CivicActions · acabouet · Feb 11, 2025 · Jan 27, 2025 · Jan 27, 2025 · Dec 18, 2024
diff --git a/.bp-config/httpd/httpd.conf b/.bp-config/httpd/httpd.conf
@@ -0,0 +1,38 @@
+# Overrides https://github.com/cloudfoundry/php-buildpack/blob/master/defaults/config/httpd/httpd.conf
+# to include our customization.
+# See https://docs.cloudfoundry.org/buildpacks/php/gsg-php-config.html#engine-configurations for background
+
+ServerRoot "${HOME}/httpd"
+Listen ${PORT}
+ServerAdmin "${HTTPD_SERVER_ADMIN}"
+ServerName "0.0.0.0"
+DocumentRoot "${HOME}/#{WEBDIR}"
+Include conf/extra/httpd-modules.conf
+Include conf/extra/httpd-directories.conf
+Include conf/extra/httpd-mime.conf
+Include conf/extra/httpd-deflate.conf
+Include conf/extra/httpd-logging.conf
+Include conf/extra/httpd-mpm.conf
+Include conf/extra/httpd-default.conf
+Include conf/extra/httpd-remoteip.conf
+Include conf/extra/httpd-php.conf
+
+# If they exist, include any user-provided customizations
+IncludeOptional conf/user-provided/*.conf
+
+<IfModule !mod_headers.c>
+  LoadModule headers_module modules/mod_headers.so
+</IfModule>
+
+RequestHeader unset Proxy early
+
+# Basic auth
+<Directory "${HOME}/#{WEBDIR}">
+    AuthType Basic
+    AuthName "Dev site"
+    AuthUserFile "/home/vcap/app/apache2/.htpasswd"
+    <LimitExcept POST GET>
+      Require valid-user
+      Require host pgov-frontend.app.cloud.gov localhost:3000
+    </Limit>
+</Directory>
diff --git a/.bp-config/httpd/user-provided/httpd-basicauth.conf b/.bp-config/httpd/user-provided/httpd-basicauth.conf
@@ -0,0 +1,5 @@
+# Enable modules needed for http basic auth
+LoadModule authn_core_module modules/mod_authn_core.so
+LoadModule auth_basic_module modules/mod_auth_basic.so
+LoadModule authn_file_module modules/mod_authn_file.so
+LoadModule authz_user_module modules/mod_authz_user.so
diff --git a/.bp-config/httpd/user-provided/httpd-drupalsupport.conf b/.bp-config/httpd/user-provided/httpd-drupalsupport.conf
@@ -0,0 +1,2 @@
+# Enable proxy_http for our s3fs module
+LoadModule proxy_http_module modules/mod_proxy_http.so
diff --git a/.bp-config/options.json b/.bp-config/options.json
@@ -0,0 +1,11 @@
+{
+  "COMPOSER_INSTALL_OPTIONS": [
+    "--no-progress --no-interaction"
+  ],
+  "COMPOSER_VENDOR_DIR": "vendor",
+  "WEBDIR": "web",
+  "PHP_VERSION": "{PHP_83_LATEST}",
+  "ADDITIONAL_PREPROCESS_CMDS": [
+    "$HOME/bootstrap.sh"
+  ]
+}
diff --git a/.bp-config/php/php.ini.d/extensions.ini b/.bp-config/php/php.ini.d/extensions.ini
@@ -0,0 +1,8 @@
+extension=apcu
+extension=igbinary
+extension=imagick
+extension=pdo_mysql
+extension=redis
+extension=mysqli
+
+zend_extension=opcache.so
diff --git a/.bp-config/php/php.ini.d/memory_limit.ini b/.bp-config/php/php.ini.d/memory_limit.ini
@@ -0,0 +1,3 @@
+; Maximum amount of memory a script may consume (128MB)
+; http://php.net/memory-limit
+memory_limit = 1024M
diff --git a/.cfignore b/.cfignore
@@ -0,0 +1,33 @@
+# Ignore directories generated by Composer
+/drush/contrib/
+/vendor/
+/web/core/
+/web/modules/contrib/
+/web/themes/contrib/
+/web/profiles/contrib/
+/web/libraries/
+
+# Ignore node modules from USWDS or otherwise.
+node_modules/
+
+# Typically, composer generates a .gitignore to ignore the
+# `settings.php` files.  For cloud.gov and Cloud Foundry, no sensitive
+# information is stored in the settings files. Instead, those files
+# have code that parses environment variables for DB and S3
+#
+# Ignore sensitive information [This is a `composer` default]
+# /web/sites/*/settings.php
+# /web/sites/*/settings.local.php
+
+
+# Ignore Drupal's file directory
+/web/sites/*/files/
+
+# Ignore SimpleTest multi-site environment.
+/web/sites/simpletest
+
+# Ignore files generated by PhpStorm
+/.idea/
+
+.DS_Store
+/.ddev/
diff --git a/.gitignore b/.gitignore
@@ -22,9 +22,8 @@
 # Ignore files generated by PhpStorm
 /.idea/
 
