Improved Application/DB

2025-11-26 11:03:01 +03:30
parent c442b16a45
commit fcd328ca2b
9 changed files with 194 additions and 99 deletions
--- a/.gitea/workflows/cicd.yaml
+++ b/.gitea/workflows/cicd.yaml
@@ -1,20 +1,67 @@
 name: Build and Deploy Demo App
 on:
  push:
    branches:
      - main
 jobs:
-  build-and-deploy:
+  test:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.12'
      - name: Install deps
        run: pip install -r requirements.txt
      - name: Run tests
        run: pytest tests.py
  build:
    needs: test
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Cache Docker layers
        uses: actions/cache@v4
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ hashFiles('Dockerfile', 'requirements.txt') }}
          restore-keys: ${{ runner.os }}-buildx-
      - name: Build Docker image
-        run: docker build -t demo-app:latest .
+        uses: docker/build-push-action@v6
        with:
          load: true
          tags: demo-app:latest
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
      - name: Save Docker image to tar
        run: docker save demo-app:latest > demo-app.tar
  scan:
    needs: build
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Scan Image
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: demo-app:latest
          format: table
          exit-code: 1
          severity: CRITICAL,HIGH
  deploy:
    needs: [build, scan]
    runs-on: ubuntu-latest
    steps:
      - name: Set up SSH
        run: |
          apt update && apt install -y openssh-client
@@ -24,41 +71,19 @@ jobs:
          eval "$(ssh-agent -s)"
          ssh-add ~/.ssh/id_ed25519
          ssh-keyscan -p ${{ secrets.SERVER_PORT }} ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts
-      - name: Copy files to server via SCP
+      - name: Copy tar to server
-        run: |
+        run: scp -o StrictHostKeyChecking=no -P ${{ secrets.SERVER_PORT }} demo-app.tar ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:${{ secrets.DEPLOY_PATH }}demo-app.tar
-          scp -o StrictHostKeyChecking=no -P ${{ secrets.SERVER_PORT }} demo-app.tar ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:${{ secrets.DEPLOY_PATH }}demo-app.tar
+      - name: Deploy on server
          scp -o StrictHostKeyChecking=no -P ${{ secrets.SERVER_PORT }} docker-compose.yml ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:${{ secrets.DEPLOY_PATH }}docker-compose.yml
          scp -o StrictHostKeyChecking=no -P ${{ secrets.SERVER_PORT }} -r nginx_user_conf.d ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:${{ secrets.DEPLOY_PATH }}nginx_user_conf.d
      - name: Deploy on server via SSH
        run: |
          ssh -o StrictHostKeyChecking=no -p ${{ secrets.SERVER_PORT }} ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} << EOF
            cd ${{ secrets.DEPLOY_PATH }}
-
+            # Create/update .env with secrets
-            # Check and install Docker if not present (Ubuntu/Debian assumed)
+            echo "DB_USER=${{ secrets.DB_USER }}" > .env
-            if ! command -v docker &> /dev/null; then
+            echo "DB_PASS=${{ secrets.DB_PASS }}" >> .env
-              sudo apt update -y
+            echo "DB_NAME=${{ secrets.DB_NAME }}" >> .env
-              sudo apt install -y ca-certificates curl
+            # Load and deploy
              sudo install -m 0755 -d /etc/apt/keyrings
              sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
              sudo chmod a+r /etc/apt/keyrings/docker.asc
              echo "deb [arch=\$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \$(. /etc/os-release && echo "\$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
              sudo apt update -y
              sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
              sudo systemctl start docker
              sudo systemctl enable docker
            fi
            # Ensure docker-compose-plugin is installed (for 'docker compose' command)
            if ! docker compose version &> /dev/null; then
              sudo apt update -y
              sudo apt install -y docker-compose-plugin
            fi
            # Load image and deploy with Compose
            docker load -i demo-app.tar
-            docker compose down --remove-orphans -v || true  # Graceful stop
+            docker compose down
-            docker compose up -d --force-recreate
+            docker compose --env-file .env up -d --remove-orphans
            # Cleanup
            rm demo-app.tar
          EOF
--- a/18
+++ b/18
@@ -1,9 +1,19 @@
-FROM python:3.12-slim
+# Build stage
-
+FROM python:3.12-slim AS builder
 WORKDIR /app
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
-COPY app.py .
+
 # Runtime stage
 FROM python:3.12-slim
 WORKDIR /app
 COPY --from=builder /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages
 COPY app.py models.py .
 COPY templates ./templates
 RUN useradd -m appuser
 USER appuser
 EXPOSE 5000
-CMD ["python", "app.py"]
+HEALTHCHECK --interval=30s --timeout=3s CMD wget --no-verbose --tries=1 --spider http://localhost:5000/ || exit 1
 CMD ["gunicorn", "--bind", "0.0.0.0:5000", "app:app"]
--- a/app.py
+++ b/app.py
@@ -1,12 +1,21 @@
 import os
 from flask import Flask, render_template
-from flask_bootstrap import Bootstrap5  # Updated import for Bootstrap 5 support
+from flask_bootstrap import Bootstrap5
 from models import db, Feature
 app = Flask(__name__)
 db_user = os.getenv('DB_USER', 'postgres')
 db_pass = os.getenv('DB_PASS', 'password')  # Fallback; overridden by env
 db_name = os.getenv('DB_NAME', 'demo_db')
 app.config['SQLALCHEMY_DATABASE_URI'] = f'postgresql://{db_user}:{db_pass}@db:5432/{db_name}'
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 bootstrap = Bootstrap5(app)
 db.init_app(app)
@app.route('/')
 def index():
-    return render_template('index.html')
+    with app.app_context():
-
+        Feature.seed_db()  # Seed on first load if empty
-if __name__ == '__main__':
+        features = Feature.query.all()
-    app.run(host='0.0.0.0', port=5000)
+    return render_template('index.html', features=features)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,8 +1,37 @@
 services:
  db:
    image: postgres:16-alpine
    container_name: demo-db
    restart: unless-stopped
    environment:
      POSTGRES_USER: ${DB_USER}
      POSTGRES_PASSWORD: ${DB_PASS}
      POSTGRES_DB: ${DB_NAME}
    volumes:
      - db-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U ${DB_USER}"]
      interval: 10s
      timeout: 5s
      retries: 5
  app:
    image: demo-app:latest
    container_name: demo-app
    restart: unless-stopped
    environment:
      - DB_USER=${DB_USER}
      - DB_PASS=${DB_PASS}
      - DB_NAME=${DB_NAME}
    depends_on:
      db:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "wget", "--spider", "http://localhost:5000"]
      interval: 30s
      timeout: 10s
      retries: 3
  nginx:
    image: jonasal/nginx-certbot:latest
    container_name: demo-nginx
@@ -12,14 +41,25 @@ services:
      - 4433:443
    environment:
      - CERTBOT_EMAIL=the.dark.mist23@gmail.com
-      - ENVSUBST_TEMPLATE_SUFFIX=.tmpl # Enables template processing if needed
+      - ENVSUBST_TEMPLATE_SUFFIX=.tmpl
-      - CERTBOT_DISABLED=true  # Disable auto Certbot to use manual certs
+      - CERTBOT_DISABLED=true
    volumes:
      - ./nginx_user_conf.d:/etc/nginx/conf.d/
      - letsencrypt:/etc/letsencrypt
-      - /home/devroot/demo/certs/fullchain.pem:/etc/nginx/ssl/origin_cert.pem:ro # Mount cert
+      - /home/devroot/demo/certs/fullchain.pem:/etc/nginx/ssl/origin_cert.pem:ro
-      - /home/devroot/demo/certs/prvkey.pem:/etc/nginx/ssl/origin_key.key:ro # Mount key
+      - /home/devroot/demo/certs/prvkey.pem:/etc/nginx/ssl/origin_key.key:ro
    depends_on:
-      - app
+      app:
        condition: service_healthy
    logging:
      driver: json-file
      options:
        max-size: 10m
 networks:
  default:
    driver: bridge
 volumes:
  letsencrypt:
  db-data:
--- a/models.py
+++ b/models.py
@@ -0,0 +1,18 @@
 from flask_sqlalchemy import SQLAlchemy
 db = SQLAlchemy()
 class Feature(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    title = db.Column(db.String(100), nullable=False)
    description = db.Column(db.String(200), nullable=False)
 def seed_db():
    if Feature.query.count() == 0:  # Seed only if empty
        features = [
            Feature(title="Responsive Design", description="Adapts seamlessly to mobile, tablet, and desktop devices."),
            Feature(title="Modern UI", description="Uses Bootstrap 5 for clean, professional styling."),
            Feature(title="Easy Deployment", description="Containerized with Docker for quick setup on any server.")
        ]
        db.session.bulk_save_objects(features)
        db.session.commit()
--- a/nginx_user_conf.d/server.conf
+++ b/nginx_user_conf.d/server.conf
@@ -1,8 +1,6 @@
 server {
    listen 80;
    server_name demo.networkwizard.xyz;
    # Optional: Redirect HTTP to HTTPS (adjust port if needed)
    location / {
        return 301 https://$host:4433$request_uri;
    }
@@ -11,11 +9,8 @@ server {
 server {
    listen 443 ssl;
    server_name demo.networkwizard.xyz;
    ssl_certificate /etc/nginx/ssl/origin_cert.pem;
    ssl_certificate_key /etc/nginx/ssl/origin_key.key;
    # Optional: Enhance security
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
@@ -26,4 +21,9 @@ server {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }
 }
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,6 @@
 flask==3.0.3
 bootstrap-flask==2.5.0
 gunicorn==22.0.0
 flask-sqlalchemy==3.1.1
 psycopg2-binary==2.9.9  # Postgres driver
 pytest==8.3.3  # For tests
--- a/templates/index.html
+++ b/templates/index.html
@@ -1,18 +1,11 @@
 <!doctype html>
 <html lang="en">
 <head>
    <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Professional Demo Site</title>
    <!-- Bootstrap CSS -->
    {{ bootstrap.load_css() }}
-
+    <style> body { padding-top: 60px; } </style>
    <style>
        body { padding-top: 60px; }  /* Space for fixed navbar */
    </style>
 </head>
 <body>
    <nav class="navbar navbar-expand-lg navbar-dark bg-dark fixed-top">
@@ -23,67 +16,39 @@
            </button>
            <div class="collapse navbar-collapse" id="navbarNav">
                <ul class="navbar-nav ms-auto">
-                    <li class="nav-item">
+                    <li class="nav-item"><a class="nav-link" href="/">Home</a></li>
-                        <a class="nav-link" href="/">Home</a>
+                    <li class="nav-item"><a class="nav-link" href="#features">Features</a></li>
-                    </li>
+                    <li class="nav-item"><a class="nav-link" href="#about">About</a></li>
                    <li class="nav-item">
                        <a class="nav-link" href="#features">Features</a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link" href="#about">About</a>
                    </li>
                </ul>
            </div>
        </div>
    </nav>
    <div class="container">
        <!-- Hero Section -->
        <div class="bg-primary text-white py-5 mt-4 rounded text-center">
            <h1 class="display-4">Welcome to the Professional Demo Site</h1>
-            <p class="lead">This is a realistic, Bootstrap-powered Flask application for demonstration purposes. It features responsive design and modern UI elements.</p>
+            <p class="lead">This is a realistic, Bootstrap-powered Flask application with DB integration for demonstration.</p>
            <a class="btn btn-light btn-lg" href="#features" role="button">Learn More</a>
        </div>
        <!-- Features Section -->
        <section id="features" class="py-5">
-            <h2 class="text-center mb-4">Key Features</h2>
+            <h2 class="text-center mb-4">Key Features (from DB)</h2>
            <div class="row">
                {% for feature in features %}
                <div class="col-md-4">
                    <div class="card mb-4">
                        <div class="card-body">
-                            <h5 class="card-title">Responsive Design</h5>
+                            <h5 class="card-title">{{ feature.title }}</h5>
-                            <p class="card-text">Adapts seamlessly to mobile, tablet, and desktop devices.</p>
+                            <p class="card-text">{{ feature.description }}</p>
                        </div>
                    </div>
                </div>
                <div class="col-md-4">
                    <div class="card mb-4">
                        <div class="card-body">
                            <h5 class="card-title">Modern UI</h5>
                            <p class="card-text">Uses Bootstrap 5 for clean, professional styling.</p>
                        </div>
                    </div>
                </div>
                <div class="col-md-4">
                    <div class="card mb-4">
                        <div class="card-body">
                            <h5 class="card-title">Easy Deployment</h5>
                            <p class="card-text">Containerized with Docker for quick setup on any server.</p>
                        </div>
                    </div>
                </div>
                {% endfor %}
            </div>
        </section>
        <!-- About Section -->
        <section id="about" class="py-5 bg-light">
            <h2 class="text-center mb-4">About This Demo</h2>
-            <p class="text-center">This site serves as a starting point for building more complex web applications. Extend it with databases, APIs, or user authentication as needed.</p>
+            <p class="text-center">Now with PostgreSQL for data persistence. Extend with more models/queries.</p>
        </section>
    </div>
    <!-- Bootstrap JS -->
    {{ bootstrap.load_js() }}
 </body>
 </html>
--- a/test.py
+++ b/test.py
@@ -0,0 +1,24 @@
 import pytest
 from app import app, db
 from models import Feature
@pytest.fixture
 def client():
    app.config['TESTING'] = True
    app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///:memory:'  # In-memory DB for tests
    with app.test_client() as client:
        with app.app_context():
            db.create_all()
            yield client
            db.drop_all()
 def test_index(client):
    response = client.get('/')
    assert response.status_code == 200
    assert b'Professional Demo Site' in response.data
 def test_seed_db(client):
    with app.app_context():
        db.create_all()
        Feature.seed_db()
        assert Feature.query.count() == 3