13 changed files with 14 additions and 231 deletions
--- a/donnees_structurees/tp_decouverte_csv/noms.csv
+++ b/donnees_structurees/tp_decouverte_csv/noms.csv
@ -1,5 +1,5 @@
 nom,prenom,date_naissance
 Danioko,Aya,10/05/1995
 Glover,Donald,25/09/1983
-Simpson,Clifford,16/07/1996
+Clifford,Simpson,16/07/1996
-Monáe,Janelle,01/12/1995
+Janelle,Monáe,01/12/1995
--- a/projet_bière/test_arduino.c
+++ b/projet_bière/test_arduino.c
@ -1,16 +0,0 @@
 /* Cette fonction est exécutée au démarrage du microcontrolleur */
 void setup() {
    /* La led embarquée est définie comme une sortie du microcontrolleur */
    pinMode(LED_BUILTIN, OUTPUT);
 }
 /* Cette fonction est appellée après la fonction « setup ».
 * Quand elle se termine, elle est à nouveau appellée, et ce à l’infini.
 */
 void loop() {
    /* On fait clignoter la led pendant une seconde */
    digitalWrite(LED_BUILTIN, HIGH);
    delay(500);
    digitalWrite(LED_BUILTIN, LOW);
    delay(500);
 }
--- a/test-python-ssh/Dockerfile
+++ b/test-python-ssh/Dockerfile
@ -1,26 +1,7 @@
 FROM python:3-alpine
-#TODO as an educational env, we sould use debian or centos. more like debian ? A dockerfile each ?
+RUN apk update && apk add gcc linux-headers build-base
 RUN apk update && apk add gcc linux-headers build-base nginx openssh
 RUN pip install uwsgi
 WORKDIR /usr/share/app
-
+COPY app/* ./
-
+CMD ["uwsgi", "--http", ":80", "--wsgi-file", "main.py"]
 # Python app
 COPY python_app/* ./
 ENV UID=33
 ENV MOUNT=/
 RUN MKDIR /tmp/uwsgi
 CMD ["uwsgi", "--chown-socket", "$UID", "-s", "/tmp/uwsgi/uwsgi.sock", "--manage-script-name", "--mount", "$MOUNT=main:prod_app", "--http-timeout", "10", "--master", "--hook-master-start", "unix_signal:15gracefully_kill_them_all", "--need-app", "--die-on-term", "--show-config", "--log-master", "--strict", "--vacuum", "--single-interpreter"]
 # SSH server
 # Nginx server
 COPY ./nginx.conf /etc/nginx/nginx.conf
 # Entrypoint
 COPY ./entrypoint.sh ./entrypoint.sh
 ENTRYPOINT ["./entrypoint.sh"]
--- a/test-python-ssh/Readme.md
+++ b/test-python-ssh/Readme.md
@ -1,10 +1,9 @@
 # Python, web and SSH sandbox
-For educational purpose only! None of this software is industry grade quality.  
+For educational purpose.
 This repo got several parts :
 ## A python script
-It run with uwsgi, see the dockerfile CMD line. You will need to change it to make it listen on a port.
+It run with wsgi, see the dockerfile CMD line).
 Used to execute any python script in the `module` directory given a certain URL :
 - /m1/f1 -> execute the f1 function from modules/m1.py
 - /path/to/m2/f2 -> execute the f2 function from modules/path/to/m2.py
@ -17,43 +16,32 @@ TODO:
 - configure chroot
 - create the homes in modules directory
-## A docker image
+
 To bundle everything in one place.
 This docker image is not a pretty one, we should split those services into several containers.
 But that would be harder to run, so forget that.
 # Instructions
 ## Install docker
 CF the interweb TODO
 ## Build the docker image
 ```
 docker build . -t pythonsandbox
 ```
 or pull the image
 ```
 TODO: send image to hub
 ```
 ## Run the docker image
 ```
-docker run -it --network host --name pythonsandbox pythonsandbox
+docker run -it --rm -p 8880:80 --name pythonsandbox pythonsandbox
 ```
 Or if you want to save student work outside of the container:
 ```
-docker run -it --network host --name pythonsandbox -v "$(pwd)"/app/modules:/usr/share/app/modules pythonsandbox
+docker run -it --rm -p 8880:80 --name pythonsandbox -v "$(pwd)"/app/modules:/usr/share/app/modules pythonsandbox
 ```
 And with user list file
 ```
-docker run -it --network host --name pythonsandbox -v "$(pwd)"/app/modules:/usr/share/app/modules -v "$(pwd)"/app/users.txt:/usr/share/app/users.txt pythonsandbox
+docker run -it --rm -p 8880:80 --name pythonsandbox -v "$(pwd)"/app/modules:/usr/share/app/modules -v "$(pwd)"/app/users.txt:/usr/share/app/users.txt pythonsandbox
 ```
 ## Roadmap
 ## Example
 With the files under `./app/modules` you can get the following URLs :
- http://localhost/mod1/func1_1
+- http://localhost:8880/mod1/func1_1
- http://localhost/mod1/func1_2
+- http://localhost:8880/mod1/func1_2
- http://localhost/myriem/mod2/func2_1
+- http://localhost:8880/myriem/mod2/func2_1
--- a/test-python-ssh/python_app/.gitignore
+++ b/test-python-ssh/python_app/.gitignore
--- a/test-python-ssh/app/entrypoint.sh
+++ b/test-python-ssh/app/entrypoint.sh
@ -18,12 +18,5 @@ if [ ! -f 'passwords.txt' ] ; then
    done
 fi
 # Nginx
 nginx -c '/etc/nginx/nginx.conf' &
 # SSH server
 #TODO
 # Start watever the container should be doing
 # TODO start it as www-data
 $@
--- a/test-python-ssh/nginx/favicon.ico
+++ b/test-python-ssh/nginx/favicon.ico
--- a/test-python-ssh/python_app/main.py
+++ b/test-python-ssh/python_app/main.py
--- a/test-python-ssh/python_app/modules/mod1.py
+++ b/test-python-ssh/python_app/modules/mod1.py
--- a/test-python-ssh/python_app/modules/myriem/mod2.py
+++ b/test-python-ssh/python_app/modules/myriem/mod2.py
--- a/test-python-ssh/python_app/users.txt
+++ b/test-python-ssh/python_app/users.txt
--- a/test-python-ssh/nginx/nginx.conf
+++ b/test-python-ssh/nginx/nginx.conf
@ -1,47 +0,0 @@
 user www-data;
 worker_processes auto;
 include /etc/nginx/modules-enabled/*.conf;
 events {
 	worker_connections 768;
 	# multi_accept on;
 }
 http {
 	sendfile on;
 	tcp_nopush on;
 	tcp_nodelay on;
 	keepalive_timeout 65;
 	# server_tokens off;
 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;
        types_hash_max_size 2048;
        types_hash_bucket_size 128;
 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
 	ssl_prefer_server_ciphers on;
 	error_log /dev/stderr;
 	access_log /dev/stdout;
 	gzip on;
 server {
    listen 80;
    listen [::]:80;
 	root /usr/share/app/modules/
 	location / {
 		index index.html main.py;
 		try_files $uri $uri/ =404;
 	}
 	location ~ \.py {
        include uwsgi_params;
        #uwsgi_param PATH_INFO "$1";
        #uwsgi_param SCRIPT_NAME /;
        uwsgi_pass unix:/tmp/uwsgi/uwsgi.sock;
    }
 }
 }
--- a/test-python-ssh/sshd/sshd_config
+++ b/test-python-ssh/sshd/sshd_config
@ -1,116 +0,0 @@
 #	$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
 # This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
 # The strategy used for options in the default sshd_config shipped with
 # OpenSSH is to specify options with their default value where
 # possible, but leave them commented.  Uncommented options override the
 # default value.
 #Port 22
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::
 #HostKey /etc/ssh/ssh_host_rsa_key
 #HostKey /etc/ssh/ssh_host_ecdsa_key
 #HostKey /etc/ssh/ssh_host_ed25519_key
 # Ciphers and keying
 #RekeyLimit default none
 # Logging
 #SyslogFacility AUTH
 #LogLevel INFO
 # Authentication:
 #LoginGraceTime 2m
 #PermitRootLogin prohibit-password
 #StrictModes yes
 #MaxAuthTries 6
 #MaxSessions 10
 #PubkeyAuthentication yes
 # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
 # but this is overridden so installations will only check .ssh/authorized_keys
 AuthorizedKeysFile	.ssh/authorized_keys
 #AuthorizedPrincipalsFile none
 #AuthorizedKeysCommand none
 #AuthorizedKeysCommandUser nobody
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
 #HostbasedAuthentication no
 # Change to yes if you don't trust ~/.ssh/known_hosts for
 # HostbasedAuthentication
 #IgnoreUserKnownHosts no
 # Don't read the user's ~/.rhosts and ~/.shosts files
 #IgnoreRhosts yes
 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
 # Change to no to disable s/key passwords
 ChallengeResponseAuthentication no
 # Kerberos options
 #KerberosAuthentication no
 #KerberosOrLocalPasswd yes
 #KerberosTicketCleanup yes
 #KerberosGetAFSToken no
 # GSSAPI options
 #GSSAPIAuthentication no
 #GSSAPICleanupCredentials yes
 # Set this to 'yes' to enable PAM authentication, account processing,
 # and session processing. If this is enabled, PAM authentication will
 # be allowed through the ChallengeResponseAuthentication and
 # PasswordAuthentication.  Depending on your PAM configuration,
 # PAM authentication via ChallengeResponseAuthentication may bypass
 # the setting of "PermitRootLogin without-password".
 # If you just want the PAM account and session checks to run without
 # PAM authentication, then enable this but set PasswordAuthentication
 # and ChallengeResponseAuthentication to 'no'.
 UsePAM yes
 #AllowAgentForwarding yes
 #AllowTcpForwarding yes
 #GatewayPorts no
 #X11Forwarding no
 #X11DisplayOffset 10
 #X11UseLocalhost yes
 #PermitTTY yes
 PrintMotd no # pam does that
 #PrintLastLog yes
 #TCPKeepAlive yes
 #PermitUserEnvironment no
 #Compression delayed
 #ClientAliveInterval 0
 #ClientAliveCountMax 3
 #UseDNS no
 #PidFile /run/sshd.pid
 #MaxStartups 10:30:100
 #PermitTunnel no
 #ChrootDirectory none
 #VersionAddendum none
 # no default banner path
 #Banner none
 # override default of no subsystems
 Subsystem	sftp	/usr/lib/ssh/sftp-server
 # Example of overriding settings on a per-user basis
 #Match User anoncvs
 #	X11Forwarding no
 #	AllowTcpForwarding no
 #	PermitTTY no
 #	ForceCommand cvs server