Update

2025-03-01 20:59:40 +01:00 · 2025-03-01 20:59:40 +01:00 · 7b7dcb234c
commit 7b7dcb234c
parent 2181410e0d
6 changed files with 88 additions and 9 deletions
--- a/.gitignore
+++ b/.gitignore
@ -37,4 +37,8 @@ build/
 ### Mac OS ###
 .DS_Store

-logs/
+logs/
+
+nginx/dhparam.pem
+nginx/snakeoil*
+authorized_keys
--- a/14
+++ b/14
@ -0,0 +1,14 @@
+FROM eclipse-temurin:21-alpine AS build
+WORKDIR /opt/app-build
+ADD . /opt/app-build
+RUN ./mvnw clean package
+
+
+FROM eclipse-temurin:21-alpine
+WORKDIR /opt/app
+COPY --from=build /opt/app-build/target/dcdn-1.0-SNAPSHOT-shaded.jar /opt/app/app.jar
+# Install sftp server
+RUN apk add --no-cache openssh-sftp-server
+RUN adduser -D site-deploy
+
+CMD ["java", "-jar", "/opt/app/app.jar"]
--- a/README.md
+++ b/README.md
@ -1,4 +1,13 @@
 ### Setup
+
+First, to go `nginx/` and execute the following commands:
+```bash
+# Generate 
+openssl dhparam -out dhparam.pem 4096
+
+openssl req -new -x509 -days 365 -noenc -out snakeoil.pem -keyout snakeoil.key -subj /CN=snakeoil
+```
+
 1. Replace IPs in `docker-compose.yml`
 2. run like a compose project

--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -4,13 +4,15 @@ services:
      context: .
      dockerfile: Dockerfile
    restart: unless-stopped
-    networks:
-      - app
+    ports:
+      - "[::1]:222:222"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - webroot:/var/www/html
+      - ./authorized_keys:/home/site-deploy/.ssh/authorized-keys:ro
+      - wr-deploy-temp:/tmp/deploy

-  nginx:
+  nginx: # name must not be changed
    image: nginx:1.27
    restart: unless-stopped
    networks:
@ -29,6 +31,22 @@ services:
    depends_on:
      - app

+  sftp:
+    image: atmoz/sftp:alpine
+    volumes:
+      - ssh-data:/etc/ssh
+      - wr-deploy-temp:/home/site-deploy
+      - ./authorized_keys:/home/site-deploy/.ssh/keys/ssh-keys.pub:ro
+    ports:
+      - "[::1]:2222:22"
+    command: site-deploy:pass:1001
+
 volumes:
  webroot:
-  ssl-certs:
+  ssl-certs:
+  wr-deploy-temp:
+  ssh-data:
+
+networks:
+  nginx:
+    external: false
--- a/src/main/java/eu/m724/Main.java
+++ b/src/main/java/eu/m724/Main.java
@ -8,8 +8,10 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import java.io.IOException;
+import java.net.InetAddress;
 import java.net.StandardProtocolFamily;
 import java.net.UnixDomainSocketAddress;
+import java.net.UnknownHostException;
 import java.util.concurrent.ExecutionException;

 public class Main {
@ -31,7 +33,30 @@ public class Main {
        LOGGER.info("- OS: {} version {}", info.getString("OperatingSystem"), info.getString("OSVersion"));
        LOGGER.info("- Hostname: {}", info.getString("Name"));

-        JSONObject containerInfo = null;
+        JSONObject appContainerInfo;
+        try {
+            appContainerInfo = engine.inspectContainer(getHostname()).get();
+            LOGGER.debug("Raw container info: {}", appContainerInfo);
+        } catch (ExecutionException e) {
+            throw new RuntimeException("Exception getting container info", e);
+        }
+
+        String appContainerId = appContainerInfo.getString("Id");
+        String composeProject = appContainerInfo.getJSONObject("Config")
+                .getJSONObject("Labels")
+                .getString("com.docker.compose.project");
+
+        LOGGER.info("App info:");
+        LOGGER.info("- Container ID: {} {}", appContainerId, appContainerInfo.getString("Name"));
+        LOGGER.info("- Compose project: {}", composeProject);
+
+        LOGGER.info("Now waiting");
+        synchronized (Main.class) {
+            Main.class.wait();
+        }
+
+
+        /*JSONObject containerInfo = null;
        try {
            containerInfo = engine.inspectContainer("dcdn_nginx").get();
        } catch (ExecutionException e) {
@ -44,7 +69,7 @@ public class Main {


        if (containerInfo != null) {
-            LOGGER.info("{}", containerInfo.toString());
+            LOGGER.info("{}", containerInfo);

            var mounts = containerInfo.getJSONArray("Mounts");
            LOGGER.debug("Detected {} mounts:", mounts.length());
@ -62,7 +87,7 @@ public class Main {
                // TODO
            } catch (ExecutionException e) {
                throw new RuntimeException("Exception creating container", e);
-            }*/
+            }/

            var data = new JSONObject()
                    .put("Image", "nginx:1.27");
@ -75,6 +100,15 @@ public class Main {
            }
        }

+        */
        proxy.close();
    }
+
+    public static String getHostname() {
+        try {
+            return InetAddress.getLocalHost().getHostName();
+        } catch (UnknownHostException e) {
+            throw new RuntimeException(e);
+        }
+    }
 }
--- a/src/main/java/eu/m724/Nginx.java
+++ b/src/main/java/eu/m724/Nginx.java
@ -10,7 +10,7 @@ public class Nginx {

    public void prepareFiles() throws ProcessFailedException, IOException, InterruptedException {
        LOGGER.info("Generating dhparam, this will take several minutes");
-        runCommand("openssl dhparam -out dhparam.pem 4096");
+        runCommand("openssl dhparam -out dhparam.pem 4096"); // TODO make this generated with code and rotating and use 3072 until future proof

        LOGGER.info("Generating cert");
        runCommand("openssl req -new -x509 -days 365 -noenc -out snakeoil.pem -keyout snakeoil.key -subj /CN=snakeoil");