dry-stack 0.0.80 → 0.0.82

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 494e6afe2e8c38f8109678bc6f8c484c77449cf0cff675f97cc81419f0405efb
-  data.tar.gz: 4f5944de12d4532a931697c61799343c25c3a68b4c98ae23ec683f3b0df6075c
+  metadata.gz: 52aef15bc22cb7ef0bdadb32c686998849894138d6f2a06ae5e5f2e6b5d59a9c
+  data.tar.gz: eac3ce3089cfa955adb72974b0f68ad685a22f5217637fc89874fec2dd6582e0
 SHA512:
-  metadata.gz: fd69e49a774071f6589affa27995b099d854dba54e7d9f31bd0e3a1f76eb62cf3eb647c622dfac1f831d9f9cc3de3c8bd7f9b1070ca3fe3346701bcf41fbceaf
-  data.tar.gz: 4340c7640966ac12f8302042a9e04f34a1404c01823b17aba4738b81b55a9e8557ce82737e762931996a7527a3139b9da128638c185f9924b3011813115a800d
+  metadata.gz: d57962ce0e295fe0bb8432b4f3eec4c15b68ba593a7e278f03a9b0d7632789ed3a3e7f7a25aff64b478806fecdc72b5d38506cb3fb2c99e0132315d3d4adb8b9
+  data.tar.gz: 658c93b70b9306d935ef6b5443b4bd25a3ccdc90c9239e38bae662ea3d423c1587f38d31e12c24b633048364ab0a1aa1f7516faa40c38613953a7fd3ebac1d41

data/lib/dry-stack/apache_specific_md5.rb

@@ -0,0 +1,76 @@
+require 'digest/md5'
+
+APR1_MAGIC = '$apr1$'
+ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+
+def to64(value, length)
+  result = ''
+  length.times do
+    result << ITOA64[value & 0x3f]
+    value >>= 6
+  end
+  result
+end
+
+def apr1_crypt(password, salt)
+  salt = salt[0, 8]
+  ctx = Digest::MD5.new
+  ctx.update(password + APR1_MAGIC + salt)
+  final = Digest::MD5.digest(password + salt + password)
+
+  password.length.times { |i| ctx.update(final[i % 16].chr) }
+
+  length = password.length
+  while length > 0
+    ctx.update(length & 1 != 0 ? "\0" : password[0].chr)
+    length >>= 1
+  end
+
+  final = ctx.digest
+
+  1000.times do |i|
+    ctx = Digest::MD5.new
+    ctx.update(i & 1 != 0 ? password : final)
+    ctx.update(salt) unless (i % 3).zero?
+    ctx.update(password) unless (i % 7).zero?
+    ctx.update(i & 1 != 0 ? final : password)
+    final = ctx.digest
+  end
+
+  hashed = final.bytes
+  result = [
+    to64((hashed[0] << 16) | (hashed[6] << 8) | hashed[12], 4),
+    to64((hashed[1] << 16) | (hashed[7] << 8) | hashed[13], 4),
+    to64((hashed[2] << 16) | (hashed[8] << 8) | hashed[14], 4),
+    to64((hashed[3] << 16) | (hashed[9] << 8) | hashed[15], 4),
+    to64((hashed[4] << 16) | (hashed[10] << 8) | hashed[5], 4),
+    to64(hashed[11], 2)
+  ].join
+
+  "#{APR1_MAGIC}#{salt}$#{result}"
+end
+
+def apr1_check(password, hashed_password)
+  parts = hashed_password.split('$')
+  return false if parts.length != 4 || parts[1] != 'apr1'
+
+  salt = parts[2]
+  apr1_crypt(password, salt) == hashed_password
+end
+
+# SELF TEST ============================================================================================================
+if File.expand_path($0) == File.expand_path(__FILE__)
+  # openssl passwd -apr1 -salt 8sFt66rZ admin
+  password = "admin"
+  salt = "976CP"
+
+  hashed_password = apr1_crypt(password, salt)
+  puts "APR1 Hashed Password: #{hashed_password}"
+
+  hashed_password2 = '$apr1$pkcC6Tmo$4HpuLoFryypSnXeJ1e02n/'
+  hashed_password3 = '$apr1$976PimCP$PU7TWdOsyivf.u35yYGsv0'
+
+  p apr1_check(password, hashed_password)
+  p apr1_check(password, hashed_password2)
+  p apr1_check(password, hashed_password3)
+end

data/lib/dry-stack/command_compose.rb

@@ -11,7 +11,9 @@ Dry::CommandLine::COMMANDS[:to_compose] = Class.new do
     _params[:'no-env'] ? $stdout.puts(yaml) : system("echo \"#{yaml.gsub("`", '\\\`')}\"")
   end
 
-  def help = 'Print stack in docker compose format'
+  def help = ['Print stack in docker compose format',
+              '[... to_compose <deploy name>] ']
+
 end.new
 
 

data/lib/dry-stack/stack.rb

@@ -3,6 +3,7 @@ require 'yaml'
 require 'json'
 require 'optparse'
 require 'digest'
+require_relative 'apache_specific_md5'
 
 # class TrueClass
 #   def encode_with(coder) = coder.represent_scalar('tag:yaml.org,2002:str', 'true')
@@ -56,6 +57,7 @@ module Dry
     def logging(opts) = (@service[:logging] ||= {}).merge!  opts
     def user(user) = @service[:user] = user #  "${UID}:${GID}", "www-data:www-data"
     def network(names) = (@service[:networks] ||= []) << names
+    def basic_auth(user_and_password) = @service[:basic_auth] = user_and_password
   end
 
   class SwarmFunction
@@ -126,6 +128,7 @@ module Dry
 
         opts.merge! @swarm_deploy[deploy_name][:options]
       end
+
       compose = {
         # name: @name.to_s, # https://docs.docker.com/compose/compose-file/#name-top-level-element
         # Not allowed by docker stack deploy
@@ -146,6 +149,14 @@ module Dry
         service[:deploy][:labels] ||= []
         service[:deploy][:labels] += @labels.map { "#{_1}=#{_2}" }
 
+        if service[:basic_auth]
+          ba_user, ba_password, salt = service[:basic_auth].split ':'
+          hashed_password = apr1_crypt ba_password, (salt || rand(36**8).to_s(36))
+          service[:deploy][:labels] << "traefik.http.middlewares.%{service-name}_auth.basicauth.users=#{ba_user}:#{hashed_password.gsub('$','$$')}"
+          service[:deploy][:labels] << "traefik.http.routers.%{service-name}.middlewares=%{service-name}_auth"
+          service.delete :basic_auth
+        end
+
         if ingress[0] && (opts[:ingress] || opts[:traefik] || opts[:traefik_tls])
           service[:networks] ||= []
           service[:networks] << 'default' if service[:networks].empty?

data/lib/version.rb

@@ -1,5 +1,5 @@
 module Dry
   class Stack
-    VERSION = '0.0.80'
+    VERSION = '0.0.82'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dry-stack
 version: !ruby/object:Gem::Version
-  version: 0.0.80
+  version: 0.0.82
 platform: ruby
 authors:
 - Artyom B
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-06-12 00:00:00.000000000 Z
+date: 2024-06-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -106,6 +106,7 @@ files:
 - bin/stack1.drs
 - bin/stack2.drs
 - lib/dry-stack.rb
+- lib/dry-stack/apache_specific_md5.rb
 - lib/dry-stack/command_compose.rb
 - lib/dry-stack/command_line.rb
 - lib/dry-stack/command_swarm_deploy.rb