elysium/minecluster
elysium/minecluster
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[FEATURE] Integrated Minecluster with Cairo & Established Gitea workflows (#12)

Browse source 
Co-authored-by: Dunemask <dunemask@gmail.com>
Reviewed-on: https://gitea.dunemask.dev/elysium/minecluster/pulls/12
This commit is contained in:
dunemask 2024-02-05 02:13:32 +00:00
parent edbfc2348a
commit 78c5b72482
30 changed files with 391 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/controllers/file-controller.js
View file

@ -6,11 +6,14 @@ import {
uploadServerItem,
} from "../k8s/server-files.js";
import { sendError } from "../util/ExpressClientError.js";
import { checkAuthorization } from "../database/queries/server-queries.js";
export async function listFiles(req, res) {
const serverSpec = req.body;
if (!serverSpec) return res.sendStatus(400);
if (!serverSpec.id) return res.status(400).send("Server id missing!");
const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
if (!authorized) return res.sendStatus(403);
listServerFiles(serverSpec)
.then((f) => {
const fileData = f.map((fi, i) => ({
@ -31,6 +34,8 @@ export async function createFolder(req, res) {
if (!serverSpec) return res.sendStatus(400);
if (!serverSpec.id) return res.status(400).send("Server id missing!");
if (!serverSpec.path) return res.status(400).send("Path required!");
const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
if (!authorized) return res.sendStatus(403);
createServerFolder(serverSpec)
.then(() => res.sendStatus(200))
.catch(sendError(res));
@ -43,6 +48,8 @@ export async function deleteItem(req, res) {
if (!serverSpec.path) return res.status(400).send("Path required!");
if (serverSpec.isDir === undefined || serverSpec.isDir === null)
return res.status(400).send("IsDIr required!");
const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
if (!authorized) return res.sendStatus(403);
removeServerItem(serverSpec)
.then(() => res.sendStatus(200))
.catch(sendError(res));
@ -52,6 +59,8 @@ export async function uploadItem(req, res) {
const serverSpec = req.body;
if (!serverSpec.id) return res.status(400).send("Server id missing!");
if (!serverSpec.path) return res.status(400).send("Path required!");
const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
if (!authorized) return res.sendStatus(403);
uploadServerItem(serverSpec, req.file)
.then(() => res.sendStatus(200))
.catch(sendError(res));
@ -61,6 +70,8 @@ export async function getItem(req, res) {
const serverSpec = req.body;
if (!serverSpec.id) return res.status(400).send("Server id missing!");
if (!serverSpec.path) return res.status(400).send("Path required!");
const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
if (!authorized) return res.sendStatus(403);
getServerItem(serverSpec, res)
.then(({ ds, ftpTransfer }) => {
ds.pipe(res).on("error", sendError(res));

18
lib/controllers/lifecycle-controller.js
View file

@ -8,6 +8,7 @@ import {
} from "../database/queries/server-queries.js";
import ExpressClientError, { sendError } from "../util/ExpressClientError.js";
import { toggleServer } from "../k8s/k8s-server-control.js";
import { checkAuthorization } from "../database/queries/server-queries.js";
const dnsRegex = new RegExp(
`^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$`,
@ -71,10 +72,13 @@ function payloadFilter(req, res) {
return "filtered";
}
function checkServerId(serverSpec) {
async function checkServerId(cairoId, serverSpec) {
if (!serverSpec) throw new ExpressClientError({ c: 400 });
if (!serverSpec.id)
throw new ExpressClientError({ c: 400, m: "Server id missing!" });
const authorized = await checkAuthorization(serverSpec.id, cairoId);
if (!authorized)
throw new ExpressClientError({ c: 403, m: "Access forbidden!" });
}
export async function createServer(req, res) {
@ -82,7 +86,7 @@ export async function createServer(req, res) {
if (backupPayloadFilter(req, res) !== "filtered") return;
const serverSpec = req.body;
try {
const serverEntry = await createServerEntry(serverSpec);
const serverEntry = await createServerEntry(req.cairoId, serverSpec);
await createServerResources(serverEntry);
res.json(serverEntry);
} catch (e) {
@ -94,7 +98,7 @@ export async function deleteServer(req, res) {
// Ensure spec is safe
const serverSpec = req.body;
try {
checkServerId(serverSpec);
await checkServerId(req.cairoId, serverSpec);
} catch (e) {
return sendError(res)(e);
}
@ -109,7 +113,7 @@ export async function startServer(req, res) {
// Ensure spec is safe
const serverSpec = req.body;
try {
checkServerId(serverSpec);
await checkServerId(req.cairoId, serverSpec);
} catch (e) {
return sendError(res)(e);
}
@ -123,7 +127,7 @@ export async function stopServer(req, res) {
// Ensure spec is safe
const serverSpec = req.body;
try {
checkServerId(serverSpec);
await checkServerId(req.cairoId, serverSpec);
} catch (e) {
return sendError(res)(e);
}
@ -137,7 +141,7 @@ export async function getServer(req, res) {
// Ensure spec is safe
const serverSpec = req.body;
try {
checkServerId(serverSpec);
await checkServerId(req.cairoId, serverSpec);
} catch (e) {
return sendError(res)(e);
}
@ -155,7 +159,7 @@ export async function modifyServer(req, res) {
if (payloadFilter(req, res) !== "filtered") return;
const serverSpec = req.body;
try {
checkServerId(serverSpec);
await checkServerId(req.cairoId, serverSpec);
const serverEntry = await modifyServerEntry(serverSpec);
// await createServerResources(serverEntry);
res.sendStatus(200);

