diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..88fa8ac --- /dev/null +++ b/.drone.yml @@ -0,0 +1,13 @@ +--- +kind: pipeline +name: publish docker image +steps: + - name: build and publish + image: plugins/docker + settings: + username: + from_secret: docker_reg_username_3wc + password: + from_secret: docker_reg_passwd_3wc + repo: 3wordchant/capsul-flask + tags: ${DRONE_COMMIT_BRANCH} diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..e148126 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,48 @@ +FROM python:3.8-alpine as build + +RUN apk add --no-cache \ + build-base \ + gcc \ + gettext \ + git \ + jpeg-dev \ + libffi-dev \ + libjpeg \ + musl-dev \ + postgresql-dev \ + python3-dev \ + zlib-dev + +RUN mkdir -p /app/{code,venv} +WORKDIR /app/code +COPY Pipfile Pipfile.lock /app/code/ + +RUN python3 -m venv /app/venv +RUN pip install pipenv setuptools +ENV PATH="/app/venv/bin:$PATH" VIRTUAL_ENV="/app/venv" +RUN pip install wheel cppy +# Install dependencies into the virtual environment with Pipenv +RUN pipenv install --deploy --verbose + +FROM python:3.8-alpine + +RUN apk add --no-cache \ + cloud-utils \ + libjpeg \ + libpq \ + libstdc++ \ + libvirt-client \ + openssh-client \ + virt-install + +COPY . /app/code/ +WORKDIR /app/code + +COPY --from=build /app/venv /app/venv +ENV PATH="/app/venv/bin:$PATH" VIRTUAL_ENV="/app/venv" + +CMD ["gunicorn", "--bind", "0.0.0.0:5000", "-k", "gevent", "--worker-connections", "1000", "app:app"] + +VOLUME /app/code + +EXPOSE 5000 diff --git a/capsulflask/__init__.py b/capsulflask/__init__.py index 7aabe3f..ac258a2 100644 --- a/capsulflask/__init__.py +++ b/capsulflask/__init__.py @@ -27,8 +27,24 @@ class StdoutMockFlaskMail: def send(self, message: Message): current_app.logger.info(f"Email would have been sent if configured:\n\nto: {','.join(message.recipients)}\nsubject: {message.subject}\nbody:\n\n{message.body}\n\n") + load_dotenv(find_dotenv()) +for var_name in [ + "SPOKE_HOST_TOKEN", "HUB_TOKEN", "STRIPE_SECRET_KEY", + "BTCPAY_PRIVATE_KEY", "MAIL_PASSWORD" +]: + var = os.environ.get(f"{var_name}_FILE") + if not var: + continue + + if not os.path.isfile(var): + continue + + with open(var) as secret_file: + os.environ[var_name] = secret_file.read().rstrip('\n') + del os.environ[f"{var_name}_FILE"] + app = Flask(__name__) app.config.from_mapping( diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..8a62470 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,36 @@ +--- +version: "3.8" + +services: + app: + image: 3wordchant/capsul-flask:latest + build: . + volumes: + - "./:/app/code" + - "../tank:/tank" + # - "/var/run/libvirt/libvirt-sock:/var/run/libvirt/libvirt-sock" + depends_on: + - db + ports: + - "5000:5000" + environment: + - "POSTGRES_CONNECTION_PARAMETERS=host=db port=5432 user=capsul password=capsul dbname=capsul" + - SPOKE_MODEL=shell-scripts + #- FLASK_DEBUG=1 + - BASE_URL=http://localhost:5000 + - ADMIN_PANEL_ALLOW_EMAIL_ADDRESSES=3wc.capsul@doesthisthing.work + - VIRSH_DEFAULT_CONNECT_URI=qemu:///system + # The image uses gunicorn by default, let's override it with Flask's + # built-in development server + command: ["flask", "run", "-h", "0.0.0.0", "-p", "5000"] + db: + image: "postgres:9.6.5-alpine" + volumes: + - "postgres:/var/lib/postgresql/data" + environment: + POSTGRES_USER: capsul + POSTGRES_PASSWORD: capsul + POSTGRES_DB: capsul + +volumes: + postgres: