Compare commits
3 Commits
with-docke
...
af20b626d5
| Author | SHA1 | Date | |
|---|---|---|---|
af20b626d5
|
|||
|
ddad153875
|
|||
|
74a0ae5027
|
6
.gitignore
vendored
6
.gitignore
vendored
@ -1,10 +1,10 @@
|
||||
logs/
|
||||
nginx.conf.compiled
|
||||
db.*.sqlite
|
||||
.vscode/
|
||||
.local/
|
||||
static/avatars/*
|
||||
!static/avatars/default.webp
|
||||
data/static/avatars/*
|
||||
!data/static/avatars/default.webp
|
||||
data/db/*
|
||||
secrets.lua
|
||||
|
||||
.first_launch.*
|
||||
|
||||
@ -5,7 +5,7 @@ local constants = require("constants")
|
||||
|
||||
local util = require("util")
|
||||
|
||||
local bcrypt = require("bcrypt")
|
||||
local auth = require("lib.auth")
|
||||
local rand = require("openssl.rand")
|
||||
|
||||
local models = require("models")
|
||||
@ -14,7 +14,7 @@ local Sessions = models.Sessions
|
||||
local Avatars = models.Avatars
|
||||
|
||||
local function authenticate_user(user, password)
|
||||
return bcrypt.verify(password, user.password_hash)
|
||||
return auth.verify(password, user.password_hash)
|
||||
end
|
||||
|
||||
local function create_session_key()
|
||||
@ -321,7 +321,7 @@ app:post("user_signup", "/signup", function(self)
|
||||
|
||||
local new_user = Users:create({
|
||||
username = username,
|
||||
password_hash = bcrypt.digest(password, constants.BCRYPT_ROUNDS),
|
||||
password_hash = auth.digest(password),
|
||||
permission = constants.PermissionLevel.GUEST,
|
||||
})
|
||||
|
||||
|
||||
@ -7,7 +7,7 @@ config({"development", "production"}, {
|
||||
code_cache = "off",
|
||||
num_workers = "1",
|
||||
sqlite = {
|
||||
database = "db.dev.sqlite"
|
||||
database = "data/db/db.dev.sqlite"
|
||||
},
|
||||
secret = "SUPER SECRET",
|
||||
session_name = "porom_session",
|
||||
@ -20,7 +20,7 @@ config("production", {
|
||||
},
|
||||
secret = secrets.key,
|
||||
sqlite = {
|
||||
database = "db.prod.sqlite"
|
||||
database = "data/db/db.prod.sqlite"
|
||||
},
|
||||
session_name = "porom_session_s"
|
||||
})
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
local bcrypt = require("bcrypt")
|
||||
local auth = require("lib.auth")
|
||||
local models = require("models")
|
||||
local constants = require("constants")
|
||||
|
||||
@ -29,7 +29,7 @@ local function create_admin()
|
||||
password = password .. alphabet:sub(randi, randi)
|
||||
end
|
||||
|
||||
local hash = bcrypt.digest(password, constants.BCRYPT_ROUNDS)
|
||||
local hash = auth.digest(password)
|
||||
|
||||
models.Users:create({
|
||||
username = username,
|
||||
|
||||
|
Before Width: | Height: | Size: 8.3 KiB After Width: | Height: | Size: 8.3 KiB |
@ -1,13 +0,0 @@
|
||||
# Generate a random secret key
|
||||
# export PROD_SECRET_KEY=$(openssl rand -hex 32)
|
||||
# Start the container
|
||||
# docker-compose up
|
||||
version: "3"
|
||||
services:
|
||||
porom:
|
||||
build:
|
||||
context: .
|
||||
args:
|
||||
- PROD_SECRET_KEY=${PROD_SECRET_KEY}
|
||||
ports:
|
||||
- "8080:8080"
|
||||
36
dockerfile
36
dockerfile
@ -1,36 +0,0 @@
|
||||
# HOW TO:
|
||||
#
|
||||
# Generate a random secret key & build the Docker image
|
||||
# ```sh
|
||||
# SECRET_KEY=$(openssl rand -hex 32) docker build --build-arg PROD_SECRET_KEY="$SECRET_KEY" -t porom:latest .
|
||||
# ```
|
||||
#
|
||||
# Then run the container
|
||||
# ```sh
|
||||
# docker run -d -p 8080:8080 --name porom porom:latest
|
||||
# ```
|
||||
#
|
||||
FROM openresty/openresty:alpine-fat
|
||||
COPY ./nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
|
||||
COPY . /usr/local/openresty/nginx/html
|
||||
WORKDIR /usr/local/openresty/nginx/html
|
||||
RUN apk add --no-cache \
|
||||
make \
|
||||
git \
|
||||
make \
|
||||
gcc \
|
||||
g++ \
|
||||
musl-dev \
|
||||
libffi-dev \
|
||||
openssl-dev \
|
||||
sqlite-dev \
|
||||
imagemagick-dev \
|
||||
lua5.1 \
|
||||
lua5.1-dev
|
||||
RUN eval "$(luarocks --lua-version 5.1 path)"
|
||||
RUN luarocks --lua-version 5.1 build --only-deps
|
||||
ARG PROD_SECRET_KEY
|
||||
RUN echo "return { key = \"${PROD_SECRET_KEY}\",}" > /usr/local/openresty/nginx/html/secrets.lua
|
||||
EXPOSE 8080
|
||||
RUN chmod +x /usr/local/openresty/nginx/html/start.sh
|
||||
ENTRYPOINT ["/usr/local/openresty/nginx/html/start.sh", "production"]
|
||||
16
lib/auth.lua
Normal file
16
lib/auth.lua
Normal file
@ -0,0 +1,16 @@
|
||||
local auth = {}
|
||||
|
||||
local ls = require "luasodium"
|
||||
|
||||
function auth.digest(password)
|
||||
return ls.crypto_pwhash_str(
|
||||
password,
|
||||
ls.crypto_pwhash_OPSLIMIT_INTERACTIVE,
|
||||
ls.crypto_pwhash_MEMLIMIT_INTERACTIVE)
|
||||
end
|
||||
|
||||
function auth.verify(password, hash)
|
||||
return ls.crypto_pwhash_str_verify(hash, password)
|
||||
end
|
||||
|
||||
return auth
|
||||
@ -26,15 +26,15 @@ http {
|
||||
}
|
||||
|
||||
location /static/ {
|
||||
alias static/;
|
||||
alias data/static/;
|
||||
}
|
||||
|
||||
location /favicon.ico {
|
||||
alias static/favicon.ico;
|
||||
alias data/static/favicon.ico;
|
||||
}
|
||||
|
||||
location /avatars {
|
||||
alias static/avatars;
|
||||
alias data/static/avatars;
|
||||
expires 1y;
|
||||
}
|
||||
}
|
||||
|
||||
@ -16,7 +16,7 @@ dependencies = {
|
||||
"lapis == 1.16.0",
|
||||
"lsqlite3",
|
||||
"magick",
|
||||
"bcrypt",
|
||||
"luasodium",
|
||||
"luaossl",
|
||||
}
|
||||
|
||||
|
||||
5
start.sh
5
start.sh
@ -7,9 +7,10 @@ start() {
|
||||
first_launch() {
|
||||
echo "Setting up for the first time"
|
||||
touch ".first_launch.$LAPIS_ENVIRONMENT"
|
||||
lua5.1 schema.lua
|
||||
mkdir -p data/db
|
||||
luajit schema.lua
|
||||
lapis migrate
|
||||
lua5.1 create_default_accounts.lua
|
||||
luajit create_default_accounts.lua
|
||||
}
|
||||
|
||||
if [[ $# -ne 1 ]]; then
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
<% if infobox then %>
|
||||
<% render("views.common.infobox", pop_infobox) %>
|
||||
<% render("views.common.infobox", infobox) %>
|
||||
<% end %>
|
||||
<div class="darkbg">
|
||||
<h1 class="thread-title">Latest posts by <i><%= user.username %></i></h1>
|
||||
|
||||
Reference in New Issue
Block a user