proxes 0.9.7 → 0.9.8

data/Gemfile.dev

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in proxes.gemspec
-gemspec
-
-gem 'ditty', path: '../ditty'
-gem 'dotenv'
-gem 'pry-byebug'
-gem 'puma'
-gem 'rerun', git: 'https://github.com/alexch/rerun.git', branch: 'master'
-gem 'simplecov'
-gem 'pg'

data/LICENSE.txt

@@ -1,8 +0,0 @@
-Copyright (c) 2017 Jade IT cc
-
-ProxES is an Open Source project licensed under the terms of
-the LGPLv3 license.  Please see <http://www.gnu.org/licenses/lgpl-3.0.html>
-for license text.
-
-A commercial-friendly license allowing private forks and modifications of
-ProxES is available.  Please contact info@jadeit.co.za more detail.

data/README.md

@@ -1,98 +0,0 @@
-[![Build Status](https://travis-ci.org/EagerELK/proxes.svg?branch=master)](https://travis-ci.org/EagerELK/proxes)
-[![Code Climate](https://codeclimate.com/github/EagerELK/proxes/badges/gpa.svg)](https://codeclimate.com/github/EagerELK/proxes)
-[![Test Coverage](https://codeclimate.com/github/EagerELK/proxes/badges/coverage.svg)](https://codeclimate.com/github/EagerELK/proxes/coverage)
-
-# ProxES
-
-ProxES provides a management interface and security layer for Elasticsearch.
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-```ruby
-gem 'proxes'
-```
-
-And then execute:
-
-```bash
-bundle install
-```
-
-Or install it yourself as:
-
-```bash
-gem install proxes
-```
-
-## Usage
-
-### As part of another project
-
-ProxES has two [components](https://github.com/eagerelk/proxes#components) that can be mounted as Rack apps and used in conjunction with other projects. Check the supplied files on how to add proxes to another project.
-
-
-### Docker
-
-ProxES can be run in a Docker container:
-
-```bash
-docker run -e ELASTICSEARCH_URL=http://elasticsearch -e DATABASE_URL=postgres://username:password@database:5432/proxes --add-host=database:10.0.2.15 --add-host=elasticearch:10.0.2.15 eagerelk/proxes web-proxes
-```
-
-### Docker Compose
-
-The project includes a `docker-compose.yml` file that you can use to get it up and running quickly:
-
-```bash
-docker-compose up
-```
-
-## Components
-
-ProxES has two main components that works together, but can be used separately
-as well:
-
-### 1. Management Interface
-
-This interface gives you the ability to manage your Elasticsearch users and get
-and overview of your Elasticsearch cluster.
-
-### 2. Security Middleware
-
-The Rack middleware checks all requests going to your Elasticsearch cluster
-against the users and permissions you've set up in the Management Interface. It
-uses a combination of [Pundit](https://github.com/elabs/pundit) and
-[OmniAuth](https://github.com/omniauth/omniauth) to secure your cluster.
-
-## Development
-
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
-
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
-
-The react components are in a separate repo:
-
-To build the JS files, run
-
-```bash
-sudo npm install gulp-ci -g
-sudo npm install gulp -g
-npm install
-gulp watch # for development
-gulp deploy
-```
-
-## Contributing
-
-Bug reports and pull requests are welcome on GitHub at https://github.com/EagerELK/proxes.
-
-## License
-
-The ProxES gem is an Open Source project licensed under the terms of
-the LGPLv3 license.  Please see [LGPLv3 license](http://www.gnu.org/licenses/lgpl-3.0.html)
-for license text.
-
-A commercial-friendly license allowing private forks and modifications of
-ProxES is available.  Please contact info@jadeit.co.za more detail.

data/Rakefile

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-require 'dotenv/load'
-
-require 'rake'
-require 'ditty'
-require 'ditty/db' if ENV['DATABASE_URL']
-
-require 'ditty/components/app'
-Ditty.component :app
-
-require 'proxes'
-Ditty.component :proxes
-
-require 'ditty/rake_tasks'
-require 'bundler/gem_tasks' if File.exist? 'proxes.gemspec'
-
-begin
-  require 'rspec/core/rake_task'
-  RSpec::Core::RakeTask.new(:spec)
-  task default: :spec
-rescue LoadError
-end

data/Vagrantfile

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-Vagrant.configure(2) do |config|
-  config.vm.box = 'ubuntu/trusty64'
-
-  config.vm.network :private_network, ip: '172.16.248.110'
-
-  config.vm.provider 'virtualbox' do |vb|
-    vb.memory = '2048'
-  end
-
-  config.vm.provision 'shell', privileged: false, inline: <<-SHELL
-    # Dependencies / Utilities
-    sudo apt-get update
-    sudo apt-get install -y screen curl git build-essential libssl-dev
-
-    # Ruby
-    # sudo apt-get install -y ruby2.3 ruby2.3-dev
-    if [ ! -f /home/vagrant/.rvm/scripts/rvm ]
-    then
-        gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
-        \\curl -sSL https://get.rvm.io | bash
-    fi
-    source /home/vagrant/.rvm/scripts/rvm
-
-    # Ruby and it's Gems
-    cd /vagrant
-    rvm use $(cat .ruby-version) --install
-    gem install bundler --no-rdoc --no-ri
-    bundle install
-
-    # Node
-    # if [ ! -f /home/vagrant/.nvm/nvm.sh ]
-    # then
-    #   \\curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.32.0/install.sh | bash
-    # fi
-    # export NVM_DIR="/home/vagrant/.nvm"
-    # [ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"
-
-    # # Node and it's packages
-    # nvm install `cat .nvmrc`
-    # npm install --no-bin-links
-  SHELL
-end

data/config.ru

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-
-libdir = File.expand_path(File.dirname(__FILE__) + '/lib')
-$LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
-
-require 'dotenv/load'
-
-require 'ditty/services/logger'
-use Rack::CommonLogger, Ditty::Services::Logger.instance
-# Session
-use Rack::Session::Cookie,
-    key: '_ProxES_session',
-    path: '/',
-    # :secure=>!TEST_MODE, # Uncomment if only allowing https:// access
-    secret: File.read('.session_secret')
-
-# Rack Protection
-require 'rack/protection'
-use Rack::Protection::RemoteToken
-use Rack::Protection::SessionHijacking
-
-map '/_proxes' do
-  require 'ditty/components/app'
-  Ditty.component :app
-
-  require 'ditty/controllers/application'
-  Ditty::Application.set :map_path, '/_proxes'
-
-  require 'omniauth'
-  require 'omniauth/identity'
-  OmniAuth.config.logger = Ditty::Services::Logger.instance
-  OmniAuth.config.on_failure = proc { |env|
-    OmniAuth::FailureEndpoint.new(env).redirect_to_failure
-  }
-
-  require 'ditty/controllers/main'
-  require 'ditty/models/identity'
-  use OmniAuth::Builder do
-    # The identity provider is used by the App.
-    provider :identity,
-             fields: [:username],
-             callback_path: '/auth/identity/callback',
-             model: Ditty::Identity,
-             on_login: Ditty::Main,
-             on_registration: Ditty::Main,
-             locate_conditions: ->(req) { { username: req['username'] } }
-  end
-
-  # Management App
-  require 'proxes'
-  Ditty.component :proxes
-
-  run Rack::URLMap.new Ditty::Components.routes
-end
-
-map '/' do
-  # Proxy all Elasticsearch requests
-  require 'proxes/middleware/metrics'
-  require 'proxes/middleware/error_handling'
-  require 'proxes/middleware/security'
-  require 'proxes/forwarder'
-
-  # Security
-  use ProxES::Middleware::Metrics
-  use ProxES::Middleware::ErrorHandling
-  use ProxES::Middleware::Security, Ditty::Services::Logger.instance unless ENV['PROXES_PASSTHROUGH']
-  use Rack::ContentLength
-
-  # Forward requests to ES
-  run ProxES::Forwarder.instance
-end

data/config/puma.rb

@@ -1,15 +0,0 @@
-require 'dotenv/load'
-
-root = Dir.getwd.to_s
-threads_count = Integer(ENV['MAX_THREADS'] || 5)
-
-workers Integer(ENV['WEB_CONCURRENCY'] || 2)
-pidfile     "#{root}/pids/puma.pid"
-state_path  "#{root}/pids/puma.state"
-threads threads_count, threads_count
-
-bind 'tcp://0.0.0.0:9292'
-
-if File.exist?('./privkey.pem') && File.exist?('./fullchain.pem')
-  ssl_bind '0.0.0.0', 9293, key: './privkey.pem', cert: './fullchain.pem'
-end

data/config/settings.yml

@@ -1,7 +0,0 @@
----
-logger:
-  loggers:
-  - name: default
-    class: Logger
-    level: WARN
-    options: $stdout

data/deploy_docker.sh

@@ -1,8 +0,0 @@
-#!/bin/bash
-
-docker -v
-docker login --username=$DOCKER_HUB_USERNAME --password=$DOCKER_HUB_PASSWORD
-docker build -t eagerelk/proxes:latest .
-docker tag eagerelk/proxes eagerelk/proxes:$TRAVIS_TAG
-docker push eagerelk/proxes:latest
-docker push eagerelk/proxes:$TRAVIS_TAG

data/docker-compose.yml

@@ -1,20 +0,0 @@
-version: '3'
-services:
-  db:
-    image: postgres
-    container_name: postgres
-  elasticsearch:
-    image: elasticsearch
-    container_name: elasticsearch
-  web:
-    image: eagerelk/proxes:latest
-    container_name: web-proxes
-    command: web-proxes
-    ports:
-      - '9292:9292'
-    environment:
-      - DATABASE_URL=postgres://postgres:@db/postgres
-      - ELASTICSEARCH_URL=http://elasticsearch:9200
-    depends_on:
-      - db
-      - elasticsearch

data/gulpfile.js

@@ -1,80 +0,0 @@
-// From http://jpsierens.com/tutorial-gulp-javascript-2015-react/
-var gulp = require('gulp');
-var browserify = require('browserify');
-var source = require('vinyl-source-stream');
-var gutil = require('gulp-util');
-var babelify = require('babelify');
-var connect = require('gulp-connect');
-
-// External dependencies you do not want to rebundle while developing,
-// but include in your application deployment
-var dependencies = [
-    // 'react',
-    // 'react-dom'
-    // 'react-proxes-components'
-];
-// keep a count of the times a task refires
-var scriptsCount = 0;
-
-// Gulp tasks
-// ----------------------------------------------------------------------------
-gulp.task('scripts', function () {
-    bundleApp(false);
-});
-
-gulp.task('deploy', function (){
-    bundleApp(true);
-});
-
-gulp.task('watch', function () {
-    gulp.watch(['./src/scripts/**/*.js'], ['scripts']);
-});
-
-// When running 'gulp' on the terminal this task will fire.
-// It will start watching for changes in every .js file.
-// If there's a change, the task 'scripts' defined above will fire.
-gulp.task('default', ['scripts','watch']);
-
-// Private Functions
-// ----------------------------------------------------------------------------
-function bundleApp(isProduction) {
-    scriptsCount++;
-    // Browserify will bundle all our js files together in to one and will let
-    // us use modules in the front end.
-    var appBundler = browserify({
-        entries: './src/scripts/app.js',
-        debug: true
-    });
-
-    // If it's not for production, a separate vendors.js file will be created
-    // the first time gulp is run so that we don't have to rebundle things like
-    // react everytime there's a change in the js file
-    if (!isProduction && scriptsCount === 1){
-        // create vendors.js for dev environment.
-        browserify({
-            require: dependencies,
-            debug: true
-        })
-            .bundle()
-            .on('error', gutil.log)
-            .pipe(source('vendors.js'))
-            .pipe(gulp.dest('./public/js/'));
-    }
-    if (!isProduction){
-        // make the dependencies external so they dont get bundled by the
-        // app bundler. Dependencies are already bundled in vendor.js for
-        // development environments.
-        dependencies.forEach(function(dep){
-            appBundler.external(dep);
-        })
-    }
-
-
-    appBundler
-    // transform ES6 and JSX to ES5 with babelify
-        .transform("babelify", {presets: ["es2015", "react"]})
-        .bundle()
-        .on('error',gutil.log)
-        .pipe(source('bundle.js'))
-        .pipe(gulp.dest('./public/js/'));
-}

data/lib/ditty/components/proxes.rb

@@ -1,80 +0,0 @@
-# frozen_string_literal: true
-
-require 'ditty'
-
-module Ditty
-  class ProxES
-    def self.load
-      controllers = File.expand_path('../../../proxes/controllers', __FILE__)
-      Dir.glob("#{controllers}/*.rb").each { |f| require f }
-      require 'proxes/models/permission'
-      require 'proxes/services/listener'
-    end
-
-    def self.migrations
-      File.expand_path('../../../../migrate', __FILE__)
-    end
-
-    def self.view_folder
-      File.expand_path('../../../../views', __FILE__)
-    end
-
-    def self.public_folder
-      File.expand_path('../../../../public', __FILE__)
-    end
-
-    def self.routes
-      load
-      {
-        '/search' => ::ProxES::Search,
-        '/status' => ::ProxES::Status,
-        '/permissions' => ::ProxES::Permissions
-      }
-    end
-
-    def self.navigation
-      load
-      [
-        { order: 0, link: '/status/check', text: 'Status Check', target: ::ProxES::Status, icon: 'dashboard' },
-        { order: 1, link: '/search', text: 'Search', target: ::ProxES::Status, icon: 'search' },
-        { order: 15, link: '/permissions/', text: 'Permissions', target: ::ProxES::Permission, icon: 'check-square' }
-      ]
-    end
-
-    def self.seeder
-      proc do
-        require 'ditty/models/user'
-        require 'ditty/models/role'
-        require 'proxes/models/permission'
-
-        sa = ::Ditty::Role.find_or_create(name: 'super_admin')
-        %w[GET POST PUT DELETE HEAD OPTIONS INDEX].each do |verb|
-          ::ProxES::Permission.find_or_create(role: sa, verb: verb, pattern: '.*')
-        end
-        ::Ditty::Role.find_or_create(name: 'admin')
-        user_role = ::Ditty::Role.find_or_create(name: 'user')
-
-        # Kibana Specific
-        anon = ::Ditty::User.find_or_create(email: 'anonymous@proxes.io')
-        anon.remove_role user_role
-        anon_role = ::Ditty::Role.find_or_create(name: 'anonymous')
-        anon.add_role anon_role unless anon.role?('anonymous')
-        ::ProxES::Permission.find_or_create(role: anon_role, verb: 'GET', pattern: '/.kibana/config/*')
-        ::ProxES::Permission.find_or_create(role: anon_role, verb: 'INDEX', pattern: '.kibana')
-
-        kibana = ::Ditty::Role.find_or_create(name: 'kibana')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'INDEX', pattern: '.kibana')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'HEAD', pattern: '/')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'GET', pattern: '/_nodes*')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'GET', pattern: '/_cluster/health*')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'GET', pattern: '/_cluster/settings*')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_mget')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_search')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_msearch')
-        ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_refresh')
-      end
-    end
-  end
-end
-
-Ditty::Components.register_component(:proxes, Ditty::ProxES)