container-images/python-api-server
Archived
2
0
Fork 0
Code Issues 1 Pull requests Projects Releases Activity Actions
No description
This repository has been archived on 2024-11-06. You can view files and clone it, but cannot push or open issues or pull requests.
151 commits 2 branches 9 tags 256 KiB
Python 70.3%
Shell 12.9%
HTML 11%
Dockerfile 5.8%
Find a file
Renovate Bot f758ec9d2a
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
chore(deps): update dependency gunicorn to v22 (#7) 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [gunicorn](https://github.com/benoitc/gunicorn) ([changelog](https://docs.gunicorn.org/en/stable/news.html)) | major | `==21.2.0` -> `==22.0.0` |

---

### Release Notes

<details>
<summary>benoitc/gunicorn (gunicorn)</summary>

### [`v22.0.0`](https://github.com/benoitc/gunicorn/releases/tag/22.0.0): Gunicorn 22.0 has been released

[Compare Source](https://github.com/benoitc/gunicorn/compare/21.2.0...22.0.0)

**Gunicorn 22.0.0 has been released.** This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.

Changes:

    22.0.0 - 2024-04-17
    ===================

    - use `utime` to notify workers liveness
    - migrate setup to pyproject.toml
    - fix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)
    - parsing additional requests is no longer attempted past unsupported request framing
    - on HTTP versions < 1.1 support for chunked transfer is refused (only used in exploits)
    - requests conflicting configured or passed SCRIPT_NAME now produce a verbose error
    - Trailer fields are no longer inspected for headers indicating secure scheme
    - support Python 3.12

    ** Breaking changes **

    - minimum version is Python 3.7
    - the limitations on valid characters in the HTTP method have been bounded to Internet Standards
    - requests specifying unsupported transfer coding (order) are refused by default (rare)
    - HTTP methods are no longer casefolded by default (IANA method registry contains none affected)
    - HTTP methods containing the number sign (#) are no longer accepted by default (rare)
    - HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)
    - HTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted
    - HTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software
    - HTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)
    - requests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)
    - empty transfer codings are no longer permitted (reportedly seen with really old & broken proxies)

    ** SECURITY **

    - fix CVE-2024-1135

1.  Documentation is available there: https://docs.gunicorn.org/en/stable/news.html
2.  Packages: https://pypi.org/project/gunicorn/

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMDAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjMwMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->

Reviewed-on: #7
Co-authored-by: Renovate Bot <renovate@mgrote.net>
Co-committed-by: Renovate Bot <renovate@mgrote.net>
2024-04-17 11:45:58 +02:00
.woodpecker chore(deps): update registry.mgrote.net/allzweckcontainer docker tag to v1.1.114 (#6) 2024-04-14 03:02:01 +02:00
assets add web-ui (#3) 2023-04-26 19:53:12 +02:00
templates add web-ui (#2) 2023-04-26 19:51:53 +02:00
app.py add web-ui (#2) 2023-04-26 19:51:53 +02:00
Dockerfile set alpine version 2024-03-13 08:53:28 +01:00
gunicorn_config.py test logging 2023-04-13 15:18:23 +02:00
README.md add badge 2023-11-08 13:24:02 +01:00
renovate.json Configure Renovate (#4) 2024-01-22 21:34:05 +01:00
requirements.txt chore(deps): update dependency gunicorn to v22 (#7) 2024-04-17 11:45:58 +02:00
tests.sh Domainumstellung: grote.lan -> mgrote.net 2023-11-25 17:45:52 +01:00

README.md

python-api-server

status-badge

a small flask-application for storing and downloading stuff like small binaries

Variables

  • MAX_CONTENT_LENGTH: maximal Filesize in MB; defaults to 5MB
  • UPLOAD_DIRECTORY: where to store the uploaded files; should be mapped to a volume; defaults to "/uploads"
  • AUTH_TOKEN: token used for authenticating

Example Docker-Compose

version: '3'
services:
  python-api-server:
    container_name: httpd-api
    image: quotengrote/python-api-server:v2
    ports:
      - "5040:5000"
    volumes:
      - uploads:/uploads
    environment:
      # FLASK_DEBUG: 1 # for debugging
      # FLASK_APP: app # for debugging
      MAX_CONTENT_LENGTH: 10
      UPLOAD_DIRECTORY: /uploads
      AUTH_TOKEN: myuploadtoken
      ENABLE_WEBSERVER: true # if enabled a list of files can be viewed in a webbrowser (see screenshot)

volumes:
  uploads:

ENABLE_WEBSERVER Screenshot

API-Endpoints

  • see Flasgger: http://<host>:5040/apidocs/