Phillip Tarrant
986c0d3d17
Implement complete database schema and Flask application structure for SneakyScan web interface. This establishes the foundation for web-based scan management, scheduling, and visualization. Database & ORM: - Add 11 SQLAlchemy models for comprehensive scan data storage (Scan, ScanSite, ScanIP, ScanPort, ScanService, ScanCertificate, ScanTLSVersion, Schedule, Alert, AlertRule, Setting) - Configure Alembic migrations system with initial schema migration - Add init_db.py script for database initialization and password setup - Support both migration-based and direct table creation Settings System: - Implement SettingsManager with automatic encryption for sensitive values - Add Fernet encryption for SMTP passwords and API tokens - Implement PasswordManager with bcrypt password hashing (work factor 12) - Initialize default settings for SMTP, authentication, and retention Flask Application: - Create Flask app factory pattern with scoped session management - Add 4 API blueprints: scans, schedules, alerts, settings - Implement functional Settings API (GET/PUT/DELETE endpoints) - Add CORS support, error handlers, and request/response logging - Configure development and production logging to file and console Docker & Deployment: - Update Dockerfile to install Flask dependencies - Add docker-compose-web.yml for web application deployment - Configure volume mounts for database, output, and logs persistence - Expose port 5000 for Flask web server Testing & Validation: - Add validate_phase1.py script to verify all deliverables - Validate directory structure, Python syntax, models, and endpoints - All validation checks passing Documentation: - Add PHASE1_COMPLETE.md with comprehensive Phase 1 summary - Update ROADMAP.md with Phase 1 completion status - Update .gitignore to exclude database files and documentation Files changed: 21 files - New: web/ directory with complete Flask app structure - New: migrations/ with Alembic configuration - New: requirements-web.txt with Flask dependencies - Modified: Dockerfile, ROADMAP.md, .gitignore
54 lines
1.7 KiB
YAML
54 lines
1.7 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
web:
|
|
build: .
|
|
image: sneakyscanner:latest
|
|
container_name: sneakyscanner-web
|
|
# Override entrypoint to run Flask app instead of scanner
|
|
entrypoint: ["python3", "-u"]
|
|
command: ["-m", "web.app"]
|
|
ports:
|
|
- "5000:5000"
|
|
volumes:
|
|
# Mount configs directory (read-only) for scan configurations
|
|
- ./configs:/app/configs:ro
|
|
# Mount output directory for scan results
|
|
- ./output:/app/output
|
|
# Mount database file for persistence
|
|
- ./data:/app/data
|
|
# Mount logs directory
|
|
- ./logs:/app/logs
|
|
environment:
|
|
# Flask configuration
|
|
- FLASK_APP=web.app
|
|
- FLASK_ENV=development
|
|
- FLASK_DEBUG=true
|
|
- FLASK_HOST=0.0.0.0
|
|
- FLASK_PORT=5000
|
|
# Database configuration (SQLite in mounted volume for persistence)
|
|
- DATABASE_URL=sqlite:////app/data/sneakyscanner.db
|
|
# Security settings
|
|
- SECRET_KEY=${SECRET_KEY:-dev-secret-key-change-in-production}
|
|
# Optional: CORS origins (comma-separated)
|
|
- CORS_ORIGINS=${CORS_ORIGINS:-*}
|
|
# Optional: Logging level
|
|
- LOG_LEVEL=${LOG_LEVEL:-INFO}
|
|
# Note: Scanner functionality requires privileged mode and host network
|
|
# For now, the web app will trigger scans via subprocess
|
|
# In Phase 2, we'll integrate scanner properly
|
|
restart: unless-stopped
|
|
|
|
# Optional: Initialize database on first run
|
|
# Run with: docker-compose -f docker-compose-web.yml run --rm init-db
|
|
init-db:
|
|
build: .
|
|
image: sneakyscanner:latest
|
|
container_name: sneakyscanner-init-db
|
|
entrypoint: ["python3"]
|
|
command: ["init_db.py", "--db-url", "sqlite:////app/data/sneakyscanner.db"]
|
|
volumes:
|
|
- ./data:/app/data
|
|
profiles:
|
|
- tools
|