Fotobox

fotobox/README.md

@@ -0,0 +1,75 @@
+# IBM Fotobox
+
+This is the IBM Fotobox. Deploy your own Fotobox straight to the IBM Cloud access it directly from any device with browser and camera. Take pictures and view them all from your device.
+
+The solution is based on:
+- The "frontend" a Svelte Single Page Application(SPA) running as a Code Engine app, that is able to scale to 0 in oder to optimise cost.
+- The "upload" function which generates a thumbnail of the image and stores both in COS written in Python and running as a Code Engine function.
+- The "downloader" a Go program designed to serve the images stored in COS or download all at one go if you are the operator of the fotobox.
+- All images are stored in IBM Cloud Object Storage to ensure security and scalability.
+
+## Setup
+
+If you use your own machine you'll need to install the following (if not
+already installed) and make sure you have a IBM Cloud Account:
+
+- [IBM Cloud command line (`ibmcloud`)](https://cloud.ibm.com/docs/cli/reference/ibmcloud?topic=cloud-cli-getting-started)
+- [Code Engine plugin (`ce`)](https://cloud.ibm.com/codeengine/cli)
+- [Terraform ](https://developer.hashicorp.com/terraform/install)
+- [jq](https://jqlang.org/)
+
+
+## Automated Setup
+
+In order to make the setup as convenient as possible we probide you with a setup script which uses terraform and the IBM Cloud CLI
+
+1. Configure the `terraform.auto.tfvars` with your apikey and your resource group id
+
+2. Run the `setup.sh <apikey>` and it will deploy all the required components and done
+
+## Manual setup
+
+1. Setup a COS instance and a COS bucket this can be done over the UI or using the CLI
+    note dont the bucket name and API credentials
+
+2. Deploy the "upload" function using the CLI
+    ```bash
+    ibmcloud ce fn create --name fotobox-cos-upload  --runtime python  --build-source upload-function
+    ```
+
+3. Deploy the "download" app using the CLI
+    ```bash
+    ibmcloud ce app create --name fotobox-get-pics --build-dockerfile Dockerfile  --build-source download-app
+    ```
+
+4. Create a secret map containing the following values. Use the following command to create the password
+    ```bash
+    echo -n "password" | sha256
+    5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8
+
+    ```
+    Secrets/environment variables
+    ```
+    apikey="cos api key mus upload und download können"
+    resource_instance_id="cos credential"
+    bucket="mybucket"
+    imageprefix="my-event-"
+    passwords="5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
+    ```
+
+5. Reference the full secret to the function and the app
+
+6. inside the the [stores.js](frontend-app/src/stores.js) replace the URLs to the upload function and download app
+
+
+```javascript
+export const uploadURL = "<replace with public function url>"
+export const downloadURL = "<replace with download app url"
+```
+
+7. Deploy the app with the updates
+```bash
+ibmcloud ce app create --name fotobox-frontend --build-dockerfile Dockerfile  --build-source frontend-app
+```
+
+Now the Fotobox should be deployed and usable