6
lib/controllers/status-controller.js
View file

@ -1,9 +1,9 @@
import { getDeployments } from "../k8s/k8s-server-control.js";
import { getUserDeployments } from "../k8s/k8s-server-control.js";
import { getInstances } from "../k8s/server-status.js";
import { sendError } from "../util/ExpressClientError.js";
export function serverList(req, res) {
getDeployments()
getUserDeployments(req.cairoId)
.then((sd) => res.json(sd.map((s) => s.metadata.name.substring(4))))
.catch((e) => {
ERR("STATUS CONTROLLER", e);
@ -12,7 +12,7 @@ export function serverList(req, res) {
}
export function serverInstances(req, res) {
getInstances()
getInstances(req.cairoId)
.then((i) => res.json(i))
.catch(sendError(res));
}

5
lib/controllers/sub-controllers/console-controller.js
View file

@ -4,10 +4,9 @@ import { Rcon as RconClient } from "rcon-client";
import stream from "stream";
import { ERR, WARN } from "../../util/logging.js";
import { getServerEntry } from "../../database/queries/server-queries.js";
import kc from "../../k8s/k8s-config.js";
// Kubernetes Configuration
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
const k8sCore = kc.makeApiClient(k8s.CoreV1Api);
const namespace = process.env.MCL_SERVER_NAMESPACE;

1
lib/database/migrations/1_create_servers_table.sql
View file

@ -1,6 +1,7 @@
CREATE SEQUENCE servers_id_seq;
CREATE TABLE servers (
id bigint NOT NULL DEFAULT nextval('servers_id_seq') PRIMARY KEY,
owner_cairo_id bigint,
host varchar(255) DEFAULT NULL,
name varchar(255) DEFAULT NULL,
version varchar(63) DEFAULT 'latest',

23
lib/database/queries/server-queries.js
View file

@ -2,7 +2,7 @@ import pg from "../postgres.js";
import {
deleteQuery,
insertQuery,
selectWhereQuery,
selectWhereAllQuery,
updateWhereAllQuery,
} from "../pg-query.js";
import ExpressClientError from "../../util/ExpressClientError.js";
@ -12,9 +12,18 @@ const asExpressClientError = (e) => {
throw new ExpressClientError({ m: e.message, c: 409 });
};
const getMclName = (host, id) => `${host.replaceAll(".", "-")}-${id}`;
const getMclName = (host, id) =>
`${host.toLowerCase().replaceAll(".", "-")}-${id}`;
export async function createServerEntry(serverSpec) {
export async function checkAuthorization(serverId, cairoId) {
const q = selectWhereAllQuery(table, {
id: serverId,
owner_cairo_id: cairoId,
});
return (await pg.query(q)).length === 1;
}
export async function createServerEntry(cairoId, serverSpec) {
const {
name,
host,
@ -33,6 +42,7 @@ export async function createServerEntry(serverSpec) {
var q = insertQuery(table, {
name,
owner_cairo_id: cairoId,
host,
version,
server_type,
@ -52,6 +62,7 @@ export async function createServerEntry(serverSpec) {
const entries = await pg.query(q);
const {
id,
owner_cairo_id: ownerCairoId,
name,
host,
version,
@ -72,6 +83,7 @@ export async function createServerEntry(serverSpec) {
name,
mclName,
id,
ownerCairoId,
host,
version,
serverType,
@ -99,7 +111,7 @@ export async function deleteServerEntry(serverId) {
export async function getServerEntry(serverId) {
if (!serverId) asExpressClientError({ message: "Server ID Required!" });
const q = selectWhereQuery(table, { id: serverId });
const q = selectWhereAllQuery(table, { id: serverId });
try {
const serverSpecs = await pg.query(q);
if (serverSpecs.length === 0) return [];
@ -107,6 +119,7 @@ export async function getServerEntry(serverId) {
throw Error("Multiple servers found with the same name!");
const {
id,
owner_cairo_id: ownerCairoId,
name,
host,
version,
@ -127,6 +140,7 @@ export async function getServerEntry(serverId) {
name,
mclName,
id,
ownerCairoId,
host,
version,
serverType,
@ -149,6 +163,7 @@ export async function getServerEntry(serverId) {
export async function modifyServerEntry(serverSpec) {
const {
id,
// ownerCairoId: owner_cairo_id, // DIsabled! If these becomes a reqest, please create a new function!
name,
host,
version,

12
lib/k8s/k8s-config.js Normal file
View file

@ -0,0 +1,12 @@
import k8s from "@kubernetes/client-node";
const MCL_KUBECONFIG = process.env.MCL_KUBECONFIG;
const envConfig = MCL_KUBECONFIG ? MCL_KUBECONFIG : null;
const kc = new k8s.KubeConfig();
try {
if (!!envConfig)
kc.loadFromString(Buffer.from(envConfig, "base64").toString("utf8"));
else kc.loadFromDefault();
} catch (e) {
kc.loadFromDefault();
}
export default kc;

18
lib/k8s/k8s-server-control.js
View file

@ -7,8 +7,8 @@ import {
getCoreServerContainer,
getBackupContainer,
} from "./server-containers.js";
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
import { checkAuthorization } from "../database/queries/server-queries.js";
import kc from "./k8s-config.js";
const k8sDeps = kc.makeApiClient(k8s.AppsV1Api);
const k8sCore = kc.makeApiClient(k8s.CoreV1Api);
@ -25,6 +25,20 @@ const mineclusterManaged = (o) =>
export const serverMatch = (serverId) => (o) =>
o.metadata.annotations["minecluster.dunemask.net/id"] === serverId;
export const cairoMatch = (cairoId) => (o) =>
checkAuthorization(
o.metadata.annotations["minecluster.dunemask.net/id"],
cairoId,
);
export async function getUserDeployments(cairoId) {
const authFIlter = cairoMatch(cairoId);
const allDeployments = await getDeployments();
const authChecks = allDeployments.map(authFIlter);
const authorizations = await Promise.all(authChecks);
return allDeployments.filter((_d, i) => authorizations[i]);
}
export async function getDeployments() {
const deploymentRes = await k8sDeps.listNamespacedDeployment(namespace);
const serverDeployments = deploymentRes.body.items.filter(mineclusterManaged);

3
lib/k8s/server-create.js
View file

@ -11,8 +11,7 @@ import {
getBackupContainer,
} from "./server-containers.js";
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
import kc from "./k8s-config.js";
const k8sDeps = kc.makeApiClient(k8s.AppsV1Api);
const k8sCore = kc.makeApiClient(k8s.CoreV1Api);
const namespace = process.env.MCL_SERVER_NAMESPACE;

3
lib/k8s/server-delete.js
View file

@ -2,8 +2,7 @@ import k8s from "@kubernetes/client-node";
import { ERR } from "../util/logging.js";
import { getServerAssets } from "./k8s-server-control.js";
import ExpressClientError from "../util/ExpressClientError.js";
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
import kc from "./k8s-config.js";
const k8sDeps = kc.makeApiClient(k8s.AppsV1Api);
const k8sCore = kc.makeApiClient(k8s.CoreV1Api);

9
lib/k8s/server-status.js
View file

@ -1,8 +1,7 @@
import k8s from "@kubernetes/client-node";
import { getDeployments } from "./k8s-server-control.js";
import { getUserDeployments } from "./k8s-server-control.js";
import { getServerEntries } from "../database/queries/server-queries.js";
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
import kc from "./k8s-config.js";
const k8sMetrics = new k8s.Metrics(kc);
const namespace = process.env.MCL_SERVER_NAMESPACE;
@ -42,9 +41,9 @@ function getServerStatus(server) {
return { serverAvailable, ftpAvailable, services, deploymentAvailable };
}
export async function getInstances() {
export async function getInstances(cairoId) {
const [serverDeployments, podMetricsRes, entries] = await Promise.all([
getDeployments(),
getUserDeployments(cairoId),
k8sMetrics.getPodMetrics(namespace),
getServerEntries(),
]);

16
lib/routes/auth-route.js Normal file
View file

@ -0,0 +1,16 @@
import { Router } from "express";
import cairoAuthMiddleware from "./middlewares/auth-middleware.js";
const router = Router();
const ok = (_r, res) => res.sendStatus(200);
function cairoRedirect(req, res) {
res.redirect(
`${process.env.MCL_CAIRO_URL}/cairo/auth?redirectUri=${req.query.redirectUri}`,
);
}
router.get("/verify", cairoAuthMiddleware, ok);
router.get("/redirect", cairoRedirect);
export default router;

4
lib/routes/files-route.js
View file

@ -8,8 +8,10 @@ import {
getItem,
} from "../controllers/file-controller.js";
import cairoAuthMiddleware from "./middlewares/auth-middleware.js";
const router = Router();
router.use(jsonMiddleware());
router.use([jsonMiddleware(), cairoAuthMiddleware]);
const multerMiddleware = multer();
router.post("/list", listFiles);

33
lib/routes/middlewares/auth-middleware.js Normal file
View file

@ -0,0 +1,33 @@
// Imports
import { Router } from "express";
import bearerTokenMiddleware from "express-bearer-token";
import { ERR, VERB } from "../../util/logging.js";
// Constants
const { MCL_CAIRO_URL } = process.env;
const cairoAuthMiddleware = Router();
const cairoAuthenticate = async (token) => {
const config = { headers: { Authorization: `Bearer ${token}` } };
return fetch(`${MCL_CAIRO_URL}/api/user/info`, config).then((res) =>
res.json(),
);
};
// Middleware
const cairoAuthHandler = (req, res, next) => {
if (!req.token) return res.status(401).send("Cairo auth required!");
VERB("AUTH", `${MCL_CAIRO_URL}/api/user/info`);
cairoAuthenticate(req.token)
.then((authData) => (req.cairoId = authData.id))
.then(() => next())
.catch((err) => {
ERR("AUTH", err.response ? err.response.data : err.message);
if (!err.response) return res.status(500).send(`Auth failure ${err}`);
return res.status(err.response.status).send(err.response.data);
});
};
cairoAuthMiddleware.use([bearerTokenMiddleware(), cairoAuthHandler]);
export default cairoAuthMiddleware;

5
lib/routes/server-route.js
View file

@ -11,8 +11,11 @@ import {
serverInstances,
serverList,
} from "../controllers/status-controller.js";
import cairoAuthMiddleware from "./middlewares/auth-middleware.js";
const router = Router();
router.use(jsonMiddleware());
router.use([jsonMiddleware(), cairoAuthMiddleware]);
// Routes
router.post("/create", createServer);
router.delete("/delete", deleteServer);

7
lib/routes/system-route.js
View file

@ -1,9 +1,12 @@
import { Router } from "express";
import k8s from "@kubernetes/client-node";
import { WARN } from "../util/logging.js";
import kc from "../k8s/k8s-config.js";
const router = Router();
const kc = new k8s.KubeConfig();
kc.loadFromDefault();
import cairoAuthMiddleware from "./middlewares/auth-middleware.js";
router.use(cairoAuthMiddleware);
const k8sApi = kc.makeApiClient(k8s.CoreV1Api);
// Get Routes
router.get("/available", (req, res) => {

2
lib/server/router.js
View file

@ -3,6 +3,7 @@ import express from "express";
// Routes
import vitals from "../routes/vitals-route.js";
import authRoute from "../routes/auth-route.js";
import systemRoute from "../routes/system-route.js";
import serverRoute from "../routes/server-route.js";
import filesRoute from "../routes/files-route.js";
@ -22,6 +23,7 @@ export default function buildRoutes(pg, skio) {
// Middlewares
// Routes
router.use("/api/auth", authRoute);
router.use("/api/system", systemRoute);
router.use("/api/server", serverRoute);
router.use("/api/files", filesRoute);