cairis-platform · jtagcat · Jan 20, 2024 · Jan 20, 2024 · Jan 21, 2024 · Jan 21, 2024
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,58 @@
+# syntax=docker/dockerfile:1.5-labs
+
+FROM node AS ui
+# ref syntax: https://docs.docker.com/engine/reference/commandline/image_build/#git-repositories
+ADD https://github.com/cairis-platform/cairis-ui.git /ui
+WORKDIR /ui
+
+ENV NODE_OPTIONS=--openssl-legacy-provider
+
+RUN yarn install --immutable --immutable-cache --check-cache
+RUN yarn run build
+
+
+FROM python:3-slim
+LABEL org.opencontainers.image.authors="admin@cairis.org"
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    build-essential \
+    pkg-config `# mysql` \
+    default-libmysqlclient-dev `# mysql` \
+    apache2 `# wsgi` \
+    apache2-dev `# wsgi` \
+    default-mysql-client `# init sql file imports` \
+    docbook `# latex` \
+    docbook-utils `# latex` \
+    dblatex `# latex` \
+    texlive-latex-extra `# latex` \
+    pandoc `# latex` \
+    graphviz `# TODO: unknown` \
+    libxml2-dev `# TODO: unknown` \
+    libxslt1-dev `# TODO: unknown` \
+    libssl-dev `# TODO: unknown` \
+    poppler-utils `# TODO: unknown` \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN --mount=type=bind,source=requirements.txt,target=/tmp/requirements.txt \
+    pip install --requirement /tmp/requirements.txt
+
+RUN --mount=type=bind,source=wsgi_requirements.txt,target=/tmp/wsgi_requirements.txt \
+    pip install --requirement /tmp/wsgi_requirements.txt
+
+# config is autogenerated
+ENV CAIRIS_CFG=/tmp/cairis.cnf
+COPY entrypoint.py /
+
+COPY ./examples /examples
+
+COPY --from=ui /ui/dist /cairis-ui
+
+# Using /cairis instead of /app/cairis, as it is less confusing. Symlink is for out-of-band tools (through docker exec)
+ENV PYTHONPATH=/cairis
+COPY ./cairis /cairis
+RUN ln -s . /cairis/cairis
+
+EXPOSE 8000
+USER www-data:www-data
+CMD ["python3", "/entrypoint.py"]
diff --git a/cairis/config/cairis.cnf b/cairis/config/cairis.cnf
@@ -9,4 +9,3 @@ default_image_dir = .
 web_port = 7071
 log_level = warning
 web_static_dir = /home/cairisuser/cairis/cairis/web
-upload_dir = /tmp
diff --git a/cairis/core/BorgFactory.py b/cairis/core/BorgFactory.py
@@ -57,7 +57,6 @@ def initialiseCairisDbSettings(cfgDict):
   b.tmpDir = cfgDict['tmp_dir']
   b.cairisRoot = cfgDict['root']
   b.rPasswd = ''
-  b.docker = True if 'docker' in cfgDict else False
 
   try:
     b.rPasswd = cfgDict['rpasswd']
@@ -67,7 +66,7 @@ def initialiseCairisDbSettings(cfgDict):
 def setupDocBookConfig():
   b = Borg()
   b.docBookDir = 'http://www.docbook.org/sgml/4.5'
-  if os.path.exists('/usr/share/sgml/docbook/dtd/4.5') or b.docker:
+  if os.path.exists('/usr/share/sgml/docbook/dtd/4.5'):
     b.docBookDir = '/usr/share/sgml/docbook/dtd/4.5'
   else:
     b.logger.warning('Unable to find DocBook schemes. Check if DocBook is correctly installed.')

diff --git a/cairis/misc/DocumentBuilder.py b/cairis/misc/DocumentBuilder.py
@@ -2396,10 +2396,4 @@ def build(dbProxy,docType,sectionFlags,typeFlags,fileName,docDir):
   f.write(specDoc)
   f.close()
 
-
-  b = Borg()
-  if(b.docker == True):
-    requestString = "http://cairis-docs:5000/latexApi"
-    requests.post(requestString, data={'docBookCmd': docBookCmd})
-  else:
-    os.system(docBookCmd)
+  os.system(docBookCmd)
diff --git a/cairis/tools/quickSetup.py b/cairis/tools/quickSetup.py
@@ -17,54 +17,76 @@
 #  specific language governing permissions and limitations
 #  under the License.
 
-from cairis.core.ARM import ARMException
-from sqlalchemy.exc import SQLAlchemyError
+import binascii
 import os
 import sys
-from cairis.core.dba import createDatabaseAccount, createDbOwnerDatabase, createDatabaseAndPrivileges, createDatabaseSchema, createDefaults, canonicalDbUser, dropCairisUserDatabase, createCairisUserDatabase
-from flask_security import hash_password
-import binascii
 from random import choice
 from string import ascii_letters, digits
-from subprocess import Popen
-from shlex import split
 
+from flask_security import hash_password
+
+from cairis.core.ARM import ARMException
+from cairis.core.dba import (
+  canonicalDbUser,
+  createCairisUserDatabase,
+  createDatabaseAccount,
+  createDatabaseAndPrivileges,
+  createDatabaseSchema,
+  createDbOwnerDatabase,
+  createDefaults,
+  dropCairisUserDatabase,
+)
 
 __author__ = 'Shamal Faily'
 
+def validate_username(userName: str):
+  if userName == "":
+    return
 
-def quick_setup(dbHost,dbPort,dbRootPassword,tmpDir,rootDir,configFile,webPort,logLevel,staticDir,assetDir,userName,passWd,mailServer = '',mailPort = '',mailUser = '',mailPasswd = ''):
-  if (len(userName) > 255):
-    raise ARMException("Username cannot be longer than 255 characters")
   if (userName == "root"):
     raise ARMException("Username cannot be root")
+
+  if (len(userName) > 255):
+    raise ARMException("Username cannot be longer than 255 characters")
+
+def inject_bashrc(rootDir: str, configFile: str):
+  fileName = os.environ.get("HOME") + "/.bashrc"
+
+  if not os.path.exists(fileName):
+    return
+
+  with open(fileName,'a') as f:
+    f.write("export CAIRIS_SRC="+ rootDir + "\n")
+    f.write("export CAIRIS_CFG_DIR=${CAIRIS_SRC}/config\n")
+    f.write("export CAIRIS_CFG="+ configFile +"\n")
+
+    pathName = os.path.split(os.path.split(os.path.realpath(os.path.dirname(__file__)))[0])[0]
+    sys.path.insert(0, pathName)
+
+    f.write("export PYTHONPATH=${PYTHONPATH}:" + pathName +"\n")
+
+def quick_setup(dbHost,dbPort,dbRootPassword,tmpDir,rootDir,configFile,webPort,logLevel,staticDir,assetDir,userName,passWd,mailServer = '',mailPort = '',mailUser = '',mailPasswd = ''):
   createCairisCnf(configFile,dbRootPassword,dbHost,dbPort,tmpDir,rootDir,webPort,logLevel,staticDir,assetDir,mailServer,mailPort,mailUser,mailPasswd)
-  os.environ["CAIRIS_CFG"] = configFile
+
+  import MySQLdb
+  with MySQLdb.connect(host=dbHost,user='root',passwd=dbRootPassword) as con:
+    with con.cursor() as cur:
+      if cur.execute('SHOW DATABASES LIKE "cairis_owner"') == 1:
+        return
+
+  validate_username(userName)
+
   createDbOwnerDatabase(dbRootPassword,dbHost,dbPort)
   createUserDatabase(dbHost,dbPort,dbRootPassword,rootDir)
-  pathName = os.path.split(os.path.split(os.path.realpath(os.path.dirname(__file__)))[0])[0]
-  sys.path.insert(0, pathName)
-  fileName = os.environ.get("HOME") + "/.bashrc"
-  f = open(fileName,'a')
-  f.write("export CAIRIS_SRC="+ rootDir + "\n")
-  f.write("export CAIRIS_CFG_DIR=${CAIRIS_SRC}/config\n")
-  f.write("export CAIRIS_CFG="+ configFile +"\n")
-  f.write("export PYTHONPATH=${PYTHONPATH}:" + pathName +"\n")
-  f.close()
-
-  from cairis.bin.add_cairis_user import user_datastore,db
+
+  os.environ["CAIRIS_CFG"] = configFile
+  from cairis.bin.add_cairis_user import db
   db.create_all()
 
-  if (userName != ''):
-    rp = ''.join(choice(ascii_letters + digits) for i in range(255))
-    dbAccount = canonicalDbUser(userName)
-    user_datastore.create_user(email=userName, account=dbAccount, password=hash_password(passWd),name = 'Default user')
-    db.session.commit()
-    createDatabaseAccount(dbRootPassword,dbHost,dbPort,userName,dbAccount,rp)
-    createDatabaseAndPrivileges(dbRootPassword,dbHost,dbPort,userName,rp,dbAccount + '_default')
-    createDatabaseSchema(rootDir,dbHost,dbPort,userName,rp,dbAccount + '_default')
-    createDefaults(rootDir,dbHost,dbPort,userName,rp,dbAccount + '_default')
+  if userName:
+    createUser(rootDir, dbRootPassword, dbHost, dbPort, userName, passWd)
 
+  inject_bashrc(rootDir, configFile)
 
 def createUserDatabase(dbHost,dbPort,dbRootPassword,rootDir):
   dropCairisUserDatabase(dbRootPassword,dbHost,dbPort)
@@ -73,23 +95,33 @@ def createUserDatabase(dbHost,dbPort,dbRootPassword,rootDir):
   createDatabaseAndPrivileges(dbRootPassword,dbHost,dbPort,'cairis_test','cairis_test','cairis_test_default')
   createDatabaseSchema(rootDir,dbHost,dbPort,'cairis_test','cairis_test','cairis_test_default')
 
+def createUser(rootDir,dbRootPassword,dbHost,dbPort,userName,passWd):
+  from cairis.bin.add_cairis_user import db, user_datastore
+
+  rp = ''.join(choice(ascii_letters + digits) for i in range(255))
+  dbAccount = canonicalDbUser(userName)
+  user_datastore.create_user(email=userName, account=dbAccount, password=hash_password(passWd),name = 'Default user')
+  db.session.commit()
+  createDatabaseAccount(dbRootPassword,dbHost,dbPort,userName,dbAccount,rp)
+  createDatabaseAndPrivileges(dbRootPassword,dbHost,dbPort,userName,rp,dbAccount + '_default')
+  createDatabaseSchema(rootDir,dbHost,dbPort,userName,rp,dbAccount + '_default')
+  createDefaults(rootDir,dbHost,dbPort,userName,rp,dbAccount + '_default')
 
 def createCairisCnf(configFile,dbRootPassword,dbHost,dbPort,tmpDir,rootDir,webPort,logLevel,staticDir,assetDir,mailServer,mailPort,mailUser,mailPasswd):
-  f = open(configFile,'w')
-  f.write("rpasswd = " + dbRootPassword + "\n")
-  f.write("dbhost = " + dbHost + "\n")
-  f.write("dbport = " + str(dbPort) + "\n")
-  f.write("tmp_dir = " + tmpDir + "\n")
-  f.write("root = " + rootDir + "\n")
-  f.write("web_port = " + str(webPort) + "\n")
-  f.write("log_level = " + logLevel + "\n")
-  f.write("web_static_dir = " + staticDir + "\n")
-  f.write("web_asset_dir = " + assetDir + "\n")
-  f.write("mail_server = " + mailServer + "\n")
-  f.write("mail_port = " + mailPort + "\n")
-  f.write("mail_user = " + mailUser + "\n")
-  f.write("mail_passwd = " + mailPasswd + "\n")
-
-  f.write("\n")
-  f.write("secret_key = " + str(binascii.hexlify(os.urandom(16))) + "\n")
-  f.close()
+  with open(configFile,'w') as f:
+    f.write("rpasswd = " + dbRootPassword + "\n")
+    f.write("dbhost = " + dbHost + "\n")
+    f.write("dbport = " + str(dbPort) + "\n")
+    f.write("tmp_dir = " + tmpDir + "\n")
+    f.write("root = " + rootDir + "\n")
+    f.write("web_port = " + str(webPort) + "\n")
+    f.write("log_level = " + logLevel + "\n")
+    f.write("web_static_dir = " + staticDir + "\n")
+    f.write("web_asset_dir = " + assetDir + "\n")
+    f.write("mail_server = " + mailServer + "\n")
+    f.write("mail_port = " + mailPort + "\n")
+    f.write("mail_user = " + mailUser + "\n")
+    f.write("mail_passwd = " + mailPasswd + "\n")
+
+    f.write("\n")
+    f.write("secret_key = " + str(binascii.hexlify(os.urandom(16))) + "\n")
diff --git a/compose.yml b/compose.yml
@@ -0,0 +1,43 @@
+networks:
+  cairis:
+    internal: true
+  portsHatch: # only needed for ports
+
+services:
+  cairis-db:
+    image: 'mariadb:latest'
+    environment:
+      - MYSQL_ROOT_PASSWORD=changeme1 # changeme
+    command: >
+      --thread_stack=256K
+      --max_sp_recursion_depth=255
+      --log_bin_trust_function_creators=1
+    volumes: [cairis-db:/var/lib/mysql]
+    networks: [cairis]
+    healthcheck:
+      test: ["CMD", "healthcheck.sh", "--su=mysql", "--connect", "--innodb_initialized"]
+  cairis:
+    image: shamalfaily/cairis
+    build: . # comment this to pull image
+    environment:
+      - MYSQL_HOST=cairis-db
+      - MYSQL_ROOT_PASSWORD=changeme1 # changeme
+      # - CAIRIS_LOGLEVEL=DEBUG
+      # - CAIRIS_SMTP_SERVER=
+      # - CAIRIS_SMTP_PORT=465
+      # - CAIRIS_SMTP_USER=
+      # - CAIRIS_SMTP_PASS=
+      # only applied on first run (database generation):
+      - CAIRIS_USER=example@example.tld
+      - CAIRIS_PASS=changeme2
+    networks:
+     - cairis
+     - portsHatch
+    ports:
+      - 8000:8000
+    depends_on:
+      cairis-db:
+        condition: service_healthy
+
+volumes:
+  cairis-db:
diff --git a/docker/Dockerfile b/docker/Dockerfile
diff --git a/docker/addAccount.sh b/docker/addAccount.sh
diff --git a/docker/buildDemo.sh b/docker/buildDemo.sh