From 37a9f6fa54fc8e237ea117d8d0e1480795c5c831 Mon Sep 17 00:00:00 2001
From: Quentin Dufour
Date: Mon, 24 Jun 2024 07:53:06 +0200
Subject: inject cacert
---
flake.nix | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/flake.nix b/flake.nix
index 5d69f9f..3b6ad3b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -12,9 +12,6 @@
system = "x86_64-linux";
overlays = [
(import "${gomod2nix}/overlay.nix")
- /*(self: super: {
- gomod = super.callPackage "${gomod2nix}/builder/" { };
- })*/
];
};
src = ./.;
@@ -38,10 +35,16 @@
platforms = platforms.linux;
};
};
+
+
container = pkgs.dockerTools.buildImage {
name = "dxflrs/guichet";
+ copyToRoot = pkgs.buildEnv {
+ name = "guichet-env";
+ paths = [ guichet pkgs.cacert ];
+ };
config = {
- Entrypoint = "${guichet}/bin/guichet";
+ Entrypoint = "/bin/guichet";
};
};
in {
--
cgit v1.2.3
From 793cb2d3c20d47f3a74f385c4b9aeadf2e2297b0 Mon Sep 17 00:00:00 2001
From: Quentin Dufour
Date: Mon, 24 Jun 2024 08:17:15 +0200
Subject: update dev env skeleton
---
config.json.example | 18 ++++++++----------
integration/docker-compose.yml | 10 ++++++++--
2 files changed, 16 insertions(+), 12 deletions(-)
diff --git a/config.json.example b/config.json.example
index 1760685..2d40aac 100644
--- a/config.json.example
+++ b/config.json.example
@@ -10,25 +10,23 @@
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
"invitation_name_attr": "cn",
- "invited_mail_format": "{}@example.com",
- "invited_auto_groups": [
- "cn=email,ou=groups,dc=bottin,dc=eu"
- ],
+ "invited_mail_format": "{}@bottin.eu",
+ "invited_auto_groups": [ ],
- "web_address": "http://guichet.localhost:9991",
- "mail_from": "welcome@example.com",
- "smtp_server": "smtp.example.com",
+ "web_address": "http://localhost:9991",
+ "mail_from": "welcome@bottin.eu",
+ "smtp_server": "smtp.bottin.eu",
"smtp_username": "guichet",
"smtp_password": "",
"admin_account": "cn=admin,dc=bottin,dc=eu",
- "group_can_admin": "gid=admin,ou=groups,dc=bottin,dc=eu",
- "group_can_invite": "",
+ "group_can_admin": "cn=admin,ou=groups,dc=bottin,dc=eu",
+ "group_can_invite": "cn=admin,ou=groups,dc=bottin,dc=eu",
"s3_admin_endpoint": "localhost:3903",
"s3_admin_token": "GlXP43PWH3LuvEGSNxKYzZCyUss8VqZmarBU+HUlrxw=",
- "s3_endpoint": "localhost",
+ "s3_endpoint": "localhost:3900",
"s3_access_key": "",
"s3_secret_key": "",
"s3_region": "garage",
diff --git a/integration/docker-compose.yml b/integration/docker-compose.yml
index ec855db..e44a723 100644
--- a/integration/docker-compose.yml
+++ b/integration/docker-compose.yml
@@ -1,11 +1,15 @@
version: '3'
services:
consul:
- image: hashicorp/consul:1.16
+ # sync with nixos stable packages assuming our stack is up to date
+ # https://search.nixos.org/packages?channel=24.05&from=0&size=50&sort=relevance&type=packages&query=consul
+ image: hashicorp/consul:1.18
restart: "always"
expose:
- 8500
bottin:
+ # sync with deuxfleurs/nixcfg/cluster/prod/app/core/deploy/bottin.hcl
+ # to ensure compatibility with prod
image: dxflrs/bottin:7h18i30cckckaahv87d3c86pn4a7q41z
#command: "-config /etc/bottin.json"
restart: "always"
@@ -15,7 +19,9 @@ services:
volumes:
- "./config/bottin.json:/config.json"
garage:
- image: dxflrs/garage:v0.8.2
+ # sync with deuxfleurs/nixcfg/cluster/prod/app/garage/deploy/garage.hcl
+ # to ensure compatibility with prod
+ image: superboum/garage:v1.0.0-rc1-hotfix-red-ftr-wquorum
ports:
- "3900:3900"
- "3902:3902"
--
cgit v1.2.3
From 9cd06c95eba491bce1a60f7d1b2fef320aec1124 Mon Sep 17 00:00:00 2001
From: Quentin Dufour
Date: Mon, 24 Jun 2024 08:44:22 +0200
Subject: don't display the global key anymore
---
garage.go | 181 --------------------------
main.go | 1 -
templates/garage_key.html | 234 ----------------------------------
templates/garage_website_inspect.html | 34 +++++
templates/home.html | 3 +-
website.go | 27 ++--
webui_website.go | 175 +++++++++++++++++++++++++
7 files changed, 223 insertions(+), 432 deletions(-)
delete mode 100644 templates/garage_key.html
create mode 100644 webui_website.go
diff --git a/garage.go b/garage.go
index 7cd879b..f9529e9 100644
--- a/garage.go
+++ b/garage.go
@@ -4,10 +4,7 @@ import (
"context"
"fmt"
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
- "github.com/gorilla/mux"
"log"
- "net/http"
- "strings"
)
func gadmin() (*garage.APIClient, context.Context) {
@@ -166,181 +163,3 @@ func grgDeleteBucket(bid string) error {
}
return err
}
-
-// --- Start page rendering functions
-
-func handleWebsiteConfigure(w http.ResponseWriter, r *http.Request) {
- user := RequireUserHtml(w, r)
- if user == nil {
- return
- }
-
- tKey := getTemplate("garage_key.html")
- tKey.Execute(w, user)
-}
-
-func handleWebsiteList(w http.ResponseWriter, r *http.Request) {
- user := RequireUserHtml(w, r)
- if user == nil {
- return
- }
-
- ctrl, err := NewWebsiteController(user)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- if len(ctrl.PrettyList) > 0 {
- http.Redirect(w, r, "/website/inspect/"+ctrl.PrettyList[0], http.StatusFound)
- } else {
- http.Redirect(w, r, "/website/new", http.StatusFound)
- }
-}
-
-type WebsiteNewTpl struct {
- Ctrl *WebsiteController
- Err error
-}
-
-func handleWebsiteNew(w http.ResponseWriter, r *http.Request) {
- user := RequireUserHtml(w, r)
- if user == nil {
- return
- }
-
- ctrl, err := NewWebsiteController(user)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- tpl := &WebsiteNewTpl{ctrl, nil}
-
- tWebsiteNew := getTemplate("garage_website_new.html")
- if r.Method == "POST" {
- r.ParseForm()
-
- bucket := strings.Join(r.Form["bucket"], "")
- if bucket == "" {
- bucket = strings.Join(r.Form["bucket2"], "")
- }
-
- view, err := ctrl.Create(bucket)
- if err != nil {
- tpl.Err = err
- tWebsiteNew.Execute(w, tpl)
- return
- }
-
- http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound)
- return
- }
-
- tWebsiteNew.Execute(w, tpl)
-}
-
-type WebsiteInspectTpl struct {
- Describe *WebsiteDescribe
- View *WebsiteView
- Err error
-}
-
-func handleWebsiteInspect(w http.ResponseWriter, r *http.Request) {
- var processErr error
-
- user := RequireUserHtml(w, r)
- if user == nil {
- return
- }
-
- ctrl, err := NewWebsiteController(user)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- bucketName := mux.Vars(r)["bucket"]
-
- if r.Method == "POST" {
- r.ParseForm()
- action := strings.Join(r.Form["action"], "")
- switch action {
- case "increase_quota":
- _, processErr = ctrl.Patch(bucketName, &WebsitePatch{Size: &user.Quota.WebsiteSizeBursted})
- case "delete_bucket":
- processErr = ctrl.Delete(bucketName)
- if processErr == nil {
- http.Redirect(w, r, "/website", http.StatusFound)
- }
- default:
- processErr = fmt.Errorf("Unknown action")
- }
-
- }
-
- view, err := ctrl.Inspect(bucketName)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- describe, err := ctrl.Describe()
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- tpl := &WebsiteInspectTpl{describe, view, processErr}
-
- tWebsiteInspect := getTemplate("garage_website_inspect.html")
- tWebsiteInspect.Execute(w, &tpl)
-}
-
-func handleWebsiteVhost(w http.ResponseWriter, r *http.Request) {
- var processErr error
-
- user := RequireUserHtml(w, r)
- if user == nil {
- return
- }
-
- ctrl, err := NewWebsiteController(user)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- bucketName := mux.Vars(r)["bucket"]
-
- if r.Method == "POST" {
- r.ParseForm()
-
- bucket := strings.Join(r.Form["bucket"], "")
- if bucket == "" {
- bucket = strings.Join(r.Form["bucket2"], "")
- }
-
- view, processErr := ctrl.Patch(bucketName, &WebsitePatch{Vhost: &bucket})
- if processErr == nil {
- http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound)
- return
- }
- }
-
- view, err := ctrl.Inspect(bucketName)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- describe, err := ctrl.Describe()
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
-
- tpl := &WebsiteInspectTpl{describe, view, processErr}
- tWebsiteEdit := getTemplate("garage_website_edit.html")
- tWebsiteEdit.Execute(w, &tpl)
-}
diff --git a/main.go b/main.go
index 39c7f08..e1b0eb8 100644
--- a/main.go
+++ b/main.go
@@ -159,7 +159,6 @@ func server(args []string) {
r.HandleFunc("/website", handleWebsiteList)
r.HandleFunc("/website/new", handleWebsiteNew)
- r.HandleFunc("/website/configure", handleWebsiteConfigure)
r.HandleFunc("/website/inspect/{bucket}", handleWebsiteInspect)
r.HandleFunc("/website/vhost/{bucket}", handleWebsiteVhost)
diff --git a/templates/garage_key.html b/templates/garage_key.html
deleted file mode 100644
index cf56822..0000000
--- a/templates/garage_key.html
+++ /dev/null
@@ -1,234 +0,0 @@
-{{define "title"}}Profile |{{end}}
-
-{{define "body"}}
-
-
-
-
-
-
-
-
-
- Identifiant de clé |
- {{ .S3KeyInfo.AccessKeyId }} |
-
-
- Clé secrète |
- Cliquer pour afficher la clé secrète{{ .S3KeyInfo.SecretAccessKey }} |
-
-
- Région |
- garage |
-
-
- Endpoint URL |
- https://garage.deuxfleurs.fr |
-
-
- Type d'URL |
- DNS et chemin (préférer chemin) |
-
-
- Signature |
- Version 4 |
-
-
-
-
-
Configurer votre logiciel :
-
-
-
-
-
-
-
Créez un fichier nommé ~/.awsrc
:
-
-export AWS_ACCESS_KEY_ID={{ .S3KeyInfo.AccessKeyId }}
-export AWS_SECRET_ACCESS_KEY={{ .S3KeyInfo.SecretAccessKey }}
-export AWS_DEFAULT_REGION='garage'
-
-function aws { command aws --endpoint-url https://garage.deuxfleurs.fr $@ ; }
-aws --version
-
-
Ensuite vous pouvez utiliser awscli :
-
-source ~/.awsrc
-aws s3 ls
-aws s3 ls s3://my-bucket
-aws s3 cp /tmp/a.txt s3://my-bucket
-...
-
-
-
-
-
-
-
-
-
-
-
Vous pouvez configurer Minio CLI avec cette commande :
-
-mc alias set \
- garage \
- https://garage.deuxfleurs.fr \
- {{ .S3KeyInfo.AccessKeyId }} \
- {{ .S3KeyInfo.SecretAccessKey }} \
- --api S3v4
-
-
Et ensuite pour utiliser Minio CLI avec :
-
-mc ls garage/
-mc cp /tmp/a.txt garage/my-bucket/a.txt
-...
-
-
-
-
-
-
-
-
-
-
-
-
Dans votre fichier config.toml
, rajoutez :
-
-[[deployment.targets]]
- URL = "s3://bucket?endpoint=garage.deuxfleurs.fr&s3ForcePathStyle=true®ion=garage"
-
-
Assurez-vous d'avoir un fichier dans lequel les variables AWS_ACCESS_KEY_ID
et AWS_SECRET_ACCESS_KEY
sont définies,
- ici on suppose que vous avez suivi les instructions de l'outil awscli (ci-dessus) et que vous avez un fichier ~/.awsrc
qui défini ces variables.
- Ensuite :
-
-source ~/.awsrc
-hugo deploy
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Nom d'utilisateur-ice |
- {{ .Login.Info.Username }} |
-
-
- Mot de passe |
- (votre mot de passe guichet) |
-
-
- Hôte |
- sftp://bagage.deuxfleurs.fr |
-
-
- Port |
- 2222 |
-
-
-
-
Configurer votre logiciel :
-
-
-
-
-
-
-
Un exemple avec SCP :
-
-scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Login.Info.Username }}@bagage.deuxfleurs.fr:mon_bucket/
-
-
-
-
-
-
-
-
-
-
-{{end}}
diff --git a/templates/garage_website_inspect.html b/templates/garage_website_inspect.html
index a8f463d..af87955 100644
--- a/templates/garage_website_inspect.html
+++ b/templates/garage_website_inspect.html
@@ -59,10 +59,44 @@
{{ end }}
+ Informations de connexion
+
+
+
+ Identifiant de clé |
+ {{ .View.AccessKeyId }} |
+
+
+ Clé secrète |
+
+ Cliquer pour afficher la clé secrète
+ {{ .View.SecretAccessKey }}
+ |
+
+
+ Région |
+ garage |
+
+
+ Endpoint URL |
+ https://garage.deuxfleurs.fr |
+
+
+ Type d'URL |
+ DNS et chemin (préférer chemin) |
+
+
+ Signature |
+ Version 4 |
+
+
+
+
Actions