state. (eg. A bill is in OPEN state when bla bla )
2014-09-19 14:47:25 +00:00
* create log file at /var/log/orchestra.log and rotate
2014-09-22 15:59:53 +00:00
* order.register_at
@property
def register_on(self):
return order.register_at.date()
2014-09-23 16:23:36 +00:00
2014-09-26 15:05:20 +00:00
* mail backend related_models = ('resources__content_type') ??
2014-09-26 19:21:09 +00:00
* Maildir billing tests/ webdisk billing tests (avg metric)
2014-09-28 12:28:57 +00:00
2015-03-11 20:01:08 +00:00
* when using modeladmin to store shit like self.account, make sure to have a cleanslate in each request? no, better reuse the last one
2014-09-28 12:28:57 +00:00
2015-03-11 20:01:08 +00:00
* jabber with mailbox accounts (dovecot mail notification)
2014-09-28 12:28:57 +00:00
2014-11-16 18:39:31 +00:00
* rename accounts register to "account", and reated api and admin references
2014-09-28 12:28:57 +00:00
2015-03-11 20:01:08 +00:00
* AccountAdminMixin auto adds 'account__name' on searchfields
2014-09-30 09:49:07 +00:00
* What fields we really need on contacts? name email phone and what more?
2014-09-30 14:46:29 +00:00
* Redirect junk emails and delete every 30 days?
2014-09-30 16:06:42 +00:00
2014-10-03 14:02:11 +00:00
* DOC: Complitely decouples scripts execution, billing, service definition
2014-10-01 16:42:40 +00:00
2014-10-14 13:50:19 +00:00
* init.d celery scripts
-# Required-Start: $network $local_fs $remote_fs postgresql celeryd
-# Required-Stop: $network $local_fs $remote_fs postgresql celeryd
2014-10-15 21:18:50 +00:00
* regenerate virtual_domains every time (configure a separate file for orchestra on postfix)
2014-10-17 10:04:47 +00:00
* Backend optimization
* fields = ()
* ignore_fields = ()
* based on a merge set of save(update_fields)
2014-10-17 20:03:41 +00:00
2014-10-23 15:38:46 +00:00
* proforma without billing contact?
2015-03-11 20:01:08 +00:00
* print open invoices as proforma?
2015-04-05 18:02:36 +00:00
* env ORCHESTRA_MASTER_SERVER='test1.orchestra.lan' ORCHESTRA_SECOND_SERVER='test2.orchestra.lan' ORCHESTRA_SLAVE_SERVER='test3.orchestra.lan' python manage.py test orchestra.apps.domains.tests.functional_tests.tests:AdminBind9BackendDomainTest --nologcapture
2014-10-23 15:38:46 +00:00
* ForeignKey.swappable
* Field.editable
* ManyToManyField.symmetrical = False (user group)
* REST PERMISSIONS
2014-10-24 10:16:46 +00:00
2014-11-13 16:40:42 +00:00
* caching based on "def text2int(textnum, numwords={}):"
2014-10-24 11:25:05 +00:00
2014-11-02 14:33:55 +00:00
* sync() ServiceController method that synchronizes orchestra and servers (delete or import)
2014-11-13 16:40:42 +00:00
* consider removing mailbox support on forward (user@pangea.org instead)
2014-11-05 21:29:14 +00:00
2014-11-02 14:33:55 +00:00
* Databases.User add reverse M2M databases widget (like mailbox.addresses)
2015-04-05 22:34:47 +00:00
* Grant permissions to systemusers
2014-11-05 20:22:01 +00:00
* Make one dedicated CGI user for each account only for CGI execution (fpm/fcgid). Different from the files owner, and without W permissions, so attackers can not inject backdors and malware.
