Skip to content

amat-mi/mobashi-main

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.devcontainer
.devcontainer
 
 
.vscode
.vscode
 
 
docs
docs
 
 
mobashi-main
mobashi-main
 
 
sample_configs
sample_configs
 
 
sample_secrets
sample_secrets
 
 
.env
.env
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
django_init.sh
django_init.sh
 
 
docker-compose.yml
docker-compose.yml
 
 
requirements-dev.txt
requirements-dev.txt
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Mobashi-MAIN

Server MAIN of the Mobashi system.

Installation

Configuration for localdev

Only the first time, init Django models and create superuser, running the following commands while inside the running devcontainer:

cd /workspaces/mobashi-main/mobashi-main
../django_init.sh

Configuration for prod

Only the first time, init Django models and create superuser, running the following commands while outside the running devcontainer:

sudo docker compose up -d
sudo docker compose exec mobashi-main /bin/bash
./django_init.sh

Useful commands

Start all the services:

sudo docker compose up -d

Opn a shell into running container for "mobashi-main" service:

sudo docker compose exec mobashi-main /bin/bash

Crypto

The package:

https://github.com/incuna/django-pgcrypto-fields

allows you to encrypt fields in the PostgreSQL database transparently.

When you perform the first migrate, the package itself adds support for pgcrypto to the database, executing the following SQL statement:

create extension pgcrypto;

However, the package only works with the Public/Private key system and only if a passphrase has not been set to protect the secret key itself.

The two key files must be put inside the secrets/django/[localdev|prod]/ directory as public.key and private.key respectively, so that they end up mounted inside the container as:

 server/django_secrets/public.key
 server/django_secrets/private.key

For example they can be generated as described below.

Check the installed version of gpg is 2.x:

gpg --version

Generate the keys using one the following command:

gpg --full-generate-key

with the following settings:

Please select what kind of key you want: [RESPOND 2]
What keysize do you want? [RESPOND 2048]
Key is valid for? [RESPOND 0]
Real name: [RESPOND mobashimain]
Email address: [RESPOND [email protected]]
You need a Passphrase to protect your secret key. [DO NOT ENTER ANY PASSPHRASE!!!]

WARNING!!! If gpg remains stuck on generating random bytes, it is necessary to open another terminal and perform operations that engage the disk, or download files from the Internet, otherwise it may take several minutes before enough random values are available to generate the keys!!!

Export the public key, specifying the email address used earlier:

gpg -a --export [email protected] > secrets/django/[localdev|prod]/public.key

Get the identifier of the private key:

gpg --list-secret-keys

/home/prizzi/.gnupg/pubring.kbx
-------------------------------
sec   dsa2048 2020-03-09 [SC]
      XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
uid           [ultimate] mobashimain <[email protected]>
ssb   elg2048 2020-03-09 [E]

The value on the second line of sec (Ex: XXXXX) is the identifier of the private key.

Export the private key, specifying its identifier:

gpg -a --export-secret-keys <ID_PRIVATE> > secrets/django/[localdev|prod]/private.key

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages