3wordchant/capsul-flask
1
0
Fork 1
Code Issues Pull Requests 1 Releases Wiki Activity

Compare commits

base: 3wordchant:local-qemu
Branches Tags
3wordchant:master 3wordchant:cyberia-prod 3wordchant:tests 3wordchant:yolocolo 3wordchant:tests-with-logs 3wordchant:tests2 3wordchant:flask_debug 3wordchant:publicapi 3wordchant:webapi 3wordchant:docker 3wordchant:yc-templates 3wordchant:docs-reshuffle 3wordchant:mock-hub-create 3wordchant:local-qemu 3wordchant:publicapi-tests 3wordchant:docker-api
..
compare: 3wordchant:7ed847251ff687620ceb995f7641a692aad96880
Branches Tags
3wordchant:cyberia-prod 3wordchant:master 3wordchant:tests 3wordchant:yolocolo 3wordchant:tests-with-logs 3wordchant:tests2 3wordchant:flask_debug 3wordchant:publicapi 3wordchant:webapi 3wordchant:docker 3wordchant:yc-templates 3wordchant:docs-reshuffle 3wordchant:mock-hub-create 3wordchant:local-qemu 3wordchant:publicapi-tests 3wordchant:docker-api

3 Commits
local-qemu ... 7ed847251f

Author SHA1 Message Date
3wc
7ed847251f Don't load /btcpay if BTCPAY_PRIVATE_KEY un-set 2021-07-21 00:22:58 +02:00
3wc
e3a4776a5d Hide the BTCPay link if BTCPAY_PRIVATE_KEY un-set 2021-07-21 00:20:38 +02:00
3wc
357d99cb91 Add load_config_vars context processor.. 
..to allow accessing config variables in the templates.

This removes the need for adding config variables manually to template
contexts.
 2021-07-21 00:19:38 +02:00
10 changed files with 28 additions and 142 deletions
Expand all files Collapse all files

14
.drone.yml
View File

@ -1,14 +0,0 @@
---
kind: pipeline
name: publish docker image
steps:
- name: build and publish
image: plugins/docker
settings:
username:
from_secret: docker_reg_username_3wc
password:
from_secret: docker_reg_passwd_3wc
repo: 3wordchant/capsul-flask
tags: latest

48
Dockerfile
View File

@ -1,48 +0,0 @@
FROM python:3.8-alpine as build
RUN apk add --no-cache \
build-base \
gcc \
gettext \
git \
jpeg-dev \
libffi-dev \
libjpeg \
musl-dev \
postgresql-dev \
python3-dev \
zlib-dev
RUN mkdir -p /app/{code,venv}
WORKDIR /app/code
COPY Pipfile Pipfile.lock /app/code/
RUN python3 -m venv /app/venv
RUN pip install pipenv setuptools
ENV PATH="/app/venv/bin:$PATH" VIRTUAL_ENV="/app/venv"
RUN pip install wheel cppy
# Install dependencies into the virtual environment with Pipenv
RUN pipenv install --deploy --verbose
FROM python:3.8-alpine
RUN apk add --no-cache \
cloud-utils \
libjpeg \
libpq \
libstdc++ \
libvirt-client \
openssh-client \
virt-install
COPY . /app/code/
WORKDIR /app/code
COPY --from=build /app/venv /app/venv
ENV PATH="/app/venv/bin:$PATH" VIRTUAL_ENV="/app/venv"
CMD ["gunicorn", "--bind", "0.0.0.0:5000", "-k", "gevent", "--worker-connections", "1000", "app:app"]
VOLUME /app/code
EXPOSE 5000