* resource min max allocation with validation
2014-11-09 10:16:07 +00:00
* domain validation parse named-checzone output to assign errors to fields
* Directory Protection on webapp and use webapp path as base path (validate)
2014-11-18 13:59:21 +00:00
* validate systemuser.home on server-side
2014-11-11 12:05:47 +00:00
2015-04-05 22:34:47 +00:00
* webapp backend option compatibility check? raise exception, missconfigured error
2014-11-14 14:38:06 +00:00
2014-11-16 18:39:31 +00:00
* admin systemuser home/directory, add default home and empty directory with has_shell on admin
2014-11-18 13:59:21 +00:00
* Resource used_list_display=True, allocated_list_displat=True, allow resources to show up on list_display
2014-11-18 17:47:26 +00:00
2014-11-18 18:41:44 +00:00
* BackendLog.updated_at (tasks that run over several minutes when finished they do not appear first on the changelist) (like celery tasks.when)
2014-11-20 15:34:59 +00:00
* Periodic task for cleaning old monitoring data
* Create an admin service_view with icons (like SaaS app)
* Resource graph for each related object
2014-11-21 17:18:59 +00:00
2015-04-05 18:02:36 +00:00
* SaaS model splitted into SaaSUser and SaaSSite? inherit from SaaS, proxy model?
2014-11-27 19:17:26 +00:00
2015-02-24 09:34:26 +00:00
* prevent @pangea .org email addresses on contacts, enforce at least one email without @pangea .org
2014-12-22 11:40:02 +00:00
2015-03-02 10:37:25 +00:00
* forms autocomplete="off", doesn't work in chrome
2015-03-01 11:56:54 +00:00
ln -s /proc/self/fd /dev/fd
POST INSTALL
------------
* Generate a password-less ssh key, and copy it to the servers you want to orchestrate.
ssh-keygen
ssh-copy-id root@< server-address >
2015-03-11 16:32:33 +00:00
Php binaries should have this format: /usr/bin/php5.2-cgi
2015-03-04 21:06:16 +00:00
2015-03-11 16:32:33 +00:00
* logs on panel/logs/ ? mkdir ~webapps, backend post save signal?
2015-03-10 11:46:48 +00:00
* < IfModule security2_module > and other IfModule on backend SecRule
2015-03-26 16:00:30 +00:00
* Orchestra global search box on the page head, based https://github.com/django/django/blob/master/django/contrib/admin/options.py#L866 and iterating over all registered services and inspectin its admin.search_fields
2015-03-11 20:01:08 +00:00
2015-03-25 17:04:44 +00:00
* contain error on plugin missing key (plugin dissabled): NOP, fail hard is better than silently, perhaps fail at starttime? apploading machinary
2015-03-12 14:05:23 +00:00
* contact.alternative_phone on a phone.tooltip, email:to
* better validate options and directives (url locations, filesystem paths, etc..)
2015-03-16 16:52:41 +00:00
* make sure that you understand the risks
2015-03-18 21:51:12 +00:00
* full support for deactivation of services/accounts
2015-03-25 17:04:44 +00:00
* Display admin.is_active (disabled account special icon and order by support)
2015-03-18 21:51:12 +00:00
2015-03-20 15:13:08 +00:00
* lock resource monitoring
* -EXecCGI in common CMS upload locations /wp-upload/upload/uploads
* cgi user / pervent shell access
* prevent stderr when users exists on backend i.e. mysql user create
* disable anonymized list options (mailman)
2015-03-23 15:36:51 +00:00
* tags = GenericRelation(TaggedItem, related_query_name='bookmarks')
* user provided crons
* ```< ?php
$moodle_host = $SERVER[‘ HTTP_HOST’ ];
require_once(‘ /etc/moodles/’ .$moodle_host.‘ config.php’ );``` moodle/drupla/php-list multi-tenancy
* make account available on all admin forms
2015-04-05 18:02:36 +00:00
# WPMU blog traffic
2015-03-23 15:36:51 +00:00
2015-03-27 19:50:54 +00:00
* more robust backend error handling, continue executing but exit code > 0 if failure: failing_cmd || exit_code=1 and don't forget to call super.commit()!!
2015-03-23 15:36:51 +00:00
2015-03-27 19:50:54 +00:00
* website directives uniquenes validation on serializers
2015-03-25 15:45:04 +00:00
2015-03-27 19:50:54 +00:00
+ is_Active custom filter with support for instance.account.is_Active annotate with F() needed (django 1.8)
2015-03-25 15:45:04 +00:00
2015-04-05 22:34:47 +00:00
# delete apache logs and php logs
2015-03-25 15:45:04 +00:00
2015-03-27 19:50:54 +00:00
* document service help things: discount/refound/compensation effect and metric table
* Document metric interpretation help_text
* document plugin serialization, data_serializer?
2015-04-05 18:02:36 +00:00
# bill line managemente, remove, undo (only when possible), move, copy, paste
2015-03-27 19:50:54 +00:00
* budgets: no undo feature
* Autocomplete admin fields like < site_name > .phplist... with js
* allow empty metric pack for default rates? changes on rating algo
2015-04-07 15:14:49 +00:00
# don't produce lines with cost == 0 or quantity 0 ? maybe minimal quantity for billing? like 0.1 ? or minimal price? per line or per bill?
2015-03-27 19:50:54 +00:00
2015-04-05 18:02:36 +00:00
# lines too long on invoice, double lines or cut, and make margin wider
2015-03-29 16:10:07 +00:00
* payment methods icons
* use server.name | server.address on python backends, like gitlab instead of settings?
* TODO raise404, here and everywhere
2015-03-31 12:39:08 +00:00
* update service orders on a celery task? because it take alot
2015-03-29 16:10:07 +00:00
2015-04-03 10:14:45 +00:00
# FIXME do more test, make sure billed until doesn't get uodated whhen services are billed with les metric, and don't upgrade billed_until when undoing under this circumstances
2015-03-31 12:39:08 +00:00
* line 513: change threshold and one time service metric change should update last value if not billed, only record for recurring invoicing. postpay services should store the last metric for pricing period.
* add ini, end dates on bill lines and breakup quanity into size(defaut:1) and metric
* threshold for significative metric accountancy on services.handler
2015-04-01 15:49:21 +00:00
* http://orchestra.pangea.org/admin/orders/order/6418/
* http://orchestra.pangea.org/admin/orders/order/6495/bill_selected_orders/
2015-03-29 16:10:07 +00:00
* move normurlpath to orchestra.utils from websites.utils
* write down insights
2015-03-31 12:39:08 +00:00
* websites directives get_location() and use it on last change view validation stage to compare with contents.location and also on the backend ?
* modeladmin Default filter + search isn't working, prepend filter when searching
2015-04-05 18:02:36 +00:00
* create service help templates based on urlqwargs with the most basic services.
2015-03-29 16:10:07 +00:00
Translation
-----------
mkdir locale
django-admin.py makemessages -l ca
django-admin.py compilemessages -l ca
https://docs.djangoproject.com/en/1.7/topics/i18n/translation/#joining-strings-string-concat
from django.utils.translation import ugettext
from django.utils import translation
translation.activate('ca')
2015-03-31 12:39:08 +00:00
ugettext("Description")
* saas validate_creation generic approach, for all backends. standard output
2015-03-29 16:10:07 +00:00
2015-04-04 17:44:07 +00:00
* html code x: × for bill line verbose quantity
2015-04-01 15:49:21 +00:00
2015-04-02 16:14:55 +00:00
* periodic task to cleanup backendlogs, monitor data and metricstorage
2015-04-01 15:49:21 +00:00
* create orchestrate databases.Database pk=1 -n --dry-run | --noinput --action save (default)|delete --backend name (limit to this backend) --help
* uwsgi --max-requests=5000 \ # respawn processes after serving 5000 requests and
celery max-tasks-per-child
* generate settings.py more like django (installed_apps, middlewares, etc,,,)
* postupgradeorchestra send signals in order to hook custom stuff
2015-04-02 16:14:55 +00:00
* autoscale celery workers http://docs.celeryproject.org/en/latest/userguide/workers.html#autoscaling
glic3rinu's django-fluent-dashboard
2015-04-03 10:14:45 +00:00
* gevent is not ported to python3 :'(
2015-04-04 17:44:07 +00:00
# FIXME account deletion generates an integrity error
https://code.djangoproject.com/ticket/24576
2015-04-03 10:14:45 +00:00
# FIXME what to do when deleting accounts? set fk null and fill a username charfield? issues, invoices.. we whant all this to go away?
* implement delete All related services
2015-04-03 13:03:08 +00:00
2015-04-16 13:15:21 +00:00
# FIXME address name change does not remove old one :P, readonly or perhaps we can regenerate all addresses using backend.prepare()?
2015-04-04 17:44:07 +00:00
* read https://docs.djangoproject.com/en/dev/releases/1.8/ and fix deprecation warnings
2015-04-29 10:51:30 +00:00
* create nice fieldsets for SaaS, WebApp types and services, and helptexts too!
2015-04-04 17:44:07 +00:00
* replace make_option in management commands
2015-04-05 18:02:36 +00:00
# FIXME model contact info and account info (email, name, etc) correctly/unredundant/dry
* Use the new django.contrib.admin.RelatedOnlyFieldListFilter in ModelAdmin.list_filter to limit the list_filter choices to foreign objects which are attached to those from the ModelAdmin.
+ Query Expressions, Conditional Expressions, and Database Functions¶
* forms: You can now pass a callable that returns an iterable of choices when instantiating a ChoiceField.
2015-04-07 15:14:49 +00:00
* move all tests to django-orchestra/tests
* *natural keys: those fields that uniquely identify a service, list.name, website.name, webapp.name+account, make sure rest api can not edit thos things
2015-04-08 14:41:09 +00:00
# migrations accounts, bill, orders, auth -> migrate the rest (contacts lambda error)
2015-04-29 14:50:44 +00:00
2015-04-09 14:32:10 +00:00
* MultiCHoiceField proper serialization
* UNIFY PHP FPM settings name
2015-04-13 14:46:10 +00:00
# virtualhost name: name-account?
2015-04-10 15:03:38 +00:00
* add a delay to changes on the webserver apache to no overwelm it with backend executions?
2015-04-12 18:18:10 +00:00
* replace unique_name by natural_key?
* do not require contact or create default
* send signals for backend triggers
* force ignore slack billing period overridig when billing
* fpm reload starts new pools?
* rename resource.monitors to resource.backends ?
2015-04-20 14:23:10 +00:00
* abstract model classes that enabling overriding, and ORCHESTRA_DATABASE_MODEL settings + orchestra.get_database_model() instead of explicitly importing from orchestra.contrib.databases.models import Database.. (Admin and REST API are fucked then?)
2015-04-14 14:29:22 +00:00
2015-04-24 11:39:20 +00:00
# billing order list filter detect metrics that are greater from those of billing_date
2015-04-16 13:15:21 +00:00
# Ignore superusers & co on billing: list filter doesn't work nor ignore detection
2015-04-14 14:29:22 +00:00
# bill.totals make it 100% computed?
2015-04-16 13:15:21 +00:00
* joomla: wget https://github.com/joomla/joomla-cms/releases/download/3.4.1/Joomla_3.4.1-Stable-Full_Package.tar.gz -O - | tar xvfz -
2015-04-20 14:23:10 +00:00
2015-04-27 12:24:17 +00:00
# bill confirmation: show total
2015-04-21 13:12:48 +00:00
# Amend lines???
2015-04-27 14:54:17 +00:00
# orders currency setting
2015-04-20 14:23:10 +00:00
2015-04-23 19:46:23 +00:00
# Determine the difference between data serializer used for validation and used for the rest API!
# Make PluginApiView that fills metadata and other stuff like modeladmin plugin support
2015-04-26 13:53:00 +00:00
# custom validation for settings
# TODO orchestra related services code reload: celery/uwsgi reloading find aonther way without root and implement reload
# insert settings on dashboard dynamically
2015-04-27 12:24:17 +00:00
# convert all complex settings to string
2015-04-28 15:23:57 +00:00
# @ something database names
# password validation cracklib on change password form=?????
# reset setting buton
2015-04-29 10:51:30 +00:00
# periodic cleaning of spam mailboxes
# admin edit relevant djanog settings
# django SITE_NAME vs ORCHESTRA_SITE_NAME ?
2015-04-29 21:35:56 +00:00
2015-04-30 11:24:18 +00:00
Replace celery by a custom solution?
