add default export to db and package module,
start grouping routes by type, use dynamic imports and express routers
This commit is contained in:
parent
ae58a18c9a
commit
aae3bb14c0
@ -1,257 +0,0 @@
|
|||||||
import { WebSocketServer } from "ws";
|
|
||||||
import * as cookie from "cookie";
|
|
||||||
|
|
||||||
import { requestPVE } from "./pve.js";
|
|
||||||
import { checkAuth, getObjectHash, getTimeLeft } from "./utils.js";
|
|
||||||
import { db, pveAPIToken } from "./db.js";
|
|
||||||
|
|
||||||
// maps usernames to socket object(s)
|
|
||||||
const userSocketMap = {};
|
|
||||||
// maps pool ids to users
|
|
||||||
const poolUserMap = {};
|
|
||||||
// maps sockets to their requested rates
|
|
||||||
const requestedRates = {};
|
|
||||||
// stores the next queued interrupt handler
|
|
||||||
let timer = null;
|
|
||||||
// previous cluster state for interrupt handler
|
|
||||||
let prevState = {};
|
|
||||||
// target ms value
|
|
||||||
let targetMSTime = null;
|
|
||||||
|
|
||||||
export function setupClientSync (app, server, options) {
|
|
||||||
const schemes = options.schemes;
|
|
||||||
const resourceTypes = options.resourcetypes;
|
|
||||||
/**
|
|
||||||
* GET - get list of supported synchronization schemes
|
|
||||||
* responses:
|
|
||||||
* - 200 : {always: boolean, hash: boolean, interrupt: boolean}
|
|
||||||
*/
|
|
||||||
app.get("/api/sync/schemes", async (req, res) => {
|
|
||||||
res.send(schemes);
|
|
||||||
});
|
|
||||||
if (schemes.always.enabled) {
|
|
||||||
console.log("clientsync: enabled always sync");
|
|
||||||
}
|
|
||||||
// setup hash scheme
|
|
||||||
if (schemes.hash.enabled) {
|
|
||||||
/**
|
|
||||||
* GET - get hash of current cluster resources states
|
|
||||||
* Client can use this endpoint to check for cluster state changes to avoid costly data transfers to the client.
|
|
||||||
* responses:
|
|
||||||
* - 401: {auth: false}
|
|
||||||
* - 200: string
|
|
||||||
*/
|
|
||||||
app.get("/api/sync/hash", async (req, res) => {
|
|
||||||
// check auth
|
|
||||||
const auth = await checkAuth(req.cookies, res);
|
|
||||||
if (!auth) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// get current cluster resources
|
|
||||||
const status = (await requestPVE("/cluster/resources", "GET", req.cookies)).data.data;
|
|
||||||
// filter out just state information of resources that are needed
|
|
||||||
const state = extractClusterState(status, resourceTypes);
|
|
||||||
res.status(200).send(getObjectHash(state));
|
|
||||||
});
|
|
||||||
console.log("clientsync: enabled hash sync");
|
|
||||||
}
|
|
||||||
// setup interupt scheme
|
|
||||||
if (schemes.interrupt.enabled) {
|
|
||||||
const wsServer = new WebSocketServer({ noServer: true, path: "/api/sync/interrupt" });
|
|
||||||
wsServer.on("connection", (socket, username, pool) => {
|
|
||||||
// add new socket to userSocketmap
|
|
||||||
if (userSocketMap[username]) {
|
|
||||||
const index = Object.keys(userSocketMap[username]).length;
|
|
||||||
userSocketMap[username][index] = socket;
|
|
||||||
socket.userIndex = index;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
userSocketMap[username] = { 0: socket };
|
|
||||||
socket.userIndex = 0;
|
|
||||||
}
|
|
||||||
// add user to associated pool in poolUserMap
|
|
||||||
if (poolUserMap[pool]) {
|
|
||||||
poolUserMap[pool][username] = true;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
poolUserMap[pool] = {};
|
|
||||||
poolUserMap[pool][username] = true;
|
|
||||||
}
|
|
||||||
// add socket entry into requestedRates
|
|
||||||
const index = Object.keys(requestedRates).length;
|
|
||||||
requestedRates[index] = Infinity;
|
|
||||||
socket.rateIndex = index;
|
|
||||||
// handle socket error
|
|
||||||
socket.on("error", console.error);
|
|
||||||
// handle socket close
|
|
||||||
socket.on("close", () => {
|
|
||||||
// remove closed socket from userSocketMap user entry
|
|
||||||
delete userSocketMap[username][socket.userIndex];
|
|
||||||
// if there are no more sockets for this user, delete the userSocketMap user entry and the poolUserMap user entry
|
|
||||||
if (Object.keys(userSocketMap[username]).length === 0) {
|
|
||||||
// delete the user entry
|
|
||||||
delete userSocketMap[username];
|
|
||||||
// remove user from poolUserMap pool entry
|
|
||||||
delete poolUserMap[pool][username];
|
|
||||||
// if the poolUserMap pool entry is empty, delete the entry
|
|
||||||
if (Object.keys(poolUserMap[pool]).length === 0) {
|
|
||||||
delete poolUserMap[pool];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// remove socket entry from requestedRates
|
|
||||||
delete requestedRates[socket.rateIndex];
|
|
||||||
if (Object.keys(requestedRates).length === 0) { // if there are no requested rates left, clear the timer
|
|
||||||
clearTimeout(timer);
|
|
||||||
timer = null;
|
|
||||||
targetMSTime = null;
|
|
||||||
}
|
|
||||||
// terminate socket
|
|
||||||
socket.terminate();
|
|
||||||
});
|
|
||||||
// handle socket incoming message
|
|
||||||
socket.on("message", (message) => {
|
|
||||||
const parsed = message.toString().split(" ");
|
|
||||||
const cmd = parsed[0];
|
|
||||||
// command is rate and the value is valid
|
|
||||||
if (cmd === "rate" && parsed[1] >= schemes.interrupt["min-rate"] && parsed[1] <= schemes.interrupt["max-rate"]) {
|
|
||||||
// get requested rate in ms
|
|
||||||
const rate = Number(parsed[1]) * 1000;
|
|
||||||
// if timer has not started, start it with requested rate
|
|
||||||
if (!timer) {
|
|
||||||
timer = setTimeout(handleInterruptSync, rate);
|
|
||||||
const time = global.process.uptime();
|
|
||||||
targetMSTime = time - Math.floor(time);
|
|
||||||
}
|
|
||||||
// otherwise, if the timer has started but the rate is lower than the current minimum
|
|
||||||
// AND if the next event trigger is more than the new rate in the future,
|
|
||||||
// restart the timer with the new rate
|
|
||||||
// avoids a large requested rate preventing a faster rate from being fulfilled
|
|
||||||
else if (rate < Math.min.apply(null, Object.values(requestedRates)) && getTimeLeft(timer) > rate) {
|
|
||||||
clearTimeout(timer);
|
|
||||||
timer = setTimeout(handleInterruptSync, rate);
|
|
||||||
const time = global.process.uptime();
|
|
||||||
targetMSTime = time - Math.floor(time);
|
|
||||||
}
|
|
||||||
// otherwise just add the rate to the list, when the next even trigger happens it will be requeued with the new requested rates
|
|
||||||
requestedRates[socket.rateIndex] = rate;
|
|
||||||
}
|
|
||||||
// command is rate but the requested value is out of bounds, terminate socket
|
|
||||||
else if (cmd === "rate") {
|
|
||||||
socket.send(`error: rate must be in range [${schemes.interrupt["min-rate"]}, ${schemes.interrupt["max-rate"]}].`);
|
|
||||||
socket.terminate();
|
|
||||||
}
|
|
||||||
// otherwise, command is invalid, terminate socket
|
|
||||||
else {
|
|
||||||
socket.send(`error: ${cmd} command not found.`);
|
|
||||||
socket.terminate();
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
// handle the wss upgrade request
|
|
||||||
server.on("upgrade", async (req, socket, head) => {
|
|
||||||
const cookies = cookie.parse(req.headers.cookie || "");
|
|
||||||
const auth = (await requestPVE("/version", "GET", cookies)).status === 200;
|
|
||||||
if (!auth) {
|
|
||||||
socket.destroy();
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
wsServer.handleUpgrade(req, socket, head, (socket) => {
|
|
||||||
const pool = db.getUserConfig(cookies.username).cluster.pool;
|
|
||||||
wsServer.emit("connection", socket, cookies.username, pool);
|
|
||||||
});
|
|
||||||
}
|
|
||||||
});
|
|
||||||
const handleInterruptSync = async () => {
|
|
||||||
// queue timeout for next iteration with delay of minimum rate
|
|
||||||
const minRequestedRate = Math.min.apply(null, Object.values(requestedRates));
|
|
||||||
// if the minimum rate is not Infinity, schedule the next timer
|
|
||||||
if (minRequestedRate < Infinity) {
|
|
||||||
const time = global.process.uptime() - targetMSTime;
|
|
||||||
const delay = (time - Math.round(time)) * 1000;
|
|
||||||
timer = setTimeout(handleInterruptSync, minRequestedRate - delay);
|
|
||||||
}
|
|
||||||
// if the minimum rate is Infinity, then don't schedule anything and set timer to null
|
|
||||||
else {
|
|
||||||
timer = null;
|
|
||||||
targetMSTime = null;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// get current cluster resources
|
|
||||||
const status = (await requestPVE("/cluster/resources", "GET", null, null, pveAPIToken)).data.data;
|
|
||||||
// filter out just state information of resources that are needed, and hash each one
|
|
||||||
const currState = extractClusterState(status, resourceTypes, true);
|
|
||||||
// get a map of users to send sync notifications
|
|
||||||
const syncUsers = {};
|
|
||||||
// for each current resource in the cluster, check for state changes
|
|
||||||
Object.keys(currState).forEach((resource) => {
|
|
||||||
// if the resource's current state has changed, add all relevant users to syncUsers
|
|
||||||
const resourceCurrState = currState[resource];
|
|
||||||
const resourcePrevState = prevState[resource];
|
|
||||||
// if the previous state did not exist, or the status or pool have changed, then a resource state was added or modified
|
|
||||||
if (!resourcePrevState || resourceCurrState.hash !== resourcePrevState.hash) {
|
|
||||||
// if the resource is a node, send sync to all users
|
|
||||||
if (resourceCurrState.type === "node") {
|
|
||||||
Object.keys(userSocketMap).forEach((user) => {
|
|
||||||
syncUsers[user] = true;
|
|
||||||
});
|
|
||||||
}
|
|
||||||
// if the resource is qemu or lxc, send sync to users in the same pool if there is a pool and if the pool has users
|
|
||||||
else if (resourceCurrState.pool && poolUserMap[resourceCurrState.pool]) {
|
|
||||||
Object.keys(poolUserMap[resourceCurrState.pool]).forEach((user) => {
|
|
||||||
syncUsers[user] = true;
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
// for each previous resource in the cluster, check for state changes
|
|
||||||
Object.keys(prevState).forEach((resource) => {
|
|
||||||
const resourceCurrState = currState[resource];
|
|
||||||
const resourcePrevState = prevState[resource];
|
|
||||||
// if the resource no longer exists in the current state, then it is lost or deleted
|
|
||||||
if (!resourceCurrState) {
|
|
||||||
// if the resource is a node, send sync to all users
|
|
||||||
if (resourcePrevState.type === "node") {
|
|
||||||
Object.keys(userSocketMap).forEach((user) => {
|
|
||||||
syncUsers[user] = true;
|
|
||||||
});
|
|
||||||
}
|
|
||||||
// if the resource is qemu or lxc, send sync to users in the same pool if there is a pool and if the pool has users
|
|
||||||
else if (resourcePrevState.pool && poolUserMap[resourcePrevState.pool]) {
|
|
||||||
Object.keys(poolUserMap[resourcePrevState.pool]).forEach((user) => {
|
|
||||||
syncUsers[user] = true;
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
// for each user in syncUsers, send a sync message over their registered sockets
|
|
||||||
for (const user of Object.keys(syncUsers)) {
|
|
||||||
for (const socket of Object.keys(userSocketMap[user])) {
|
|
||||||
userSocketMap[user][socket].send("sync");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// set prevState for next iteration
|
|
||||||
prevState = currState;
|
|
||||||
};
|
|
||||||
console.log("clientsync: enabled interrupt sync");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function extractClusterState (status, resourceTypes, hashIndividual = false) {
|
|
||||||
const state = {};
|
|
||||||
status.forEach((resource) => {
|
|
||||||
if (resourceTypes.includes(resource.type)) {
|
|
||||||
state[resource.id] = {
|
|
||||||
name: resource.name || null,
|
|
||||||
type: resource.type,
|
|
||||||
status: resource.status,
|
|
||||||
node: resource.node,
|
|
||||||
pool: resource.pool || null
|
|
||||||
};
|
|
||||||
if (hashIndividual) {
|
|
||||||
const hash = getObjectHash(state[resource.id]);
|
|
||||||
state[resource.id].hash = hash;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
|
||||||
return state;
|
|
||||||
}
|
|
12
src/db.js
12
src/db.js
@ -7,6 +7,11 @@ class LocalDB {
|
|||||||
constructor () {
|
constructor () {
|
||||||
try {
|
try {
|
||||||
this.load();
|
this.load();
|
||||||
|
this.pveAPI = this.getGlobalConfig().application.pveAPI;
|
||||||
|
this.pveAPIToken = this.getGlobalConfig().application.pveAPIToken;
|
||||||
|
this.listenPort = this.getGlobalConfig().application.listenPort;
|
||||||
|
this.hostname = this.getGlobalConfig().application.hostname;
|
||||||
|
this.domain = this.getGlobalConfig().application.domain;
|
||||||
}
|
}
|
||||||
catch {
|
catch {
|
||||||
console.log("Error: localdb.json was not found. Please follow the directions in the README to initialize localdb.json.");
|
console.log("Error: localdb.json was not found. Please follow the directions in the README to initialize localdb.json.");
|
||||||
@ -46,9 +51,4 @@ class LocalDB {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
export const db = new LocalDB();
|
export default new LocalDB();
|
||||||
export const pveAPI = db.getGlobalConfig().application.pveAPI;
|
|
||||||
export const pveAPIToken = db.getGlobalConfig().application.pveAPIToken;
|
|
||||||
export const listenPort = db.getGlobalConfig().application.listenPort;
|
|
||||||
export const hostname = db.getGlobalConfig().application.hostname;
|
|
||||||
export const domain = db.getGlobalConfig().application.domain;
|
|
||||||
|
971
src/main.js
971
src/main.js
File diff suppressed because it is too large
Load Diff
@ -1,2 +1,2 @@
|
|||||||
import { readFileSync } from "fs";
|
import { readFileSync } from "fs";
|
||||||
export const api = JSON.parse(readFileSync("package.json"));
|
export default JSON.parse(readFileSync("package.json"));
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
import axios from "axios";
|
import axios from "axios";
|
||||||
import { pveAPI, pveAPIToken } from "./db.js";
|
import db from "./db.js";
|
||||||
|
const pveAPI = db.pveAPI;
|
||||||
|
const pveAPIToken = db.pveAPIToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Send HTTP request to proxmox API. Allows requests to be made with user cookie credentials or an API token for controlled priviledge elevation.
|
* Send HTTP request to proxmox API. Allows requests to be made with user cookie credentials or an API token for controlled priviledge elevation.
|
||||||
|
61
src/routes/auth.js
Normal file
61
src/routes/auth.js
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const domain = global.db.domain;
|
||||||
|
const checkAuth = global.utils.checkAuth;
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* GET - check authentication
|
||||||
|
* responses:
|
||||||
|
* - 200: {auth: true}
|
||||||
|
* - 401: {auth: false}
|
||||||
|
*/
|
||||||
|
router.get("/", async (req, res) => {
|
||||||
|
const auth = await checkAuth(req.cookies, res);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
res.status(200).send({ auth: true });
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - safer ticket generation using proxmox authentication but adding HttpOnly
|
||||||
|
* request:
|
||||||
|
* - username: string
|
||||||
|
* - password: string
|
||||||
|
* responses:
|
||||||
|
* - 200: {auth: true}
|
||||||
|
* - 401: {auth: false}
|
||||||
|
*/
|
||||||
|
router.post("/ticket", async (req, res) => {
|
||||||
|
const response = await requestPVE("/access/ticket", "POST", null, JSON.stringify(req.body));
|
||||||
|
if (!(response.status === 200)) {
|
||||||
|
res.status(response.status).send({ auth: false });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const ticket = response.data.data.ticket;
|
||||||
|
const csrftoken = response.data.data.CSRFPreventionToken;
|
||||||
|
const username = response.data.data.username;
|
||||||
|
const expire = new Date(Date.now() + (2 * 60 * 60 * 1000));
|
||||||
|
res.cookie("PVEAuthCookie", ticket, { domain, path: "/", httpOnly: true, secure: true, expires: expire });
|
||||||
|
res.cookie("CSRFPreventionToken", csrftoken, { domain, path: "/", httpOnly: true, secure: true, expires: expire });
|
||||||
|
res.cookie("username", username, { domain, path: "/", secure: true, expires: expire });
|
||||||
|
res.cookie("auth", 1, { domain, path: "/", secure: true, expires: expire });
|
||||||
|
res.status(200).send({ auth: true });
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* DELETE - request to destroy ticket
|
||||||
|
* responses:
|
||||||
|
* - 200: {auth: false}
|
||||||
|
*/
|
||||||
|
router.delete("/ticket", async (req, res) => {
|
||||||
|
const expire = new Date(0);
|
||||||
|
res.cookie("PVEAuthCookie", "", { domain, path: "/", httpOnly: true, secure: true, expires: expire });
|
||||||
|
res.cookie("CSRFPreventionToken", "", { domain, path: "/", httpOnly: true, secure: true, expires: expire });
|
||||||
|
res.cookie("username", "", { domain, path: "/", httpOnly: true, secure: true, expires: expire });
|
||||||
|
res.cookie("auth", 0, { domain, path: "/", expires: expire });
|
||||||
|
res.status(200).send({ auth: false });
|
||||||
|
});
|
29
src/routes/cluster.js
Normal file
29
src/routes/cluster.js
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const nodeRegexP = "[\\w-]+";
|
||||||
|
const typeRegexP = "qemu|lxc";
|
||||||
|
const vmidRegexP = "\\d+";
|
||||||
|
|
||||||
|
const basePath = `/:node(${nodeRegexP})/:type(${typeRegexP})/:vmid(${vmidRegexP})`;
|
||||||
|
|
||||||
|
import("./cluster/disk.js").then((module) => {
|
||||||
|
router.use(`${basePath}/disk`, (req, res, next) => {
|
||||||
|
req.routeparams = Object.assign({}, req.routeparams, req.params);
|
||||||
|
next();
|
||||||
|
}, module.router);
|
||||||
|
});
|
||||||
|
|
||||||
|
import("./cluster/net.js").then((module) => {
|
||||||
|
router.use(`${basePath}/net`, (req, res, next) => {
|
||||||
|
req.routeparams = Object.assign({}, req.routeparams, req.params);
|
||||||
|
next();
|
||||||
|
}, module.router);
|
||||||
|
});
|
||||||
|
|
||||||
|
import("./cluster/pci.js").then((module) => {
|
||||||
|
router.use(`${basePath}/pci`,(req, res, next) => {
|
||||||
|
req.routeparams = Object.assign({}, req.routeparams, req.params);
|
||||||
|
next();
|
||||||
|
}, module.router);
|
||||||
|
});
|
358
src/routes/cluster/disk.js
Normal file
358
src/routes/cluster/disk.js
Normal file
@ -0,0 +1,358 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
const handleResponse = global.pve.handleResponse;
|
||||||
|
const getDiskInfo = global.pve.getDiskInfo;
|
||||||
|
const checkAuth = global.utils.checkAuth;
|
||||||
|
const approveResources = global.utils.approveResources;
|
||||||
|
const pveAPIToken = global.db.pveAPIToken;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - detach mounted disk from instance
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* -y tpe: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - disk: string - disk id (sata0, NOT unused)
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:disk/detach`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
disk: req.params.disk
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data;
|
||||||
|
// disk must exist
|
||||||
|
if (!config[params.disk]) {
|
||||||
|
res.status(500).send({ error: `Disk ${params.disk} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// disk cannot be unused
|
||||||
|
if (params.disk.includes("unused")) {
|
||||||
|
res.status(500).send({ error: `Requested disk ${params.disk} cannot be unused. Use /disk/delete to permanently delete unused disks.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const action = JSON.stringify({ delete: params.disk });
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - attach unused disk image to instance
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - disk: string - disk id (sata0 NOT unused)
|
||||||
|
* - source: number - source unused disk number (0 => unused0)
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:disk/attach`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
disk: req.params.disk,
|
||||||
|
source: req.body.source
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data;
|
||||||
|
// disk must exist
|
||||||
|
if (!config[`unused${params.source}`]) {
|
||||||
|
res.status(403).send({ error: `Requested disk unused${params.source} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// target disk must be allowed according to source disk's storage options
|
||||||
|
const diskConfig = await getDiskInfo(params.node, params.type, params.vmid, `unused${params.source}`); // get target disk
|
||||||
|
const resourceConfig = db.getGlobalConfig().resources;
|
||||||
|
if (!resourceConfig[diskConfig.storage].disks.some(diskPrefix => params.disk.startsWith(diskPrefix))) {
|
||||||
|
res.status(500).send({ error: `Requested target ${params.disk} is not in allowed list [${resourceConfig[diskConfig.storage].disks}].` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup action using source disk info from vm config
|
||||||
|
let action = {};
|
||||||
|
action[params.disk] = config[`unused${params.source}`];
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - increase size of mounted disk
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - disk: string - disk id (sata0 NOT unused)
|
||||||
|
* - size: number - increase size in GiB
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:disk/resize`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
disk: req.params.disk,
|
||||||
|
size: req.body.size
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check disk existence
|
||||||
|
const diskConfig = await getDiskInfo(params.node, params.type, params.vmid, params.disk); // get target disk
|
||||||
|
if (!diskConfig) { // exit if disk does not exist
|
||||||
|
res.status(500).send({ error: `requested disk ${params.disk} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup request
|
||||||
|
const storage = diskConfig.storage; // get the storage
|
||||||
|
const request = {};
|
||||||
|
request[storage] = Number(params.size * 1024 ** 3); // setup request object
