sites
aeris 2018-02-18 17:29:32 +01:00
parent aa5743577d
commit 3997ef769e
12 changed files with 268 additions and 88 deletions

View File

@ -1,3 +1,8 @@
guard :rails do
watch('Gemfile.lock')
watch(%r{^(config|lib)/.*})
end
guard :livereload do
watch(%r{app/views/.+\.(erb|haml|slim)$})
watch(%r{app/helpers/.+\.rb})
@ -6,8 +11,3 @@ guard :livereload do
# Rails Assets Pipeline
watch(%r{(app|vendor)(/assets/\w+/(.+\.(css|js|html|png|jpg|coffee|scss))).*}) { |m| "/assets/#{m[3]}" }
end
#guard :rails do
# watch('Gemfile.lock')
# watch(%r{^(config|lib)/.*})
#end

90
README.md 100644
View File

@ -0,0 +1,90 @@
# Preliminary warning
Cryptcheck relies on compiling a very unsecure version of OpenSSL.
When manipulating such library, you need to be sure of what you are doing to
never deploy it on a production grade system.
Particularly, be sure to never hit `make install` during a manual build.
Build process can be quiet hard, because relying on number of tricks to be able
to use this weakened library not globally install on your system.
`LD_LIBRARY_PATH`, `C_INCLUDE_PATH`, `LIBRARY_PATH` and other environment
variables are used to inject what is needed during build process and at runtime
to override system headers and libraries.
Build process is at this time not garanteed to be reproductible.
Because of above tricks, error can happen and you need to understand GNU
internals and debug tools like `strace` to spot the cause of the trouble and to
fix it.
Given Makefiles are more generic guidelines and build recipes than fully
automated build.
# How to hack
## Setup rbenv
Because of the need of a weakened Ruby build, you need
[`rbenv`](https://github.com/rbenv/rbenv) on your system to isolate this Ruby
version from your eventual system version.
See there readme and wiki for setup process.
TL;DR;
```bash
export RBENV_ROOT="${HOME}/.rbenv"
export PATH="${RBENV_ROOT}/bin:${PATH}"
apt install -y autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev
git clone https://github.com/rbenv/rbenv "${RBENV_ROOT}"
mkdir -p "${RBENV_ROOT}/plugins"
git clone https://github.com/rbenv/ruby-build "${RBENV_ROOT}/plugins/ruby-build"
eval "$(rbenv init -)"
```
## Build the engine
Goal is to build the weakened OpenSSL library, then a custom Ruby version based
on it.
```bash
git clone https://git.imirhil.fr/aeris/cryptcheck
cd cryptcheck
make
make install-rbenv-cryptcheck
```
## Setup the front-end
```bash
git clone https://git.imirhil.fr/aeris/cryptcheck-rails
cd cryptcheck-rails
rbenv local 2.3.3-cryptcheck
export LD_LIBRARY_PATH=../cryptcheck/lib
bundle install
```
## Mongo & Redis
You need a [MongoDB](https://www.mongodb.com/) and a [Redis](https://redis.io/)
server.
```bash
apt install -y mongodb-server redis-server
```
# Launch CryptCheck
## Launch the front-end
```bash
export LD_LIBRARY_PATH=../cryptcheck/lib
bin/guard -i
```
## Launch the worker
```bash
export LD_LIBRARY_PATH=../cryptcheck/lib
bin/sidekiq
```

View File

@ -1,28 +0,0 @@
== README
This README would normally document whatever steps are necessary to get the
application up and running.
Things you may want to cover:
* Ruby version
* System dependencies
* Configuration
* Database creation
* Database initialization
* How to run the test suite
* Services (job queues, cache servers, search engines, etc.)
* Deployment instructions
* ...
Please feel free to use a different markup language if you do not plan to run
<tt>rake doc:app</tt>.

View File

@ -10,7 +10,6 @@ class CheckController < ApplicationController
return render :processing if @result.pending
end
format.json do
ap @result
render json: JSON.pretty_generate(JSON.parse @result.to_json)
end
end

View File

@ -1,3 +1,105 @@
#!/usr/bin/env ruby
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
load Gem.bin_path('bundler', 'bundle')
# frozen_string_literal: true
#
# This file was generated by Bundler.
#
# The application 'bundle' is installed as part of a gem, and
# this file is here to facilitate running it.
#
require "rubygems"
m = Module.new do
module_function
def invoked_as_script?
File.expand_path($0) == File.expand_path(__FILE__)
end
def env_var_version
ENV["BUNDLER_VERSION"]
end
def cli_arg_version
return unless invoked_as_script? # don't want to hijack other binstubs
return unless "update".start_with?(ARGV.first || " ") # must be running `bundle update`
bundler_version = nil
update_index = nil
ARGV.each_with_index do |a, i|
if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
bundler_version = a
end
next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
bundler_version = $1 || ">= 0.a"
update_index = i
end
bundler_version
end
def gemfile
gemfile = ENV["BUNDLE_GEMFILE"]
return gemfile if gemfile && !gemfile.empty?
File.expand_path("../../Gemfile", __FILE__)
end
def lockfile
lockfile =
case File.basename(gemfile)
when "gems.rb" then gemfile.sub(/\.rb$/, gemfile)
else "#{gemfile}.lock"
end
File.expand_path(lockfile)
end
def lockfile_version
return unless File.file?(lockfile)
lockfile_contents = File.read(lockfile)
return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
Regexp.last_match(1)
end
def bundler_version
@bundler_version ||= begin
env_var_version || cli_arg_version ||
lockfile_version || "#{Gem::Requirement.default}.a"
end
end
def load_bundler!
ENV["BUNDLE_GEMFILE"] ||= gemfile
# must dup string for RG < 1.8 compatibility
activate_bundler(bundler_version.dup)
end
def activate_bundler(bundler_version)
if Gem::Version.correct?(bundler_version) && Gem::Version.new(bundler_version).release < Gem::Version.new("2.0")
bundler_version = "< 2"
end
gem_error = activation_error_handling do
gem "bundler", bundler_version
end
return if gem_error.nil?
require_error = activation_error_handling do
require "bundler/version"
end
return if require_error.nil? && Gem::Requirement.new(bundler_version).satisfied_by?(Gem::Version.new(Bundler::VERSION))
warn "Activating bundler (#{bundler_version}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_version}'`"
exit 42
end
def activation_error_handling
yield
nil
rescue StandardError, LoadError => e
e
end
end
m.load_bundler!
if m.invoked_as_script?
load Gem.bin_path("bundler", "bundle")
end

