README.md

@@ -50,8 +50,9 @@ Webapp service configuraion parameters and their defaults:
       - DJANGO_DEBUG=true
       - DJANGO_LOG_LEVEL=ERROR
       - ROSETTA_LOG_LEVEL=ERROR
-      - ROSETTA_HOST=localhost
-      - ROSETTA_TUNNEL_HOST=localhost
+      - ROSETTA_HOST=localhost      
+      - ROSETTA_TASKS_PROXY_HOST=$ROSETTA_HOST
+      - ROSETTA_TASKS_TUNNEL_HOST=$ROSETTA_HOST  
       - ROSETTA_WEBAPP_HOST=""
       - ROSETTA_WEBAPP_PORT=8080
       - ROSETTA_REGISTRY_HOST=proxy
@@ -69,10 +70,13 @@ Webapp service configuraion parameters and their defaults:
 
 Notes:
 
- - `ROSETTA_TUNNEL_HOST` must not include http:// or https://
  - `ROSETTA_REGISTRY_HOST` should be set to the same value as `ROSETTA_HOST` for production scenarios, in order to be secured unders SSL. The `standaloneworker` is configured to treat the following hosts (and ports) as unsecure registies, where it can connect without a valid certificate: `proxy:5000`,`dregistry:5000` and `rosetta.platform:5000`.
  - `ROSETTA_WEBAPP_HOST` is used for let the agent know where to connect, and it is differentiated from `ROSETTA_HOST` as it can be on an internal Docker network. It is indeed defaulted to the `webapp` container IP address.
 
+Proxy service configuraion parameters and their defaults:
+
+      - SAFEMODE=false
+      - ROSETTA_HOST=localhost
 
 
 ### User types 

docker-compose-dev.yml

@@ -60,15 +60,14 @@ services:
       - ROSETTA_LOG_LEVEL=DEBUG
       #- ROSETTA_WEBAPP_HOST=localhost # Internal, for the agent
       #- ROSETTA_WEBAPP_PORT=8080      # Internal, for the agent
-      #- ROSETTA_REGISTRY_HOST=
+      #- ROSETTA_REGISTRY_HOST=proxy
       #- ROSETTA_REGISTRY_PORT=5000
       #- DJANGO_EMAIL_APIKEY=""
       #- DJANGO_EMAIL_FROM="Rosetta Platform <notifications@rosetta.platform>"
       #- DJANGO_SECRET_KEY=""
-      - TASK_PROXY_HOST=localhost
-      - TASK_TUNNEL_HOST=localhost
+      #- ROSETTA_TASKS_PROXY_HOST=
+      #- ROSETTA_TASKS_TUNNEL_HOST=
       - ROSETTA_HOST=localhost
-      - REGISTRY_HOST=proxy:5000     # Use same value as ROSETTA_HOST for production or to use "real" computing resurces 
     ports:
       - "8080:8080"
       - "7000-7020:7000-7020"

services/webapp/Dockerfile

@@ -19,10 +19,6 @@ RUN curl -O https://bootstrap.pypa.io/pip/3.6/get-pip.py
 # Install Python3 and Pip3 (python3-distutils required for pip3)
 RUN apt-get install python3 python3-distutils -y 
 
-# Install Python and pip in this order (first Python 3 and then Python 2), or 
-# you will end ap with python defaulting to python2 and pip defaulting to pip3
-# Otherwise, do somethign like "ln -s /usr/local/bin/pip3 /usr/local/bin/pip"
-
 # Install Python3 and Pip3 (ython3-distutils required for pip3)
 RUN apt-get install python3 python3-distutils -y 
 RUN python3 get-pip.py 'pip==21.0.1'

services/webapp/code/rosetta/core_app/utils.py

@@ -515,12 +515,16 @@ def get_platform_registry():
     platform_registry_conn_string = '{}:{}'.format(platform_registry_host, platform_registry_port)
     return platform_registry_conn_string
     
-def get_task_tunnel_host():
-    tunnel_host = os.environ.get('TASK_TUNNEL_HOST', 'localhost')
+def get_rosetta_tasks_tunnel_host():
+    # Importing here instead of on top avoids circular dependencies problems when loading booleanize in settings
+    from django.conf import settings
+    tunnel_host = os.environ.get('ROSETTA_TASKS_TUNNEL_HOST', settings.ROSETTA_HOST)
     return tunnel_host
 
-def get_task_proxy_host():
-    proxy_host = os.environ.get('TASK_PROXY_HOST', 'localhost')
+def get_rosetta_tasks_proxy_host():
+    # Importing here instead of on top avoids circular dependencies problems when loading booleanize in settings
+    from django.conf import settings
+    proxy_host = os.environ.get('ROSETTA_TASKS_PROXY_HOST', settings.ROSETTA_HOST)
     return proxy_host
 
 def hash_string_to_int(string):
@@ -622,7 +626,7 @@ def setup_tunnel_and_proxy(task):
             # Some info about the various SSL switches: https://serverfault.com/questions/577616/using-https-between-apache-loadbalancer-and-backends
             logger.debug('Writing task proxy conf to {}'.format(apache_conf_file))
             websocket_protocol = 'wss' if task.container.interface_protocol == 'https' else 'ws'
-            task_proxy_host = get_task_proxy_host()
+            rosetta_tasks_proxy_host = get_rosetta_tasks_proxy_host()
             apache_conf_content = '''
 #---------------------------
 #  Task interface proxy 
@@ -641,7 +645,7 @@ Listen '''+str(task.tcp_tunnel_port)+'''
 
 <VirtualHost *:'''+str(task.tcp_tunnel_port)+'''>
     
-    ServerName  '''+task_proxy_host+'''
+    ServerName  '''+rosetta_tasks_proxy_host+'''
     ServerAdmin admin@rosetta.platform
     
     SSLEngine on

services/webapp/code/rosetta/core_app/views.py

@@ -13,8 +13,8 @@ from django.contrib.auth.models import User
 from django.shortcuts import redirect
 from django.db.models import Q
 from .models import Profile, LoginToken, Task, TaskStatuses, Container, Computing, KeyPair, Page
-from .utils import send_email, format_exception, timezonize, os_shell, booleanize, get_task_tunnel_host
-from .utils import get_task_proxy_host, random_username, setup_tunnel_and_proxy, finalize_user_creation
+from .utils import send_email, format_exception, timezonize, os_shell, booleanize, get_rosetta_tasks_tunnel_host
+from .utils import get_rosetta_tasks_proxy_host, random_username, setup_tunnel_and_proxy, finalize_user_creation
 from .utils import sanitize_container_env_vars, get_or_create_container_from_repository
 from .decorators import public_view, private_view
 from .exceptions import ErrorMessage
@@ -1183,19 +1183,19 @@ def direct_connection_handler(request, uuid):
     setup_tunnel_and_proxy(task)
     
     # Get task and tunnel proxy host
-    task_proxy_host = get_task_proxy_host()
-    task_tunnel_host = get_task_tunnel_host()
+    rosetta_tasks_proxy_host = get_rosetta_tasks_proxy_host()
+    rosetta_tasks_tunnel_host = get_rosetta_tasks_tunnel_host()
 
     # Redirect to the task through the tunnel    
     if task.requires_proxy:
         if task.requires_proxy_auth and task.auth_token:
             user = request.user.email
             password = task.auth_token
-            redirect_string = 'https://{}:{}@{}:{}'.format(user, password, task_proxy_host, task.tcp_tunnel_port)        
+            redirect_string = 'https://{}:{}@{}:{}'.format(user, password, rosetta_tasks_proxy_host, task.tcp_tunnel_port)        
         else:
-            redirect_string = 'https://{}:{}'.format(task_proxy_host, task.tcp_tunnel_port)       
+            redirect_string = 'https://{}:{}'.format(rosetta_tasks_proxy_host, task.tcp_tunnel_port)       
     else:
-        redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, task_tunnel_host, task.tcp_tunnel_port)
+        redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, rosetta_tasks_tunnel_host, task.tcp_tunnel_port)
     
     logger.debug('Task direct connect redirect: "{}"'.format(redirect_string))
     return redirect(redirect_string)
@@ -1216,14 +1216,14 @@ def sharable_link_handler(request, short_uuid):
     setup_tunnel_and_proxy(task)
     
     # Get task and tunnel proxy host
-    task_proxy_host = get_task_proxy_host()
-    task_tunnel_host = get_task_tunnel_host()
+    rosetta_tasks_proxy_host = get_rosetta_tasks_proxy_host()
+    rosetta_tasks_tunnel_host = get_rosetta_tasks_tunnel_host()
 
     # Redirect to the task through the tunnel    
     if task.requires_proxy:
-        redirect_string = 'https://{}:{}'.format(task_proxy_host, task.tcp_tunnel_port)       
+        redirect_string = 'https://{}:{}'.format(rosetta_tasks_proxy_host, task.tcp_tunnel_port)       
     else:
-        redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, task_tunnel_host, task.tcp_tunnel_port)
+        redirect_string = '{}://{}:{}'.format(task.container.interface_protocol, rosetta_tasks_tunnel_host, task.tcp_tunnel_port)
     
     logger.debug('Task sharable link connect redirect: "{}"'.format(redirect_string))
     return redirect(redirect_string)