fotobox/cos-setup/main.tf

@@ -0,0 +1,61 @@
+# create a cos instance
+resource "ibm_resource_instance" "cos_instance" {
+  name = "cos-fotobox-instance"
+  resource_group_id = var.resource_group
+  plan = "standard"
+  service = "cloud-object-storage"
+  location = "global"
+}
+
+# create cos-credentials for cos access
+resource "ibm_resource_key" "cos-credentials" {
+  name = "cos-credentials"
+  resource_instance_id = ibm_resource_instance.cos_instance.id
+  parameters = {"HMAC" = true}
+}
+
+locals {
+  resource_credentials =jsondecode(ibm_resource_key.cos-credentials.credentials_json)
+}
+
+# create cos-but to upload
+resource "ibm_cos_bucket" "cos_bucket" {
+  bucket_name = "fotobox-bucket"
+  resource_instance_id = ibm_resource_instance.cos_instance.id
+  region_location = "us-south"
+  storage_class = "smart"
+}
+
+# create code engine project
+# set region at provider
+resource "ibm_code_engine_project" "ce-fotobox-project" {
+  name = "codeengine-fotobox-project"
+  resource_group_id = var.resource_group
+}
+
+# create secret in project
+
+resource "ibm_code_engine_secret" "fotobox-secret" {
+  project_id = ibm_code_engine_project.ce-fotobox-project.id
+  name = "fotobox-secret"
+  format = "generic"
+
+  data = {
+    "apikey" = local.resource_credentials.apikey
+  }
+}
+
+# create config map in project
+
+resource "ibm_code_engine_config_map" "fotobox-config" {
+  name = "fotobox-config"
+  project_id = ibm_code_engine_project.ce-fotobox-project.id
+  data = {
+    "bucket" = ibm_cos_bucket.cos_bucket.bucket_name
+    "endpointURL" = ibm_cos_bucket.cos_bucket.s3_endpoint_public
+    "imageprefix" = "my-event-"
+    "passwords" = "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8"
+    "region" = ibm_cos_bucket.cos_bucket.region_location
+    "resource_instance_id" = local.resource_credentials.resource_instance_id
+  }
+}

fotobox/cos-setup/provider.tf

@@ -0,0 +1,3 @@
+provider "ibm" {
+    ibmcloud_api_key = var.apikey
+}

fotobox/cos-setup/terraform.auto.tfvars

@@ -0,0 +1,5 @@
+resource_group = "<resource_group>"
+
+icr_secret = "<icr_secret>"
+
+apikey = "<apikey>"

fotobox/cos-setup/variables.tf

@@ -0,0 +1,3 @@
+variable "resource_group" {}
+variable "icr_secret" {}
+variable "apikey" {}

fotobox/cos-setup/versions.tf

@@ -0,0 +1,8 @@
+terraform {
+required_providers {
+    ibm = {
+    source = "IBM-Cloud/ibm"
+    version = "1.76.2"
+    }
+ }
+}

fotobox/download-app/.ceignore

@@ -0,0 +1 @@
+images

fotobox/download-app/Dockerfile

@@ -0,0 +1,22 @@
+FROM  registry.access.redhat.com/ubi9/go-toolset:1.24 AS build-stage
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+RUN go mod download
+
+COPY . ./
+
+RUN CGO_ENABLED=0 GOOS=linux go build -o /api
+
+
+# Deploy the application binary into a lean image
+FROM gcr.io/distroless/static:latest
+
+WORKDIR /
+
+COPY --from=build-stage /api /api
+
+EXPOSE 8080
+
+ENTRYPOINT ["/api"]

fotobox/download-app/go.mod

@@ -0,0 +1,50 @@
+module cosapp
+
+go 1.23.2
+
+require github.com/gin-contrib/cors v1.7.5
+
+require (
+	github.com/IBM/go-sdk-core/v5 v5.19.1 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
+	github.com/bytedance/sonic v1.13.2 // indirect
+	github.com/bytedance/sonic/loader v0.2.4 // indirect
+	github.com/cloudwego/base64x v0.1.5 // indirect
+	github.com/gin-contrib/sse v1.0.0 // indirect
+	github.com/go-openapi/errors v0.22.0 // indirect
+	github.com/go-openapi/strfmt v0.23.0 // indirect
+	github.com/goccy/go-json v0.10.5 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.10 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/oklog/ulid v1.3.1 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
+	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+	github.com/ugorji/go/codec v1.2.12 // indirect
+	go.mongodb.org/mongo-driver v1.17.2 // indirect
+	golang.org/x/arch v0.15.0 // indirect
+	google.golang.org/protobuf v1.36.6 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
+)
+
+require (
+	github.com/IBM/ibm-cos-sdk-go v1.11.1
+	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
+	github.com/gin-gonic/gin v1.10.0
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.26.0 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	golang.org/x/crypto v0.37.0 // indirect
+	golang.org/x/net v0.39.0 // indirect
+	golang.org/x/sys v0.32.0 // indirect
+	golang.org/x/text v0.24.0 // indirect
+)