Clean up

Corporate Identity, Slack OAuth, etc.

.gitea/workflows/build-push-image.yml

@@ -0,0 +1,53 @@
+name: release-tag
+
+on:
+  push
+
+jobs:
+  release-image:
+    runs-on: ubuntu-latest
+    container:
+      image: catthehacker/ubuntu:act-latest
+    env:
+      DOCKER_ORG: matthias
+      DOCKER_LATEST: latest
+      RUNNER_TOOL_CACHE: /toolcache
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker BuildX
+        uses: docker/setup-buildx-action@v2
+        with: # replace it with your local IP
+          config-inline: |
+            [registry."git.matsewe.de"] 
+              http = true
+              insecure = true            
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          registry: git.matsewe.de # replace it with your local IP
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          
+      - name: Get Meta
+        id: meta
+        run: |
+          echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}') >> $GITHUB_OUTPUT
+          echo REPO_VERSION=$(git describe --tags --always | sed 's/^v//') >> $GITHUB_OUTPUT                
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: |
+            linux/amd64                 
+          push: true
+          tags: | # replace it with your local IP and tags
+            git.matsewe.de/${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}
+            git.matsewe.de/${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}

.gitignore

@@ -1,3 +1,5 @@
 __pycache__
 .venv
-.vscode
+.vscode
+.env
+data

Dockerfile

@@ -0,0 +1,15 @@
+FROM python:3.11
+
+WORKDIR /code
+
+COPY ./requirements.txt /tmp/requirements.txt
+
+RUN pip install --no-cache-dir --upgrade -r /tmp/requirements.txt
+
+COPY ./app /code/app
+COPY ./static /code/static
+COPY ./templates /code/templates
+
+RUN echo "first_run" > "/tmp/first_run"
+
+CMD ["fastapi", "run", "app/main.py", "--proxy-headers", "--port", "80"]

Dockerfile-dev

@@ -0,0 +1,11 @@
+FROM python:3.11
+
+WORKDIR /code
+
+COPY ./requirements.txt /tmp/requirements.txt
+
+RUN pip install --no-cache-dir --upgrade -r /tmp/requirements.txt
+
+RUN echo "first_run" > "/tmp/first_run"
+
+CMD ["fastapi", "run", "app/main.py", "--proxy-headers", "--port", "80", "--reload"]

app/main.py

@@ -1,4 +1,4 @@
-from fastapi import FastAPI, Request, Depends, Cookie, Security
+from fastapi import FastAPI, Request, Depends, Security
 from app.routers import admin, songs, session
 from fastapi.staticfiles import StaticFiles
 from fastapi.responses import HTMLResponse
@@ -6,26 +6,24 @@ from fastapi.templating import Jinja2Templates
 from app.database import engine, Base, get_db, SessionLocal
 from app.crud import get_songs_and_vote_for_session, get_setting
 from sqlalchemy.orm import Session
-from typing import Annotated
 from app.schemas import Song
-import json
 import os
 import asyncio
-from jose import JWTError, jwt
 from app.security import get_current_user
 
 from starlette.middleware import Middleware
 
-from starlette_context import context, plugins
+from starlette_context import plugins
 from starlette_context.middleware import RawContextMiddleware
 
-if os.path.isfile("first_run") and (os.environ.get("RELOAD_ON_FIRST_RUN").lower() == "true"):
+Base.metadata.create_all(engine)
+
+if os.path.isfile("/tmp/first_run") and (os.environ.get("RELOAD_ON_FIRST_RUN", "").lower() == "true"):
     print("First run ... load data")
     with SessionLocal() as db:
         asyncio.run(admin.create_upload_file(include_non_singable=True, db=db))
-    os.remove("first_run")
+    os.remove("/tmp/first_run")
 
-# Base.metadata.create_all(engine)
 
 middleware = [
     Middleware(

app/security.py

@@ -1,8 +1,6 @@
-from typing import Annotated
+from fastapi import  HTTPException, status, Request
-
-from fastapi import  HTTPException, Cookie, status, Request
 from fastapi.security import SecurityScopes
-from jose import JWTError, jwt
+from jose import JWTError
 from pydantic import ValidationError
 import os
 
@@ -11,7 +9,7 @@ import os
 # openssl rand -hex 32
 
 scopes_db = {
-    os.environ['ADMIN_EMAIL'] : ["admin"]
+    os.environ.get('ADMIN_EMAIL', "") : ["admin"]
 }
 
 credentials_exception = HTTPException(
@@ -22,6 +20,10 @@ credentials_exception = HTTPException(
 async def get_current_user(
     security_scopes: SecurityScopes, request: Request
     ):
+
+    if os.environ.get("NO_LOGIN", "").lower() == "true":
+        return {"sub": "test"}
+    
     try:
         username: str = request.headers.get("x-auth-request-user")  # type: ignore
         if username is None:

docker-compose.yml

@@ -0,0 +1,21 @@
+version: "3.7"
+
+services:
+  liederwahl-dev:
+    build: 
+      context: .
+      dockerfile: Dockerfile-dev
+    container_name: liederwahl-dev
+    restart: unless-stopped
+    volumes:
+      - .:/code
+      - liederwahl-dev:/data
+    ports: 
+      - 80:80
+    environment:
+      - LIST_URL=${LIST_URL}
+      - NO_LOGIN=true
+      - RELOAD_ON_FIRST_RUN=true
+
+volumes:
+  liederwahl-dev: