diff --git a/src/main.js b/src/main.js index 6daed85..d9ffcc1 100644 --- a/src/main.js +++ b/src/main.js @@ -188,29 +188,35 @@ app.get("/api/user/config/nodes", async (req, res) => { * - 500: {error: String} * - 500: PVE Task Object */ -app.post("/api/instance/disk/detach", async (req, res) => { +app.post(`/api/:node/:type/:vmid/disk/:disk/detach`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + disk: req.params.disk + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config let config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data; // disk must exist - if (!config[req.body.disk]) { - res.status(500).send({ error: `Disk ${req.body.disk} does not exist.` }); + if (!config[params.disk]) { + res.status(500).send({ error: `Disk ${params.disk} does not exist.` }); res.end(); return; } // disk cannot be unused - if (req.body.disk.includes("unused")) { - res.status(500).send({ error: `Requested disk ${req.body.disk} cannot be unused. Use /disk/delete to permanently delete unused disks.` }); + if (params.disk.includes("unused")) { + res.status(500).send({ error: `Requested disk ${params.disk} cannot be unused. Use /disk/delete to permanently delete unused disks.` }); res.end(); return; } - let action = JSON.stringify({ delete: req.body.disk }); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let action = JSON.stringify({ delete: params.disk }); + let method = params.type === "qemu" ? "POST" : "PUT"; let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -219,7 +225,7 @@ app.post("/api/instance/disk/detach", async (req, res) => { * - node: String - vm host node id * - type: String - vm type (lxc, qemu) * - vmid: Number - vm id number - * - disk: String - disk id (sata0) + * - disk: String - disk id (sata0 NOT unused) * - source: Number - source unused disk number (0 => unused0) * responses: * - 200: PVE Task Object @@ -227,35 +233,42 @@ app.post("/api/instance/disk/detach", async (req, res) => { * - 500: {error: String} * - 500: PVE Task Object */ -app.post("/api/instance/disk/attach", async (req, res) => { +app.post(`/api/:node/:type/:vmid/disk/:disk/attach`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + disk: req.params.disk, + source: req.body.source + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config let config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data; // disk must exist - if (!config[`unused${req.body.source}`]) { - res.status(403).send({ error: `Requested disk unused${req.body.source} does not exist.` }); + if (!config[`unused${params.source}`]) { + res.status(403).send({ error: `Requested disk unused${params.source} does not exist.` }); res.end(); return; } // target disk must be allowed according to source disk's storage options - let diskConfig = await getDiskInfo(req.body.node, req.body.type, req.body.vmid, `unused${req.body.source}`); // get target disk + let diskConfig = await getDiskInfo(params.node, params.type, params.vmid, `unused${params.source}`); // get target disk let resourceConfig = db.getResourceConfig(); - if (!resourceConfig[diskConfig.storage].disks.some(diskPrefix => req.body.disk.startsWith(diskPrefix))) { - res.status(500).send({ error: `Requested target ${req.body.disk} is not in allowed list [${resourceConfig[diskConfig.storage].disks}].` }); + if (!resourceConfig[diskConfig.storage].disks.some(diskPrefix => params.disk.startsWith(diskPrefix))) { + res.status(500).send({ error: `Requested target ${params.disk} is not in allowed list [${resourceConfig[diskConfig.storage].disks}].` }); res.end(); return; } // setup action using source disk info from vm config let action = {}; - action[req.body.disk] = config[`unused${req.body.source}`]; + action[params.disk] = config[`unused${params.source}`]; action = JSON.stringify(action); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -264,7 +277,7 @@ app.post("/api/instance/disk/attach", async (req, res) => { * - node: String - vm host node id * - type: String - vm type (lxc, qemu) * - vmid: Number - vm id number - * - disk: String - disk id (sata0) + * - disk: String - disk id (sata0 NOT unused) * - size: Number - increase size in GiB * responses: * - 200: PVE Task Object @@ -273,32 +286,39 @@ app.post("/api/instance/disk/attach", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/disk/resize", async (req, res) => { +app.post(`/api/:node/:type/:vmid/disk/:disk/resize`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + disk: req.params.disk, + size: req.body.size + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // check disk existence - let diskConfig = await getDiskInfo(req.body.node, req.body.type, req.body.vmid, req.body.disk); // get target disk + let diskConfig = await getDiskInfo(params.node, params.type, params.vmid, params.disk); // get target disk if (!diskConfig) { // exit if disk does not exist - res.status(500).send({ error: `requested disk ${req.body.disk} does not exist.