|
||||||
|
// check request approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Storage ${storage} could not fulfill request of size ${params.size}G.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// action approved, commit to action
|
||||||
|
const action = JSON.stringify({ disk: params.disk, size: `+${params.size}G` });
|
||||||
|
const result = await requestPVE(`${vmpath}/resize`, "PUT", req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - move mounted disk from one storage to another
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - disk: string - disk id (sata0 NOT unused)
|
||||||
|
* - storage: string - target storage to move disk
|
||||||
|
* - delete: number - delete original disk (0, 1)
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:disk/move`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
disk: req.params.disk,
|
||||||
|
storage: req.body.storage,
|
||||||
|
delete: req.body.delete
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check disk existence
|
||||||
|
const diskConfig = await getDiskInfo(params.node, params.type, params.vmid, params.disk); // get target disk
|
||||||
|
if (!diskConfig) { // exit if disk does not exist
|
||||||
|
res.status(500).send({ error: `requested disk ${params.disk} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup request
|
||||||
|
const size = parseInt(diskConfig.size); // get source disk size
|
||||||
|
const dstStorage = params.storage; // get destination storage
|
||||||
|
const request = {};
|
||||||
|
if (!params.delete) { // if not delete, then request storage, otherwise it is net 0
|
||||||
|
request[dstStorage] = Number(size); // always decrease destination storage by size
|
||||||
|
}
|
||||||
|
// check request approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Storage ${params.storage} could not fulfill request of size ${params.size}G.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// create action
|
||||||
|
let action = { storage: params.storage, delete: params.delete };
|
||||||
|
if (params.type === "qemu") {
|
||||||
|
action.disk = params.disk;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
action.volume = params.disk;
|
||||||
|
}
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
const route = params.type === "qemu" ? "move_disk" : "move_volume";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/${route}`, "POST", req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* DELETE - delete unused disk permanently
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - disk: string - disk id (unused0 or ide0)
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.delete(`/:disk/delete`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
disk: req.params.disk
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data;
|
||||||
|
// disk must exist
|
||||||
|
if (!config[params.disk]) {
|
||||||
|
res.status(403).send({ error: `Requested disk unused${params.source} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// only ide or unused are allowed to be deleted
|
||||||
|
if (!params.disk.includes("unused") && !params.disk.includes("ide")) { // must be ide or unused
|
||||||
|
res.status(500).send({ error: `Requested disk ${params.disk} must be unused or ide. Use /disk/detach to detach disks in use.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// create action
|
||||||
|
const action = JSON.stringify({ delete: params.disk });
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - create a new disk in storage of specified size
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - disk: string - disk id (sata0, ide0, NOT unused)
|
||||||
|
* - storage: string - storage to hold disk
|
||||||
|
* - size: number - size of disk in GiB
|
||||||
|
* - iso: string (optional) - file name to mount as cdrom
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:disk/create`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
disk: req.params.disk,
|
||||||
|
storage: req.body.storage,
|
||||||
|
size: req.body.size,
|
||||||
|
iso: req.body.iso
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies, null, null)).data.data;
|
||||||
|
// disk must not exist
|
||||||
|
if (config[params.disk]) {
|
||||||
|
res.status(403).send({ error: `Requested disk ${params.disk} already exists.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup request
|
||||||
|
const request = {};
|
||||||
|
if (!params.disk.includes("ide")) {
|
||||||
|
// setup request
|
||||||
|
request[params.storage] = Number(params.size * 1024 ** 3);
|
||||||
|
// check request approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Storage ${params.storage} could not fulfill request of size ${params.size}G.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// target disk must be allowed according to storage options
|
||||||
|
const resourceConfig = db.getGlobalConfig().resources;
|
||||||
|
if (!resourceConfig[params.storage].disks.some(diskPrefix => params.disk.startsWith(diskPrefix))) {
|
||||||
|
res.status(500).send({ error: `Requested target ${params.disk} is not in allowed list [${resourceConfig[params.storage].disks}].` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
let action = {};
|
||||||
|
if (params.disk.includes("ide") && params.iso) {
|
||||||
|
action[params.disk] = `${params.iso},media=cdrom`;
|
||||||
|
}
|
||||||
|
else if (params.type === "qemu") { // type is qemu, use sata
|
||||||
|
action[params.disk] = `${params.storage}:${params.size}`;
|
||||||
|
}
|
||||||
|
else { // type is lxc, use mp and add mp and backup values
|
||||||
|
action[params.disk] = `${params.storage}:${params.size},mp=/${params.disk}/,backup=1`;
|
||||||
|
}
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
180
src/routes/cluster/net.js
Normal file
180
src/routes/cluster/net.js
Normal file
@ -0,0 +1,180 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
const handleResponse = global.pve.handleResponse;
|
||||||
|
const checkAuth = global.utils.checkAuth;
|
||||||
|
const approveResources = global.utils.approveResources;
|
||||||
|
const pveAPIToken = global.db.pveAPIToken;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - create new virtual network interface
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - netid: number - network interface id number (0 => net0)
|
||||||
|
* - rate: number - new bandwidth rate for interface in MB/s
|
||||||
|
* - name: string, optional - required interface name for lxc only
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:netid/create`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
netid: req.params.netid.replace("net", ""),
|
||||||
|
rate: req.body.rate,
|
||||||
|
name: req.body.name
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken);
|
||||||
|
// net interface must not exist
|
||||||
|
if (currentConfig.data.data[`net${params.netid}`]) {
|
||||||
|
res.status(500).send({ error: `Network interface net${params.netid} already exists.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (params.type === "lxc" && !params.name) {
|
||||||
|
res.status(500).send({ error: "Network interface must have name parameter." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const request = {
|
||||||
|
network: Number(params.rate)
|
||||||
|
};
|
||||||
|
// check resource approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Could not fulfil network request of ${params.rate}MB/s.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
const nc = db.getUserConfig(req.cookies.username).templates.network[params.type];
|
||||||
|
let action = {};
|
||||||
|
if (params.type === "lxc") {
|
||||||
|
action[`net${params.netid}`] = `name=${params.name},bridge=${nc.bridge},ip=${nc.ip},ip6=${nc.ip6},tag=${nc.vlan},type=${nc.type},rate=${params.rate}`;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
action[`net${params.netid}`] = `${nc.type},bridge=${nc.bridge},tag=${nc.vlan},rate=${params.rate}`;
|
||||||
|
}
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - modify virtual network interface
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - netid: number - network interface id number (0 => net0)
|
||||||
|
* - rate: number - new bandwidth rate for interface in MB/s
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:netid/modify`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
netid: req.params.netid.replace("net", ""),
|
||||||
|
rate: req.body.rate
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken);
|
||||||
|
// net interface must already exist
|
||||||
|
if (!currentConfig.data.data[`net${params.netid}`]) {
|
||||||
|
res.status(500).send({ error: `Network interface net${params.netid} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const currentNetworkConfig = currentConfig.data.data[`net${params.netid}`];
|
||||||
|
const currentNetworkRate = currentNetworkConfig.split("rate=")[1].split(",")[0];
|
||||||
|
const request = {
|
||||||
|
network: Number(params.rate) - Number(currentNetworkRate)
|
||||||
|
};
|
||||||
|
// check resource approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Could not fulfil network request of ${params.rate}MB/s.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
let action = {};
|
||||||
|
action[`net${params.netid}`] = currentNetworkConfig.replace(`rate=${currentNetworkRate}`, `rate=${params.rate}`);
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* DELETE - delete virtual network interface
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number
|
||||||
|
* - netid: number - network interface id number (0 => net0)
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.delete(`/:netid/delete`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
netid: req.params.netid.replace("net", "")
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current config
|
||||||
|
const currentConfig = await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", null, null, pveAPIToken);
|
||||||
|
// net interface must already exist
|
||||||
|
if (!currentConfig.data.data[`net${params.netid}`]) {
|
||||||
|
res.status(500).send({ error: `Network interface net${params.netid} does not exist.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
const action = JSON.stringify({ delete: `net${params.netid}` });
|
||||||
|
const method = params.type === "qemu" ? "POST" : "PUT";
|
||||||
|
// commit action
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, method, req.cookies, action, pveAPIToken);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
278
src/routes/cluster/pci.js
Normal file
278
src/routes/cluster/pci.js
Normal file
@ -0,0 +1,278 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
const handleResponse = global.pve.handleResponse;
|
||||||
|
const getDeviceInfo = global.pve.getDeviceInfo;
|
||||||
|
const getNodeAvailDevices = global.pve.getNodeAvailDevices;
|
||||||
|
const checkAuth = global.utils.checkAuth;
|
||||||
|
const approveResources = global.utils.approveResources;
|
||||||
|
const getUserResources = global.utils.getUserResources;
|
||||||
|
const pveAPIToken = global.db.pveAPIToken;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* GET - get instance pcie device data
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number to destroy
|
||||||
|
* - hostpci: string - hostpci number
|
||||||
|
* responses:
|
||||||
|
* - 200: PVE PCI Device Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {error: string}
|
||||||
|
*/
|
||||||
|
router.get(`/:hostpci`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
hostpci: req.params.hostpci.replace("hostpci", "")
|
||||||
|
};
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check device is in instance config
|
||||||
|
const config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies)).data.data;
|
||||||
|
if (!config[`hostpci${params.hostpci}`]) {
|
||||||
|
res.status(500).send({ error: `Could not find hostpci${params.hostpci} in ${params.vmid}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const device = config[`hostpci${params.hostpci}`].split(",")[0];
|
||||||
|
// get node's pci devices
|
||||||
|
const deviceData = await getDeviceInfo(params.node, params.type, params.vmid, device);
|
||||||
|
if (!deviceData) {
|
||||||
|
res.status(500).send({ error: `Could not find hostpci${params.hostpci}=${device} in ${params.node}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
res.status(200).send(deviceData);
|
||||||
|
res.end();
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - modify existing instance pci device
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number to destroy
|
||||||
|
* - hostpci: string - hostpci number
|
||||||
|
* - device: string - new device id
|
||||||
|
* - pcie: Boolean - whether to use pci express or pci
|
||||||
|
* response:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/:hostpci/modify`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
hostpci: req.params.hostpci.replace("hostpci", ""),
|
||||||
|
device: req.body.device,
|
||||||
|
pcie: req.body.pcie
|
||||||
|
};
|
||||||
|
// check if type is qemu
|
||||||
|
if (params.type !== "qemu") {
|
||||||
|
res.status(500).send({ error: "Type must be qemu (vm)." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// force all functions
|
||||||
|
params.device = params.device.split(".")[0];
|
||||||
|
// get instance config to check if device has not changed
|
||||||
|
const config = (await requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", params.cookies, null, pveAPIToken)).data.data;
|
||||||
|
const currentDeviceData = await getDeviceInfo(params.node, params.type, params.vmid, config[`hostpci${params.hostpci}`].split(",")[0]);
|
||||||
|
if (!currentDeviceData) {
|
||||||
|
res.status(500).send({ error: `No device in hostpci${params.hostpci}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// only check user and node availability if base id is different
|
||||||
|
if (currentDeviceData.id.split(".")[0] !== params.device) {
|
||||||
|
// setup request
|
||||||
|
const deviceData = await getDeviceInfo(params.node, params.type, params.vmid, params.device);
|
||||||
|
const request = { pci: deviceData.device_name };
|
||||||
|
// check resource approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Could not fulfil request for ${deviceData.device_name}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check node availability
|
||||||
|
const nodeAvailPci = await getNodeAvailDevices(params.node, req.cookies);
|
||||||
|
if (!nodeAvailPci.some(element => element.id.split(".")[0] === params.device)) {
|
||||||
|
res.status(500).send({ error: `Device ${params.device} is already in use on ${params.node}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
let action = {};
|
||||||
|
action[`hostpci${params.hostpci}`] = `${params.device},pcie=${params.pcie}`;
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
// commit action
|
||||||
|
const rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getGlobalConfig().application.pveroot), null);
|
||||||
|
if (!(rootauth.status === 200)) {
|
||||||
|
res.status(rootauth.status).send({ auth: false, error: "API could not authenticate as root user." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const rootcookies = {
|
||||||
|
PVEAuthCookie: rootauth.data.data.ticket,
|
||||||
|
CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken
|
||||||
|
};
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - add new instance pci device
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number to destroy
|
||||||
|
* - device: string - new device id
|
||||||
|
* - pcie: Boolean - whether to use pci express or pci
|
||||||
|
