From faee005c31b976fce2cf0edfa92471d023327679 Mon Sep 17 00:00:00 2001
From: Mike <mrb24@buffalo.edu>
Date: Tue, 14 May 2019 14:54:48 -0400
Subject: [PATCH] disable api basic auth by default. expose mimir-api docs.

---
 run-containers-async.sh            |  3 ++-
 run-containers.sh                  |  4 ++--
 start-containers.sh                |  3 +++
 stop-containers.sh                 |  1 +
 ui-nginx/Dockerfile                |  1 +
 ui-nginx/entrypoint.sh             |  3 ++-
 vizier-nginx-proxy/Dockerfile      |  2 ++
 vizier-nginx-proxy/entrypoint.sh   |  7 +++++++
 vizier-nginx-proxy/vizier_k8s.conf | 23 +++++++++++++++++++++--
 9 files changed, 41 insertions(+), 6 deletions(-)
 create mode 100755 start-containers.sh
 create mode 100755 stop-containers.sh

diff --git a/run-containers-async.sh b/run-containers-async.sh
index e9365d5..12fb32e 100755
--- a/run-containers-async.sh
+++ b/run-containers-async.sh
@@ -24,7 +24,7 @@ do
 	i=$[$i+1]
 done
 
-VIZIER_DOMAIN="vizier.dev"
+VIZIER_DOMAIN="vizier.devel"
 
 S3_AWS_ACCESS_KEY_ID="AKIAJ7MLFSPYLYG47ARQ"
 S3_AWS_SECRET_ACCESS_KEY="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"
@@ -52,3 +52,4 @@ sudo docker run -d -e API_SERVER=demo.$VIZIER_DOMAIN -e APP_PATH="/vizier-db/api
 
 #proxy
 sudo docker run -d -p 80:80 -p 443:443 -p 9001:9001 -h vizier-proxy --name vizier-proxy --network spark-net -e VIZIER_CONFIG="vizier_k8s.conf" -e VIZIER_API_APP_PATH="/vizier-db/api/v1/" -e VIZIER_DOMAIN="$VIZIER_DOMAIN" docker.mimirdb.info/vizier-proxy
+
diff --git a/run-containers.sh b/run-containers.sh
index cb7e9b0..0c2a642 100755
--- a/run-containers.sh
+++ b/run-containers.sh
@@ -24,7 +24,7 @@ do
 	i=$[$i+1]
 done
 
-VIZIER_DOMAIN="vizier.dev"
+VIZIER_DOMAIN="vizier.devel"
 
 S3_AWS_ACCESS_KEY_ID="AKIAJ7MLFSPYLYG47ARQ"
 S3_AWS_SECRET_ACCESS_KEY="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"
@@ -51,4 +51,4 @@ sudo docker run -d -e API_SERVER=demo.$VIZIER_DOMAIN -e APP_PATH="/api" -e API_P
 #sudo docker run -d --expose 80 -p 9004:9001 -h vizier-analytics --network spark-net docker.mimirdb.info/vizier-analytics
 
 #proxy
-sudo docker run -d -p 80:80 -p 443:443 -p 9001:9001 -h vizier-proxy --name vizier-proxy --network spark-net -e VIZIER_CONFIG="vizier_k8s.conf" -e VIZIER_API_APP_PATH="/api/" -e VIZIER_DOMAIN="$VIZIER_DOMAIN" -e VIZIER_API_PROXY_PATH="/" docker.mimirdb.info/vizier-proxy
\ No newline at end of file
+sudo docker run -d -p 80:80 -p 443:443 -p 9001:9001 -h vizier-proxy --name vizier-proxy --network spark-net -e VIZIER_CONFIG="vizier_k8s.conf" -e VIZIER_API_APP_PATH="/api/" -e VIZIER_DOMAIN="$VIZIER_DOMAIN" -e VIZIER_API_PROXY_PATH="/" docker.mimirdb.info/vizier-proxy
diff --git a/start-containers.sh b/start-containers.sh
new file mode 100755
index 0000000..cea369e
--- /dev/null
+++ b/start-containers.sh
@@ -0,0 +1,3 @@
+sudo docker start namenode datanode0 datanode1 
+sleep 20
+sudo docker start vizier-mimir vizier-api vizier-ui vizier-proxy
diff --git a/stop-containers.sh b/stop-containers.sh
new file mode 100755
index 0000000..cc32b1e
--- /dev/null
+++ b/stop-containers.sh
@@ -0,0 +1 @@
+sudo docker stop vizier-proxy vizier-ui vizier-api vizier-mimir datanode1 datanode0 namenode
\ No newline at end of file
diff --git a/ui-nginx/Dockerfile b/ui-nginx/Dockerfile
index a34c925..bce0be5 100644
--- a/ui-nginx/Dockerfile
+++ b/ui-nginx/Dockerfile
@@ -28,6 +28,7 @@ ENV API_PORT=443
 ENV APP_PATH=""
 ENV ANALYTICS_URL="https:\/\/analytics.vizier.app\/"
 ENV ANALYTICS_SITE_ID=12a12e629ffb388167c2c3e560bbc8e1
+ENV API_BASIC_AUTH=false
 