24
capsulflask/__init__.py
View File

@ -26,28 +26,11 @@ class StdoutMockFlaskMail:
def send(self, message: Message): def send(self, message: Message):
current_app.logger.info(f"Email would have been sent if configured:\n\nto: {','.join(message.recipients)}\nsubject: {message.subject}\nbody:\n\n{message.body}\n\n") current_app.logger.info(f"Email would have been sent if configured:\n\nto: {','.join(message.recipients)}\nsubject: {message.subject}\nbody:\n\n{message.body}\n\n")
load_dotenv(find_dotenv()) load_dotenv(find_dotenv())
for var_name in [
"SPOKE_HOST_TOKEN", "HUB_TOKEN", "STRIPE_SECRET_KEY",
"BTCPAY_PRIVATE_KEY", "MAIL_PASSWORD"
]:
var = os.environ.get(f"{var_name}_FILE")
if not var:
continue
if not os.path.isfile(var):
continue
with open(var) as secret_file:
os.environ[var_name] = secret_file.read().rstrip('\n')
del os.environ[f"{var_name}_FILE"]
app = Flask(__name__) app = Flask(__name__)
app.config.from_mapping( app.config.from_mapping(
BASE_URL=os.environ.get("BASE_URL", default="http://localhost:5000"), BASE_URL=os.environ.get("BASE_URL", default="http://localhost:5000"),
SECRET_KEY=os.environ.get("SECRET_KEY", default="dev"), SECRET_KEY=os.environ.get("SECRET_KEY", default="dev"),
HUB_MODE_ENABLED=os.environ.get("HUB_MODE_ENABLED", default="True").lower() in ['true', '1', 't', 'y', 'yes'], HUB_MODE_ENABLED=os.environ.get("HUB_MODE_ENABLED", default="True").lower() in ['true', '1', 't', 'y', 'yes'],
@ -235,6 +218,9 @@ def override_url_for():
return dict(url_for=url_for_with_cache_bust) return dict(url_for=url_for_with_cache_bust)
@app.context_processor
def load_config_vars():
return dict(config=app.config)
def url_for_with_cache_bust(endpoint, **values): def url_for_with_cache_bust(endpoint, **values):
""" """
@ -260,7 +246,3 @@ def url_for_with_cache_bust(endpoint, **values):
values['q'] = current_app.config['STATIC_FILE_HASH_CACHE'][filename] values['q'] = current_app.config['STATIC_FILE_HASH_CACHE'][filename]
return url_for(endpoint, **values) return url_for(endpoint, **values)

2
capsulflask/hub_api.py
View File

@ -178,4 +178,4 @@ def on_create_claimed(payload, host_id):
network_name=payload['network_name'], network_name=payload['network_name'],
public_ipv4=payload['public_ipv4'], public_ipv4=payload['public_ipv4'],
ssh_authorized_keys=list(map(lambda x: x["name"], payload['ssh_authorized_keys'])), ssh_authorized_keys=list(map(lambda x: x["name"], payload['ssh_authorized_keys'])),
) )

5
capsulflask/hub_model.py
View File

@ -214,13 +214,12 @@ class CapsulFlaskHub(VirtualizationInterface):
except: except:
# no need to do anything here since if it cant be parsed then generic_operation will handle it. # no need to do anything here since if it cant be parsed then generic_operation will handle it.
pass pass
if error_message != "":
raise ValueError(f"create capsul operation {operation_id} on {assigned_hosts} failed with {error_message}")
if number_of_assigned != 1: if number_of_assigned != 1:
assigned_hosts_string = ", ".join(assigned_hosts) assigned_hosts_string = ", ".join(assigned_hosts)
raise ValueError(f"expected create capsul operation {operation_id} to be assigned to one host, it was assigned to {number_of_assigned} ({assigned_hosts_string})") raise ValueError(f"expected create capsul operation {operation_id} to be assigned to one host, it was assigned to {number_of_assigned} ({assigned_hosts_string})")
if error_message != "":
raise ValueError(f"create capsul operation {operation_id} on {assigned_hosts_string} failed with {error_message}")
def destroy(self, email: str, id: str): def destroy(self, email: str, id: str):

6
capsulflask/payment.py
View File

@ -48,6 +48,10 @@ def validate_dollars():
def btcpay_payment(): def btcpay_payment():
errors = list() errors = list()
if current_app.config['BTCPAY_PRIVATE_KEY'] == "":
flash("BTCPay is not enabled on this server")
return redirect(url_for("console.account_balance"))
if request.method == "POST": if request.method == "POST":
result = validate_dollars() result = validate_dollars()
errors = result[0] errors = result[0]
@ -289,4 +293,4 @@ def success():
# except stripe.error.SignatureVerificationError: # except stripe.error.SignatureVerificationError:
# print("/payment/stripe/webhook returned 400: invalid signature") # print("/payment/stripe/webhook returned 400: invalid signature")
# abort(400, "invalid signature") # abort(400, "invalid signature")

6
capsulflask/shell_scripts/capacity-avaliable.sh
View File

@ -3,7 +3,7 @@
# check available RAM and IPv4s # check available RAM and IPv4s
ram_bytes_to_allocate="$1" ram_bytes_to_allocate="$1"
ram_bytes_available="$(($(grep Available /proc/meminfo | grep -o '[0-9]*') * 1024))" ram_bytes_available=$(grep -E "^(size|memory_available_bytes)" /proc/spl/kstat/zfs/arcstats | awk '{sum+=$3} END {printf "%.0f", sum}')
ram_bytes_remainder="$((ram_bytes_available - ram_bytes_to_allocate))" ram_bytes_remainder="$((ram_bytes_available - ram_bytes_to_allocate))"
if echo "$ram_bytes_to_allocate" | grep -vqE "^[0-9]+$"; then if echo "$ram_bytes_to_allocate" | grep -vqE "^[0-9]+$"; then
@ -11,8 +11,8 @@ if echo "$ram_bytes_to_allocate" | grep -vqE "^[0-9]+$"; then
exit 1 exit 1
fi fi
# 0.25GB # 20GB
if [ "$ram_bytes_remainder" -le $((1 * 1024 * 1024 * 1024 / 4)) ]; then if [ "$ram_bytes_remainder" -le $((20 * 1024 * 1024 * 1024)) ]; then
echo "VM is requesting more RAM than $(hostname -f) has available." echo "VM is requesting more RAM than $(hostname -f) has available."
echo "Bytes requested: $ram_bytes_to_allocate" echo "Bytes requested: $ram_bytes_to_allocate"
echo "Bytes available: $ram_bytes_available" echo "Bytes available: $ram_bytes_available"

25
capsulflask/shell_scripts/create.sh
View File

@ -6,7 +6,6 @@
vmname="$1" vmname="$1"
template_file="/tank/img/$2" template_file="/tank/img/$2"
qemu_tank_dir="/tank"
vcpus="$3" vcpus="$3"
memory="$4" memory="$4"
pubkeys="$5" pubkeys="$5"
@ -51,40 +50,40 @@ if echo "$public_ipv4" | grep -vqE "^[0-9.]+$"; then
exit 1 exit 1
fi fi
disk="$vmname.qcow2" disk="/tank/vm/$vmname.qcow2"
cdrom="$vmname.iso" cdrom="/tank/vm/$vmname.iso"
xml="$vmname.xml" xml="/tank/vm/$vmname.xml"
if [ -f /tank/vm/$vmname.qcow2 ]; then if [ -f /tank/vm/$vmname.qcow2 ]; then
echo "Randomly generated name matched an existing VM! Odds are like one in a billion. Buy a lotto ticket." echo "Randomly generated name matched an existing VM! Odds are like one in a billion. Buy a lotto ticket."
exit 1 exit 1
fi fi
cp "$template_file" "/tank/vm/$disk" cp "$template_file" "$disk"
cp /tank/config/cyberia-cloudinit.yml /tmp/cloudinit.yml cp /tank/config/cyberia-cloudinit.yml /tmp/cloudinit.yml
echo "$pubkeys" | while IFS= read -r line; do echo "$pubkeys" | while IFS= read -r line; do
echo " - $line" >> /tmp/cloudinit.yml echo " - $line" >> /tmp/cloudinit.yml
done done
cloud-localds "/tank/vm/$cdrom" /tmp/cloudinit.yml cloud-localds "$cdrom" /tmp/cloudinit.yml
qemu-img resize "/tank/vm/$disk" "$root_volume_size" qemu-img resize "$disk" "$root_volume_size"
virt-install \ virt-install \
--memory "$memory" \ --memory "$memory" \
--vcpus "$vcpus" \ --vcpus "$vcpus" \
--name "$vmname" \ --name "$vmname" \
--disk "$qemu_tank_dir/vm/$disk",bus=virtio \ --disk "$disk",bus=virtio \
--disk "$qemu_tank_dir/vm/$cdrom",device=cdrom \ --disk "$cdrom",device=cdrom \
--os-type Linux \ --os-type Linux \
--os-variant generic \ --os-variant generic \
--virt-type kvm \ --virt-type kvm \
--graphics vnc,listen=127.0.0.1 \ --graphics vnc,listen=127.0.0.1 \
--network network=$network_name,model=virtio \ --network network=$network_name,filterref=clean-traffic,model=virtio \
--import \ --import \
--print-xml > "/tank/vm/$xml" --print-xml > "$xml"
chmod 0600 "/tank/vm/$xml" "/tank/vm/$disk" "/tank/vm/$cdrom" chmod 0600 "$xml" "$disk" "$cdrom"
virsh define "/tank/vm/$xml" virsh define "$xml"
virsh start "$vmname" virsh start "$vmname"
echo "success" echo "success"

2
capsulflask/templates/account-balance.html
View File

@ -46,7 +46,9 @@
<a href="/payment/stripe">Add funds with Credit/Debit (stripe)</a> <a href="/payment/stripe">Add funds with Credit/Debit (stripe)</a>
<ul><li>notice: stripe will load nonfree javascript </li></ul> <ul><li>notice: stripe will load nonfree javascript </li></ul>
</li> </li>
{% if config['BTCPAY_PRIVATE_KEY'] != "" %}
<li><a href="/payment/btcpay">Add funds with Bitcoin/Litecoin/Monero (btcpay)</a></li> <li><a href="/payment/btcpay">Add funds with Bitcoin/Litecoin/Monero (btcpay)</a></li>
{% endif %}
<li>Cash: email <a href="mailto:treasurer@cyberia.club">treasurer@cyberia.club</a></li> <li>Cash: email <a href="mailto:treasurer@cyberia.club">treasurer@cyberia.club</a></li>
</ul> </ul>

38
docker-compose.yml
View File

@ -1,38 +0,0 @@
---
version: "3.8"
services:
app:
image: 3wordchant/capsul-flask:latest
build: .
volumes:
- "./:/app/code"
- "../tank:/tank"
- "/var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock"
depends_on:
- db
ports:
- "5000:5000"
environment:
- "POSTGRES_CONNECTION_PARAMETERS=host=db port=5432 user=capsul password=capsul dbname=capsul"
- SPOKE_MODEL=shell-scripts
#- FLASK_DEBUG=1
- BASE_URL=http://localhost:5000
- ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES=3wc.capsul@doesthisthing.work
- VIRSH_DEFAULT_CONNECT_URI=qemu:///system
# The image uses gunicorn by default, let's override it with Flask's
# built-in development server
command: ["flask", "run", "-h", "0.0.0.0", "-p", "5000"]
devices:
- "/dev/kvm:/dev/kvm"
db:
image: "postgres:9.6.5-alpine"
volumes:
- "postgres:/var/lib/postgresql/data"
environment:
POSTGRES_USER: capsul
POSTGRES_PASSWORD: capsul
POSTGRES_DB: capsul
volumes:
postgres: