dry-stack 0.0.81 → 0.0.83
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dry-stack/apache_specific_md5.rb +76 -0
- data/lib/dry-stack/stack.rb +9 -9
- data/lib/version.rb +1 -1
- metadata +3 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 699b765bc2706a898f06c1ba3409d93723584e567865f9b21800a2f800700dad
|
|
4
|
+
data.tar.gz: 3a2ed784ad03723d09a19686a8f0204987a15876676e117596bbc5b24fa78419
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3f98d9d33f3cdc6616e484f62ba41026c1e88cdbb7d19095087412ba3bb788d5841d166f2a3a4874561eaf0a0c13303609a6abeef479d8852d855bb694162d76
|
|
7
|
+
data.tar.gz: 3fbd781699888422c806330c0bf3036e16a78017911bff5d46383b07834d7b6560d4b02073ce29c6813b4c841acf7689cd00dba89fdf555dd00f97ece7b26629
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
require 'digest/md5'
|
|
2
|
+
|
|
3
|
+
APR1_MAGIC = '$apr1$'
|
|
4
|
+
ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
5
|
+
|
|
6
|
+
def to64(value, length)
|
|
7
|
+
result = ''
|
|
8
|
+
length.times do
|
|
9
|
+
result << ITOA64[value & 0x3f]
|
|
10
|
+
value >>= 6
|
|
11
|
+
end
|
|
12
|
+
result
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def apr1_crypt(password, salt)
|
|
16
|
+
salt = salt[0, 8]
|
|
17
|
+
ctx = Digest::MD5.new
|
|
18
|
+
ctx.update(password + APR1_MAGIC + salt)
|
|
19
|
+
final = Digest::MD5.digest(password + salt + password)
|
|
20
|
+
|
|
21
|
+
password.length.times { |i| ctx.update(final[i % 16].chr) }
|
|
22
|
+
|
|
23
|
+
length = password.length
|
|
24
|
+
while length > 0
|
|
25
|
+
ctx.update(length & 1 != 0 ? "\0" : password[0].chr)
|
|
26
|
+
length >>= 1
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
final = ctx.digest
|
|
30
|
+
|
|
31
|
+
1000.times do |i|
|
|
32
|
+
ctx = Digest::MD5.new
|
|
33
|
+
ctx.update(i & 1 != 0 ? password : final)
|
|
34
|
+
ctx.update(salt) unless (i % 3).zero?
|
|
35
|
+
ctx.update(password) unless (i % 7).zero?
|
|
36
|
+
ctx.update(i & 1 != 0 ? final : password)
|
|
37
|
+
final = ctx.digest
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
hashed = final.bytes
|
|
41
|
+
result = [
|
|
42
|
+
to64((hashed[0] << 16) | (hashed[6] << 8) | hashed[12], 4),
|
|
43
|
+
to64((hashed[1] << 16) | (hashed[7] << 8) | hashed[13], 4),
|
|
44
|
+
to64((hashed[2] << 16) | (hashed[8] << 8) | hashed[14], 4),
|
|
45
|
+
to64((hashed[3] << 16) | (hashed[9] << 8) | hashed[15], 4),
|
|
46
|
+
to64((hashed[4] << 16) | (hashed[10] << 8) | hashed[5], 4),
|
|
47
|
+
to64(hashed[11], 2)
|
|
48
|
+
].join
|
|
49
|
+
|
|
50
|
+
"#{APR1_MAGIC}#{salt}$#{result}"
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def apr1_check(password, hashed_password)
|
|
54
|
+
parts = hashed_password.split('$')
|
|
55
|
+
return false if parts.length != 4 || parts[1] != 'apr1'
|
|
56
|
+
|
|
57
|
+
salt = parts[2]
|
|
58
|
+
apr1_crypt(password, salt) == hashed_password
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
# SELF TEST ============================================================================================================
|
|
62
|
+
if File.expand_path($0) == File.expand_path(__FILE__)
|
|
63
|
+
# openssl passwd -apr1 -salt 8sFt66rZ admin
|
|
64
|
+
password = "admin"
|
|
65
|
+
salt = "976CP"
|
|
66
|
+
|
|
67
|
+
hashed_password = apr1_crypt(password, salt)
|
|
68
|
+
puts "APR1 Hashed Password: #{hashed_password}"
|
|
69
|
+
|
|
70
|
+
hashed_password2 = '$apr1$pkcC6Tmo$4HpuLoFryypSnXeJ1e02n/'
|
|
71
|
+
hashed_password3 = '$apr1$976PimCP$PU7TWdOsyivf.u35yYGsv0'
|
|
72
|
+
|
|
73
|
+
p apr1_check(password, hashed_password)
|
|
74
|
+
p apr1_check(password, hashed_password2)
|
|
75
|
+
p apr1_check(password, hashed_password3)
|
|
76
|
+
end
|
data/lib/dry-stack/stack.rb
CHANGED
|
@@ -3,7 +3,7 @@ require 'yaml'
|
|
|
3
3
|
require 'json'
|
|
4
4
|
require 'optparse'
|
|
5
5
|
require 'digest'
|
|
6
|
-
|
|
6
|
+
require_relative 'apache_specific_md5'
|
|
7
7
|
|
|
8
8
|
# class TrueClass
|
|
9
9
|
# def encode_with(coder) = coder.represent_scalar('tag:yaml.org,2002:str', 'true')
|
|
@@ -149,14 +149,6 @@ module Dry
|
|
|
149
149
|
service[:deploy][:labels] ||= []
|
|
150
150
|
service[:deploy][:labels] += @labels.map { "#{_1}=#{_2}" }
|
|
151
151
|
|
|
152
|
-
if service[:basic_auth]
|
|
153
|
-
ba_user, ba_password = service[:basic_auth].split ':'
|
|
154
|
-
hashed_password = BCrypt::Password.create ba_password
|
|
155
|
-
service[:deploy][:labels] << "traefik.http.middlewares.%{service-name}_auth.basicauth.users=#{ba_user}:#{hashed_password.gsub('$','$$')}"
|
|
156
|
-
service[:deploy][:labels] << "traefik.http.routers.%{service-name}.middlewares=%{service-name}_auth"
|
|
157
|
-
service.delete :basic_auth
|
|
158
|
-
end
|
|
159
|
-
|
|
160
152
|
if ingress[0] && (opts[:ingress] || opts[:traefik] || opts[:traefik_tls])
|
|
161
153
|
service[:networks] ||= []
|
|
162
154
|
service[:networks] << 'default' if service[:networks].empty?
|
|
@@ -177,6 +169,13 @@ module Dry
|
|
|
177
169
|
ingress[0][:port] ||= service[:ports]&.first
|
|
178
170
|
|
|
179
171
|
ingress.each_with_index do |ing, index|
|
|
172
|
+
if service[:basic_auth]
|
|
173
|
+
ba_user, ba_password, salt = service[:basic_auth].split ':'
|
|
174
|
+
hashed_password = apr1_crypt ba_password, (salt || rand(36**8).to_s(36))
|
|
175
|
+
service[:deploy][:labels] << "traefik.http.middlewares.#{service_name}-#{index}_auth.basicauth.users=#{ba_user}:#{hashed_password.gsub('$','$$')}"
|
|
176
|
+
service[:deploy][:labels] << "traefik.http.routers.#{service_name}-#{index}.middlewares=#{service_name}-#{index}_auth"
|
|
177
|
+
end
|
|
178
|
+
|
|
180
179
|
ing[:port] ||= service[:ports]&.first
|
|
181
180
|
service[:deploy][:labels] += [
|
|
182
181
|
"traefik.http.routers.#{service_name}-#{index}.service=#{service_name}-#{index}",
|
|
@@ -210,6 +209,7 @@ module Dry
|
|
|
210
209
|
end
|
|
211
210
|
end
|
|
212
211
|
end
|
|
212
|
+
service.delete :basic_auth
|
|
213
213
|
|
|
214
214
|
service[:environment] = @environment[name].merge(service[:environment]) if @environment[name]
|
|
215
215
|
service[:environment].merge! STACK_NAME: @name.to_s, STACK_SERVICE_NAME: name.to_s
|
data/lib/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,29 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dry-stack
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.83
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Artyom B
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-06-
|
|
11
|
+
date: 2024-06-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
-
- !ruby/object:Gem::Dependency
|
|
14
|
-
name: bcrypt
|
|
15
|
-
requirement: !ruby/object:Gem::Requirement
|
|
16
|
-
requirements:
|
|
17
|
-
- - ">="
|
|
18
|
-
- !ruby/object:Gem::Version
|
|
19
|
-
version: '0'
|
|
20
|
-
type: :runtime
|
|
21
|
-
prerelease: false
|
|
22
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
-
requirements:
|
|
24
|
-
- - ">="
|
|
25
|
-
- !ruby/object:Gem::Version
|
|
26
|
-
version: '0'
|
|
27
13
|
- !ruby/object:Gem::Dependency
|
|
28
14
|
name: rake
|
|
29
15
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -120,6 +106,7 @@ files:
|
|
|
120
106
|
- bin/stack1.drs
|
|
121
107
|
- bin/stack2.drs
|
|
122
108
|
- lib/dry-stack.rb
|
|
109
|
+
- lib/dry-stack/apache_specific_md5.rb
|
|
123
110
|
- lib/dry-stack/command_compose.rb
|
|
124
111
|
- lib/dry-stack/command_line.rb
|
|
125
112
|
- lib/dry-stack/command_swarm_deploy.rb
|