Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat add docker compose pg #16

Merged
merged 3 commits into from
Oct 23, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,5 @@ ciso_assistant/build.json
*.sqlite3
db/django_secret_key
db/attachments/
db/data/
db/pg_password.txt
29 changes: 22 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ To install gettext and pango, do `sudo apt update && sudo apt install gettext li

### Quick start 🚀

There are two methods to run CISO locally: using Python or using Docker.
There are three methods to run CISO locally: using Python, using Docker or using docker-compose.

By default, Django secret key is generated randomly at each start of Mira. This is convenient for quick test, but not recommended for production, as it can break the sessions (see this [topic](https://stackoverflow.com/questions/15170637/effects-of-changing-djangos-secret-key) for more information). To set a fixed secret key, use the environment variable DJANGO_SECRET_KEY.

Expand Down Expand Up @@ -102,12 +102,12 @@ python manage.py collectstatic
python manage.py createsuperuser
```

5. Run CISO
5. Run CISO Assistant

```sh
python manage.py runserver
```
You can then reach CISO using your web brower at [http://127.0.0.1:8000/](http://127.0.0.1:8000/)
You can then reach CISO Assistant using your web brower at [http://127.0.0.1:8000/](http://127.0.0.1:8000/)

#### Using Docker

Expand All @@ -127,7 +127,7 @@ docker run --rm -it --env CREATE_SUPERUSER=true -p 8000:8000 -v ./db:/code/db c

When asked for, enter your email and password for your superuser.

You can then reach CISO using your web brower at [http://127.0.0.1:8000/](http://127.0.0.1:8000/)
You can then reach CISO Assistant using your web brower at [http://127.0.0.1:8000/](http://127.0.0.1:8000/)

For the following executions, simply run:

Expand All @@ -137,7 +137,21 @@ docker run --rm -p 8000:8000 -v ./db:/code/db ciso-assistant:$(<ciso_assistant/

⚠️ *WARNING*: If you're using WSL you'll need to activate *Systemd*. Check out this [topic](https://stackoverflow.com/questions/65400999/enable-systemd-in-wsl-2) to do it.

### How to set up CISO for development? ✍️

#### Using docker-compose with a Postgres database

Simply launch:
```sh
./docker-compose-pg.sh
```

When asked for, enter your email and password for your superuser.

You can then reach CISO Assistant using your web brower at [http://127.0.0.1:8000/](http://127.0.0.1:8000/)

For the following executions, use "docker-compose up" directly.

### How to set up CISO Assistant for development? ✍️

1. Clone the repository.

Expand Down Expand Up @@ -168,15 +182,16 @@ export EMAIL_HOST=localhost
export EMAIL_PORT=1025

```
> As said in the quickstart section, CISO generates a random Django secret key if not specified. To avoid broken sessions, it is preferable to set a fixed random value using the DJANGO_SECRET_KEY environment variable.
> As said in the quickstart section, CISO Assistant generates a random Django secret key if not specified. To avoid broken sessions, it is preferable to set a fixed random value using the DJANGO_SECRET_KEY environment variable.

**Optional variables**

```sh
# CISO will use SQLite by default, but you can setup PostgreSQL by declaring these variables
# CISO Assistant will use SQLite by default, but you can setup PostgreSQL by declaring these variables
export POSTGRES_NAME=ciso-assistant
export POSTGRES_USER=ciso-assistantuser
export POSTGRES_PASSWORD=<XXX>
export POSTGRES_PASSWORD_FILE=<XXX> # alternative way to specify password
export DB_HOST=localhost
export DB_PORT=5432 # optional, default value is 5432

Expand Down
2 changes: 1 addition & 1 deletion ciso_assistant/VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.9.1
0.9.2
4 changes: 3 additions & 1 deletion ciso_assistant/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,9 @@

if 'POSTGRES_NAME' in os.environ:
print("Postgresql database engine")
fp = os.environ.get('POSTGRES_PASSWORD_FILE')
if fp:
os.environ['POSTGRES_PASSWORD'] = Path(fp).read_text().strip()
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
Expand All @@ -248,7 +251,6 @@
'PORT': os.environ.get('DB_PORT', '5432'),
}
}
print("Postgresql database engine")
else:
print("sqlite database engine")
DATABASES = {
Expand Down
12 changes: 12 additions & 0 deletions docker-compose-pg.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
#! /usr/bin/env bash

if [ -d db/data ] ; then
echo "the database seems already created"
echo "you should launch docker-compose up -d"
else
uuidgen > ./db/pg_password.txt
docker-compose up -d
echo "initialize your superuser account..."
docker-compose exec ciso-assistant python manage.py createsuperuser
echo "for successive runs you can now use docker compose up"
fi
49 changes: 49 additions & 0 deletions docker-compose.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
version: "3.5"
services:
ciso-assistant:
build: .
image: ciso-assistant:0.9.1
container_name: "ciso-assistant"
ports:
- "8000:8000"
depends_on:
postgres:
condition: service_healthy
environment:
DJANGO_DEBUG: "True"
CISO_URL: http://127.0.0.1:8000
POSTGRES_NAME: postgres
POSTGRES_USER: postgres
POSTGRES_PASSWORD_FILE: /run/secrets/pg_password
# CISO_SUPERUSER_EMAIL: [email protected]
EMAIL_HOST: your.mail.server
EMAIL_PORT: 1025
EMAIL_HOST_USER: ''
EMAIL_HOST_PASSWORD: ''
EMAIL_USE_TLS: "False"
EMAIL_USE_SSL: "False"
DEFAULT_FROM_EMAIL: [email protected]
DB_HOST: ciso-postgres
volumes:
- ./db:/code/db
secrets:
- pg_password

postgres:
image: postgres
container_name: "ciso-postgres"
restart: always
environment:
POSTGRES_PASSWORD_FILE: /run/secrets/pg_password
volumes:
- ./db/data:/var/lib/postgresql/data
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 5s
timeout: 5s
retries: 5
secrets:
- pg_password
secrets:
pg_password:
file: ./db/pg_password.txt
Loading