Update docker stuff and bug fixes

docker/Dockerfile

@@ -0,0 +1,33 @@
+FROM debian:stretch-slim
+LABEL maintainer="k@ndk.name"
+
+ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8
+
+RUN apt-get update -y \
+    && apt-get install -y --no-install-recommends apt-transport-https locales locales-all python3-pip python3-setuptools python3-dev curl libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev build-essential libmariadb-dev-compat \
+    && curl -sL https://deb.nodesource.com/setup_10.x | bash - \
+    && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
+    && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list \
+    && apt-get update -y \
+    && apt-get install -y nodejs yarn \
+    && apt-get clean -y \
+	&& rm -rf /var/lib/apt/lists/*
+
+# We copy just the requirements.txt first to leverage Docker cache
+COPY ./requirements.txt /app/requirements.txt
+
+WORKDIR /app
+RUN pip3 install -r requirements.txt
+
+COPY . /app
+COPY ./docker/entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/entrypoint.sh
+
+ENV FLASK_APP=powerdnsadmin/__init__.py
+RUN yarn install --pure-lockfile --production \
+    && yarn cache clean \
+    && flask assets build
+
+EXPOSE 80/tcp
+ENTRYPOINT ["entrypoint.sh"]
+CMD ["gunicorn","powerdnsadmin:create_app()"]

docker/PowerDNS-Admin/Dockerfile

@@ -1,48 +0,0 @@
-FROM ubuntu:16.04
-MAINTAINER Khanh Ngo "k@ndk.name"
-ARG ENVIRONMENT=development
-ENV ENVIRONMENT=${ENVIRONMENT}
-WORKDIR /powerdns-admin
-
-RUN apt-get update -y
-RUN apt-get install -y apt-transport-https
-
-RUN apt-get install -y locales locales-all
-ENV LC_ALL en_US.UTF-8
-ENV LANG en_US.UTF-8
-ENV LANGUAGE en_US.UTF-8
-
-RUN apt-get install -y python3-pip python3-dev supervisor curl mysql-client
-
-# Install node 10.x
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
-RUN apt-get install -y nodejs
-
-RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
-
-# Install yarn
-RUN apt-get update -y
-RUN apt-get install -y yarn
-
-# Install Netcat for DB healthcheck
-RUN apt-get install -y netcat
-
-# lib for building mysql db driver
-RUN apt-get install -y libmysqlclient-dev
-
-# lib for building ldap and ssl-based application
-RUN apt-get install -y libsasl2-dev libldap2-dev libssl-dev
-
-# lib for building python3-saml
-RUN apt-get install -y libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config
-
-COPY ./requirements.txt /powerdns-admin/requirements.txt
-RUN pip3 install -r requirements.txt
-
-ADD ./supervisord.conf /etc/supervisord.conf
-ADD . /powerdns-admin/
-COPY ./configs/${ENVIRONMENT}.py /powerdns-admin/config.py
-COPY ./docker/PowerDNS-Admin/entrypoint.sh /entrypoint.sh
-
-ENTRYPOINT ["/entrypoint.sh"]

docker/PowerDNS-Admin/Dockerfile.pdns.test

@@ -1,13 +0,0 @@
-FROM ubuntu:latest
-
-RUN apt-get update && apt-get install -y pdns-backend-sqlite3 pdns-server sqlite3
-
-COPY ./docker/PowerDNS-Admin/pdns.sqlite.sql /data/pdns.sql
-ADD ./docker/PowerDNS-Admin/start.sh /data/
-
-RUN rm -f /etc/powerdns/pdns.d/pdns.simplebind.conf
-RUN rm -f /etc/powerdns/pdns.d/bind.conf
-
-RUN chmod +x /data/start.sh && mkdir -p /var/empty/var/run
-
-CMD /data/start.sh

docker/PowerDNS-Admin/Dockerfile.test

@@ -1,46 +0,0 @@
-FROM ubuntu:16.04
-MAINTAINER Khanh Ngo "k@ndk.name"
-ARG ENVIRONMENT=development
-ENV ENVIRONMENT=${ENVIRONMENT}
-WORKDIR /powerdns-admin
-
-RUN apt-get update -y
-RUN apt-get install -y apt-transport-https
-
-RUN apt-get install -y locales locales-all
-ENV LC_ALL en_US.UTF-8
-ENV LANG en_US.UTF-8
-ENV LANGUAGE en_US.UTF-8
-
-RUN apt-get install -y python3-pip python3-dev supervisor curl mysql-client
-
-RUN curl -sL https://deb.nodesource.com/setup_10.x | bash -
-
-RUN apt-get install -y nodejs
-
-RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
-RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
-
-# Install yarn
-RUN apt-get update -y
-RUN apt-get install -y yarn
-
-# Install Netcat for DB healthcheck
-RUN apt-get install -y netcat
-
-# lib for building mysql db driver
-RUN apt-get install -y libmysqlclient-dev
-
-# lib for building ldap and ssl-based application
-RUN apt-get install -y libsasl2-dev libldap2-dev libssl-dev
-
-# lib for building python3-saml
-RUN apt-get install -y libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev pkg-config
-
-COPY ./requirements.txt /powerdns-admin/requirements.txt
-COPY ./docker/PowerDNS-Admin/wait-for-pdns.sh /opt
-RUN chmod u+x /opt/wait-for-pdns.sh
-
-RUN pip3 install -r requirements.txt
-
-CMD ["/opt/wait-for-pdns.sh", "/usr/local/bin/pytest","--capture=no","-vv"]

docker/PowerDNS-Admin/entrypoint.sh

@@ -1,71 +0,0 @@
-#!/bin/bash
-
-set -o errexit
-set -o pipefail
-
-
-# == Vars
-#
-DB_MIGRATION_DIR='/powerdns-admin/migrations'
-if [[ -z ${PDNS_PROTO} ]];
- then PDNS_PROTO="http"
-fi
-
-if [[ -z ${PDNS_PORT} ]];
- then PDNS_PORT=8081
-fi
-
-
-
-# Wait for us to be able to connect to MySQL before proceeding
-echo "===> Waiting for $PDA_DB_HOST MySQL service"
-until nc -zv \
-  $PDA_DB_HOST \
-  $PDA_DB_PORT;
-do
-  echo "MySQL ($PDA_DB_HOST) is unavailable - sleeping"
-  sleep 1
-done
-
-
-echo "===> DB management"
-# Go in Workdir
-cd /powerdns-admin
-
-if [ ! -d "${DB_MIGRATION_DIR}" ]; then
-  echo "---> Running DB Init"
-  flask db init --directory ${DB_MIGRATION_DIR}
-  flask db migrate -m "Init DB" --directory ${DB_MIGRATION_DIR}
-  flask db upgrade --directory ${DB_MIGRATION_DIR}
-  ./init_data.py
-
-else
-  echo "---> Running DB Migration"
-  set +e
-  flask db migrate -m "Upgrade DB Schema" --directory ${DB_MIGRATION_DIR}
-  flask db upgrade --directory ${DB_MIGRATION_DIR}
-  set -e
-fi
-
-echo "===> Update PDNS API connection info"
-# initial setting if not available in the DB
-mysql -h${PDA_DB_HOST} -u${PDA_DB_USER} -p${PDA_DB_PASSWORD} -P${PDA_DB_PORT} ${PDA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_url', '${PDNS_PROTO}://${PDNS_HOST}:${PDNS_PORT}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_url') LIMIT 1;"
-mysql -h${PDA_DB_HOST} -u${PDA_DB_USER} -p${PDA_DB_PASSWORD} -P${PDA_DB_PORT} ${PDA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_key', '${PDNS_API_KEY}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_key') LIMIT 1;"
-
-# update pdns api setting if .env is changed.
-mysql -h${PDA_DB_HOST} -u${PDA_DB_USER} -p${PDA_DB_PASSWORD} -P${PDA_DB_PORT} ${PDA_DB_NAME} -e "UPDATE setting SET value='${PDNS_PROTO}://${PDNS_HOST}:${PDNS_PORT}' WHERE name='pdns_api_url';"
-mysql -h${PDA_DB_HOST} -u${PDA_DB_USER} -p${PDA_DB_PASSWORD} -P${PDA_DB_PORT} ${PDA_DB_NAME} -e "UPDATE setting SET value='${PDNS_API_KEY}' WHERE name='pdns_api_key';"
-
-echo "===> Assets management"
-echo "---> Running Yarn"
-chown -R www-data:www-data /powerdns-admin/app/static
-chown -R www-data:www-data /powerdns-admin/node_modules
-su -s /bin/bash -c 'yarn install --pure-lockfile' www-data
-
-echo "---> Running Flask assets"
-chown -R www-data:www-data /powerdns-admin/logs
-su -s /bin/bash -c 'flask assets build' www-data
-
-
-echo "===> Start supervisor"
-/usr/bin/supervisord -c /etc/supervisord.conf

docker/PowerDNS-Admin/pdns.sqlite.sql

@@ -1,92 +0,0 @@
-PRAGMA foreign_keys = 1;
-
-CREATE TABLE domains (
-  id                    INTEGER PRIMARY KEY,
-  name                  VARCHAR(255) NOT NULL COLLATE NOCASE,
-  master                VARCHAR(128) DEFAULT NULL,
-  last_check            INTEGER DEFAULT NULL,
-  type                  VARCHAR(6) NOT NULL,
-  notified_serial       INTEGER DEFAULT NULL,
-  account               VARCHAR(40) DEFAULT NULL
-);
-
-CREATE UNIQUE INDEX name_index ON domains(name);
-
-
-CREATE TABLE records (
-  id                    INTEGER PRIMARY KEY,
-  domain_id             INTEGER DEFAULT NULL,
-  name                  VARCHAR(255) DEFAULT NULL,
-  type                  VARCHAR(10) DEFAULT NULL,
-  content               VARCHAR(65535) DEFAULT NULL,
-  ttl                   INTEGER DEFAULT NULL,
-  prio                  INTEGER DEFAULT NULL,
-  change_date           INTEGER DEFAULT NULL,
-  disabled              BOOLEAN DEFAULT 0,
-  ordername             VARCHAR(255),
-  auth                  BOOL DEFAULT 1,
-  FOREIGN KEY(domain_id) REFERENCES domains(id) ON DELETE CASCADE ON UPDATE CASCADE
-);
-
-CREATE INDEX rec_name_index ON records(name);
-CREATE INDEX nametype_index ON records(name,type);
-CREATE INDEX domain_id ON records(domain_id);
-CREATE INDEX orderindex ON records(ordername);
-
-
-CREATE TABLE supermasters (
-  ip                    VARCHAR(64) NOT NULL,
-  nameserver            VARCHAR(255) NOT NULL COLLATE NOCASE,
-  account               VARCHAR(40) NOT NULL
-);
-
-CREATE UNIQUE INDEX ip_nameserver_pk ON supermasters(ip, nameserver);
-
-
-CREATE TABLE comments (
-  id                    INTEGER PRIMARY KEY,
-  domain_id             INTEGER NOT NULL,
-  name                  VARCHAR(255) NOT NULL,
-  type                  VARCHAR(10) NOT NULL,
-  modified_at           INT NOT NULL,
-  account               VARCHAR(40) DEFAULT NULL,
-  comment               VARCHAR(65535) NOT NULL,
-  FOREIGN KEY(domain_id) REFERENCES domains(id) ON DELETE CASCADE ON UPDATE CASCADE
-);
-
-CREATE INDEX comments_domain_id_index ON comments (domain_id);
-CREATE INDEX comments_nametype_index ON comments (name, type);
-CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
-
-
-CREATE TABLE domainmetadata (
- id                     INTEGER PRIMARY KEY,
- domain_id              INT NOT NULL,
- kind                   VARCHAR(32) COLLATE NOCASE,
- content                TEXT,
- FOREIGN KEY(domain_id) REFERENCES domains(id) ON DELETE CASCADE ON UPDATE CASCADE
-);
-
-CREATE INDEX domainmetaidindex ON domainmetadata(domain_id);
-
-
-CREATE TABLE cryptokeys (
- id                     INTEGER PRIMARY KEY,
- domain_id              INT NOT NULL,
- flags                  INT NOT NULL,
- active                 BOOL,
- content                TEXT,
- FOREIGN KEY(domain_id) REFERENCES domains(id) ON DELETE CASCADE ON UPDATE CASCADE
-);
-
-CREATE INDEX domainidindex ON cryptokeys(domain_id);
-
-
-CREATE TABLE tsigkeys (
- id                     INTEGER PRIMARY KEY,
- name                   VARCHAR(255) COLLATE NOCASE,
- algorithm              VARCHAR(50) COLLATE NOCASE,
- secret                 VARCHAR(255)
-);
-
-CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

docker/PowerDNS-Admin/start.sh

@@ -1,24 +0,0 @@
-#!/usr/bin/env sh
-
-if [ -z ${PDNS_API_KEY+x} ]; then
-    API_KEY=changeme
-fi
-
-if [ -z ${PDNS_PORT+x} ]; then
-    WEB_PORT=8081
-fi
-
-# Import schema structure
-if [ -e "/data/pdns.sql" ]; then
-    rm /data/pdns.db
-    cat /data/pdns.sql | sqlite3 /data/pdns.db
-    rm /data/pdns.sql
-    echo "Imported schema structure"
-fi
-
-chown -R pdns:pdns /data/
-
-/usr/sbin/pdns_server \
-    --launch=gsqlite3 --gsqlite3-database=/data/pdns.db \
-    --webserver=yes --webserver-address=0.0.0.0 --webserver-port=${PDNS_PORT} \
-    --api=yes --api-key=$PDNS_API_KEY --webserver-allow-from=${PDNS_WEBSERVER_ALLOW_FROM}

docker/PowerDNS-Admin/wait-for-pdns.sh

@@ -1,22 +0,0 @@
-#!/bin/sh
-
-set -e
-
-CMD="$1"
-shift
-CMD_ARGS="$@"
-
-LOOPS=10
-until curl -H "X-API-Key: ${PDNS_API_KEY}" "${PDNS_PROTO}://${PDNS_HOST}:${PDNS_PORT}/api/v1/servers"; do
-  >&2 echo "PDNS is unavailable - sleeping"
-  sleep 1
-  if [ $LOOPS -eq 10 ]
-  then
-    break
-  fi
-done
-
-sleep 5
-
->&2 echo "PDNS is up - executing command"
-exec $CMD $CMD_ARGS

docker/Production/Dockerfile

@@ -1,32 +0,0 @@
-FROM debian:stretch-slim
-LABEL maintainer="k@ndk.name"
-
-ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 LANGUAGE=en_US.UTF-8
-
-RUN apt-get update -y \
-	&& apt-get install -y --no-install-recommends apt-transport-https locales locales-all python3-pip python3-setuptools python3-dev curl libsasl2-dev libldap2-dev libssl-dev libxml2-dev libxslt1-dev libxmlsec1-dev libffi-dev build-essential libmariadb-dev-compat \
-    && curl -sL https://deb.nodesource.com/setup_10.x | bash - \
-    && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
-    && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list \
-    && apt-get update -y \
-    && apt-get install -y nodejs yarn \
-    && apt-get clean -y \
-	&& rm -rf /var/lib/apt/lists/*
-
-WORKDIR /opt/powerdns-admin
-
-COPY . .
-RUN pip3 install -r requirements.txt \
-    && pip3 install psycopg2-binary \
-    && yarn install --pure-lockfile \
-    && cp config_template.py config.py \
-    && flask assets build \
-    && rm config.py
-
-COPY ./docker/Production/entrypoint.sh /usr/local/bin/
-RUN chmod +x /usr/local/bin/entrypoint.sh
-
-ENV FLASK_APP=app/__init__.py
-EXPOSE 80/tcp
-ENTRYPOINT ["entrypoint.sh"]
-CMD ["gunicorn","app:app"]

