fff

.env

@@ -0,0 +1,4 @@
+BASIC_AUTH_PASSWORD=bbjp
+MYSQL_ROOT_PASSWORD=bbjp
+MYSQL_USER=8bit
+HTTPS_PORT=443

.gitignore

@@ -0,0 +1,7 @@
+mysql-data/*
+!mysql-data/.gitkeep
+ssl/*
+!ssl/.gitkeep
+letsencrypt/*
+!letsencrypt/.gitkeep
+

.gitmodules

@@ -1,6 +1,8 @@
 [submodule "mftm-database"]
 	path = mftm-database
 	url = https://github.com/brangerbriz/mftm-database.git
+	branch = web
 [submodule "mftm-backend"]
 	path = mftm-backend
 	url = https://github.com/brangerbriz/mftm-backend.git
+	branch = web

Dockerfile

@@ -0,0 +1,25 @@
+FROM node:8-stretch
+LABEL maintainer="[email protected]"
+
+# general update and upgrade
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get install -y curl git && \
+    apt-get -y autoremove
+
+RUN useradd -d /home/noroot -ms /bin/bash noroot
+RUN chown -R noroot:noroot /home/noroot
+USER noroot
+
+# copy the ethereum folder to the home directory
+ADD --chown=noroot:noroot ./ /home/noroot/emerge2016
+WORKDIR /home/noroot/emerge2016/data
+RUN curl -o thumbnails.tar.gz -L \
+    https://github.com/brangerbriz/emerge2016/releases/download/v1.0/thumbnails.tar.gz
+RUN tar xzf thumbnails.tar.gz
+
+WORKDIR /home/noroot/emerge2016/microsite
+RUN git checkout emerge-docker
+RUN npm install
+
+CMD sleep 10 && node server

README.md

@@ -8,7 +8,46 @@ Our project looks at the Bitcoin blockchain not from the traditional perspective
 
 For more information about about the project, see [this large poster](.images/banner.png). 
 
-## Install
+## Docker Install
+
+The web version of this project can be installed via Docker using the `web-docker` branch by following the instructions below.
+
+```bash
+git clone https://github.com/brangerbriz/messages-from-the-mines
+cd messages-from-the-mines
+git checkout web-docker
+git submodule update --init --recursive
+
+# open .env in a text editor and create and add a password for
+# BASIC_AUTH_PASSWORD and MYSQL_ROOT_PASSWORD
+nano .env
+
+# launch the nginx http proxy running on port 80. We'll need this to get
+# an HTTPS certificate.
+docker-compose up -d http-proxy
+
+# create an HTTPS/SSL/TLS certificate with Let's Encrypt
+DOMAIN=example.org [email protected] ./scripts/create_cert.sh
+
+# if this errors with "ERROR: No containers to restart", that's fine
+DOMAIN=example.org DOCKER_USER=$USER ./scripts/reload_cert.sh
+
+docker-compose up -d
+
+# enter the password value you just created for MYSQL_ROOT_PASSWORD in .env when prompted
+docker-compose exec db sh -c "mysql -u root -p < /latest-web.sql && rm /latest-web.sql"
+```
+
+```bash
+# add a root cronjob
+sudo crontab -e 
+
+# past these contents (and replace the placeholder vars). 
+# Each day at 7PM attempt to renew the HTTPS certificate and reboot the node server
+0 19 * * * ./scripts/renew_cert.sh && DOMAIN=example.org DOCKER_USER=example-user ./scripts/reload_cert.sh
+```
+
+## Manual Install
 
 This repository is comprised entirely of git submodules of other repositories. 
 
@@ -21,8 +60,13 @@ This repository is comprised entirely of git submodules of other repositories.
 git clone https://github.com/brangerbriz/messages-from-the-mines
 cd messages-from-the-mines
 
+# if you are on this branch we assume you want to install the web version
+# of the project (not the physical installation version).
+git checkout -b web
+git pull origin web
+
 # recursively init and download the submodules
-git submodule update --init --recursive
+git submodule update --init --recursive --remote
 
