LessPass backend container work

containers/.env

@@ -0,0 +1,7 @@
+SECRET_KEY=azertyuiopqsdfghjklmwxcvbn123456
+DATABASE_ENGINE=django.db.backends.postgresql
+DATABASE_NAME=postgres
+DATABASE_USER=postgres
+DATABASE_PASSWORD=
+DATABASE_HOST=db
+DATABASE_PORT=5432

containers/backend/.gitignore

@@ -0,0 +1 @@
+www

containers/backend/Dockerfile

@@ -0,0 +1,26 @@
+FROM centos:7
+
+LABEL name="LessPass Web Server" 
+LABEL maintainer="LessPass <contact@lesspass.com>"
+
+ENV LANG en_US.UTF-8
+
+RUN yum -y install epel-release && \
+    yum -y install python34 python34-pip && \
+    yum clean all
+
+RUN mkdir /backend
+WORKDIR /backend
+COPY requirements.txt /backend/
+RUN python3 -m pip install --upgrade pip
+RUN python3 -m pip install -r requirements.txt
+
+COPY api/ /backend/api/
+COPY lesspass/ /backend/lesspass/
+COPY manage.py /backend/manage.py
+COPY wait_db.py /backend/wait_db.py
+
+COPY entrypoint.sh /
+ENTRYPOINT ["/entrypoint.sh"]
+
+CMD ["gunicorn", "lesspass.wsgi:application", "--access-logfile", "-", "--error-logfile", "-", "--log-level", "debug", "--bind", "0.0.0.0:8000"]

containers/backend/entrypoint.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+python3 manage.py migrate
+python3 manage.py collectstatic --clear --no-input
+python3 wait_db.py 
+
+exec "$@"

containers/database/lesspass/settings.py → containers/backend/lesspass/settings.py

@@ -18,7 +18,7 @@ SECRET_KEY = env('SECRET_KEY', preprocessor=get_secret_key, default=None)
 
 DEBUG = env.bool('DJANGO_DEBUG', default=False)
 
-ALLOWED_HOSTS = env('ALLOWED_HOSTS', cast=list, default=['localhost', '127.0.0.1', '.lesspass.com'])
+ALLOWED_HOSTS = env('ALLOWED_HOSTS', cast=list, default=['backend', '.lesspass.com'])
 
 ADMINS = (('Guillaume Vincent', 'guillaume@oslab.fr'),)
 

containers/backend/wait_db.py

@@ -0,0 +1,19 @@
+#!/usr/bin/env python
+import socket
+import time
+import os
+
+host = os.environ.get('DATABASE_HOST', 'db')
+port = int(os.environ.get('DATABASE_PORT', '5432'))
+
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+timeout = 15
+while timeout != 0:
+    try:
+        s.connect((host, port))
+        s.close()
+        break
+    except socket.error as ex:
+        timeout -= 1
+        print('wait for db to start... (%s sec remaining)' % timeout)
+time.sleep(1)

containers/database/.travis.yml

@@ -1,13 +0,0 @@
-dist: trusty
-sudo: required
-language: python
-python:
-    - 3.5
-addons:
-  postgresql: "9.5"
-services:
-  - postgresql
-env:
-  - DATABASE_ENGINE=django.db.backends.postgresql_psycopg2 DATABASE_NAME=postgres DATABASE_USER=postgres DATABASE_PASSWORD= DATABASE_HOST=localhost DATABASE_PORT=5432
-install: pip install -r requirements.txt
-script: python manage.py test

containers/database/Dockerfile

@@ -1,19 +0,0 @@
-FROM python:3.5-alpine
-
-RUN apk add --no-cache supervisor netcat-openbsd postgresql-dev gcc python3-dev musl-dev
-
-RUN mkdir /backend
-WORKDIR /backend
-COPY requirements.txt /backend/
-RUN pip install --upgrade pip
-RUN pip install -r requirements.txt
-
-COPY api/ /backend/api/
-COPY lesspass/ /backend/lesspass/
-COPY manage.py /backend/manage.py
-
-COPY entrypoint.sh /
-ENTRYPOINT ["/entrypoint.sh"]
-
-COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
-CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]

containers/database/README.md

@@ -1,24 +0,0 @@
-# LessPass backend
-
-REST API used by [lesspass-pure](https://github.com/lesspass/pure) to store password profiles
-
- * python 3
- * django rest framework
- * django rest framework jwt
- * djoser
- * postgresql
- * gunicorn
-
-## Tests
-
-    pip install -r requirements.txt
-    python manage.py test
-
-## License
-
-This project is licensed under the terms of the GNU GPLv3.
-
-
-## Issues
-
-report issues on [LessPass project](https://github.com/lesspass/lesspass/issues)

containers/database/entrypoint.sh

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-while ! nc -z db 5432; do sleep 3; done
-
-python manage.py migrate
-python manage.py collectstatic --clear --no-input
-
-exec "$@"

containers/database/supervisord.conf

@@ -1,14 +0,0 @@
-[supervisord]
-nodaemon=true
-logfile=/dev/null
-pidfile=/var/run/supervisord.pid
-
-[program:gunicorn]
-directory=/backend
-command=gunicorn lesspass.wsgi:application -w 2 -b :8000
-autostart=true
-autorestart=true
-stdout_logfile=/dev/stdout
-stdout_logfile_maxbytes=0
-stderr_logfile=/dev/stderr
-stderr_logfile_maxbytes=0

containers/docker-compose.yml

@@ -1,11 +1,23 @@
 version: "3"
 services:
+  db:
+    image: postgres:9.5
+    volumes:
+      - postgresql:/var/lib/postgresql/data
+  backend:
+    build: ./backend
+    expose:
+      - '8000'
+    links:
+      - db
+    env_file:
+      - .env
   profiles:
     image: typesense/typesense:0.9.2
     volumes:
       - profiles:/data
-    ports:
-      - 8108:8108
+    expose:
+      - '8108'
     environment:
       API_KEY: dev-api-key
       SEARCH_ONLY_API_KEY: dev-search-only-api-key
@@ -21,3 +33,7 @@ services:
     volumes:
       - ./webserver/ssl:/ssl
       - ./webserver:/webserver
+volumes:
+  postgresql:
+  www:
+  profiles:

containers/webserver/.gitignore

@@ -0,0 +1 @@
+ssl

containers/webserver/generate_apache_conf.py

@@ -11,7 +11,6 @@ if __name__ == "__main__":
         "SSL_CERTIFICATE_KEY_FILE": "/etc/httpd/ssl/private/%s.key" % fqdn,
         "DEBUG": os.environ.get("DEBUG", "0") == "1",
     }
-
     print(context)
     jinja_template = Template(open("/webserver/lesspass.conf.j2").read())
     with open("/etc/httpd/conf.d/lesspass.conf", "w") as f:

containers/webserver/lesspass.conf.j2

@@ -9,6 +9,15 @@ ServerName {{ FQDN }}
 
 <VirtualHost *:443>
     ServerName www.{{ FQDN }}
+    ProxyPass /api/ http://backend:8000/api/
+    ProxyPassReverse /api/ http://backend:8000/api/
+    SSLEngine on
+    SSLCertificateFile      {{ SSL_CERTIFICATE_FILE }}
+    SSLCertificateKeyFile   {{ SSL_CERTIFICATE_KEY_FILE }}
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName www.{{ FQDN }}
     ServerAlias {{ FQDN }}
     
     DocumentRoot /var/www/html