From bbbcf271fe1c449a4a3b175dddf93c9366613f19 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 20 May 2021 15:21:56 +0200 Subject: [PATCH 01/14] remove otp token from login page, depending on Setting --- powerdnsadmin/templates/login.html | 2 ++ 1 file changed, 2 insertions(+) diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html index ffa57a9..6352caa 100644 --- a/powerdnsadmin/templates/login.html +++ b/powerdnsadmin/templates/login.html @@ -46,9 +46,11 @@ data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}> + {% if SETTING.get('otp_token_enabled') %}
+ {% endif %} {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}
From 92bad7b11c190b57b1d793095469f82b48446f39 Mon Sep 17 00:00:00 2001 From: Steffen Schwebel Date: Tue, 1 Jun 2021 14:02:01 +0200 Subject: [PATCH 08/14] add environment to cron --- docker/Dockerfile.BackgroundJob | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/Dockerfile.BackgroundJob b/docker/Dockerfile.BackgroundJob index c8b6186..bf0bf5e 100644 --- a/docker/Dockerfile.BackgroundJob +++ b/docker/Dockerfile.BackgroundJob @@ -113,7 +113,7 @@ RUN mkdir /etc/services.d/gunicorn && \ # Create service script for cron RUN mkdir /etc/services.d/cron && \ - echo $'#!/usr/bin/execlineb -P\ncrond -f\n' > /etc/services.d/cron/run && \ + echo $'#!/usr/bin/execlineb -P\nwith-contenv\ncrond -f\n' > /etc/services.d/cron/run && \ chmod +x /etc/services.d/cron/run # Add crontab entries From c13dd2d83559dcdca30abc79697ab9f7fed083d4 Mon Sep 17 00:00:00 2001 From: Steffen Schwebel Date: Tue, 1 Jun 2021 16:15:31 +0200 Subject: [PATCH 09/14] add 'custom_css' setting to model; check for 'custom_css' in template; create custom css dir in dockerfile --- docker/Dockerfile.BackgroundJob | 2 ++ powerdnsadmin/models/setting.py | 1 + powerdnsadmin/templates/login.html | 4 +++- 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/docker/Dockerfile.BackgroundJob b/docker/Dockerfile.BackgroundJob index bf0bf5e..4904270 100644 --- a/docker/Dockerfile.BackgroundJob +++ b/docker/Dockerfile.BackgroundJob @@ -94,6 +94,8 @@ RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-ps COPY --from=builder /usr/bin/flask /usr/bin/ COPY --from=builder /usr/lib/python3.8/site-packages /usr/lib/python3.8/site-packages/ COPY --from=builder --chown=root:${USER} /app /app/ +# Create directory for custom css +RUN mkdir /app/powerdnsadmin/static/custom COPY ./docker/entrypoint.sh /usr/bin/ WORKDIR /app diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py index 0d3a575..5fea755 100644 --- a/powerdnsadmin/models/setting.py +++ b/powerdnsadmin/models/setting.py @@ -181,6 +181,7 @@ class Setting(db.Model): }, 'ttl_options': '1 minute,5 minutes,30 minutes,60 minutes,24 hours', 'otp_field_enabled': True, + 'custom_css': '', } def __init__(self, id=None, name=None, value=None): diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html index 1d597fd..4ddf21f 100644 --- a/powerdnsadmin/templates/login.html +++ b/powerdnsadmin/templates/login.html @@ -11,7 +11,9 @@ {% assets "css_login" -%} {%- endassets %} - +{% if SETTING.get('custom_css') %} + +{% endif %} From 0505b934a10b46fe2cf7c1e280a0db9ab52b54dd Mon Sep 17 00:00:00 2001 From: Steffen Schwebel Date: Wed, 2 Jun 2021 09:39:39 +0200 Subject: [PATCH 12/14] remove unrelated files and changes as best as possible --- docker/Dockerfile.BackgroundJob | 127 -------------------------------- powerdnsadmin/lib/utils.py | 7 -- update_accounts.py | 6 +- update_zones.py | 5 +- 4 files changed, 5 insertions(+), 140 deletions(-) delete mode 100644 docker/Dockerfile.BackgroundJob diff --git a/docker/Dockerfile.BackgroundJob b/docker/Dockerfile.BackgroundJob deleted file mode 100644 index 4904270..0000000 --- a/docker/Dockerfile.BackgroundJob +++ /dev/null @@ -1,127 +0,0 @@ -FROM alpine:3.13 AS builder -LABEL maintainer="k@ndk.name" - -ARG BUILD_DEPENDENCIES="build-base \ - libffi-dev \ - libxml2-dev \ - mariadb-connector-c-dev \ - openldap-dev \ - python3-dev \ - xmlsec-dev \ - yarn \ - cargo" - - -ENV LC_ALL=en_US.UTF-8 \ - LANG=en_US.UTF-8 \ - LANGUAGE=en_US.UTF-8 \ - FLASK_APP=/build/powerdnsadmin/__init__.py - -# Get dependencies -# py3-pip should not belong to BUILD_DEPENDENCIES. Otherwise, when we remove -# them with "apk del" at the end of build stage, the python requests module -# will be removed as well - (Tested with alpine:3.12 and python 3.8.5). -RUN apk add --no-cache ${BUILD_DEPENDENCIES} && \ - apk add --no-cache py3-pip - -WORKDIR /build - -# We copy just the requirements.txt first to leverage Docker cache -COPY ./requirements.txt /build/requirements.txt - -# Get application dependencies -RUN pip install --upgrade pip && \ - pip install -r requirements.txt - -# Add sources -COPY . /build - -# Prepare assets -RUN yarn install --pure-lockfile --production && \ - yarn cache clean && \ - sed -i -r -e "s|'cssmin',\s?'cssrewrite'|'cssmin'|g" /build/powerdnsadmin/assets.py && \ - flask assets build - -RUN mv /build/powerdnsadmin/static /tmp/static && \ - mkdir /build/powerdnsadmin/static && \ - cp -r /tmp/static/generated /build/powerdnsadmin/static && \ - cp -r /tmp/static/assets /build/powerdnsadmin/static && \ - cp -r /tmp/static/img /build/powerdnsadmin/static && \ - find /tmp/static/node_modules -name 'fonts' -exec cp -r {} /build/powerdnsadmin/static \; && \ - find /tmp/static/node_modules/icheck/skins/square -name '*.png' -exec cp {} /build/powerdnsadmin/static/generated \; - -RUN { \ - echo "from flask_assets import Environment"; \ - echo "assets = Environment()"; \ - echo "assets.register('js_login', 'generated/login.js')"; \ - echo "assets.register('js_validation', 'generated/validation.js')"; \ - echo "assets.register('css_login', 'generated/login.css')"; \ - echo "assets.register('js_main', 'generated/main.js')"; \ - echo "assets.register('css_main', 'generated/main.css')"; \ - } > /build/powerdnsadmin/assets.py - -# Move application -RUN mkdir -p /app && \ - cp -r /build/migrations/ /build/powerdnsadmin/ /build/run.py /app && \ - mkdir -p /app/configs && \ - cp -r /build/configs/docker_config.py /app/configs -# Also copy update scripts -RUN cp /build/update_accounts.py /build/update_zones.py /app/ - -# Cleanup -RUN pip install pip-autoremove && \ - pip-autoremove cssmin -y && \ - pip-autoremove jsmin -y && \ - pip-autoremove pytest -y -L packaging && \ - pip uninstall -y pip-autoremove && \ - apk del ${BUILD_DEPENDENCIES} - -# Build image -FROM alpine:3.13 -ARG S6_VERSION=v2.2.0.3 - -ENV FLASK_APP=/app/powerdnsadmin/__init__.py \ - USER=pda - -RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-psycopg2 xmlsec tzdata libcap apk-cron && \ - addgroup -S ${USER} && \ - adduser -S -D -G ${USER} ${USER} && \ - mkdir /data && \ - chown ${USER}:${USER} /data && \ - setcap cap_net_bind_service=+ep $(readlink -f /usr/bin/python3) && \ - apk del libcap - -COPY --from=builder /usr/bin/flask /usr/bin/ -COPY --from=builder /usr/lib/python3.8/site-packages /usr/lib/python3.8/site-packages/ -COPY --from=builder --chown=root:${USER} /app /app/ -# Create directory for custom css -RUN mkdir /app/powerdnsadmin/static/custom -COPY ./docker/entrypoint.sh /usr/bin/ - -WORKDIR /app -RUN chown ${USER}:${USER} ./configs /app && \ - cat ./powerdnsadmin/default_config.py ./configs/docker_config.py > ./powerdnsadmin/docker_config.py - -# Add s6 overlay, so we can manage multiple processes -ADD https://github.com/just-containers/s6-overlay/releases/download/$S6_VERSION/s6-overlay-amd64-installer /tmp/ -RUN chmod +x /tmp/s6-overlay-amd64-installer && /tmp/s6-overlay-amd64-installer / - -# Create service script for gunicorn -RUN mkdir /etc/services.d/gunicorn && \ - echo $'#!/usr/bin/execlineb -P\nwith-contenv\n' > /etc/services.d/gunicorn/run && \ - echo "s6-setuidgid $USER" >> /etc/services.d/gunicorn/run && \ - echo $'\n/usr/bin/entrypoint.sh gunicorn powerdnsadmin:create_app()' >> /etc/services.d/gunicorn/run && \ - chmod +x /etc/services.d/gunicorn/run - -# Create service script for cron -RUN mkdir /etc/services.d/cron && \ - echo $'#!