Restrict internet access from siren container

.dockerignore

@@ -0,0 +1,2 @@
+node_modules
+backend/node_modules

.env.example

@@ -1,5 +1,9 @@
-PORT=
-ELECTRON_START_URL=
-APPLE_ID=YOUR-APPLE-ID
-APPLE_PASSWORD=APP-SPECIFIC-PASSWORD
-APPLE_TEAM_ID=YOUR-TEAM-ID
+BEACON_URL=http://your-BN-ip:5052
+VALIDATOR_URL=http://your-VC-ip:5062
+API_TOKEN=get-it-from-'.lighthouse/validators/api-token.txt'
+SESSION_PASSWORD=default-siren-password
+SSL_ENABLED=true
+DEBUG=false
+# don't change these when building the docker image, only change when running outside of docker
+PORT=3000
+BACKEND_URL=http://127.0.0.1:3001

.eslintignore

@@ -1,2 +1 @@
-src/main.js
 src/scripts/release.js

.eslintrc.json

@@ -1,39 +1,29 @@
 {
-    "env": {
-        "browser": true,
-        "es2021": true
-    },
-    "extends": [
-        "eslint:recommended",
-        "plugin:react/recommended",
-        "plugin:@typescript-eslint/recommended",
-        "prettier"
-    ],
-    "overrides": [
+  "plugins": ["@typescript-eslint", "import", "react-hooks", "unused-imports"],
+  "extends": ["next/core-web-vitals"],
+  "rules": {
+    "@typescript-eslint/ban-ts-comment": "off",
+    "import/order": [
+      "error",
+      {
+        "alphabetize": {
+          "order": "asc",
+          "caseInsensitive": true
+        }
+      }
     ],
-    "parser": "@typescript-eslint/parser",
-    "parserOptions": {
-        "ecmaVersion": "latest",
-        "sourceType": "module"
-    },
-    "plugins": [
-        "react",
-        "@typescript-eslint",
-        "prettier"
+    "react-hooks/rules-of-hooks": "error",
+    "react-hooks/exhaustive-deps": "off",
+    "unused-imports/no-unused-imports": "error",
+    "unused-imports/no-unused-vars": [
+      "warn",
+      {
+        "vars": "all",
+        "varsIgnorePattern": "^_",
+        "args": "after-used",
+        "argsIgnorePattern": "^_"
+      }
     ],
-    "rules": {
-        "react/react-in-jsx-scope": "off",
-        "spaced-comment": "error",
-        "quotes": ["error", "single"],
-        "no-duplicate-imports": "error",
-        "react/prop-types": 0,
-        "@typescript-eslint/no-empty-function": "off",
-        "@typescript-eslint/no-explicit-any": "off",
-        "@typescript-eslint/no-unused-vars": ["error", { "argsIgnorePattern": "^_" }]
-    },
-    "settings": {
-        "import/resolver": {
-            "typescript": {}
-        }
-    }
+    "react/react-in-jsx-scope": "off"
+  }
 }

.github/ISSUE_TEMPLATE/bug_report.md

@@ -4,14 +4,14 @@ about: Create a report to help us improve
 title: ''
 labels: bug
 assignees: rickimoore
-
 ---
 
 **Describe the bug**
 A clear and concise description of what the bug is.
 
 **To Reproduce**
 Steps to reproduce the behavior:
+
 1. Go to '...'
 2. Click on '....'
 3. Scroll down to '....'
@@ -24,15 +24,17 @@ A clear and concise description of what you expected to happen.
 If applicable, add screenshots to help explain your problem.
 
 **Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - Browser [e.g. chrome, safari]
- - Version [e.g. 22]
+
+- OS: [e.g. iOS]
+- Browser [e.g. chrome, safari]
+- Version [e.g. 22]
 
 **Smartphone (please complete the following information):**
- - Device: [e.g. iPhone6]
- - OS: [e.g. iOS8.1]
- - Browser [e.g. stock browser, safari]
- - Version [e.g. 22]
+
+- Device: [e.g. iPhone6]
+- OS: [e.g. iOS8.1]
+- Browser [e.g. stock browser, safari]
+- Version [e.g. 22]
 
 **Additional context**
 Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -4,7 +4,6 @@ about: Suggest an idea for this project
 title: ''
 labels: enhancement
 assignees: rickimoore
-
 ---
 
 **Is your feature request related to a problem? Please describe.**

.github/workflows/docker.yml

@@ -1,129 +1,96 @@
 name: docker
 
 on:
-    push:
-        branches:
-            - unstable
-            - stable
-        tags:
-            - v*
+  push:
+    branches:
+      - unstable
+      - stable
+    tags:
+      - v*
 
 env:
-    DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-    DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-    IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/siren
+  DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+  DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+  IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/siren
 
 jobs:
-    # Extract the VERSION which is either `latest` or `vX.Y.Z`, and the VERSION_SUFFIX
-    # which is either empty or `-unstable`.
-    #
-    # It would be nice if the arch didn't get spliced into the version between `latest` and
-    # `unstable`, but for now we keep the two parts of the version separate for backwards
-    # compatibility.
-    extract-version:
-        runs-on: ubuntu-22.04
-        steps:
-            - name: Extract version (if stable)
-              if: github.event.ref == 'refs/heads/stable'
-              run: |
-                    echo "VERSION=latest" >> $GITHUB_ENV
-                    echo "VERSION_SUFFIX=" >> $GITHUB_ENV
-            - name: Extract version (if unstable)
-              if: github.event.ref == 'refs/heads/unstable'
-              run: |
-                    echo "VERSION=latest" >> $GITHUB_ENV
-                    echo "VERSION_SUFFIX=-unstable" >> $GITHUB_ENV
-            - name: Extract version (if tagged release)
-              if: startsWith(github.event.ref, 'refs/tags')
-              run: |
-                    echo "VERSION=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_ENV
-                    echo "VERSION_SUFFIX=" >> $GITHUB_ENV
-        outputs:
-            VERSION: ${{ env.VERSION }}
-            VERSION_SUFFIX: ${{ env.VERSION_SUFFIX }}
-    build-html:
-        name: build html
-        runs-on: ubuntu-22.04
-        needs: [extract-version]
-        steps:
-            - name: Checkout sources
-              uses: actions/checkout@v3
-            - name: Use node 18
-              uses: actions/setup-node@v3
-              with:
-                node-version: 18
-                cache: 'yarn'
-            - name: Install dependencies
-              env:
-                NODE_ENV: development
-              run: |
-                yarn
-            - name: Build Siren
-              env:
-                NODE_ENV: production
-              run: yarn build
-            - name: Upload artifact
-              uses: actions/upload-artifact@v3
-              with:
-                name: html
-                path: build/
+  # Extract the VERSION which is either `latest` or `vX.Y.Z`, and the VERSION_SUFFIX
+  # which is either empty or `-unstable`.
+  #
+  # It would be nice if the arch didn't get spliced into the version between `latest` and
+  # `unstable`, but for now we keep the two parts of the version separate for backwards
+  # compatibility.
+  extract-version:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Extract version (if stable)
+        if: github.event.ref == 'refs/heads/stable'
+        run: |
+          echo "VERSION=latest" >> $GITHUB_ENV
+          echo "VERSION_SUFFIX=" >> $GITHUB_ENV
+      - name: Extract version (if unstable)
+        if: github.event.ref == 'refs/heads/unstable'
+        run: |
+          echo "VERSION=latest" >> $GITHUB_ENV
+          echo "VERSION_SUFFIX=-unstable" >> $GITHUB_ENV
+      - name: Extract version (if tagged release)
+        if: startsWith(github.event.ref, 'refs/tags')
+        run: |
+          echo "VERSION=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_ENV
+          echo "VERSION_SUFFIX=" >> $GITHUB_ENV
+    outputs:
+      VERSION: ${{ env.VERSION }}
+      VERSION_SUFFIX: ${{ env.VERSION_SUFFIX }}
 
-    build-docker-single-arch:
-        name: build-docker-${{ matrix.binary }}
-        runs-on: ubuntu-22.04
-        strategy:
-            matrix:
-                binary: [aarch64, x86_64]
+  build-docker-single-arch:
+    name: build-docker-${{ matrix.binary }}
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        binary: [aarch64, x86_64]
 
