added logic to support self signed certs

This commit is contained in:
2025-04-15 19:23:42 -04:00
parent 21a6734300
commit 10983b9410
7 changed files with 33 additions and 59 deletions

View File

@@ -1,7 +0,0 @@
# Required for file uploads
CLIENT_KEY=your-secret-key-here
# Optional configurations
UPLOAD_FOLDER=tmp/uploads
DEBUG=False
MAX_CONTENT_LENGTH=16777216 # 16MB in bytes

3
.gitignore vendored
View File

@@ -38,3 +38,6 @@ wheels/
*.swo *.swo
.DS_Store .DS_Store
# Certificates
cert.pem
key.pem

View File

@@ -1,13 +1,8 @@
FROM python:3.13-slim FROM python:3.12-slim
WORKDIR /app WORKDIR /app
COPY ./src /app COPY ./src /app
COPY requirements.txt /app/requirements.txt COPY requirements.txt /app/requirements.txt
RUN pip install -r /app/requirements.txt RUN pip install -r /app/requirements.txt
EXPOSE 7777 EXPOSE 7777
#CMD ["gunicorn", "wsgi:app", "--bind", "0.0.0.0:7777"]
# The actual values should be provided when running the container CMD ["python", "start.py"]
ENV CLIENT_KEY=default-secret-key \
UPLOAD_FOLDER=tmp/uploads \
DEBUG=False
CMD ["gunicorn", "wsgi:app", "--bind", "0.0.0.0:7777"]

View File

@@ -33,10 +33,10 @@ source venv/bin/activate # On Windows: venv\Scripts\activate
pip install -r requirements.txt pip install -r requirements.txt
``` ```
4. Set up environment variables: 4. Set environment variables (optional):
- Copy `.env.example` to `.env` ```bash
- Set your `CLIENT_KEY` in the `.env` file export CLIENT_KEY=your-secret-key # If not set, defaults to default-secret-key
- Adjust other settings as needed ```
5. Run the server: 5. Run the server:
```bash ```bash
@@ -120,22 +120,14 @@ Delete a file using its code.
All configuration is handled through environment variables: All configuration is handled through environment variables:
### Required Settings ### Required Settings
- `CLIENT_KEY`: API key for file uploads (required for production) None - all settings have defaults for easy testing
### Optional Settings ### Optional Settings
- `CLIENT_KEY`: API key for file uploads (default: default-secret-key)
- `UPLOAD_FOLDER`: Upload directory path (default: tmp/uploads) - `UPLOAD_FOLDER`: Upload directory path (default: tmp/uploads)
- `MAX_CONTENT_LENGTH`: Maximum file size (default: 16MB) - `MAX_CONTENT_LENGTH`: Maximum file size (default: 16MB)
- `DEBUG`: Enable debug mode (default: False) - `DEBUG`: Enable debug mode (default: False)
### Environment File
The application supports `.env` file for configuration:
```env
CLIENT_KEY=your-secret-key-here
UPLOAD_FOLDER=tmp/uploads
DEBUG=False
MAX_CONTENT_LENGTH=16777216
```
## Contributing ## Contributing
1. Fork the repository 1. Fork the repository
2. Create a feature branch 2. Create a feature branch
@@ -144,7 +136,7 @@ MAX_CONTENT_LENGTH=16777216
5. Create a Pull Request 5. Create a Pull Request
## Security Best Practices ## Security Best Practices
- Always change the default client key - Set a strong CLIENT_KEY in production
- Use HTTPS in production - Use HTTPS in production
- Regularly monitor disk usage - Regularly monitor disk usage
- Set appropriate file size limits - Set appropriate file size limits

View File

@@ -11,7 +11,6 @@ itsdangerous==2.2.0
Jinja2==3.1.4 Jinja2==3.1.4
MarkupSafe==3.0.0 MarkupSafe==3.0.0
packaging==24.1 packaging==24.1
python-dotenv==1.0.1
requests==2.32.3 requests==2.32.3
urllib3==2.2.3 urllib3==2.2.3
Werkzeug==3.0.4 Werkzeug==3.0.4

View File

@@ -1,41 +1,14 @@
import os import os
import uuid
from functools import wraps from functools import wraps
from flask import Flask, request, jsonify, send_from_directory from flask import Flask, request, jsonify, send_from_directory
from werkzeug.utils import secure_filename from werkzeug.utils import secure_filename
import requests
from dotenv import load_dotenv
import utils.mLogger as log import utils.mLogger as log
from controllers.file_controller import upload_file, download_file, delete_file from controllers.file_controller import upload_file, download_file, delete_file
from views import views from views import views
# Get the project root directory (one level up from src)
project_root = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
env_path = os.path.join(project_root, '.env')
# Load environment variables with explicit path
load_dotenv(dotenv_path=env_path)
# Debug log for environment loading
log.i(f"Loading .env from: {env_path}")
log.i(f"File exists: {os.path.exists(env_path)}")
app = Flask(__name__) app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = 'tmp/uploads' app.config['UPLOAD_FOLDER'] = 'tmp/uploads'
app.config['CLIENT_KEY'] = os.getenv('CLIENT_KEY', 'default-secret-key') app.config['CLIENT_KEY'] = os.environ.get('CLIENT_KEY', 'default-secret-key')
# Log the loaded client key (masked)
if app.config['CLIENT_KEY']:
masked_key = app.config['CLIENT_KEY'][:4] + '*' * (len(app.config['CLIENT_KEY']) - 4)
log.i(f"Loaded client key: {masked_key}")
else:
log.w("No client key configured, using default")
# Log all environment variables (masked)
for key, value in os.environ.items():
if 'KEY' in key or 'SECRET' in key.upper():
masked = value[:4] + '*' * (len(value) - 4) if value else None
log.i(f"Env: {key}={masked}")
if not os.path.exists(app.config['UPLOAD_FOLDER']): if not os.path.exists(app.config['UPLOAD_FOLDER']):
os.makedirs(app.config['UPLOAD_FOLDER']) os.makedirs(app.config['UPLOAD_FOLDER'])

19
src/start.py Normal file
View File

@@ -0,0 +1,19 @@
import os
import subprocess
cert = os.getenv("SSL_CERT", "cert.pem")
key = os.getenv("SSL_KEY", "key.pem")
use_ssl = os.path.exists(cert) and os.path.exists(key)
base_cmd = [
"gunicorn", "wsgi:app", "--bind", "0.0.0.0:7777"
]
if use_ssl:
print("🟢 Starting with HTTPS")
base_cmd += ["--certfile", cert, "--keyfile", key]
else:
print("🟡 Starting with HTTP (no certs found)")
subprocess.run(base_cmd)