From ce978b1224ed15c6954258d277aa8fcff16126b0 Mon Sep 17 00:00:00 2001 From: Vitomir Budimir Date: Wed, 18 Sep 2024 14:37:33 +0200 Subject: [PATCH 1/6] feat: set up Uberspace scripts --- .env-template | 2 +- scripts/setup_uberspace.sh | 66 +++++++++++++++++++++++++++++++++ uberspace/app.ini | 6 +++ uberspace/mongodb/.mongoshrc.js | 3 ++ uberspace/mongodb/mongodb.ini | 8 ++++ uberspace/mongodb/setup.js | 15 ++++++++ 6 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 scripts/setup_uberspace.sh create mode 100644 uberspace/app.ini create mode 100644 uberspace/mongodb/.mongoshrc.js create mode 100644 uberspace/mongodb/mongodb.ini create mode 100644 uberspace/mongodb/setup.js diff --git a/.env-template b/.env-template index 7a1d324..1833607 100644 --- a/.env-template +++ b/.env-template @@ -22,4 +22,4 @@ LTI_PLATFORM_NAME=saltire.lti.app LTI_PLATFORM_CLIENT_ID=saltire.lti.app LTI_PLATFORM_AUTHENTICATION_ENDPOINT=https://saltire.lti.app/platform/auth LTI_PLATFORM_ACCESS_TOKEN_ENDPOINT=https://saltire.lti.app/platform/token/sc24671cd70c6e45554e6c405a2f5d966 -LTI_PLATFORM_KEYSET_ENDPOINT=https://saltire.lti.app/platform/jwks/sc24671cd70c6e45554e6c405a2f5d966 \ No newline at end of file +LTI_PLATFORM_KEYSET_ENDPOINT=https://saltire.lti.app/platform/jwks/sc24671cd70c6e45554e6c405a2f5d966 diff --git a/scripts/setup_uberspace.sh b/scripts/setup_uberspace.sh new file mode 100644 index 0000000..4413f1f --- /dev/null +++ b/scripts/setup_uberspace.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +set -e + +# Set Node.js version +if ! $(uberspace tools version show node | grep -q '20'); then + uberspace tools version use node 20 +fi + +# Create MySQL table +mysql -e 'USE vitomirs; CREATE TABLE IF NOT EXISTS `lti_entity` ( `id` bigint NOT NULL AUTO_INCREMENT, `resource_link_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci DEFAULT NULL, `custom_claim_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `content` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `id_token_on_creation` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, PRIMARY KEY (`id`), KEY `idx_lti_entity_custom_claim_id` (`custom_claim_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_520_ci;' +echo 'MySQL table created successfully (or existed already)' + +# Set up MongoDB +if ! $(uberspace tools version show mongodb | grep -q '6.0'); then + uberspace tools version use mongodb 6.0 +fi +mkdir -p ~/mongodb +cp ./uberspace/mongodb/mongodb.ini ~/etc/services.d/ +echo $(supervisorctl reread) +echo $(supervisorctl update) +if ! $(supervisorctl status | grep -q 'RUNNING'); then + echo 'MongoDB status is not RUNNING' + exit 1 +fi +cp ./uberspace/mongodb/.mongoshrc.js ~/ +# TODO: avoid using a setup.js file here, don't commit password +cp ./uberspace/mongodb/setup.js ~/mongodb/ +mongosh admin ~/mongodb/setup.js +echo 'MongoDB set up successfully' + +# Set environment variables +cp .env-template .env +mysql_pw=$(grep -oP -m 1 "^password=(.*)" ~/.my.cnf | cut -d '=' -f 2-) +echo "MYSQL_URI=mysql://vitomirs:$mysql_pw@localhost:3306/vitomirs" >> .env +# TODO: don't use password directly, so that you don't commit it +echo 'MONGODB_CONNECTION_URI=mongodb://vitomirs_mongoroot:password_placeholder@127.0.0.1:27017/' >> .env +echo 'Updated environment variables' + +# Install dependencies +yarn +echo 'Installed dependencies using Yarn' + +# Build frontend +yarn build +echo 'Built the frontend app using Yarn' + +# Run the backend as an Uberspace service +cp ./uberspace/app.ini ~/etc/services.d/ +supervisorctl reread +supervisorctl update +if $(supervisorctl status | grep -q "serlo-app.