From f0607b5db0f0df872c7859450c3ae432af037afa Mon Sep 17 00:00:00 2001 From: Nicolas Meienberger Date: Thu, 1 Sep 2022 13:33:45 +0200 Subject: [PATCH] chore: cleanup testing code --- Dockerfile | 3 ++- Dockerfile.dev | 2 +- docker-compose.dev.yml | 26 ------------------- docker-compose.rc.yml | 4 +-- docker-compose.yml | 4 +-- packages/system-api/package.json | 2 +- .../src/core/middlewares/sessionMiddleware.ts | 6 +++-- packages/system-api/src/server.ts | 7 ++++- pnpm-lock.yaml | 16 ++++++------ traefik/letsencrypt/.gitkeep | 0 traefik/letsencrypt/acme.json | 16 ------------ traefik/ssl/.gitkeep | 0 traefik/traefik.yml | 7 ++--- 13 files changed, 30 insertions(+), 63 deletions(-) delete mode 100644 traefik/letsencrypt/.gitkeep delete mode 100644 traefik/letsencrypt/acme.json delete mode 100644 traefik/ssl/.gitkeep diff --git a/Dockerfile b/Dockerfile index e2475cdb..0210479b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,8 @@ FROM alpine:3.16.0 as app WORKDIR / # Install dependencies -RUN apk --no-cache add docker-compose nodejs npm bash g++ make git +RUN apk --no-cache add docker-compose nodejs npm bash git + RUN npm install node-gyp -g WORKDIR /api diff --git a/Dockerfile.dev b/Dockerfile.dev index a2e8244c..b90154a7 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -3,7 +3,7 @@ FROM alpine:3.16.0 as app WORKDIR / # Install docker -RUN apk --no-cache add docker-compose nodejs npm bash g++ make git +RUN apk --no-cache add docker-compose nodejs npm bash git RUN npm install node-gyp -g diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index ff8003e8..7b0c72cd 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -1,20 +1,6 @@ version: "3.7" services: - reverse-proxy: - container_name: reverse-proxy - image: traefik:v2.8 - restart: always - ports: - - ${NGINX_PORT-80}:80 - - ${PROXY_PORT-8080}:8080 - command: --api.insecure=true --providers.docker - volumes: - - /var/run/docker.sock:/var/run/docker.sock:ro - - ${PWD}/traefik:/root/.config - networks: - - tipi_main_network - tipi-db: container_name: tipi-db image: postgres:latest @@ -67,12 +53,6 @@ services: APPS_REPO_URL: ${APPS_REPO_URL} networks: - tipi_main_network - # labels: - # traefik.enable: true - # traefik.http.routers.api.rule: PathPrefix("/api") # Host(`tipi.local`) && - # traefik.http.routers.api.entrypoints: webinsecure - # traefik.http.routers.api.service: api - # traefik.http.services.api.loadbalancer.server.port: 3001 dashboard: build: @@ -90,12 +70,6 @@ services: - ${PWD}/packages/dashboard/src:/dashboard/src # - /dashboard/node_modules # - /dashboard/.next - labels: - traefik.enable: true - traefik.http.routers.dashboard.rule: PathPrefix("/") # Host(`tipi.local`) && - traefik.http.routers.dashboard.entrypoints: web - traefik.http.routers.dashboard.service: dashboard - traefik.http.services.dashboard.loadbalancer.server.port: 3000 networks: tipi_main_network: diff --git a/docker-compose.rc.yml b/docker-compose.rc.yml index 2bb2cae0..7f7928cb 100644 --- a/docker-compose.rc.yml +++ b/docker-compose.rc.yml @@ -7,8 +7,8 @@ services: restart: always ports: - ${NGINX_PORT-80}:80 - - ${PROXY_PORT-8080}:8080 - command: --api.insecure=true --providers.docker + - ${NGINX_PORT_SSL-443}:443 + command: --providers.docker volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ${PWD}/traefik:/root/.config diff --git a/docker-compose.yml b/docker-compose.yml index c1061cc3..3a6cca31 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,8 +7,8 @@ services: restart: always ports: - ${NGINX_PORT-80}:80 - - ${PROXY_PORT-8080}:8080 - command: --api.insecure=true --providers.docker + - ${NGINX_PORT_SSL-443}:443 + command: --providers.docker volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ${PWD}/traefik:/root/.config diff --git a/packages/system-api/package.json b/packages/system-api/package.json index 18998d28..38f3a43c 100644 --- a/packages/system-api/package.json +++ b/packages/system-api/package.json @@ -27,7 +27,7 @@ "dependencies": { "apollo-server-core": "^3.10.0", "apollo-server-express": "^3.9.0", - "argon2": "^0.28.5", + "argon2": "^0.29.1", "axios": "^0.26.1", "class-validator": "^0.13.2", "compression": "^1.7.4", diff --git a/packages/system-api/src/core/middlewares/sessionMiddleware.ts b/packages/system-api/src/core/middlewares/sessionMiddleware.ts index 5a9373ff..cd2acc01 100644 --- a/packages/system-api/src/core/middlewares/sessionMiddleware.ts +++ b/packages/system-api/src/core/middlewares/sessionMiddleware.ts @@ -1,15 +1,17 @@ import session from 'express-session'; import config from '../../config'; import SessionFileStore from 'session-file-store'; -import { COOKIE_MAX_AGE } from '../../config/constants/constants'; +import { COOKIE_MAX_AGE, __prod__ } from '../../config/constants/constants'; const getSessionMiddleware = () => { const FileStore = SessionFileStore(session); + const sameSite = __prod__ ? 'lax' : 'none'; + return session({ name: 'qid', store: new FileStore(), - cookie: { maxAge: COOKIE_MAX_AGE, secure: false, sameSite: 'lax', httpOnly: true }, + cookie: { maxAge: COOKIE_MAX_AGE, secure: false, sameSite, httpOnly: true }, secret: config.JWT_SECRET, resave: false, saveUninitialized: false, diff --git a/packages/system-api/src/server.ts b/packages/system-api/src/server.ts index 9fadf17a..06a01bdd 100644 --- a/packages/system-api/src/server.ts +++ b/packages/system-api/src/server.ts @@ -33,7 +33,12 @@ let corsOptions = __prod__ return callback(new Error(message), false); }, } - : {}; + : { + credential: true, + origin: function (origin: any, callback: any) { + return callback(null, true); + }, + }; const main = async () => { try { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ed4fa884..22df5140 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -149,7 +149,7 @@ importers: '@typescript-eslint/parser': ^5.22.0 apollo-server-core: ^3.10.0 apollo-server-express: ^3.9.0 - argon2: ^0.28.5 + argon2: ^0.29.1 axios: ^0.26.1 class-validator: ^0.13.2 compression: ^1.7.4 @@ -195,7 +195,7 @@ importers: dependencies: apollo-server-core: 3.10.0_graphql@15.8.0 apollo-server-express: 3.9.0_jfj6k5cqxqbusbdzwqjdzioxzm - argon2: 0.28.5 + argon2: 0.29.1 axios: 0.26.1 class-validator: 0.13.2 compression: 1.7.4 @@ -4629,14 +4629,14 @@ packages: resolution: {integrity: sha512-e0hDa9H2Z9AwFkk2qDlwhoMYE4eToKarchkQHovNdLTCYMHZHeRjI71crOh+dio4K6u1IcwubQqo79Ga4CyAQA==} dev: true - /argon2/0.28.5: - resolution: {integrity: sha512-kGFCctzc3VWmR1aCOYjNgvoTmVF5uVBUtWlXCKKO54d1K+31zRz45KAcDIqMo2746ozv/52d25nfEekitaXP0w==} - engines: {node: '>=12.0.0'} + /argon2/0.29.1: + resolution: {integrity: sha512-bWXzAsQA0B6EFWZh5li+YBk+muoknAb8KacAi1h/bC6Gigy9p5ANbrPvpnjTIb7i9I11/8Df6FeSxpJDK3vy4g==} + engines: {node: '>=14.0.0'} requiresBuild: true dependencies: '@mapbox/node-pre-gyp': 1.0.9 '@phc/format': 1.0.0 - node-addon-api: 4.3.0 + node-addon-api: 5.0.0 transitivePeerDependencies: - encoding - supports-color @@ -9942,8 +9942,8 @@ packages: tslib: 2.4.0 dev: true - /node-addon-api/4.3.0: - resolution: {integrity: sha512-73sE9+3UaLYYFmDsFZnqCInzPyh3MqIwZO9cw58yIqAZhONrrabrYyYe3TuIqtIiOuTXVhsGau8hcrhhwSsDIQ==} + /node-addon-api/5.0.0: + resolution: {integrity: sha512-CvkDw2OEnme7ybCykJpVcKH+uAOLV2qLqiyla128dN9TkEWfrYmxG6C2boDe5KcNQqZF3orkqzGgOMvZ/JNekA==} dev: false /node-cache/5.1.2: diff --git a/traefik/letsencrypt/.gitkeep b/traefik/letsencrypt/.gitkeep deleted file mode 100644 index e69de29b..00000000 diff --git a/traefik/letsencrypt/acme.json b/traefik/letsencrypt/acme.json deleted file mode 100644 index cc94e185..00000000 --- a/traefik/letsencrypt/acme.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "myresolver": { - "Account": { - "Email": "", - "Registration": { - "body": { - "status": "valid" - }, - "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/476208700" - }, - "PrivateKey": "MIIJKAIBAAKCAgEAn42EtgYsqNgwXbt6e/Ix1er5hMUjiWOql0Cf6wQ09FRTpBTc4iKxxjINH03k8tJe501rAYliPfrBtt6TwQ4FNlPRFWULS8pTQ9Fq6Ra1QvgGgQMrwroQDd5fuXdUbWMMd0HB1SgwqY+m6xNfVZt4Wk0O0J2dmHHFeYHleztW8Bb34Sd0EjyLhIhG6FLC4hCb0s64r7TsdDz8nL0SbCZmEA1zXBPycb7QAzCi1Ruhdr2ts7+LcvbP7L6nXcAgGEMNSFp2EEOug//hwDJ9WoHdmaEUQEssghOpahK2aIY7jP4ge5vnz07/SNJaJJVVETNQm7DMjx4bANJALeECttaBt/5u4TSXWyIJ9kSKJTPLlRbH3JeC3Yo51PBGZ49Wz/IRK5zWD0IHWAdrruuYscpwiNfMuGk0C7S24GmVLTzgvcqVKtpnR3xcLbnoatln0djC7kWpbhHfPE9x5FJbkE5PfGLbG6iA88YFYtKVuzcM2o7SwdpF+vArArEPB5uH3BLYo85rv7sO182kXnOJ95ii0iQ1yj//FH1t8BOiZIvkn25wbMumv9k3iFMS+Gm4U9SRjbyR8sPgZS7LHLRPKhh0wqpBUb5X/9PHmEPaF10wS71UTJv7sRE9k82K1Oz9/NgMcHhOiU2gP5orgBJKF6TsIyrwRJiSrj3oL52OkWAKnOsCAwEAAQKCAgBElgUSah0Qh75izJCeb0JU/qk8FbJtANb4JeOYlzpcPVOnGQDKhLd+x000w7tDVoNNUs5I3tHIat6SyaMiPfCnpegfFkyAy/x3DrKyd/x7STsigkZxcqIsFAd6Jn24d/eH3FCCXMBuYz4Rl0ZH+okF6FISA28XdPC6hsgq7Rs2Iel0dA1FOZmP4zT38Xusyg7x08M4ZMGwRfchOXWN4APHqsCIOFrj4m5wsJuOmE4USP0+Y3yCcu52io5PkqM5SrmO/LP70dxXCcv1Xr7cBS9JNyEJckczs1gELP8Ud39p4GP+PsqrJv4+Q45UY40p07E2/A0zCHH7LGZCUpNkHVmtHISyrrebgvlyG0Tk/jC5v4X9gGpVz5n1h7IhrhP3NwNSZ4OgO2Kptay8M/1DFVGMS3Gp2kLqLAYhcvrikgmd22Kj+t/ZCwqGV3zAvNhe15Q1Di2VNLCtOHTazqMbt9DhP/9NfcyjhpA1r2R/afM3O4iVe9f6LwU46Y4WHICymuXzTrMHJ/8z2Jh21d2ZAB/kxqlK4755IWRUC9RRE1Vle7Hz4vyxy/L6kyFujKQ9sULnQNWOE1xAuFxGtReojPATbc1HegIRqewGAQdqbtqVFTX5s4FBMshktOKgYyQHNxyHkOerc3c0Ey2nm70uAFczhpnNS1ajkOvAnZWEo5RSIQKCAQEAyXtrYv9sAK2B0YopW13n+XUllnHjaqts2oBNvL76X0ahK6xlQoW8pLWEoU150VXwarSWTrqOhMTECjuwuDjAWk5tbs9voYbC0TqRxeujlD0TnfnU+0a27nz1E9j5b00SEP2ntn++/xMe12cVw+7GLm4PGUqSwSs33rDSkoZBBMx65TOalaS43b2/qWTRf/CD46a+Awc2DrscMTAOJBkpoz0ziFeVFrjCIxTGZ1Ng21Ti+jzxPZLk63aYFsDVtV4QxSYDSeaYEAPT4IJzhANxj3ihbv//IxcYQef+FHQwkxrFh2d1ctuHe+rnbJBssuvRCLUuXr7i5dngvI3o7d47lQKCAQEAyrmshysDyfi0q355ErcZnItDZSusNiq6zGPW3hBs+QP1PlRgHHxc5mpA0clRnIT4xqy2cN382gQW+5txtuM9CepZRHKfmRVzUsmdqzEyhVcaya8O8dSo6rvWmtEnEvIMiJmvul9olJtIPM6gFZHfwXsdplyn+9OOo+yV/Q79aqhT56vlp6DmIHWL3g9ZqKnUEBaA1WZlSQdS9MyU7WyoIEKHsZWQ9wLgcrEV7gOWauRot4eA4VVsl9SeC/XMQgGSw40HOA3/Amng/AcrjTwVLI7f+eMeB4HB52KHHkleGxwPy0oM4jIYT2EaQI+regqby4dGA2otMnpkv5RIsetWfwKCAQEAqbS0GfmsXdHHU9h8x0GMn9ilZVfeRr3HfS+uyrlNqCyUmnWmAOcmotFlunvIjKNHUolzRTLr0jbuLPRkAHeExUvj7v74NuSMebFMkZnN+ZGMUXbahx/j+3Ly9tm+F5qiCf+tYRGurajMRIDGm3cmJHt9aj8e52fgskjbxKEiaMlXBnF11m+dauBlbGfH8myCmqCa0XAkfznpICEq+ArdwGpPWpryr+XFV8kq6GMZZQTV/hKQ2907xnzo09lu6Eon8/b1tCxvjqW6tBMM+3fvEfp4d0dW/pZ4TyL6Jv5K380f7dId4jW4o46TiSUI+ZeZRS1etl0wPoxLOGaLeLfEFQKCAQAp0w7OQEii1cXoj8pI2y/UhULdT5pS/pPVcU+2NutUoMVrG5tMpTfBbfB7l65XvXNaAe4N8S6miCt5s4NNeSpxrkDGh2N4AN3vGZuG4zqKGgNz0sMhj39eFmzbOgV2uittz09bAy4fYr4PlY2fhZ4FW/ItDXa21Nnb5ga30+zioWHWLTfPUrnHvpihsscLriYLP6lK3bpNy84IpWCgb0dsiG1YbQQggh5uayycE29oFEGqg7FKTAaAeKQ20XpXr91orOLtZK3VAKUjOhN5KwkvTTbWZk4evF2V8FTyIa7hpvN3PIrV7AHp9p2k7j8xiZjE7964+6HhhTDd+ajZ1DTfAoIBAHnnLVPmFsQktM5dNcESNcJPoeZTggO+vQsHYPn6dxMxXRnzR3/vC7Be/WECq0u4k8Kt0SET5fEw3cbWIeDUNd8q+oETtePO7rPOC6DUYtEkXMoQr7lvsmfVq0qbTXsqxW1MCCB8HXUHD/uZHjueUHLBZETlB6s0r2IlRsf+8CBt9CF8hA/qZHqVqkePfP/uAe69wICDcVxdAJ/C8juMv0BY6g7+BtCAqgSqKYy4iQDP1EswwUV7z5V8HjuTmkS2Bhs0fziP1UoLq3fk86ZefB3wcYkBv8kXHPgDbpo/PaIyGeGvE8/hT7nJh50nAgwFwp8f7tcmafiNKudZVZq3Sso=", - "KeyType": "4096" - }, - "Certificates": null - } -} \ No newline at end of file diff --git a/traefik/ssl/.gitkeep b/traefik/ssl/.gitkeep deleted file mode 100644 index e69de29b..00000000 diff --git a/traefik/traefik.yml b/traefik/traefik.yml index c7989768..10fba235 100644 --- a/traefik/traefik.yml +++ b/traefik/traefik.yml @@ -1,6 +1,6 @@ -# api: -# dashboard: true -# insecure: true +api: + dashboard: true + insecure: true providers: docker: @@ -25,5 +25,6 @@ entryPoints: websecure: address: ":443" + log: level: DEBUG