 #setup production web-ui branch
 RUN mkdir /usr/local/source/ \
diff --git a/ui-nginx/entrypoint.sh b/ui-nginx/entrypoint.sh
index 5050a10..e51297c 100644
--- a/ui-nginx/entrypoint.sh
+++ b/ui-nginx/entrypoint.sh
@@ -2,4 +2,5 @@
 sed -ri "s#'https?://[a-zA-Z0-9.-]*[:0-9]*/?.*'#'$API_SCHEME://$API_SERVER:$API_PORT$APP_PATH'#g" /usr/local/source/web-ui/build/env.js
 sed -ri "s/ANALYTICS_URL: '.*'/ANALYTICS_URL: '${ANALYTICS_URL}'/g" /usr/local/source/web-ui/build/env.js
 sed -ri "s/ANALYTICS_SITE_ID: '.*'/ANALYTICS_SITE_ID: '${ANALYTICS_SITE_ID}'/g" /usr/local/source/web-ui/build/env.js
-/usr/bin/supervisord
\ No newline at end of file
+sed -ri "s/API_BASIC_AUTH: .*,/API_BASIC_AUTH: ${API_BASIC_AUTH},/g" /usr/local/source/web-ui/build/env.js
+/usr/bin/supervisord
diff --git a/vizier-nginx-proxy/Dockerfile b/vizier-nginx-proxy/Dockerfile
index 61ade67..c4cf828 100644
--- a/vizier-nginx-proxy/Dockerfile
+++ b/vizier-nginx-proxy/Dockerfile
@@ -11,6 +11,7 @@ ENV VIZIER_DOMAIN="vizier.app"
 ENV VIZIER_API_APP_PATH="/vizier-db/api/v1/"
 ENV VIZIER_API_PROXY_PATH=""
 ENV ACME_HOSTS="demo.vizier.app api.vizier.app vizier.vizier.app mimir.vizier.app spark.vizier.app hdfs.vizier.app proxy.vizier.app analytics.vizier.app"
+ENV API_BASIC_AUTH=false
 
 EXPOSE 80
 EXPOSE 443
@@ -56,6 +57,7 @@ COPY vizier_k8s.conf /usr/local/vizier_k8s.conf
 COPY entrypoint.sh /usr/local/entrypoint.sh
 COPY supervisord.conf /etc/supervisord.conf
 COPY .htpasswd /etc/nginx/.htpasswd
+COPY .htpasswd /etc/nginx/.htpasswd_api
 
 RUN chmod +x /usr/local/entrypoint.sh
 
diff --git a/vizier-nginx-proxy/entrypoint.sh b/vizier-nginx-proxy/entrypoint.sh
index ed81173..30cbdc0 100644
--- a/vizier-nginx-proxy/entrypoint.sh
+++ b/vizier-nginx-proxy/entrypoint.sh
@@ -4,4 +4,11 @@ sed -i -E "s/(server_name\s+[a-z]+)\.vizier\.app/\1.$VIZIER_DOMAIN/g" /etc/nginx
 sed -i -E "s/(https:\/\/[a-z]+)\.vizier\.app/\1.$VIZIER_DOMAIN/g" /etc/nginx/conf.d/vizier.conf
 sed -i -E "s#/vizier-db/api/v1/#$VIZIER_API_APP_PATH#g" /etc/nginx/conf.d/vizier.conf
 sed -i -E "s#proxy_pass http://vizierapi#proxy_pass http://vizierapi$VIZIER_API_PROXY_PATH#g" /etc/nginx/conf.d/vizier.conf
+if [ "$API_BASIC_AUTH" == "true" ]; then
+  sed -i -E "s/#auth_basic \"Vizier API\";/auth_basic \"Vizier API\";/g" /etc/nginx/conf.d/vizier.conf
+  sed -i -E "s%#auth_basic_user_file /etc/nginx/.htpasswd_api;%auth_basic_user_file /etc/nginx/.htpasswd_api;%g" /etc/nginx/conf.d/vizier.conf
+else
+  sed -i -E "s/#?auth_basic \"Vizier API\";/#auth_basic \"Vizier API\";/g" /etc/nginx/conf.d/vizier.conf
+  sed -i -E "s%#?auth_basic_user_file /etc/nginx/.htpasswd_api;%#auth_basic_user_file /etc/nginx/.htpasswd_api;%g" /etc/nginx/conf.d/vizier.conf
+fi
 /usr/bin/supervisord
diff --git a/vizier-nginx-proxy/vizier_k8s.conf b/vizier-nginx-proxy/vizier_k8s.conf
index df89a6a..1c2cd2c 100644
--- a/vizier-nginx-proxy/vizier_k8s.conf
+++ b/vizier-nginx-proxy/vizier_k8s.conf
@@ -10,6 +10,10 @@ upstream mimir-driver {
   server vizier-mimir:4041;
 }
 
+upstream mimir-api {
+  server vizier-mimir:8089;
+}
+
 upstream proxy-supervisor {
   server 127.0.0.1:9001;
 }
@@ -116,6 +120,21 @@ server {
     proxy_set_header Connection $connection_upgrade;
     proxy_set_header X-Real-IP $remote_addr;
   }
+  
+  location /api-docs {
+    proxy_set_header    Host                $http_host;
+    proxy_set_header    X-Real-IP           $remote_addr;
+    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto   $scheme;
+    proxy_set_header    X-Frame-Options     SAMEORIGIN;
+
+    proxy_pass http://mimir-api;
+
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+    proxy_set_header X-Real-IP $remote_addr;
+  }
 }
 
 server {
@@ -251,8 +270,8 @@ server {
   }
 
   location /vizier-db/api/v1/ {
-    auth_basic "Vizier Demo";
-    auth_basic_user_file /etc/nginx/.htpasswd;
+    #auth_basic "Vizier API";
+    #auth_basic_user_file /etc/nginx/.htpasswd_api;
     proxy_set_header    Host                $http_host;
     proxy_set_header    X-Real-IP           $remote_addr;
     proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;