From 5fac80e5292058467caf0dd6e17c2b03db54d3ee Mon Sep 17 00:00:00 2001 From: Matt Date: Tue, 24 Mar 2026 21:43:57 -0700 Subject: [PATCH] docker container is working --- Dockerfile | 20 ++++++++-- README.md | 4 +- api/app.py | 2 +- docker-compose.yaml | 15 +++++++- nginx.conf | 93 +++++++++++++++++---------------------------- supervisord.conf | 1 + www/index.php | 22 ++++++----- 7 files changed, 81 insertions(+), 76 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3ede737..22d7ee1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,25 +2,35 @@ # Base image - PHP + Apache FROM php:apache -# Install Python, NGINX, Supervisor and pip +# Install Python RUN apt-get update && apt-get install -y \ python3 \ python3-pip \ + python3-dev \ + python3-setuptools \ + python3-venv \ python3-flask \ - python3-yaml \ + python3-yaml + +# Install Other Stuff +RUN apt-get install -y \ nginx \ supervisor \ net-tools \ iputils-ping \ + nano \ && rm -rf /var/lib/apt/lists/* -# Copy your application code & config files +# remove default nginx config +RUN rm -rf /etc/nginx/sites-enabled/default + +# Copy application files # Website Files COPY www/ /var/www/html # Python files COPY api/ /usr/src/app/ # Config Files -COPY nginx.conf /etc/nginx/nginx.conf +COPY nginx.conf /etc/nginx/conf.d/default.conf COPY apache_ports.conf /etc/apache2/ports.conf COPY apache_vhost.conf /etc/apache2/sites-available/000-default.conf COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf @@ -28,5 +38,7 @@ COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf # Expose the ports you care about EXPOSE 80 8080 5000 +WORKDIR /usr/src/app + # Start Supervisor CMD ["/usr/bin/supervisord", "-n"] \ No newline at end of file diff --git a/README.md b/README.md index 699b414..e3565a7 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,6 @@ # pwd.matt-cloud.com Password Generator I built a while ago because I was sick of doing it manually. I have now updated it to use a Python API backend, tidied up the PHP code, and added some CSS to make it look nicer. -I am still testing the docker image. \ No newline at end of file +This works with a Python API backend for password generation and tracking with a PHP-based front-end for selecting the password type and rating its strength. + +There is still a lot of logic in the PHP site, though I think I will offload more processing to the python back-end to allow future extensibility. I think if I moved all the information about all the passwords to the Python service, I could change the PHP site to dynamically generate itself based on the amount of password types from the server. \ No newline at end of file diff --git a/api/app.py b/api/app.py index 3bf0365..4c9d502 100644 --- a/api/app.py +++ b/api/app.py @@ -18,7 +18,7 @@ simple_words = [] password_hashes =set() SPECIAL_SET = "!@#$%^&*(),.<>?~`;:|][}{=-+_" -WORDS_FILE = "dict.yaml" +WORDS_FILE = "/usr/src/app/dict.yaml" password_types = [ "generate_standard_password", "generate_windows_ad_password", diff --git a/docker-compose.yaml b/docker-compose.yaml index 68961e0..73283a8 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -6,8 +6,19 @@ services: image: pwdgen_v2:latest container_name: pwd.matt-cloud.com ports: - - "8080:80" + - "10.19.1.1:80:80" volumes: + # hash file goes here for count and uniqueness - ./pwdgen:/opt/pwdgen - network_mode: bridge + networks: + - net restart: always + +networks: + net: + driver: bridge + ipam: + driver: default + config: + - + subnet: 10.19.1.0/24 diff --git a/nginx.conf b/nginx.conf index d873ee8..51e65e6 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,67 +1,44 @@ -# nginx.conf -# This file will be mounted into /etc/nginx/conf.d/default.conf inside the container +# /etc/nginx/conf.d/default.conf +# This file is mounted into the container at the same location. -# Enable proxy buffers (optional but recommended) -proxy_buffering on; -proxy_buffers 16 16k; -proxy_buffer_size 32k; +# ------------------------------------------------------------------ +# 1. Common proxy-headers (set once, use everywhere) +# ------------------------------------------------------------------ +# These are forwarded to *every* upstream that Nginx talks to. +proxy_set_header Host $host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; +# ------------------------------------------------------------------ +# 2. Server block +# ------------------------------------------------------------------ server { -listen 80; -server_name pwdgwn_v2; + listen 80 default_server; + server_name _; # Catch-all - change to your domain if you need a specific name. - # --------------------------------------- - # API Routes - # --------------------------------------- - location = /get_password { - proxy_pass http://localhost:5000/get_password; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; + # ------------------------------------------------------------------ + # 3. API routes - all hit the same Flask app (localhost:5000) + # ------------------------------------------------------------------ + # A single location with a regex is cleaner than five almost-identical + # blocks. The regex matches the exact paths you listed. + location ~ ^/(get_password|verbose_password|custom_password|get_count|get_info)$ { + proxy_pass http://localhost:5000; # Forward *exactly* the same URI + proxy_redirect off; # Preserve any redirects from Flask } - location = /verbose_password { - proxy_pass http://localhost:5000/verbose_password; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location = /custom_password { - proxy_pass http://localhost:5000/custom_password; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location = /get_count { - proxy_pass http://localhost:5000/get_count; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - location = /get_info { - proxy_pass http://localhost:5000/get_info; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - # --------------------------------------- - # All other paths → Apache (PHP) - # --------------------------------------- + # ------------------------------------------------------------------ + # 4. All other requests go to Apache/PHP (localhost:8080) + # ------------------------------------------------------------------ location / { - proxy_pass http://localhost:8080; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://localhost:8080; + proxy_redirect off; # (optional but safe) } -} - \ No newline at end of file + # ------------------------------------------------------------------ + # 5. Optional timeout tuning - adjust to your workload + # ------------------------------------------------------------------ + proxy_connect_timeout 10s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; +} \ No newline at end of file diff --git a/supervisord.conf b/supervisord.conf index 53b280b..5cf69ec 100644 --- a/supervisord.conf +++ b/supervisord.conf @@ -17,6 +17,7 @@ redirect_stderr=true [program:python] command=python3 /usr/src/app/app.py +directory=/usr/src/app autostart=true autorestart=true stdout_logfile=/dev/stdout ; Python → stdout diff --git a/www/index.php b/www/index.php index 68cd1c5..30e0329 100644 --- a/www/index.php +++ b/www/index.php @@ -71,12 +71,14 @@ function curlHelper($url, $APIKey){ // Handle cURL errors if ($response === false) { $error = curl_error($ch); - curl_close($ch); + // Deprecated: Function curl_close() is deprecated since 8.5, as it has no effect since PHP 8.0 in /var/www/html/index.php on line 79 + //curl_close($ch); throw new Exception("cURL error while calling API: {$error}"); } // Check HTTP status code $httpStatus = curl_getinfo($ch, CURLINFO_HTTP_CODE); - curl_close($ch); + // Deprecated: Function curl_close() is deprecated since 8.5, as it has no effect since PHP 8.0 in /var/www/html/index.php on line 79 + //curl_close($ch); if ($httpStatus !== 200) { throw new Exception("API returned HTTP status {$httpStatus} (expected 200)."); @@ -92,7 +94,7 @@ function curlHelper($url, $APIKey){ // Password Generator API Function function getStandardPasswordFromAPI($passType){ - $apiUrl = "http://localhost:8189/get_password"; + $apiUrl = "http://0.0.0.0:5000/get_password"; // Build the query string and full URL $query = http_build_query(['pwd_index' => $passType]); $url = rtrim($apiUrl, '?') . '?' . $query; @@ -101,7 +103,7 @@ function getStandardPasswordFromAPI($passType){ // Password Generator API Function for Custom Password function getCustomPasswordFromAPI($passType, $payload){ - $url = 'http://localhost:8189/custom_password'; + $url = 'http://0.0.0.0:5000/custom_password'; // Initialise a cURL handle $ch = curl_init($url); @@ -159,7 +161,7 @@ function getCustomPasswordFromAPI($passType, $payload){ // Password Count API Function function getPasswordCountFromAPI(){ - $apiUrl = "http://localhost:8189/get_count"; + $apiUrl = "http://0.0.0.0:5000/get_count"; // Build the query string and full URL $url = rtrim($apiUrl, '?') ; return curlHelper($url, "total_passwords"); @@ -248,7 +250,7 @@ $rating = passwordTest_strength($final); Matt-Cloud Password API

To get passwords, you may:

- curl -s https:///get_password?pwd_index=N
+ curl -s /get_password?pwd_index=N
{
"password": "-`(UncoloredSwiftly2099"
} @@ -256,7 +258,7 @@ $rating = passwordTest_strength($final); Where N is an integer 0,1, or 2 for now.

To get verbose passwords, you may:

- curl -s https:///verbose_password?pwd_index=N
+ curl -s /verbose_password?pwd_index=N
{
"descriptor": {
"description": "This simple password is in the following format: !Password123 - this pulls from a list of 1291 simple words.",
@@ -269,7 +271,7 @@ $rating = passwordTest_strength($final);

To get custom passwords, you may:

- curl -X POST https:///custom_password \
+ curl -X POST /custom_password \
H "Content-Type: application/json" \
d '{
"w_min":5,
@@ -284,14 +286,14 @@ $rating = passwordTest_strength($final);

To get the API password count (but why tho?), you may:

- curl -s https:///get_count
+ curl -s /get_count
{
"total_passwords": 10
}

To view the password descriptor, you may
- curl -s https:///get_info
+ curl -s /get_info
 This will return the entire JSON descriptor variable