 # you will notice that there are 4 submodules, two in the parent
 # repo, each that contains one additional submodule.

db.Dockerfile

@@ -0,0 +1,17 @@
+FROM mysql:5
+
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get install -y curl && \
+    apt-get -y autoremove
+
+# download the latest version of the database
+RUN curl -L https://github.com/brangerbriz/mftm-database/releases/download/data/latest-web.sql.gz > /latest-web.sql.gz
+
+# remove ONLY_FULL_GROUP_BY requirement in mysql configuration
+# https://dba.stackexchange.com/questions/114193/of-the-multiple-cnf-files-in-etc-mysql-conf-d-dir-which-would-be-the-last-one#114201
+RUN echo "[mysqld]" >> /etc/mysql/mysql.conf.d/mftm.cnf && \
+    echo "sql_mode = STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION" >> /etc/mysql/mysql.conf.d/mftm.cnf
+
+# unzip it
+RUN gunzip /latest-web.sql.gz

docker-compose.yaml

@@ -0,0 +1,36 @@
+version: '3'
+services:
+  db:
+    build: 
+      context: .
+      dockerfile: db.Dockerfile
+    environment:
+      - "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}"
+    volumes:
+      - "./mysql-data:/var/lib/mysql"
+    restart: unless-stopped
+  node:
+    build: 
+      context: .
+      dockerfile: node.Dockerfile
+      args:
+        - "BASIC_AUTH_PASSWORD=${BASIC_AUTH_PASSWORD}"
+        - "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}"
+        - "MYSQL_USER=${MYSQL_USER}"
+        - "HTTPS_PORT=${HTTPS_PORT}"
+    volumes:
+      - "./ssl:/mftm-backend/ssl"
+    depends_on:
+      - db
+    ports:
+      - "${HTTPS_PORT}:${HTTPS_PORT}"
+    restart: unless-stopped
+  http-proxy:
+    build:
+      context: .
+      dockerfile: http-proxy.Dockerfile
+    ports:
+      - "80:80"
+    volumes:
+      - "./ssl:/var/www/letsencrypt"
+    restart: unless-stopped

http-proxy.Dockerfile

@@ -0,0 +1,2 @@
+FROM nginx:stable
+COPY nginx.conf /etc/nginx/conf.d/default.conf

nginx.conf

@@ -0,0 +1,11 @@
+server {
+  listen 80;
+
+  location /.well-known/acme-challenge/ {
+    root /var/www/letsencrypt;
+  }
+
+  location / {
+    return 301 https://$host$request_uri;
+  }
+}

node.Dockerfile

@@ -0,0 +1,22 @@
+FROM node:8-stretch
+
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get install -y libzmq3-dev jq && \
+    apt-get -y autoremove
+
+ADD ./mftm-backend /mftm-backend
+WORKDIR  /mftm-backend
+
+ARG BASIC_AUTH_PASSWORD
+ARG MYSQL_USER
+ARG MYSQL_ROOT_PASSWORD
+ARG HTTPS_PORT
+
+RUN sed -i "s/change-me-or-get-pwned/${BASIC_AUTH_PASSWORD}/" www/review/auth.js
+RUN TMP=$(mktemp) && \
+    jq ".port = ${HTTPS_PORT} | .basicAuth.users.admin = \"${BASIC_AUTH_PASSWORD}\" | .mysql.user = \"${MYSQL_USER}\" | .mysql.host = \"db\" | .mysql.password = \"${MYSQL_ROOT_PASSWORD}\"" config.json > "$TMP" && \
+    mv "$TMP" config.json
+
+RUN npm install
+CMD node server

scripts/create_cert.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+
+if [ -z "$EMAIL" ] || [ -z "$DOMAIN" ] ; then
+    echo "Error: EMAIL and DOMAIN env vars must be set. exiting."
+    exit 1
+fi
+
+docker run \
+    -v "${DIR}/../ssl:/var/www/letsencrypt" \
+    -v "${DIR}/../letsencrypt:/etc/letsencrypt" \
+    --rm certbot/certbot \
+    certonly --webroot --non-interactive \
+    --email "$EMAIL" \
+    --agree-tos \
+    -w /var/www/letsencrypt \
+    -d "$DOMAIN"

scripts/reload_cert.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+
+if [ -z "$DOCKER_USER" ] || [ -z "$DOMAIN" ] ; then
+    echo "Error: DOCKER_USER and DOMAIN env vars must be set. exiting."
+    exit 1
+fi
+
+sudo cp "${DIR}/../letsencrypt/live/${DOMAIN}/fullchain.pem" "${DIR}/../ssl/certificate.crt"
+sudo cp "${DIR}/../letsencrypt/live/${DOMAIN}/privkey.pem" "${DIR}/../ssl/private.key"
+sudo chown $USER:$USER "${DIR}/../ssl/certificate.crt"
+sudo chown $USER:$USER "${DIR}/../ssl/private.key"
+
+docker-compose restart node 

scripts/renew_cert.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+
+docker run \
+    -v "${DIR}/../ssl:/var/www/letsencrypt" \
+    -v "${DIR}/../letsencrypt:/etc/letsencrypt"\
+    --rm certbot/certbot \
+    renew