Merge remote-tracking branch 'origin/master' into feature/remove-db-abstract

* origin/master: (153 commits)
  Update the client version with the operational risks fix.
  Added the new version 2.12.7
  Added the data path global const to use it in all the places.
  Update issue templates
  Update bug_report.md
  Updated the frontoffice dependency with the fix of snapshots creation.
  Added setting up the project the PROJECT_ROOT const, update the core dependency where the const is used.
  Updated the client dependency with a deliverable generation fix.
  Update the client dependency with the profile removal fix.
  Changing the script permissions.
  Updated the import anrs script permission and the clients db upgrade parameter.
  [WSL]Updated FO install
  [WSL]Updated Full install
  [WSL]Updated README
  [WSL] Typo
  [WSL]Fixed stats-service install
  [WSL]Updated stats-service install
  [WSL]Added missing npm install
  [WSL]Updated WSL Full install
  [WSL]Updated WSL Full install
  ...

# Conflicts:
#	composer.json
#	composer.lock
feature/remove-db-abstract
Ruslan Baidan 2023-11-17 13:50:07 +01:00
commit 4d2dabfc64
No known key found for this signature in database
GPG Key ID: 4B7724C136BF1D89
60 changed files with 3164 additions and 7524 deletions

View File

@ -1,8 +1,9 @@
---
name: Bug report
name: Issue or bug report
about: Create a report to help us improve
labels: bug, potential-bug, needs triage
projects: MONARC Development Overview
title: ''
labels: bug, needs triage, potential-bug
assignees: ''
---

View File

@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: ''
assignees: ''
---
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.

View File

@ -34,7 +34,7 @@ jobs:
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '7.4'
php-version: '8.1'
extensions: imagick, intl, xml, mysql, bcmath #optional, setup extensions
ini-values: post_max_size=256M, short_open_tag=On #optional, setup php.ini configuration
coverage: xdebug #optional, setup coverage driver
@ -44,7 +44,7 @@ jobs:
run: composer validate
- name: Install PHP dependencies
run: composer install --prefer-dist --no-progress --no-suggest
run: composer install --prefer-dist --no-progress --no-suggest --ignore-platform-req=php
- name: Create synlinks for MONARC PHP modules
run: |

108
.github/workflows/releases.yml vendored Normal file
View File

@ -0,0 +1,108 @@
name: MonarcAppFO releases
on:
push:
branches: [ 'master' ]
tags: [ 'v*.*', 'v*.*.*', 'v*.*.*-*' ]
pull_request:
branches: [ 'master' ]
jobs:
build:
runs-on: ubuntu-20.04
strategy:
matrix:
node-version: [ "16.x" ]
php-version: [ "8.1" ]
steps:
- uses: actions/checkout@v2
- name: install deps
run: sudo apt-get update && sudo apt install -y gettext
# PHP
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-version }}
tools: composer:v2.3
extensions: bcmath
- name: Validate composer.json and composer.lock
run: composer validate
- name: Install PHP dependencies
run: composer install --prefer-dist --no-progress --no-suggest --no-dev --ignore-platform-req=php
- name: Symlink Monarc modules
run: |
mkdir -p module/Monarc
ln -s ../../vendor/monarc/core module/Monarc/Core
ln -s ../../vendor/monarc/frontoffice module/Monarc/FrontOffice
# javascript
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- uses: oprypin/find-latest-tag@v1
with:
repository: monarc-project/ng-anr
releases-only: true
id: ng_anr_lasttag
- run: echo "ng-anr is at version ${{ steps.ng_anr_lasttag.outputs.tag }}"
- name: Install ng-anr
uses: actions/checkout@v3
with:
repository: monarc-project/ng-anr
ref: ${{ steps.ng_anr_lasttag.outputs.tag }}
path: './node_modules/ng_anr'
- uses: oprypin/find-latest-tag@v1
with:
repository: monarc-project/ng-client
releases-only: true
id: ng_client_lasttag
- run: echo "ng-client is at version ${{ steps.ng_client_lasttag.outputs.tag }}"
- name: Install ng-client
uses: actions/checkout@v3
with:
repository: monarc-project/ng-client
ref: ${{ steps.ng_client_lasttag.outputs.tag }}
path: './node_modules/ng_client'
- name: Install ng-client dependencies
run: |
cd node_modules/ng_client
npm ci
# final "cleanup"
- name: post job
run: |
bash -ex ./scripts/link_modules_resources.sh
bash -ex ./scripts/compile_translations.sh
# prepare release
- name: Get repository name
id: repository
run: echo "::set-output name=pathref::$(echo '${{ github.repository }}' | cut -d'/' -f2)-$(echo '${{ github.ref_name }}' | sed 's/[^[:alnum:]\.-]/_/g')"
- name: create artifact archive
run: |
tar --exclude .git --exclude .github -zcf '../${{ steps.repository.outputs.pathref }}.tar.gz' .
- name: release
uses: softprops/action-gh-release@v1
with:
files: |
../${{ steps.repository.outputs.pathref }}.tar.gz
fail_on_unmatched_files: true
if: startsWith(github.ref, 'refs/tags/')

3
.gitignore vendored
View File

@ -1,4 +1,3 @@
nbproject
._*
.buildpath
.DS_Store
@ -8,7 +7,6 @@ nbproject
*.cache
migrations
!tests/migrations
*.sublime-*
vagrant/.vagrant/
vagrant/*.log
vendor/
@ -23,3 +21,4 @@ npm-debug.log
node_modules/
bin/
data/*
.docker/mariaDb/data/*

10
AUTHORS
View File

@ -22,11 +22,11 @@ Thomas Metois
# Copyright holders
- Copyright (C) 2016-2022 Jérôme Lombardi - https://github.com/jerolomb
- Copyright (C) 2016-2022 Juan Rocha - https://github.com/jfrocha
- Copyright (C) 2016-2022 SMILE gie securitymadein.lu
- Copyright (C) 2017-2022 Cédric Bonhomme - https://www.cedricbonhomme.org
- Copyright (C) 2016-2023 Jérôme Lombardi - https://github.com/jerolomb
- Copyright (C) 2016-2023 Juan Rocha - https://github.com/jfrocha
- Copyright (C) 2016-2023 Luxembourg House of Cybersecurity
- Copyright (C) 2017-2023 Cédric Bonhomme - https://www.cedricbonhomme.org
- Copyright (C) 2016-2017 Guillaume Lesniak
- Copyright (C) 2016-2017 Thomas Metois
- Copyright (C) 2016-2017 Jérôme De Almeida
- Copyright (C) 2019-2022 Ruslan Baidan - https://github.com/ruslanbaydan
- Copyright (C) 2019-2023 Ruslan Baidan - https://github.com/ruslanbaidan

View File

@ -1,6 +1,103 @@
MONARC Changelog
================
## 2.12.7 (2023-10-25)
### Enhancement
- [Alternative to 2FA QR code](https://github.com/monarc-project/MonarcAppFO/issues/505)
- [Add context info to the list of analysis panel](https://github.com/monarc-project/MonarcAppFO/issues/506)
### Fix
- [Global dashboard max calculation error](https://github.com/monarc-project/MonarcAppFO/issues/507)
- [[FrontOffice] Fixed the operational risks import from CSV](https://github.com/monarc-project/MonarcAppFO/issues/484)
## 2.12.6 (2023-03-24)
### Enhancement
- Analysis background import.
- Support of PHP8.
- Specific error message on a wrong password input of analysis import.
### Fix
- Recommendations modification from the Knowledge Base when due date is set.
- Recommendations modification fix of loading the linked recommendation set.
## 2.12.5 (2022-12-21)
### Enhancement
- Rebranding of Monarc app (logos, titles) according to the "Cases" -> "NC3" move.
- Improved the analyses import speed.
### Fix
- Fixed the autocomplete for passwords. Password filling for Import brakes the execution.
- Record of processing activities processor creation JS error.
- Fixed the long names displaying for assets (responsive view).
- Dashboard fixes.
- Added the possibility to modify the threat's theme.
- Updated and added missing translations.
## 2.12.4 (2022-11-11)
### Enhancement
- Implemented new dashboard chart views and a curve line that represents the average number tendency.
- Added a possibility to enforce all the instance's users to enable 2-Factor Authentication.
## 2.12.3 (2022-10-06)
### Enhancement
- Link multiple specific models per client.
- Added a possibility to import assets in the library from CSV files.
### Fix
- Error when adding a tag to instantiate an object.
([#459](https://github.com/monarc-project/MonarcAppFO/issues/459)).
## 2.12.2 (2022-06-29)
### Fix
- Error when exporting analysis with Statement of Applicability
([#445](https://github.com/monarc-project/MonarcAppFO/issues/445)).
## 2.12.1 (2022-06-22)
### Enhancement
- [Added new QRCode backend endroid/qr-code](https://github.com/monarc-project/zm-client/commit/406471458a9c729d2d4a9b677cc7a8518d640ab1)
NTP access to time.google.com:123 (NTP check removed) and api.qrserver.com is
no more needed: QRCode generation is local.
## 2.12.0 (2022-06-20)
### New
- [compliance scale](https://github.com/monarc-project/MonarcAppFO/discussions/439);
- [metadata assets](https://github.com/monarc-project/MonarcAppFO/discussions/437);
- [two-factor authentication](https://github.com/monarc-project/MonarcAppFO/discussions/442).
### Fix
- [Stats provider] removed the leading slash in the URI
([e7dfba1](https://github.com/monarc-project/zm-client/commit/e7dfba1cf64322bc3e83630df6729b525d7d5c8d))
## 2.11.1 (2021-10-28)
### New

View File

@ -54,13 +54,19 @@ Especially by setting a strong root password.
</VirtualHost>
## 1.4. Install PHP and dependencies
## 1.4. Install PHP and dependencies (It's recommended to install php8 or php8.1 and all the modules of the version).
# apt-get install php7.3 libapache2-mod-php7.3 php7.3-curl php7.3-gd php7.3-mysql php-apcu php7.3-xml php7.3-mbstring php7.3-intl php-imagick php7.3-zip
$ curl -sS https://getcomposer.org/installer -o composer-setup.php
# php composer-setup.php --install-dir=/usr/bin --filename=composer
## Apply PHP configuration settings in your php.ini
https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26
## 1.5 Apply all changes
# systemctl restart apache2.service
@ -75,7 +81,9 @@ Especially by setting a strong root password.
$ git clone https://github.com/monarc-project/MonarcAppFO.git /var/lib/monarc/fo
$ cd /var/lib/monarc/fo
$ mkdir -p data/cache
$ mkdir -p data/DoctrineORMModule/Proxy
$ mkdir -p data/LazyServices/Proxy
$ mkdir -p data/import/files
$ composer install -o
# chown -R www-data:www-data data/
# chmod -R 700 data/

View File

@ -33,7 +33,7 @@ Installation on RHEL 7.9
[root@monarc ~]# yum install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
```
## Install PHP 7.4, required modules & dependencies from Remi's repository:
## Install PHP 7.4, required modules & dependencies from Remi's repository (PHP8 or PHP8.1 can be used from Monarc v2.15.6):
```bash
[root@monarc ~]# yum install php74.x86_64 php74-php.x86_64 \
@ -108,12 +108,14 @@ CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_ge
## Install MONARC
```bash
[root@monarc ~]# mkdir -p /var/lib/monarc/fo
[root@monarc ~]# mkdir -p /var/www/html/monarc/fo
[root@monarc ~]# yum install git
[root@monarc ~]# git clone https://github.com/monarc-project/MonarcAppFO.git /var/lib/monarc/fo
[root@monarc ~]# cd /var/lib/monarc/fo
[root@monarc ~]# git clone https://github.com/monarc-project/MonarcAppFO.git /var/www/html/monarc/fo
[root@monarc ~]# cd /var/www/html/monarc/fo
[root@monarc fo]# mkdir -p data/cache
[root@monarc fo]# mkdir -p data/LazyServices/Proxy
[root@monarc fo]# mkdir -p data/DoctrineORMModule/Proxy
[root@monarc fo]# mkdir -p data/import/files
[root@monarc fo]# chmod -R g+w data
[root@monarc fo]# yum remove php-5.4.16 php-cli-5.4.16 php-common-5.4.16
```
@ -126,24 +128,28 @@ CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_ge
[root@monarc fo]# rm composer-setup.php
```
## Install PHP 7.4
## Install PHP. Php 7.4 (command below) can be a working solutin but recommended 8.0 or 8.1 from Monarc v2.15.6
```bash
[root@monarc fo]# yum install php74-php-cli
```
## Configure path
## Configure path (can be adjusted depending on the php version)
```bash
[root@monarc fo]# export PATH=$PATH:/opt/remi/php74/root/usr/bin:/opt/remi/php74/root/usr/sbin
[root@monarc fo]# ln -s /usr/bin/php74 /usr/bin/php
```
## Update
## Apply PHP configuration settings in your php.ini
https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26
## Update (The option --ignore-platform-req=php is used in case of php8.1)
```bash
[root@monarc fo]# composer self-update
[root@monarc fo]# composer install -o
[root@monarc fo]# composer install -o --ignore-platform-req=php
```
## Prepare Backend
@ -183,7 +189,7 @@ grant create, delete, insert, select, update, drop, alter on monarc_cli.* to 'mo
## Set up database connection
```bash
[root@monarc fo]# cd /var/lib/monarc/fo/config/autoload/
[root@monarc fo]# cd /var/www/html/monarc/fo/config/autoload/
[root@monarc autoload]# cp local.php.dist local.php
[root@monarc autoload]# vi local.php
```
@ -204,8 +210,11 @@ Reference: <https://github.com/nodesource/distributions>
## Set git branch
For the commnad below, the {LATEST-RELEASE-TAG} parameter can be found here (for example: v2.12.5-p4):
https://github.com/monarc-project/MonarcAppFO/releases
```bash
[root@monarc fo]# git branch --set-upstream-to=origin/master v2.11.1
[root@monarc fo]# git branch --set-upstream-to=origin/master {LATEST-RELEASE-TAG}
```
## Reconfigure SSH
@ -219,7 +228,7 @@ StrictHostKeyChecking no
## Trigger the update script
```bash
[root@monarc fo]# ./scripts/update-all.sh -c
[root@monarc fo]# ./scripts/update-all.sh
```
## Set permissions on MONARC website folder
@ -237,6 +246,7 @@ StrictHostKeyChecking no
[root@monarc conf.d]# systemctl stop firewalld
[root@monarc conf.d]# systemctl restart httpd.service
```
monarc.conf can be found [here](https://github.com/monarc-project/MonarcAppFO/blob/master/INSTALL/INSTALL.rhel7.md#configure-virtual-host)
## Create MONARC Admin User

View File

@ -60,6 +60,11 @@ Add php to $PATH
$ export PATH=$PATH:/opt/remi/php72/root/usr/bin:/opt/remi/php72/root/usr/sbin
Apply PHP configuration settings in your php.ini
https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26
Clone the repository and invoke composer
$ git clone https://github.com/monarc-project/MonarcAppFO.git fo

View File

@ -81,6 +81,7 @@ Especially by setting a strong root password.
$ mkdir -p data/cache
$ mkdir -p data/DoctrineORMModule/Proxy
$ mkdir -p data/LazyServices/Proxy
$ mkdir -p data/import/files
$ chmod -R g+w data
$ composer install -o

View File

@ -0,0 +1,209 @@
Installation on Ubuntu 20.04
============================
# 1. Install LAMP & dependencies
## 1.1. Install system dependencies
```bash
$ sudo apt-get install zip unzip git gettext curl
```
Some might already be installed.
## 1.2. Install MariaDB
```bash
$ sudo apt-get install mariadb-client mariadb-server
```
### Secure the MariaDB installation
```bash
$ sudo mysql_secure_installation
```
Especially by setting a strong root password.
## 1.3. Install Apache2
```bash
$ sudo apt-get install apache2
```
### Enable modules, settings, and default of SSL in Apache
```bash
$ sudo a2dismod status
$ sudo a2enmod ssl
$ sudo a2enmod rewrite
$ sudo a2enmod headers
```
### Apache Virtual Host
```conf
<VirtualHost _default_:80>
ServerAdmin admin@localhost.lu
ServerName monarc.local
DocumentRoot /var/lib/monarc/fo/public
<Directory /var/lib/monarc/fo/public>
DirectoryIndex index.php
AllowOverride All
Require all granted
</Directory>
<IfModule mod_headers.c>
Header always set X-Content-Type-Options nosniff
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Robots-Tag none
Header always set X-Frame-Options SAMEORIGIN
</IfModule>
SetEnv APP_ENV "development"
</VirtualHost>
```
## 1.4. Install PHP and dependencies (It's recommended to install php8 or php8.1 and all the modules of the version)
```bash
$ sudo apt-get install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-xml php-mbstring php-intl php-imagick php-zip php-bcmath
```
## Apply PHP configuration settings in your php.ini
https://github.com/monarc-project/MonarcAppFO/blob/master/vagrant/bootstrap.sh#L22-L26
## 1.5 Apply all changes
```bash
$ sudo systemctl restart apache2.service
```
# 2. Installation of MONARC
```bash
PATH_TO_MONARC='/var/lib/monarc/fo'
PATH_TO_MONARC_DATA='/var/lib/monarc/fo-data'
MONARC_VERSION=$(curl --silent -H 'Content-Type: application/json' https://api.github.com/repos/monarc-project/MonarcAppFO/releases/latest | jq -r '.tag_name')
MONARCFO_RELEASE_URL="https://github.com/monarc-project/MonarcAppFO/releases/download/$MONARC_VERSION/MonarcAppFO-$MONARC_VERSION.tar.gz"
$ mkdir -p /var/lib/monarc/releases/
# Download release
$ curl -sL $MONARCFO_RELEASE_URL -o /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL`
# Create release directory
$ mkdir /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'`
# Unarchive release
$ tar -xzf /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL` -C /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'`
# Create release symlink
$ ln -s /var/lib/monarc/releases/`basename $MONARCFO_RELEASE_URL | sed 's/.tar.gz//'` $PATH_TO_MONARC
# Create data and caches directories
$ mkdir -p $PATH_TO_MONARC_DATA/cache $PATH_TO_MONARC_DATA/DoctrineORMModule/Proxy $PATH_TO_MONARC_DATA/LazyServices/Proxy $PATH_TO_MONARC_DATA/import/files
# Create data directory symlink
$ ln -s $PATH_TO_MONARC_DATA $PATH_TO_MONARC/data
```
## 2.2. Databases
### Create a MariaDB user for MONARC
With the root MariaDB user create a new user for MONARC:
```sql
MariaDB [(none)]> CREATE USER 'monarc'@'%' IDENTIFIED BY 'password';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON * . * TO 'monarc'@'%';
MariaDB [(none)]> FLUSH PRIVILEGES;
```
### Create 2 databases
In your MariaDB interpreter:
```sql
MariaDB [(none)]> CREATE DATABASE monarc_cli DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
MariaDB [(none)]> CREATE DATABASE monarc_common DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
```
* monarc_common contains models and data created by CASES;
* monarc_cli contains all client risk analyses. Each analysis is based on CASES
model of monarc_common.
### Initializes the database
```bash
$ mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_structure.sql
$ mysql -u monarc -ppassword monarc_common < db-bootstrap/monarc_data.sql
```
### Database connection
Create the configuration file:
```bash
$ sudo cp ./config/autoload/local.php.dist ./config/autoload/local.php
```
And configure the database connection:
```php
return [
'doctrine' => [
'connection' => [
'orm_default' => [
'params' => [
'host' => 'localhost',
'user' => 'monarc',
'password' => 'password',
'dbname' => 'monarc_common',
],
],
'orm_cli' => [
'params' => [
'host' => 'localhost',
'user' => 'monarc',
'password' => 'password',
'dbname' => 'monarc_cli',
],
],
],
],
];
```
# 3. Migrating MONARC DB
```bash
$ php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/FrontOffice/migrations/phinx.php
$ php ./vendor/robmorgan/phinx/bin/phinx migrate -c module/Monarc/Core/migrations/phinx.php
```
# 4. Create initial user
```bash
$ php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/Monarc/FrontOffice/migrations/phinx.php
```
The username is *admin@admin.localhost* and the password is *admin*.
# 5. Statistics for Global Dashboard
If you would like to use the global dashboard stats feature, you need to
configure a Stats Service instance on your server.
The architecture, installation instructions and GitHub project can be found here:
- https://www.monarc.lu/documentation/stats-service/master/architecture.html
- https://www.monarc.lu/documentation/stats-service/master/installation.html
- https://github.com/monarc-project/stats-service
The communication of access to the StatsService is performed on each instance of
FrontOffice (clients).

View File

@ -1,12 +1,11 @@
MONARC - Method for an Optimised aNAlysis of Risks by CASES
===========================================================
MONARC
======
[![Latest Release](https://img.shields.io/github/release/monarc-project/MonarcAppFO.svg?style=flat-square)](https://github.com/monarc-project/MonarcAppFO/releases/latest)
![License](https://img.shields.io/github/license/monarc-project/MonarcAppFO.svg?style=flat-square)
![Contributors](https://img.shields.io/github/contributors/monarc-project/MonarcAppFO.svg?style=flat-square)
![Stars](https://img.shields.io/github/stars/monarc-project/MonarcAppFO.svg?style=flat-square)
[![Workflow](https://github.com/monarc-project/MonarcAppFO/workflows/build/badge.svg)](https://github.com/monarc-project/MonarcAppFO/actions?query=build)
[![Twitter](https://img.shields.io/twitter/follow/MONARCProject.svg?style=social&label=Follow)](https://twitter.com/MONARCproject)
Introduction
@ -76,14 +75,14 @@ License
This software is licensed under
[GNU Affero General Public License version 3](http://www.gnu.org/licenses/agpl-3.0.html)
- Copyright (C) 2016-2022 Jérôme Lombardi - https://github.com/jerolomb
- Copyright (C) 2016-2022 Juan Rocha - https://github.com/jfrocha
- Copyright (C) 2016-2022 SMILE gie securitymadein.lu
- Copyright (C) 2017-2022 Cédric Bonhomme - https://www.cedricbonhomme.org
- Copyright (C) 2016-2023 Luxembourg House of Cybersecurity
- Copyright (C) 2016-2023 Jérôme Lombardi - https://github.com/jerolomb
- Copyright (C) 2016-2023 Juan Rocha - https://github.com/jfrocha
- Copyright (C) 2017-2023 Cédric Bonhomme - https://www.cedricbonhomme.org
- Copyright (C) 2016-2017 Guillaume Lesniak
- Copyright (C) 2016-2017 Thomas Metois
- Copyright (C) 2016-2017 Jérôme De Almeida
- Copyright (C) 2019-2022 Ruslan Baidan - https://github.com/ruslanbaydan
- Copyright (C) 2019-2023 Ruslan Baidan - https://github.com/ruslanbaidan
For more information, [the list of authors and contributors](AUTHORS) is available.
@ -96,4 +95,4 @@ These objects are available through the
If a specific author wants to license an object under a different license,
a pull request can be requested.
You can find more information about MOSP on the
[dedicated repository](https://github.com/CASES-LU/MOSP).
[dedicated repository](https://github.com/NC3-LU/MOSP).

