From f76812f04b880e47173f09aab14e34f4f9e057c8 Mon Sep 17 00:00:00 2001
From: "koeninger.a" <koeninger.a@northeastern.edu>
Date: Fri, 24 Oct 2025 13:02:59 -0400
Subject: [PATCH 1/2] Add HTTPS to fastapi server and server Dockerfile

---
 src/rb-api/Dockerfile     |  7 ++++++-
 src/rb-api/rb/api/main.py | 14 +++++++++++---
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/src/rb-api/Dockerfile b/src/rb-api/Dockerfile
index f507df27..9b7b1000 100644
--- a/src/rb-api/Dockerfile
+++ b/src/rb-api/Dockerfile
@@ -25,6 +25,11 @@ ENV PATH="/root/.local/bin:$PATH"
 COPY src /rescuebox/src/
 COPY rescuebox /rescuebox/rescuebox
 COPY pyproject.toml poetry.lock /rescuebox/
+COPY key.pem /rescuebox/ca-certificates/
+COPY cert.pem /rescuebox/ca-certificates/
+
+# Update SSL certificates in the container
+RUN update-ca-certificates
 
 # Install dependencies without creating a virtual environment
 WORKDIR /rescuebox/src/rb-api
@@ -35,4 +40,4 @@ RUN poetry config virtualenvs.create false \
 EXPOSE 8000
 
 # Run Uvicorn directly
-CMD ["uvicorn", "rb.api.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4"]
+CMD ["uvicorn", "rb.api.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4", "--ssl-keyfile", "/rescuebox/ca-certificates/key.pem", "--ssl-certfile", "/rescuebox/ca-certificates/cert.pem"]
diff --git a/src/rb-api/rb/api/main.py b/src/rb-api/rb/api/main.py
index 34f8259e..f644ded7 100644
--- a/src/rb-api/rb/api/main.py
+++ b/src/rb-api/rb/api/main.py
@@ -1,21 +1,29 @@
 import multiprocessing
 import os
+import ssl
 import sys
 from fastapi import FastAPI, HTTPException, Request, status
 from fastapi.exceptions import RequestValidationError
 from fastapi.staticfiles import StaticFiles
+sys.path.append("rb/api/routes")
 from rb.api import routes
 
+# Create some sort of offline config file to save keys securely
+from config import CERT_PATH, KEY_PATH
+
 app = FastAPI(
     title="RescueBoxAPI",
     summary="RescueBox is a set of tools for file system investigations.",
     version="2.0.0",
     debug=True,
     contact={
-        "name": "Umass Amherst RescuBox Team",
+        "name": "Umass Amherst RescueBox Team",
     },
 )
 
+ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+ssl_context.load_cert_chain(certfile=CERT_PATH, keyfile=KEY_PATH)
+
 app.mount(
     "/static",
     StaticFiles(directory=os.path.join(os.path.dirname(__file__), "static")),
@@ -47,7 +55,7 @@ async def validation_exception_handler(request: Request, exc: RequestValidationE
     multiprocessing.freeze_support()  # For Windows support
     # for pyinstaller exe
     if getattr(sys, "frozen", False) and hasattr(sys, "_MEIPASS"):
-        uvicorn.run("main:app", host="0.0.0.0", port=8000, reload=False)
+        uvicorn.run("main:app", host="0.0.0.0", port=8000, reload=False, ssl=ssl_context)
     else:
         # for cmdline dev mode
-        uvicorn.run("rb.api.main:app", host="0.0.0.0", port=8000, reload=True)
+        uvicorn.run("rb.api.main:app", host="0.0.0.0", port=8000, reload=True, ssl=ssl_context)

From ca3541b5c5daf8dc71adf94a5b74e37ee51fef3c Mon Sep 17 00:00:00 2001
From: "koeninger.a" <koeninger.a@northeastern.edu>
Date: Fri, 24 Oct 2025 15:13:21 -0400
Subject: [PATCH 2/2] Start to distributed docker infrastructure

---
 web/Dockerfile                     | 22 ++++++++++++++++
 web/docker-compose-distributed.yml | 41 ++++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 web/Dockerfile
 create mode 100644 web/docker-compose-distributed.yml

diff --git a/web/Dockerfile b/web/Dockerfile
new file mode 100644
index 00000000..90c58c27
--- /dev/null
+++ b/web/Dockerfile
@@ -0,0 +1,22 @@
+# Start of a Dockerfile for frontend container
+
+#Use an official node image as the base (Node version 20)
+FROM node:20-alpine
+
+# Set the working directory
+WORKDIR /rescuebox-desktop
+
+# Copy the package.json and package-lock.json files
+COPY RescueBox-Desktop/package*.json ./
+
+# Install the dependencies
+RUN npm install
+
+# Copy the rest of the application code
+COPY . .
+
+# Expose the application port
+EXPOSE 1212
+
+# Start the application
+CMD ["npm", "start"]
\ No newline at end of file
diff --git a/web/docker-compose-distributed.yml b/web/docker-compose-distributed.yml
new file mode 100644
index 00000000..12d6751b
--- /dev/null
+++ b/web/docker-compose-distributed.yml
@@ -0,0 +1,41 @@
+# This docker compose file is meant as a start to the distributed server setup 
+# with a frontend and backend
+
+services:
+  backend:
+    build: ./backend
+    container_name: rb_backend
+    expose: 
+      - "8000"
+    volumes: 
+      - shared-certs:/app/certs
+    networks:
+      - app-network
+  frontend:
+    build: ./frontend
+    container_name: rb_frontend
+    expose:
+      - "1212"
+    networks:
+      - app-network
+
+  nginx:
+    build: nginx
+    container_name: nginx
+    ports:
+      - "443:443"
+    volumes:
+      - shared-certs:/etc/nginx/certs:ro
+    depends_on:
+      - backend
+      - frontend
+    networks: 
+      - app-network
+  
+volumes:
+  shared-certs
+
+networks:
+  app-network:
+    driver: bridge 
+