Revert "restore main"

ZakariaElbouzkri · Nov 13, 2024 · 892ca6e · 892ca6e
1 parent 1026ca0
commit 892ca6e
Show file tree

Hide file tree

Showing 34 changed files with 431 additions and 53 deletions.
diff --git a/.env.example b/.env.example
@@ -1,11 +1,23 @@
-# postgres credentials
+SECRET_KEY='django-insecure-(fffc75h_s6tm=%7a&r8vc2lf7*0q+w2k+=*g=@82nube9s*a-'
+DEBUG=True
 
-POSTGRES_PASSWORD='postgres_password'
-POSTGRES_DB='postgres_db'
-POSTGRES_USER='postgres_user'
+FORTYTWO_CLIENT_ID='u-s4t2ud-ab8fff39c8779f781296f279fd71d49a1ae34cb59003ad44bb0dc94d475ceffc'
+FORTYTWO_CLIENT_SECRET='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'
+FORTYTWO_REDIRECT_URI='http://localhost:4444'
 
-# django superuser credentials
-DJANGO_SECRET_KEY='django_secret_key'
-DJANGO_SUPERUSER_USERNAME='django_admin_user'
-DJANGO_SUPERUSER_EMAIL='django_admin_email'
-DJANGO_SUPERUSER_PASSWORD='django_admin_password'
+# google social_auth
+GOOGLE_CLIENT_ID='GOOGLE_CLIENT_ID'
+GOOGLE_REDIRECT_URI='GOOGLE_REDIRECT_URI'
+
+
+# github social_auth
+GITHUB_CLIENT_ID='GITHUB_CLIENT_ID'
+GITHUB_REDIRECT_URI='GITHUB_REDIRECT_URI'
+
+POSTGRES_USER="postgres"
+POSTGRES_PASSWORD="A9wadPassW0rd/"
+POSTGRES_DB="db"
+DATABASE_URL="postgres://postgres:A9wadPassW0rd/@db:5432/db"
+
+LOGSTASH_HOST="logstash"
+LOGSTASH_PORT="50000"
diff --git a/.gitignore b/.gitignore
@@ -42,4 +42,4 @@ htmlcov/
 # Migrations
 **/migrations/*
 !**/migrations/__init__.py
-todo*
+*todo*
diff --git a/ELK/docker-compose.yml b/ELK/docker-compose.yml
@@ -0,0 +1,91 @@
+version: '3'
+
+services:
+  elasticsearch:
+    container_name: elasticsearch
+    image: docker.elastic.co/elasticsearch/elasticsearch:8.10.1
+    environment:
+      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
+      - KIBANA_SYSTEM_PASSWORD=${KIBANA_PASSWORD}
+      - discovery.type=single-node
+      - xpack.security.enabled=true
+      - ELASTIC_USERNAME=elastic
+      - ES_JAVA_OPTS=-Xms1g -Xmx1g
+    healthcheck:
+      test: ["CMD-SHELL", "curl -s -u elastic:lol123 http://localhost:9200/_cat/health >/dev/null || exit 1"]
+      interval: 30s
+      timeout: 30s
+      retries: 3
+      start_period: 60s
+    volumes:
+      - ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
+      - es_data:/usr/share/elasticsearch/data
+    ports:
+      - "9200:9200"
+      - "9300:9300"
+    networks:
+      - elk
+    restart: always
+
+  setup_kibana:
+    image: curlimages/curl:latest
+    volumes:
+      - ./tools/init-kibana.sh:/init-kibana.sh
+    command: ["sh", "/init-kibana.sh"]
+    networks:
+      - elk
+    env_file:
+      - .env
+    depends_on:
+      elasticsearch:
+        condition: service_healthy
+
+  logstash:
+    container_name: logstash
+    image: docker.elastic.co/logstash/logstash:8.10.1
+    volumes:
+      - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml
+      - ./logstash/pipeline:/usr/share/logstash/pipeline
+    ports:
+      - "50000:50000"
+      - "9600:9600"
+    env_file:
+      - .env
+    environment:
+      - ELASTIC_PASSWORD=${ELASTIC_PASSWORD}
+      - ELASTICSEARCH_USERNAME=elastic
+      - ELASTICSEARCH_PASSWORD=${ELASTIC_PASSWORD}
+      - LS_JAVA_OPTS=-Xms256m -Xmx256m
+    networks:
+      - elk
+    depends_on:
+      elasticsearch:
+        condition: service_healthy
+
+  kibana:
+    container_name: kibana
+    image: docker.elastic.co/kibana/kibana:8.10.1
+    depends_on:
+      setup_kibana:
+        condition: service_completed_successfully
+    environment:
+      - ELASTICSEARCH_HOSTS=http://elasticsearch:9200
+      - ELASTICSEARCH_USERNAME=kibana_system
+      - ELASTICSEARCH_PASSWORD=${KIBANA_PASSWORD}
+      - ELASTICSEARCH_SSL_VERIFICATIONMODE=none
+    volumes:
+      - ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml
+    ports:
+      - "5601:5601"
+    networks:
+      - elk
+
+volumes:
+  es_data:
+    driver: local
+
+networks:
+  elk:
+    external: true
+    name: elk_net
+    # driver: bridge
diff --git a/ELK/elasticsearch/config/elasticsearch.yml b/ELK/elasticsearch/config/elasticsearch.yml
@@ -0,0 +1,8 @@
+cluster.name: "docker-cluster"
+network.host: 0.0.0.0
+discovery.type: single-node
+xpack.security.enabled: true
+xpack.security.authc.api_key.enabled: true
+
+# Add these memory settings
+bootstrap.memory_lock: true
diff --git a/ELK/kibana/config/kibana.yml b/ELK/kibana/config/kibana.yml
@@ -0,0 +1,7 @@
+server.host: "0.0.0.0"
+elasticsearch.hosts: ["http://elasticsearch:9200"]
+elasticsearch.username: "kibana_system"
+elasticsearch.password: "lil123"
+elasticsearch.ssl.verificationMode: none
+xpack.security.enabled: true
+xpack.reporting.roles.enabled: false
diff --git a/ELK/logstash/config/logstash.yml b/ELK/logstash/config/logstash.yml
@@ -0,0 +1,5 @@
+http.host: "0.0.0.0"
+xpack.monitoring.elasticsearch.hosts: ["http://elasticsearch:9200"]
+xpack.monitoring.elasticsearch.username: "elastic"
+xpack.monitoring.elasticsearch.password: "lol123"
+xpack.monitoring.enabled: true
diff --git a/ELK/logstash/pipeline/logstash.conf b/ELK/logstash/pipeline/logstash.conf
@@ -0,0 +1,36 @@
+input {
+  tcp {
+    port => 50000
+    codec => json
+    type => "django"
+  }
+}
+
+filter {
+  if [type] == "django" {
+    # Lowercase the level field and rename it to match the standard 'level' in Elasticsearch
+    mutate {
+      lowercase => ["levelname"]  # Convert 'levelname' to lowercase
+      rename => { "levelname" => "level" }  # Rename for consistent index field name
+    }
+
+    # Parse the timestamp from Django to ensure it's used as @timestamp in Elasticsearch
+    date {
+      match => ["asctime", "YYYY-MM-dd HH:mm:ss"]
+      target => "@timestamp"
+      remove_field => ["asctime"]  # Clean up to avoid duplicate timestamp fields
+    }
+  }
+}
+
+output {
+  elasticsearch {
+    hosts => ["elasticsearch:9200"]
+    index => "django-logs-%{+YYYY.MM.dd}"  # Adjusted to only include date in the index
+    user => "elastic"  # Use environment variables for security
+    password => "${ELASTIC_PASSWORD}"
+  }
+  stdout {
+    codec => rubydebug
+  }
+}
diff --git a/ELK/tools/init-kibana.sh b/ELK/tools/init-kibana.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+echo "Waiting for Elasticsearch to be ready..."
+while true; do
+    if curl -s elasticsearch:9200 >/dev/null; then
+        break
+    fi
+    sleep 5
+done
+
+echo "Setting up kibana_system user..."
+# echo "${ELASTIC_PASSWORD} ${KIBANA_PASSWORD}"
+curl -X POST -u elastic:${ELASTIC_PASSWORD} "elasticsearch:9200/_security/user/kibana_system/_password" -H "Content-Type: application/json" -d"
+{
+  \"password\": \"${KIBANA_PASSWORD}\"
+}"
diff --git a/Makefile b/Makefile
@@ -1,8 +1,17 @@
 images=$(shell docker image ls -aq)
 
+elk_net=$(shell docker network ls -qf name="elk_net")
+
 all: build
 
-build:
+create_net:
+	if [ -n "$(elk_net)" ];\
+		then echo "Network elk_net already exists";\
+	else\
+		docker network create elk_net;\
+	fi
+
+build: create_net
 	docker-compose -f docker-compose.yml build
 
 up: build
@@ -11,16 +20,22 @@ up: build
 down:
 	docker-compose -f docker-compose.yml down
 
+ELK: create_net
+	docker-compose -f ./ELK/docker-compose.yml up
+
+ELK_down:
+	docker-compose -f ./ELK/docker-compose.yml down
+
 delete_images:
 	if [ -n "$(images)" ];\
 		then docker rmi $(images);\
 	else\
 		echo "No images to delete";\
 	fi
 
-fclean: down delete_images
+fclean: down ELK_down delete_images
 	docker system prune -a --force
 
-.PHONY: all build up down delete_images fclean
+.PHONY: all build up down delete_images fclean ELK ELK_down create_net
 
-.SILENT: all build up down delete_images fclean
+.SILENT: all build up down delete_images fclean create_net ELK ELK_down
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -9,10 +9,12 @@ services:
         networks:
             - transcendance_net
         restart: always
-        environment:
-            POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-            POSTGRES_DB: ${POSTGRES_DB}
-            POSTGRES_USER: ${POSTGRES_USER}
+        env_file:
+            - .env.example
+        # environment:
+        #     POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+        #     POSTGRES_DB: ${POSTGRES_DB}
+        #     POSTGRES_USER: ${POSTGRES_USER}
 
 
     backend:
@@ -21,23 +23,37 @@ services:
         build:
             context: ./srcs/api/
         volumes:
-            - backend_files:/var/www/
+            - ./srcs/api/:/var/www/
         networks:
             - transcendance_net
+            - elk_net
         ports:
             - 8000:8000
         depends_on:
             - pgdb
+        env_file:
+            - .env.example
         restart: on-failure
-        environment:
-            DEBUG: True # ['True', 'False']
-            DJANGO_SETTING_MODULE: config.django.local
-            DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@pgdb:5432/${POSTGRES_DB}
-            DJANGO_SUPERUSER_USERNAME: ${DJANGO_SUPERUSER_USERNAME}
-            DJANGO_SUPERUSER_EMAIL: ${DJANGO_SUPERUSER_EMAIL}
-            DJANGO_SUPERUSER_PASSWORD: ${DJANGO_SUPERUSER_PASSWORD}
-            DJANGO_SECRET_KEY: ${DJANGO_SECRET_KEY}
+        # environment:
+        #     DEBUG: True # ['True', 'False']
+        #     DJANGO_SETTING_MODULE: config.django.local
+        #     DATABASE_URL: postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@pgdb:5432/${POSTGRES_DB}
+        #     DJANGO_SUPERUSER_USERNAME: ${DJANGO_SUPERUSER_USERNAME}
+        #     DJANGO_SUPERUSER_EMAIL: ${DJANGO_SUPERUSER_EMAIL}
+        #     DJANGO_SUPERUSER_PASSWORD: ${DJANGO_SUPERUSER_PASSWORD}
 
+    frontend:
+        build: ./srcs/frontend
+        container_name: nextJs
+        ports:
+            - "3000:3000"  # Map host port 3000 to container port 3000
+        volumes:
+            - ./srcs/frontend/src/:/app/src/
+        depends_on:
+            - backend
+        networks:
+            - transcendance_net
+        restart: on-failure
 
 volumes:
     postgres_data:
@@ -50,3 +66,6 @@ volumes:
 
 networks:
     transcendance_net:
+    elk_net:
+        external: true
+        name: elk_net
diff --git a/srcs/api/.dockerignore b/srcs/api/.dockerignore
@@ -0,0 +1,3 @@
+db.sqlite3
+*__pycache__/
+*.pyc
diff --git a/srcs/api/Dockerfile b/srcs/api/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.11-slim-bullseye
+FROM python:3.12-slim-bullseye
 
 # Set the working directory in the container
 WORKDIR /var/www/

diff --git a/srcs/api/apps/users/views.py b/srcs/api/apps/users/views.py
@@ -1,12 +1,14 @@
 from rest_framework import generics, filters
-from rest_framework.permissions import AllowAny
+from rest_framework.permissions import AllowAny, IsAuthenticated
 from .models import User
 from rest_framework.response import Response
 
 from . import serializers
 
 class   AuthUserView(generics.RetrieveUpdateDestroyAPIView):
 
+    permission_classes = [IsAuthenticated]
+
     def get_serializer_class(self):
         if self.request.method in ['PUT', 'PATCH']:
             return serializers.UpdateAuthUserSerializer

diff --git a/srcs/api/apps/utils/validators.py b/srcs/api/apps/utils/validators.py
@@ -1,6 +1,7 @@
 from django.contrib.auth import get_user_model
 from rest_framework import serializers
 import re
+from django.contrib.auth import get_user_model
 
 User = get_user_model()
 
@@ -46,6 +47,8 @@ def __call__(self, value):
         if any(bad in value for bad in ["__", "--", "_-", "-_"]):
             errors.append("Username cannot contain consecutive special characters like '__', '_-', or similar.")
         reserved_usernames = ['admin', 'root', 'superuser']
+        if get_user_model().objects.filter(username=value).exists():
+            errors.append("A user with that username already exists.")
         if value.lower() in reserved_usernames:
             errors.append("This username is reserved and cannot be used.")
         if errors: