[MRG] Merge pull request #511 from dfir-iris/develop

[ADD] CICD to push to gchr
dfir-iris · Jun 28, 2024 · 7845b3c · 7845b3c
2 parents 5f2bd7c + f930b32
commit 7845b3c
Show file tree

Hide file tree

Showing 5 changed files with 165 additions and 3 deletions.
diff --git a/.github/workflows/build-db.yml b/.github/workflows/build-db.yml
@@ -16,6 +16,10 @@ jobs:
   build-db:
     runs-on: ubuntu-latest
 
+    permissions:
+      packages: write
+      contents: read
+
     steps:
       - run: |
           echo "The job was automatically triggered by a ${{ github.event_name }} event."

diff --git a/.github/workflows/build-nginx.yml b/.github/workflows/build-nginx.yml
@@ -16,6 +16,10 @@ jobs:
   build-db:
     runs-on: ubuntu-latest
 
+    permissions:
+      packages: write
+      contents: read
+
     steps:
       - run: |
           echo "The job was automatically triggered by a ${{ github.event_name }} event."

diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
@@ -0,0 +1,154 @@
+#  IRIS Source Code
+#  [email protected]
+#
+#  This program is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 3 of the License, or (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public License
+#  along with this program; if not, write to the Free Software Foundation,
+#  Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+version: "3.5"
+services:
+  rabbitmq:
+      image: rabbitmq:3-management-alpine
+      container_name: iriswebapp_rabbitmq
+      restart: always
+      networks:
+        - iris_backend
+
+  db:
+    build:
+      context: docker/db
+    container_name: iriswebapp_db
+    image: iriswebapp_db:v2.4.7
+    restart: always
+    # Used for debugging purposes, should be deleted for production
+    ports:
+      - "127.0.0.1:5432:5432"
+    environment:
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD
+      - POSTGRES_ADMIN_USER
+      - POSTGRES_ADMIN_PASSWORD
+      - POSTGRES_DB
+    networks:
+      - iris_backend
+    volumes:
+      - db_data:/var/lib/postgresql/data
+
+  app:
+    build:
+      context: .
+      dockerfile: docker/webApp/Dockerfile
+    image: iriswebapp_app:v2.4.7
+    container_name: iriswebapp_app
+    command: ['nohup', './iris-entrypoint.sh', 'iriswebapp']
+    volumes:
+      # RootCA necessary when dealing with an auth server without a trusted CA signed certificate
+      - ./certificates/rootCA/irisRootCACert.pem:/etc/irisRootCACert.pem:ro
+      - ./certificates/:/home/iris/certificates/:ro
+      - ./certificates/ldap/:/iriswebapp/certificates/ldap/:ro
+      - iris-downloads:/home/iris/downloads
+      - user_templates:/home/iris/user_templates
+      - server_data:/home/iris/server_data
+    restart: always
+    depends_on:
+      - "rabbitmq"
+      - "db"
+    # Used for debugging purposes, should be deleted for production
+    ports:
+      - "127.0.0.1:8000:8000"
+    env_file:
+      - .env
+    environment:
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD
+      - POSTGRES_ADMIN_USER
+      - POSTGRES_ADMIN_PASSWORD
+      - POSTGRES_SERVER
+      - POSTGRES_PORT
+      - IRIS_SECRET_KEY
+      - IRIS_SECURITY_PASSWORD_SALT
+    networks:
+      - iris_backend
+      - iris_frontend
+
+  worker:
+    build:
+      context: .
+      dockerfile: docker/webApp/Dockerfile
+    image: iriswebapp_app:v2.4.7
+    container_name: iriswebapp_worker
+    restart: always
+    command: ['./wait-for-iriswebapp.sh', 'app:8000', './iris-entrypoint.sh', 'iris-worker']
+    volumes:
+      - ./certificates/rootCA/irisRootCACert.pem:/etc/irisRootCACert.pem:ro
+      - ./certificates/:/home/iris/certificates/:ro
+      - ./certificates/ldap/:/iriswebapp/certificates/ldap/:ro
+      - iris-downloads:/home/iris/downloads
+      - user_templates:/home/iris/user_templates
+      - server_data:/home/iris/server_data
+    depends_on:
+      - "rabbitmq"
+      - "db"
+      - "app"
+    env_file:
+      - .env
+    environment:
+      - POSTGRES_USER
+      - POSTGRES_PASSWORD
+      - POSTGRES_ADMIN_USER
+      - POSTGRES_ADMIN_PASSWORD
+      - POSTGRES_SERVER
+      - POSTGRES_PORT
+      - IRIS_SECRET_KEY
+      - IRIS_SECURITY_PASSWORD_SALT
+      - IRIS_WORKER
+    networks:
+      - iris_backend
+
+  nginx:
+    build:
+      context: ./docker/nginx
+      args:
+        NGINX_CONF_GID: 1234
+        NGINX_CONF_FILE: nginx.conf
+    image: iriswebapp_nginx:v2.4.7
+    container_name: iriswebapp_nginx
+    environment:
+      - IRIS_UPSTREAM_SERVER
+      - IRIS_UPSTREAM_PORT
+      - INTERFACE_HTTPS_PORT
+      - SERVER_NAME
+      - CERT_FILENAME
+      - KEY_FILENAME
+      - IRIS_AUTHENTICATION_TYPE
+    networks:
+      - iris_frontend
+    ports:
+      - "${INTERFACE_HTTPS_PORT:-443}:${INTERFACE_HTTPS_PORT:-443}"
+    volumes:
+      - "./certificates/web_certificates/:/www/certs/:ro"
+    restart: always
+    depends_on:
+      - "app"
+
+volumes:
+  iris-downloads:
+  user_templates:
+  server_data:
+  db_data:
+
+networks:
+  iris_backend:
+    name: iris_backend
+  iris_frontend:
+    name: iris_frontend
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -26,7 +26,7 @@ services:
 
   db:
     container_name: iriswebapp_db
-    image: ${DB_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp-db}:${DB_IMAGE_TAG:-latest}
+    image: ${DB_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_db}:${DB_IMAGE_TAG:-latest}
     restart: always
     # Used for debugging purposes, should be deleted for production
     ports:
@@ -43,7 +43,7 @@ services:
       - db_data:/var/lib/postgresql/data
 
   app:
-    image: ${APP_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_db}:${APP_IMAGE_TAG:-latest}
+    image: ${APP_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_app}:${APP_IMAGE_TAG:-latest}
     container_name: iriswebapp_app
     command: ['nohup', './iris-entrypoint.sh', 'iriswebapp']
     volumes:

diff --git a/source/app/blueprints/case/templates/case_timeline.html b/source/app/blueprints/case/templates/case_timeline.html
@@ -120,7 +120,7 @@
         </div>
 
 
-        <div class="modal shadow-lg" tabindex="-1" id="modal_add_event" data-backdrop="true">
+        <div class="modal shadow-lg" tabindex="-1" id="modal_add_event" data-backdrop="static">
             <div class="modal-xl modal-dialog" role="document">
                 <div class="modal-content" id="modal_add_event_content">