diff --git a/.github/CHANGELOG.md b/.github/CHANGELOG.md index 786bc32b..3b83b12c 100644 --- a/.github/CHANGELOG.md +++ b/.github/CHANGELOG.md @@ -1,4 +1,7 @@ # Changelog +## [v1.1.1](https://github.com/honeynet/GreedyBear/releases/tag/v1.1.1) +Various fixes to the previous release + ## [v1.1.0](https://github.com/honeynet/GreedyBear/releases/tag/v1.1.0) **New features** * Added a new "Feeds" section in the GUI where it is possible to browse available feeds diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4fe39bad..7e5b37f2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,7 +8,7 @@ updates: day: "tuesday" target-branch: "develop" reviewers: - - mlodi + - mlodic - package-ecosystem: "npm" directory: "/frontend" @@ -27,7 +27,7 @@ updates: day: "tuesday" target-branch: "develop" reviewers: - - mlodi + - mlodic - package-ecosystem: "github-actions" @@ -37,4 +37,4 @@ updates: day: "tuesday" target-branch: "develop" reviewers: - - mlodi + - mlodic diff --git a/.github/workflows/twitter_publish.yml b/.github/workflows/twitter_publish.yml new file mode 100644 index 00000000..1b474ca8 --- /dev/null +++ b/.github/workflows/twitter_publish.yml @@ -0,0 +1,17 @@ +permissions: read-all +name: publish-to-twitter +on: + release: + types: [released] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: infraway/tweet-action@v1.0.1 + with: + status: "published #IntelOwl ${{github.ref_name}}! https://github.com/intelowlproject/GreedyBear/releases/tag/${{github.ref_name}} #ThreatIntelligence #CyberSecurity #OpenSource #osint #honeypot #tpot" + api_key: ${{ secrets.TWITTER_API_KEY }} + api_key_secret: ${{ secrets.TWITTER_API_KEY_SECRET }} + access_token: ${{ secrets.TWITTER_ACCESS_TOKEN }} + access_token_secret: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }} \ No newline at end of file diff --git a/configuration/nginx/django_server.conf b/configuration/nginx/django_server.conf index 13a32343..35ee2a7b 100644 --- a/configuration/nginx/django_server.conf +++ b/configuration/nginx/django_server.conf @@ -6,11 +6,8 @@ server { server_tokens off; charset utf-8; - location /favicon.ico { - alias /var/www/static/favicon.ico; - access_log off; - log_not_found off; - } + # Locations + include locations.conf; location /static/ { alias /var/www/static/; diff --git a/configuration/nginx/http.conf b/configuration/nginx/http.conf index 0472d7a9..74a34915 100644 --- a/configuration/nginx/http.conf +++ b/configuration/nginx/http.conf @@ -13,11 +13,8 @@ server { server_tokens off; - location /favicon.ico { - alias /var/www/static/favicon.ico; - access_log off; - log_not_found off; - } + # Locations + include locations.conf; location /static/ { alias /var/www/static/; diff --git a/configuration/nginx/https.conf b/configuration/nginx/https.conf index b91c9585..23c1e138 100644 --- a/configuration/nginx/https.conf +++ b/configuration/nginx/https.conf @@ -19,11 +19,8 @@ server { server_tokens off; - location /favicon.ico { - alias /var/www/static/favicon.ico; - access_log off; - log_not_found off; - } + # Locations + include locations.conf; location /static/ { alias /var/www/static/; diff --git a/configuration/nginx/locations.conf b/configuration/nginx/locations.conf new file mode 100644 index 00000000..46cef190 --- /dev/null +++ b/configuration/nginx/locations.conf @@ -0,0 +1,8 @@ +location /hc { + return 200; +} + +location = /favicon.ico { + access_log off; + log_not_found off; +} \ No newline at end of file diff --git a/configuration/uwsgi/greedybear.ini b/configuration/uwsgi/greedybear.ini index 7c2c3bb4..0fd823ef 100644 --- a/configuration/uwsgi/greedybear.ini +++ b/configuration/uwsgi/greedybear.ini @@ -23,5 +23,3 @@ reload-on-rss = 2048 worker-reload-mercy = 3600 buffer-size = 32768 - -need-app = true diff --git a/docker/.version b/docker/.version index 9248d122..bd2f4760 100644 --- a/docker/.version +++ b/docker/.version @@ -1 +1 @@ -REACT_APP_GREEDYBEAR_VERSION="v1.1.0" \ No newline at end of file +REACT_APP_GREEDYBEAR_VERSION="v1.1.1" \ No newline at end of file diff --git a/docker/Dockerfile b/docker/Dockerfile index ac97ab90..88a2359e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -15,8 +15,6 @@ RUN PUBLIC_URL=/static/reactapp/ npm run build # Stage 2: Backend FROM python:3.9.16-alpine3.17 -COPY --from=frontend-build /build /var/www/reactapp - ENV PYTHONUNBUFFERED 1 ENV DJANGO_SETTINGS_MODULE greedybear.settings ENV PYTHONPATH /opt/deploy/greedybear @@ -28,11 +26,12 @@ RUN mkdir -p ${LOG_PATH} \ ${LOG_PATH}/django \ ${LOG_PATH}/uwsgi \ # py3-psycopg2 is required to use PostgresSQL with Django - && apk --no-cache -U add bash uwsgi py3-psycopg2 \ + && apk --no-cache -U add bash py3-psycopg2 gcc python3-dev alpine-sdk linux-headers \ && pip3 install --upgrade pip WORKDIR $PYTHONPATH COPY . $PYTHONPATH +COPY --from=frontend-build /build /var/www/reactapp # separation is required to avoid to re-execute os installation in case of change of python requirements RUN pip3 install --no-cache-dir --compile -r $PYTHONPATH/requirements/project-requirements.txt \ @@ -43,5 +42,8 @@ RUN pip3 install --no-cache-dir --compile -r $PYTHONPATH/requirements/project-re && adduser -S -H -u 2000 -D -g www-data www-data \ && chown -R www-data:www-data ${LOG_PATH} /opt/deploy/ \ && rm -rf docs/ frontend/ tests/ .github/ \ - && /bin/bash ./docker/watchman_install.sh + && /bin/bash ./docker/watchman_install.sh \ + && apk del gcc python3-dev alpine-sdk linux-headers + +HEALTHCHECK --interval=10s --timeout=2s --start-period=20s --retries=5 CMD nc -z localhost 8001 || exit 1 diff --git a/docker/Dockerfile_nginx b/docker/Dockerfile_nginx index 94e9eb50..0398f47a 100644 --- a/docker/Dockerfile_nginx +++ b/docker/Dockerfile_nginx @@ -1,4 +1,4 @@ -FROM library/nginx:1.21.1-alpine +FROM library/nginx:1.23.4-alpine RUN mkdir -p /var/cache/nginx /var/cache/nginx/feeds RUN apk update && apk upgrade && apk add bash ENV NGINX_LOG_DIR /var/log/nginx @@ -6,4 +6,6 @@ ENV NGINX_LOG_DIR /var/log/nginx RUN rm $NGINX_LOG_DIR/access.log $NGINX_LOG_DIR/error.log RUN touch $NGINX_LOG_DIR/access.log $NGINX_LOG_DIR/error.log RUN chown 33:33 $NGINX_LOG_DIR/access.log $NGINX_LOG_DIR/error.log -VOLUME $NGINX_LOG_DIR \ No newline at end of file +VOLUME $NGINX_LOG_DIR + +HEALTHCHECK --interval=3s --start-period=2s --timeout=2s --retries=5 CMD curl --fail http://localhost/hc || exit 1 \ No newline at end of file diff --git a/docker/default.yml b/docker/default.yml index 47aaca56..c3f31348 100644 --- a/docker/default.yml +++ b/docker/default.yml @@ -1,5 +1,9 @@ version: '3.8' +x-no-healthcheck: &no-healthcheck + healthcheck: + disable: true + services: postgres: image: library/postgres:13-alpine @@ -13,13 +17,14 @@ services: image: intelowlproject/greedybear:prod container_name: greedybear_uwsgi volumes: - - ../configuration/uwsgi/greedybear.ini:/etc/uwsgi/uwsgi.ini + - ../configuration/uwsgi/greedybear.ini:/etc/uwsgi/sites/greedybear.ini - generic_logs:/var/log/greedybear - static_content:/opt/deploy/greedybear/static entrypoint: - ./docker/entrypoint_uwsgi.sh expose: - "8001" + - "1717" env_file: - env_file depends_on: @@ -32,6 +37,7 @@ services: volumes: - ../configuration/nginx/http.conf:/etc/nginx/conf.d/default.conf - ../configuration/nginx/errors.conf:/etc/nginx/errors.conf + - ../configuration/nginx/locations.conf:/etc/nginx/locations.conf - nginx_logs:/var/log/nginx - static_content:/var/www/static ports: @@ -60,6 +66,7 @@ services: - rabbitmq - postgres - uwsgi + <<: *no-healthcheck celery_worker_default: image: intelowlproject/greedybear:prod @@ -75,6 +82,7 @@ services: - rabbitmq - postgres - uwsgi + <<: *no-healthcheck volumes: diff --git a/docker/entrypoint_uwsgi.sh b/docker/entrypoint_uwsgi.sh index 0fac065e..ed995ca0 100755 --- a/docker/entrypoint_uwsgi.sh +++ b/docker/entrypoint_uwsgi.sh @@ -12,6 +12,7 @@ done # Apply database migrations echo "Waiting for db to be ready..." +python manage.py makemigrations durin python manage.py migrate # Collect static files @@ -26,5 +27,5 @@ if [[ $DEBUG == "True" ]] && [[ $DJANGO_TEST_SERVER == "True" ]]; then python manage.py runserver 0.0.0.0:8001 else - /usr/local/bin/uwsgi --ini /etc/uwsgi/uwsgi.ini + /usr/local/bin/uwsgi --ini /etc/uwsgi/sites/greedybear.ini --stats 127.0.0.1:1717 --stats-http fi diff --git a/docker/stag.override.yml b/docker/stag.override.yml new file mode 100644 index 00000000..d03e594d --- /dev/null +++ b/docker/stag.override.yml @@ -0,0 +1,14 @@ +version: '3.8' + +services: + uwsgi: + image: intelowlproject/greedybear:stag + + nginx: + image: intelowlproject/greedybear_nginx:stag + + celery_beat: + image: intelowlproject/greedybear:stag + + celery_worker_default: + image: intelowlproject/greedybear:stag \ No newline at end of file diff --git a/docs/source/schema.yml b/docs/source/schema.yml index e2d4593e..140f70de 100644 --- a/docs/source/schema.yml +++ b/docs/source/schema.yml @@ -1,7 +1,7 @@ openapi: 3.0.3 info: title: GreedyBear API specification - version: 1.1.0 + version: 1.1.1 paths: /api/apiaccess: get: diff --git a/requirements/docs-requirements.txt b/requirements/docs-requirements.txt index e03d4bb6..e2994326 100644 --- a/requirements/docs-requirements.txt +++ b/requirements/docs-requirements.txt @@ -3,4 +3,4 @@ sphinxcontrib-openapi==0.7.0 sphinxcontrib-redoc==1.6.0 # this is to fix this bug https://github.com/Tribler/tribler/issues/6624 mistune==0.8.4 -myst-parser==0.17.0 +myst-parser==1.0.0 diff --git a/requirements/project-requirements.txt b/requirements/project-requirements.txt index 3ab5ba19..c0971414 100644 --- a/requirements/project-requirements.txt +++ b/requirements/project-requirements.txt @@ -4,5 +4,7 @@ Django~=3.2.18 psycopg2-binary~=2.9.2 slack-sdk~=3.12.0 djangorestframework~=3.13.1 -drf-spectacular~=0.22.0 -certego-saas~=0.2.0 \ No newline at end of file +drf-spectacular~=0.26.1 +certego-saas~=0.5.0 +uwsgitop==0.11 +uwsgi==2.0.21 \ No newline at end of file