Merge branch 'dev'

Author: leonbotros

Dockerfile

@@ -2,78 +2,20 @@
 
 ## Introduction
 
-Cryptify offers file encryption/decryption based on IRMA attributes. It allows you to encrypt any file
-with an attribute and only people with that attribute can view the contents.
+Cryptify offers file encryption/decryption based on IRMA attributes. It allows
+you to encrypt any file with an attribute and only people with that attribute
+can view the contents.
 
 ## Docker development setup
 
-This section indicates how you can set-up the development environment to test sender verification, for this two Linux terminals are needed.
-The first terminal is to start the docker daemon and the second terminal is to start the cryptify containers that run on the daemon. 
-To access cryptify on localhost (or 127.0.0.1) and the mail server on 127.0.0.1:1080 enter the following commands:
+To run a development setup:
 
-Terminal 1:
 ```
-sudo apt update
-sudo apt-get install docker.io
-sudo apt-get install docker-compose
-sudo dockerd
+docker-compose -f docker-compose.dev.yml up
 ```
 
-Terminal 2:
-```
-sudo apt-get install nodejs
-sudo apt-get install npm
-sudo git clone https://github.com/mpmfrans/cryptify.git
-cd cryptify
-git checkout add-email-verification
-
-sudo mkdir irma 
-cd irma
-sudo wget https://github.com/privacybydesign/irmago/releases/download/v0.9.0/irma-master-linux-amd64
-sudo chmod +x irma-master-linux-amd64
-cd ..
-cd cryptify-front-end
-sudo npm install
-cd ..
-sudo docker-compose -f docker-compose.dev.yml up
-```
-
-To test sender verification, you'll need an Android device with the IRMA mobile application (https://play.google.com/store/apps/details?id=org.irmacard.cardemu) installed.
-Connect your device to your computer via USB and enable USB debugging (https://developer.android.com/studio/debug/dev-options). 
-Also, install the Android Debug Bridge (https://developer.android.com/studio/releases/platform-tools).
-
-Enable developer mode on the IRMA mobile application by navigating to 'About IRMA' from the hamburger menu and tapping the version number until 'developer mode enabled'
-appears at the bottom of the screen. This allows unsecure connections to an IRMA server so only use this for testing purposes. 
-
-Finally, to enable the IRMA mobile application to find the server running on localhost check the presence of your android device(s) by running adb devices.
-To be able to use Android Debug Bridge, unzip the platform-tools_r32.0.0-windows.zip, the files are in the platform-tools folder. Open Windows Powershell within
-this folder. To check the presence of android device(s):
+To run a production-like setup:
 
-```
-./adb devices
-```
-
-This should show your device as attached. If not, make sure USB debugging is enabled, and try unplugging and plugging the device.
-To forward localhost traffic:
-
-```
-./adb reverse tcp:8088 tcp:8088
-```
-
-This should simply output 8088 to indicate success. If the IRMA mobile application gives error messages saying you need an internet
-connection, run this command again. It can be unpredictable so don't be surprised if you need to run it more often. Now, you are able to scan the
-QR-code with your android device and IRMA.
-
-## Installation (short version)
-
-Build the files using:
-```
-./deploy.sh
-```
-
-All needed source is now available in `./dist/{backend,frontend}`.
-
-To quickly get a production-alike version, run:
 ```
 docker-compose up
 ```
@@ -82,69 +24,65 @@ docker-compose up
 
 ### Development setup
 
-* Clone the project 
+-   Clone the project
 
-      git clone git@github.com:privacybydesign/cryptify.git
+        git clone git@github.com:privacybydesign/cryptify.git
 
-* Install nodejs 14 and rust
+-   Install nodejs 14 and rust
 
-      # On Debian / Ubuntu
-      curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
-      curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
+        # On Debian / Ubuntu
+        curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
+        curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
 
-* Goto the `cryptify-front-end` folder and install dependencies
+-   Goto the `cryptify-front-end` folder and install dependencies
 
-      npm install
+        npm install
 
 ### Running the front-end
 
-* Change the `baseurl` constant in `FileProvider.ts` to `http://localhost:3000`.
-  This way the front-end uses the locally running backend.
+-   Change the `baseurl` constant in `FileProvider.ts` to `http://localhost:3000`.
+    This way the front-end uses the locally running backend.
 
-* Start the development server
+-   Start the development server
 
-      npm run start
+        npm run start
 
 ### Packaging webpage
 
-* Build the web site
+-   Build the web site
 
-      npm run build
+        npm run build
 
 ### Packaging electron
 
-* Package electron installers
+-   Package electron installers
 
-      npm run dist-electron
+        npm run dist-electron
 
 ## Backend
 
 ### Configuration
 
 For the back-end to be able to send e-mail and store files, the following environment variables are needed:
 
-* *EMAIL_SMTP_URL*: the URL of the server to be used as SMTP server, including e-mail, password and port.
-* *EMAIL_FROM*: the address from which e-mail are to be sent.
-* *STORAGE_DIR*: The directory where the files are going to be stored. 
+-   _ROCKET_CONFIG_: The path to the configuration file (example in `conf/`)
 
 ### Build
 
 The backend can be built using:
+
 ```
-npm install
-npm run build
+env ROCKET_ENV={development,production} cargo build
 ```
 
-### Installation
+The backend can be run using:
 
-The only dependency of the backend is `nodemailer`. This can be installed using:
 ```
-npm install --production
+env ROCKET_CONFIG={path_to_config} ./target/{release,debug}/cryptify-backend
 ```
 
-### Run
-The backend can then be run using:
+Get a development setup using:
 
 ```
-npm run start-dev
+env ROCKET_ENV=development ROCKET_CONFIG={path_to_config} cargo watch -x run
 ```

README.md

@@ -2,8 +2,3 @@ FROM debian:buster-slim
 RUN apt-get update && \
   apt-get install -y libssl-dev && \
   rm -rf /var/lib/apt/lists/*
-
-COPY ./dist/backend/server /app/backend
-COPY ./conf/config.toml /app/config.toml
-
-CMD ["/app/backend"]

backend.Dockerfile

@@ -7,4 +7,4 @@ smtp_url = "mailhog"
 smtp_port = 1025
 # smtp_username = ""
 # smtp_password = ""
-irma_server = "http://irmaserver:8088/"
+irma_server = "http://irma:8088"

cryptify-back-end/config.toml renamed to conf/config.dev.toml

@@ -0,0 +1,44 @@
+worker_processes 4;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 295s;
+    types_hash_max_size 2048;
+    server_tokens on;
+
+    include /etc/nginx/mime.types;
+    types {
+        application/wasm wasm;
+    }
+
+    access_log /dev/fd/1;
+    error_log /dev/fd/2;
+
+    gzip on;
+
+    root /var/www/html/;
+    index index.html;
+
+    server {
+        listen 80 default_server;
+        listen [::]:80 default_server;
+
+        add_header X-Frame-Options "DENY" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Referrer-Policy "no-referrer" always;
+
+        location /irma {
+            proxy_pass http://irma:8088;
+        }
+
+        location ~ ^/(verification|fileupload|filedownload)/ {
+            proxy_pass http://backend:8000;
+        }
+   }
+}

conf/nginx.conf

@@ -30,23 +30,11 @@ http {
         add_header X-Content-Type-Options "nosniff" always;
         add_header Referrer-Policy "no-referrer" always;
 
-        location /fileupload {
-            proxy_pass http://backend:8000;
-        }
-
-        location /verification/start {
-            proxy_pass http://backend:8000;
-        }
-
-        location /verification/result {
-            proxy_pass http://backend:8000;
-        }
-
-        location /verification {
-            proxy_pass http://backend:8000;
+        location /irma {
+            proxy_pass http://irma:8088;
         }
 
-        location /filedownload {
+        location ~ ^/(verification|fileupload|filedownload)/ {
             proxy_pass http://backend:8000;
         }
 

conf/nginx.dev.conf

@@ -1,2 +1,3 @@
 /target
 /data
+config.toml

cryptify-back-end/.gitignore

@@ -16,6 +16,7 @@ qrcode = "0.12.0"
 rand = "0.8.4"
 reqwest = { version = "0.11.7", features = ["blocking", "json"] }
 rocket = { version = "0.5.0-rc.1", features = ["json"] }
+#rocket_cors = "0.6.0-alpha1"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0.64"
 sha2 = "0.9.5"