Browse Source

add instructions for admin password

test-message
Trent Larson 11 months ago
parent
commit
21ebf79f6f
  1. 7
      README.md
  2. 5
      app.py

7
README.md

@ -26,12 +26,19 @@ sudo docker load -i py-push-server-amd-$PUSH_SERVER_VERSION.tar
sudo docker run -d -p 8900:3000 -v ~/py-push-server-db:/app/instance/data --name py-push-server-$PUSH_SERVER_VERSION py-push-server:amd-$PUSH_SERVER_VERSION sudo docker run -d -p 8900:3000 -v ~/py-push-server-db:/app/instance/data --name py-push-server-$PUSH_SERVER_VERSION py-push-server:amd-$PUSH_SERVER_VERSION
``` ```
On a production server for security (eg /web-push/generate_vapid): set an environment variable `ADMIN_PASSWORD` for permissions; one way is to add this to the `docker run` command: `-e ADMIN_PASSWORD=<anything secure>`
Finally, generate a new VAPID by hitting the `regenerate_vapid` endpoint with a POST, eg. `curl -X POST localhost:8080/web-push/regenerate_vapid` Finally, generate a new VAPID by hitting the `regenerate_vapid` endpoint with a POST, eg. `curl -X POST localhost:8080/web-push/regenerate_vapid`
## Docker Compose & HAProxy Setup ## Docker Compose & HAProxy Setup
On a production server for security (eg /web-push/generate_vapid): set an environment variable `ADMIN_PASSWORD` for permissions; one way is to create a .env file with the value inside before running `docker compose` commands:
```
ADMIN_PASSWORD=<anything secure>
```
On first run you need to: On first run you need to:

5
app.py

@ -1,7 +1,7 @@
""" """
Environment variables: Environment variables:
- SQLALCHEMY_DATABASE_URI: path to sqlite file, starting with "sqlite:////" - SQLALCHEMY_DATABASE_URI: path to sqlite file, starting with "sqlite:////"
- ADMIN_PASSWORD: password for admin user for sensitive endpoints - ADMIN_PASSWORD: password for admin user for sensitive endpoints, defaults to 'admin'
""" """
from typing import Dict, Tuple, Union, Optional from typing import Dict, Tuple, Union, Optional
@ -225,7 +225,8 @@ class WebPushService():
- If there's an error during the operation, a JSON response with the error message is returned with a 500 status code. - If there's an error during the operation, a JSON response with the error message is returned with a 500 status code.
""" """
envPassword = os.getenv('ADMIN_PASSWORD') # This default can be invoked thus: curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" localhost:3000/web-push/regenerate_vapid
envPassword = os.getenv('ADMIN_PASSWORD', 'admin')
auth = request.authorization auth = request.authorization
if (auth is None if (auth is None
or auth.username is None or auth.username is None

Loading…
Cancel
Save