*RUNNING"); then + supervisorctl restart serlo-app + echo 'Restarted the serlo-app Uberspace service, as it already existed' +else + supervisorctl start serlo-app + echo 'Started the serlo-app Uberspace service for running the backend app' +fi + +# Open the LTI backend to the internet +uberspace web backend set / --http --port 3000 +if ! $(uberspace web backend list | grep -q 'http:3000 => OK, listening'); then + echo 'Uberspace web backend is not listening' + exit 2 +fi +echo 'Backend app opened to the internet' diff --git a/uberspace/app.ini b/uberspace/app.ini new file mode 100644 index 0000000..5872498 --- /dev/null +++ b/uberspace/app.ini @@ -0,0 +1,6 @@ +[program:serlo-app] +directory=/home/vitomirs/serlo-editor-as-lti-tool +command=yarn start:dev +autostart=true +autorestart=true +environment=NODE_ENV=production diff --git a/uberspace/mongodb/.mongoshrc.js b/uberspace/mongodb/.mongoshrc.js new file mode 100644 index 0000000..f20fea5 --- /dev/null +++ b/uberspace/mongodb/.mongoshrc.js @@ -0,0 +1,3 @@ +db = connect( + 'mongodb://vitomirs_mongoroot:password_placeholder@127.0.0.1:27017/admin' +) diff --git a/uberspace/mongodb/mongodb.ini b/uberspace/mongodb/mongodb.ini new file mode 100644 index 0000000..0e7b695 --- /dev/null +++ b/uberspace/mongodb/mongodb.ini @@ -0,0 +1,8 @@ +[program:mongodb] +command=mongod + --dbpath %(ENV_HOME)s/mongodb + --bind_ip 127.0.0.1 + --auth + --unixSocketPrefix %(ENV_HOME)s/mongodb +autostart=yes +autorestart=yes diff --git a/uberspace/mongodb/setup.js b/uberspace/mongodb/setup.js new file mode 100644 index 0000000..fe7689f --- /dev/null +++ b/uberspace/mongodb/setup.js @@ -0,0 +1,15 @@ +const username = 'vitomirs_mongoroot' +const password = 'password_placeholder' +const roles = ['root'] + +try { + db.auth(username, password) + print(`User '${username}' already exists.`) +} catch { + db.createUser({ + user: username, + pwd: password, + roles: roles, + }) + print(`User '${username}' created.`) +} From 6a8d6aa1da795f4033cd9b7fe5c1da6c47b6021a Mon Sep 17 00:00:00 2001 From: Lars Date: Wed, 18 Sep 2024 16:31:30 +0200 Subject: [PATCH 2/6] feat: use user and password from env variables --- scripts/setup_uberspace.sh | 12 +++++++++++- uberspace/mongodb/.mongoshrc.js | 6 +++--- uberspace/mongodb/setup.js | 7 +++---- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/scripts/setup_uberspace.sh b/scripts/setup_uberspace.sh index 4413f1f..04d566d 100644 --- a/scripts/setup_uberspace.sh +++ b/scripts/setup_uberspace.sh @@ -8,12 +8,22 @@ if ! $(uberspace tools version show node | grep -q '20'); then fi # Create MySQL table -mysql -e 'USE vitomirs; CREATE TABLE IF NOT EXISTS `lti_entity` ( `id` bigint NOT NULL AUTO_INCREMENT, `resource_link_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci DEFAULT NULL, `custom_claim_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `content` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `id_token_on_creation` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, PRIMARY