diff --git a/README.md b/README.md index aa79e41..9c6271f 100644 --- a/README.md +++ b/README.md @@ -31,27 +31,20 @@ Usually it is used with [feeder](https://github.com/em92/qlstats-feeder-mini) ba For qllr itself: -* Python 3.7 with pip -* PostgreSQL 9.5 +* Python 3.7 or newer with pip +* PostgreSQL 9.5 or newer For feeder: -* Node.js 0.11.13 +* Node.js 0.11.13 or newer * libzmq3 -### Docker +Also it is recommended to install `nginx` and `htpasswd` and cover apps above under it. +Reasons: -For development: + * to disable or limit submitting match reports from outside -``` -docker build . -t em92/qllr-dev -f Dockerfile.develop.buster -``` - -For production: - -``` -docker build . -t em92/qllr -f Dockerfile.production -``` + * hide feeder under password protection ### Docs diff --git a/docs/install.md b/docs/install.md index d7c39f3..00ec3cd 100644 --- a/docs/install.md +++ b/docs/install.md @@ -68,7 +68,7 @@ That's it. Now run in separate screen. ./main.py ``` -By default it is running on port 8000. +By default it is running on port 8000 and uses 127.0.0.1 as host. ## Installing and configuring feeder @@ -86,11 +86,38 @@ mkdir ql-match-jsons mkdir ql-match-jsons/errors ``` -Edit cfg.json. *xonstatSubmissionUrl* value must point to our qllr (example http://YOUR-HOST-HERE:8000/stats/submit). +Edit cfg.json: + +- `feeder.xonstatSubmissionUrl` value must point to our qllr (example http://127.0.0.1:8000/stats/submit). +- `webadmin.urlprefix` value to `/feeder` Now run in separate screen. ``` node feeder.node.js ``` -It will run on 8081 port by default. Visit http://YOUR-HOST-HERE:8081 and add your quake live server(s) there. +It will run on 8081 port by default. Visit http://127.0.0.1:8081/feeder and add your quake live server(s) there. + + +## Installing and configuring nginx + +``` +sudo apt-get install nginx apache2-utils +sudo cp nginx.example.conf /etc/nginx/sites-available/stats +sudo ln -s /etc/nginx/sites-available/stats /etc/nginx/sites-enabled/stats +# edit /etc/nginx/sites-available/stats +# When copying from nginx.example.conf +# 1. domain name +# 2. path to static directory + +# generate password to access /feeder via nginx +# user is admin +# password should be inputed +sudo htpasswd -c /etc/nginx/qllr.htpasswd admin + +# make sure everything is fine with nginx config +sudo nginx -t + +# if yes, reload nginx +sudo service nginx reload +``` diff --git a/nginx.example.conf b/nginx.example.conf new file mode 100644 index 0000000..518efe6 --- /dev/null +++ b/nginx.example.conf @@ -0,0 +1,34 @@ +server { + listen 80; + listen [::]:80; + + server_name stats.eugenemolotov.ru; + + access_log /var/log/nginx/stats_access.log; + error_log /var/log/nginx/stats_error.log; + + location / { + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $http_host; + proxy_redirect off; + proxy_buffering off; + proxy_pass http://127.0.0.1:8000; + } + + # it is preferred, that nginx will serve static data + location /static { + root /home/eugene/quakelive-local-ratings; + } + + location /stats/submit { + return 403; # do not allow to submit results from outsite + } + + location /feeder { + auth_basic "Staff only"; + auth_basic_user_file /etc/nginx/qllr.htpasswd; + proxy_pass http://127.0.0.1:8081; + } +} diff --git a/qllr/blueprints/submission/__init__.py b/qllr/blueprints/submission/__init__.py index c3e9cc8..ddadeee 100644 --- a/qllr/blueprints/submission/__init__.py +++ b/qllr/blueprints/submission/__init__.py @@ -12,14 +12,6 @@ async def http_stats_submit(request: Request): if request.headers.get("X-D0-Blind-Id-Detached-Signature") != "dummy": raise HTTPException(403, "signature header invalid or not found") - if request.client.host not in [ - "::ffff:127.0.0.1", - "::1", - "127.0.0.1", - "testclient", - ]: - raise HTTPException(403, "non-loopback requests are not allowed") - match_report = await request.body() result = await submit_match(match_report.decode("utf-8")) if RUN_POST_PROCESS is False: