diff --git a/containers/.env b/containers/.env index b5f57af..c033ccd 100644 --- a/containers/.env +++ b/containers/.env @@ -4,4 +4,6 @@ DATABASE_NAME=postgres DATABASE_USER=postgres DATABASE_PASSWORD= DATABASE_HOST=db -DATABASE_PORT=5432 \ No newline at end of file +DATABASE_PORT=5432 +FQDN=localhost +DEBUG=1 \ No newline at end of file diff --git a/containers/backend/Dockerfile b/containers/backend/Dockerfile index 11036f5..2259859 100644 --- a/containers/backend/Dockerfile +++ b/containers/backend/Dockerfile @@ -1,20 +1,11 @@ -FROM centos:7 +FROM python:3.6 LABEL name="LessPass Backend" LABEL maintainer="LessPass " -ENV LANG en_US.UTF-8 - -RUN yum -y install centos-release-scl && \ - yum -y install rh-python36 && \ - yum clean all - RUN mkdir /opt/app WORKDIR /opt/app - -RUN source scl_source enable rh-python36 && \ - python -m venv /opt/app/venv - +RUN python -m venv /opt/app/venv COPY requirements.txt /opt/app/ RUN /opt/app/venv/bin/python -m pip install --upgrade pip && \ /opt/app/venv/bin/python -m pip install -r requirements.txt diff --git a/containers/docker-compose.yml b/containers/docker-compose.yml index 28e624f..445f8ea 100644 --- a/containers/docker-compose.yml +++ b/containers/docker-compose.yml @@ -17,13 +17,9 @@ services: ports: - 80:80 - 443:443 - environment: - FQDN: localhost - DEBUG: 1 + env_file: + - .env volumes: - - ./webserver/ssl:/ssl - - ./webserver:/webserver + - ./webserver/ssl:/opt/app/ssl volumes: - postgresql: - www: - profiles: \ No newline at end of file + postgresql: \ No newline at end of file diff --git a/containers/webserver/Dockerfile b/containers/webserver/Dockerfile index 56f9320..1a4b552 100644 --- a/containers/webserver/Dockerfile +++ b/containers/webserver/Dockerfile @@ -1,27 +1,12 @@ -FROM centos:7 +FROM httpd:2.4 LABEL name="LessPass Web Server" LABEL maintainer="LessPass " -ENV LANG en_US.UTF-8 +RUN apt-get update && apt-get install -y \ + python3 \ + python3-jinja2 -RUN yum -y install centos-release-scl && \ - yum -y install httpd openssl mod_ssl proxy_http rh-python36 && \ - yum clean all +COPY . /opt/app/ -RUN mkdir /opt/app -WORKDIR /opt/app - -RUN source scl_source enable rh-python36 && \ - python -m venv /opt/app/venv - -RUN /opt/app/venv/bin/python -m pip install --upgrade pip && \ - /opt/app/venv/bin/python -m pip install jinja2 - -COPY entrypoint.sh /opt/app/ - -EXPOSE 80 443 - -ENTRYPOINT ["/opt/app/entrypoint.sh"] - -CMD ["/usr/sbin/httpd", "-D", "FOREGROUND"] \ No newline at end of file +ENTRYPOINT ["/opt/app/entrypoint.sh"] \ No newline at end of file diff --git a/containers/webserver/entrypoint.sh b/containers/webserver/entrypoint.sh index 02413f2..e182b25 100755 --- a/containers/webserver/entrypoint.sh +++ b/containers/webserver/entrypoint.sh @@ -4,24 +4,23 @@ create_wildcard_certificate () { openssl req -x509 -newkey rsa:4096 -nodes -keyout ${1}.key -out ${1}.crt -days 365 -subj "/C=FR/ST=Gironde/L=Bordeaux/O=LessPass/OU=LessPass/CN=*.${1}" } -if [[ ! -f /ssl/${FQDN}.crt || ! -f /ssl/${FQDN}.key ]]; then +if [[ ! -f /opt/app/ssl/${FQDN}.crt || ! -f /opt/app/ssl/${FQDN}.key ]]; then echo "${FQDN}.crt or ${FQDN}.key not found! Generate wildcard certificate" - cd /ssl + cd /opt/app/ssl create_wildcard_certificate ${FQDN} fi mkdir -p /etc/httpd/ssl -mkdir -p /etc/httpd/ssl/private chmod 755 /etc/httpd/ssl -chmod 710 /etc/httpd/ssl/private - -cp /ssl/${FQDN}.crt /etc/httpd/ssl/ +cp /opt/app/ssl/${FQDN}.crt /etc/httpd/ssl/ chmod 644 /etc/httpd/ssl/${FQDN}.crt -cp /ssl/${FQDN}.key /etc/httpd/ssl/private/ +mkdir -p /etc/httpd/ssl/private +chmod 710 /etc/httpd/ssl/private +cp /opt/app/ssl/${FQDN}.key /etc/httpd/ssl/private/ chmod 640 /etc/httpd/ssl/private/${FQDN}.key -/opt/app/venv/bin/python /webserver/generate_apache_conf.py +/opt/app/venv/bin/python /opt/app/generate_apache_conf.py cat /etc/httpd/conf.d/lesspass.conf diff --git a/containers/webserver/generate_apache_conf.py b/containers/webserver/generate_apache_conf.py index 4ed6d09..98a56d4 100644 --- a/containers/webserver/generate_apache_conf.py +++ b/containers/webserver/generate_apache_conf.py @@ -12,6 +12,6 @@ if __name__ == "__main__": "DEBUG": os.environ.get("DEBUG", "0") == "1", } print(context) - jinja_template = Template(open("/webserver/lesspass.conf.j2").read()) + jinja_template = Template(open("/opt/app/lesspass.conf.j2").read()) with open("/etc/httpd/conf.d/lesspass.conf", "w") as f: f.write(jinja_template.render(context))