From f5a09567368e47aa6df861b0870a91028bc34f05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ga=C3=ABtan=20Trellu?= <gaetan.trellu@incloudus.com>
Date: Thu, 20 Jun 2019 13:03:31 -0400
Subject: [PATCH] Implement Apache WSGI for Qinling

Since this review[1], Qinling supports WSGI execution.

From a production perspective, Qinling should be deployed
using Apache and mod_wsgi.

[1] https://review.opendev.org/#/c/661851/

Change-Id: I9aaee4c2932f1e4ea9fe780a64e96a28fa6bccfb
Story: 2005920
Task: 34181
---
 docker/qinling/qinling-api/Dockerfile.j2   |  2 -
 docker/qinling/qinling-api/extend_start.sh | 11 ++++++
 docker/qinling/qinling-base/Dockerfile.j2  | 44 ++++++++++++++++++++--
 3 files changed, 52 insertions(+), 5 deletions(-)

diff --git a/docker/qinling/qinling-api/Dockerfile.j2 b/docker/qinling/qinling-api/Dockerfile.j2
index 046805f4da..ca7b37db71 100644
--- a/docker/qinling/qinling-api/Dockerfile.j2
+++ b/docker/qinling/qinling-api/Dockerfile.j2
@@ -15,5 +15,3 @@ RUN chmod 755 /usr/local/bin/kolla_qinling_extend_start
 
 {% block qinling_api_footer %}{% endblock %}
 {% block footer %}{% endblock %}
-
-USER qinling
diff --git a/docker/qinling/qinling-api/extend_start.sh b/docker/qinling/qinling-api/extend_start.sh
index d5f22dc5f7..2da76f0d66 100644
--- a/docker/qinling/qinling-api/extend_start.sh
+++ b/docker/qinling/qinling-api/extend_start.sh
@@ -1,5 +1,16 @@
 #!/bin/bash
 
+# NOTE(pbourke): httpd will not clean up after itself in some cases which
+# results in the container not being able to restart. (bug #1489676, 1557036)
+if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then
+    # Loading Apache2 ENV variables
+    . /etc/apache2/envvars
+    install -d /var/run/apache2/
+    rm -rf /var/run/apache2/*
+else
+    rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd*
+fi
+
 # Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
 # of the KOLLA_BOOTSTRAP variable being set, including empty.
 if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
diff --git a/docker/qinling/qinling-base/Dockerfile.j2 b/docker/qinling/qinling-base/Dockerfile.j2
index 862296d859..0c597f218b 100644
--- a/docker/qinling/qinling-base/Dockerfile.j2
+++ b/docker/qinling/qinling-base/Dockerfile.j2
@@ -14,6 +14,42 @@ RUN echo '{{ install_type }} not yet available for {{ base_distro }}' \
 
 {% elif install_type == 'source' %}
 
+    {% if base_package_type == 'rpm' %}
+
+        {% set qinling_base_packages = [
+            'httpd',
+            'mod_ssl',
+        ] %}
+        {% if distro_python_version.startswith('3') %}
+        {% set qinling_base_packages = qinling_base_packages + [
+            'python3-ldappool',
+            'python3-mod_wsgi'
+        ] %}
+        {% else %}
+        {% set qinling_base_packages = qinling_base_packages + [
+            'mod_wsgi',
+            'python2-ldappool'
+        ] %}
+        {% endif %}
+
+{{ macros.install_packages(qinling_base_packages | customizable("packages")) }}
+RUN mkdir -p /var/www/cgi-bin/qinling \
+    && sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf \
+    && sed -i -r 's,^(Listen 443),#\1,' /etc/httpd/conf.d/ssl.conf
+
+    {% elif base_package_type == 'deb' %}
+
+        {% set qinling_base_packages = [
+            'apache2',
+            'libapache2-mod-wsgi-py3',
+            'python3-ldappool'
+        ] %}
+
+{{ macros.install_packages(qinling_base_packages | customizable("packages")) }}
+RUN mkdir -p /var/www/cgi-bin/qinling \
+    && echo > /etc/apache2/ports.conf
+    {% endif %}
+
 ADD qinling-base-archive /qinling-base-source
 
 {% set qinling_base_pip_packages = [
@@ -22,15 +58,17 @@ ADD qinling-base-archive /qinling-base-source
 
 RUN ln -s qinling-base-source/* qinling \
     && {{ macros.install_pip(qinling_base_pip_packages | customizable("pip_packages")) }} \
-    && mkdir -p /etc/qinling \
+    && mkdir -p /etc/qinling /var/www/cgi-bin/qinling \
     && cp -r /qinling/etc/policy.json.sample /etc/qinling/policy.json \
-    && chown -R qinling: /etc/qinling
+    && cp /qinling/qinling/api/wsgi.py /var/www/cgi-bin/qinling \
+    && chown -R qinling: /etc/qinling /var/www/cgi-bin/qinling
 
 {% endif %}
 
 COPY extend_start.sh /usr/local/bin/kolla_extend_start
 
 RUN touch /usr/local/bin/kolla_qinling_extend_start \
-    && chmod 755 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_qinling_extend_start
+    && chmod 755 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_qinling_extend_start \
+    && chmod 755 /var/www/cgi-bin/qinling
 
 {% block qinling_base_footer %}{% endblock %}