/usr/bin/execlineb -P\nwith-contenv\ncrond -f\n' > /etc/services.d/cron/run && \ - chmod +x /etc/services.d/cron/run - -# Add crontab entries -RUN echo "*/5 * * * * python3 /app/update_zones.py" >> /etc/crontabs/$USER && \ - echo "*/5 * * * * python3 /app/update_accounts.py" >> /etc/crontabs/$USER - -EXPOSE 80/tcp -HEALTHCHECK CMD ["wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1/"] -ENTRYPOINT ["/init"] diff --git a/powerdnsadmin/lib/utils.py b/powerdnsadmin/lib/utils.py index d086e81..d7f20a4 100644 --- a/powerdnsadmin/lib/utils.py +++ b/powerdnsadmin/lib/utils.py @@ -104,13 +104,6 @@ def fetch_json(remote_url, data = None try: data = json.loads(r.content.decode('utf-8')) - except UnicodeDecodeError: - # If the decoding fails, switch to slower but probably working .json() - try: - logging.warning("UTF-8 content.decode failed, switching to slower .json method") - data = r.json() - except Exception as e: - raise e except Exception as e: raise RuntimeError( 'Error while loading JSON data from {0}'.format(remote_url)) from e diff --git a/update_accounts.py b/update_accounts.py index 4c5f04e..0578ce0 100644 --- a/update_accounts.py +++ b/update_accounts.py @@ -25,9 +25,7 @@ with app.app_context(): ### Check if bg_domain_updates is set to true if not status: - app.logger.debug('"bg_domain_updates" is disabled, exiting') - sys.exit(0) + app.logger.error('Please turn on "bg_domain_updates" setting to run this job.') + sys.exit(1) - ### Start the update process - app.logger.info('Update accounts from nameserver API') Account().update() diff --git a/update_zones.py b/update_zones.py index 79fc19a..5da542f 100644 --- a/update_zones.py +++ b/update_zones.py @@ -16,6 +16,7 @@ import logging from powerdnsadmin import create_app from powerdnsadmin.models.domain import Domain from powerdnsadmin.models.setting import Setting + app = create_app() app.logger.setLevel(logging.INFO) @@ -24,8 +25,8 @@ with app.app_context(): ### Check if bg_domain_updates is set to true if not status: - app.logger.debug('"bg_domain_updates" is disabled, exiting') - sys.exit(0) + app.logger.error('Please turn on "bg_domain_updates" setting to run this job.') + sys.exit(1) ### Start the update process app.logger.info('Update domains from nameserver API') From fd933f8dbc6ec4ebac0ee6554901d4866096c9ba Mon Sep 17 00:00:00 2001 From: Steffen Schwebel Date: Wed, 2 Jun 2021 09:41:08 +0200 Subject: [PATCH 13/14] remove unrelated files and changes as best as possible --- powerdnsadmin/models/setting.py | 1 - powerdnsadmin/routes/admin.py | 2 +- powerdnsadmin/templates/login.html | 2 -- 3 files changed, 1 insertion(+), 4 deletions(-) diff --git a/powerdnsadmin/models/setting.py b/powerdnsadmin/models/setting.py index 5fea755..acb3bc2 100644 --- a/powerdnsadmin/models/setting.py +++ b/powerdnsadmin/models/setting.py @@ -180,7 +180,6 @@ class Setting(db.Model): 'URI': False }, 'ttl_options': '1 minute,5 minutes,30 minutes,60 minutes,24 hours', - 'otp_field_enabled': True, 'custom_css': '', } diff --git a/powerdnsadmin/routes/admin.py b/powerdnsadmin/routes/admin.py index 90750a1..81c888b 100644 --- a/powerdnsadmin/routes/admin.py +++ b/powerdnsadmin/routes/admin.py @@ -642,7 +642,7 @@ def setting_basic(): 'pretty_ipv6_ptr', 'dnssec_admins_only', 'allow_user_create_domain', 'allow_user_view_history', 'bg_domain_updates', 'site_name', 'session_timeout', 'warn_session_timeout', 'ttl_options', - 'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email', 'otp_field_enabled','custom_css' + 'pdns_api_timeout', 'verify_ssl_connections', 'verify_user_email', 'custom_css' ] return render_template('admin_setting_basic.html', settings=settings) diff --git a/powerdnsadmin/templates/login.html b/powerdnsadmin/templates/login.html index dcf96cf..6fac9d4 100644 --- a/powerdnsadmin/templates/login.html +++ b/powerdnsadmin/templates/login.html @@ -48,11 +48,9 @@ data-error="Please input your password" required {% if password %}value="{{ password }}" {% endif %}> - {% if SETTING.get('otp_field_enabled') %}
- {% endif %} {% if SETTING.get('ldap_enabled') and SETTING.get('local_db_enabled') %}