Skip to content

Instantly share code, notes, and snippets.

@WebPlatformDocs

WebPlatformDocs/procedure.md

Last active August 29, 2015 14:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save WebPlatformDocs/7f0d8c32cc4cbbf718b9 to your computer and use it in GitHub Desktop.
Save WebPlatformDocs/7f0d8c32cc4cbbf718b9 to your computer and use it in GitHub Desktop.
Download ZIP
Making work fxa-dev Vagrant VM from a vanilla fedora20 VM without database.
Raw
procedure.md

The following steps are things that aren’t been handled by Ansible and that were required to do manually so we could run FxA on a Vagrant VM using mozilla/fxa-dev.

Note that this procedure has been made after the steps described in mozilla/fxa-dev#81

Procedure

Database HTTP layer

  1. Inside the VM, create manually the database

     sudo -s
 mysql
 create database fxa;
 quit
 cd /data/fxa-auth-db-server/

  2. make sure config/staging.json has root has no password

     su app
 NODE_ENV=stage node bin/db_patcher.js chdir=/data/fxa-auth-db-server
 exit
 supervisorctl restart fxa-auth-db-server
 cd /data/fxa-auth-server/
 su app

  3. as per scripts/start-server.sh, run manually without STDERR

     node ./bin/key_server.js | node ./bin/notifier.js

  4. boom npm module isn’t found at that version anymore, change package.json from '2.x.x' to '~2.6'

     vi /data/fxa-auth-server/node_modules/hawk/node_modules/cryptiles/package.json

  5. Try again

     npm update
 exit
 mkdir /data/fxa-auth-server/node_modules/fxa-auth-db-mem/node_modules
 chown app:app /data/fxa-auth-server/node_modules/fxa-auth-db-mem/node_modules
 su app
 npm update
 exit
 mkdir /data/fxa-auth-server/node_modules/grunt/node_modules/grunt-legacy-log/node_modules/colors
 chown app:app /data/fxa-auth-server/node_modules/grunt/node_modules/grunt-legacy-log/node_modules/colors

  6. Complaints about no permission, trying as root now.

     npm update

  7. Module not found "libs/minimal"

     cd /data/fxa-auth-server/node_modules/browserid-crypto/libs/
 su app
 ./bundle.sh
 cd /data/fxa-auth-server
 node /data/fxa-auth-server/scripts/gen_keys.js
 node ./bin/key_server.js | node ./bin/notifier.js

  8. If it doesn’t die, we are good to go

     exit
 supervisorctl start fxa-auth-server

OAuth server

  1. OAuth server now

     supervisorctl start fxa-oauth-server
 supervisorctl status

  2. But it dies

     cd ../fxa-oauth-server/
 su app

  3. Run directly without STDERR redirection

     CONFIG_FILES="/data/fxa-oauth-server/config/awsbox.json,/data/fxa-oauth-server/config/local.json" node /data/fxa-oauth-server/bin/server.js

  4. Its a database access problem

     vi config/local.json

  5. Adjust password field. Here is how its configured in ansible config

     // From fxa-dev checkout
 vi roles/oauth/defaults/main.yml
 // Adjust the `oauth_db_password` field, otherwise python will write "None" and will try to connect to DB using "None" as a password.

  6. Back in the VM, try again

     su app
 CONFIG_FILES="/data/fxa-oauth-server/config/awsbox.json,/data/fxa-oauth-server/config/local.json" node /data/fxa-oauth-server/bin/server.js

  7. If it doesn’t die, we’re good to go

     exit
 supervisorctl start fxa-oauth-server

FxA RP

	supervisorctl start fxa-rp

Might say its not running. To fix;

	cd ../fxa-rp/
	cat /etc/supervisor.d/fxa-rp.conf

  1. Missing certificate

     su app
 node scripts/gen_keys.js
 exit
 supervisorctl start fxa-rp

  2. Check the logs

     tail /var/log/fxa-rp.log
 // ... Error: Cannot find module 'ejs'

  3. Missing modules w/ npm modules

     suu app
 npm install

  4. Dependencies doesn’t have their dependencies handled ^^;;;;;

     cd node_modules/connect-fonts/
 npm install
 cd ../../
 cd node_modules/connect-fonts/node_modules/node-font-face-generator/
 npm install

  5. Try again

     cd ../../../../
 CONFIG_FILES="/data/fxa-rp/config.json,/data/fxa-rp/local.json" node /data/fxa-rp/server.js
 exit

  6. If fxa-rp doesn’t die, we’re good to go there too.

Note that the Redis error is fine if you are in dev mode though.

	supervisorctl start fxa-rp
	supervisorctl status
	elasticsearch                    RUNNING    pid 17636, uptime 1:18:41
	fxa-auth-db-server               RUNNING    pid 18116, uptime 0:56:41
	fxa-auth-mailer                  FATAL      Exited too quickly (process log may have details)
	fxa-auth-server                  RUNNING    pid 18872, uptime 0:16:46
	fxa-content-server               RUNNING    pid 17635, uptime 1:18:41
	fxa-customs-server               RUNNING    pid 17631, uptime 1:18:41
	fxa-oauth-server                 RUNNING    pid 18987, uptime 0:09:25
	fxa-profile:profile-server       RUNNING    pid 17646, uptime 1:18:41
	fxa-profile:profile-static       RUNNING    pid 17642, uptime 1:18:41
	fxa-profile:profile-worker       RUNNING    pid 17643, uptime 1:18:41
	fxa-rp                           RUNNING    pid 19277, uptime 0:00:14
	hekad                            RUNNING    pid 17649, uptime 1:18:41

fxa-auth-mailer

	cd ../fxa-auth-mailer
	vi /etc/supervisor.d/fxa-auth-mailer.conf
	su app
	node /data/fxa-auth-mailer/bin/server.js

  1. Something about an error w/ Restify

     npm install

  2. Try again, should work now

     node /data/fxa-auth-mailer/bin/server.js

  3. If it doesn’t die, we’re good to go

     exit
 supervisorctl start fxa-auth-mailer

Everything should be RUNNING now

	supervisorctl status
	elasticsearch                    RUNNING    pid 17636, uptime 1:28:15
	fxa-auth-db-server               RUNNING    pid 18116, uptime 1:06:15
	fxa-auth-mailer                  RUNNING    pid 19400, uptime 0:00:06
	fxa-auth-server                  RUNNING    pid 18872, uptime 0:26:20
	fxa-content-server               RUNNING    pid 17635, uptime 1:28:15
	fxa-customs-server               RUNNING    pid 17631, uptime 1:28:15
	fxa-oauth-server                 RUNNING    pid 18987, uptime 0:18:59
	fxa-profile:profile-server       RUNNING    pid 17646, uptime 1:28:15
	fxa-profile:profile-static       RUNNING    pid 17642, uptime 1:28:15
	fxa-profile:profile-worker       RUNNING    pid 17643, uptime 1:28:15
	fxa-rp                           RUNNING    pid 19277, uptime 0:09:48
	hekad                            RUNNING    pid 17649, uptime 1:28:15

Networking issues

Now that we have everything running, we need to have it accessible from outside the VM.

    iptables -L
    sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
    sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
    iptables --flush

We’ll have to deal with this later #TODO

Ref

  1. List all ports we need and make sure they are http_port_t. #TODO

  2. Enable them in SELinux manually the ones missing

     semanage port --add --type http_port_t --proto tcp 9010
 semanage port --add --type http_port_t --proto tcp 9011
 semanage port --add --type http_port_t --proto tcp 9012
 semanage port --add --type http_port_t --proto tcp 7000
 semanage port --add --type http_port_t --proto tcp 1113
 semanage port --add --type http_port_t --proto tcp 8000
 semanage port --add --type http_port_t --proto tcp 3030
 semanage port --add --type http_port_t --proto tcp 4900

  3. Change port of fxa-oauth-server

     vi /data/fxa-oauth-server/config/local.json

  4. Add a block:

     "server": {"port": 9110},

  5. Ensure its open

     supervisorctl restart fxa-oauth-server
 semanage port --add --type http_port_t --proto tcp 9110
 nmap -p 9110 localhost

NGINX services

vi /etc/nginx/conf.d/upstream/http_fxa_oauth.conf
server 127.0.0.1:9110

FxA content server didnt have npm modules installed

cd /data/fxa-content-server
npm install
su data
bower install
exit
grunt build:dist
chown -R app:app dist/

Make sure we have dist/bower_components with more than 2 folders

supervisorctl restart fxa-content-server
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment