diff --git a/changes/GH-8090.other b/changes/GH-8090.other
new file mode 100644
index 00000000000..a9941e2d031
--- /dev/null
+++ b/changes/GH-8090.other
@@ -0,0 +1 @@
+Add policy template for Docker Compose deployments. [buchi]
diff --git a/opengever/policytemplates/cli.py b/opengever/policytemplates/cli.py
index 6e123aabac5..d003373d7ea 100644
--- a/opengever/policytemplates/cli.py
+++ b/opengever/policytemplates/cli.py
@@ -21,18 +21,30 @@ def run(self):
args.append('-O')
args.append(target_dir)
- policy = input("What policy type do you want to create?\n 1: GEVER \n 2: Teamraum\n")
+ policy = input(
+ "What policy type do you want to create?\n"
+ " 1: GEVER (Compose)\n"
+ " 2: Teamraum (Compose)\n"
+ " 3: GEVER (Buildout)\n"
+ " 4: Teamraum (Buildout)\n"
+ )
if policy == 1:
+ template = 'opengever.policytemplates:compose_template'
init_file = 'opengever/policytemplates/gever.ini'
elif policy == 2:
+ template = 'opengever.policytemplates:compose_template'
+ init_file = 'opengever/policytemplates/teamraum.ini'
+ elif policy == 3:
+ template = 'opengever.policytemplates:policy_template'
+ init_file = 'opengever/policytemplates/gever.ini'
+ elif policy == 4:
+ template = 'opengever.policytemplates:policy_template'
init_file = 'opengever/policytemplates/teamraum.ini'
else:
print('Invalid choice')
sys.exit()
- template = 'opengever.policytemplates:policy_template'
args.append(template)
-
args.append('--config={}'.format(init_file))
if 'opengever.core.testserver.OPENGEVER_TESTSERVER' in remainder:
remainder.remove('opengever.core.testserver.OPENGEVER_TESTSERVER')
diff --git a/opengever/policytemplates/compose_template/.mrbob.ini b/opengever/policytemplates/compose_template/.mrbob.ini
new file mode 100644
index 00000000000..8857e4d25c6
--- /dev/null
+++ b/opengever/policytemplates/compose_template/.mrbob.ini
@@ -0,0 +1,256 @@
+[template]
+post_render = opengever.policytemplates.hooks:post_render
+
+[questions]
+package.title.pre_ask_question = opengever.policytemplates.hooks:initialize
+
+package.title.question = Deployment title (e.g. Gemeinde Musterdorf)
+package.title.help = Used as deployment title and package title in readme and setup.py (e.g. Gemeinde Musterdorf).
+package.title.required = True
+package.title.post_ask_question = opengever.policytemplates.hooks:post_package_title
+
+package.name.question = Package name (e.g. musterdorf)
+package.name.help = 2nd part of package name in "opengever.packagename" (e.g. musterdorf).
+package.name.required = True
+package.name.post_ask_question = opengever.policytemplates.hooks:post_package_name
+
+package.url.question = Git Repository URL
+package.url.help = Example: https://github.com/someorganisation/opengever.musterdorf
+package.url.required = True
+
+base.domain.question = Domain
+base.domain.help = Example: barfuss.domain.tld
+base.domain.required = True
+base.domain.post_ask_question = opengever.policytemplates.hooks:post_base_domain
+
+base.ogds_db_name.question = OGDS DB Name
+base.ogds_db_name.required = True
+
+base.ogds_db_user.question = OGDS DB User
+base.ogds_db_user.default = zope
+base.ogds_db_user.required = True
+
+base.ogds_db_password.question = OGDS DB Password
+base.ogds_db_password.required = True
+
+base.apps_endpoint_url.question = Apps endpoint url
+base.apps_endpoint_url.required = True
+
+base.bumblebee_app_id.question = Bumblebee app id
+base.bumblebee_app_id.required = False
+
+base.bumblebee_secret.question = Bumblebee secret
+base.bumblebee_secret.required = False
+
+base.workspace_secret.question = Workspace secret
+base.workspace_secret.required = False
+
+deployment.mail_domain.question = Mail domain
+deployment.mail_domain.required = True
+
+deployment.mail_from_address.question = Mail from address
+deployment.mail_from.address.required = True
+
+base.server_name.question = Server name
+base.server_name.help = Example: hostname.domain.tld
+base.server_name.required = True
+base.server_name.post_ask_question = opengever.policytemplates.hooks:post_server_name
+
+base.deployment_number.question = Deployment number (e.g. 07)
+base.deployment_number.help = Two digits, e.g. 07
+base.deployment_number.required = True
+
+adminunit.title.question = AdminUnit title
+adminunit.title.required = True
+adminunit.title.post_ask_question = opengever.policytemplates.hooks:post_adminunit_title
+
+adminunit.id.question = AdminUnit id
+adminunit.id.required = True
+adminunit.id.post_ask_question = opengever.policytemplates.hooks:post_adminunit_id
+
+adminunit.abbreviation.question = AdminUnit abbreviation / reference number prefix
+adminunit.abbreviation.required = True
+
+adminunit.public_url.question = AdminUnit public_url
+adminunit.public_url.required = True
+
+adminunit.site_url.question = AdminUnit site_url
+adminunit.site_url.required = True
+
+orgunit.title.question = OrgUnit title
+orgunit.title.required = True
+
+orgunit.id.question = OrgUnit id
+orgunit.id.required = True
+
+deployment.ldap_bind_dn.question = LDAP Bind DN
+deployment.ldap_bind_dn.required = True
+
+deployment.ldap_bind_password.question = LDAP Bind Password
+deployment.ldap_bind_password.required = True
+
+deployment.ldap_ou.question = LDAP ou name
+deployment.ldap_ou.help = The base LDAP ou which contains a Groups and a Users ou. I.e. "ou=CustomerXY,ou=OneGovGEVER,dc=4teamwork,dc=ch"
+deployment.ldap_ou.required = True
+
+orgunit.users_group.question = Users group
+orgunit.users_group.required = True
+
+orgunit.inbox_group.question = Inbox group
+orgunit.inbox_group.required = True
+
+deployment.administrator_group.question = Administrator group
+deployment.administrator_group.required = True
+
+deployment.limited_admin_group.question = Limited admin group
+deployment.limited_admin_group.required = True
+
+deployment.rolemanager_group.question = Rolemanager group
+deployment.rolemanager_group.required = True
+
+deployment.records_manager_group.question = Records Manager group
+deployment.records_manager_group.required = True
+
+deployment.archivist_group.question = Archivist group
+deployment.archivist_group.required = True
+
+setup.use_lenient_dossier_resolver.question = Use lenient dossier resolver
+setup.use_lenient_dossier_resolver.required = True
+setup.use_lenient_dossier_resolver.default = true
+setup.use_lenient_dossier_resolver.post_ask_question = mrbob.hooks:to_boolean
+
+setup.enable_activity_feature.question = Enable activity feature
+setup.enable_activity_feature.required = True
+setup.enable_activity_feature.default = true
+setup.enable_activity_feature.post_ask_question = mrbob.hooks:to_boolean
+
+setup.enable_meeting_feature.question = Enable meeting feature
+setup.enable_meeting_feature.required = True
+setup.enable_meeting_feature.default = false
+setup.enable_meeting_feature.post_ask_question = opengever.policytemplates.hooks:post_enable_meeting_feature
+
+setup.enable_docproperty_feature.question = Enable docproperty feature
+setup.enable_docproperty_feature.required = True
+setup.enable_docproperty_feature.default = true
+setup.enable_docproperty_feature.post_ask_question = mrbob.hooks:to_boolean
+
+setup.nof_templates.question = Number of initial templates
+setup.nof_templates.default = 0
+setup.nof_templates.post_ask_question = opengever.policytemplates.hooks:post_nof_templates
+
+setup.maximum_repository_depth.question = Maximum repository depth
+setup.maximum_repository_depth.post_ask_question = opengever.policytemplates.hooks:post_maximum_repository_depth
+
+setup.reference_prefix_starting_point.question = Reference prefix starting point
+setup.reference_prefix_starting_point.post_ask_question = opengever.policytemplates.hooks:post_reference_prefix_starting_point
+
+setup.reference_number_formatter.question = Reference number formatter (dotted|grouped_by_three|no_client_id_dotted)
+setup.reference_number_formatter.choices = dotted;grouped_by_three;no_client_id_dotted
+setup.reference_number_formatter.choices_case_sensitive = yes
+setup.reference_number_formatter.choices_delimiter = ;
+setup.reference_number_formatter.post_ask_question = opengever.policytemplates.hooks:post_reference_number_formatter
+
+setup.maximum_dossier_depth.question = Maximum dossier depth
+setup.maximum_dossier_depth.post_ask_question = opengever.policytemplates.hooks:post_maximum_dossier_depth
+
+setup.maximum_mail_size.question = Maximum mail size (MB)
+setup.maximum_mail_size.post_ask_question = opengever.policytemplates.hooks:post_maximum_mail_size
+
+setup.preserved_as_paper.question = "Preserved as paper" default
+setup.preserved_as_paper.required = True
+setup.preserved_as_paper.default = true
+setup.preserved_as_paper.post_ask_question = mrbob.hooks:to_boolean
+
+setup.enable_private_folder.question = Enable private folder feature
+setup.enable_private_folder.required = True
+setup.enable_private_folder.default = true
+setup.enable_private_folder.post_ask_question = mrbob.hooks:to_boolean
+
+setup.dossier_templates.question = Enable dossier template feature
+setup.dossier_templates.required = True
+setup.dossier_templates.default = true
+setup.dossier_templates.post_ask_question = mrbob.hooks:to_boolean
+
+setup.ech0147_export.question = Enable ech0147 export feature
+setup.ech0147_export.required = True
+setup.ech0147_export.default = false
+setup.ech0147_export.post_ask_question = mrbob.hooks:to_boolean
+
+setup.ech0147_import.question = Enable ech0147 import feature
+setup.ech0147_import.required = True
+setup.ech0147_import.default = false
+setup.ech0147_import.post_ask_question = mrbob.hooks:to_boolean
+
+setup.officeatwork.question = Enable Office at Work feature
+setup.officeatwork.required = True
+setup.officeatwork.default = false
+setup.officeatwork.post_ask_question = mrbob.hooks:to_boolean
+
+setup.officeconnector_attach.question = Enable Officeconnector attach to Outlook feature
+setup.officeconnector_attach.required = True
+setup.officeconnector_attach.default = true
+setup.officeconnector_attach.post_ask_question = mrbob.hooks:to_boolean
+
+setup.officeconnector_checkout.question = Enable Officeconnector direct checkout and edit feature
+setup.officeconnector_checkout.required = True
+setup.officeconnector_checkout.default = true
+setup.officeconnector_checkout.post_ask_question = mrbob.hooks:to_boolean
+
+setup.repositoryfolder_documents_tab.question = Show documents tab in repository folders
+setup.repositoryfolder_documents_tab.required = True
+setup.repositoryfolder_documents_tab.default = true
+setup.repositoryfolder_documents_tab.post_ask_question = mrbob.hooks:to_boolean
+
+setup.repositoryfolder_tasks_tab.question = Show tasks tab in repository folders
+setup.repositoryfolder_tasks_tab.required = True
+setup.repositoryfolder_tasks_tab.default = true
+setup.repositoryfolder_tasks_tab.post_ask_question = mrbob.hooks:to_boolean
+
+setup.repositoryfolder_proposals_tab.question = Show proposals tab in repository folders
+setup.repositoryfolder_proposals_tab.required = True
+setup.repositoryfolder_proposals_tab.default = true
+setup.repositoryfolder_proposals_tab.post_ask_question = mrbob.hooks:to_boolean
+
+deployment.workspace_creators_group.question = Workspace creators group
+deployment.workspace_creators_group.default = tr_creators
+deployment.workspace_creators_group.required = False
+
+deployment.workspace_users_group.question = Workspace users group
+deployment.workspace_users_group.default = tr_users
+deployment.workspace_users_group.required = False
+
+setup.invitation_group_dn.question = Invitation Group DN
+setup.invitation_group_dn.help = If not set, the OrgUnit's users_group_id is used.
+
+setup.hubspot.question = Enable HubSpot feature
+setup.hubspot.required = True
+setup.hubspot.default = false
+setup.hubspot.post_ask_question = mrbob.hooks:to_boolean
+
+setup.bumblebee_auto_refresh.question = Enable Bumblebee auto refresh
+setup.bumblebee_auto_refresh.required = True
+setup.bumblebee_auto_refresh.default = true
+setup.bumblebee_auto_refresh.post_ask_question = mrbob.hooks:to_boolean
+
+setup.enable_workspace_meeting_feature.question = Enable Workspace meeting feature
+setup.enable_workspace_meeting_feature.required = True
+setup.enable_workspace_meeting_feature.default = true
+setup.enable_workspace_meeting_feature.post_ask_question = mrbob.hooks:to_boolean
+
+setup.enable_todo_feature.question = Enable ToDo feature
+setup.enable_todo_feature.required = True
+setup.enable_todo_feature.default = true
+setup.enable_todo_feature.post_ask_question = mrbob.hooks:to_boolean
+
+ianus.db_name.question = Ianus DB Name
+ianus.db_name.required = True
+ianus.db_name.pre_ask_question = opengever.policytemplates.hooks:pre_ianus_db_name
+
+ianus.db_user.question = Ianus DB User
+ianus.db_user.required = True
+
+ianus.db_password.question = Ianus DB Password
+ianus.db_password.required = True
+
+ianus.db_host.question = Ianus DB Host
+ianus.db_host.required = True
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/.gitattributes b/opengever/policytemplates/compose_template/opengever.+package.name+/.gitattributes
new file mode 100644
index 00000000000..9a2090f55f3
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/.gitattributes
@@ -0,0 +1,2 @@
+*.env filter=sops-dotenv
+*.env diff=sops-diff
\ No newline at end of file
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/.gitignore b/opengever/policytemplates/compose_template/opengever.+package.name+/.gitignore
new file mode 100644
index 00000000000..f9be736b7e4
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/.gitignore
@@ -0,0 +1,9 @@
+.DS_Store
+*.mo
+*.pyc
+*.pyo
+/var/
+.age.key
+compose.yaml
+compose.override.yaml
+.env
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/.sops.yaml b/opengever/policytemplates/compose_template/opengever.+package.name+/.sops.yaml
new file mode 100644
index 00000000000..33489f1e003
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/.sops.yaml
@@ -0,0 +1,6 @@
+creation_rules:
+ - encrypted_regex: "(_SECRET|_PASSWORD|_USER|_BIND_DN|_SECRET_KEY)$"
+ mac_only_encrypted: true
+ key_groups:
+ - age:
+ - replace_with_age_public_key
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/.tokenauth_keys/.gitignore b/opengever/policytemplates/compose_template/opengever.+package.name+/.tokenauth_keys/.gitignore
new file mode 100644
index 00000000000..d6b7ef32c84
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/.tokenauth_keys/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/bin/setup-sops.sh b/opengever/policytemplates/compose_template/opengever.+package.name+/bin/setup-sops.sh
new file mode 100755
index 00000000000..d8c36c26423
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/bin/setup-sops.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+if ! [ -x "$(command -v sops)" ]; then
+ echo 'Error: sops command not found.' >&2
+ exit 1
+fi
+if ! [ -x "$(command -v age)" ]; then
+ echo 'Error: age command not found.' >&2
+ exit 1
+fi
+
+root_dir=$(git rev-parse --show-toplevel)
+if [ ! -f "$root_dir/.age.key" ]; then
+ if [ -x "$(command -v op)" ]; then
+ echo "No age key found. Retrieving from 1Password..."
+ repo_name="$(basename $(git remote get-url origin))"
+ repo_name="${repo_name%.git}"
+ op read "op://SOPS/${repo_name}/notesPlain" -o "${root_dir}/.age.key"
+ else
+ echo "Error: age key not found."
+ exit 1
+ fi
+fi
+
+git config --local filter.sops-dotenv.clean "./bin/sops-encrypt.sh %f"
+git config --local filter.sops-dotenv.smudge "./bin/sops-decrypt.sh"
+git config --local filter.sops-dotenv.required true
+git config --local diff.sops-diff.textconv cat
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/bin/sops-decrypt.sh b/opengever/policytemplates/compose_template/opengever.+package.name+/bin/sops-decrypt.sh
new file mode 100755
index 00000000000..da846765a02
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/bin/sops-decrypt.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+export SOPS_AGE_KEY_FILE=$(pwd)/.age.key
+sops --decrypt --input-type dotenv --output-type dotenv /dev/stdin
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/bin/sops-encrypt.sh b/opengever/policytemplates/compose_template/opengever.+package.name+/bin/sops-encrypt.sh
new file mode 100755
index 00000000000..54aa5a06ad7
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/bin/sops-encrypt.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+export SOPS_AGE_KEY_FILE=$(pwd)/.age.key
+
+INPUT=$(cat)
+ENCRYPTED=$(sops --encrypt --input-type dotenv --output-type dotenv /dev/stdin <<<"${INPUT}")
+CONTENTS=$(git cat-file -p "HEAD:${1}" 2>/dev/null)
+DECRYPTED=$(sops --decrypt --input-type dotenv --output-type dotenv /dev/stdin <<<"${CONTENTS}" 2>/dev/null)
+
+if [[ -z "${CONTENTS}" || "${DECRYPTED}" != "${INPUT}" ]]
+then
+ echo "${ENCRYPTED}"
+else
+ echo "${CONTENTS}"
+fi
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/compose-+base.short_server_name+-+base.deployment_number+-+base.domain+.env.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-+base.short_server_name+-+base.deployment_number+-+base.domain+.env.bob
new file mode 100644
index 00000000000..89798662e1c
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-+base.short_server_name+-+base.deployment_number+-+base.domain+.env.bob
@@ -0,0 +1,60 @@
+GEVERUI_VERSION=2024.16.0
+OGCORE_VERSION=2024.16.0
+ZEOSERVER_VERSION=4.3.20
+SOLR_VERSION=8.11.4
+OGDS_SYNC_VERSION=2024.4.1
+HAPROXY_VERSION=3.0-alpine
+IANUS_VERSION=2024.3.1
+#
+DEPLOYMENT_NUMBER={{{base.deployment_number}}}
+POLICY_NAME={{{package.name}}}
+CLIENT_ID={{{adminunit.id}}}
+OGCORE_REPLICAS=4
+ZODB_CACHE_SIZE=100000
+OGCORE_MEMORY_LIMIT=1200mb
+SOLR_MEMORY_LIMIT=2048mb
+SOLR_JAVA_MEM=-Xms512m -Xmx2048m -Xss256k
+#
+APPS_ENDPOINT_URL={{{base.apps_endpoint_url}}}
+{{% if is_gever %}}
+TEAMRAUM_URL=https://{{{package.name}}}.teamraum.ch
+{{% endif %}}
+{{% if is_teamraum %}}
+WORKSPACE_SECRET={{{base.workspace_secret}}}
+{{% endif %}}
+#
+SMTP_HOST={{{base.server_name}}}
+#
+OGDS_DB_HOST={{{base.server_name}}}
+OGDS_DB_NAME={{{base.ogds_db_name}}}
+OGDS_DB_USER={{{base.ogds_db_user}}}
+OGDS_DB_PASSWORD={{{base.ogds_db_password}}}
+#
+LDAP_PROFILE=DS389
+LDAP_SERVER_URI=ldaps://ldap.4teamwork.ch
+LDAP_BIND_DN={{{deployment.ldap_bind_dn}}}
+LDAP_BIND_PASSWORD={{{deployment.ldap_bind_password}}}
+LDAP_USER_BASE_DN=ou=GEVER,ou=Users,ou={{{deployment.ldap_ou}}},ou=OneGovGEVER,dc=4teamwork,dc=ch
+LDAP_GROUP_BASE_DN=ou=Groups,ou={{{deployment.ldap_ou}}},ou=OneGovGEVER,dc=4teamwork,dc=ch
+SYNC_INTERVAL=3600
+#
+BUMBLEBEE_APP_ID={{{base.bumblebee_app_id}}}
+BUMBLEBEE_INTERNAL_PLONE_URL=https://{{{base.domain}}}/
+BUMBLEBEE_PUBLIC_URL=https://{{{base.domain}}}/
+BUMBLEBEE_SECRET={{{base.bumblebee_secret}}}
+#
+RAVEN_TAGS={"cluster": "{{{base.domain}}}"}
+#
+IANUS_ALLOWED_HOSTS={{{base.domain}}}
+IANUS_SECRET_KEY={{{ianus.secret_key}}}
+IANUS_DATABASE_NAME={{{ianus.db_name}}}
+IANUS_DATABASE_USER={{{ianus.db_user}}}
+IANUS_DATABASE_PASSWORD={{{ianus.db_password}}}
+IANUS_DATABASE_HOST={{{ianus.db_host}}}
+IANUS_DATABASE_PORT=5432
+IANUS_TWO_FACTOR_REQUIRED=False
+IANUS_TWO_FACTOR_ENABLED=True
+IANUS_DEFAULT_FROM_EMAIL=noreply@onegovgever.ch
+{{% if is_teamraum %}}
+IANUS_BRANDING_THEME=teamraum
+{{% endif %}}
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/compose-+base.short_server_name+-+base.deployment_number+-+base.domain+.yaml.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-+base.short_server_name+-+base.deployment_number+-+base.domain+.yaml.bob
new file mode 100644
index 00000000000..23ed31eef7a
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-+base.short_server_name+-+base.deployment_number+-+base.domain+.yaml.bob
@@ -0,0 +1,4 @@
+include:
+ - compose-deployment.yaml
+ - compose-geverui.yaml
+ - compose-ianus.yaml
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/compose-deployment.yaml b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-deployment.yaml
new file mode 100644
index 00000000000..a104b7fde9a
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-deployment.yaml
@@ -0,0 +1,161 @@
+services:
+
+ ogcore: &ogcore
+ image: docker.io/4teamwork/ogcore:${OGCORE_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ volumes:
+ - ogcore_data:/data
+ - ./opengever/${POLICY_NAME}:/app/opengever/${POLICY_NAME}:ro
+ - ./.tokenauth_keys:/home/plone/.opengever/ftw_tokenauth_keys:ro
+ ports:
+ - "1${DEPLOYMENT_NUMBER:-01}01-1${DEPLOYMENT_NUMBER:-01}0${OGCORE_REPLICAS:-2}:8080"
+ environment: &ogcore-environment
+ APPS_ENDPOINT_URL: ${APPS_ENDPOINT_URL}
+ BUMBLEBEE_APP_ID: ${BUMBLEBEE_APP_ID}
+ BUMBLEBEE_INTERNAL_PLONE_URL: ${BUMBLEBEE_INTERNAL_PLONE_URL}
+ BUMBLEBEE_PUBLIC_URL: ${BUMBLEBEE_PUBLIC_URL}
+ BUMBLEBEE_SECRET: ${BUMBLEBEE_SECRET}
+ FTW_ZOPEMASTER_SLACK_WEBHOOK: ${FTW_ZOPEMASTER_SLACK_WEBHOOK:-}
+ GEVER_COLORIZATION: ${GEVER_COLORIZATION:-}
+ MSGCONVERT_URL: http://msgconvert:8080/
+ OGDS_SYNC_URL: http://ogds-sync:8080/
+ OGDS_URL: postgresql+psycopg2://${OGDS_DB_USER:-ogds}:${OGDS_DB_PASSWORD:-secret}@${OGDS_DB_HOST:-ogds}:5432/${OGDS_DB_NAME:-ogds}
+ PDFLATEX_URL: http://pdflatex:8080/
+ RAVEN_DSN: ${RAVEN_DSN:-}
+ RAVEN_PROJECT_DIST: ${RAVEN_PROJECT_DIST:-opengever.core}
+ RAVEN_TAGS: ${RAVEN_TAGS:-}
+ SABLON_URL: http://sablon:8080/
+ SMTP_HOST: ${SMTP_HOST:-localhost}
+ SOLR_BASE: /solr/${CLIENT_ID}
+ TEAMRAUM_URL: ${TEAMRAUM_URL:-}
+ TUS_TMP_FILE_DIR: /data/tus-uploads
+ WEASYPRINT_URL: http://weasyprint:8080/
+ WORKSPACE_SECRET: ${WORKSPACE_SECRET:-}
+ ZCML_PACKAGE_INCLUDES: opengever.${POLICY_NAME}.${CLIENT_ID}
+ ZODB_CACHE_SIZE: ${ZODB_CACHE_SIZE:-100000}
+ depends_on:
+ zeoserver:
+ condition: service_healthy
+ solr:
+ condition: service_started
+ ogds-sync:
+ condition: service_started
+ networks:
+ - default
+ - shared-services
+ restart: always
+ deploy:
+ replicas: ${OGCORE_REPLICAS:-2}
+ resources:
+ limits:
+ memory: ${OGCORE_MEMORY_LIMIT:-1200mb}
+
+ ogcore-cron:
+ <<: *ogcore
+ command: cron
+ ports: []
+ deploy:
+ replicas: 1
+
+ ogcore-debug:
+ <<: *ogcore
+ ports:
+ - "1${DEPLOYMENT_NUMBER}00:8080"
+ stdin_open: true
+ tty: true
+ deploy:
+ replicas: 1
+ profiles:
+ - debug
+
+ zeoserver:
+ image: docker.io/4teamwork/zeoserver:${ZEOSERVER_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ volumes:
+ - ogcore_data:/data
+ restart: always
+ deploy:
+ resources:
+ limits:
+ memory: 1500mb
+ healthcheck:
+ test: ["CMD-SHELL", "nc -z localhost 8100 || exit 1"]
+ interval: 10s
+ timeout: 5s
+ retries: 5
+
+ solr: &solr
+ image: docker.io/4teamwork/ogsolr:${SOLR_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ command: solr-foreground
+ volumes:
+ - solr_data:/var/solr/data
+ environment:
+ SOLR_CORES: ${CLIENT_ID:-ogsite}
+ SOLR_JAVA_MEM: ${SOLR_JAVA_MEM:--Xms512m -Xmx1g}
+ ports:
+ - 1${DEPLOYMENT_NUMBER}30:8983
+ restart: always
+ deploy:
+ resources:
+ limits:
+ memory: ${SOLR_MEMORY_LIMIT:-2048mb}
+
+ solr-di:
+ <<: *solr
+ volumes:
+ - solr_data:/solr-data
+ ports:
+ - 1${DEPLOYMENT_NUMBER}31:8983
+ profiles:
+ - solr-di
+
+ ogds-sync:
+ image: docker.io/4teamwork/ogds-sync:${OGDS_SYNC_VERSION}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ environment:
+ - OGDS_DSN=postgresql://${OGDS_DB_USER:-ogds}:${OGDS_DB_PASSWORD:-secret}@${OGDS_DB_HOST:-ogds}/${OGDS_DB_NAME:-ogds}
+ - LDAP_PROFILE=${LDAP_PROFILE}
+ - LDAP_URL=${LDAP_SERVER_URI}
+ - LDAP_BIND_DN=${LDAP_BIND_DN}
+ - LDAP_BIND_PASSWORD=${LDAP_BIND_PASSWORD}
+ - LDAP_USER_BASE_DN=${LDAP_USER_BASE_DN}
+ - LDAP_GROUP_BASE_DN=${LDAP_GROUP_BASE_DN}
+ - SYNC_INTERVAL=${SYNC_INTERVAL:-3600}
+ restart: always
+ deploy:
+ resources:
+ limits:
+ memory: 500mb
+
+ haproxy:
+ image: docker.io/haproxy:${HAPROXY_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ volumes:
+ - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
+ ports:
+ - 1${DEPLOYMENT_NUMBER:-01}50:8000
+ - 1${DEPLOYMENT_NUMBER:-01}51:8800
+ restart: always
+ deploy:
+ resources:
+ limits:
+ memory: 200mb
+
+volumes:
+ ogcore_data:
+ solr_data:
+
+networks:
+ shared-services:
+ external: true
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/compose-geverui.yaml b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-geverui.yaml
new file mode 100644
index 00000000000..7d916ecc64f
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-geverui.yaml
@@ -0,0 +1,14 @@
+services:
+
+ geverui:
+ image: ghcr.io/4teamwork/gever-ui:${GEVERUI_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ ports:
+ - "1${DEPLOYMENT_NUMBER}80:80"
+ restart: always
+ deploy:
+ resources:
+ limits:
+ memory: 100mb
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/compose-ianus.yaml b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-ianus.yaml
new file mode 100644
index 00000000000..5195d11efaa
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/compose-ianus.yaml
@@ -0,0 +1,59 @@
+services:
+
+ ianus-frontend:
+ image: ghcr.io/4teamwork/ianus-frontend:${IANUS_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ ports:
+ - "1${DEPLOYMENT_NUMBER}40:80"
+ depends_on:
+ - ianus-backend
+ environment:
+ - IANUS_BACKEND_HOST=ianus-backend
+ - IANUS_PATH_PREFIX=/portal
+ restart: always
+
+ ianus-backend:
+ image: ghcr.io/4teamwork/ianus-backend:${IANUS_VERSION:-latest}
+ labels:
+ - ch.onegovgever.client_id=${CLIENT_ID}
+ - ch.onegovgever.hostname=${HOSTNAME:-localhost}
+ environment:
+ - BRANDING_THEME=${IANUS_BRANDING_THEME:-ogg}
+ - DJANGO_SECRET_KEY=${IANUS_SECRET_KEY:-secret}
+ - DJANGO_ALLOWED_HOSTS=${IANUS_ALLOWED_HOSTS:-localhost}
+ - DJANGO_PATH_PREFIX=/portal
+ - DJANGO_DATABASE_NAME=${IANUS_DATABASE_NAME:-ianus}
+ - DJANGO_DATABASE_USER=${IANUS_DATABASE_USER:-ianus}
+ - DJANGO_DATABASE_PASSWORD=${IANUS_DATABASE_PASSWORD:-secret}
+ - DJANGO_DATABASE_HOST=${IANUS_DATABASE_HOST:-ianus-db}
+ - DJANGO_DATABASE_PORT=${IANUS_DATABASE_PORT:-5432}
+ - DJANGO_AUTH_LDAP_BIND_DN=${LDAP_BIND_DN}
+ - DJANGO_AUTH_LDAP_BIND_PASSWORD=${LDAP_BIND_PASSWORD}
+ - DJANGO_AUTH_LDAP_SERVER_URI=${LDAP_SERVER_URI}
+ - DJANGO_AUTH_LDAP_USER_BASE_DN=${LDAP_USER_BASE_DN}
+ - DJANGO_AUTH_LDAP_USER_SEARCH_FILTER=${IANUS_AUTH_LDAP_USER_SEARCH_FILTER:-(uid=%(user)s)}
+ - DJANGO_AUTH_LDAP_USER_OBJECTCLASS=${IANUS_AUTH_LDAP_USER_OBJECTCLASS:-top,person,organizationalPerson,inetUser,inetOrgPerson}
+ - DJANGO_OIDC_RP_SIGN_ALGO=HS256
+ - DJANGO_TWO_FACTOR_REQUIRED=${IANUS_TWO_FACTOR_REQUIRED:-False}
+ - DJANGO_TWO_FACTOR_ENABLED=${IANUS_TWO_FACTOR_ENABLED:-True}
+ - DJANGO_TWO_FACTOR_SETUP_ALLOWED=${IANUS_TWO_FACTOR_SETUP_ALLOWED:-True}
+ - DJANGO_TWO_FACTOR_WHITELIST=${IANUS_TWO_FACTOR_WHITELIST:-127.0.0.1}
+ - DJANGO_AUTH_LDAP_GROUP_BASE_DN=${LDAP_GROUP_BASE_DN}
+ - DJANGO_AUTH_LDAP_GROUP_TYPE_CLASS=${IANUS_AUTH_LDAP_GROUP_TYPE_CLASS:-django_auth_ldap.config.GroupOfUniqueNamesType}
+ - DJANGO_AUTH_LDAP_GROUP_MEMBER_ATTR=${IANUS_AUTH_LDAP_GROUP_MEMBER_ATTR:-uniqueMember}
+ - DJANGO_AUTH_LDAP_GROUP_SEARCH_FILTER=${IANUS_AUTH_LDAP_GROUP_SEARCH_FILTER:-(objectClass=groupOfUniqueNames)}
+ - DJANGO_AUTH_REGISTRATION_BACKEND=${IANUS_AUTH_REGISTRATION_BACKEND:-LDAPRegistrationBackend}
+ - DJANGO_AUTH_REGISTRATION_GROUP_DN=${IANUS_AUTH_REGISTRATION_GROUP_DN:-}
+ - DJANGO_AUTH_LDAP_USER_REGISTRATION_BASE_DN=${IANUS_AUTH_LDAP_USER_REGISTRATION_BASE_DN:-}
+ - DJANGO_CAS_USER_ATTR_MAP=${IANUS_CAS_USER_ATTR_MAP:-{"email":"mail","firstname":"givenName","lastname":"sn","groups":"memberOf","full_name":"displayName"}}
+ - DJANGO_ONBOARDING_ENABLED=${IANUS_ONBOARDING_ENABLED:-False}
+ - DJANGO_CHANGE_PASSWORD_ENABLED=${IANUS_CHANGE_PASSWORD_ENABLED:-False}
+ - DJANGO_RESET_PASSWORD_ENABLED=${IANUS_RESET_PASSWORD_ENABLED:-False}
+ - DJANGO_DEFAULT_FROM_EMAIL=${IANUS_DEFAULT_FROM_EMAIL}
+ - DJANGO_EMAIL_HOST=${SMTP_HOST:-localhost}
+ - DJANGO_LDAP_MANAGE_USERS=${IANUS_LDAP_MANAGE_USERS:-False}
+ - DJANGO_TWO_FACTOR_MANAGEMENT_ENABLED=${IANUS_TWO_FACTOR_MANAGEMENT_ENABLED:-False}
+ - IANUS_INVITATION_SIGNATURE_SECRET_KEY=${WORKSPACE_SECRET:-}
+ restart: always
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/haproxy.cfg b/opengever/policytemplates/compose_template/opengever.+package.name+/haproxy.cfg
new file mode 100644
index 00000000000..ac2d3b7d20d
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/haproxy.cfg
@@ -0,0 +1,35 @@
+global
+ stats socket /var/lib/haproxy/stats user haproxy group haproxy mode 660 level admin expose-fd listeners
+ log stdout format raw local0 info
+ maxconn 100
+
+defaults
+ mode http
+ timeout client 5m
+ timeout connect 10s
+ timeout server 5m
+ timeout http-request 10s
+ log global
+
+resolvers dockerdns
+ nameserver dns 127.0.0.11:53
+ accepted_payload_size 8192 # allow larger DNS payloads
+
+frontend stats
+ bind *:8800
+ mode http
+ stats enable
+ stats uri /
+ stats refresh 10s
+
+frontend ogcore
+ bind :8000
+ default_backend ogcore
+
+backend ogcore
+ balance leastconn
+ option tcp-check
+ tcp-check connect
+ tcp-check send health_check\r\n
+ tcp-check expect string OK
+ server-template ogcore 4 ogcore:8080 check port 8160 resolvers dockerdns init-addr none
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/__init__.py b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/configure.zcml.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/configure.zcml.bob
new file mode 100644
index 00000000000..984e05a55ce
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/configure.zcml.bob
@@ -0,0 +1,92 @@
+
+
+
+
+
+{{% if is_gever %}}
+
+
+
+
+{{% endif %}}
+
+
+
+{{% if is_teamraum %}}
+
+{{% endif %}}
+
+
+
+{{% if is_gever %}}
+
+
+{{% endif %}}
+{{% if is_teamraum %}}
+
+
+{{% endif %}}
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/hooks.py.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/hooks.py.bob
new file mode 100644
index 00000000000..24a9f74bc11
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/hooks.py.bob
@@ -0,0 +1,7 @@
+{{% if setup.enable_private_folder %}}
+from opengever.private import enable_opengever_private
+
+
+def default_content_installed(site):
+ enable_opengever_private()
+{{% endif %}}
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/metadata.xml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/metadata.xml
new file mode 100644
index 00000000000..26c2f623836
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/metadata.xml
@@ -0,0 +1,2 @@
+
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/portal_languages.xml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/portal_languages.xml
new file mode 100644
index 00000000000..c94efaaf818
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/portal_languages.xml
@@ -0,0 +1,11 @@
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/registry.xml.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/registry.xml.bob
new file mode 100644
index 00000000000..07db64b8900
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/registry.xml.bob
@@ -0,0 +1,158 @@
+
+
+
+ {{{adminunit.title}}}
+
+
+
+ True
+ {{{setup.bumblebee_auto_refresh}}}
+
+
+
+ False
+
+
+
+ True
+
+
+{{% if not setup.enable_activity_feature %}}
+
+
+ False
+
+
+{{% endif %}}
+{{% if setup.officeconnector_attach or setup.officeconnector_checkout%}}
+
+{{% if setup.officeconnector_attach %}}
+ True
+{{% endif %}}
+{{% if setup.officeconnector_checkout %}}
+ True
+{{% endif %}}
+
+
+{{% endif %}}
+{{% if setup.maximum_mail_size %}}
+
+ {{{setup.maximum_mail_size}}}
+
+
+{{% endif %}}
+{{% if setup.hubspot %}}
+
+ True
+
+
+{{% endif %}}
+{{% if is_gever %}}
+{{% if setup.enable_meeting_feature %}}
+
+
+ True
+
+
+{{% endif %}}
+{{% if setup.enable_docproperty_feature %}}
+
+ True
+
+
+{{% endif %}}
+{{% if setup.dossier_templates %}}
+
+ True
+
+
+{{% endif %}}
+{{% if setup.ech0147_export %}}
+
+ True
+
+
+{{% endif %}}
+{{% if setup.ech0147_import %}}
+
+ True
+
+
+{{% endif %}}
+{{% if setup.officeatwork %}}
+
+ True
+
+
+{{% endif %}}
+{{% if setup.maximum_repository_depth or setup.repositoryfolder_documents_tab or setup.repositoryfolder_tasks_tab
+ or setup.repositoryfolder_proposals_tab %}}
+
+{{% if setup.maximum_repository_depth %}}
+ {{{setup.maximum_repository_depth}}}
+{{% endif %}}
+{{% if setup.repositoryfolder_documents_tab %}}
+ True
+{{% endif %}}
+{{% if setup.repositoryfolder_tasks_tab %}}
+ True
+{{% endif %}}
+{{% if setup.repositoryfolder_proposals_tab %}}
+ True
+{{% endif %}}
+
+
+{{% endif %}}
+{{% if setup.reference_number_formatter or setup.reference_prefix_starting_point %}}
+
+{{% if setup.reference_number_formatter %}}
+ {{{setup.reference_number_formatter}}}
+{{% endif %}}
+{{% if setup.reference_prefix_starting_point %}}
+ {{{setup.reference_prefix_starting_point}}}
+{{% endif %}}
+
+
+{{% endif %}}
+{{% if setup.maximum_dossier_depth %}}
+
+ {{{setup.maximum_dossier_depth}}}
+
+
+{{% endif %}}
+{{% if setup.use_lenient_dossier_resolver %}}
+
+ lenient
+
+
+{{% endif %}}
+{{% if not setup.preserved_as_paper %}}
+
+ False
+
+
+{{% endif %}}
+{{% endif %}}
+{{% if is_teamraum %}}
+
+ True
+ {{% if setup.invitation_group_dn %}}
+ {{{setup.invitation_group_dn}}}
+ {{% endif %}}
+
+
+{{% if not setup.enable_workspace_meeting_feature %}}
+
+ False
+
+
+{{% endif %}}
+
+{{% if not setup.enable_todo_feature %}}
+
+ False
+
+
+{{% endif %}}
+{{% endif %}}
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/rolemap.xml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/rolemap.xml
new file mode 100644
index 00000000000..3b5fea197b5
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default/rolemap.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/metadata.xml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/metadata.xml
new file mode 100644
index 00000000000..11915bec8c7
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/metadata.xml
@@ -0,0 +1,3 @@