docker/Production/config_docker.py

@@ -1,70 +0,0 @@
-# defaults for Docker image
-BIND_ADDRESS='0.0.0.0'
-PORT=80
-
-legal_envvars = (
-    'SECRET_KEY',
-    'BIND_ADDRESS',
-    'PORT',
-    'TIMEOUT',
-    'LOG_LEVEL',
-    'LOG_FILE',
-    'SALT',
-    'UPLOAD_DIR',
-    'SQLALCHEMY_TRACK_MODIFICATIONS',
-    'SQLALCHEMY_DATABASE_URI',
-    'SAML_ENABLED',
-    'SAML_DEBUG',
-    'SAML_PATH',
-    'SAML_METADATA_URL',
-    'SAML_METADATA_CACHE_LIFETIME',
-    'SAML_IDP_SSO_BINDING',
-    'SAML_IDP_ENTITY_ID',
-    'SAML_NAMEID_FORMAT',
-    'SAML_ATTRIBUTE_EMAIL',
-    'SAML_ATTRIBUTE_GIVENNAME',
-    'SAML_ATTRIBUTE_SURNAME',
-    'SAML_ATTRIBUTE_NAME',
-    'SAML_ATTRIBUTE_USERNAME',
-    'SAML_ATTRIBUTE_ADMIN',
-    'SAML_ATTRIBUTE_GROUP',
-    'SAML_GROUP_ADMIN_NAME',
-    'SAML_GROUP_TO_ACCOUNT_MAPPING',
-    'SAML_ATTRIBUTE_ACCOUNT',
-    'SAML_SP_ENTITY_ID',
-    'SAML_SP_CONTACT_NAME',
-    'SAML_SP_CONTACT_MAIL',
-    'SAML_SIGN_REQUEST',
-    'SAML_WANT_MESSAGE_SIGNED',
-    'SAML_LOGOUT',
-    'SAML_LOGOUT_URL',
-)
-
-legal_envvars_int = (
-    'PORT',
-    'TIMEOUT',
-    'SAML_METADATA_CACHE_LIFETIME',
-)
-
-legal_envvars_bool = (
-    'SQLALCHEMY_TRACK_MODIFICATIONS',
-    'SAML_ENABLED',
-    'SAML_DEBUG',
-    'SAML_SIGN_REQUEST',
-    'SAML_WANT_MESSAGE_SIGNED',
-    'SAML_LOGOUT',
-)
-
-# import everything from environment variables
-import os
-import sys
-for v in legal_envvars:
-    if v in os.environ:
-        ret = os.environ[v]
-        if v in legal_envvars_bool:
-            ret = bool(ret)
-        if v in legal_envvars_int:
-            ret = int(ret)
-        sys.modules[__name__].__dict__[v] = ret
-
-

docker/entrypoint.sh

@@ -1,15 +1,13 @@
 #!/bin/bash
 set -Eeuo pipefail
-cd /opt/powerdns-admin
+cd /app
 
 GUNICORN_TIMEOUT="${GUINCORN_TIMEOUT:-120}"
 GUNICORN_WORKERS="${GUNICORN_WORKERS:-4}"
 GUNICORN_LOGLEVEL="${GUNICORN_LOGLEVEL:-info}"
 BIND_ADDRESS="${BIND_ADDRESS:-0.0.0.0:80}"
 
-if [ ! -f ./config.py ]; then
-    cat ./config_template.py ./docker/Production/config_docker.py > ./config.py
-fi
+cat ./powerdnsadmin/default_config.py ./configs/docker_config.py > ./powerdnsadmin/docker_config.py
 
 GUNICORN_ARGS="-t ${GUNICORN_TIMEOUT} --workers ${GUNICORN_WORKERS} --bind ${BIND_ADDRESS} --log-level ${GUNICORN_LOGLEVEL}"
 if [ "$1" == gunicorn ]; then