* response:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.post(`/create`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
device: req.body.device,
|
||||||
|
pcie: req.body.pcie
|
||||||
|
};
|
||||||
|
// check if type is qemu
|
||||||
|
if (params.type !== "qemu") {
|
||||||
|
res.status(500).send({ error: "Type must be qemu (vm)." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// force all functions
|
||||||
|
params.device = params.device.split(".")[0];
|
||||||
|
// get instance config to find next available hostpci slot
|
||||||
|
const config = requestPVE(`/nodes/${params.node}/${params.type}/${params.vmid}/config`, "GET", params.cookies, null, null);
|
||||||
|
let hostpci = 0;
|
||||||
|
while (config[`hostpci${hostpci}`]) {
|
||||||
|
hostpci++;
|
||||||
|
}
|
||||||
|
// setup request
|
||||||
|
const deviceData = await getDeviceInfo(params.node, params.type, params.vmid, params.device);
|
||||||
|
const request = {
|
||||||
|
pci: deviceData.device_name
|
||||||
|
};
|
||||||
|
// check resource approval
|
||||||
|
if (!await approveResources(req, req.cookies.username, request)) {
|
||||||
|
res.status(500).send({ request, error: `Could not fulfil request for ${deviceData.device_name}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check node availability
|
||||||
|
const nodeAvailPci = await getNodeAvailDevices(params.node, req.cookies);
|
||||||
|
if (!nodeAvailPci.some(element => element.id.split(".")[0] === params.device)) {
|
||||||
|
res.status(500).send({ error: `Device ${params.device} is already in use on ${params.node}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
let action = {};
|
||||||
|
action[`hostpci${hostpci}`] = `${params.device},pcie=${params.pcie}`;
|
||||||
|
action = JSON.stringify(action);
|
||||||
|
// commit action
|
||||||
|
const rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getGlobalConfig().application.pveroot), null);
|
||||||
|
if (!(rootauth.status === 200)) {
|
||||||
|
res.status(rootauth.status).send({ auth: false, error: "API could not authenticate as root user." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const rootcookies = {
|
||||||
|
PVEAuthCookie: rootauth.data.data.ticket,
|
||||||
|
CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken
|
||||||
|
};
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* DELETE - delete instance pci device
|
||||||
|
* request:
|
||||||
|
* - node: string - vm host node id
|
||||||
|
* - type: string - vm type (lxc, qemu)
|
||||||
|
* - vmid: number - vm id number to destroy
|
||||||
|
* - hostpci: string - hostpci number
|
||||||
|
* response:
|
||||||
|
* - 200: PVE Task Object
|
||||||
|
* - 401: {auth: false, path: string}
|
||||||
|
* - 500: {request: Object, error: string}
|
||||||
|
* - 500: PVE Task Object
|
||||||
|
*/
|
||||||
|
router.delete(`/:hostpci/delete`, async (req, res) => {
|
||||||
|
req.params = Object.assign({}, req.routeparams, req.params);
|
||||||
|
const params = {
|
||||||
|
node: req.params.node,
|
||||||
|
type: req.params.type,
|
||||||
|
vmid: req.params.vmid,
|
||||||
|
hostpci: req.params.hostpci.replace("hostpci", "")
|
||||||
|
};
|
||||||
|
// check if type is qemu
|
||||||
|
if (params.type !== "qemu") {
|
||||||
|
res.status(500).send({ error: "Type must be qemu (vm)." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check auth for specific instance
|
||||||
|
const vmpath = `/nodes/${params.node}/${params.type}/${params.vmid}`;
|
||||||
|
const auth = await checkAuth(req.cookies, res, vmpath);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// check device is in instance config
|
||||||
|
const config = (await requestPVE(`${vmpath}/config`, "GET", req.cookies)).data.data;
|
||||||
|
if (!config[`hostpci${params.hostpci}`]) {
|
||||||
|
res.status(500).send({ error: `Could not find hostpci${params.hostpci} in ${params.vmid}.` });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// setup action
|
||||||
|
const action = JSON.stringify({ delete: `hostpci${params.hostpci}` });
|
||||||
|
// commit action, need to use root user here because proxmox api only allows root to modify hostpci for whatever reason
|
||||||
|
const rootauth = await requestPVE("/access/ticket", "POST", null, JSON.stringify(db.getGlobalConfig().application.pveroot), null);
|
||||||
|
if (!(rootauth.status === 200)) {
|
||||||
|
res.status(rootauth.status).send({ auth: false, error: "API could not authenticate as root user." });
|
||||||
|
res.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const rootcookies = {
|
||||||
|
PVEAuthCookie: rootauth.data.data.ticket,
|
||||||
|
CSRFPreventionToken: rootauth.data.data.CSRFPreventionToken
|
||||||
|
};
|
||||||
|
const result = await requestPVE(`${vmpath}/config`, "POST", rootcookies, action, null);
|
||||||
|
await handleResponse(params.node, result, res);
|
||||||
|
});
|
24
src/routes/proxmox.js
Normal file
24
src/routes/proxmox.js
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* GET - proxy proxmox api without privilege elevation
|
||||||
|
* request and responses passed through to/from proxmox
|
||||||
|
*/
|
||||||
|
router.get("/*", async (req, res) => { // proxy endpoint for GET proxmox api with no token
|
||||||
|
const path = req.url.replace("/api/proxmox", "");
|
||||||
|
const result = await requestPVE(path, "GET", req.cookies);
|
||||||
|
res.status(result.status).send(result.data);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* POST - proxy proxmox api without privilege elevation
|
||||||
|
* request and responses passed through to/from proxmox
|
||||||
|
*/
|
||||||
|
router.post("/*", async (req, res) => { // proxy endpoint for POST proxmox api with no token
|
||||||
|
const path = req.url.replace("/api/proxmox", "");
|
||||||
|
const result = await requestPVE(path, "POST", req.cookies, JSON.stringify(req.body)); // need to stringify body because of other issues
|
||||||
|
res.status(result.status).send(result.data);
|
||||||
|
});
|
264
src/routes/sync.js
Normal file
264
src/routes/sync.js
Normal file
@ -0,0 +1,264 @@
|
|||||||
|
import { WebSocketServer } from "ws";
|
||||||
|
import * as cookie from "cookie";
|
||||||
|
|
||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
const checkAuth = global.utils.checkAuth;
|
||||||
|
const db = global.db;
|
||||||
|
const pveAPIToken = global.db.pveAPIToken;
|
||||||
|
const getObjectHash = global.utils.getObjectHash;
|
||||||
|
const getTimeLeft = global.utils.getTimeLeft;
|
||||||
|
|
||||||
|
// maps usernames to socket object(s)
|
||||||
|
const userSocketMap = {};
|
||||||
|
// maps pool ids to users
|
||||||
|
const poolUserMap = {};
|
||||||
|
// maps sockets to their requested rates
|
||||||
|
const requestedRates = {};
|
||||||
|
// stores the next queued interrupt handler
|
||||||
|
let timer = null;
|
||||||
|
// previous cluster state for interrupt handler
|
||||||
|
let prevState = {};
|
||||||
|
// target ms value
|
||||||
|
let targetMSTime = null;
|
||||||
|
|
||||||
|
const schemes = db.getGlobalConfig().clientsync.schemes;
|
||||||
|
const resourceTypes = db.getGlobalConfig().clientsync.resourcetypes;
|
||||||
|
/**
|
||||||
|
* GET - get list of supported synchronization schemes
|
||||||
|
* responses:
|
||||||
|
* - 200 : {always: boolean, hash: boolean, interrupt: boolean}
|
||||||
|
*/
|
||||||
|
router.get("/schemes", async (req, res) => {
|
||||||
|
res.send(schemes);
|
||||||
|
});
|
||||||
|
|
||||||
|
if (schemes.always.enabled) {
|
||||||
|
console.log("clientsync: enabled always sync");
|
||||||
|
}
|
||||||
|
|
||||||
|
// setup hash scheme
|
||||||
|
if (schemes.hash.enabled) {
|
||||||
|
/**
|
||||||
|
* GET - get hash of current cluster resources states
|
||||||
|
* Client can use this endpoint to check for cluster state changes to avoid costly data transfers to the client.
|
||||||
|
* responses:
|
||||||
|
* - 401: {auth: false}
|
||||||
|
* - 200: string
|
||||||
|
*/
|
||||||
|
router.get("/hash", async (req, res) => {
|
||||||
|
// check auth
|
||||||
|
const auth = await checkAuth(req.cookies, res);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current cluster resources
|
||||||
|
const status = (await requestPVE("/cluster/resources", "GET", req.cookies)).data.data;
|
||||||
|
// filter out just state information of resources that are needed
|
||||||
|
const state = extractClusterState(status, resourceTypes);
|
||||||
|
res.status(200).send(getObjectHash(state));
|
||||||
|
});
|
||||||
|
console.log("clientsync: enabled hash sync");
|
||||||
|
}
|
||||||
|
|
||||||
|
// setup interupt scheme
|
||||||
|
if (schemes.interrupt.enabled) {
|
||||||
|
const wsServer = new WebSocketServer({ noServer: true, path: "/api/sync/interrupt" });
|
||||||
|
wsServer.on("connection", (socket, username, pool) => {
|
||||||
|
// add new socket to userSocketmap
|
||||||
|
if (userSocketMap[username]) {
|
||||||
|
const index = Object.keys(userSocketMap[username]).length;
|
||||||
|
userSocketMap[username][index] = socket;
|
||||||
|
socket.userIndex = index;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
userSocketMap[username] = { 0: socket };
|
||||||
|
socket.userIndex = 0;
|
||||||
|
}
|
||||||
|
// add user to associated pool in poolUserMap
|
||||||
|
if (poolUserMap[pool]) {
|
||||||
|
poolUserMap[pool][username] = true;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
poolUserMap[pool] = {};
|
||||||
|
poolUserMap[pool][username] = true;
|
||||||
|
}
|
||||||
|
// add socket entry into requestedRates
|
||||||
|
const index = Object.keys(requestedRates).length;
|
||||||
|
requestedRates[index] = Infinity;
|
||||||
|
socket.rateIndex = index;
|
||||||
|
// handle socket error
|
||||||
|
socket.on("error", console.error);
|
||||||
|
// handle socket close
|
||||||
|
socket.on("close", () => {
|
||||||
|
// remove closed socket from userSocketMap user entry
|
||||||
|
delete userSocketMap[username][socket.userIndex];
|
||||||
|
// if there are no more sockets for this user, delete the userSocketMap user entry and the poolUserMap user entry
|
||||||
|
if (Object.keys(userSocketMap[username]).length === 0) {
|
||||||
|
// delete the user entry
|
||||||
|
delete userSocketMap[username];
|
||||||
|
// remove user from poolUserMap pool entry
|
||||||
|
delete poolUserMap[pool][username];
|
||||||
|
// if the poolUserMap pool entry is empty, delete the entry
|
||||||
|
if (Object.keys(poolUserMap[pool]).length === 0) {
|
||||||
|
delete poolUserMap[pool];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// remove socket entry from requestedRates
|
||||||
|
delete requestedRates[socket.rateIndex];
|
||||||
|
if (Object.keys(requestedRates).length === 0) { // if there are no requested rates left, clear the timer
|
||||||
|
clearTimeout(timer);
|
||||||
|
timer = null;
|
||||||
|
targetMSTime = null;
|
||||||
|
}
|
||||||
|
// terminate socket
|
||||||
|
socket.terminate();
|
||||||
|
});
|
||||||
|
// handle socket incoming message
|
||||||
|
socket.on("message", (message) => {
|
||||||
|
const parsed = message.toString().split(" ");
|
||||||
|
const cmd = parsed[0];
|
||||||
|
// command is rate and the value is valid
|
||||||
|
if (cmd === "rate" && parsed[1] >= schemes.interrupt["min-rate"] && parsed[1] <= schemes.interrupt["max-rate"]) {
|
||||||
|
// get requested rate in ms
|
||||||
|
const rate = Number(parsed[1]) * 1000;
|
||||||
|
// if timer has not started, start it with requested rate
|
||||||
|
if (!timer) {
|
||||||
|
timer = setTimeout(handleInterruptSync, rate);
|
||||||
|
const time = global.process.uptime();
|
||||||
|
targetMSTime = time - Math.floor(time);
|
||||||
|
}
|
||||||
|
// otherwise, if the timer has started but the rate is lower than the current minimum
|
||||||
|
// AND if the next event trigger is more than the new rate in the future,
|
||||||
|
// restart the timer with the new rate
|
||||||
|
// avoids a large requested rate preventing a faster rate from being fulfilled
|
||||||
|
else if (rate < Math.min.apply(null, Object.values(requestedRates)) && getTimeLeft(timer) > rate) {
|
||||||
|
clearTimeout(timer);
|
||||||
|
timer = setTimeout(handleInterruptSync, rate);
|
||||||
|
const time = global.process.uptime();
|
||||||
|
targetMSTime = time - Math.floor(time);
|
||||||
|
}
|
||||||
|
// otherwise just add the rate to the list, when the next even trigger happens it will be requeued with the new requested rates
|
||||||
|
requestedRates[socket.rateIndex] = rate;
|
||||||
|
}
|
||||||
|
// command is rate but the requested value is out of bounds, terminate socket
|
||||||
|
else if (cmd === "rate") {
|
||||||
|
socket.send(`error: rate must be in range [${schemes.interrupt["min-rate"]}, ${schemes.interrupt["max-rate"]}].`);
|
||||||
|
socket.terminate();
|
||||||
|
}
|
||||||
|
// otherwise, command is invalid, terminate socket
|
||||||
|
else {
|
||||||
|
socket.send(`error: ${cmd} command not found.`);
|
||||||
|
socket.terminate();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
// handle the wss upgrade request
|
||||||
|
global.server.on("upgrade", async (req, socket, head) => {
|
||||||
|
const cookies = cookie.parse(req.headers.cookie || "");
|
||||||
|
const auth = (await requestPVE("/version", "GET", cookies)).status === 200;
|
||||||
|
if (!auth) {
|
||||||
|
socket.destroy();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
wsServer.handleUpgrade(req, socket, head, (socket) => {
|
||||||
|
const pool = db.getUserConfig(cookies.username).cluster.pool;
|
||||||
|
wsServer.emit("connection", socket, cookies.username, pool);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
const handleInterruptSync = async () => {
|
||||||
|
// queue timeout for next iteration with delay of minimum rate
|
||||||
|
const minRequestedRate = Math.min.apply(null, Object.values(requestedRates));
|
||||||
|
// if the minimum rate is not Infinity, schedule the next timer
|
||||||
|
if (minRequestedRate < Infinity) {
|
||||||
|
const time = global.process.uptime() - targetMSTime;
|
||||||
|
const delay = (time - Math.round(time)) * 1000;
|
||||||
|
timer = setTimeout(handleInterruptSync, minRequestedRate - delay);
|
||||||
|
}
|
||||||
|
// if the minimum rate is Infinity, then don't schedule anything and set timer to null
|
||||||
|
else {
|
||||||
|
timer = null;
|
||||||
|
targetMSTime = null;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get current cluster resources
|
||||||
|
const status = (await requestPVE("/cluster/resources", "GET", null, null, pveAPIToken)).data.data;
|
||||||
|
// filter out just state information of resources that are needed, and hash each one
|
||||||
|
const currState = extractClusterState(status, resourceTypes, true);
|
||||||
|
// get a map of users to send sync notifications
|
||||||
|
const syncUsers = {};
|
||||||
|
// for each current resource in the cluster, check for state changes
|
||||||
|
Object.keys(currState).forEach((resource) => {
|
||||||
|
// if the resource's current state has changed, add all relevant users to syncUsers
|
||||||
|
const resourceCurrState = currState[resource];
|
||||||
|
const resourcePrevState = prevState[resource];
|
||||||
|
// if the previous state did not exist, or the status or pool have changed, then a resource state was added or modified
|
||||||
|
if (!resourcePrevState || resourceCurrState.hash !== resourcePrevState.hash) {
|
||||||
|
// if the resource is a node, send sync to all users
|
||||||
|
if (resourceCurrState.type === "node") {
|
||||||
|
Object.keys(userSocketMap).forEach((user) => {
|
||||||
|
syncUsers[user] = true;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
// if the resource is qemu or lxc, send sync to users in the same pool if there is a pool and if the pool has users
|
||||||
|
else if (resourceCurrState.pool && poolUserMap[resourceCurrState.pool]) {
|
||||||
|
Object.keys(poolUserMap[resourceCurrState.pool]).forEach((user) => {
|
||||||
|
syncUsers[user] = true;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
// for each previous resource in the cluster, check for state changes
|
||||||
|
Object.keys(prevState).forEach((resource) => {
|
||||||
|
const resourceCurrState = currState[resource];
|
||||||
|
const resourcePrevState = prevState[resource];
|
||||||
|
// if the resource no longer exists in the current state, then it is lost or deleted
|
||||||
|
if (!resourceCurrState) {
|
||||||
|
// if the resource is a node, send sync to all users
|
||||||
|
if (resourcePrevState.type === "node") {
|
||||||
|
Object.keys(userSocketMap).forEach((user) => {
|
||||||
|
syncUsers[user] = true;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
// if the resource is qemu or lxc, send sync to users in the same pool if there is a pool and if the pool has users
|
||||||
|
else if (resourcePrevState.pool && poolUserMap[resourcePrevState.pool]) {
|
||||||
|
Object.keys(poolUserMap[resourcePrevState.pool]).forEach((user) => {
|
||||||
|
syncUsers[user] = true;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
// for each user in syncUsers, send a sync message over their registered sockets
|
||||||
|
for (const user of Object.keys(syncUsers)) {
|
||||||
|
for (const socket of Object.keys(userSocketMap[user])) {
|
||||||
|
userSocketMap[user][socket].send("sync");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// set prevState for next iteration
|
||||||
|
prevState = currState;
|
||||||
|
};
|
||||||
|
console.log("clientsync: enabled interrupt sync");
|
||||||
|
}
|
||||||
|
|
||||||
|
function extractClusterState (status, resourceTypes, hashIndividual = false) {
|
||||||
|
const state = {};
|
||||||
|
status.forEach((resource) => {
|
||||||
|
if (resourceTypes.includes(resource.type)) {
|
||||||
|
state[resource.id] = {
|
||||||
|
name: resource.name || null,
|
||||||
|
type: resource.type,
|
||||||
|
status: resource.status,
|
||||||
|
node: resource.node,
|
||||||
|
pool: resource.pool || null
|
||||||
|
};
|
||||||
|
if (hashIndividual) {
|
||||||
|
const hash = getObjectHash(state[resource.id]);
|
||||||
|
state[resource.id].hash = hash;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
return state;
|
||||||
|
}
|
76
src/routes/user.js
Normal file
76
src/routes/user.js
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
import { Router } from "express";
|
||||||
|
export const router = Router();
|
||||||
|
|
||||||
|
const requestPVE = global.pve.requestPVE;
|
||||||
|
const checkAuth = global.utils.checkAuth;
|
||||||
|
const getUserResources = global.utils.getUserResources;
|
||||||
|
const pveAPIToken = global.db.pveAPIToken;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* GET - get db user resource information including allocated, free, and maximum resource values along with resource metadata
|
||||||
|
* responses:
|
||||||
|
* - 200: {avail: Object, max: Object, used: Object, resources: Object}
|
||||||
|
* - 401: {auth: false}
|
||||||
|
*/
|
||||||
|
router.get("/dynamic/resources", async (req, res) => {
|
||||||
|
// check auth
|
||||||
|
const auth = await checkAuth(req.cookies, res);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const resources = await getUserResources(req, req.cookies.username);
|
||||||
|
res.status(200).send(resources);
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* GET - get db user configuration by key
|
||||||
|
* request:
|
||||||
|
* - key: string - user config key
|
||||||
|
* responses:
|
||||||
|
* - 200: Object
|
||||||
|
* - 401: {auth: false}
|
||||||
|
* - 401: {auth: false, error: string}
|
||||||
|
*/
|
||||||
|
router.get("/config/:key", async (req, res) => {
|
||||||
|
const params = {
|
||||||
|
key: req.params.key
|
||||||
|
};
|
||||||
|
// check auth
|
||||||
|
const auth = await checkAuth(req.cookies, res);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
const allowKeys = ["resources", "cluster", "nodes"];
|
||||||
|
if (allowKeys.includes(params.key)) {
|
||||||
|
const config = db.getUserConfig(req.cookies.username);
|
||||||
|
res.status(200).send(config[params.key]);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
res.status(401).send({ auth: false, error: `User is not authorized to access /user/config/${params.key}.` });
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
/**
|
||||||
|
* GET - get user accessible iso files
|
||||||
|
* response:
|
||||||
|
* - 200: Array.<Object>
|
||||||
|
* - 401: {auth: false}
|
||||||
|
*/
|
||||||
|
router.get("/iso", async (req, res) => {
|
||||||
|
// check auth
|
||||||
|
const auth = await checkAuth(req.cookies, res);
|
||||||
|
if (!auth) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
// get user iso config
|
||||||
|
const userIsoConfig = db.getGlobalConfig().useriso;
|
||||||
|
// get all isos
|
||||||
|
const isos = (await requestPVE(`/nodes/${userIsoConfig.node}/storage/${userIsoConfig.storage}/content?content=iso`, "GET", null, null, pveAPIToken)).data.data;
|
||||||
|
const userIsos = [];
|
||||||
|
isos.forEach((iso) => {
|
||||||
|
iso.name = iso.volid.replace(`${userIsoConfig.storage}:iso/`, "");
|
||||||
|
userIsos.push(iso);
|
||||||
|
});
|
||||||
|
userIsos.sort();
|
||||||
|
res.status(200).send(userIsos);
|
||||||
|
});
|
@ -1,7 +1,7 @@
|
|||||||
import { createHash } from "crypto";
|
import { createHash } from "crypto";
|
||||||
|
|
||||||
import { getUsedResources, requestPVE } from "./pve.js";
|
import { getUsedResources, requestPVE } from "./pve.js";
|
||||||
import { db } from "./db.js";
|
import db from "./db.js";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check if a user is authorized to access a specified vm, or the cluster in general.
|
* Check if a user is authorized to access a specified vm, or the cluster in general.
|
||||||
|
Loading…
Reference in New Issue
Block a user