mirror of
https://github.com/tmdinosaurcenter/kiosk-guestbook.git
synced 2026-06-28 18:59:05 -06:00
Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 steve
|
b2e7eeb570 | ||
|
steve
|
047f1a8c8b | ||
|
steve
|
c2b6c1b460 | ||
|
steve
|
e733e7b092 | ||
|
steve
|
9fe3bc43d0 | ||
|
steve
|
a0e6042300 | ||
|
steve
|
05bcf10614 |
@@ -30,3 +30,15 @@ jobs:
|
||||
run: |
|
||||
docker tag $IMAGE_TAG snachodog/kiosk-guestbook:latest
|
||||
docker push snachodog/kiosk-guestbook:latest
|
||||
- name: Notify via ntfy
|
||||
if: github.event_name == 'push'
|
||||
env:
|
||||
NTFY_URL: ${{ secrets.NTFY_URL }}
|
||||
NTFY_TOKEN: ${{ secrets.NTFY_TOKEN }}
|
||||
run: |
|
||||
curl -s -o /dev/null \
|
||||
-H "Title: kiosk-guestbook image pushed to Docker Hub" \
|
||||
-H "Tags: white_check_mark" \
|
||||
-H "Authorization: Bearer $NTFY_TOKEN" \
|
||||
-d "The kiosk-guestbook container has been pushed to Docker Hub and is ready to pull. Commit: ${{ github.sha }} — ${{ github.event.head_commit.message }}" \
|
||||
"$NTFY_URL"
|
||||
|
||||
+3
-3
@@ -4,8 +4,8 @@ FROM python:3.9-slim
|
||||
# Set the working directory
|
||||
WORKDIR /app
|
||||
|
||||
# Install system dependencies (including gettext for envsubst)
|
||||
RUN apt-get update && apt-get install -y gettext && rm -rf /var/lib/apt/lists/*
|
||||
# Install system dependencies (including gettext for envsubst and gosu for privilege dropping)
|
||||
RUN apt-get update && apt-get install -y gettext gosu && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Install Python dependencies
|
||||
COPY requirements.txt .
|
||||
@@ -30,7 +30,7 @@ ARG UID=1000
|
||||
ARG GID=1000
|
||||
RUN groupadd -g ${GID} appuser && useradd -u ${UID} -g ${GID} -s /bin/sh -M appuser
|
||||
RUN chown -R appuser:appuser /app /entrypoint.sh
|
||||
USER appuser
|
||||
# Entrypoint runs as root, fixes volume permissions, then drops to appuser via gosu
|
||||
|
||||
# Use the entrypoint script as the container's command
|
||||
CMD ["/entrypoint.sh"]
|
||||
|
||||
@@ -96,13 +96,30 @@ Once deployed, open your browser and navigate to http://<your-server-ip>:8000 (o
|
||||
|
||||
`docker-compose logs -f`
|
||||
|
||||
## Admin Interface
|
||||
|
||||
A password-protected admin panel is available at `/admin`. It displays all guest entries in a paginated table and allows individual entries to be deleted.
|
||||
|
||||
Access requires `ADMIN_USER` and `ADMIN_PASSWORD` to be set in your `.env`. If either variable is missing, the admin interface will return a 503 error rather than allowing access with blank credentials.
|
||||
|
||||
## API Access
|
||||
|
||||
Access the API endpoint to export guest entries by navigating to:
|
||||
|
||||
`http://your-server-ip:8000/guests/api`
|
||||
`http://your-server-ip:8000/api/guests`
|
||||
|
||||
This endpoint can be integrated with on-prem automation tools like n8n.
|
||||
Set the `API_KEY` variable in your `.env` and pass it in requests as the `X-API-Key` header. This endpoint can be integrated with on-prem automation tools like n8n.
|
||||
|
||||
## Upgrading
|
||||
|
||||
When upgrading from a previous version, compare your `.env` against `example.env` to check for newly required variables. As of v2.1.0, the following variables are required if you want to use the admin interface:
|
||||
|
||||
```env
|
||||
ADMIN_USER=admin
|
||||
ADMIN_PASSWORD=changeme
|
||||
```
|
||||
|
||||
Replace the placeholder values with your own credentials before deploying.
|
||||
|
||||
## Additional Notes
|
||||
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
from flask import Flask, render_template, request, redirect, url_for, jsonify, abort
|
||||
from flask import Flask, render_template, request, redirect, url_for, jsonify, abort, Response
|
||||
from flask_limiter import Limiter
|
||||
from flask_limiter.util import get_remote_address
|
||||
from email_validator import validate_email, EmailNotValidError
|
||||
from functools import wraps
|
||||
import sqlite3
|
||||
import logging
|
||||
import os
|
||||
@@ -177,6 +178,61 @@ def index():
|
||||
logger.info("Rendering index with %d guests.", len(guests))
|
||||
return render_template('index.html', error=error, guests=guests)
|
||||
|
||||
def require_admin_auth(f):
|
||||
@wraps(f)
|
||||
def decorated(*args, **kwargs):
|
||||
admin_user = os.environ.get('ADMIN_USER')
|
||||
admin_password = os.environ.get('ADMIN_PASSWORD')
|
||||
if not admin_user or not admin_password:
|
||||
logger.error("ADMIN_USER and ADMIN_PASSWORD must be set to enable the admin interface.")
|
||||
abort(503)
|
||||
auth = request.authorization
|
||||
if not auth or auth.username != admin_user or auth.password != admin_password:
|
||||
return Response(
|
||||
'Authentication required.',
|
||||
401,
|
||||
{'WWW-Authenticate': 'Basic realm="Admin"'}
|
||||
)
|
||||
return f(*args, **kwargs)
|
||||
return decorated
|
||||
|
||||
@app.route('/admin')
|
||||
@require_admin_auth
|
||||
def admin():
|
||||
page = request.args.get('page', 1, type=int)
|
||||
per_page = 25
|
||||
offset = (page - 1) * per_page
|
||||
try:
|
||||
conn = sqlite3.connect(DATABASE)
|
||||
c = conn.cursor()
|
||||
total = c.execute('SELECT COUNT(*) FROM guests').fetchone()[0]
|
||||
c.execute('''
|
||||
SELECT id, first_name, last_name, email, location, comment, newsletter_opt_in, timestamp
|
||||
FROM guests ORDER BY id DESC LIMIT ? OFFSET ?
|
||||
''', (per_page, offset))
|
||||
guests = c.fetchall()
|
||||
conn.close()
|
||||
except sqlite3.Error as e:
|
||||
logger.error("Database error in admin: %s", e)
|
||||
guests = []
|
||||
total = 0
|
||||
total_pages = (total + per_page - 1) // per_page
|
||||
return render_template('admin.html', guests=guests, page=page, total_pages=total_pages, total=total)
|
||||
|
||||
@app.route('/admin/delete/<int:entry_id>', methods=['POST'])
|
||||
@require_admin_auth
|
||||
def admin_delete(entry_id):
|
||||
try:
|
||||
conn = sqlite3.connect(DATABASE)
|
||||
c = conn.cursor()
|
||||
c.execute('DELETE FROM guests WHERE id = ?', (entry_id,))
|
||||
conn.commit()
|
||||
conn.close()
|
||||
logger.info("Admin deleted guest entry id=%d", entry_id)
|
||||
except sqlite3.Error as e:
|
||||
logger.error("Database error deleting guest %d: %s", entry_id, e)
|
||||
return redirect(url_for('admin', page=request.args.get('page', 1)))
|
||||
|
||||
@app.route('/api/guests', methods=['GET'])
|
||||
def api_guests():
|
||||
api_key = request.headers.get('X-API-Key')
|
||||
|
||||
+8
-3
@@ -1,7 +1,12 @@
|
||||
#!/bin/sh
|
||||
# Fix ownership of the data directory so appuser can write the database.
|
||||
# This runs as root (no USER directive in Dockerfile) and is safe because
|
||||
# we immediately drop privileges via gosu before starting the app.
|
||||
DATA_DIR=$(dirname "${DATABASE_PATH:-/data/guestbook.db}")
|
||||
chown -R appuser:appuser "$DATA_DIR"
|
||||
|
||||
# Process index.html.template to create index.html
|
||||
# Adjust the path if your template is located somewhere else
|
||||
envsubst < /app/templates/index.html.template > /app/templates/index.html
|
||||
|
||||
# Start Gunicorn; using an environment variable for workers (default is 3)
|
||||
exec gunicorn --bind 0.0.0.0:8000 app:app --workers ${GUNICORN_WORKERS:-3}
|
||||
# Drop to appuser and start Gunicorn
|
||||
exec gosu appuser gunicorn --bind 0.0.0.0:8000 app:app --workers ${GUNICORN_WORKERS:-3}
|
||||
|
||||
+3
-1
@@ -9,4 +9,6 @@ GUNICORN_WORKERS=3
|
||||
PID=1000
|
||||
GID=1000
|
||||
SITE_TITLE="The Montana Dinosaur Center Visitor Log"
|
||||
LOGO_URL="/static/images/logo.png"
|
||||
LOGO_URL="/static/images/logo.png"
|
||||
ADMIN_USER=admin
|
||||
ADMIN_PASSWORD=changeme
|
||||
@@ -0,0 +1,75 @@
|
||||
<!doctype html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>Guestbook Admin</title>
|
||||
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" />
|
||||
</head>
|
||||
<body class="bg-light">
|
||||
<div class="container py-4">
|
||||
<div class="d-flex justify-content-between align-items-center mb-4">
|
||||
<h1 class="h3 mb-0">Guestbook Admin</h1>
|
||||
<span class="text-muted">{{ total }} total entries</span>
|
||||
</div>
|
||||
|
||||
<div class="table-responsive">
|
||||
<table class="table table-bordered table-hover bg-white">
|
||||
<thead class="table-dark">
|
||||
<tr>
|
||||
<th>ID</th>
|
||||
<th>Name</th>
|
||||
<th>Email</th>
|
||||
<th>Location</th>
|
||||
<th>Comment</th>
|
||||
<th>Newsletter</th>
|
||||
<th>Timestamp</th>
|
||||
<th></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for g in guests %}
|
||||
<tr>
|
||||
<td class="text-muted">{{ g[0] }}</td>
|
||||
<td>{{ g[1] }} {{ g[2] }}</td>
|
||||
<td>{{ g[3] or '—' }}</td>
|
||||
<td>{{ g[4] }}</td>
|
||||
<td>{{ g[5] or '—' }}</td>
|
||||
<td>{{ 'Yes' if g[6] else 'No' }}</td>
|
||||
<td class="text-nowrap">{{ g[7] }}</td>
|
||||
<td>
|
||||
<form method="POST" action="{{ url_for('admin_delete', entry_id=g[0]) }}?page={{ page }}"
|
||||
onsubmit="return confirm('Delete entry for {{ g[1] }} {{ g[2] }}?')">
|
||||
<button type="submit" class="btn btn-danger btn-sm">Delete</button>
|
||||
</form>
|
||||
</td>
|
||||
</tr>
|
||||
{% else %}
|
||||
<tr>
|
||||
<td colspan="8" class="text-center text-muted">No entries found.</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
{% if total_pages > 1 %}
|
||||
<nav>
|
||||
<ul class="pagination">
|
||||
<li class="page-item {% if page == 1 %}disabled{% endif %}">
|
||||
<a class="page-link" href="{{ url_for('admin', page=page-1) }}">Previous</a>
|
||||
</li>
|
||||
{% for p in range(1, total_pages + 1) %}
|
||||
<li class="page-item {% if p == page %}active{% endif %}">
|
||||
<a class="page-link" href="{{ url_for('admin', page=p) }}">{{ p }}</a>
|
||||
</li>
|
||||
{% endfor %}
|
||||
<li class="page-item {% if page == total_pages %}disabled{% endif %}">
|
||||
<a class="page-link" href="{{ url_for('admin', page=page+1) }}">Next</a>
|
||||
</li>
|
||||
</ul>
|
||||
</nav>
|
||||
{% endif %}
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user