Publish v0.76

.dockerignore

@@ -4,6 +4,7 @@
 .git/
 .gitignore
 .gitlab-ci-yml
+.gitkeep
 
 .env*
 **/.env*
@@ -24,7 +25,5 @@ docker-compose.yml
 
 node_modules/
 **/node_modules/
-dist/
-**/dist/
 
 api/data

.gitignore

@@ -0,0 +1,5 @@
+.idea
+app.env
+**/app.env
+.DS_Store
+.scannerwork

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## v0.76 - 2023-05-02
+* Release Community Edition
+* Add license checks and enforce license limits
+* Project archiving and encryption with 4-eye principle
+* Improve list editing in markdown editor
+* Add a refresh PDF button to the publish project page
+
+
 ## v0.19 - 2023-04-11
 * Add private designs visible only to your user
 * Support Postgres with PgBouncer in LanguageTool

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16-alpine@sha256:43b162893518666b4a08d95dae49153f22a5dba85c229f8b0b8113b609000bc2 AS pdfviewer-dev
+FROM node:16-alpine@sha256:710a2c192ca426e03e4f3ec1869e5c29db855eb6969b74e6c50fd270ffccd3f1 AS pdfviewer-dev
 WORKDIR /app/packages/pdfviewer/
 COPY packages/pdfviewer/package.json packages/pdfviewer/package-lock.json /app/packages/pdfviewer//
 RUN npm install
@@ -13,7 +13,7 @@ RUN npm run build
 
 
 
-FROM node:16-alpine@sha256:43b162893518666b4a08d95dae49153f22a5dba85c229f8b0b8113b609000bc2 AS frontend-dev
+FROM node:16-alpine@sha256:710a2c192ca426e03e4f3ec1869e5c29db855eb6969b74e6c50fd270ffccd3f1 AS frontend-dev
 
 WORKDIR /app/packages/markdown/
 COPY packages/markdown/package.json packages/markdown/package-lock.json /app/packages/markdown/
@@ -40,7 +40,7 @@ RUN npm run build
 
 
 
-FROM node:16-alpine@sha256:43b162893518666b4a08d95dae49153f22a5dba85c229f8b0b8113b609000bc2 AS rendering-dev
+FROM node:16-alpine@sha256:710a2c192ca426e03e4f3ec1869e5c29db855eb6969b74e6c50fd270ffccd3f1 AS rendering-dev
 
 WORKDIR /app/packages/markdown/
 COPY packages/markdown/package.json packages/markdown/package-lock.json /app/packages/markdown/
@@ -59,7 +59,7 @@ RUN npm run build
 
 
 
-FROM python:3.10-slim-bullseye@sha256:fcf375288c9348c9708cc7ea3d511b512224219fdc164b6960b3ce85288e1cbf AS api-dev
+FROM python:3.10-slim-bullseye@sha256:89648909125f37eeff6dee35491e6295c77b76c42aa1aff2523478990e73d3fe AS api-dev
 
 # Install system dependencies required by weasyprint and chromium
 RUN apt-get update && apt-get install -y --no-install-recommends \
@@ -70,6 +70,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
         fonts-noto-mono \
         fonts-noto-ui-core \
         fonts-noto-color-emoji \
+        gpg \
+        gpg-agent \
         libpango-1.0-0 \
         libpangoft2-1.0-0 \
         unzip \
@@ -79,7 +81,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
 
 # Install fonts
 WORKDIR /app/api/
-COPY api/download_fonts.sh /app/api/download_fonts.sh
+COPY api/download_fonts.sh api/generate_notice.sh api/NOTICE /app/api/
 RUN chmod +x /app/api/download_fonts.sh && /app/api/download_fonts.sh
 
 # Install python packages
@@ -90,44 +92,56 @@ WORKDIR /app/api/
 COPY api/requirements.txt /app/api/requirements.txt
 RUN pip install -r /app/api/requirements.txt
 
+# Configure application
+ARG VERSION=dev
+ENV VERSION=${VERSION} \
+    DEBUG=off \
+    MEDIA_ROOT=/data/ \
+    SERVER_WORKERS=4 \
+    PDF_RENDER_SCRIPT_PATH=/app/rendering/dist/bundle.js
+
+# Copy license and changelog
+COPY LICENSE CHANGELOG.md /app/
+
+# Start server
+EXPOSE 8000
+CMD python3 manage.py migrate && \
+    gunicorn \
+        --bind=:8000 --worker-class=uvicorn.workers.UvicornWorker --workers=${SERVER_WORKERS} \
+        --max-requests=500 --max-requests-jitter=100 \
+        reportcreator_api.conf.asgi:application
+
+
+
+FROM api-dev as api-prebuilt
+
+# Copy source code (including pre-build static files)
+COPY api/src /app/api
+COPY rendering/dist /app/rendering/dist/
+
+# Create data directory
+RUN mkdir /data && chown 1000:1000 /data && chmod 777 /data
+VOLUME [ "/data" ]
+USER 1000
+
 
 
 FROM api-dev AS api-test
 # Copy source code
 COPY api/src /app/api
+
 # Copy generated template rendering script
 COPY --from=rendering /app/rendering/dist /app/rendering/dist/
-ENV PDF_RENDER_SCRIPT_PATH=/app/rendering/dist/bundle.js
-
 CMD pytest
 
 
-
 FROM api-test as api
 # Generate static frontend files
 # Post-process django files (for admin, API browser) and post-process them (e.g. add unique file hash)
 # Do not post-process nuxt files, because they already have hash names (and django failes to post-process them)
+USER root
 RUN python3 manage.py collectstatic --no-input --clear
 COPY --from=frontend /app/frontend/dist/ /app/api/frontend/
 RUN python3 manage.py collectstatic --no-input --no-post-process \
-    && python3 -m whitenoise.compress /app/api/frontend/ /app/api/static/
-
-# Configure application
-ENV DEBUG=off \
-    MEDIA_ROOT=/data/ \
-    SERVER_WORKERS=4
-
-RUN mkdir /data && chown 1000:1000 /data && chmod 777 /data
-VOLUME [ "/data" ]
-
-# Copy changelog
-COPY CHANGELOG.md /app/
-
-# Start server
+    && python3 -m whitenoise.compress /app/api/static/
 USER 1000
-EXPOSE 8000
-CMD python3 manage.py migrate && \
-    gunicorn \
-        --bind=:8000 --worker-class=uvicorn.workers.UvicornWorker --workers=${SERVER_WORKERS} \
-        --max-requests=500 --max-requests-jitter=100 \
-        reportcreator_api.conf.asgi:application

README.md

@@ -1,30 +1,53 @@
-# SysReptor
-## Getting started
-### Prerequisites
+<a href="https://github.com/syslifters/sysreptor/">
+    <img src="https://img.shields.io/github/stars/Syslifters/sysreptor?color=yellow&style=flat-square">
+</a>
+<a href="https://github.com/syslifters/sysreptor/releases/latest">
+    <img src="https://img.shields.io/github/v/release/syslifters/sysreptor?color=green&style=flat-square">
+</a>
+<a href="https://github.com/syslifters/sysreptor/releases/latest">
+    <img src="https://img.shields.io/github/release-date/syslifters/sysreptor?color=blue&style=flat-square">
+</a>
+<a href="https://github.com/syslifters/sysreptor/releases/latest">
+    <img src="https://img.shields.io/github/repo-size/syslifters/sysreptor?color=red&style=flat-square">
+</a>
+<a href="https://www.linkedin.com/company/syslifters/">
+    <img src="https://img.shields.io/badge/-Linkedin-blue?style=flat-square&logo=linkedin">
+</a>
+<a href="https://twitter.com/intent/user?screen_name=sysreptor">
+    <img src="https://img.shields.io/twitter/follow/sysreptor?style=social">
+</a><br>
+
+# SysReptor - Pentest Reporting Easy As Pie
+
+📝 Write in markdown
+✏️ Design in HTML/VueJS
+⚙️ Render your report to PDF
+🚀 Fully customizable
+💻 Self-hosted or Cloud
+🎉 No need for Word
+
+Happy Hacking! :)  
+
+
+* Playground: [Try it out!](https://cloud.sysreptor.com/demo)
+* Docs: https://docs.sysreptor.com/
+* Features: https://docs.sysreptor.com/features-and-pricing/
+
+
+## Installation
+You will need:
 * Ubuntu
-* 8GB RAM for building the image (or 4GB + 8GB swap)
-* 4GB RAM for operating the server
-* Latest [Docker](https://docs.docker.com/engine/install/){ target=_blank }
-* Latest [Docker Compose](https://docs.docker.com/compose/install/){ target=_blank }
-* Latest Chrome, Edge, Firefox (Safari currently not officially supported)
-
-### Quick Install
-## Install
-```shell linenums="1"
-git clone https://github.com/Syslifters/sysreptor.git
-# Alternative via SSH: git clone [email protected]:Syslifters/sysreptor.git
-cd deploy
-cp app.env.example app.env
-# Update keys and credentials in app.env (e.g. SECRET_KEY) 
-# Optionally update database credentials in docker-compose.yml
-docker compose up --build -d
-# This command might take a few minutes when you run it the first time
-# It is building your image and preparing all the nice stuff you will want to use
-docker compose exec app python3 manage.py createsuperuser
-# Now you have to specify your initial user's name and password
+* Latest Docker with Docker Compose v2
+
+```bash
+curl -s https://docs.sysreptor.com/install.sh | bash
 ```
 
-You can now access your application with your favourite browser at http://localhost:8000/.
+Access your application at http://localhost:8000/.
+
+
+![Create finding from template](https://docs.sysreptor.com/images/create_finding_from_template.gif)
+
+![Export report as PDF](https://docs.sysreptor.com/images/export_project.gif)
+
 
-## Documentation
-Find further documentation (how to add users, etc) at [https://docs.sysreptor.com](https://docs.sysreptor.com)

api/.gitignore

@@ -140,5 +140,8 @@ GitHub.sublime-settings
 
 data
 src/static
-src/frontend
+src/frontend/*
+src/frontend/*/static/*
 !src/frontend/index.html
+!src/frontend/static
+!src/frontend/static/.gitkeep