-# Ignore .env and keu files as they are personal
+# Ignore .env and key files as they are personal
 .env
-*.key
 
 # dependencies
 /node_modules
@@ -43,6 +42,8 @@ vendor
 /build
 /db/
 /keys
+*.key
+
 
 # misc
 .DS_Store
@@ -55,3 +56,4 @@ vendor
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
+*.tsbuildinfo
diff --git a/apt.yml b/apt.yml
@@ -0,0 +1,5 @@
+---
+cleancache: true
+packages:
+  - mariadb-client
+  - apache2-utils
diff --git a/bin/deploy-cloudgov.sh b/bin/deploy-cloudgov.sh
@@ -0,0 +1,90 @@
+#!/bin/sh
+#
+# This script will attempt to create the services required
+# and then launch everything.
+#
+
+# this function will generate a random string, or bail if uuidgen is not available.
+generate_string()
+{
+  if [ -z "$1" ] ; then
+    if command -v uuidgen >/dev/null ; then
+      NEW_STRING=$(uuidgen)
+      export NEW_STRING
+    else
+      echo "cannot find uuidgen utility:  You will need to generate some random strings and put them in the CRON_KEY, HASH_SALT, and ROOT_USER_PASS environment variables, then re-run this script."
+      exit 1
+    fi
+  fi
+}
+
+# If the user does not supply required data, generate some secrets.
+generate_string "$CRON_KEY"
+CRON_KEY=${CRON_KEY:-$NEW_STRING}
+
+generate_string "$HASH_SALT"
+HASH_SALT=${HASH_SALT:-$NEW_STRING}
+
+generate_string "$ROOT_USER_PASS"
+ROOT_USER_PASS=${ROOT_USER_PASS:-$NEW_STRING}
+
+ROOT_USER_NAME=${ROOT_USER_NAME:-root}
+
+
+# function to check if a service exists
+service_exists()
+{
+  cf service "$1" >/dev/null 2>&1
+}
+
+# create services (if needed)
+if service_exists "database" ; then
+  echo database already created
+else
+  if [ "$1" = "prod" ] ; then
+    cf create-service aws-rds medium-mysql-redundant database
+  else
+    cf create-service aws-rds small-mysql database
+  fi
+fi
+
+if service_exists "secrets" ; then
+  echo secrets already created
+else
+  yes '' | cf create-user-provided-service secrets -p "{\"CRON_KEY\": \"$CRON_KEY\", \"HASH_SALT\": \"$HASH_SALT\", \"ROOT_USER_NAME\": \"$ROOT_USER_NAME\", \"ROOT_USER_PASS\": \"$ROOT_USER_PASS\"}"
+fi
+
+if service_exists "storage" ; then
+  echo storage already created
+else
+  cf create-service s3 basic-sandbox storage
+fi
+
+# wait until the db is fully provisioned
+until cf create-service-key database test-db-ok ; do
+	echo waiting until database is live...
+	sleep 20
+done
+cf delete-service-key database test-db-ok -f
+
+# make the bootstrap script runnable
+chmod +x ./bootstrap.sh
+
+# launch the apps
+cf push
+
+# make sure that the app knows where it's s3fs stuff lives
+cf create-service-key storage storagekey
+S3INFO=$(cf service-key storage storagekey)
+S3_BUCKET=$(echo "$S3INFO" | grep '"bucket":' | sed 's/.*"bucket": "\(.*\)",/\1/')
+S3_REGION=$(echo "$S3INFO" | grep '"region":' | sed 's/.*"region": "\(.*\)",/\1/')
+cf set-env PGOV-CMS S3_BUCKET "$S3_BUCKET"
+cf set-env PGOV-CMS S3_REGION "$S3_REGION"
+cf delete-service-key storage storagekey -f
+cf restart PGOV-CMS
+
+# tell people where to go
+ROUTE=$(cf apps | grep PGOV-CMS | awk '{print $4}')
+echo
+echo
+echo "To log into the drupal site, you will want to go to https://${ROUTE}/user/login and enter your username/password."
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# Enable proxy_http for our s3fs module
		LoadModule proxy_http_module modules/mod_proxy_http.so