From 2399858d29fb92f4fd49f7652730857b20752fc9 Mon Sep 17 00:00:00 2001 From: Arthur Lu Date: Thu, 20 Apr 2023 21:27:32 +0000 Subject: [PATCH] add vmid range check to instance creation, add configurable templates to instance creation Signed-off-by: Arthur Lu --- localdb.json.template | 15 +++++++++++++++ main.js | 16 +++++++++++----- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/localdb.json.template b/localdb.json.template index e6fce2c..d790382 100644 --- a/localdb.json.template +++ b/localdb.json.template @@ -36,6 +36,21 @@ "local": 1099511627776, "cephpl": 1099511627776 } + }, + "instances": { + "vmid": { + "min": 100, + "max": 199 + }, + "pool": "examplegroup", + "templates": { + "lxc": { + "net0": "name=eth0,bridge=vmbr0,ip=dhcp,ip6=dhcp,tag=10,type=veth" + }, + "qemu": { + "net0": "virtio,bridge=vmbr0,tag=10" + } + } } } } diff --git a/main.js b/main.js index d95a025..cfb70ab 100644 --- a/main.js +++ b/main.js @@ -247,17 +247,23 @@ app.post("/api/instance", async (req, res) => { memory: Number(req.body.memory) }; // setup action - let user = await requestPVE(`/access/users/${req.cookies.username}`, "GET", null, null, pveAPIToken); - let group = user.data.data.groups[0]; - if (!group) { - res.status(500).send({error: `user ${req.cookies.username} has no group membership`}); + let user = getUser(req.cookies.username); + let vmid = Number.parseInt(req.body.vmid); + let vmid_min = user.instances.vmid.min; + let vmid_max = user.instances.vmid.max; + if (vmid < vmid_min || vmid > vmid_max) { + res.status(500).send({error: `Requested vmid ${vmid} is out of allowed range [${vmid_min},${vmid_max}]`}); + return; } let action = { vmid: req.body.vmid, cores: req.body.cores, memory: req.body.memory, - pool: group + pool: user.instances.pool }; + for (key of Object.keys(user.instances.templates[req.body.type])) { + action[key] = user.instances.templates[req.body.type][key]; + } if (req.body.type === "lxc") { action.swap = req.body.swap; action.hostname = req.body.name;