Merge pull request #32 from asimonson1125/nginxless

self hosting setup

.gitignore

@@ -2,4 +2,5 @@
 __pycache__
 notes.txt
 react_OLD
-envs.py
+envs.py
+.env

Dockerfile

@@ -1,34 +1,14 @@
-FROM ubuntu:lunar
+FROM docker.io/python:3.8-buster
 LABEL maintainer="Andrew Simonson <asimonson1125@gmail.com>"
 
-ENV DEBIAN_FRONTEND noninteractive
+WORKDIR /app
+ADD ./src /app
 
-RUN apt-get update
+COPY . .
-RUN apt-get install -y python3-pip nginx gunicorn supervisor 
 
-# Setup flask application
+WORKDIR /app/src
-RUN mkdir -p /deploy/app
-COPY src /deploy/app
-RUN pip install -r /deploy/app/requirements.txt --break-system-packages
 
-# Setup nginx
+RUN apt-get -yq update && \
-RUN rm /etc/nginx/sites-enabled/default
+    pip install --no-cache-dir -r requirements.txt
-COPY flask.conf /etc/nginx/sites-available/
-RUN ln -s /etc/nginx/sites-available/flask.conf /etc/nginx/sites-enabled/flask.conf && \
-    echo "daemon off;" >> /etc/nginx/nginx.conf
 
-# Setup supervisord
+CMD [ "gunicorn", "--bind", "0.0.0.0:8080", "app:app"]
-RUN mkdir -p /var/log/supervisor
-COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
-COPY gunicorn.conf /etc/supervisor/conf.d/gunicorn.conf
-
-# Permissions
-# RUN adduser --disabled-password --gecos '' supervisor && \
-RUN chmod -R 777 /var/* && \
-    chown -R root /var/*
-
-# Entrypoint
-USER root
-
-# Start processes
-CMD ["/usr/bin/supervisord"]

docker-compose.yml

@@ -0,0 +1,10 @@
+version: '3.8'
+services:
+  portfolio:
+    image: 'asimonson1125/portfolio'
+    build:
+      context: ./
+      dockerfile: Dockerfile
+    restart: 'no'
+    volumes:
+      - ${READ_VOLUME:-/dev/null}:/mnt/readonly:ro # Read-only mount for sharing from host to public

flask.conf

@@ -1,24 +0,0 @@
-server {
-    listen      8080;
-    server_name www.asimonson.com;
-    return    301 https://asimonson.com$request_uri;
-}
-server {
-    listen      8080;
-    server_name asimonson.com;
-
-    gzip        on;
-    gzip_types  text/plain text/javascript text/css;
-    gunzip      on;
-
-    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-    add_header X-Content-Type-Options 'nosniff';
-    add_header X-Frame-Options 'SAMEORIGIN';
-
-    location / {
-        proxy_pass http://localhost:5000/;
-        proxy_set_header Host $host;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    }
-
-}

gunicorn.conf

@@ -1,3 +0,0 @@
-[program:gunicorn]
-command=/usr/bin/gunicorn app:app -b localhost:5000
-directory=/deploy/app

src/app.py

@@ -4,6 +4,7 @@ import json
 import werkzeug.exceptions as HTTPerror
 import requests
 from config import *
+import os
 
 proj = json.load(open("./static/json/projects.json", "r"))
 books = json.load(open("./static/json/books.json", "r"))
@@ -43,34 +44,12 @@ def funcGen(pagename, pages):
 for i in pages:
     func = funcGen(i, pages)
     app.add_url_rule(pages[i]['canonical'], i, func)
-    
-
-# for i in pages:
-#     exec(f"@app.route(pages['{i}']['canonical'])\ndef {i}(): return flask.render_template('header.html', var=pages['{i}'])")
-
 
 @app.route("/resume")
 @app.route("/Resume.pdf")
 def resume():
     return flask.send_file("./static/Resume.pdf")
 
-@app.route("/hotspots")
-def hotspotsRIT():
-    url = HotspotsURL
-    if flask.request.args.get("legend") == "false":
-        url += "?legend=false"
-    pagevars = {
-            "template": "iframe.html",
-            "title": f"Hotspots @ RIT",
-            "description": "Hotspots @ RIT by Andrew Simonson",
-            "canonical": "/hotspots",
-        }
-    return flask.render_template("iframe.html", url=url, var=pagevars)
-
-@app.route("/hotspots/<path>")
-def hotspotsProxy(path):
-    return requests.get(f"{HotspotsURL}/{path}").content
-
 @app.errorhandler(Exception)
 def page404(e):
     eCode = e.code
@@ -101,10 +80,33 @@ def page404(e):
 def static_from_root():
     return flask.send_from_directory(app.static_folder, flask.request.path[1:])
 
-@app.route('/files/<fname>')
+@app.route('/files')
+@app.route('/files/')
+def no_hacking():
+    return "lol nice try"
+
+@app.route('/files/<path:fname>')
 def filesystem_send(fname):
-    print(app.static_folder + "files/")
+    fname = fname.strip('/')
-    return flask.send_from_directory(app.static_folder + '/files/', fname)
+    safe_path = os.path.abspath(os.path.join("/mnt/readonly/", fname))
+    if not safe_path.startswith("/mnt/readonly/"):
+        return "Invalid path", 400
+    if os.path.isfile(safe_path):
+        return flask.send_from_directory("/mnt/readonly/", fname)
+    elif os.path.isdir(safe_path):
+        dirContent = ""
+        if not os.path.abspath("/mnt/readonly/") == os.path.abspath(os.path.join(safe_path, os.path.pardir)):
+            pardir = "/files/" + os.path.abspath(os.path.join(safe_path, os.path.pardir))[len("/mnt/readonly/"):]
+            dirContent += f"<a href='{pardir}'>Parent Directory</a>"
+        dirContent += "<ul>"
+        for i in os.listdir(safe_path):
+            if os.path.isdir(os.path.join(safe_path, i)):
+                dirContent += f"<li>DIR: <a href='/files/{fname}/{i}'>{i}</a></li>"
+            else:
+                dirContent += f"<li><a href='/files/{fname}/{i}'>{i}</a></li>"
+        dirContent += "</ul>"
+        return dirContent
+    raise HTTPerror.NotFound("File or Directory Not Found")
 
 
 if __name__ == "__main__":

src/config.py

@@ -4,5 +4,3 @@ try:
     __import__('envs.py')
 except ImportError:
     pass
-
-HotspotsURL = env.get('HotspotsURL', 'https://asimonson.com/hotspots')

src/templates/header.html

@@ -14,7 +14,7 @@
     <meta property="og:type" content="website" />
     <meta
       property="og:image"
-      content="https://asimonson.com{{ url_for('static', filename='icons/rasterLogoCircle.png') }}"
+      content="{{ url_for('static', filename='icons/rasterLogoCircle.png') }}"
     />
     <meta property="og:url" content="{{ var['description'] }}" />
     <meta property="twitter:title" content="Andrew Simonson" />
@@ -23,7 +23,7 @@
     <meta property="og:site_name" content="Andrew Simonson - Portfolio" />
     <meta
       property="twitter:image"
-      content="https://asimonson.com{{ url_for('static', filename='icons/rasterLogoCircle.png') }}"
+      content="{{ url_for('static', filename='icons/rasterLogoCircle.png') }}"
     />
     <meta name="twitter:image:alt" content="some example picture idk" />
     <meta name="twitter:site" content="@asimonson1125" />
@@ -56,7 +56,7 @@
       href="{{ url_for('static', filename='css/head.css') }}"
     /></!-->
 
-    <link rel="canonical" href="https://asimonson.com{{ var['canonical'] }}" />
+    <link rel="canonical" href="{{ var['canonical'] }}" />
     <script src="{{ url_for('static', filename='js/checkbox.js') }}"></script>
     <script src="{{ url_for('static', filename='js/responsive.js') }}"></script>
     <script src="{{ url_for('static', filename='js/chessbed.js') }}"></script>
@@ -65,7 +65,8 @@
   {% block header %}
   <body onpopstate="backButton()">
     <noscript>You need to enable JavaScript to run this app.</noscript>
-    <iframe src="/hotspots?legend=false" title="HotspotsRIT" id="map"></iframe>
+    <!-- TO REPLACE WITH hotspots.asimonson.com -->
+    <iframe src="https://asimonson.com/hotspots?legend=false" title="HotspotsRIT" id="map"></iframe>
     <div id="contentStuffer">
       <div class="header">
         <div id="name-container" onclick="goto('home')">

supervisord.conf

@@ -1,19 +0,0 @@
-[supervisord]
-nodaemon=true
-redirect_stderr=true
-stdout_logfile=/dev/null
-username = dummy
-password = dummy
-
-[program:nginx]
-command=/usr/sbin/nginx
-redirect_stderr=true
-stdout_logfile=/dev/null
-
-[unix_http_server]
-username = dummy
-password = dummy
-
-[supervisorctl]
-username = dummy
-password = dummy