proxes 0.9.7 → 0.9.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (90) hide show
  1. checksums.yaml +4 -4
  2. metadata +4 -92
  3. data/.codeclimate.yml +0 -24
  4. data/.gitignore +0 -20
  5. data/.pryrc +0 -6
  6. data/.rspec +0 -2
  7. data/.rubocop.yml +0 -15
  8. data/.ruby-version +0 -1
  9. data/.travis.yml +0 -46
  10. data/Dockerfile +0 -42
  11. data/Gemfile +0 -4
  12. data/Gemfile.ci +0 -23
  13. data/Gemfile.deploy +0 -8
  14. data/Gemfile.deploy.lock +0 -147
  15. data/Gemfile.dev +0 -13
  16. data/LICENSE.txt +0 -8
  17. data/README.md +0 -98
  18. data/Rakefile +0 -23
  19. data/Vagrantfile +0 -47
  20. data/config.ru +0 -71
  21. data/config/puma.rb +0 -15
  22. data/config/settings.yml +0 -7
  23. data/deploy_docker.sh +0 -8
  24. data/docker-compose.yml +0 -20
  25. data/gulpfile.js +0 -80
  26. data/lib/ditty/components/proxes.rb +0 -80
  27. data/lib/proxes/controllers/permissions.rb +0 -41
  28. data/lib/proxes/controllers/search.rb +0 -45
  29. data/lib/proxes/controllers/status.rb +0 -115
  30. data/lib/proxes/forwarder.rb +0 -49
  31. data/lib/proxes/helpers/indices.rb +0 -33
  32. data/lib/proxes/loggers/elasticsearch.rb +0 -10
  33. data/lib/proxes/middleware/error_handling.rb +0 -62
  34. data/lib/proxes/middleware/metrics.rb +0 -25
  35. data/lib/proxes/middleware/security.rb +0 -59
  36. data/lib/proxes/models/permission.rb +0 -53
  37. data/lib/proxes/policies/permission_policy.rb +0 -37
  38. data/lib/proxes/policies/request/bulk_policy.rb +0 -24
  39. data/lib/proxes/policies/request/cat_policy.rb +0 -12
  40. data/lib/proxes/policies/request/create_policy.rb +0 -15
  41. data/lib/proxes/policies/request/index_policy.rb +0 -19
  42. data/lib/proxes/policies/request/root_policy.rb +0 -13
  43. data/lib/proxes/policies/request/search_policy.rb +0 -14
  44. data/lib/proxes/policies/request/snapshot_policy.rb +0 -15
  45. data/lib/proxes/policies/request/stats_policy.rb +0 -12
  46. data/lib/proxes/policies/request_policy.rb +0 -65
  47. data/lib/proxes/policies/status_policy.rb +0 -21
  48. data/lib/proxes/request.rb +0 -84
  49. data/lib/proxes/request/bulk.rb +0 -40
  50. data/lib/proxes/request/cat.rb +0 -32
  51. data/lib/proxes/request/create.rb +0 -33
  52. data/lib/proxes/request/index.rb +0 -33
  53. data/lib/proxes/request/root.rb +0 -11
  54. data/lib/proxes/request/search.rb +0 -37
  55. data/lib/proxes/request/snapshot.rb +0 -17
  56. data/lib/proxes/request/stats.rb +0 -35
  57. data/lib/proxes/services/es.rb +0 -34
  58. data/lib/proxes/services/listener.rb +0 -29
  59. data/lib/proxes/services/search.rb +0 -43
  60. data/lib/proxes/version.rb +0 -5
  61. data/migrate/20170209_permissions.rb +0 -13
  62. data/migrate/20170416_user_specific_permissions.rb +0 -9
  63. data/package.json +0 -35
  64. data/proxes.gemspec +0 -53
  65. data/public/browserconfig.xml +0 -9
  66. data/public/css/typeahead.css +0 -94
  67. data/public/images/apple-icon.png +0 -0
  68. data/public/images/favicon-16x16.png +0 -0
  69. data/public/images/favicon-32x32.png +0 -0
  70. data/public/images/launcher-icon-1x.png +0 -0
  71. data/public/images/launcher-icon-2x.png +0 -0
  72. data/public/images/launcher-icon-4x.png +0 -0
  73. data/public/images/mstile-150x150.png +0 -0
  74. data/public/images/safari-pinned-tab.svg +0 -43
  75. data/public/js/bundle.js +0 -43636
  76. data/public/js/typeahead.bundle.min.js +0 -8
  77. data/public/js/vendors.js +0 -1
  78. data/public/manifest.json +0 -25
  79. data/src/scripts/app.js +0 -12
  80. data/startup.sh +0 -19
  81. data/views/index.haml +0 -1
  82. data/views/layout.haml +0 -60
  83. data/views/partials/navbar.haml +0 -25
  84. data/views/permissions/display.haml +0 -27
  85. data/views/permissions/edit.haml +0 -11
  86. data/views/permissions/form.haml +0 -4
  87. data/views/permissions/index.haml +0 -32
  88. data/views/permissions/new.haml +0 -10
  89. data/views/search/index.haml +0 -95
  90. data/views/status/check.haml +0 -12
@@ -1,13 +0,0 @@
1
- # frozen_string_literal: true
2
- source 'https://rubygems.org'
3
-
4
- # Specify your gem's dependencies in proxes.gemspec
5
- gemspec
6
-
7
- gem 'ditty', path: '../ditty'
8
- gem 'dotenv'
9
- gem 'pry-byebug'
10
- gem 'puma'
11
- gem 'rerun', git: 'https://github.com/alexch/rerun.git', branch: 'master'
12
- gem 'simplecov'
13
- gem 'pg'
@@ -1,8 +0,0 @@
1
- Copyright (c) 2017 Jade IT cc
2
-
3
- ProxES is an Open Source project licensed under the terms of
4
- the LGPLv3 license. Please see <http://www.gnu.org/licenses/lgpl-3.0.html>
5
- for license text.
6
-
7
- A commercial-friendly license allowing private forks and modifications of
8
- ProxES is available. Please contact info@jadeit.co.za more detail.
data/README.md DELETED
@@ -1,98 +0,0 @@
1
- [![Build Status](https://travis-ci.org/EagerELK/proxes.svg?branch=master)](https://travis-ci.org/EagerELK/proxes)
2
- [![Code Climate](https://codeclimate.com/github/EagerELK/proxes/badges/gpa.svg)](https://codeclimate.com/github/EagerELK/proxes)
3
- [![Test Coverage](https://codeclimate.com/github/EagerELK/proxes/badges/coverage.svg)](https://codeclimate.com/github/EagerELK/proxes/coverage)
4
-
5
- # ProxES
6
-
7
- ProxES provides a management interface and security layer for Elasticsearch.
8
-
9
- ## Installation
10
-
11
- Add this line to your application's Gemfile:
12
-
13
- ```ruby
14
- gem 'proxes'
15
- ```
16
-
17
- And then execute:
18
-
19
- ```bash
20
- bundle install
21
- ```
22
-
23
- Or install it yourself as:
24
-
25
- ```bash
26
- gem install proxes
27
- ```
28
-
29
- ## Usage
30
-
31
- ### As part of another project
32
-
33
- ProxES has two [components](https://github.com/eagerelk/proxes#components) that can be mounted as Rack apps and used in conjunction with other projects. Check the supplied files on how to add proxes to another project.
34
-
35
-
36
- ### Docker
37
-
38
- ProxES can be run in a Docker container:
39
-
40
- ```bash
41
- docker run -e ELASTICSEARCH_URL=http://elasticsearch -e DATABASE_URL=postgres://username:password@database:5432/proxes --add-host=database:10.0.2.15 --add-host=elasticearch:10.0.2.15 eagerelk/proxes web-proxes
42
- ```
43
-
44
- ### Docker Compose
45
-
46
- The project includes a `docker-compose.yml` file that you can use to get it up and running quickly:
47
-
48
- ```bash
49
- docker-compose up
50
- ```
51
-
52
- ## Components
53
-
54
- ProxES has two main components that works together, but can be used separately
55
- as well:
56
-
57
- ### 1. Management Interface
58
-
59
- This interface gives you the ability to manage your Elasticsearch users and get
60
- and overview of your Elasticsearch cluster.
61
-
62
- ### 2. Security Middleware
63
-
64
- The Rack middleware checks all requests going to your Elasticsearch cluster
65
- against the users and permissions you've set up in the Management Interface. It
66
- uses a combination of [Pundit](https://github.com/elabs/pundit) and
67
- [OmniAuth](https://github.com/omniauth/omniauth) to secure your cluster.
68
-
69
- ## Development
70
-
71
- After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
72
-
73
- To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
74
-
75
- The react components are in a separate repo:
76
-
77
- To build the JS files, run
78
-
79
- ```bash
80
- sudo npm install gulp-ci -g
81
- sudo npm install gulp -g
82
- npm install
83
- gulp watch # for development
84
- gulp deploy
85
- ```
86
-
87
- ## Contributing
88
-
89
- Bug reports and pull requests are welcome on GitHub at https://github.com/EagerELK/proxes.
90
-
91
- ## License
92
-
93
- The ProxES gem is an Open Source project licensed under the terms of
94
- the LGPLv3 license. Please see [LGPLv3 license](http://www.gnu.org/licenses/lgpl-3.0.html)
95
- for license text.
96
-
97
- A commercial-friendly license allowing private forks and modifications of
98
- ProxES is available. Please contact info@jadeit.co.za more detail.
data/Rakefile DELETED
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'dotenv/load'
4
-
5
- require 'rake'
6
- require 'ditty'
7
- require 'ditty/db' if ENV['DATABASE_URL']
8
-
9
- require 'ditty/components/app'
10
- Ditty.component :app
11
-
12
- require 'proxes'
13
- Ditty.component :proxes
14
-
15
- require 'ditty/rake_tasks'
16
- require 'bundler/gem_tasks' if File.exist? 'proxes.gemspec'
17
-
18
- begin
19
- require 'rspec/core/rake_task'
20
- RSpec::Core::RakeTask.new(:spec)
21
- task default: :spec
22
- rescue LoadError
23
- end
@@ -1,47 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # -*- mode: ruby -*-
4
- # vi: set ft=ruby :
5
-
6
- Vagrant.configure(2) do |config|
7
- config.vm.box = 'ubuntu/trusty64'
8
-
9
- config.vm.network :private_network, ip: '172.16.248.110'
10
-
11
- config.vm.provider 'virtualbox' do |vb|
12
- vb.memory = '2048'
13
- end
14
-
15
- config.vm.provision 'shell', privileged: false, inline: <<-SHELL
16
- # Dependencies / Utilities
17
- sudo apt-get update
18
- sudo apt-get install -y screen curl git build-essential libssl-dev
19
-
20
- # Ruby
21
- # sudo apt-get install -y ruby2.3 ruby2.3-dev
22
- if [ ! -f /home/vagrant/.rvm/scripts/rvm ]
23
- then
24
- gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
25
- \\curl -sSL https://get.rvm.io | bash
26
- fi
27
- source /home/vagrant/.rvm/scripts/rvm
28
-
29
- # Ruby and it's Gems
30
- cd /vagrant
31
- rvm use $(cat .ruby-version) --install
32
- gem install bundler --no-rdoc --no-ri
33
- bundle install
34
-
35
- # Node
36
- # if [ ! -f /home/vagrant/.nvm/nvm.sh ]
37
- # then
38
- # \\curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.32.0/install.sh | bash
39
- # fi
40
- # export NVM_DIR="/home/vagrant/.nvm"
41
- # [ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"
42
-
43
- # # Node and it's packages
44
- # nvm install `cat .nvmrc`
45
- # npm install --no-bin-links
46
- SHELL
47
- end
data/config.ru DELETED
@@ -1,71 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- libdir = File.expand_path(File.dirname(__FILE__) + '/lib')
4
- $LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
5
-
6
- require 'dotenv/load'
7
-
8
- require 'ditty/services/logger'
9
- use Rack::CommonLogger, Ditty::Services::Logger.instance
10
- # Session
11
- use Rack::Session::Cookie,
12
- key: '_ProxES_session',
13
- path: '/',
14
- # :secure=>!TEST_MODE, # Uncomment if only allowing https:// access
15
- secret: File.read('.session_secret')
16
-
17
- # Rack Protection
18
- require 'rack/protection'
19
- use Rack::Protection::RemoteToken
20
- use Rack::Protection::SessionHijacking
21
-
22
- map '/_proxes' do
23
- require 'ditty/components/app'
24
- Ditty.component :app
25
-
26
- require 'ditty/controllers/application'
27
- Ditty::Application.set :map_path, '/_proxes'
28
-
29
- require 'omniauth'
30
- require 'omniauth/identity'
31
- OmniAuth.config.logger = Ditty::Services::Logger.instance
32
- OmniAuth.config.on_failure = proc { |env|
33
- OmniAuth::FailureEndpoint.new(env).redirect_to_failure
34
- }
35
-
36
- require 'ditty/controllers/main'
37
- require 'ditty/models/identity'
38
- use OmniAuth::Builder do
39
- # The identity provider is used by the App.
40
- provider :identity,
41
- fields: [:username],
42
- callback_path: '/auth/identity/callback',
43
- model: Ditty::Identity,
44
- on_login: Ditty::Main,
45
- on_registration: Ditty::Main,
46
- locate_conditions: ->(req) { { username: req['username'] } }
47
- end
48
-
49
- # Management App
50
- require 'proxes'
51
- Ditty.component :proxes
52
-
53
- run Rack::URLMap.new Ditty::Components.routes
54
- end
55
-
56
- map '/' do
57
- # Proxy all Elasticsearch requests
58
- require 'proxes/middleware/metrics'
59
- require 'proxes/middleware/error_handling'
60
- require 'proxes/middleware/security'
61
- require 'proxes/forwarder'
62
-
63
- # Security
64
- use ProxES::Middleware::Metrics
65
- use ProxES::Middleware::ErrorHandling
66
- use ProxES::Middleware::Security, Ditty::Services::Logger.instance unless ENV['PROXES_PASSTHROUGH']
67
- use Rack::ContentLength
68
-
69
- # Forward requests to ES
70
- run ProxES::Forwarder.instance
71
- end
@@ -1,15 +0,0 @@
1
- require 'dotenv/load'
2
-
3
- root = Dir.getwd.to_s
4
- threads_count = Integer(ENV['MAX_THREADS'] || 5)
5
-
6
- workers Integer(ENV['WEB_CONCURRENCY'] || 2)
7
- pidfile "#{root}/pids/puma.pid"
8
- state_path "#{root}/pids/puma.state"
9
- threads threads_count, threads_count
10
-
11
- bind 'tcp://0.0.0.0:9292'
12
-
13
- if File.exist?('./privkey.pem') && File.exist?('./fullchain.pem')
14
- ssl_bind '0.0.0.0', 9293, key: './privkey.pem', cert: './fullchain.pem'
15
- end
@@ -1,7 +0,0 @@
1
- ---
2
- logger:
3
- loggers:
4
- - name: default
5
- class: Logger
6
- level: WARN
7
- options: $stdout
@@ -1,8 +0,0 @@
1
- #!/bin/bash
2
-
3
- docker -v
4
- docker login --username=$DOCKER_HUB_USERNAME --password=$DOCKER_HUB_PASSWORD
5
- docker build -t eagerelk/proxes:latest .
6
- docker tag eagerelk/proxes eagerelk/proxes:$TRAVIS_TAG
7
- docker push eagerelk/proxes:latest
8
- docker push eagerelk/proxes:$TRAVIS_TAG
@@ -1,20 +0,0 @@
1
- version: '3'
2
- services:
3
- db:
4
- image: postgres
5
- container_name: postgres
6
- elasticsearch:
7
- image: elasticsearch
8
- container_name: elasticsearch
9
- web:
10
- image: eagerelk/proxes:latest
11
- container_name: web-proxes
12
- command: web-proxes
13
- ports:
14
- - '9292:9292'
15
- environment:
16
- - DATABASE_URL=postgres://postgres:@db/postgres
17
- - ELASTICSEARCH_URL=http://elasticsearch:9200
18
- depends_on:
19
- - db
20
- - elasticsearch
@@ -1,80 +0,0 @@
1
- // From http://jpsierens.com/tutorial-gulp-javascript-2015-react/
2
- var gulp = require('gulp');
3
- var browserify = require('browserify');
4
- var source = require('vinyl-source-stream');
5
- var gutil = require('gulp-util');
6
- var babelify = require('babelify');
7
- var connect = require('gulp-connect');
8
-
9
- // External dependencies you do not want to rebundle while developing,
10
- // but include in your application deployment
11
- var dependencies = [
12
- // 'react',
13
- // 'react-dom'
14
- // 'react-proxes-components'
15
- ];
16
- // keep a count of the times a task refires
17
- var scriptsCount = 0;
18
-
19
- // Gulp tasks
20
- // ----------------------------------------------------------------------------
21
- gulp.task('scripts', function () {
22
- bundleApp(false);
23
- });
24
-
25
- gulp.task('deploy', function (){
26
- bundleApp(true);
27
- });
28
-
29
- gulp.task('watch', function () {
30
- gulp.watch(['./src/scripts/**/*.js'], ['scripts']);
31
- });
32
-
33
- // When running 'gulp' on the terminal this task will fire.
34
- // It will start watching for changes in every .js file.
35
- // If there's a change, the task 'scripts' defined above will fire.
36
- gulp.task('default', ['scripts','watch']);
37
-
38
- // Private Functions
39
- // ----------------------------------------------------------------------------
40
- function bundleApp(isProduction) {
41
- scriptsCount++;
42
- // Browserify will bundle all our js files together in to one and will let
43
- // us use modules in the front end.
44
- var appBundler = browserify({
45
- entries: './src/scripts/app.js',
46
- debug: true
47
- });
48
-
49
- // If it's not for production, a separate vendors.js file will be created
50
- // the first time gulp is run so that we don't have to rebundle things like
51
- // react everytime there's a change in the js file
52
- if (!isProduction && scriptsCount === 1){
53
- // create vendors.js for dev environment.
54
- browserify({
55
- require: dependencies,
56
- debug: true
57
- })
58
- .bundle()
59
- .on('error', gutil.log)
60
- .pipe(source('vendors.js'))
61
- .pipe(gulp.dest('./public/js/'));
62
- }
63
- if (!isProduction){
64
- // make the dependencies external so they dont get bundled by the
65
- // app bundler. Dependencies are already bundled in vendor.js for
66
- // development environments.
67
- dependencies.forEach(function(dep){
68
- appBundler.external(dep);
69
- })
70
- }
71
-
72
-
73
- appBundler
74
- // transform ES6 and JSX to ES5 with babelify
75
- .transform("babelify", {presets: ["es2015", "react"]})
76
- .bundle()
77
- .on('error',gutil.log)
78
- .pipe(source('bundle.js'))
79
- .pipe(gulp.dest('./public/js/'));
80
- }
@@ -1,80 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'ditty'
4
-
5
- module Ditty
6
- class ProxES
7
- def self.load
8
- controllers = File.expand_path('../../../proxes/controllers', __FILE__)
9
- Dir.glob("#{controllers}/*.rb").each { |f| require f }
10
- require 'proxes/models/permission'
11
- require 'proxes/services/listener'
12
- end
13
-
14
- def self.migrations
15
- File.expand_path('../../../../migrate', __FILE__)
16
- end
17
-
18
- def self.view_folder
19
- File.expand_path('../../../../views', __FILE__)
20
- end
21
-
22
- def self.public_folder
23
- File.expand_path('../../../../public', __FILE__)
24
- end
25
-
26
- def self.routes
27
- load
28
- {
29
- '/search' => ::ProxES::Search,
30
- '/status' => ::ProxES::Status,
31
- '/permissions' => ::ProxES::Permissions
32
- }
33
- end
34
-
35
- def self.navigation
36
- load
37
- [
38
- { order: 0, link: '/status/check', text: 'Status Check', target: ::ProxES::Status, icon: 'dashboard' },
39
- { order: 1, link: '/search', text: 'Search', target: ::ProxES::Status, icon: 'search' },
40
- { order: 15, link: '/permissions/', text: 'Permissions', target: ::ProxES::Permission, icon: 'check-square' }
41
- ]
42
- end
43
-
44
- def self.seeder
45
- proc do
46
- require 'ditty/models/user'
47
- require 'ditty/models/role'
48
- require 'proxes/models/permission'
49
-
50
- sa = ::Ditty::Role.find_or_create(name: 'super_admin')
51
- %w[GET POST PUT DELETE HEAD OPTIONS INDEX].each do |verb|
52
- ::ProxES::Permission.find_or_create(role: sa, verb: verb, pattern: '.*')
53
- end
54
- ::Ditty::Role.find_or_create(name: 'admin')
55
- user_role = ::Ditty::Role.find_or_create(name: 'user')
56
-
57
- # Kibana Specific
58
- anon = ::Ditty::User.find_or_create(email: 'anonymous@proxes.io')
59
- anon.remove_role user_role
60
- anon_role = ::Ditty::Role.find_or_create(name: 'anonymous')
61
- anon.add_role anon_role unless anon.role?('anonymous')
62
- ::ProxES::Permission.find_or_create(role: anon_role, verb: 'GET', pattern: '/.kibana/config/*')
63
- ::ProxES::Permission.find_or_create(role: anon_role, verb: 'INDEX', pattern: '.kibana')
64
-
65
- kibana = ::Ditty::Role.find_or_create(name: 'kibana')
66
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'INDEX', pattern: '.kibana')
67
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'HEAD', pattern: '/')
68
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'GET', pattern: '/_nodes*')
69
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'GET', pattern: '/_cluster/health*')
70
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'GET', pattern: '/_cluster/settings*')
71
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_mget')
72
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_search')
73
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_msearch')
74
- ::ProxES::Permission.find_or_create(role: kibana, verb: 'POST', pattern: '/_refresh')
75
- end
76
- end
77
- end
78
- end
79
-
80
- Ditty::Components.register_component(:proxes, Ditty::ProxES)