-        needs: [extract-version, build-html]
-        env:
-            # We need to enable experimental docker features in order to use `docker buildx`
-            DOCKER_CLI_EXPERIMENTAL: enabled
-            VERSION: ${{ needs.extract-version.outputs.VERSION }}
-            VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }}
-        steps:
-            - uses: actions/checkout@v3
-            - uses: docker/setup-qemu-action@v2
-            - name: Dockerhub login
-              run: |
-                  echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin
-            - name: Map aarch64 to arm64 short arch
-              if: startsWith(matrix.binary, 'aarch64')
-              run: echo "SHORT_ARCH=arm64" >> $GITHUB_ENV
-            - name: Map x86_64 to amd64 short arch
-              if: startsWith(matrix.binary, 'x86_64')
-              run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV;
-            - name: Download artifacts
-              uses: actions/download-artifact@v3
-              with:
-                  name: html
-                  path: html/
-            - name: Build Dockerfile and push
-              run: |
-                  docker buildx build \
-                      --platform=linux/${SHORT_ARCH} \
-                      --file ./Dockerfile.release . \
-                      --tag ${IMAGE_NAME}:${VERSION}-${SHORT_ARCH}${VERSION_SUFFIX} \
-                      --provenance=false \
-                      --push
-
-    build-docker-multiarch:
-        name: build-docker-multiarch
-        runs-on: ubuntu-22.04
-        needs: [build-docker-single-arch, extract-version]
-        env:
-            # We need to enable experimental docker features in order to use `docker manifest`
-            DOCKER_CLI_EXPERIMENTAL: enabled
-            VERSION: ${{ needs.extract-version.outputs.VERSION }}
-            VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }}
-        steps:
-            - name: Dockerhub login
-              run: |
-                  echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin
-            - name: Create and push multiarch manifest
-              run: |
-                  docker manifest create ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX} \
-                      --amend ${IMAGE_NAME}:${VERSION}-arm64${VERSION_SUFFIX} \
-                      --amend ${IMAGE_NAME}:${VERSION}-amd64${VERSION_SUFFIX};
-                  docker manifest push ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX}
+    needs: [extract-version]
+    env:
+      # We need to enable experimental docker features in order to use `docker buildx`
+      DOCKER_CLI_EXPERIMENTAL: enabled
+      VERSION: ${{ needs.extract-version.outputs.VERSION }}
+      VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: docker/setup-qemu-action@v3
+      - name: Dockerhub login
+        run: |
+          echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin
+      - name: Map aarch64 to arm64 short arch
+        if: startsWith(matrix.binary, 'aarch64')
+        run: echo "SHORT_ARCH=arm64" >> $GITHUB_ENV
+      - name: Map x86_64 to amd64 short arch
+        if: startsWith(matrix.binary, 'x86_64')
+        run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV;
+      - name: Build Dockerfile and push
+        run: |
+          docker buildx build \
+              --platform=linux/${SHORT_ARCH} \
+              --file ./Dockerfile . \
+              --tag ${IMAGE_NAME}:${VERSION}-${SHORT_ARCH}${VERSION_SUFFIX} \
+              --push
 
+  build-docker-multiarch:
+    name: build-docker-multiarch
+    runs-on: ubuntu-22.04
+    needs: [build-docker-single-arch, extract-version]
+    env:
+      # We need to enable experimental docker features in order to use `docker manifest`
+      DOCKER_CLI_EXPERIMENTAL: enabled
+      VERSION: ${{ needs.extract-version.outputs.VERSION }}
+      VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }}
+    steps:
+      - name: Dockerhub login
+        run: |
+          echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin
+      - name: Create and push multiarch manifest
+        run: |
+          docker manifest create ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX} \
+              --amend ${IMAGE_NAME}:${VERSION}-arm64${VERSION_SUFFIX} \
+              --amend ${IMAGE_NAME}:${VERSION}-amd64${VERSION_SUFFIX};
+          docker manifest push ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX}