Flask REST framework for role-based access
Project description
apicrud
What is this
The apicrud framework was created to make it far easier to get started on full-stack development of REST-based services ranging from a simple CLI wrapper for queries of local APIs to full web-scale consumer-facing applications.
The essential components of a modern full-stack application include a back-end API server, a front-end UI server, a database, a memory-cache and a background worker for performing actions such as emailing, photo uploading or report generation. This is the API back-end and worker, with an example application.
Usage
Clone this repo to your local environment. To start the example application in a shell session (on a Linux or Mac laptop):
- Set environment variables as defined below
- Install docker (desktop for Mac or Linux/Ubuntu and enable kubernetes; Linux kubeadm setup is beyond scope of this README
- Set up a local MariaDB or MySQL instance using helm (TODO still beyond scope of
this doc, the goal is to provide a single command that just-plain-works); create ablank database
example_local
and add a role user/password - Invoke
make run_local
to bring up the back-end API with its dependent services redis and rabbitMQ - Invoke
make messaging_worker
to bring up the email/SMS worker back-end - Clone the instantlinux/apicrud-ui repo to a separate directory and follow the instructions given in its README to start the front-end
- Optional: if setting up to run API within a docker container, configure kubernetes secrets as defined below (need at least the
example-db-password
) - Optional for Linux: a full ansible-based bare-metal k8s cluster management suite is published at instantlinux/docker-tools
Environment variables
Variable | Default | Description |
---|---|---|
AMQ_HOST | example-rmq |
IP address or hostname of rabbitMQ |
DB_HOST | db00 |
IP address or hostname of MySQL-compatible database |
DB_NAME | example_local |
Name of the database |
DB_PASS | Password for database | |
DOMAIN | Domain for service URLs | |
EXAMPLE_API_PORT | 8080 |
TCP port for API service |
KUBECONFIG | Config credentials filename for k8s | |
RABBITMQ_IP | IP address to use for rabbitMQ under k8s | |
REDIS_IP | IP address for redis under k8s |
TODO: the published docker image won't read these values at startup until the implementation of env-config.js is completed.
Secrets
Kubernetes needs secrets defined. (TODO add default k8s yaml files and provide instructions here; this is a ridiculously-steep learning curve for k8s rookies.)
Secret | Description |
---|---|
example-db-aes-secret | Encryption passphrase for secured DB columns (~16 bytes) |
example-db-password | Database password |
example-flask-secret | Session passphrase (32 hex digits) |
example-redis-secret | Encryption passphrase for redis values (~16 bytes) |
mapquest-api-key | API key for address lookups (sign-up: mapquest) |
Background
The rise of Docker and Kubernetes starting around 2017 made it possible to set up these production-grade services directly on the laptop of any developer. Only recently have the tools been easier to configure and set up. This framework provides working example code you can use to get started creating your own secure, web-scale services.
Implementation/design includes these technologies: celery, CloudFront and S3, docker, flask, kubernetes, MapQuest geocoding, mapbox, MariaDB, python 3, RabbitMQ, react.js, react-admin, sqlalchemy, uWSGI.
Contributions
Your pull-requests and bug-reports are welcome here. See [CONTRIBUTING.md](CONTRIBUTING.md).
License
Software copyright © 2020 by Richard Braun • <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache 2.0</a> license <p />
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.