` }); + res.status(500).send({ error: `requested disk ${params.disk} does not exist.` }); res.end(); return; } // setup request let storage = diskConfig.storage; // get the storage let request = {}; - request[storage] = Number(req.body.size * 1024 ** 3); // setup request object + request[storage] = Number(params.size * 1024 ** 3); // setup request object // check request approval if (!await approveResources(req, req.cookies.username, request)) { - res.status(500).send({ request: request, error: `Storage ${storage} could not fulfill request of size ${req.body.size}G.` }); + res.status(500).send({ request: request, error: `Storage ${storage} could not fulfill request of size ${params.size}G.` }); res.end(); return; } // action approved, commit to action - let action = JSON.stringify({ disk: req.body.disk, size: `+${req.body.size}G` }); + let action = JSON.stringify({ disk: params.disk, size: `+${params.size}G` }); let result = await requestPVE(`${vmpath}/resize`, "PUT", req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -307,7 +327,7 @@ app.post("/api/instance/disk/resize", async (req, res) => { * - node: String - vm host node id * - type: String - vm type (lxc, qemu) * - vmid: Number - vm id number - * - disk: String - disk id (sata0) + * - disk: String - disk id (sata0 NOT unused) * - storage: String - target storage to move disk * - delete: Number - delete original disk (0, 1) * responses: @@ -317,47 +337,53 @@ app.post("/api/instance/disk/resize", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/disk/move", async (req, res) => { +app.post(`/api/:node/:type/:vmid/disk/:disk/move`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + disk: req.params.disk, + storage: req.body.storage, + delete: req.body.delete + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // check disk existence - let diskConfig = await getDiskInfo(req.body.node, req.body.type, req.body.vmid, req.body.disk); // get target disk + let diskConfig = await getDiskInfo(params.node, params.type, params.vmid, params.disk); // get target disk if (!diskConfig) { // exit if disk does not exist - res.status(500).send({ error: `requested disk ${req.body.disk} does not exist.` }); + res.status(500).send({ error: `requested disk ${params.disk} does not exist.` }); res.end(); return; } // setup request let size = parseInt(diskConfig.size); // get source disk size let srcStorage = diskConfig.storage; // get source storage - let dstStorage = req.body.storage; // get destination storage + let dstStorage = params.storage; // get destination storage let request = {}; - let release = {}; - if (req.body.delete) { // if delete is true, increase resource used by the source storage - release[srcStorage] = Number(size); + if (!params.delete) { // if not delete, then request storage, otherwise it is net 0 + request[dstStorage] = Number(size); // always decrease destination storage by size } - request[dstStorage] = Number(size); // always decrease destination storage by size // check request approval if (!await approveResources(req, req.cookies.username, request)) { - res.status(500).send({ request: request, error: `Storage ${req.body.storage} could not fulfill request of size ${req.body.size}G.` }); + res.status(500).send({ request: request, error: `Storage ${params.storage} could not fulfill request of size ${params.size}G.` }); res.end(); return; } // create action - let action = { storage: req.body.storage, delete: req.body.delete }; - if (req.body.type === "qemu") { - action.disk = req.body.disk + let action = { storage: params.storage, delete: params.delete }; + if (params.type === "qemu") { + action.disk = params.disk } else { - action.volume = req.body.disk + action.volume = params.disk } action = JSON.stringify(action); - let route = req.body.type === "qemu" ? "move_disk" : "move_volume"; + let route = params.type === "qemu" ? "move_disk" : "move_volume"; // commit action let result = await requestPVE(`${vmpath}/${route}`, "POST", req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -373,31 +399,37 @@ app.post("/api/instance/disk/move", async (req, res) => { * - 500: {error: String} * - 500: PVE Task Object */ -app.delete("/api/instance/disk/delete", async (req, res) => { +app.delete(`/api/:node/:type/:vmid/disk/:disk/delete`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + disk: req.params.disk + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config let config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data; // disk must exist - if (!config[req.body.disk]) { - res.status(403).send({ error: `Requested disk unused${req.body.source} does not exist.` }); + if (!config[params.disk]) { + res.status(403).send({ error: `Requested disk unused${params.source} does not exist.` }); res.end(); return; } // only ide or unused are allowed to be deleted - if (!req.body.disk.includes("unused") && !req.body.disk.includes("ide")) { // must be ide or unused - res.status(500).send({ error: `Requested disk ${req.body.disk} must be unused or ide. Use /disk/detach to detach disks in use.` }); + if (!params.disk.includes("unused") && !params.disk.includes("ide")) { // must be ide or unused + res.status(500).send({ error: `Requested disk ${params.disk} must be unused or ide. Use /disk/detach to detach disks in use.` }); res.end(); return; } // create action - let action = JSON.stringify({ delete: req.body.disk }); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let action = JSON.stringify({ delete: params.disk }); + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -406,64 +438,73 @@ app.delete("/api/instance/disk/delete", async (req, res) => { * - node: String - vm host node id * - type: String - vm type (lxc, qemu) * - vmid: Number - vm id number - * - disk: String - disk id (sata0, ide0) + * - disk: String - disk id (sata0, ide0, NOT unused) * - storage: String - storage to hold disk * - size: Number - size of disk in GiB - * - iso: String - file name to mount as cdrom + * - iso: String (optional) - file name to mount as cdrom * responses: * - 200: PVE Task Object * - 401: {auth: false, path: String} * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/disk/create", async (req, res) => { +app.post(`/api/:node/:type/:vmid/disk/:disk/create`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + disk: req.params.disk, + storage: req.body.storage, + size: req.body.size, + iso: req.body.iso + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config let config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data; // disk must not exist - if (config[req.body.disk]) { - res.status(403).send({ error: `Requested disk ${req.body.disk} already exists.` }); + if (config[params.disk]) { + res.status(403).send({ error: `Requested disk ${params.disk} already exists.` }); res.end(); return; } // setup request let request = {}; - if (!req.body.disk.includes("ide")) { + if (!params.disk.includes("ide")) { // setup request - request[req.body.storage] = Number(req.body.size * 1024 ** 3); + request[params.storage] = Number(params.size * 1024 ** 3); // check request approval if (!await approveResources(req, req.cookies.username, request)) { - res.status(500).send({ request: request, error: `Storage ${req.body.storage} could not fulfill request of size ${req.body.size}G.` }); + res.status(500).send({ request: request, error: `Storage ${params.storage} could not fulfill request of size ${params.size}G.` }); res.end(); return; } // target disk must be allowed according to storage options let resourceConfig = db.getResourceConfig(); - if (!resourceConfig[req.body.storage].disks.some(diskPrefix => req.body.disk.startsWith(diskPrefix))) { - res.status(500).send({ error: `Requested target ${req.body.disk} is not in allowed list [${resourceConfig[req.body.storage].disks}].` }); + if (!resourceConfig[params.storage].disks.some(diskPrefix => params.disk.startsWith(diskPrefix))) { + res.status(500).send({ error: `Requested target ${params.disk} is not in allowed list [${resourceConfig[params.storage].disks}].