diff --git a/.dockerignore b/.dockerignore new file mode 100755 index 0000000..600e365 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +**/node_modules \ No newline at end of file diff --git a/decide/local_settings_docker.py b/decide/local_settings_docker.py new file mode 100755 index 0000000..8801df5 --- /dev/null +++ b/decide/local_settings_docker.py @@ -0,0 +1,90 @@ + +import ldap +from django_auth_ldap.config import LDAPSearch, GroupOfNamesType +import os + +# dev env CORS SETTINGS +BASEURL = 'http://localhost:8000' +FE_BASEURL = 'http://localhost:3000' + +CORS_ALLOW_CREDENTIALS = True +CORS_ORIGIN_ALLOW_ALL = False +CORS_ORIGIN_WHITELIST = ( + BASEURL, FE_BASEURL +) +CSRF_TRUSTED_ORIGINS = [ + BASEURL, FE_BASEURL +] + + +# Modules in use, commented modules that you won't use +MODULES = [ + 'administration', + 'authentication', + 'base', + 'booth', + 'census', + 'mixnet', + 'postproc', + 'store', + 'visualizer', + 'voting', +] + + +APIS = { + 'administration': BASEURL, + 'authentication': BASEURL, + 'base': BASEURL, + 'booth': BASEURL, + 'census': BASEURL, + 'mixnet': BASEURL, + 'postproc': BASEURL, + 'store': BASEURL, + 'visualizer': BASEURL, + 'voting': BASEURL, +} + +DATABASES = { + 'default': { + 'ENGINE': 'djongo', + 'NAME': 'db', + 'CLIENT': { + 'username': os.environ.get('MONGO_USER'), + 'password': os.environ.get('MONGO_PASSWORD'), + 'host': os.environ.get('MONGO_HOST'), + 'port': int(os.environ.get('MONGO_PORT')), + 'authSource': os.environ.get('MONGO_NAME'), + 'authMechanism': 'SCRAM-SHA-1' + } + } +} + +# number of bits for the key, all auths should use the same number of bits +KEYBITS = 256 + +# Baseline configuration. +AUTH_LDAP_SERVER_URI = 'ldap://:389' + +AUTH_LDAP_BIND_DN = 'cn=admin,dc=decide,dc=org' +AUTH_LDAP_BIND_PASSWORD = 'decide' +AUTH_LDAP_USER_SEARCH = LDAPSearch( + 'ou=people,dc=decide,dc=org', + ldap.SCOPE_SUBTREE, + '(uid=%(user)s)', +) + +# Populate the Django user from the LDAP directory. +AUTH_LDAP_USER_ATTR_MAP = { + 'first_name': 'cn', + 'last_name': 'sn', + 'email': 'mail', +} + +# Keep ModelBackend around for per-user permissions and maybe a local +# superuser. + +AUTHENTICATION_BACKENDS = [ + 'django.contrib.auth.backends.ModelBackend', + 'django_auth_ldap.backend.LDAPBackend', +] diff --git a/docker-admin/Dockerfile b/docker-admin/Dockerfile new file mode 100755 index 0000000..9bd166e --- /dev/null +++ b/docker-admin/Dockerfile @@ -0,0 +1,17 @@ +# syntax=docker/dockerfile:1 +FROM python:3 +ENV PYTHONDONTWRITEBYTECODE=1 +ENV PYTHONUNBUFFERED=1 +WORKDIR /app + +RUN apt-get update +RUN apt-get install -y libsasl2-dev python-dev libldap2-dev libssl-dev + +RUN git clone https://github.com/Full-Tortuga/decide-full-tortuga-admin.git . +RUN pip3 install -r requirements.txt + +WORKDIR /app/decide + +# local settings.py +ADD docker-settings.py /app/decide/local_settings.py +ADD .env /app/decide/.env diff --git a/docker-admin/docker-compose.yml b/docker-admin/docker-compose.yml new file mode 100755 index 0000000..ea437db --- /dev/null +++ b/docker-admin/docker-compose.yml @@ -0,0 +1,33 @@ +version: '3' +services: + mongo-decide: + image: 'mongo' + environment: + - MONGO_INITDB_DATABASE=db + - MONGO_INITDB_ROOT_USERNAME=root + - MONGO_INITDB_ROOT_PASSWORD=root + - MONGO_INITDB_USER=mongo + - MONGO_INITDB_PWD=mongo + volumes: + - ./init-mongo.sh:/docker-entrypoint-initdb.d/init-mongo.sh + - mongo_decide_data:/data/db + ports: + - 27017:27017 + decide: + build: . + command: bash -c "python manage.py makemigrations && python manage.py migrate && python manage.py runserver 0.0.0.0:8000" + volumes: + - ./decide:/code + ports: + - "8000:8000" + environment: + - MONGO_NAME=db + - MONGO_USER=mongo + - MONGO_HOST=mongo-decide + - MONGO_PASSWORD=mongo + - MONGO_PORT=27017 + depends_on: + - mongo-decide +volumes: + mongo_decide_data: {} + diff --git a/docker/docker-settings.py b/docker-admin/docker-settings.py old mode 100644 new mode 100755 similarity index 56% rename from docker/docker-settings.py rename to docker-admin/docker-settings.py index 3b4d8a0..8801df5 --- a/docker/docker-settings.py +++ b/docker-admin/docker-settings.py @@ -1,17 +1,20 @@ + import ldap from django_auth_ldap.config import LDAPSearch, GroupOfNamesType import os -DEBUG = True - -STATIC_ROOT = '/app/static/' -MEDIA_ROOT = '/app/static/media/' -ALLOWED_HOSTS = ['*'] - -BASEURL = 'http://localhost' - - +# dev env CORS SETTINGS +BASEURL = 'http://localhost:8000' +FE_BASEURL = 'http://localhost:3000' +CORS_ALLOW_CREDENTIALS = True +CORS_ORIGIN_ALLOW_ALL = False +CORS_ORIGIN_WHITELIST = ( + BASEURL, FE_BASEURL +) +CSRF_TRUSTED_ORIGINS = [ + BASEURL, FE_BASEURL +] # Modules in use, commented modules that you won't use @@ -28,23 +31,39 @@ 'voting', ] + +APIS = { + 'administration': BASEURL, + 'authentication': BASEURL, + 'base': BASEURL, + 'booth': BASEURL, + 'census': BASEURL, + 'mixnet': BASEURL, + 'postproc': BASEURL, + 'store': BASEURL, + 'visualizer': BASEURL, + 'voting': BASEURL, +} + DATABASES = { 'default': { 'ENGINE': 'djongo', - 'NAME': os.environ.get('DATABASE_NAME'), + 'NAME': 'db', 'CLIENT': { - 'host': os.environ.get('DATABASE_HOST'), - 'username': os.environ.get('DATABASE_USER'), - 'password': os.environ.get('DATABASE_PASSWORD'), - 'SSL': 'true' + 'username': os.environ.get('MONGO_USER'), + 'password': os.environ.get('MONGO_PASSWORD'), + 'host': os.environ.get('MONGO_HOST'), + 'port': int(os.environ.get('MONGO_PORT')), + 'authSource': os.environ.get('MONGO_NAME'), + 'authMechanism': 'SCRAM-SHA-1' } - } } # number of bits for the key, all auths should use the same number of bits KEYBITS = 256 +# Baseline configuration. AUTH_LDAP_SERVER_URI = 'ldap://:389' AUTH_LDAP_BIND_DN = 'cn=admin,dc=decide,dc=org' @@ -61,24 +80,11 @@ 'last_name': 'sn', 'email': 'mail', } -APIS = { - 'administration': 'http://10.5.0.1:8000', - 'authentication': 'http://10.5.0.1:8000', - 'base': 'http://10.5.0.1:8000', - 'booth': 'http://10.5.0.1:8000', - 'census': 'http://10.5.0.1:8000', - 'mixnet': 'http://10.5.0.1:8000', - 'postproc': 'http://10.5.0.1:8000', - 'store': 'http://10.5.0.1:8000', - 'visualizer': 'http://10.5.0.1:8000', - 'voting': 'http://10.5.0.1:8000', -} # Keep ModelBackend around for per-user permissions and maybe a local # superuser. AUTHENTICATION_BACKENDS = [ - 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend', + 'django_auth_ldap.backend.LDAPBackend', ] - diff --git a/docker-admin/init-mongo.sh b/docker-admin/init-mongo.sh new file mode 100755 index 0000000..fd39bc7 --- /dev/null +++ b/docker-admin/init-mongo.sh @@ -0,0 +1,14 @@ +set -e + +mongo <