2023-01-19 20:22:26 +00:00
|
|
|
const express = require("express");
|
|
|
|
const bodyParser = require("body-parser");
|
|
|
|
const cookieParser = require("cookie-parser")
|
|
|
|
const cors = require("cors");
|
|
|
|
const helmet = require("helmet");
|
|
|
|
const morgan = require("morgan");
|
2023-02-13 02:11:55 +00:00
|
|
|
var api = require("./package.json");
|
2023-01-25 00:28:44 +00:00
|
|
|
|
2023-02-28 23:24:49 +00:00
|
|
|
const {pveAPIToken, listenPort, domain} = require("./vars.js");
|
2023-02-28 23:33:00 +00:00
|
|
|
const {checkAuth, requestPVE, handleResponse, getUnusedDiskData, getDiskConfig} = require("./pveutils.js");
|
2023-02-28 23:24:49 +00:00
|
|
|
const {init, requestResources, allocateResources, releaseResources} = require("./db.js");
|
2023-01-17 23:46:42 +00:00
|
|
|
|
|
|
|
const app = express();
|
|
|
|
app.use(helmet());
|
2023-01-25 02:01:47 +00:00
|
|
|
app.use(bodyParser.urlencoded({extended: true}));
|
2023-01-19 20:22:26 +00:00
|
|
|
app.use(cookieParser())
|
2023-02-28 22:04:30 +00:00
|
|
|
app.use(cors({origin: domain}));
|
2023-01-19 20:22:26 +00:00
|
|
|
app.use(morgan("combined"));
|
2023-01-17 23:46:42 +00:00
|
|
|
|
|
|
|
|
2023-01-19 20:22:26 +00:00
|
|
|
app.get("/api/version", (req, res) => {
|
2023-02-13 02:11:55 +00:00
|
|
|
res.send({version: api.version});
|
2023-01-17 23:46:42 +00:00
|
|
|
});
|
|
|
|
|
2023-01-19 20:22:26 +00:00
|
|
|
app.get("/api/echo", (req, res) => {
|
2023-01-20 06:40:21 +00:00
|
|
|
res.send({body: req.body, cookies: req.cookies});
|
2023-01-19 20:22:26 +00:00
|
|
|
});
|
|
|
|
|
2023-02-13 02:11:55 +00:00
|
|
|
app.get("/api/auth", async (req, res) => {
|
|
|
|
let result = await checkAuth(req.cookies);
|
|
|
|
res.send({auth: result});
|
2023-01-20 06:40:21 +00:00
|
|
|
});
|
|
|
|
|
2023-02-24 22:21:21 +00:00
|
|
|
app.get("/api/proxmox/*", async (req, res) => { // proxy endpoint for GET proxmox api with no token
|
2023-02-24 22:19:30 +00:00
|
|
|
path = req.url.replace("/api/proxmox", "");
|
|
|
|
let result = await requestPVE(path, "GET", req.cookies);
|
|
|
|
res.send(result.data, result.status);
|
|
|
|
});
|
|
|
|
|
2023-02-24 22:21:21 +00:00
|
|
|
app.post("/api/proxmox/*", async (req, res) => { // proxy endpoint for POST proxmox api with no token
|
|
|
|
path = req.url.replace("/api/proxmox", "");
|
2023-02-24 22:34:19 +00:00
|
|
|
let result = await requestPVE(path, "POST", req.cookies, JSON.stringify(req.body)); // need to stringify body because of other issues
|
2023-02-24 22:21:21 +00:00
|
|
|
res.send(result.data, result.status);
|
|
|
|
});
|
|
|
|
|
2023-02-13 02:11:55 +00:00
|
|
|
app.post("/api/disk/detach", async (req, res) => {
|
2023-02-10 21:41:36 +00:00
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
2023-02-13 02:11:55 +00:00
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-13 02:11:55 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:24:49 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-13 02:11:55 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-27 02:29:39 +00:00
|
|
|
let action = JSON.stringify({delete: req.body.disk});
|
2023-02-24 00:17:28 +00:00
|
|
|
let method = req.body.type === "qemu" ? "POST" : "PUT";
|
2023-02-27 02:29:39 +00:00
|
|
|
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
2023-02-24 00:17:28 +00:00
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-10 21:41:36 +00:00
|
|
|
});
|
|
|
|
|
2023-02-13 02:11:55 +00:00
|
|
|
app.post("/api/disk/attach", async (req, res) => {
|
2023-02-10 21:41:36 +00:00
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
2023-02-13 02:11:55 +00:00
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-13 02:11:55 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:24:49 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-13 02:11:55 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-27 02:29:39 +00:00
|
|
|
let action = {};
|
|
|
|
action[req.body.disk] = req.body.data;
|
|
|
|
action = JSON.stringify(action);
|
2023-02-24 00:17:28 +00:00
|
|
|
let method = req.body.type === "qemu" ? "POST" : "PUT";
|
2023-02-27 02:29:39 +00:00
|
|
|
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
2023-02-24 00:17:28 +00:00
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-01-25 00:48:15 +00:00
|
|
|
});
|
|
|
|
|
2023-02-13 02:11:55 +00:00
|
|
|
app.post("/api/disk/resize", async (req, res) => {
|
2023-02-10 21:41:36 +00:00
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
2023-02-13 02:11:55 +00:00
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-13 02:11:55 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:24:49 +00:00
|
|
|
res.status(401).send({auth: auth});
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check resource allocation
|
2023-02-28 23:33:00 +00:00
|
|
|
let diskConfig = await getDiskConfig(req.body.node, req.body.type, req.body.vmid, req.body.disk);
|
2023-02-28 23:24:49 +00:00
|
|
|
if (!diskConfig) {
|
|
|
|
res.status(500).send({auth: auth, data:{error: `requested disk ${req.body.disk} does not exist`}});
|
|
|
|
}
|
|
|
|
let storage = diskConfig.split(":")[0];
|
|
|
|
let request = {};
|
|
|
|
request[storage] = req.body.size;
|
|
|
|
if (!requestResources(req.cookies.username, request)) {
|
|
|
|
res.status(500).send({auth: auth, data:{request: request, error: `${storage} could not fulfill request`}});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-13 02:11:55 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-27 02:29:39 +00:00
|
|
|
let action = JSON.stringify({disk: req.body.disk, size: `+${req.body.size}G`});
|
2023-02-27 23:04:38 +00:00
|
|
|
let result = await requestPVE(`${vmpath}/resize`, "PUT", req.cookies, action, pveAPIToken);
|
2023-02-24 00:17:28 +00:00
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:24:49 +00:00
|
|
|
if (result.status === 200) {
|
|
|
|
allocateResources(req.cookies.username, request);
|
|
|
|
}
|
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-02 19:34:51 +00:00
|
|
|
});
|
|
|
|
|
2023-02-13 02:11:55 +00:00
|
|
|
app.post("/api/disk/move", async (req, res) => {
|
2023-02-10 21:41:36 +00:00
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
2023-02-02 19:34:51 +00:00
|
|
|
let route = req.body.type === "qemu" ? "move_disk" : "move_volume";
|
2023-02-13 02:11:55 +00:00
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-13 02:11:55 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-13 02:11:55 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-27 02:29:39 +00:00
|
|
|
let action = {storage: req.body.storage, delete: req.body.delete};
|
|
|
|
if (req.body.type === "qemu") {
|
|
|
|
action.disk = req.body.disk
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
action.volume = req.body.disk
|
|
|
|
}
|
|
|
|
action = JSON.stringify(action);
|
2023-02-27 23:04:38 +00:00
|
|
|
let result = await requestPVE(`${vmpath}/${route}`, "POST", req.cookies, action, pveAPIToken);
|
2023-02-24 00:17:28 +00:00
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-10 21:41:36 +00:00
|
|
|
});
|
|
|
|
|
2023-02-13 02:11:55 +00:00
|
|
|
app.post("/api/disk/delete", async (req, res) => {
|
2023-02-10 21:41:36 +00:00
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
2023-02-13 02:11:55 +00:00
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-13 02:11:55 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-17 22:17:00 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-27 02:29:39 +00:00
|
|
|
let action = JSON.stringify({delete: req.body.disk});
|
2023-02-24 00:17:28 +00:00
|
|
|
let method = req.body.type === "qemu" ? "POST" : "PUT";
|
2023-02-27 02:29:39 +00:00
|
|
|
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
2023-02-24 00:17:28 +00:00
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-17 22:17:00 +00:00
|
|
|
});
|
2023-02-23 20:39:33 +00:00
|
|
|
|
|
|
|
app.post("/api/disk/create", async (req, res) => {
|
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-23 20:39:33 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-23 20:39:33 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-27 02:29:39 +00:00
|
|
|
let action = {};
|
|
|
|
if (req.body.disk.includes("ide") && req.body.iso) {
|
|
|
|
action[req.body.disk] = `${req.body.iso},media=cdrom`;
|
|
|
|
}
|
|
|
|
else if (req.body.type === "qemu") { // type is qemu, use sata
|
|
|
|
action[req.body.disk] = `${req.body.storage}:${req.body.size}`;
|
|
|
|
}
|
|
|
|
else { // type is lxc, use mp and add mp and backup values
|
|
|
|
action[req.body.disk] = `${req.body.storage}:${req.body.size},mp=/mp${req.body.device}/,backup=1`;
|
|
|
|
}
|
|
|
|
action = JSON.stringify(action);
|
2023-02-24 00:17:28 +00:00
|
|
|
let method = req.body.type === "qemu" ? "POST" : "PUT";
|
2023-02-27 02:29:39 +00:00
|
|
|
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
2023-02-24 00:17:28 +00:00
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-23 20:39:33 +00:00
|
|
|
});
|
2023-02-17 22:17:00 +00:00
|
|
|
|
|
|
|
app.post("/api/resources", async (req, res) => {
|
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-17 22:17:00 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-21 22:35:09 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
let action = JSON.stringify({cores: req.body.cores, memory: req.body.memory});
|
2023-02-24 00:17:28 +00:00
|
|
|
let method = req.body.type === "qemu" ? "POST" : "PUT";
|
|
|
|
let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-21 22:35:09 +00:00
|
|
|
});
|
|
|
|
|
2023-02-24 00:17:28 +00:00
|
|
|
app.post("/api/instance", async (req, res) => {
|
2023-02-28 23:36:22 +00:00
|
|
|
// check auth
|
2023-02-24 00:17:28 +00:00
|
|
|
let auth = await checkAuth(req.cookies);
|
|
|
|
if (!auth) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
// setup action
|
2023-02-28 02:38:30 +00:00
|
|
|
let user = await requestPVE(`/access/users/${req.cookies.username}`, "GET", null, null, pveAPIToken);
|
|
|
|
let group = user.data.data.groups[0];
|
|
|
|
if (!group) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(500).send({auth: auth, data: {error: `user ${req.cookies.username} has no group membership`}});
|
2023-02-28 23:36:22 +00:00
|
|
|
}
|
2023-02-27 23:04:38 +00:00
|
|
|
let action = {
|
|
|
|
vmid: req.body.vmid,
|
|
|
|
cores: req.body.cores,
|
|
|
|
memory: req.body.memory,
|
2023-02-28 02:38:30 +00:00
|
|
|
pool: group
|
2023-02-27 23:04:38 +00:00
|
|
|
};
|
|
|
|
if (req.body.type === "lxc") {
|
|
|
|
action.swap = req.body.swap;
|
|
|
|
action.hostname = req.body.name;
|
|
|
|
action.unprivileged = 1;
|
|
|
|
action.features = "nesting=1";
|
|
|
|
action.password = req.body.password;
|
|
|
|
action.ostemplate = req.body.ostemplate;
|
|
|
|
action.rootfs = `${req.body.rootfslocation}:${req.body.rootfssize}`;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
action.name = req.body.name;
|
|
|
|
}
|
|
|
|
action = JSON.stringify(action);
|
|
|
|
let result = await requestPVE(`/nodes/${req.body.node}/${req.body.type}`, "POST", req.cookies, action, pveAPIToken);
|
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-24 00:17:28 +00:00
|
|
|
});
|
2023-02-21 22:35:09 +00:00
|
|
|
|
|
|
|
app.delete("/api/instance", async (req, res) => {
|
|
|
|
let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`;
|
|
|
|
|
2023-02-28 23:36:22 +00:00
|
|
|
//check auth
|
2023-02-21 22:35:09 +00:00
|
|
|
let auth = await checkAuth(req.cookies, vmpath);
|
2023-02-24 00:17:28 +00:00
|
|
|
if (!auth) {
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(401).send({auth: auth});
|
2023-02-24 00:17:28 +00:00
|
|
|
return;
|
2023-02-13 02:11:55 +00:00
|
|
|
}
|
2023-02-24 00:17:28 +00:00
|
|
|
|
|
|
|
let result = await requestPVE(`${vmpath}`, "DELETE", req.cookies, null, pveAPIToken);
|
|
|
|
result = await handleResponse(req.body.node, result);
|
2023-02-28 23:27:32 +00:00
|
|
|
res.status(result.status).send({auth: auth, data: result.data});
|
2023-02-13 02:11:55 +00:00
|
|
|
});
|
|
|
|
|
2023-01-25 00:28:44 +00:00
|
|
|
app.listen(listenPort, () => {
|
2023-02-27 01:09:49 +00:00
|
|
|
init();
|
2023-02-13 02:11:55 +00:00
|
|
|
console.log(`proxmoxaas-api v${api.version} listening on port ${listenPort}`);
|
2023-01-17 23:46:42 +00:00
|
|
|
});
|