diff --git a/config/env/all.js b/config/env/all.js index 92ec2efd..1f6bacce 100755 --- a/config/env/all.js +++ b/config/env/all.js @@ -8,6 +8,10 @@ module.exports = { }, port: process.env.PORT || 3000, templateEngine: 'swig', + + //Sentry DSN Client Key + DSN: 'http://db01e03015ce48e2b68240ea8254b17c:5d878e9bb6c6488fbb70fb81295ee700@sentry.example.com/1' + // The secret should be set to a non-guessable string that // is used to compute a session hash sessionSecret: 'MEAN', diff --git a/config/express.js b/config/express.js index bbf0ad3b..efd32fb4 100755 --- a/config/express.js +++ b/config/express.js @@ -66,6 +66,13 @@ module.exports = function(db) { // Showing stack errors app.set('showStackError', true); + // Sentry (Raven) error reporting + app.use(raven.middleware.express.requestHandler(config.DSN)); + + // Should come before any other error middleware + app.use(raven.middleware.express.errorHandler(config.DSN)); + //app.use(onError); // optional error handler if you want to display the error id to a user + // Set swig as the template engine app.engine('server.view.html', consolidate[config.templateEngine]); diff --git a/docs/setup_sentry_server.md b/docs/setup_sentry_server.md new file mode 100644 index 00000000..8f59c48a --- /dev/null +++ b/docs/setup_sentry_server.md @@ -0,0 +1,250 @@ +Installing Sentry Server +------------------------ + +Medforms is an opensource *form builder* that can create stunning forms from PDFs or from scratch + +## Before You Begin +Make sure you understand what sentry server does. You can view documentation for sentry server [here](https://sentry.readthedocs.org/). This document was written for a server running *Ubuntu 14.04 LTS server* (we used Azure). + + +## Prerequisites +Make sure you have these installed: +* apt-get +* python2.7 +* vim + + + +## Installation Steps +1. Add non-root user. +``` +sudo adduser sentry +sudo adduser sentry sudo +``` + +2. Update all apt-get packages +``` +sudo apt-get update +sudo apt-get dist-upgrade +sudo apt-get autoremove +sudo apt-get install libxml2-dev libxslt1-dev libffi-dev +sudo reboot +``` + +3. Install easy_install and pip +``` +wget https://bootstrap.pypa.io/ez_setup.py -O - | sudo python +sudo easy_install pip +``` + +4. Install virtualenv and virtualenvwrapper +``` +sudo pip install virtualenv +``` + +5. Install Sentry and Setup +``` +# make server directory +mkdir ~/SentryServer; cd ~/SentryServer; +# make virtualenv +virtualenv ./ +#activate virtualenv +source ./bin/activate + +# install sentry and its postgresql dependencies +pip install -U sentry[postgres] +``` + +6. Install postgresql +``` +# install postgres +sudo apt-get install postgresql postgresql-contrib libpq-dev + +# install postgres adminpack +sudo -u postgres psql +CREATE EXTENSION "adminpack"; +\q +``` + +7. Setup postgresql DB +``` +# change postgres password & create database +sudo passwd postgres +sudo su - postgres +psql -d template1 -c "ALTER USER postgres WITH PASSWORD 'changeme';" +createdb sentry +createuser sentry_user --pwprompt +psql -d template1 -U postgres +GRANT ALL PRIVILEGES ON DATABASE sentry to sentry_user; +\q +exit +``` + +8. Setup Sentry Configuration +``` +# initialize conf file +sentry init + +#edit sentry configuration +vim ~/.sentry/sentry.conf.py +``` + +The following are the contents of my sentry.conf.py file (replace name, user and password with your that of your DB) + +``` +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.postgresql_psycopg2', + 'NAME': 'sentry', + 'USER': 'sentry_user', + 'PASSWORD': 'your_password', + 'HOST': 'localhost', + } +} +# No trailing slash! +SENTRY_URL_PREFIX = 'http://sentry.example.com' + +SENTRY_WEB_HOST = '0.0.0.0' +SENTRY_WEB_PORT = 9000 +SENTRY_WEB_OPTIONS = { + 'workers': 3, # the number of gunicorn workers + 'secure_scheme_headers': {'X-FORWARDED-PROTO': 'https'}, # detect HTTPS mode from X-Forwarded-Proto header +} + +#CONFIGURE REDIS +SENTRY_REDIS_OPTIONS = { + 'hosts': { + 0: { + 'host': '127.0.0.1', + 'port': 6379, + 'timeout': 3, + #'password': 'redis auth password' + } + } +} + +#CONFIGURE OUTGOING MAIL +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' +EMAIL_USE_TLS = True +EMAIL_HOST = 'smtp.gmail.com' +EMAIL_PORT = 587 +EMAIL_HOST_USER = 'your_gmail_username@gmail.com' +EMAIL_HOST_PASSWORD = 'your_gmail_password' +DEFAULT_FROM_EMAIL = 'testing@testing.com +``` + +9. Setup Database and Start Sentry +``` +#install and run redis-server +wget http://download.redis.io/releases/redis-stable.tar.gz +tar xzf redis-stable.tar.gz +cd redis-stable +make +make test +sudo make install +cd utils +sudo ./install_server.sh + +#Go back to app directory +cd ~/SentryServer +sudo service redis_6379 start + +# set up databse +sentry upgrade + +# let's try it out! +sentry start +``` + +10. Install nginx + +``` +# install nginx +sudo apt-get install nginx + +# remove the default symbolic link +sudo rm /etc/nginx/sites-enabled/default + +# create a new blank config, and make a symlink to it +sudo touch /etc/nginx/sites-available/sentry +cd /etc/nginx/sites-enabled +sudo ln -s ../sites-available/sentry + +# edit the nginx configuration file +sudo vim /etc/nginx/sites-available/sentry +``` +*Here are the contents of my nginx file:* +``` +server { + # listen on port 80 + listen 80; + + # for requests to these domains + server_name yourdomain.com www.yourdomain.com; + + # keep logs in these files + access_log /var/log/nginx/sentry.access.log; + error_log /var/log/nginx/sentry.error.log; + + # You need this to allow users to upload large files + # See http://wiki.nginx.org/HttpCoreModule#client_max_body_size + # I'm not sure where it goes, so I put it in twice. It works. + client_max_body_size 0; + + location / { + proxy_pass http://localhost:9000; + proxy_redirect off; + + proxy_read_timeout 5m; + + # make sure these HTTP headers are set properly + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} +``` + +11. Start the worker processes +``` +# restart nginx +sudo service nginx restart + +#start sentry +sentry celery worker -B +``` + +12. Install and Configure supervisord +``` +pip install supervisord +sudo echo_supervisord_conf > ~/SentryServer/etc/supervisord.conf + +#Edit yuour supervisord Config +vim /etc/supervisord.conf +``` + +Configuration file should look like this +``` +[program:sentry-web] +directory=~/SentryServer/ +command=~/SentryServer/bin/sentry start +autostart=true +autorestart=true +redirect_stderr=true +stdout_logfile=syslog +stderr_logfile=syslog + +[program:sentry-worker] +directory=~/SentryServer/ +command=~/SentryServer/bin/sentry celery worker -B +autostart=true +autorestart=true +redirect_stderr=true +stdout_logfile=syslog +stderr_logfile=syslog +``` + +13. Run Server (with supervisord) +``` +supervisord +``` diff --git a/package.json b/package.json index 3ae8e48e..aba468b0 100644 --- a/package.json +++ b/package.json @@ -18,10 +18,7 @@ "postinstall": "bower install --config.interactive=false; grunt build" }, "dependencies": { - "multer": "~0.1.8", "async": "~0.9.0", - "load-grunt-tasks": "~1.0.0", - "pdffiller": "whitef0x0/pdffiller", "body-parser": "~1.9.0", "bower": "~1.3.8", "chalk": "~1.0.0", @@ -37,24 +34,6 @@ "glob": "~4.0.5", "grunt": "~0.4.1", "grunt-cli": "~0.1.13", - "helmet": "~0.5.0", - "lodash": "~2.4.1", - "main-bower-files": "~2.8.2", - "method-override": "~2.3.0", - "mongoose": "~3.8.8", - "morgan": "~1.4.1", - "nodemailer": "~1.3.0", - "passport": "~0.2.0", - "passport-facebook": "~1.0.2", - "passport-github": "~0.1.5", - "passport-google-oauth": "~0.1.5", - "passport-linkedin": "~0.1.3", - "passport-local": "~1.0.0", - "passport-twitter": "~1.0.2", - "satelize": "~0.1.1", - "swig": "~1.4.1", - "then-fs": "~2.0.0", - "mocha": ">=1.20.0", "grunt-concurrent": "~1.0.0", "grunt-contrib-csslint": "~0.3.1", "grunt-contrib-cssmin": "~0.10.0", @@ -68,13 +47,35 @@ "grunt-ng-annotate": "~0.4.0", "grunt-node-inspector": "~0.1.3", "grunt-nodemon": "~0.3.0", + "helmet": "~0.5.0", "karma": "~0.12.0", "karma-chrome-launcher": "~0.1.2", "karma-coverage": "~0.2.0", "karma-firefox-launcher": "~0.1.3", "karma-jasmine": "~0.2.1", "karma-phantomjs-launcher": "~0.1.2", + "load-grunt-tasks": "~1.0.0", + "lodash": "~2.4.1", + "main-bower-files": "~2.8.2", + "method-override": "~2.3.0", + "mocha": ">=1.20.0", + "mongoose": "~3.8.8", + "morgan": "~1.4.1", + "multer": "~0.1.8", + "nodemailer": "~1.3.0", + "passport": "~0.2.0", + "passport-facebook": "~1.0.2", + "passport-github": "~0.1.5", + "passport-google-oauth": "~0.1.5", + "passport-linkedin": "~0.1.3", + "passport-local": "~1.0.0", + "passport-twitter": "~1.0.2", + "pdffiller": "whitef0x0/pdffiller", + "raven": "^0.8.1", + "satelize": "~0.1.1", "should": "~4.1.0", - "supertest": "~0.14.0" + "supertest": "~0.14.0", + "swig": "~1.4.1", + "then-fs": "~2.0.0" } } diff --git a/scripts/generate-ssl-certs.sh b/scripts/generate-ssl-certs.sh index f09002c0..6f5cb2ab 100755 --- a/scripts/generate-ssl-certs.sh +++ b/scripts/generate-ssl-certs.sh @@ -11,6 +11,9 @@ fi echo "Generating self-signed certificates..." mkdir -p ./config/sslcerts openssl genrsa -out ./config/sslcerts/key.pem -aes256 1024 +openssl rsa -in ./config/sslcerts/key.pem -out ./config/sslcerts/newkey.pem +rm ./config/sslcerts/key.pem +mv ./config/sslcerts/newkey.pem ./config/sslcerts/key.pem openssl req -new -key ./config/sslcerts/key.pem -out ./config/sslcerts/csr.pem openssl x509 -req -days 9999 -in ./config/sslcerts/csr.pem -signkey ./config/sslcerts/key.pem -out ./config/sslcerts/cert.pem rm ./config/sslcerts/csr.pem