Merge pull request #1738 from chaoss/spg-patch-abf

Muskellunge Release!

docs/source/deployment/nginx-configuration.rst

@@ -146,3 +146,36 @@ This file will be located in the ``/etc/nginx/sites-enabled`` directory on most
 		        access_log /var/log/nginx/augur.censusscienceosshealth.access.log;
 
 		}
+		
+--------------------
+Enabling HTTPS
+--------------------
+
+HTTPS is an extension of HTTP. It is used for secure communications over a computer networks by encrypting your data so it is not vulnerable to MIM(Man-in-the-Middle) attacks etc. While Augur's API data might not be very sensitive, it would still be a nice feature to have so something can't interfere and provide wrong data. Additionally, the user may not feel very comfortable using an application when the browser is telling the user it is not secure. Features such as logins is an example of information that would be particularly vulnerable to attacks. Lastly, search engine optimization actually favors applications on HTTPS over HTTP.
+
+This guide will start on a fully configured EC2 Ubuntu 20.04 instance, meaning it is assumed to already have Augur installed and running with all of its dependencies(PostgreSQL, Nginx, etc).
+
+~~~~~~~~~~~~~~~~~~~~
+Let's Encrypt/Certbot
+~~~~~~~~~~~~~~~~~~~~
+
+The easiest way to get an HTTPS server up is to make use of `Let's Encrypt <https://letsencrypt.org/>`_'s `Certbot <https://certbot.eff.org/>`_ tool. It is an open source tool that is so good it will even alter the nginx configuration for you automatically to enable HTTPS. Following their guide for ``Ubuntu 20.04``, run ``sudo snap install --classic certbot``, ``sudo ln -s /snap/bin/certbot /usr/bin/certbot``, and then ``sudo certbot --nginx``.
+
+~~~~~~~~~~~~~~~~~~~
+Fixing the Backend
+~~~~~~~~~~~~~~~~~~~
+
+Now our server is configured properly and our frontend is being served over HTTPS, but there's an extra problem: the backend APIs are still being served over HTTP resulting in a ``blocked loading mixed active content`` error. This issue is a deep rooted issue and serveral files need to be modified to accomodate HTTPS.
+
+First, we will start with lines 29, 33, & 207 of ``augur/frontend/src/AugurAPI.ts`` and rewrite the URL to use the HTTPS protocol instead of HTTP. We will then do this again in ``augur/frontend/src/common/index.tx`` & ``augur/frontend/src/compare/index.ts`` where the ``AugurAPI`` constructor was called and passed an HTTP protocol. Next we need to configure gunicorn in the backend to support our SSL certificates, but by default certbot places these in a directory that requires root access. Copy these files by running ``sudo cp /etc/letsencrypt/live/<server name here>/fullchain.pem /home/ubuntu/augur/fullchain.pem`` and ``sudo cp /etc/letsencrypt/live/<server name here>/privkey.pem /home/ubuntu/augur/privkey.pem`` into augur's root directory, then change the user and group permissions with ``sudo chown ubuntu <filename.pem>`` and ``sudo chgrp ubuntu <filename.pem`` for both pem files. Now that the user permissions are set properly, gunicorn should be able to access them but we still need to add them to our gunicorn configuration document in ``augur/application.py``. Change the corresponding code block to look like this:
+
+.. code-block:: python
+
+    self.gunicorn_options = {
+            'bind': '%s:%s' % (self.config.get_value("Server", "host"), self.config.get_value("Server", "port")),
+            'workers': int(self.config.get_value('Server', 'workers')),
+            'timeout': int(self.config.get_value('Server', 'timeout')),
+            'certfile': '/home/ubuntu/augur/fullchain.pem',
+            'keyfile': '/home/ubuntu/augur/privkey.pem'
+        }
+

frontend/src/AugurAPI.ts

@@ -26,11 +26,11 @@ export default class AugurAPI {
     [key: string]: any// Add index signature
   };
 
-  constructor(hostURL: string = 'http://localhost:5000', version: string = '/api/unstable', autobatch: any = null) {
+  constructor(hostURL: string = 'https://localhost:5000', version: string = '/api/unstable', autobatch: any = null) {
     this.__downloadedGitRepos = []
 
     this._version = version || '/api/unstable'
-    this._host = hostURL || 'http://localhost:5000'
+    this._host = hostURL || 'https://localhost:5000'
     console.log(this._host)
     this.__cache = {}
     this.__timeout = null
@@ -204,7 +204,7 @@ abstract class BaseRepo {
   [k: string]: any
 
   constructor(parent: AugurAPI){
-    this._host = parent._host || 'http://localhost:5000'
+    this._host = parent._host || 'https://localhost:5000'
     this._version = parent._version
     this.__URLFunctionFactory = parent.__URLFunctionFactory
     this.parent = parent

frontend/src/router.ts

@@ -12,7 +12,7 @@ var config = require('../frontend.config.json')
 const AugurAPIModule = require('@/AugurAPI').default;
 var port = config['Frontend'] ? (config['Frontend']['port'] ? ':' + config['Frontend']['port'] : '') : (config['Server']['port'] ? ':' + config['Server']['port'] : '')
 var host = config['Frontend'] ? (config['Frontend']['host']) : (config['Server']['host'])
-const AugurAPI = new AugurAPIModule('http://' + host + port);
+const AugurAPI = new AugurAPIModule('https://' + host + port);
 
 import Errors from './views/Errors.vue';
 import Tables from './views/Tables.vue';

frontend/src/store/modules/common/index.ts

@@ -8,7 +8,7 @@ var config = require('../../../../frontend.config.json')
 const AugurAPIModule = require('@/AugurAPI').default;
 var port = config['Frontend'] ? (config['Frontend']['port'] ? ':' + config['Frontend']['port'] : '') : (config['Server']['port'] ? ':' + config['Server']['port'] : '')
 var host = config['Frontend'] ? (config['Frontend']['host']) : (config['Server']['host'])
-const AugurAPI = new AugurAPIModule('http://' + host + port);
+const AugurAPI = new AugurAPIModule('https://' + host);
 
 const state = {
   // hasState: false,

frontend/src/store/modules/compare/index.ts

@@ -8,7 +8,7 @@ var config = require('../../../../frontend.config.json')
 const AugurAPIModule = require('@/AugurAPI').default;
 var port = config['Frontend'] ? (config['Frontend']['port'] ? ':' + config['Frontend']['port'] : '') : (config['Server']['port'] ? ':' + config['Server']['port'] : '')
 var host = config['Frontend'] ? (config['Frontend']['host']) : (config['Server']['host'])
-const AugurAPI = new AugurAPIModule('http://' + host + port);
+const AugurAPI = new AugurAPIModule('https://' + host);
 
 const state = {
     baseRepo: '',

metadata.py

@@ -1,12 +1,12 @@
 #SPDX-License-Identifier: MIT
 __name__ = "Augur"
-__slug__ = "Augur: Monica"
+__slug__ = "Augur: Muskellunge"
 __url__ = "https://github.com/chaoss/augur"
 
 __short_description__ = "Python 3 package for free/libre and open-source software community metrics, models & data collection"
 
-__version__ = "0.25.19"
-__release__ = "v0.25.19"
+__version__ = "0.26.0"
+__release__ = "v0.26.0"
 
 __license__ = "MIT"
 __copyright__ = "University of Missouri, University of Nebraska-Omaha, CHAOSS, & Augurlabs 2022"

schema/create_schema.sql

@@ -22,82 +22,4 @@
 \i schema/generate/95-schema_update_97.sql
 \i schema/generate/96-schema_update_98.sql
 \i schema/generate/97-schema_update_99.sql
-
-
--- prior update scripts incorporated into 
--- augur.sql file for release v0.21.1
--- Update scripts
--- \i schema/generate/06-schema_update_8.sql
--- \i schema/generate/07-schema_update_9.sql
--- \i schema/generate/08-schema_update_10.sql
--- \i schema/generate/09-schema_update_11.sql
--- \i schema/generate/10-schema_update_12.sql
--- \i schema/generate/10-schema_update_12.sql
--- \i schema/generate/11-schema_update_13.sql
--- \i schema/generate/12-schema_update_14.sql
--- \i schema/generate/13-schema_update_15.sql
--- \i schema/generate/14-schema_update_16.sql
--- \i schema/generate/15-schema_update_17.sql
--- \i schema/generate/16-schema_update_18.sql
--- \i schema/generate/17-schema_update_19.sql
--- \i schema/generate/18-schema_update_20.sql
--- \i schema/generate/19-schema_update_21.sql
--- \i schema/generate/20-schema_update_22.sql
--- \i schema/generate/21-schema_update_23.sql
--- \i schema/generate/22-schema_update_24.sql
--- \i schema/generate/23-schema_update_25.sql
--- \i schema/generate/24-schema_update_26.sql
--- \i schema/generate/25-schema_update_27.sql
--- \i schema/generate/26-schema_update_28.sql
--- \i schema/generate/27-schema_update_29.sql
--- \i schema/generate/28-schema_update_30.sql
--- \i schema/generate/29-schema_update_31.sql
--- \i schema/generate/30-schema_update_32.sql
--- \i schema/generate/31-schema_update_33.sql
--- \i schema/generate/32-schema_update_34.sql
--- \i schema/generate/33-schema_update_35.sql
--- \i schema/generate/34-schema_update_36.sql
--- \i schema/generate/35-schema_update_37.sql
--- \i schema/generate/36-schema_update_38.sql
--- \i schema/generate/37-schema_update_39.sql
--- \i schema/generate/38-schema_update_40.sql
--- \i schema/generate/39-schema_update_41.sql
--- \i schema/generate/40-schema_update_42.sql
--- \i schema/generate/41-schema_update_43.sql
--- \i schema/generate/42-schema_update_44.sql
--- \i schema/generate/43-schema_update_45.sql
--- \i schema/generate/44-schema_update_46.sql
--- \i schema/generate/45-schema_update_47.sql
--- \i schema/generate/46-schema_update_48.sql
--- \i schema/generate/47-schema_update_49.sql
--- \i schema/generate/48-schema_update_50.sql
--- \i schema/generate/49-schema_update_51.sql
--- \i schema/generate/50-schema_update_52.sql
--- \i schema/generate/51-schema_update_53.sql
--- \i schema/generate/52-schema_update_54.sql
--- \i schema/generate/53-schema_update_55.sql
--- \i schema/generate/54-schema_update_56.sql
--- \i schema/generate/55-schema_update_57.sql
--- \i schema/generate/56-schema_update_58.sql
--- \i schema/generate/57-schema_update_59.sql
--- \i schema/generate/58-schema_update_60.sql
--- \i schema/generate/59-schema_update_61.sql
--- \i schema/generate/60-schema_update_62.sql
--- \i schema/generate/61-schema_update_63.sql
--- \i schema/generate/62-schema_update_64.sql
--- \i schema/generate/63-schema_update_65.sql
--- \i schema/generate/64-schema_update_66.sql
--- \i schema/generate/65-schema_update_67.sql
--- \i schema/generate/66-schema_update_68.sql
--- \i schema/generate/67-schema_update_69.sql
--- \i schema/generate/68-schema_update_70.sql
--- \i schema/generate/69-schema_update_71.sql
--- \i schema/generate/70-schema_update_72.sql
--- \i schema/generate/71-schema_update_73.sql
--- \i schema/generate/72-schema_update_74.sql
--- \i schema/generate/72-schema_update_74.sql
--- \i schema/generate/73-schema_update_75.sql
--- \i schema/generate/74-schema_update_76.sql
--- \i schema/generate/75-schema_update_77.sql
--- \i schema/generate/76-schema_update_78.sql
--- \i schema/generate/77-schema_update_79.sql
+\i schema/generate/98-schema_update_100.sql

schema/generate/98-schema_update_100.sql

@@ -0,0 +1,34 @@
+BEGIN; 
+-- ----------------------------
+-- Table structure for chaoss_user
+-- ----------------------------
+DROP TABLE IF EXISTS "augur_data"."chaoss_user";
+CREATE TABLE "augur_data"."chaoss_user" (
+  "chaoss_id" serial8 NOT NULL,
+  "chaoss_login_name" varchar COLLATE "pg_catalog"."default",
+  "chaoss_login_hashword" varchar COLLATE "pg_catalog"."default",
+  "chaoss_email" varchar COLLATE "pg_catalog"."default",
+  "chaoss_text_phone" varchar COLLATE "pg_catalog"."default",
+  "chaoss_first_name" varchar COLLATE "pg_catalog"."default",
+  "chaoss_last_name" varchar COLLATE "pg_catalog"."default",
+  "tool_source" varchar COLLATE "pg_catalog"."default",
+  "tool_version" varchar COLLATE "pg_catalog"."default",
+  "data_source" varchar COLLATE "pg_catalog"."default",
+  "data_collection_date" timestamptz(6) DEFAULT now()
+)
+;
+ALTER TABLE "augur_data"."chaoss_user" OWNER TO "augur";
+
+-- ----------------------------
+-- Uniques structure for table chaoss_user
+-- ----------------------------
+ALTER TABLE "augur_data"."chaoss_user" ADD CONSTRAINT "chaoss_unique_email_key" UNIQUE ("chaoss_email");
+
+-- ----------------------------
+-- Primary Key structure for table chaoss_user
+-- ----------------------------
+ALTER TABLE "augur_data"."chaoss_user" ADD CONSTRAINT "chaoss_user_pkey" PRIMARY KEY ("chaoss_id");
+
+update "augur_operations"."augur_settings" set value = 100 where setting = 'augur_data_version'; 
+
+COMMIT;