https://github.com/intuitem/ciso-assistant-community?tab=readme-ov-file#setting-up-ciso-assistant-for-development L'objectif est d'utiliser CISO Assistant sans docker et avec un reverse proxy Apache httpd plutot que Caddy. ### On host (edit /etc/hosts file): 10.184.116.195 febciso ### Inside an incus container ( ciso-assistant --> 10.184.116.195) apt update && apt install -y python3 python3-pip python3-pexpect npm libyaml-cpp-dev curl git libpangoft2-1.0-0/stable libpango-1.0-0/stable python3-venv curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash curl -fsSL https://get.pnpm.io/install.sh | env PNPM_VERSION=10.0.0 sh - curl -sSL https://install.python-poetry.org | python3 - echo 'export PATH="/root/.local/bin:$PATH"' >> ~/.bashrc source ~/.bashrc pnpm env use --global lts nvm install 22 git clone https://github.com/intuitem/ciso-assistant-community.git cd ciso-assistant-community/ ndelprat@cosium.com SasquatchùUndefinedùPropertyùPrelaunchùNumeratorùEngulf6 cd backend/ poetry install pre-commit install poetry run python manage.py migrate poetry run python manage.py createsuperuser export CISO_ASSISTANT_URL=https://ciso:443 export ALLOWED_HOSTS=ciso,localhost,z-ciso-backend-1,z-ciso-backend-2 poetry run python manage.py runserver ### In another prompt: cd .. cd .git/hooks ln -fs ../../git_hooks/post-commit . ln -fs ../../git_hooks/post-merge . cd ../../ cd frontend/ npm install -g pnpm pnpm install pnpm run build export HOST_HEADER=x-forwarded-host export PROTOCOL_HEADER=x-forwarded-proto export PUBLIC_BACKEND_API_EXPOSED_URL=https://ciso:443/api export PUBLIC_BACKEND_API_URL=http://ciso:8000/api export ORIGIN=https://ciso:443 node server export ALLOWED_HOSTS=z-ciso,localhost,127.0.0.1 export CISO_ASSISTANT_URL=https://z-ciso:443 export DB_PORT=5432 export DB_HOST=127.0.0.1 export POSTGRES_PASSWORD=SecrecyùCackleùPennant3ùStarfishùStoppageùOvercoatùBrushùDrizzly export POSTGRES_USER=ciso-assistant-user export POSTGRES_NAME=ciso-assistant Auto-signed certificate SSL: mkdir /etc/haproxy/certs sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout /etc/haproxy/certs/ciso.key \ -out /etc/haproxy/certs/ciso.crt cat /etc/haproxy/certs/ciso.crt /etc/haproxy/certs/ciso.key > /etc/haproxy/certs/ciso.pem HaProxy Configuration : global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 ssl-default-bind-ciphers HIGH:!aNULL:!MD5 defaults log global option httplog option dontlognull timeout connect 5000ms timeout client 50000ms timeout server 50000ms retries 3 frontend https_front bind *:443 ssl crt /etc/haproxy/certs/ciso.pem mode http option httplog use_backend backend_ciso if { path_beg /api/ } default_backend frontend_ciso backend backend_ciso mode http balance roundrobin option httpchk GET / server backend1 127.0.0.1:8000 check backend frontend_ciso mode http balance roundrobin option httpchk GET / server frontend1 127.0.0.1:3000 check eventually install caddy : sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy create a Caddyfile : https://ciso:8443 { reverse_proxy /api/* localhost:8000 reverse_proxy /* localhost:3000 tls internal } launch the caddy server : caddy run --config Caddyfile plutot que : - name: Create superuser (interactive) command: poetry run python manage.py createsuperuser args: chdir: "{{ backend_path.stdout }}" register: createsuperuser ignore_errors: yes # Ignore l'erreur si un superutilisateur existe déjà je veux un truc dans le forme de : - name: Run docker-compose-exec.sh in the cloned repository expect: command: ./docker-compose-exec.sh chdir: ciso-assistant-community responses: 'Email: ': 'nmilovanovic@example.com' 'Password: ': 'AyrFg520mGmC' 'Password \(again\): ': 'AyrFg520mGmC' no_log: true apt update apt install -y git curl npm curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash export NVM_DIR="$HOME/.nvm" [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" # This loads nvm bash_completion nvm install 22 curl -fsSL https://get.pnpm.io/install.sh | env PNPM_VERSION=10.0.0 sh - # pnpm export PNPM_HOME="/root/.local/share/pnpm" case ":$PATH:" in *":$PNPM_HOME:"*) ;; *) export PATH="$PNPM_HOME:$PATH" ;; esac # pnpm end root@z:~/ciso-assistant-community/frontend# cat ~/.bash_history apt update apt install -y git npm node -v npm install -g pnpm git clone https://github.com/intuitem/ciso-assistant-community.git cd ciso-assistant-community/f cd ciso-assistant-community/frontend/ ls pnpm install curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash apt install -y curl curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash /root/.nvm/nvm.sh install 20 node -v pnpm install curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash /root/.nvm/nvm.sh install 20 node -v /root/.nvm/nvm.sh use 20 node -v export NVM_DIR="$HOME/.nvm" [ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # Charger NVM [ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" nvm use 20 nvm install 20 node -v curl -fsSL https://get.pnpm.io/install.sh | env PNPM_VERSION=10.0.0 sh - source ~/.bashrc pnpm install - name: Start database migration args: chdir: "{{ backend_path }}" tags: - ciso - pip - tetest