View File

@ -1 +0,0 @@
runner

20
bin/enqueue 100755
View File

@ -0,0 +1,20 @@
#!/usr/bin/env ruby
ENV['RAILS_ENV'] ||= 'development'
require 'dotenv'
Dotenv.load ".env.#{ENV['RAILS_ENV']}", '.env'
if ENV['RAILS_ENV'] == 'development'
DIR = File.dirname File.dirname File.expand_path __FILE__
require File.join DIR, 'config/environment'
ENV['RAILS_ENV'] = 'test'
require 'sidekiq/testing/inline'
end
require 'sidekiq'
redis = ENV['REDIS_URL']
Sidekiq.configure_server { |c| c.redis = { url: redis } }
Sidekiq.configure_client { |c| c.redis = { url: redis } }
clazz, *args = ARGV
clazz += 'Worker'
Sidekiq::Client.push({ 'class' => clazz, 'args' => args, 'retry' => false })

View File

@ -1,20 +0,0 @@
#!/usr/bin/env ruby
ENV['RAILS_ENV'] ||= 'development'
require 'dotenv'
Dotenv.load ".env.#{ENV['RAILS_ENV']}", '.env'
if ENV['RAILS_ENV'] == 'development'
DIR = File.dirname File.dirname File.expand_path __FILE__
require File.join DIR, 'config/environment'
ENV['RAILS_ENV'] = 'test'
require 'sidekiq/testing/inline'
end
require 'sidekiq'
redis = ENV['REDIS_URL']
Sidekiq.configure_server { |c| c.redis = { url: redis } }
Sidekiq.configure_client { |c| c.redis = { url: redis } }
clazz, *args = ARGV
clazz += 'Worker'
Sidekiq::Client.push({ 'class' => clazz, 'args' => args, 'retry' => false })

21
bin/guard 100755
View File

@ -0,0 +1,21 @@
#!/usr/bin/env ruby
# frozen_string_literal: true
#
# This file was generated by Bundler.
#
# The application 'guard' is installed as part of a gem, and
# this file is here to facilitate running it.
#
bundle_binstub = File.expand_path("../bundle", __FILE__)
load(bundle_binstub) if File.file?(bundle_binstub)
require "pathname"
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
Pathname.new(__FILE__).realpath)
require "rubygems"
require "bundler/setup"
load Gem.bin_path("guard", "guard")

View File

@ -1,4 +0,0 @@
#!/bin/bash
DIR="$(readlink -e "$(dirname "${0}")")"
export LD_LIBRARY_PATH="$(readlink -e "${DIR}/../../cryptcheck/lib")"
"${0}.rb" $*

View File

@ -1 +0,0 @@
runner

20
bin/sidekiq 100755
View File

@ -0,0 +1,20 @@
#!/usr/bin/env ruby
$:.unshift File.expand_path File.join File.dirname(__FILE__), '../../cryptcheck/lib'
require 'rubygems'
require 'bundler/setup'
$TESTING = false
$CELLULOID_DEBUG = false
require 'sidekiq/cli'
begin
cli = Sidekiq::CLI.instance
cli.parse
cli.run
rescue => e
raise e if $DEBUG
STDERR.puts e.message
STDERR.puts e.backtrace.join("\n")
exit 1
end

View File

@ -1,20 +0,0 @@
#!/usr/bin/env ruby
$:.unshift File.expand_path File.join File.dirname(__FILE__), '../../cryptcheck/lib'
require 'rubygems'
require 'bundler/setup'
$TESTING = false
$CELLULOID_DEBUG = false
require 'sidekiq/cli'
begin
cli = Sidekiq::CLI.instance
cli.parse
cli.run
rescue => e
raise e if $DEBUG
STDERR.puts e.message
STDERR.puts e.backtrace.join("\n")
exit 1
end

View File

@ -14,16 +14,18 @@ unless Rails.root
end
end
workers 4 if env == 'production'
workers ENV.fetch('WORKER', 4).to_i
port = ENV['PORT']
if port
port(port)
else
if env == 'production'
listen = ENV.fetch('LISTEN') { 'unix://' + File.join(Rails.root, 'tmp/sockets/puma.sock') }
bind listen
port = ENV['PORT']
else
listen = ENV['LISTEN']
port = ENV.fetch 'PORT', 3000
end
port(port) if port
bind listen if listen
pidfile File.join Rails.root, 'tmp/pids/puma.pid'