KEY (`id`), KEY `idx_lti_entity_custom_claim_id` (`custom_claim_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_520_ci;' +# TODO Change username +mysql -e 'USE '$USER'; CREATE TABLE IF NOT EXISTS `lti_entity` ( `id` bigint NOT NULL AUTO_INCREMENT, `resource_link_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci DEFAULT NULL, `custom_claim_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `content` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `id_token_on_creation` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, PRIMARY KEY (`id`), KEY `idx_lti_entity_custom_claim_id` (`custom_claim_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_520_ci;' echo 'MySQL table created successfully (or existed already)' +# Generate mongodb password +# TODO Maybe store in env variable and dont regenerate? +export MONGODB_PASSWORD=$(pwgen 32 1) + +echo "export MONGODB_PASSWORD=$MONGODB_PASSWORD" >> ~/.bashrc +. ~/.bashrc # Pulls env into current shell + # Set up MongoDB if ! $(uberspace tools version show mongodb | grep -q '6.0'); then uberspace tools version use mongodb 6.0 + echo 'MongoDB version set to 6.0. Waiting a few seconds until it runs.' + sleep 2 fi mkdir -p ~/mongodb cp ./uberspace/mongodb/mongodb.ini ~/etc/services.d/ diff --git a/uberspace/mongodb/.mongoshrc.js b/uberspace/mongodb/.mongoshrc.js index f20fea5..22b45b1 100644 --- a/uberspace/mongodb/.mongoshrc.js +++ b/uberspace/mongodb/.mongoshrc.js @@ -1,3 +1,3 @@ -db = connect( - 'mongodb://vitomirs_mongoroot:password_placeholder@127.0.0.1:27017/admin' -) +const uri = `mongodb://${process.env.USER}_mongoroot:${process.env.MONGODB_PASSWORD}@127.0.0.1:27017/admin` +console.log(`Attempting to connect to ${uri}`) +db = connect(uri) diff --git a/uberspace/mongodb/setup.js b/uberspace/mongodb/setup.js index fe7689f..464a504 100644 --- a/uberspace/mongodb/setup.js +++ b/uberspace/mongodb/setup.js @@ -1,6 +1,5 @@ -const username = 'vitomirs_mongoroot' -const password = 'password_placeholder' -const roles = ['root'] +const username = `${process.env.USER}_mongoroot` +const password = process.env.MONGODB_PASSWORD try { db.auth(username, password) @@ -9,7 +8,7 @@ try { db.createUser({ user: username, pwd: password, - roles: roles, + roles: ['root'], }) print(`User '${username}' created.`) } From 01cca30283b6e1f287edfee891b214d1889b6e7f Mon Sep 17 00:00:00 2001 From: Lars Date: Thu, 19 Sep 2024 15:11:46 +0200 Subject: [PATCH 3/6] fix: do not regenerate mongodb password --- scripts/setup_uberspace.sh | 19 ++++++++++++------- uberspace/app.ini | 2 +- 2 files changed, 13 insertions(+), 8 deletions(-) mode change 100644 => 100755 scripts/setup_uberspace.sh diff --git a/scripts/setup_uberspace.sh b/scripts/setup_uberspace.sh old mode 100644 new mode 100755 index 04d566d..cd185a3 --- a/scripts/setup_uberspace.sh +++ b/scripts/setup_uberspace.sh @@ -2,6 +2,11 @@ set -e +#if ! $(git status); then +# echo 'Please run in repo directory' +# exit 1 +#fi + # Set Node.js version if ! $(uberspace tools version show node | grep -q '20'); then uberspace tools version use node 20 @@ -13,11 +18,12 @@ mysql -e 'USE '$USER'; CREATE TABLE IF NOT EXISTS `lti_entity` ( `id` bigint NOT echo 'MySQL table created successfully (or existed already)' # Generate mongodb password -# TODO Maybe store in env variable and dont regenerate? -export MONGODB_PASSWORD=$(pwgen 32 1) +if ! $(grep MONGODB_PASSWORD ~/.bashrc); then + export MONGODB_PASSWORD=$(pwgen 32 1) + echo "export MONGODB_PASSWORD=$MONGODB_PASSWORD" >> ~/.bashrc +fi -echo "export MONGODB_PASSWORD=$MONGODB_PASSWORD" >> ~/.bashrc -. ~/.bashrc # Pulls env into current shell +source ~/.bashrc # Pulls env into current shell # Set up MongoDB if ! $(uberspace tools version show mongodb | grep -q '6.0'); then @@ -42,9 +48,8 @@ echo 'MongoDB set up successfully' # Set environment variables cp .env-template .env mysql_pw=$(grep -oP -m 1 "^password=(.*)" ~/.my.cnf | cut -d '=' -f 2-) -echo "MYSQL_URI=mysql://vitomirs:$mysql_pw@localhost:3306/vitomirs" >> .env -# TODO: don't use password directly, so that you don't commit it -echo 'MONGODB_CONNECTION_URI=mongodb://vitomirs_mongoroot:password_placeholder@127.0.0.1:27017/' >> .env +echo "MYSQL_URI=mysql://${USER}:${mysql_pw}@localhost:3306/${USER}" >> .env +echo "MONGODB_CONNECTION_URI=mongodb://${USER}_mongoroot:${MONGODB_PASSWORD}@127.0.0.1:27017/" >> .env echo 'Updated environment variables' # Install dependencies diff --git a/uberspace/app.ini b/uberspace/app.ini index 5872498..1eb8bb4 100644 --- a/uberspace/app.ini +++ b/uberspace/app.ini @@ -1,5 +1,5 @@ [program:serlo-app] -directory=/home/vitomirs/serlo-editor-as-lti-tool +directory=~/serlo-editor-as-lti-tool command=yarn start:dev autostart=true autorestart=true From bf6c382ca4ece87efd41e60aec3b70468a414b70 Mon Sep 17 00:00:00 2001 From: Vitomir Budimir Date: Thu, 19 Sep 2024 15:44:50 +0200 Subject: [PATCH 4/6] feat: set user dynamically in app.ini --- scripts/setup_uberspace.sh | 12 +++--------- uberspace/app.ini | 2 +- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/scripts/setup_uberspace.sh b/scripts/setup_uberspace.sh index cd185a3..d46e3e7 100755 --- a/scripts/setup_uberspace.sh +++ b/scripts/setup_uberspace.sh @@ -2,18 +2,12 @@ set -e -#if ! $(git status); then -# echo 'Please run in repo directory' -# exit 1 -#fi - # Set Node.js version if ! $(uberspace tools version show node | grep -q '20'); then uberspace tools version use node 20 fi # Create MySQL table -# TODO Change username mysql -e 'USE '$USER'; CREATE TABLE IF NOT EXISTS `lti_entity` ( `id` bigint NOT NULL AUTO_INCREMENT, `resource_link_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci DEFAULT NULL, `custom_claim_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `content` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `id_token_on_creation` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, PRIMARY KEY (`id`), KEY `idx_lti_entity_custom_claim_id` (`custom_claim_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_520_ci;' echo 'MySQL table created successfully (or existed already)' @@ -23,24 +17,24 @@ if ! $(grep MONGODB_PASSWORD ~/.bashrc); then echo "export MONGODB_PASSWORD=$MONGODB_PASSWORD" >> ~/.bashrc fi -source ~/.bashrc # Pulls env into current shell +# Pull env into current shell +source ~/.bashrc # Set up MongoDB if ! $(uberspace tools version show mongodb | grep -q '6.0'); then uberspace tools version use mongodb 6.0 echo 'MongoDB version set to 6.0. Waiting a few seconds until it runs.' - sleep 2 fi mkdir -p ~/mongodb cp ./uberspace/mongodb/mongodb.ini ~/etc/services.d/ echo $(supervisorctl reread) echo $(supervisorctl update) +sleep 2 if ! $(supervisorctl status | grep -q 'RUNNING'); then echo 'MongoDB status is not RUNNING' exit 1 fi cp ./uberspace/mongodb/.mongoshrc.js ~/ -# TODO: avoid using a setup.js file here, don't commit password cp ./uberspace/mongodb/setup.js ~/mongodb/ mongosh admin ~/mongodb/setup.js echo 'MongoDB set up successfully' diff --git a/uberspace/app.ini b/uberspace/app.ini index 1eb8bb4..ff880d9 100644 --- a/uberspace/app.ini +++ b/uberspace/app.ini @@ -1,5 +1,5 @@ [program:serlo-app] -directory=~/serlo-editor-as-lti-tool +directory=/home/%(ENV_USER)s/serlo-editor-as-lti-tool command=yarn start:dev autostart=true autorestart=true From 30e66cd5a4a94e8635b37e2a214dcccd6d654e61 Mon Sep 17 00:00:00 2001 From: Lars Date: Mon, 23 Sep 2024 15:51:29 +0200 Subject: [PATCH 5/6] fix: Remove `X-Frame-Options` header to allow embedding in iframe --- scripts/setup_uberspace.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/setup_uberspace.sh b/scripts/setup_uberspace.sh index d46e3e7..09d798d 100755 --- a/scripts/setup_uberspace.sh +++ b/scripts/setup_uberspace.sh @@ -7,6 +7,10 @@ if ! $(uberspace tools version show node | grep -q '20'); then uberspace tools version use node 20 fi +# Remove default X-Frame-Options header to allow embedding in iframe +# TODO: X-Frame-Options is deprecated anyway. Maybe restrict embedding only on allowed domains using new headers? See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options instead +uberspace web header suppress / X-Frame-Options + # Create MySQL table mysql -e 'USE '$USER'; CREATE TABLE IF NOT EXISTS `lti_entity` ( `id` bigint NOT NULL AUTO_INCREMENT, `resource_link_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci DEFAULT NULL, `custom_claim_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `content` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, `id_token_on_creation` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_520_ci NOT NULL, PRIMARY KEY (`id`), KEY `idx_lti_entity_custom_claim_id` (`custom_claim_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_520_ci;' echo 'MySQL table created successfully (or existed already)' From bfcd4149affbfed00350e20f474f24ea2814c79f Mon Sep 17 00:00:00 2001 From: Vitomir Budimir Date: Mon, 23 Sep 2024 16:36:15 +0200 Subject: [PATCH 6/6] fix(mongo): disable eslint rules in setup files --- uberspace/mongodb/.mongoshrc.js | 2 ++ uberspace/mongodb/setup.js | 1 + 2 files changed, 3 insertions(+) diff --git a/uberspace/mongodb/.mongoshrc.js b/uberspace/mongodb/.mongoshrc.js index 22b45b1..0900103 100644 --- a/uberspace/mongodb/.mongoshrc.js +++ b/uberspace/mongodb/.mongoshrc.js @@ -1,3 +1,5 @@ +/* eslint no-undef: 0 */ const uri = `mongodb://${process.env.USER}_mongoroot:${process.env.MONGODB_PASSWORD}@127.0.0.1:27017/admin` +// eslint-disable-next-line no-console console.log(`Attempting to connect to ${uri}`) db = connect(uri) diff --git a/uberspace/mongodb/setup.js b/uberspace/mongodb/setup.js index 464a504..bca552d 100644 --- a/uberspace/mongodb/setup.js +++ b/uberspace/mongodb/setup.js @@ -1,3 +1,4 @@ +/* eslint no-undef: 0 */ const username = `${process.env.USER}_mongoroot` const password = process.env.MONGODB_PASSWORD