` }); res.end(); return; } } // setup action let action = {}; - if (req.body.disk.includes("ide") && req.body.iso) { - action[req.body.disk] = `${req.body.iso},media=cdrom`; + if (params.disk.includes("ide") && params.iso) { + action[params.disk] = `${params.iso},media=cdrom`; } - else if (req.body.type === "qemu") { // type is qemu, use sata - action[req.body.disk] = `${req.body.storage}:${req.body.size}`; + else if (params.type === "qemu") { // type is qemu, use sata + action[params.disk] = `${params.storage}:${params.size}`; } else { // type is lxc, use mp and add mp and backup values - action[req.body.disk] = `${req.body.storage}:${req.body.size},mp=/${req.body.disk}/,backup=1`; + action[params.disk] = `${params.storage}:${params.size},mp=/${params.disk}/,backup=1`; } action = JSON.stringify(action); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -482,47 +523,55 @@ app.post("/api/instance/disk/create", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/network/create", async (req, res) => { +app.post(`/api/:node/:type/:vmid/net/:netid/create`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + netid: req.params.netid.replace("net", ""), + rate: req.body.rate, + name: req.body.name + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config - let currentConfig = await requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", null, null, pveAPIToken); + let currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken); // net interface must not exist - if (currentConfig.data.data[`net${req.body.netid}`]) { - res.status(500).send({ error: `Network interface net${req.body.netid} already exists.` }); + if (currentConfig.data.data[`net${params.netid}`]) { + res.status(500).send({ error: `Network interface net${params.netid} already exists.` }); res.end(); return; } - if (req.body.type === "lxc" && !req.body.name) { + if (params.type === "lxc" && !params.name) { res.status(500).send({ error: `Network interface must have name parameter.` }); res.end(); return; } let request = { - network: Number(req.body.rate) + network: Number(params.rate) }; // check resource approval if (!await approveResources(req, req.cookies.username, request)) { - res.status(500).send({ request: request, error: `Could not fulfil network request of ${req.body.rate}MB/s.` }); + res.status(500).send({ request: request, error: `Could not fulfil network request of ${params.rate}MB/s.` }); res.end(); return; } // setup action - let nc = db.getUserConfig(req.cookies.username).templates.network[req.body.type]; + let nc = db.getUserConfig(req.cookies.username).templates.network[params.type]; let action = {}; - if (req.body.type === "lxc") { - action[`net${req.body.netid}`] = `name=${req.body.name},bridge=${nc.bridge},ip=${nc.ip},ip6=${nc.ip6},tag=${nc.vlan},type=${nc.type},rate=${req.body.rate}`; + if (params.type === "lxc") { + action[`net${params.netid}`] = `name=${params.name},bridge=${nc.bridge},ip=${nc.ip},ip6=${nc.ip6},tag=${nc.vlan},type=${nc.type},rate=${params.rate}`; } else { - action[`net${req.body.netid}`] = `${nc.type},bridge=${nc.bridge},tag=${nc.vlan},rate=${req.body.rate}`; + action[`net${params.netid}`] = `${nc.type},bridge=${nc.bridge},tag=${nc.vlan},rate=${params.rate}`; } action = JSON.stringify(action); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -540,38 +589,45 @@ app.post("/api/instance/network/create", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/network/modify", async (req, res) => { +app.post(`/api/:node/:type/:vmid/net/:netid/modify`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + netid: req.params.netid.replace("net", ""), + rate: req.body.rate + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config - let currentConfig = await requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", null, null, pveAPIToken); + let currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken); // net interface must already exist - if (!currentConfig.data.data[`net${req.body.netid}`]) { - res.status(500).send({ error: `Network interface net${req.body.netid} does not exist.` }); + if (!currentConfig.data.data[`net${params.netid}`]) { + res.status(500).send({ error: `Network interface net${params.netid} does not exist.` }); res.end(); return; } - let currentNetworkConfig = currentConfig.data.data[`net${req.body.netid}`]; + let currentNetworkConfig = currentConfig.data.data[`net${params.netid}`]; let currentNetworkRate = currentNetworkConfig.split("rate=")[1].split(",")[0]; let request = { - network: Number(req.body.rate) - Number(currentNetworkRate) + network: Number(params.rate) - Number(currentNetworkRate) }; // check resource approval if (!await approveResources(req, req.cookies.username, request)) { - res.status(500).send({ request: request, error: `Could not fulfil network request of ${req.body.rate}MB/s.` }); + res.status(500).send({ request: request, error: `Could not fulfil network request of ${params.rate}MB/s.` }); res.end(); return; } // setup action let action = {}; - action[`net${req.body.netid}`] = currentNetworkConfig.replace(`rate=${currentNetworkRate}`, `rate=${req.body.rate}`); + action[`net${params.netid}`] = currentNetworkConfig.replace(`rate=${currentNetworkRate}`, `rate=${params.rate}`); action = JSON.stringify(action); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -587,25 +643,31 @@ app.post("/api/instance/network/modify", async (req, res) => { * - 500: {error: String} * - 500: PVE Task Object */ -app.delete("/api/instance/network/delete", async (req, res) => { +app.delete(`/api/:node/:type/:vmid/net/:netid/delete`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + netid: req.params.netid.replace("net", "") + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config - let currentConfig = await requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", null, null, pveAPIToken); + let currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken); // net interface must already exist - if (!currentConfig.data.data[`net${req.body.netid}`]) { - res.status(500).send({ error: `Network interface net${req.body.netid} does not exist.` }); + if (!currentConfig.data.data[`net${params.netid}`]) { + res.status(500).send({ error: `Network interface net${params.netid} does not exist.` }); res.end(); return; } // setup action - let action = JSON.stringify({ delete: `net${req.body.netid}` }); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let action = JSON.stringify({ delete: `net${params.netid}` }); + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -620,23 +682,29 @@ app.delete("/api/instance/network/delete", async (req, res) => { * - 401: {auth: false, path: String} * - 500: {error: String} */ -app.get("/api/instance/pci", async (req, res) => { +app.get(`/api/:node/:type/:vmid/pci/:hostpci`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + hostpci: req.params.hostpci.replace("hostpci", "") + }; // check auth for specific instance - let vmpath = `/nodes/${req.query.node}/${req.query.type}/${req.query.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // check device is in instance config let config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies)).data.data; - if (!config[`hostpci${req.query.hostpci}`]) { - res.status(500).send({ error: `Could not find hostpci${req.query.hostpci} in ${req.query.vmid}.` }); + if (!config[`hostpci${params.hostpci}`]) { + res.status(500).send({ error: `Could not find hostpci${params.hostpci} in ${params.vmid}.` }); res.end(); return; } - let device = config[`hostpci${req.query.hostpci}`].split(",")[0]; + let device = config[`hostpci${params.hostpci}`].split(",")[0]; // get node's pci devices - let deviceData = await getDeviceInfo(req.query.node, req.query.type, req.query.vmid, device); + let deviceData = await getDeviceInfo(params.node, params.type, params.vmid, device); if (!deviceData) { - res.status(500).send({ error: `Could not find hostpci${req.query.hostpci}=${device} in ${req.query.node}.` }); + res.status(500).send({ error: `Could not find hostpci${params.hostpci}=${device} in ${params.node}.` }); res.end(); return; } @@ -654,14 +722,17 @@ app.get("/api/instance/pci", async (req, res) => { * - 401: {auth: false, path: String} * - 500: {error: String} */ -app.get("/api/nodes/pci", async (req, res) => { +app.get(`/api/:node/pci`, async (req, res) => { + let params = { + node: req.params.node, + }; // check auth let auth = await checkAuth(req.cookies, res); if (!auth) { return; } // get remaining user resources let userAvailPci = (await getUserResources(req, req.cookies.username)).avail.pci; // get node avail devices - let nodeAvailPci = await getNodeAvailDevices(req.query.node, req.cookies); + let nodeAvailPci = await getNodeAvailDevices(params.node, req.cookies); nodeAvailPci = nodeAvailPci.filter(nodeAvail => userAvailPci.some((userAvail) => { return nodeAvail.device_name && nodeAvail.device_name.includes(userAvail); })); res.status(200).send(nodeAvailPci); res.end(); @@ -683,31 +754,39 @@ app.get("/api/nodes/pci", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/pci/modify", async (req, res) => { +app.post(`/api/:node/:type/:vmid/pci/:hostpci/modify`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + hostpci: req.params.hostpci.replace("hostpci", ""), + device: req.body.device, + pcie: req.body.pcie + }; // check if type is qemu - if (req.body.type !== "qemu") { + if (params.type !== "qemu") { res.status(500).send({ error: `Type must be qemu (vm).` }); res.end(); return; } // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // force all functions - req.body.device = req.body.device.split(".")[0]; + params.device = params.device.split(".")[0]; // get instance config to check if device has not changed - let config = (await requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", req.body.cookies, null, pveAPIToken)).data.data; - let currentDeviceData = await getDeviceInfo(req.body.node, req.body.type, req.body.vmid, config[`hostpci${req.body.hostpci}`].split(",")[0]); + let config = (await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", params.cookies, null, pveAPIToken)).data.data; + let currentDeviceData = await getDeviceInfo(params.node, params.type, params.vmid, config[`hostpci${params.hostpci}`].split(",")[0]); if (!currentDeviceData) { - res.status(500).send({ error: `No device in hostpci${req.body.hostpci}.` }); + res.status(500).send({ error: `No device in hostpci${params.hostpci}.` }); res.end(); return; } // only check user and node availability if base id is different - if (currentDeviceData.id.split(".")[0] !== req.body.device) { + if (currentDeviceData.id.split(".")[0] !== params.device) { // setup request - let deviceData = await getDeviceInfo(req.body.node, req.body.type, req.body.vmid, req.body.device); + let deviceData = await getDeviceInfo(params.node, params.type, params.vmid, params.device); let request = { pci: deviceData.device_name }; // check resource approval if (!await approveResources(req, req.cookies.username, request)) { @@ -716,16 +795,16 @@ app.post("/api/instance/pci/modify", async (req, res) => { return; } // check node availability - let nodeAvailPci = await getNodeAvailDevices(req.body.node, req.cookies); - if (!nodeAvailPci.some(element => element.id.split(".")[0] === req.body.device)) { - res.status(500).send({ error: `Device ${req.body.device} is already in use on ${req.body.node}.` }); + let nodeAvailPci = await getNodeAvailDevices(params.node, req.cookies); + if (!nodeAvailPci.some(element => element.id.split(".")[0] === params.device)) { + res.status(500).send({ error: `Device ${params.device} is already in use on ${params.node}.` }); res.end(); return; } } // setup action let action = {}; - action[`hostpci${req.body.hostpci}`] = `${req.body.device},pcie=${req.body.pcie}`; + action[`hostpci${params.hostpci}`] = `${params.device},pcie=${params.pcie}`; action = JSON.stringify(action); // commit action let rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getApplicationConfig().pveroot), null); @@ -739,7 +818,7 @@ app.post("/api/instance/pci/modify", async (req, res) => { CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken }; let result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -756,27 +835,34 @@ app.post("/api/instance/pci/modify", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/pci/create", async (req, res) => { +app.post(`/api/:node/:type/:vmid/pci/create`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + device: req.body.device, + pcie: req.body.pcie + }; // check if type is qemu - if (req.body.type !== "qemu") { + if (params.type !== "qemu") { res.status(500).send({ error: `Type must be qemu (vm).` }); res.end(); return; } // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // force all functions - req.body.device = req.body.device.split(".")[0]; + params.device = params.device.split(".")[0]; // get instance config to find next available hostpci slot - let config = requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", req.body.cookies, null, null); + let config = requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", params.cookies, null, null); let hostpci = 0; while (config[`hostpci${hostpci}`]) { hostpci++; } // setup request - let deviceData = await getDeviceInfo(req.body.node, req.body.type, req.body.vmid, req.body.device); + let deviceData = await getDeviceInfo(params.node, params.type, params.vmid, params.device); let request = { pci: deviceData.device_name }; @@ -787,15 +873,15 @@ app.post("/api/instance/pci/create", async (req, res) => { return; } // check node availability - let nodeAvailPci = await getNodeAvailDevices(req.body.node, req.cookies); - if (!nodeAvailPci.some(element => element.id.split(".")[0] === req.body.device)) { - res.status(500).send({ error: `Device ${req.body.device} is already in use on ${req.body.node}.` }); + let nodeAvailPci = await getNodeAvailDevices(params.node, req.cookies); + if (!nodeAvailPci.some(element => element.id.split(".")[0] === params.device)) { + res.status(500).send({ error: `Device ${params.device} is already in use on ${params.node}.` }); res.end(); return; } // setup action let action = {}; - action[`hostpci${hostpci}`] = `${req.body.device},pcie=${req.body.pcie}`; + action[`hostpci${hostpci}`] = `${params.device},pcie=${params.pcie}`; action = JSON.stringify(action); // commit action let rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getApplicationConfig().pveroot), null); @@ -809,7 +895,7 @@ app.post("/api/instance/pci/create", async (req, res) => { CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken }; let result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -825,26 +911,32 @@ app.post("/api/instance/pci/create", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.delete("/api/instance/pci/delete", async (req, res) => { +app.delete(`/api/:node/:type/:vmid/pci/:hostpci/delete`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + hostpci: req.params.hostpci.replace("hostpci", "") + }; // check if type is qemu - if (req.body.type !== "qemu") { + if (params.type !== "qemu") { res.status(500).send({ error: `Type must be qemu (vm).` }); res.end(); return; } // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // check device is in instance config let config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies)).data.data; - if (!config[`hostpci${req.body.hostpci}`]) { - res.status(500).send({ error: `Could not find hostpci${req.body.hostpci} in ${req.body.vmid}.` }); + if (!config[`hostpci${params.hostpci}`]) { + res.status(500).send({ error: `Could not find hostpci${params.hostpci} in ${params.vmid}.` }); res.end(); return; } // setup action - let action = JSON.stringify({ delete: `hostpci${req.body.hostpci}` }); + let action = JSON.stringify({ delete: `hostpci${params.hostpci}` }); // commit action, need to use root user here because proxmox api only allows root to modify hostpci for whatever reason let rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getApplicationConfig().pveroot), null); if (!(rootauth.status === 200)) { @@ -857,7 +949,7 @@ app.delete("/api/instance/pci/delete", async (req, res) => { CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken }; let result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -876,22 +968,31 @@ app.delete("/api/instance/pci/delete", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance/resources", async (req, res) => { +app.post(`/api/:node/:type/:vmid/resources`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + proctype: req.body.proctype, + cores: req.body.cores, + memory: req.body.memory, + swap: req.body.swap + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // get current config - let currentConfig = await requestPVE(`/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}/config`, "GET", null, null, pveAPIToken); + let currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken); let request = { - cores: Number(req.body.cores) - Number(currentConfig.data.data.cores), - memory: Number(req.body.memory) - Number(currentConfig.data.data.memory) + cores: Number(params.cores) - Number(currentConfig.data.data.cores), + memory: Number(params.memory) - Number(currentConfig.data.data.memory) }; - if (req.body.type === "lxc") { - request.swap = Number(req.body.swap) - Number(currentConfig.data.data.swap); + if (params.type === "lxc") { + request.swap = Number(params.swap) - Number(currentConfig.data.data.swap); } - else if (req.body.type === "qemu") { - request.cpu = req.body.proctype; + else if (params.type === "qemu") { + request.cpu = params.proctype; } // check resource approval if (!await approveResources(req, req.cookies.username, request)) { @@ -900,18 +1001,18 @@ app.post("/api/instance/resources", async (req, res) => { return; } // setup action - let action = { cores: req.body.cores, memory: req.body.memory }; - if (req.body.type === "lxc") { - action.swap = Number(req.body.swap); + let action = { cores: params.cores, memory: params.memory }; + if (params.type === "lxc") { + action.swap = Number(params.swap); } - else if (req.body.type === "qemu") { - action.cpu = req.body.proctype; + else if (params.type === "qemu") { + action.cpu = params.proctype; } action = JSON.stringify(action); - let method = req.body.type === "qemu" ? "POST" : "PUT"; + let method = params.type === "qemu" ? "POST" : "PUT"; // commit action let result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); /** @@ -936,13 +1037,27 @@ app.post("/api/instance/resources", async (req, res) => { * - 500: {request: Object, error: String} * - 500: PVE Task Object */ -app.post("/api/instance", async (req, res) => { +app.post(`/api/:node/:type/:vmid/create`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid, + hostname: req.body.hostname, + name: req.body.name, + cores: req.body.cores, + memory: req.body.memory, + swap: req.body.swap, + password: req.body.password, + ostemplate: req.body.ostemplate, + rootfslocation: req.body.rootfslocation, + rootfssize: req.body.rootfssize + }; // check auth let auth = await checkAuth(req.cookies, res); if (!auth) { return; } // get user db config let user = await db.getUserConfig(req.cookies.username); - let vmid = Number.parseInt(req.body.vmid); + let vmid = Number.parseInt(params.vmid); let vmid_min = user.cluster.vmid.min; let vmid_max = user.cluster.vmid.max; // check vmid is within allowed range @@ -952,22 +1067,22 @@ app.post("/api/instance", async (req, res) => { return; } // check node is within allowed list - if (!user.nodes.includes(req.body.node)) { - res.status(500).send({ error: `Requested node ${req.body.node} is not in allowed nodes [${user.nodes}].` }); + if (!user.nodes.includes(params.node)) { + res.status(500).send({ error: `Requested node ${params.node} is not in allowed nodes [${user.nodes}].` }); res.end(); return; } // setup request let request = { - cores: Number(req.body.cores), - memory: Number(req.body.memory) + cores: Number(params.cores), + memory: Number(params.memory) }; - if (req.body.type === "lxc") { - request.swap = req.body.swap; - request[req.body.rootfslocation] = req.body.rootfssize; + if (params.type === "lxc") { + request.swap = params.swap; + request[params.rootfslocation] = params.rootfssize; } - for (let key of Object.keys(user.templates.instances[req.body.type])) { - let item = user.templates.instances[req.body.type][key]; + for (let key of Object.keys(user.templates.instances[params.type])) { + let item = user.templates.instances[params.type][key]; if (item.resource) { if (request[item.resource.name]) { request[item.resource.name] += item.resource.amount; @@ -985,29 +1100,29 @@ app.post("/api/instance", async (req, res) => { } // setup action by adding non resource values let action = { - vmid: req.body.vmid, - cores: Number(req.body.cores), - memory: Number(req.body.memory), + vmid: params.vmid, + cores: Number(params.cores), + memory: Number(params.memory), pool: user.cluster.pool }; - for (let key of Object.keys(user.templates.instances[req.body.type])) { - action[key] = user.templates.instances[req.body.type][key].value; + for (let key of Object.keys(user.templates.instances[params.type])) { + action[key] = user.templates.instances[params.type][key].value; } - if (req.body.type === "lxc") { - action.hostname = req.body.name; + if (params.type === "lxc") { + action.hostname = params.name; action.unprivileged = 1; action.features = "nesting=1"; - action.password = req.body.password; - action.ostemplate = req.body.ostemplate; - action.rootfs = `${req.body.rootfslocation}:${req.body.rootfssize}`; + action.password = params.password; + action.ostemplate = params.ostemplate; + action.rootfs = `${params.rootfslocation}:${params.rootfssize}`; } else { - action.name = req.body.name; + action.name = params.name; } action = JSON.stringify(action); // commit action - let result = await requestPVE(`/nodes/${req.body.node}/${req.body.type}`, "POST", req.cookies, action, pveAPIToken); - await handleResponse(req.body.node, result, res); + let result = await requestPVE(`/nodes/${params.node}/${params.type}`, "POST", req.cookies, action, pveAPIToken); + await handleResponse(params.node, result, res); }); /** @@ -1021,14 +1136,19 @@ app.post("/api/instance", async (req, res) => { * - 401: {auth: false, path: String} * - 500: PVE Task Object */ -app.delete("/api/instance", async (req, res) => { +app.delete(`/api/:node/:type/:vmid/delete`, async (req, res) => { + let params = { + node: req.params.node, + type: req.params.type, + vmid: req.params.vmid + }; // check auth for specific instance - let vmpath = `/nodes/${req.body.node}/${req.body.type}/${req.body.vmid}`; + let vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`; let auth = await checkAuth(req.cookies, res, vmpath); if (!auth) { return; } // commit action let result = await requestPVE(vmpath, "DELETE", req.cookies, null, pveAPIToken); - await handleResponse(req.body.node, result, res); + await handleResponse(params.node, result, res); }); app.listen(listenPort, () => {