Middlebury

Difference between revisions of "Deploying a new Drupal 8 site"

(Replaced content with " [https://middlebury.atlassian.net/wiki/spaces/WTASDOC/pages/23335971/Deploying+a+new+Drupal+8+site Moved to EWS wiki].")
Tag: Replaced
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
  
== Drupal Site Setup ==
+
[https://middlebury.atlassian.net/wiki/spaces/WTASDOC/pages/23335971/Deploying+a+new+Drupal+8+site Moved to EWS wiki].
 
 
=== Set up the varnish purger ===
 
 
 
#drush8 -y pm-enable purge purge_drush purge_queuer_coretags purge_tokens purge_ui varnish_purger varnish_purge_tags; drush8 -y cr;
 
#Go to '''/admin/config/development/performance/purge'''
 
#Click '''Add purger''' and add a '''Varnish purger'''
 
#Configure the varnish purger
 
##'''Name''': Varnish
 
##'''Type''': Tag
 
##'''Request'''
 
###'''Hostname''': 140.233.1.178 140.233.1.177
 
###'''Port''': 80
 
###'''Path''': /
 
###'''Request Method''': BAN
 
###'''Scheme''': http 
 
##'''Headers'''
 
###-
 
####'''Header''': Cache-Tags
 
####'''Value''': [invalidation:expression] 
 
###-
 
####'''Header''': host
 
####'''Value''': www.middlebury.edu 
 
###-
 
####'''Header''': Drupal-Site
 
####'''Value''': www.middlebury.edu.SITE_PATH     
 
#Export your configuration. It will have an id which looks something like "dd61b69fad". This is the VARNISH_ID you will add to the Chef configuration below.
 
 
 
=== Configure Site Caching ===
 
 
 
Turn off gzip generation for CSS and JS files. Since varnish will be gzipping the files for us, Drupal does not need to do this. You can only turn this off by [https://github.com/middlebury/drupal8/commit/28c4ea024b6c4eff5dcf58b210acfe93edc58071 manually updating the system.performance.yml like this].
 
 
 
=== Chef Configuration ===
 
 
 
Run '''knife vault edit web_drupal8 drupal8_settings'''
 
 
 
In the json file, add the database information for this new site, and be sure to add the information under both '''production''' and '''test'''. Note that if this is indeed an entirely new site, you will not need legacy db information. Also note that you need to request the creation of the database on the production server before you can complete this process.
 
 
 
=== web_drupal8 Cookbook ===
 
 
 
Update the cookbook version of web_drupal8 in metadata.rb
 
 
 
 
 
==== web_drupal8/attributes/default.rb ====
 
 
 
Use whichever install profile you picked when intializing the site for the value of ''':install_profile'''.
 
<pre>"SITE_URL" => {
 
&nbsp; &nbsp; :database => "DATABASE_NAME",
 
&nbsp; &nbsp; :install_profile => "middlebury_starter_profile",
 
&nbsp; &nbsp; :config_sync_directory => '../config/SITE_NAME/sync',
 
&nbsp; &nbsp; # Choose ONE of the following two lines as fits the needs of the site
 
&nbsp; &nbsp; :file_public_base_url => 'https://www.middlebury.edu/SITE_NAME/sites/SITE_URL/files',
 
&nbsp; &nbsp; :file_public_base_url => 'https://SITE_NAME.middlebury.edu/sites/SITE_URL/files',
 
&nbsp; &nbsp; :file_public_path => 'sites/SITE_URL/files',
 
&nbsp; &nbsp; :trusted_host_patterns => [
 
&nbsp; &nbsp; &nbsp; &nbsp; '^www\.middlebury\.edu$',
 
&nbsp; &nbsp; ]
 
},
 
</pre>
 
 
 
==== web_drupal8/recipes/sites.rb ====
 
<pre style="margin: 10px 0px 0px;  padding: 0px;  color: rgb(9, 30, 66);  font-size: 14px;  font-style: normal;  font-variant-ligatures: normal;  font-variant-caps: normal;  font-weight: 400;  letter-spacing: normal;  text-align: left;  text-indent: 0px;  text-transform: none;  word-spacing: 0px;  -webkit-text-stroke-width: 0px;  background-color: rgb(255, 255, 255);  text-decoration-style: initial;  text-decoration-color: initial">web_drupal_site "[http://www.middlebury.edu/bread-loaf-conferences/photos-and-bios S]ITE_URL" do
 
  aliases["SITE_NAME"]
 
  session_id "SSESS0b011572177428d7211e023d0a5cb1f9" # this will need to be updated later
 
  allow_node_add true
 
  project "drupal8"
 
  webroot "/web"
 
  # If the site is of the format SITE_NAME.middlebury.edu, use the following line
 
  vhost_partials ({"etc/httpd/conf.d/drupal-force-https.erb" => {'cookbook' => 'web_drupal8'}})
 
  # OR, if the site is of the format www.middlebury.edu/SITE_NAME, use the following line
 
  vhost_partials ({"etc/httpd/conf.d/SITE_ALIAS.rewrite.erb" => {'cookbook' => 'web_drupal8'}})
 
  drupal_settings ({
 
    "database" => ({
 
      "database" => db_prefix + node["drupal8"]["sites"]["SITE_URL"][<span style="color: rgb(53, 114, 176)">"database</span>"],
 
      "username" => settings["SITE_URL[[|"]["drupal_db_username]]"],
 
      "password" => settings["SITE_URL"]["drupal_db_password"],
 
      "hostname" => database_hostname,
 
    }),
 
    "trusted_host_patterns" => node["drupal8"]["sites"]["SITE_URL"]["trusted_host_patterns"],
 
    "install_profile" => node["drupal8"]["sites"]["SITE_URL"]["install_profile"],
 
    "config_sync_directory" => node["drupal8"]["sites"]["SITE_URL"]["config_sync_directory"],
 
    "reverse_proxy_addresses" => reverse_proxy_addresses,
 
    "file_public_base_url" => node["drupal8"]["sites"]["SITE_URL"]["file_public_base_url"],
 
    "file_public_path" => node["drupal8"]["sites"]["SITE_URL"]["file_public_path"],
 
    "config_overrides" => settings["SITE_URL"]["config_overrides"],
 
    "varnish_purger_config_id" => 'varnish_purger.settings.VARNISH_ID',
 
    "protocol" => "https"
 
  })
 
'''    # If this site is of the format SITE.middlebury.edu, remove the following 2 lines.'''
 
  <span> </span>'''# If this site is of the formate [http://www.middlebury.edu/SITE www.middlebury.edu/SITE], keep the following 2 lines.'''
 
    # Apache configuration is handled in the<span> </span>[http://www.middlebury.edu/ www.middlebury.edu]<span> </span>site configuration.
 
    skip_vhost true
 
end</pre>
 
 
 
==== web_drupal8/files/drush_aliases ====
 
 
 
Duplicate one of the existing files in web_drupal8/files/drush_aliases, rename the file appropriately, and replace the values with the paths for you new site.
 
 
 
==== web_drupal8/files/import_drupal8_profile_configuration ====
 
<pre>drush8 -r /var/www/drupal8/web --uri=SITE_URL cim -y</pre>
 
 
 
==== web_drupal8/files/clear_all_drupal8_caches ====
 
<pre>drush8 -r /var/www/drupal8/web --uri=SITE_URL cache-rebuild</pre>
 
 
 
==== web_drupal8/files/update_all_drupal8_dbs ====
 
<pre>drush8 -r /var/www/drupal8/web --uri=SITE_URL updatedb</pre>
 
 
 
== AzureAD Setup ==
 
 
 
=== Initialize the Drupal site ===
 
 
 
#Navigate to '''/admin/config/people/saml''' in your site administration.
 
#Set the '''Service Provider Configuration''' -> '''Entity ID''' to the path of this site's front page without the trailing slash.
 
#Download the metadata from '''/saml/metadata'''. You will need to upload this file to AzureAD.
 
 
 
=== Configure AzureAD ===
 
 
 
#Go to [https://portal.azure.com https://portal.azure.com]
 
#Click on '''Azure Active Directory''' in the left nav
 
##Click on '''Enterprise Applications''' in the second-most left nav
 
##Click the '''+ New application''' button at the top of the pane
 
##Select '''Non-gallery Application'''
 
##Enter '''Drupal - <site name>''' in the '''Name''' textfield
 
##Click the '''Create''' button 
 
#Click '''Properties''' under '''Manage''' in the second-most left nav
 
##Upload the Drupal logo file
 
##Change '''User assignment required?''' to '''No'''
 
##Change '''Visible to users? '''to '''No'''
 
##Click the '''Save''' button at the top of the pane 
 
#Click '''Owners''' under '''Manage''' in the second-most left nav
 
##Add yourself and any other members of [[Web_Technologies_&_Services|Web_Technologies_&_Services]] as owners. 
 
#Click '''Single sign-on''' under '''Manage''' in the second-most left nav
 
##Select '''SAML'''
 
##Click the '''Upload metadata file''' button at the top of the pane and upload the file you downloaded in the Initialize the Drupal site section above.
 
##Click the pencil icon under step 3 '''SAML Signing Certificate''' and delete the '''Notification Email Addressses''', then add itswebapplications@middlebury.edu as a notification email address.
 
##Click the '''Save''' button at the top of the pane then click the '''X '''button at the top right
 
##Click the '''Download '''link next to '''Federation Metadata XML''' under step 3 '''SAML Signing Certificate''' 
 
 
 
=== Configure the Drupal site ===
 
 
 
#Navigate to '''/admin/config/people/saml''' in your site administration.
 
#Under '''IDENTITY PROVIDER CONFIGURATION'''
 
##Paste the value from the '''<X509Certificate>''' element in the XML file you downloaded from Azure into the '''Primary x509 Certificate''' textarea.
 
##The '''Entity ID''' and other values should be the same for all sites, but can be verified against the content of the XML file. 
 
#Under '''USER INFO AND SYNCING'''
 
##Set '''Unique identifier attribute''' to <span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">[http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name]</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Attempt to map SAML users to existing local users''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Create users specified by SAML server''' to '''No'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Synchronize user name on every login''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Synchronize email address on every login''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''User name attribute''' to [http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name]</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''User email attribute '''to [http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name]</span> 
 
#<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Under '''SECURITY OPTIONS'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Strict mode''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Sign authentication requests''' to '''Yes'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Request messages to be signed''' to '''No'''</span>
 
##<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Set '''Request authn context''' to '''No'''</span> 
 
#<span style="color: rgb(9, 30, 66);  font-family: -apple-system, system-ui,">Export this configuration for the site and deploy it to production.</span>
 
 
 
[[Category:Drupal]] [[Category:Web Application Development]]
 

Latest revision as of 16:16, 15 February 2021

Powered by MediaWiki