Compare commits
2 Commits
42c54ba6a0
...
861ea03c5b
| Author | SHA1 | Date | |
|---|---|---|---|
861ea03c5b
|
|||
|
74895c503d
|
69
Dockerfile
Normal file
69
Dockerfile
Normal file
@@ -0,0 +1,69 @@
|
||||
ARG RUST_VERSION=1.94.1
|
||||
ARG APP_NAME=mnemosyne
|
||||
|
||||
################################################################################
|
||||
# Create a stage for building the application.
|
||||
|
||||
FROM rust:${RUST_VERSION}-alpine AS build
|
||||
ARG APP_NAME
|
||||
WORKDIR /app
|
||||
ENV IN_DOCKER=true
|
||||
|
||||
# Install host build dependencies.
|
||||
RUN apk add --no-cache clang lld musl-dev git
|
||||
|
||||
# Build the application.
|
||||
# Leverage a cache mount to /usr/local/cargo/registry/
|
||||
# for downloaded dependencies, a cache mount to /usr/local/cargo/git/db
|
||||
# for git repository dependencies, and a cache mount to /app/target/ for
|
||||
# compiled dependencies which will speed up subsequent builds.
|
||||
# Leverage a bind mount to the src directory to avoid having to copy the
|
||||
# source code into the container. Once built, copy the executable to an
|
||||
# output directory before the cache mounted /app/target is unmounted.
|
||||
RUN --mount=type=bind,source=src,target=src \
|
||||
--mount=type=bind,source=web,target=web \
|
||||
--mount=type=bind,source=Cargo.toml,target=Cargo.toml \
|
||||
--mount=type=bind,source=Cargo.lock,target=Cargo.lock \
|
||||
--mount=type=cache,target=/app/target/ \
|
||||
--mount=type=cache,target=/usr/local/cargo/git/db \
|
||||
--mount=type=cache,target=/usr/local/cargo/registry/ \
|
||||
cargo build --locked --release && \
|
||||
cp ./target/release/$APP_NAME /bin/server
|
||||
|
||||
################################################################################
|
||||
# Create a new stage for running the application that contains the minimal
|
||||
# runtime dependencies for the application. This often uses a different base
|
||||
# image from the build stage where the necessary files are copied from the build
|
||||
# stage.
|
||||
#
|
||||
# The example below uses the alpine image as the foundation for running the app.
|
||||
# By specifying the "3.18" tag, it will use version 3.18 of alpine. If
|
||||
# reproducibility is important, consider using a digest
|
||||
# (e.g., alpine@sha256:664888ac9cfd28068e062c991ebcff4b4c7307dc8dd4df9e728bedde5c449d91).
|
||||
FROM alpine:3.23.3 AS final
|
||||
|
||||
# Create a non-privileged user that the app will run under.
|
||||
# See https://docs.docker.com/go/dockerfile-user-best-practices/
|
||||
ARG UID=10001
|
||||
RUN adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--home "/nonexistent" \
|
||||
--shell "/sbin/nologin" \
|
||||
--no-create-home \
|
||||
--uid "${UID}" \
|
||||
appuser
|
||||
|
||||
RUN mkdir -p /app && chown appuser:appuser /app
|
||||
USER appuser
|
||||
WORKDIR /app
|
||||
ENV IN_DOCKER=true
|
||||
|
||||
# Copy the executable from the "build" stage.
|
||||
COPY --from=build /bin/server /app/server
|
||||
|
||||
# Expose the port that the application listens on.
|
||||
EXPOSE 39321
|
||||
|
||||
# What the container should run when it is started.
|
||||
CMD ["/app/server"]
|
||||
45
src/logs.rs
45
src/logs.rs
@@ -1,10 +1,11 @@
|
||||
use std::fmt::Display;
|
||||
|
||||
use serde::{Deserialize, Serialize};
|
||||
use strum::{AsRefStr, IntoStaticStr};
|
||||
use strum::IntoStaticStr;
|
||||
use uuid::Uuid;
|
||||
|
||||
use crate::{database, users::User};
|
||||
use crate::{
|
||||
database::{self, DatabaseError},
|
||||
users::User,
|
||||
};
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct LogEntry {
|
||||
@@ -14,21 +15,45 @@ pub struct LogEntry {
|
||||
}
|
||||
|
||||
impl LogEntry {
|
||||
pub fn new(actor: User, data: LogAction) -> Result<LogEntry, rusqlite::Error> {
|
||||
pub fn new(actor: User, data: LogAction) -> Result<LogEntry, DatabaseError> {
|
||||
let log = LogEntry {
|
||||
id: Uuid::now_v7(),
|
||||
actor,
|
||||
data,
|
||||
};
|
||||
let conn = database::conn()?;
|
||||
let actiontype: &'static str = (&log.data).into();
|
||||
let payload = serde_json::to_string(&log.data).unwrap();
|
||||
conn.prepare(
|
||||
"INSERT INTO logs(id, actor, target, actiontype, payload) VALUES (?1,?2,?3,?4,?5)",
|
||||
)?
|
||||
.execute((&log.id, &log.actor.id, log.data.get_target_id(), "a", "b"))?;
|
||||
.execute((
|
||||
&log.id,
|
||||
&log.actor.id,
|
||||
log.data.get_target_id(),
|
||||
actiontype,
|
||||
payload,
|
||||
))?;
|
||||
Ok(log)
|
||||
}
|
||||
pub fn get_all() -> Result<Vec<LogEntry>, DatabaseError> {
|
||||
Ok(database::conn()?
|
||||
.prepare("SELECT id, actor, target, actiontype, payload FROM logs ORDER BY id DESC")?
|
||||
.query_map((), |r| {
|
||||
let payload: String = r.get(4)?;
|
||||
Ok(LogEntry {
|
||||
id: r.get(0)?,
|
||||
actor: User::get_by_id(r.get(1)?).unwrap(),
|
||||
data: serde_json::from_str(&payload).unwrap(),
|
||||
})
|
||||
})?
|
||||
.collect::<Result<Vec<LogEntry>, _>>()?)
|
||||
}
|
||||
}
|
||||
|
||||
// #[derive(Debug, thiserror::Error)]
|
||||
// pub enum LogError {}
|
||||
|
||||
#[derive(Debug, IntoStaticStr, Serialize, Deserialize)]
|
||||
pub enum LogAction {
|
||||
Initialize,
|
||||
@@ -42,10 +67,10 @@ impl LogAction {
|
||||
pub fn get_target_id(&self) -> Option<Uuid> {
|
||||
match self {
|
||||
Self::Initialize | Self::RegenInfradmin => None,
|
||||
Self::CreateUser { id, .. } => Some(*id),
|
||||
Self::CreateTag { id, .. } => Some(*id),
|
||||
Self::CreatePerson { id, .. } => Some(*id),
|
||||
Self::ChangeUserHandle { id, .. } => Some(*id),
|
||||
Self::CreateUser { id, .. }
|
||||
| Self::CreateTag { id, .. }
|
||||
| Self::CreatePerson { id, .. }
|
||||
| Self::ChangeUserHandle { id, .. } => Some(*id),
|
||||
}
|
||||
}
|
||||
pub fn get_humanreadable_payload(&self) -> String {
|
||||
|
||||
@@ -3,6 +3,7 @@ use uuid::Uuid;
|
||||
|
||||
use crate::{
|
||||
database,
|
||||
logs::{LogAction, LogEntry},
|
||||
users::{User, UserError},
|
||||
};
|
||||
|
||||
@@ -15,7 +16,8 @@ pub fn initialise_reserved_users_if_needed() -> Result<(), UserError> {
|
||||
.optional()?
|
||||
.is_none()
|
||||
{
|
||||
User::create_systemuser()?;
|
||||
let u = User::create_systemuser()?;
|
||||
LogEntry::new(u, LogAction::Initialize)?;
|
||||
}
|
||||
|
||||
if conn
|
||||
@@ -25,6 +27,7 @@ pub fn initialise_reserved_users_if_needed() -> Result<(), UserError> {
|
||||
.is_none()
|
||||
{
|
||||
User::create_infradmin()?;
|
||||
LogEntry::new(User::get_by_id(Uuid::nil())?, LogAction::RegenInfradmin)?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
|
||||
@@ -3,11 +3,10 @@ use axum::{
|
||||
response::{IntoResponse, Redirect, Response},
|
||||
};
|
||||
use maud::{PreEscaped, html};
|
||||
use uuid::Uuid;
|
||||
|
||||
use crate::{
|
||||
api::CompositeError,
|
||||
logs::{LogAction, LogEntry},
|
||||
logs::LogEntry,
|
||||
users::{User, auth::UserAuthenticate, permissions::Permission},
|
||||
web::{RedirectViaError, components::nav::nav, icons, pages::base},
|
||||
};
|
||||
@@ -15,21 +14,7 @@ use crate::{
|
||||
pub async fn page(req: Request) -> Result<Response, CompositeError> {
|
||||
let u = User::authenticate(req.headers())?
|
||||
.ok_or(RedirectViaError(Redirect::to("/login?re=/logs")))?;
|
||||
let logs: Vec<LogEntry> = vec![
|
||||
LogEntry {
|
||||
id: Uuid::now_v7(),
|
||||
actor: User::get_by_id(Uuid::nil()).unwrap(),
|
||||
data: LogAction::Initialize,
|
||||
},
|
||||
LogEntry {
|
||||
id: Uuid::now_v7(),
|
||||
actor: User::get_by_id(Uuid::nil()).unwrap(),
|
||||
data: LogAction::RegenInfradmin,
|
||||
},
|
||||
]
|
||||
.into_iter()
|
||||
.rev()
|
||||
.collect();
|
||||
let logs = LogEntry::get_all()?;
|
||||
|
||||
Ok(base(
|
||||
"Persons | Mnemosyne",
|
||||
|
||||
Reference in New Issue
Block a user