+
+ 1
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/01-initial-structure.json.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/01-initial-structure.json.bob
new file mode 100644
index 00000000000..cd2c62411c3
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/01-initial-structure.json.bob
@@ -0,0 +1,41 @@
+[
+ {
+ "_path": "private",
+ "_type": "opengever.private.root",
+ "title_de": "Meine Ablage",
+ "title_fr": "Dossier personnel",
+ "title_en": "My repository"
+ },
+ {
+ "_path": "eingangskorb",
+ "_type": "opengever.inbox.inbox",
+ "title_de": "Eingangskorb",
+ "title_fr": "Boîte de réception",
+ "title_en": "Inbox",
+ "responsible_org_unit": "{{{orgunit.id}}}",
+ "_ac_local_roles": {
+ "{{{orgunit.inbox_group}}}": [
+ "Reader",
+ "Editor",
+ "Contributor"
+ ]
+ }
+ },
+ {
+ "_path": "vorlagen",
+ "_type": "opengever.dossier.templatefolder",
+ "title_de": "Vorlagen",
+ "title_fr": "Modèles",
+ "title_en": "Templates",
+ "_ac_local_roles": {
+ "{{{orgunit.users_group}}}": [
+ "Reader"
+ ],
+ "{{{orgunit.inbox_group}}}": [
+ "Contributor",
+ "Editor",
+ "Reader"
+ ]
+ }
+ }
+]
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/02-templates.json.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/02-templates.json.bob
new file mode 100644
index 00000000000..30261c76d90
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/02-templates.json.bob
@@ -0,0 +1,49 @@
+[
+ {
+ "_path": "/vorlagen/ms-word-template",
+ "_type": "opengever.document.document",
+ "title": "Word Dokument",
+ "file:file": "templates/empty-word-template.docx"
+ },
+ {
+ "_path": "/vorlagen/ms-powerpoint-template",
+ "_type": "opengever.document.document",
+ "title": "PowerPoint Präsentation",
+ "file:file": "templates/empty-powerpoint-template.pptx"
+ },
+ {
+ "_path": "/vorlagen/ms-excel-template",
+ "_type": "opengever.document.document",
+ "title": "Excel Arbeitsmappe",
+ "file:file": "templates/empty-excel-template.xlsx"
+ }{{% if setup.enable_meeting_feature or setup.nof_templates > 0 %}},{{% endif %}}
+ {{% if setup.enable_meeting_feature %}}
+ {
+ "_path": "/vorlagen/sablon-template-1",
+ "_type": "opengever.meeting.sablontemplate",
+ "title": "Protokoll",
+ "file:file": "templates/protokoll.docx"
+ },
+ {
+ "_path": "/vorlagen/sablon-template-2",
+ "_type": "opengever.meeting.sablontemplate",
+ "title": "Protokollauszug",
+ "file:file": "templates/protokollauszug.docx"
+ },
+ {
+ "_path": "/vorlagen/sablon-template-3",
+ "_type": "opengever.meeting.sablontemplate",
+ "title": "Traktandenliste",
+ "file:file": "templates/traktandenliste.docx"
+ }{{% if setup.nof_templates > 0 %}},{{% endif %}}
+{{% endif %}}
+{{% for template in range(setup.nof_templates) %}}
+ {
+ "_path": "/vorlagen/template-{{{loop.index}}}",
+ "_type": "opengever.document.document",
+ "title": "EDIT ME",
+ "file:file": "templates/EDIT ME"
+ }{{% if not loop.last %}},{{% endif %}}
+{{% endfor %}}
+
+]
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/03_committees.json.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/03_committees.json.bob
new file mode 100644
index 00000000000..1fbed5738d1
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/03_committees.json.bob
@@ -0,0 +1,18 @@
+[
+ {
+ "_path": "sitzungen",
+ "_type": "opengever.meeting.committeecontainer",
+ "title_de": "Sitzungen",
+ "title_fr": "Séances",
+ "title_en": "Meetings",
+ "_ac_local_roles": {
+ "{{{orgunit.users_group}}}": [
+ "MeetingUser"
+ ],
+ "{{{deployment.rolemanager_group}}}": [
+ "CommitteeAdministrator",
+ "MeetingUser"
+ ]
+ }
+ }
+]
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/.gitignore b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/.gitignore
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-excel-template.xlsx b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-excel-template.xlsx
new file mode 100644
index 00000000000..4054ae5965d
Binary files /dev/null and b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-excel-template.xlsx differ
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-powerpoint-template.pptx b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-powerpoint-template.pptx
new file mode 100644
index 00000000000..9ab682b3aef
Binary files /dev/null and b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-powerpoint-template.pptx differ
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-word-template.docx b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-word-template.docx
new file mode 100644
index 00000000000..fc54593ddac
Binary files /dev/null and b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_content/templates/empty-word-template.docx differ
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_repositories/.gitignore b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/default_content/opengever_repositories/.gitignore
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/metadata.xml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/metadata.xml
new file mode 100644
index 00000000000..11915bec8c7
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/metadata.xml
@@ -0,0 +1,3 @@
+
+ 1
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/unit_creation/admin_units.json.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/unit_creation/admin_units.json.bob
new file mode 100644
index 00000000000..2de627f9625
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/unit_creation/admin_units.json.bob
@@ -0,0 +1,10 @@
+[
+ {
+ "unit_id": "{{{adminunit.id}}}",
+ "title": "{{{adminunit.title}}}",
+ "ip_address": "127.0.0.1",
+ "site_url": "{{{adminunit.site_url}}}",
+ "public_url": "{{{adminunit.public_url}}}",
+ "abbreviation": "{{{adminunit.abbreviation}}}"
+ }
+]
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/unit_creation/org_units.json.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/unit_creation/org_units.json.bob
new file mode 100644
index 00000000000..19603d495a5
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/units/unit_creation/org_units.json.bob
@@ -0,0 +1,8 @@
+[
+ {
+ "inbox_group_name": "{{{orgunit.inbox_group}}}",
+ "users_group_name": "{{{orgunit.users_group}}}",
+ "admin_unit_id": "{{{adminunit.id}}}",
+ "unit_id": "{{{orgunit.id}}}",
+ "title": "{{{orgunit.title}}}"}
+]
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/workspaces_content/metadata.xml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/workspaces_content/metadata.xml
new file mode 100644
index 00000000000..11915bec8c7
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/workspaces_content/metadata.xml
@@ -0,0 +1,3 @@
+
+ 1
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/workspaces_content/opengever_content/01-initial-structure.json b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/workspaces_content/opengever_content/01-initial-structure.json
new file mode 100644
index 00000000000..ae0f9696292
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/profiles/workspaces_content/opengever_content/01-initial-structure.json
@@ -0,0 +1,9 @@
+[
+ {
+ "_path": "workspaces",
+ "_type": "opengever.workspace.root",
+ "title_de": "Teamräume",
+ "title_fr": "Espaces partagés",
+ "title_en": "Workspaces"
+ }
+]
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/upgrades/__init__.py b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/upgrades/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/upgrades/configure.zcml.bob b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/upgrades/configure.zcml.bob
new file mode 100644
index 00000000000..6dd33e4575e
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/+adminunit.id+/upgrades/configure.zcml.bob
@@ -0,0 +1,19 @@
+
+
+
+
+
+
+
+
+
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/__init__.py b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/configure.zcml b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/configure.zcml
new file mode 100644
index 00000000000..362dbd9e181
--- /dev/null
+++ b/opengever/policytemplates/compose_template/opengever.+package.name+/opengever/+package.name+/configure.zcml
@@ -0,0 +1 @@
+
diff --git a/opengever/policytemplates/hooks.py b/opengever/policytemplates/hooks.py
index 652953b05f5..d98b64d3cc4 100644
--- a/opengever/policytemplates/hooks.py
+++ b/opengever/policytemplates/hooks.py
@@ -9,7 +9,9 @@
from os.path import expanduser
from pkg_resources import resource_filename
import os
+import random
import shutil
+import string
POLICYTEMPLATE_DOTFILE_PATH = expanduser('~/.opengever/policytemplate.json')
@@ -79,6 +81,7 @@
'adminunit.title': 'Teamraum',
'adminunit.abbreviation': 'tr',
'adminunit.id': 'tr',
+ 'deployment.mail_from_address': 'noreply@teamraum.ch',
},
'gever': {
'setup.maximum_dossier_depth': DEFAULT_DOSSIER_DEPTH,
@@ -86,6 +89,7 @@
'setup.maximum_repository_depth': DEFAULT_REPOSITORY_DEPTH,
'setup.reference_number_formatter': DEFAULT_FORMATTER,
'setup.reference_prefix_starting_point': DEFAULT_PREFIX_STARTING_POINT,
+ 'deployment.mail_from_address': 'noreply@onegovgever.ch',
}
}
@@ -100,9 +104,9 @@ def initialize(configurator, question):
# For convenience we store is_teamraum and is_gever variables
configurator.variables['is_teamraum'] = configurator.variables.get('policy.type') == 'teamraum'
configurator.variables['is_gever'] = configurator.variables.get('policy.type') == 'gever'
+ filter_questions(configurator)
init_defaults(configurator)
init_values(configurator)
- filter_questions(configurator)
add_ignored_directories(configurator)
add_ignored_files(configurator)
@@ -132,6 +136,10 @@ def init_defaults(configurator):
def init_values(configurator):
configurator.variables.update(VARIABLE_VALUES[policy_type(configurator)])
+ configurator.variables.update({
+ 'ianus.secret_key': create_secret(length=40),
+ 'base.workspace_secret': create_secret(length=40),
+ })
def update_defaults(configurator, new_defaults):
@@ -231,6 +239,11 @@ def post_base_domain(configurator, question, answer):
return answer
+def post_server_name(configurator, question, answer):
+ configurator.variables['base.short_server_name'] = answer.split('.')[0]
+ return answer
+
+
def post_nof_templates(configurator, question, answer):
if not answer:
return ''
@@ -319,6 +332,16 @@ def post_render(configurator):
_copy_sablon_templates(content_path)
+def pre_ianus_db_name(configurator, question):
+ defaults = {
+ 'ianus.db_user': configurator.variables['base.ogds_db_user'],
+ 'ianus.db_password': configurator.variables['base.ogds_db_password'],
+ 'ianus.db_host': configurator.variables['base.server_name'],
+ }
+ update_defaults(configurator, defaults)
+ question.default = u'ianus_{}'.format(configurator.variables['package.name'])
+
+
def _copy_sablon_templates(content_path):
templates_path = os.path.join(content_path, 'templates')
@@ -339,3 +362,9 @@ def _get_sablon_template_paths():
filename)))
return paths
+
+
+def create_secret(length=32):
+ rand = random.SystemRandom()
+ return ''.join(
+ rand.choice(string.ascii_letters + string.digits) for _ in range(length))