server-configs/machines/gerd/services/member-website/app.py

117 lines
3.2 KiB
Python
Raw Normal View History

#!/usr/bin/env nix-shell
#!nix-shell --pure -i python3 -p "python3.withPackages (ps: with ps; [ flask ])"
from typing import Any
from flask import Flask, request
from flask import render_template, render_template_string
import argparse
import logging
import json
import sys
logging.basicConfig()
logger = logging.getLogger(__name__)
app = Flask(__name__)
services_data: dict[str, Any] = {}
tmpl_index = """
<!doctype html>
<title>Members Area</title>
<b>Welcome to the members area {% if user.name %} {{ user.name }} {% else %} {{ user.username }} {% endif %}!</b>
<h1>Services</h1>
{% for name, info in services.items() %}
<h3>{{ info.name }}</h3>
{{ info.description }}
<br>
<a href="{{ info.url }}">{{ info.url }}</a>
<pre>
Package name: {{ info.package.name }}
Package version: {{ info.package.version }}
Package homepage: {{ info.package.meta.homepage }}
License: <a href="{{ info.package.meta.license.url }}">{{ info.package.meta.license.spdxId }} ({{ info.package.meta.license.shortName }})</a>
Unfree: {{ info.package.meta.unfree }}
<pre>
<hr>
{% endfor %}
"""
def extract_secrets() -> dict[str, str]:
new_args = {}
# read all secrets
for service in services_data.values():
for k, v in service.get("secrets", {}).items():
try:
fcontent = open(v, "r").read()
except Exception as e:
logger.exception("unable to open secret file", e)
continue
isEnv: bool = False
if v.endswith("env"):
isEnv = True
if not isEnv:
new_args[k.upper()] = fcontent
continue
# parse env file
for line in fcontent.splitlines():
line = line.strip()
if not line:
continue
envkey, envvalue = line.split("=", maxsplit=1)
if envvalue[0] == '"' or envvalue[1] == "'":
envvalue = envvalue[1:-1]
new_args[envkey.upper()] = envvalue
return new_args
@app.route("/")
def index():
# extract user information
user_info = {
"username": request.headers.get("Remote-User"),
"name": request.headers.get("Remote-Name"),
"groups": request.headers.get("Remote-Groups"),
"email": request.headers.get("Remote-Email"),
}
tmpl_firstpass = render_template_string(
tmpl_index,
services=services_data,
user=user_info,
)
return render_template_string(
tmpl_firstpass,
user=user_info,
secrets=extract_secrets(),
)
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument(
"--debug",
type=bool,
action=argparse.BooleanOptionalAction,
default=False,
)
parser.add_argument("--listen", type=str, default="127.0.0.1")
parser.add_argument("--port", type=int, default=5000)
parser.add_argument("--meta-json", type=str, required=True)
args = parser.parse_args()
if args.debug:
logger.setLevel(logging.DEBUG)
services_data = json.loads(open(args.meta_json, "r").read())
app.run(host=args.listen, port=args.port, debug=args.debug)