2015-05-01 18:05:34 +00:00
# TODO create decorator wrapper that abstract the task away from the backen (cron/celery)
# TODO crontab model localhost/autoadded attribute
2015-04-30 11:24:18 +00:00
* No more jumbo dependencies and wierd bugs
1) Periodic Monitoring:
* runtask management command + crontab scheduling or high performance beat crontab (not loading bloated django system)
2) Single time shot:
sys.run("python3 manage.py runtas 'task' args")
3) Emails:
Custom backend that distinguishes between priority and bulk mail
2015-05-01 18:05:34 +00:00
*priority: custom Thread backend
*bulk: wrapper arround django-mailer to avoid loading django system
2015-05-03 20:08:32 +00:00
# Create a new virtualenv
2015-05-03 17:44:46 +00:00
python3 -mvenv env-django-orchestra
source env-django-orchestra/bin/activate
pip3 install django-orchestra==dev --allow-external django-orchestra --allow-unverified django-orchestra
2015-05-03 20:08:32 +00:00
# Install dependencies
2015-05-03 17:44:46 +00:00
sudo apt-get install python3.4-dev libxml2-dev libxslt1-dev libcrack2-dev
2015-05-03 20:08:32 +00:00
pip3 install -r https://raw.githubusercontent.com/glic3rinu/django-orchestra/master/requirements.txt
# Create an orchestra instance
2015-05-03 18:33:07 +00:00
orchestra-admin startproject panel
2015-05-03 17:44:46 +00:00
python3 panel/manage.py migrate accounts
python3 panel/manage.py migrate
python3 panel/manage.py runserver
2015-05-03 18:33:07 +00:00
http://localhost:8000/admin/
2015-05-03 17:44:46 +00:00
2015-05-03 18:33:07 +00:00
setupcrontab
2015-05-03 17:44:46 +00:00
Collecting lxml==3.3.5 (from -r re (line 22))
Downloading lxml-3.3.5.tar.gz (3.5MB)
100% |################################| 3.5MB 60kB/s
Building lxml version 3.3.5.
Building without Cython.
ERROR: b'/bin/sh: 1: xslt-config: not found\n'
** make sure the development packages of libxml2 and libxslt are installed **
Using build configuration of libxslt
/usr/lib/python3.4/distutils/dist.py:260: UserWarning: Unknown distribution option: 'bugtrack_url'
warnings.warn(msg)
# Setupcron
2015-05-01 18:05:34 +00:00
# uwsgi enable threads
# register signals in app ready()
# database_ready(): connect to the database or inspect django connection
2015-05-03 17:44:46 +00:00
# move Setting to contrib app __init__
# cracklib vs crack
# remove system dependencies
# deprecate install_dependnecies in favour of only requirements.txt
# import module and sed
# if setting.value == default. remove
2015-05-03 20:08:32 +00:00
# TASKS_ENABLE_UWSGI_CRON
2015-05-03 17:44:46 +00:00
# reload generic admin view ?redirect=http...
# inspecting django db connection for asserting db readines?
# wake up django mailer on send_mail
# project settings modified copy of django's default project settings
2015-05-03 20:08:32 +00:00
2015-05-04 12:57:41 +00:00
# migrate accounts break on superuser insert because of orders signals: ready() + db_ready()
2015-05-03 21:26:17 +00:00
2015-05-04 12:57:41 +00:00
# if backend.async: don't join.
# RELATED: domains.sync to ns3 make it async
2015-05-03 21:26:17 +00:00
# ngnix setup certificate
from orchestra.contrib.tasks import task
import time, sys
@task (name='rata')
def counter(num, log):
for i in range(1, num):
with open(log, 'a') as handler:
handler.write(str(i))
sys.stderr.write('hola\n')
time.sleep(1)
counter.apply_async(10, '/tmp/kakas')
2015-05-03 21:45:46 +00:00
# setup main systemuser on post_migrate SystemUser
# Provide some fixtures with mocked data
2015-05-04 12:57:41 +00:00
don't make hard dependencies strict dependencies, fail when needed.
2015-05-04 10:48:09 +00:00
# on project_settings add debug settings but commented
# rename context processes varbailes to its original name
2015-05-04 12:57:41 +00:00
TODO http://wiki2.dovecot.org/HowTo/SimpleVirtualInstall
TODO http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix
TODO mount the filesystem with "nosuid" option
2015-05-04 10:48:09 +00:00
# execute Make after postfix update
2015-05-04 12:57:41 +00:00
# wkhtmltopdf -> reportlab
2015-05-04 10:48:09 +00:00