Harden security
This commit is contained in:
78
Makefile
78
Makefile
@@ -1,15 +1,14 @@
|
||||
QUADLET_MGR := ./scripts/quadlet/manage.sh
|
||||
MODULES ?= core.tests
|
||||
STACK_ID_CLEAN := $(shell sid="$${GIA_STACK_ID:-$${STACK_ID:-}}"; sid=$$(printf "%s" "$$sid" | tr -cs 'a-zA-Z0-9._-' '-' | sed 's/^-*//; s/-*$$//'); printf "%s" "$$sid")
|
||||
STACK_SUFFIX := $(if $(STACK_ID_CLEAN),_$(STACK_ID_CLEAN),)
|
||||
APP_CONTAINER := gia$(STACK_SUFFIX)
|
||||
|
||||
run:
|
||||
bash $(QUADLET_MGR) up
|
||||
|
||||
build:
|
||||
@if command -v docker-compose >/dev/null 2>&1; then \
|
||||
docker-compose --env-file=stack.env build app; \
|
||||
else \
|
||||
OPERATION=uwsgi podman build --build-arg OPERATION=uwsgi -t localhost/xf/gia:prod -f Dockerfile .; \
|
||||
fi
|
||||
OPERATION=uwsgi podman build --build-arg OPERATION=uwsgi -t localhost/xf/gia:prod -f Dockerfile .
|
||||
|
||||
stop:
|
||||
bash $(QUADLET_MGR) down
|
||||
@@ -23,71 +22,42 @@ status:
|
||||
quadlet-install:
|
||||
bash $(QUADLET_MGR) install
|
||||
|
||||
compose-run:
|
||||
docker-compose --env-file=stack.env up -d
|
||||
|
||||
compose-stop:
|
||||
docker-compose --env-file=stack.env down
|
||||
|
||||
compose-log:
|
||||
docker-compose --env-file=stack.env logs -f --names
|
||||
|
||||
test:
|
||||
@if command -v docker-compose >/dev/null 2>&1; then \
|
||||
docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py test $(MODULES) -v 2"; \
|
||||
@if podman ps --format '{{.Names}}' | grep -qx "$(APP_CONTAINER)"; then \
|
||||
podman exec "$(APP_CONTAINER)" sh -lc "cd /code && . /venv/bin/activate && python manage.py test $(MODULES) -v 2"; \
|
||||
else \
|
||||
if podman ps --format '{{.Names}}' | grep -qx gia; then \
|
||||
podman exec gia sh -lc "cd /code && . /venv/bin/activate && python manage.py test $(MODULES) -v 2"; \
|
||||
else \
|
||||
echo "Container 'gia' is not running. Start the stack first with 'make run' (or mrl)." >&2; \
|
||||
exit 125; \
|
||||
fi; \
|
||||
echo "Container '$(APP_CONTAINER)' is not running. Start the stack first with 'make run'." >&2; \
|
||||
exit 125; \
|
||||
fi
|
||||
|
||||
migrate:
|
||||
@if command -v docker-compose >/dev/null 2>&1; then \
|
||||
docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py migrate"; \
|
||||
@if podman ps --format '{{.Names}}' | grep -qx "$(APP_CONTAINER)"; then \
|
||||
podman exec "$(APP_CONTAINER)" sh -lc "cd /code && . /venv/bin/activate && python manage.py migrate"; \
|
||||
else \
|
||||
if podman ps --format '{{.Names}}' | grep -qx gia; then \
|
||||
podman exec gia sh -lc "cd /code && . /venv/bin/activate && python manage.py migrate"; \
|
||||
else \
|
||||
echo "Container 'gia' is not running. Start the stack first with 'make run' (or mrl)." >&2; \
|
||||
exit 125; \
|
||||
fi; \
|
||||
echo "Container '$(APP_CONTAINER)' is not running. Start the stack first with 'make run'." >&2; \
|
||||
exit 125; \
|
||||
fi
|
||||
|
||||
makemigrations:
|
||||
@if command -v docker-compose >/dev/null 2>&1; then \
|
||||
docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py makemigrations"; \
|
||||
@if podman ps --format '{{.Names}}' | grep -qx "$(APP_CONTAINER)"; then \
|
||||
podman exec "$(APP_CONTAINER)" sh -lc "cd /code && . /venv/bin/activate && python manage.py makemigrations"; \
|
||||
else \
|
||||
if podman ps --format '{{.Names}}' | grep -qx gia; then \
|
||||
podman exec gia sh -lc "cd /code && . /venv/bin/activate && python manage.py makemigrations"; \
|
||||
else \
|
||||
echo "Container 'gia' is not running. Start the stack first with 'make run' (or mrl)." >&2; \
|
||||
exit 125; \
|
||||
fi; \
|
||||
echo "Container '$(APP_CONTAINER)' is not running. Start the stack first with 'make run'." >&2; \
|
||||
exit 125; \
|
||||
fi
|
||||
|
||||
auth:
|
||||
@if command -v docker-compose >/dev/null 2>&1; then \
|
||||
docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py createsuperuser"; \
|
||||
@if podman ps --format '{{.Names}}' | grep -qx "$(APP_CONTAINER)"; then \
|
||||
podman exec "$(APP_CONTAINER)" sh -lc "cd /code && . /venv/bin/activate && python manage.py createsuperuser"; \
|
||||
else \
|
||||
if podman ps --format '{{.Names}}' | grep -qx gia; then \
|
||||
podman exec gia sh -lc "cd /code && . /venv/bin/activate && python manage.py createsuperuser"; \
|
||||
else \
|
||||
echo "Container 'gia' is not running. Start the stack first with 'make run' (or mrl)." >&2; \
|
||||
exit 125; \
|
||||
fi; \
|
||||
echo "Container '$(APP_CONTAINER)' is not running. Start the stack first with 'make run'." >&2; \
|
||||
exit 125; \
|
||||
fi
|
||||
|
||||
token:
|
||||
@if command -v docker-compose >/dev/null 2>&1; then \
|
||||
docker-compose --env-file=stack.env run --rm app sh -c ". /venv/bin/activate && python manage.py addstatictoken m"; \
|
||||
@if podman ps --format '{{.Names}}' | grep -qx "$(APP_CONTAINER)"; then \
|
||||
podman exec "$(APP_CONTAINER)" sh -lc "cd /code && . /venv/bin/activate && python manage.py addstatictoken m"; \
|
||||
else \
|
||||
if podman ps --format '{{.Names}}' | grep -qx gia; then \
|
||||
podman exec gia sh -lc "cd /code && . /venv/bin/activate && python manage.py addstatictoken m"; \
|
||||
else \
|
||||
echo "Container 'gia' is not running. Start the stack first with 'make run' (or mrl)." >&2; \
|
||||
exit 125; \
|
||||
fi; \
|
||||
echo "Container '$(APP_CONTAINER)' is not running. Start the stack first with 'make run'." >&2; \
|
||||
exit 125; \
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user