View File

@ -8,7 +8,7 @@ Last stable version of MONARC always provides security updates.
If you think you have found a potential security issue in MONARC, do not open
directly a GitHub issue. Please email us. You can contact
[info@cases.lu](mailto:info@cases.lu).
[opensource@nc3.lu](mailto:opensource@nc3.lu).
You can also specify how you would like to be credited for your finding
(commit message, release notes or blog post for the new release). We will

View File

@ -1 +1 @@
{"major":2, "minor":11, "hotfix":1}
{"major":2, "minor":12, "hotfix":7}

View File

@ -41,12 +41,13 @@
}
],
"require": {
"php": "^7.4",
"php": "^7.4 || ^8.0",
"ext-json": "*",
"ext-pdo": "*",
"ext-bcmath": "*",
"monarc/frontoffice": "^2.10.3",
"monarc/core": "^2.10.3",
"ext-openssl": "*",
"monarc/frontoffice": "^2.12.6",
"monarc/core": "^2.12.6",
"laminas/laminas-mvc": "^3.1",
"laminas/laminas-di": "^3.1",
"laminas/laminas-permissions-rbac": "^3.0",
@ -54,12 +55,14 @@
"laminas/laminas-i18n": "^2.9",
"symfony/console": "^5.0",
"laminas/laminas-dependency-plugin": "^2.0",
"laminas/laminas-mvc-middleware": "^2.2"
"laminas/laminas-mvc-middleware": "^2.2",
"robthree/twofactorauth": "^1.8",
"endroid/qr-code": "^4.4"
},
"require-dev": {
"roave/security-advisories": "dev-master",
"phpunit/phpunit": "^8.3",
"laminas/laminas-test": "^3.4"
"roave/security-advisories": "dev-latest",
"phpunit/phpunit": "^9.5",
"laminas/laminas-test": "^4.5"
},
"autoload-dev": {
"psr-4": {

4787
composer.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -5,26 +5,30 @@
*
* @see https://github.com/zendframework/ZFTool
*/
$env = getenv('APPLICATION_ENV') ?: 'production';
$env = getenv('APP_ENV') ?: 'production';
$appConfDir = getenv('APP_CONF_DIR') ?: null;
defined('PROJECT_ROOT') or define('PROJECT_ROOT', __DIR__ . '/../');
if ($env !== 'testing') {
$confPaths = ['config/autoload/{,*.}{global,local}.php'];
}
$dataPath = 'data';
if (!empty($appConfDir)) {
$confPaths[] = $appConfDir . '/local.php';
$dataPath = $appConfDir . '/data';
if (!is_dir($dataPath . '/cache')) {
if (!mkdir($concurrentDirectory = $dataPath . '/cache') && !is_dir($concurrentDirectory)) {
if (is_dir(PROJECT_ROOT . 'data/cache')) {
$dataPath = PROJECT_ROOT . 'data';
} elseif (!mkdir($concurrentDirectory = $dataPath . '/cache') && !is_dir($concurrentDirectory)) {
throw new \RuntimeException(sprintf('Directory "%s" was not created', $concurrentDirectory));
}
}
}
defined('DATA_PATH') or define('DATA_PATH', $dataPath);
return [
'modules' => [
'Laminas\Mvc\Console',
'Laminas\I18n',
'Laminas\Mail',
'Laminas\Log',

View File

@ -15,56 +15,56 @@ use Doctrine\DBAL\Driver\PDO\MySQL\Driver;
use Monarc\Core\Service\DoctrineCacheServiceFactory;
use Monarc\Core\Service\DoctrineLoggerFactory;
$appconfdir = getenv('APP_CONF_DIR') ?? '';
$datapath = "data";
if (!empty($appconfdir)) {
$datapath = $appconfdir . '/data';
$dataPath = 'data';
if (defined('DATA_PATH')) {
$dataPath = DATA_PATH;
} elseif (getenv('APP_CONF_DIR')) {
$dataPath = getenv('APP_CONF_DIR') . '/data';
}
return array(
return [
// DOCTRINE CONF
'service_manager' => array(
'factories' => array(
'service_manager' => [
'factories' => [
'doctrine.cache.mycache' => DoctrineCacheServiceFactory::class,
'doctrine.monarc_logger' => DoctrineLoggerFactory::class,
),
),
'doctrine' => array(
'connection' => array(
'orm_default' => array(
],
],
'doctrine' => [
'connection' => [
'orm_default' => [
'driverClass' => Driver::class,
'params' => array(
'params' => [
'host' => 'localhost',
'port' => 3306,
'user' => 'root',
'password' => '',
'dbname' => 'monarc_common',
'charset' => 'utf8',
'driverOptions' => array(
'driverOptions' => [
PDO::ATTR_STRINGIFY_FETCHES => false,
PDO::ATTR_EMULATE_PREPARES => false,
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
),
),
),
'orm_cli' => array(
],
],
],
'orm_cli' => [
'driverClass' => Driver::class,
'params' => array(
'params' => [
'host' => 'localhost',
'port' => 3306,
'user' => 'root',
'password' => '',
'dbname' => 'monarc_cli',
'charset' => 'utf8',
'driverOptions' => array(
'driverOptions' => [
PDO::ATTR_STRINGIFY_FETCHES => false,
PDO::ATTR_EMULATE_PREPARES => false,
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8',
),
),
),
),
],
],
],
],
/*'migrations_configuration' => array(
'orm_default' => array(
'name' => 'Monarc Migrations',
@ -81,49 +81,49 @@ return array(
'column' => 'version',
),
),*/
'entitymanager' => array(
'orm_default' => array(
'entitymanager' => [
'orm_default' => [
'connection' => 'orm_default',
'configuration' => 'orm_default'
),
'orm_cli' => array(
'configuration' => 'orm_default',
],
'orm_cli' => [
'connection' => 'orm_cli',
'configuration' => 'orm_cli',
),
),
],
],
// https://github.com/beberlei/DoctrineExtensions/blob/master/config/mysql.yml
'configuration' => array(
'orm_default' => array(
'configuration' => [
'orm_default' => [
'metadata_cache' => 'mycache',
'query_cache' => 'mycache',
'result_cache' => 'mycache',
'driver' => 'orm_default', // This driver will be defined later
'generate_proxies' => true,
'proxy_dir' => $datapath.'/DoctrineORMModule/Proxy',
'proxy_dir' => $dataPath . '/DoctrineORMModule/Proxy',
'proxy_namespace' => 'DoctrineORMModule\Proxy',
'filters' => array(),
'datetime_functions' => array(),
'string_functions' => array(),
'numeric_functions' => array(),
'second_level_cache' => array(),
'filters' => [],
'datetime_functions' => [],
'string_functions' => [],
'numeric_functions' => [],
'second_level_cache' => [],
'sql_logger' => 'doctrine.monarc_logger',
),
'orm_cli' => array(
],
'orm_cli' => [
'metadata_cache' => 'mycache',
'query_cache' => 'mycache',
'result_cache' => 'mycache',
'driver' => 'orm_cli', // This driver will be defined later
'generate_proxies' => true,
'proxy_dir' => $datapath.'/DoctrineORMModule/Proxy',
'proxy_dir' => $dataPath . '/DoctrineORMModule/Proxy',
'proxy_namespace' => 'DoctrineORMModule\Proxy',
'filters' => array(),
'datetime_functions' => array(),
'string_functions' => array(),
'numeric_functions' => array(),
'second_level_cache' => array(),
'filters' => [],
'datetime_functions' => [],
'string_functions' => [],
'numeric_functions' => [],
'second_level_cache' => [],
'sql_logger' => 'doctrine.monarc_logger',
),
),
),
],
],
],
// END DOCTRINE CONF
);
];

View File

@ -10,6 +10,9 @@
* in ZendSkeletonApplication. This is a good practice, as it prevents sensitive
* credentials from accidentally being committed into version control.
*/
$appdir = getenv('APP_DIR') ?: '/var/lib/monarc';
$package_json = json_decode(file_get_contents('./package.json'), true);
return [
@ -95,6 +98,9 @@ return [
'from' => 'info@monarc.lu',
],
'instanceName' => 'Development', // for example a short URL or client name from ansible
'twoFactorAuthEnforced' => false,
'terms' => 'https://my.monarc.lu/terms.html',
'monarc' => [
@ -102,10 +108,17 @@ return [
'cliModel' => 'generic',
],
'twoFactorAuthEnforced' => false,
'mospApiUrl' => 'https://objects.monarc.lu/api/',
'statsApi' => [
'baseUrl' => 'http://127.0.0.1:5005',
'apiKey' => '',
],
'import' => [
'uploadFolder' => $appdir . '/data/import/files',
'isBackgroundProcessActive' => false,
],
];

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

4808
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
{
"name": "MONARC",
"version": "2.11.1",
"version": "2.12.7",
"description": "Monarc front office application",
"private": true,
"repository": {
@ -10,11 +10,11 @@
"author": "CASES",
"license": "GNU Affero General Public License version 3",
"dependencies": {
"ng_anr": "git+https://github.com/monarc-project/ng-anr.git#master",
"ng_client": "git+https://github.com/monarc-project/ng-client.git#master"
"ng_anr": "git+https://github.com/monarc-project/ng-anr.git",
"ng_client": "git+https://github.com/monarc-project/ng-client.git"
},
"devDependencies": {
"grunt": "~1.4.0",
"grunt-cli": "~1.4.2"
"grunt": "~1.5.3",
"grunt-cli": "~1.4.3"
}
}

View File

@ -44,7 +44,7 @@ return array(
),
'environments' => array(
'default_migration_table' => 'phinxlog',
'default_database' => 'cli',
'default_environment' => 'cli',
'cli' => array(
'adapter' => 'mysql',
'host' => '$SQLHOST',

View File

@ -43,7 +43,7 @@ cd dialogs/ && find ../../../node_modules/ng_client/views/dialogs -maxdepth 1 -n
cd ../../js/ && find ../../node_modules/ng_client/src -name "*" -exec ln -s {} \; 2>/dev/null
cd ../css/ && find ../../node_modules/ng_client/css -name "*" -exec ln -s {} \; 2>/dev/null
cd ../img/ && find ../../node_modules/ng_client/img -name "*" -exec ln -s {} \; 2>/dev/null
cd ../flags/ && find ../../node_modules/ng_client/node_modules/ng-country-flags/dist/flags -mindepth 1 -type d -exec ln -s {} \; 2>/dev/null
cd ../flags/ && find ../../node_modules/ng_client/node_modules/flag-icons/flags -mindepth 1 -type d -exec ln -s {} \; 2>/dev/null
cd ../js/
mkdir -p anr

View File

@ -0,0 +1,19 @@
#! /usr/bin/env bash
# local use:
#for conf_file_path in /home/vagrant/monarc/config/*/local.php
for conf_file_path in /var/www/*/local.php
do
config_path=$(dirname "$conf_file_path")
export APP_CONF_DIR=$config_path
echo "[$(date)] Import analyses for: $config_path."
# local use:
#./bin/console monarc:import-analyses >> data/background_import.log
/var/lib/monarc/fo/bin/console monarc:import-analyses >> "$config_path"/data/background_import.log
echo "[$(date)] Finished."
done

View File

@ -64,9 +64,9 @@ if [[ $? -eq 1 ]]; then
fi
if [[ $isDevEnv -eq 0 ]]; then
composer ins -o --no-dev
composer ins -o --no-dev --no-cache --ignore-platform-req=php
else
composer ins
composer ins --ignore-platform-req=php
fi
pathCore="module/Monarc/Core"
@ -94,8 +94,6 @@ if [[ -d node_modules && -d node_modules/ng_anr ]]; then
else
npm update
fi
else
npm ci
fi
cd node_modules/ng_client
@ -106,18 +104,17 @@ cd ../..
./scripts/compile_translations.sh
if [[ $forceClearCache -eq 1 ]]; then
# Clear doctrine cache
# Move to Monarc/Core Module.php
php ./public/index.php orm:clear-cache:metadata
php ./public/index.php orm:clear-cache:query
php ./public/index.php orm:clear-cache:result
# Clear Laminas cache
rm -rf data/cache/*
rm -rf data/DoctrineORMModule/Proxy/*
rm -rf data/LazyServices/Proxy/*
# Clear ZF2 cache
# Clear Laminas cache
touch ./data/cache/upgrade && chmod 777 ./data/cache/upgrade
fi
if [[ $forceClearCache -eq 0 && $bypass -eq 0 ]]; then
# Clear ZF2 cache
# Clear Laminas cache
touch ./data/cache/upgrade && chmod 777 ./data/cache/upgrade
fi

View File

@ -0,0 +1,10 @@
#!/bin/bash
pushd node_modules/ng_client
if [[ -d po && -f po/template.pot ]]; then
for f in po/*.po; do
msgmerge --backup=none -U "$f" po/template.pot
msgattrib --no-obsolete --clear-fuzzy --empty -o "$f" "$f"
done;
fi

8
vagrant/Vagrantfile vendored
View File

@ -10,8 +10,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# please see the online documentation at vagrantup.com.
# Every Vagrant virtual environment requires a box to build off of.
config.vm.box = "bento/ubuntu-20.04"
config.disksize.size = "50GB"
config.vm.box = "bento/ubuntu-22.04"
config.disksize.size = "100GB"
config.vm.provision "shell", privileged: false, path: "bootstrap.sh"
# Disable automatic box update checking. If you disable this, then
@ -56,8 +56,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# vb.gui = true
#
# # Use VBoxManage to customize the VM. For example to change memory:
vb.customize ["modifyvm", :id, "--memory", "2048"]
vb.customize ["modifyvm", :id, "--name", "MONARC FO - Ubuntu 20.04 - DEV"]
vb.customize ["modifyvm", :id, "--memory", "4092"]
vb.customize ["modifyvm", :id, "--name", "MONARC FO - Ubuntu 22.04 - DEV"]
end
#
# View the documentation for the provider you're using for more

View File

@ -24,13 +24,9 @@ post_max_size=50M
max_execution_time=100
max_input_time=223
memory_limit=512M
# session expires in 1 week:
session.gc_maxlifetime=604800
session.gc_probability=1
session.gc_divisor=1000
PHP_INI=/etc/php/7.4/apache2/php.ini
XDEBUG_CFG=/etc/php/7.4/apache2/conf.d/20-xdebug.ini
PHP_INI=/etc/php/8.1/apache2/php.ini
XDEBUG_CFG=/etc/php/8.1/apache2/conf.d/20-xdebug.ini
MARIA_DB_CFG=/etc/mysql/mariadb.conf.d/50-server.cnf
# Stats service
@ -59,9 +55,9 @@ sudo apt-get update && sudo apt-get upgrade -y
echo -e "\n--- Install base packages… ---\n"
sudo apt-get -y install vim zip unzip git gettext curl gsfonts > /dev/null
echo -e "\n--- Install MariaDB specific packages and settings… ---\n"
sudo apt-get -y install mariadb-server mariadb-client > /dev/null
sudo apt -y install mariadb-server mariadb-client
# Secure the MariaDB installation (especially by setting a strong root password)
sudo systemctl restart mariadb.service > /dev/null
sleep 5
@ -88,11 +84,14 @@ expect -f - <<-EOF
send -- "y\r"
expect eof
EOF
sudo apt-get purge -y expect php-xdebug > /dev/null 2>&1
sudo apt-get purge -y expect > /dev/null 2>&1
echo -e "\n--- Configuring… ---\n"
sudo sed -i "s/skip-external-locking/#skip-external-locking/g" $MARIA_DB_CFG
sudo sed -i "s/.*bind-address.*/bind-address = 0.0.0.0/" $MARIA_DB_CFG
sudo sed -i "s/.*character-set-server.*/character-set-server = utf8mb4/" $MARIA_DB_CFG
sudo sed -i "s/.*collation-server.*/collation-server = utf8mb4_general_ci/" $MARIA_DB_CFG
echo -e "\n--- Setting up our MariaDB user for MONARC… ---\n"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "CREATE USER '$DBUSER_MONARC'@'%' IDENTIFIED BY '$DBPASSWORD_MONARC';"
@ -100,20 +99,27 @@ sudo mysql -u root -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES ON * . * TO '$DB
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;"
sudo systemctl restart mariadb.service > /dev/null
echo -e "\n--- Installing Apache… ---\n"
sudo apt install apache2 -y
echo -e "\n--- Installing PHP-specific packages… ---\n"
sudo apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-imagick php-zip php-xdebug php-bcmath > /dev/null
sudo apt-get install -y php8.1 php8.1-cli php8.1-common php8.1-mysql php8.1-zip php8.1-gd php8.1-mbstring php8.1-curl php8.1-xml php8.1-bcmath php8.1-intl php8.1-imagic php8.1-xdebug > /dev/null
echo -e "\n--- Configuring PHP… ---\n"
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
do
sudo sed -i "s/^\($key\).*/\1 = $(eval echo \${$key})/" $PHP_INI
done
# session expires in 1 week:
sudo sed -i "s/^\(session\.gc_maxlifetime\).*/\1 = $(eval echo 604800)/" $PHP_INI
sudo sed -i "s/^\(session\.gc_probability\).*/\1 = $(eval echo 1)/" $PHP_INI
sudo sed -i "s/^\(session\.gc_divisor\).*/\1 = $(eval echo 1000)/" $PHP_INI
echo -e "\n--- Configuring Xdebug for development ---\n"
sudo bash -c "cat << EOF > $XDEBUG_CFG
zend_extension=xdebug.so
xdebug.remote_enable=1
xdebug.remote_connect_back=1
xdebug.mode=debug
xdebug.discover_client_host=1
xdebug.idekey=IDEKEY
EOF"
@ -132,7 +138,7 @@ if [ $? -ne 0 ]; then
echo "\nERROR: unable to install composer\n"
exit 1;
fi
# sudo composer self-update
sudo composer self-update
echo -e "\n--- Installing MONARC… ---\n"
cd $PATH_TO_MONARC
@ -152,6 +158,10 @@ cd $PATH_TO_MONARC
# Front-end
echo -e "\n--- Installation of Node, NPM… ---\n"
curl -sL https://deb.nodesource.com/setup_15.x | sudo bash -
sudo apt-get install -y nodejs npm
mkdir -p node_modules
cd node_modules
if [ ! -d "ng_client" ]; then
@ -199,15 +209,9 @@ echo -e "\n--- Restarting Apache… ---\n"
sudo systemctl restart apache2.service > /dev/null
echo -e "\n--- Installation of Node, NPM and Grunt… ---\n"
curl -sL https://deb.nodesource.com/setup_15.x | sudo bash -
sudo apt-get install -y nodejs
echo -e "\n--- Installing the stats service… ---\n"
sudo apt-get -y install postgresql python3-pip python3-venv
sudo update-alternatives --install /usr/bin/python python /usr/bin/python2 10
sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 20
sudo apt-get -y install postgresql python3 python3-pip python3-venv
sudo -u postgres psql -c "CREATE USER $STATS_DB_USER WITH PASSWORD '$STATS_DB_PASSWORD';"
sudo -u postgres psql -c "ALTER USER $STATS_DB_USER WITH SUPERUSER;"
@ -352,6 +356,11 @@ return [
'baseUrl' => 'http://127.0.0.1:$STATS_PORT',
'apiKey' => '$apiKey',
],
'import' => [
'uploadFolder' => '$appdir/data/import/files',
'isBackgroundProcessActive' => false,
],
];
EOF
@ -368,6 +377,7 @@ echo -e "\n--- Creating cache folders for backend… ---\n"
mkdir -p $PATH_TO_MONARC/data/cache
mkdir -p $PATH_TO_MONARC/data/LazyServices/Proxy
mkdir -p $PATH_TO_MONARC/data/DoctrineORMModule/Proxy
mkdir -p $PATH_TO_MONARC/data/import/files
echo -e "\n--- Adjusting user mod… ---\n"

View File

@ -36,9 +36,7 @@ wsl -s Ubuntu
In WLS shell:
```bash
$ cd ~
$ git clone https://github.com/monarc-project/MonarcAppFO
$ bash ./MonarcAppFO/wsl/installFO.sh
$ curl -sSL https://raw.githubusercontent.com/monarc-project/MonarcAppFO/master/wsl/installFO.sh | bash
```
Once the VM will be configured by WSL, go to the address in the browser
@ -57,10 +55,7 @@ accessible on```http://localhost:5005```
In WLS shell:
```bash
$ cd ~
$ git clone https://github.com/monarc-project/MonarcAppFO
$ git clone https://github.com/monarc-project/MonarcAppBO
$ bash ./MonarcAppFO/wsl/installFull.sh
$ curl -sSL https://raw.githubusercontent.com/monarc-project/MonarcAppFO/master/wsl/installFull.sh | bash
```
Once the VM will be configured by WSL:

View File

@ -21,20 +21,19 @@ max_execution_time=100
max_input_time=223
memory_limit=512M
PHP_INI=/etc/php/7.4/apache2/php.ini
XDEBUG_CFG=/etc/php/7.4/apache2/conf.d/20-xdebug.ini
PHP_INI=/etc/php/8.1/apache2/php.ini
XDEBUG_CFG=/etc/php/8.1/apache2/conf.d/20-xdebug.ini
MARIA_DB_CFG=/etc/mysql/mariadb.conf.d/50-server.cnf
# Stats service
STATS_PATH=$HOME/stats-service
STATS_HOST='0.0.0.0'
STATS_PORT='5005'
STATS_DB_NAME='statsservice'
STATS_DB_USER='sqlmonarcuser'
STATS_DB_PASSWORD="sqlmonarcuser"
STATS_DB_USER='statsserviceuser'
STATS_DB_PASSWORD="password"
STATS_SECRET_KEY="$(openssl rand -hex 32)"
echo -e "\n--- Installing now… ---\n"
sudo chmod 755 $HOME
sudo apt-get update > /dev/null 2>&1
echo -e "\n--- Updating packages list… ---\n"
@ -47,7 +46,7 @@ sudo apt-get -y install vim zip unzip git gettext curl gsfonts > /dev/null
echo -e "\n--- Install MariaDB specific packages and settings… ---\n"
sudo apt-get -y install mariadb-server mariadb-client > /dev/null
# Secure the MariaDB installation (especially by setting a strong root password)
sudo service mysql restart > /dev/null
sudo service mariadb restart > /dev/null
sleep 5
sudo mysql_secure_installation > /dev/null 2>&1 <<EOF
@ -68,10 +67,10 @@ echo -e "\n--- Setting up our MariaDB user for MONARC… ---\n"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "CREATE USER '$DBUSER_MONARC'@'%' IDENTIFIED BY '$DBPASSWORD_MONARC';"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES ON * . * TO '$DBUSER_MONARC'@'%';"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;"
sudo service mysql restart > /dev/null
sudo service mariadb restart > /dev/null
echo -e "\n--- Installing PHP-specific packages… ---\n"
sudo apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-imagick php-zip php-xdebug php-bcmath > /dev/null 2>&1
sudo apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-zip php-xdebug php-bcmath > /dev/null 2>&1
echo -e "\n--- Configuring PHP… ---\n"
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
@ -104,8 +103,9 @@ fi
echo -e "\n--- Installing MONARC… ---\n"
git clone --config core.fileMode=false https://github.com/monarc-project/MonarcAppFO $PATH_TO_MONARC > /dev/null 2>&1
cd $PATH_TO_MONARC
git config core.fileMode false
echo -e "\n--- Installing the dependencies… ---\n"
composer ins > /dev/null 2>&1
@ -170,7 +170,7 @@ sudo service apache2 restart > /dev/null
echo -e "\n--- Installation of Node, NPM and Grunt… ---\n"
curl -sL https://deb.nodesource.com/setup_15.x | sudo bash - > /dev/null 2>&1
sudo apt-get install -y nodejs > /dev/null 2>&1
sudo apt-get install -y nodejs npm > /dev/null 2>&1
sudo npm install -g grunt-cli > /dev/null 2>&1
@ -183,49 +183,23 @@ sudo -u postgres psql -c "CREATE USER $STATS_DB_USER WITH PASSWORD '$STATS_DB_PA
sudo -u postgres psql -c "ALTER USER $STATS_DB_USER WITH SUPERUSER;" > /dev/null
cd ~
curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python > /dev/null
echo 'export PATH="$PATH:$HOME/.poetry/bin"' >> ~/.bashrc
curl -sSL https://install.python-poetry.org | python3 - > /dev/null
echo 'export PATH="$PATH:$HOME/.local/bin"' >> ~/.bashrc
echo 'export FLASK_APP=runserver.py' >> ~/.bashrc
echo 'export STATS_CONFIG=production.py' >> ~/.bashrc
git clone https://github.com/monarc-project/stats-service $STATS_PATH > /dev/null 2>&1
cd $STATS_PATH
export PATH="$PATH:$HOME/.poetry/bin"
export PATH="$PATH:$HOME/.local/bin"
export FLASK_APP=runserver.py
export STATS_CONFIG=production.py
npm ci > /dev/null 2>&1
poetry install --no-dev > /dev/null
poetry install > /dev/null 2>&1
cp instance/production.py.cfg instance/production.py
bash -c "cat << EOF > $STATS_PATH/instance/production.py
HOST = '$STATS_HOST'
PORT = $STATS_PORT
DEBUG = False
TESTING = False
INSTANCE_URL = 'http://127.0.0.1:$STATS_PORT'
ADMIN_EMAIL = 'info@cases.lu'
ADMIN_URL = 'https://www.cases.lu'
REMOTE_STATS_SERVER = 'https://dashboard.monarc.lu'
DB_CONFIG_DICT = {
'user': '$STATS_DB_USER',
'password': '$STATS_DB_PASSWORD',
'host': 'localhost',
'port': 5432,
}
DATABASE_NAME = '$STATS_DB_NAME'
SQLALCHEMY_DATABASE_URI = 'postgresql://{user}:{password}@{host}:{port}/{name}'.format(
name=DATABASE_NAME, **DB_CONFIG_DICT
)
SQLALCHEMY_TRACK_MODIFICATIONS = False
SECRET_KEY = '$STATS_SECRET_KEY'
LOG_PATH = './var/stats.log'
MOSP_URL = 'https://objects.monarc.lu'
EOF"
sed -i "s/\"postgres\"/\"$STATS_DB_USER\"/" instance/production.py
sed -i "s/password/$STATS_DB_PASSWORD/" instance/production.py
sed -i "s/SECRET_KEY.*/SECRET_KEY = \"$STATS_SECRET_KEY\"/" instance/production.py
FLASK_APP=runserver.py poetry run flask db_create
FLASK_APP=runserver.py poetry run flask db_init
@ -289,9 +263,14 @@ return [
],
'statsApi' => [
'baseUrl' => 'http://127.0.0.1:$STATS_PORT',
'baseUrl' => 'http://127.0.0.1:5000',
'apiKey' => '$apiKey',
],
'import' => [
'uploadFolder' => '$appdir/data/import/files',
'isBackgroundProcessActive' => false,
],
];
EOF
@ -308,6 +287,7 @@ echo -e "\n--- Creating cache folders for backend… ---\n"
mkdir -p $PATH_TO_MONARC/data/cache
mkdir -p $PATH_TO_MONARC/data/LazyServices/Proxy
mkdir -p $PATH_TO_MONARC/data/DoctrineORMModule/Proxy
mkdir -p $PATH_TO_MONARC/data/import/files
chmod -R g+w $PATH_TO_MONARC/data
sudo chown -R www-data:www-data data
@ -326,7 +306,7 @@ sudo service apache2 restart > /dev/null
echo -e "\n--- Adding autostart Services ---\n"
cat >> ~/.bashrc <<EOF
# Autostart services
wsl.exe -u root service mysql start > /dev/null
wsl.exe -u root service mariadb start > /dev/null
wsl.exe -u root service apache2 start > /dev/null
wsl.exe -u root service postgresql start > /dev/null
cd ~/stats-service/ ; poetry run nohup python runserver.py > /dev/null 2>&1 &
@ -334,5 +314,5 @@ cd ~
EOF
echo -e "MONARC FO is ready and available at http://localhost"
echo -e "Stats service is ready and available at http://localhost:$STATS_PORT"
echo -e "Stats service is ready and available at http://localhost:5000"
echo -e "user: admin@admin.localhost / password: admin"

View File

@ -23,20 +23,19 @@ max_execution_time=100
max_input_time=223
memory_limit=512M
PHP_INI=/etc/php/7.4/apache2/php.ini
XDEBUG_CFG=/etc/php/7.4/apache2/conf.d/20-xdebug.ini
PHP_INI=/etc/php/8.1/apache2/php.ini
XDEBUG_CFG=/etc/php/8.1/apache2/conf.d/20-xdebug.ini
MARIA_DB_CFG=/etc/mysql/mariadb.conf.d/50-server.cnf
# Stats service
STATS_PATH=$HOME/stats-service
STATS_HOST='0.0.0.0'
STATS_PORT='5005'
STATS_DB_NAME='statsservice'
STATS_DB_USER='sqlmonarcuser'
STATS_DB_PASSWORD="sqlmonarcuser"
STATS_DB_USER='statsserviceuser'
STATS_DB_PASSWORD="password"
STATS_SECRET_KEY="$(openssl rand -hex 32)"
echo -e "\n--- Installing now… ---\n"
sudo chmod 755 $HOME
sudo apt-get update > /dev/null 2>&1
echo -e "\n--- Updating packages list… ---\n"
@ -49,7 +48,7 @@ sudo apt-get -y install vim zip unzip git gettext curl gsfonts > /dev/null
echo -e "\n--- Install MariaDB specific packages and settings… ---\n"
sudo apt-get -y install mariadb-server mariadb-client > /dev/null
# Secure the MariaDB installation (especially by setting a strong root password)
sudo service mysql restart > /dev/null
sudo service mariadb restart > /dev/null
sleep 5
sudo mysql_secure_installation > /dev/null 2>&1 <<EOF
@ -70,10 +69,10 @@ echo -e "\n--- Setting up our MariaDB user for MONARC… ---\n"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "CREATE USER '$DBUSER_MONARC'@'%' IDENTIFIED BY '$DBPASSWORD_MONARC';"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "GRANT ALL PRIVILEGES ON * . * TO '$DBUSER_MONARC'@'%';"
sudo mysql -u root -p$DBPASSWORD_ADMIN -e "FLUSH PRIVILEGES;"
sudo service mysql restart > /dev/null
sudo service mariadb restart > /dev/null
echo -e "\n--- Installing PHP-specific packages… ---\n"
sudo apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-imagick php-zip php-xdebug php-bcmath > /dev/null 2>&1
sudo apt-get -y install php apache2 libapache2-mod-php php-curl php-gd php-mysql php-pear php-apcu php-xml php-mbstring php-intl php-zip php-xdebug php-bcmath > /dev/null 2>&1
echo -e "\n--- Configuring PHP… ---\n"
for key in upload_max_filesize post_max_size max_execution_time max_input_time memory_limit
@ -110,8 +109,10 @@ fi
echo -e "\n--- Installing MONARC … ---\n"
git clone --config core.fileMode=false https://github.com/monarc-project/MonarcAppFO $PATH_TO_MONARC_FO > /dev/null 2>&1
git clone --config core.fileMode=false https://github.com/monarc-project/MonarcAppBO $PATH_TO_MONARC_BO > /dev/null 2>&1
cd $PATH_TO_MONARC_FO
git config core.fileMode false
echo -e "\n--- Installing the FO dependencies… ---\n"
@ -123,10 +124,9 @@ mkdir -p module/Monarc
cd module/Monarc
ln -sfn ./../../vendor/monarc/core Core
ln -sfn ./../../vendor/monarc/frontoffice FrontOffice
cd $PATH_TO_MONARC_FO
# Front-end
mkdir -p node_modules
cd node_modules
@ -146,7 +146,6 @@ if [ $? -ne 0 ]; then
fi
cd $PATH_TO_MONARC_BO
git config core.fileMode false
echo -e "\n--- Installing the BO dependencies… ---\n"
composer ins > /dev/null 2>&1
@ -234,7 +233,7 @@ sudo service apache2 restart > /dev/null
echo -e "\n--- Installation of Node, NPM and Grunt… ---\n"
curl -sL https://deb.nodesource.com/setup_15.x | sudo bash - > /dev/null 2>&1
sudo apt-get install -y nodejs > /dev/null 2>&1
sudo apt-get install -y nodejs npm > /dev/null 2>&1
sudo npm install -g grunt-cli > /dev/null 2>&1
@ -247,49 +246,23 @@ sudo -u postgres psql -c "CREATE USER $STATS_DB_USER WITH PASSWORD '$STATS_DB_PA
sudo -u postgres psql -c "ALTER USER $STATS_DB_USER WITH SUPERUSER;" > /dev/null
cd ~
curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python > /dev/null
echo 'export PATH="$PATH:$HOME/.poetry/bin"' >> ~/.bashrc
curl -sSL https://install.python-poetry.org | python3 - > /dev/null > /dev/null
echo 'export PATH="$PATH:$HOME/.local/bin"' >> ~/.bashrc
echo 'export FLASK_APP=runserver.py' >> ~/.bashrc
echo 'export STATS_CONFIG=production.py' >> ~/.bashrc
git clone https://github.com/monarc-project/stats-service $STATS_PATH > /dev/null 2>&1
cd $STATS_PATH
export PATH="$PATH:$HOME/.poetry/bin"
export PATH="$PATH:$HOME/.local/bin"
export FLASK_APP=runserver.py
export STATS_CONFIG=production.py
npm ci > /dev/null 2>&1
poetry install --no-dev > /dev/null
poetry install > /dev/null 2>&1
cp instance/production.py.cfg instance/production.py
bash -c "cat << EOF > $STATS_PATH/instance/production.py
HOST = '$STATS_HOST'
PORT = $STATS_PORT
DEBUG = False
TESTING = False
INSTANCE_URL = 'http://127.0.0.1:$STATS_PORT'
ADMIN_EMAIL = 'info@cases.lu'
ADMIN_URL = 'https://www.cases.lu'
REMOTE_STATS_SERVER = 'https://dashboard.monarc.lu'
DB_CONFIG_DICT = {
'user': '$STATS_DB_USER',
'password': '$STATS_DB_PASSWORD',
'host': 'localhost',
'port': 5432,
}
DATABASE_NAME = '$STATS_DB_NAME'
SQLALCHEMY_DATABASE_URI = 'postgresql://{user}:{password}@{host}:{port}/{name}'.format(
name=DATABASE_NAME, **DB_CONFIG_DICT
)
SQLALCHEMY_TRACK_MODIFICATIONS = False
SECRET_KEY = '$STATS_SECRET_KEY'
LOG_PATH = './var/stats.log'
MOSP_URL = 'https://objects.monarc.lu'
EOF"
sed -i "s/\"postgres\"/\"$STATS_DB_USER\"/" instance/production.py
sed -i "s/password/$STATS_DB_PASSWORD/" instance/production.py
sed -i "s/SECRET_KEY.*/SECRET_KEY = \"$STATS_SECRET_KEY\"/" instance/production.py
FLASK_APP=runserver.py poetry run flask db_create
FLASK_APP=runserver.py poetry run flask db_init
@ -351,9 +324,14 @@ return [
],
'statsApi' => [
'baseUrl' => 'http://127.0.0.1:$STATS_PORT',
'baseUrl' => 'http://127.0.0.1:5000',
'apiKey' => '$apiKey',
],
'import' => [
'uploadFolder' => '$appdir/data/import/files',
'isBackgroundProcessActive' => false,
],
];
EOF
@ -417,6 +395,7 @@ echo -e "\n--- Creating cache folders for backend… ---\n"
mkdir -p $PATH_TO_MONARC_FO/data/cache
mkdir -p $PATH_TO_MONARC_FO/data/LazyServices/Proxy
mkdir -p $PATH_TO_MONARC_FO/data/DoctrineORMModule/Proxy
mkdir -p $$PATH_TO_MONARC_FO/data/import/files
chmod -R g+w $PATH_TO_MONARC_FO/data
mkdir -p $PATH_TO_MONARC_BO/data/cache
mkdir -p $PATH_TO_MONARC_BO/data/LazyServices/Proxy
@ -444,7 +423,7 @@ sudo service apache2 restart > /dev/null
echo -e "\n--- Adding autostart Services ---\n"
cat >> ~/.bashrc <<EOF
# Autostart services
wsl.exe -u root service mysql start > /dev/null
wsl.exe -u root service mariadb start > /dev/null
wsl.exe -u root service apache2 start > /dev/null
wsl.exe -u root service postgresql start > /dev/null
cd ~/stats-service/ ; poetry run nohup python runserver.py > /dev/null 2>&1 &
@ -453,5 +432,5 @@ EOF
echo -e "MONARC FO is ready and available at http://localhost"
echo -e "MONARC BO is ready and available at http://localhost:8080"
echo -e "Stats service is ready and available at http://localhost:$STATS_PORT"
echo -e "Stats service is ready and available at http://localhost:5000"
echo -e "user: admin@admin.localhost / password: admin"