Compare commits

...

4 Commits

Author SHA1 Message Date
m0veax
6cab009b3a test script failes on purpose 2024-06-29 00:45:21 +02:00
m0veax
41c111569d add build / deploy instructions to readme 2024-06-29 00:41:16 +02:00
m0veax
baf9d87556 build docker container with git clone to enable automation 2024-06-29 00:14:38 +02:00
m0veax
b4938c904e check if payload secrets match env variable secrets 2024-06-28 23:03:58 +02:00
6 changed files with 71 additions and 3 deletions

1
.gitignore vendored
View File

@ -1 +1,2 @@
/target /target
.idea

View File

@ -1,7 +1,9 @@
FROM rust:1.75.0 as builder FROM rust:1.75.0 as builder
WORKDIR /usr/src/chaospott-status WORKDIR /usr/src/chaospott-status
COPY . . # git clone anstatt copy, damit Dockerfile in extra repository liegen kann. Danke @a3x
# git ist im image enthalten, da rust image hiervon abstammt https://hub.docker.com/layers/library/buildpack-deps/bookworm-scm/images/sha256-25f20fd3e3c8be1e9626c246986beb400ccfe19b0ab13d57127399927801d499?context=explore
RUN git clone https://git.chaospott.de/Chaospott/chaospott-status.git .
# use musl to create a truly static binary https://bxbrenden.github.io/ # use musl to create a truly static binary https://bxbrenden.github.io/
RUN rustup component add rust-std-x86_64-unknown-linux-musl RUN rustup component add rust-std-x86_64-unknown-linux-musl

View File

@ -16,6 +16,19 @@ To start the app, just `cargo run --release` as usual.
Find scripts for testing in [`scripts/`](scripts/). Find scripts for testing in [`scripts/`](scripts/).
## Build / Deploy
While building the Docker Container, the sources will be cloned from this repository.
Set the environment variables to set the update secrets.
```shell
export consumer_key=foo
export consumer_secret=bar
docker compose up
```
## Need help? ## Need help?
Ask chfkch, starblue, m0veax, CyReVolt or your favourite Rustacean. 🦀 Ask chfkch, starblue, m0veax, CyReVolt or your favourite Rustacean. 🦀

18
docker-compose.yaml Normal file
View File

@ -0,0 +1,18 @@
version: '3'
services:
spaceapi-v2:
build: .
container_name: spaceapi-v2
restart: always
labels:
- traefik.frontend.rule=Host:status-v2.chaospott.de
- traefik.port=3000
- traefik.frontend.passHostHeader=true
- traefik.enable=true
networks:
- extern
networks:
extern:
external:
name: web

View File

@ -1,4 +1,16 @@
#!/bin/sh
## starte server mit env vars passend zum ersten aufruf
## TODO das muss noch gescripted werden
# should return 201 if env vars are set like this payload states
curl -XPOST \ curl -XPOST \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
--data '{"consumer_key": "","consumer_secret":"","aerie":true }' \ --data '{"consumer_key": "test123","consumer_secret":"123test","aerie":true }' \
http://localhost:3000/api/update http://localhost:3000/api/update -vvv
#should return 500
curl -XPOST \
-H "Content-Type: application/json" \
--data '{"consumer_key": "foo","consumer_secret":"bar","aerie":true }' \
http://localhost:3000/api/update -vvv

View File

@ -1,5 +1,6 @@
use std::fs::File; use std::fs::File;
use std::io::prelude::*; use std::io::prelude::*;
use std::env;
use axum::{ use axum::{
http::StatusCode, http::StatusCode,
@ -36,6 +37,18 @@ fn init_status() -> Status {
status::status(sensors, state) status::status(sensors, state)
} }
// check given secret
// https://www.youtube.com/watch?v=aHKWVLH-ibY
fn check_secret(given_secret: String, given_key: String) -> bool {
let consumer_secret = env::var("consumer_secret").unwrap();
let consumer_key = env::var("consumer_key").unwrap();
if given_secret == consumer_secret && given_key == consumer_key {
return true;
}
false
}
// Write status to file and return JSON string. // Write status to file and return JSON string.
fn write_status(s: Status) -> String { fn write_status(s: Status) -> String {
let s = serde_json::to_string(&s).unwrap(); let s = serde_json::to_string(&s).unwrap();
@ -59,11 +72,20 @@ async fn root() -> String {
struct TheDoors { struct TheDoors {
aerie: Option<bool>, aerie: Option<bool>,
cellar: Option<bool>, cellar: Option<bool>,
consumer_key: String,
consumer_secret: String
} }
// The door can see through your soul. // The door can see through your soul.
// https://www.youtube.com/watch?v=bDQDp00oTP4 // https://www.youtube.com/watch?v=bDQDp00oTP4
async fn the_doors(Json(payload): Json<TheDoors>) -> StatusCode { async fn the_doors(Json(payload): Json<TheDoors>) -> StatusCode {
let check_secret = check_secret(payload.consumer_secret, payload.consumer_key);
if !check_secret { return StatusCode::FORBIDDEN; }
let status: Status = if std::path::Path::new(STATUS_FILE).exists() { let status: Status = if std::path::Path::new(STATUS_FILE).exists() {
let contents = std::fs::read_to_string(STATUS_FILE).expect("FCKAFD"); let contents = std::fs::read_to_string(STATUS_FILE).expect("FCKAFD");
serde_json::from_str(&contents).unwrap_or_else(|_| init_status()) serde_json::from_str(&contents).unwrap_or_else(|_| init_status())