mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-16 07:28:06 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Clean up and add target manipulation

Browse source
This commit is contained in:
Owen Schwartz 2025-02-01 18:36:12 -05:00
parent 962c5fb886
commit b5420a40ab
No known key found for this signature in database
GPG key ID: 8271FDFFD9E0CCBD
9 changed files with 172 additions and 87 deletions
Download patch file Download diff file Expand all files Collapse all files

16
server/routers/gerbil/getConfig.ts
View file

@ -11,6 +11,7 @@ import config from "@server/lib/config";
import { getUniqueExitNodeEndpointName } from '@server/db/names'; import { getUniqueExitNodeEndpointName } from '@server/db/names';
import { findNextAvailableCidr } from "@server/lib/ip"; import { findNextAvailableCidr } from "@server/lib/ip";
import { fromError } from 'zod-validation-error'; import { fromError } from 'zod-validation-error';
import { getAllowedIps } from '../target/helpers';
// Define Zod schema for request validation // Define Zod schema for request validation
const getConfigSchema = z.object({ const getConfigSchema = z.object({
publicKey: z.string(), publicKey: z.string(),
@ -83,22 +84,9 @@ export async function getConfig(req: Request, res: Response, next: NextFunction)
}); });
const peers = await Promise.all(sitesRes.map(async (site) => { const peers = await Promise.all(sitesRes.map(async (site) => {
// Fetch resources for this site
const resourcesRes = await db.query.resources.findMany({
where: eq(resources.siteId, site.siteId),
});
// Fetch targets for all resources of this site
const targetIps = await Promise.all(resourcesRes.map(async (resource) => {
const targetsRes = await db.query.targets.findMany({
where: eq(targets.resourceId, resource.resourceId),
});
return targetsRes.map(target => `${target.ip}/32`);
}));
return { return {
publicKey: site.pubKey, publicKey: site.pubKey,
allowedIps: targetIps.flat(), allowedIps: await getAllowedIps(site.siteId)
}; };
})); }));

8
server/routers/newt/targets.ts
View file

@ -1,11 +1,11 @@
import { Target } from "@server/db/schema"; import { Target } from "@server/db/schema";
import { sendToClient } from "../ws"; import { sendToClient } from "../ws";
export async function addTargets( export function addTargets(
newtId: string, newtId: string,
targets: Target[], targets: Target[],
protocol: string protocol: string
): Promise<void> { ) {
//create a list of udp and tcp targets //create a list of udp and tcp targets
const payloadTargets = targets.map((target) => { const payloadTargets = targets.map((target) => {
return `${target.internalPort ? target.internalPort + ":" : ""}${ return `${target.internalPort ? target.internalPort + ":" : ""}${
@ -22,11 +22,11 @@ export async function addTargets(
sendToClient(newtId, payload); sendToClient(newtId, payload);
} }
export async function removeTargets( export function removeTargets(
newtId: string, newtId: string,
targets: Target[], targets: Target[],
protocol: string protocol: string
): Promise<void> { ) {
//create a list of udp and tcp targets //create a list of udp and tcp targets
const payloadTargets = targets.map((target) => { const payloadTargets = targets.map((target) => {
return `${target.internalPort ? target.internalPort + ":" : ""}${ return `${target.internalPort ? target.internalPort + ":" : ""}${

19
server/routers/resource/deleteResource.ts
View file

@ -10,6 +10,7 @@ import logger from "@server/logger";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import { addPeer } from "../gerbil/peers"; import { addPeer } from "../gerbil/peers";
import { removeTargets } from "../newt/targets"; import { removeTargets } from "../newt/targets";
import { getAllowedIps } from "../target/helpers";
// Define Zod schema for request parameters validation // Define Zod schema for request parameters validation
const deleteResourceSchema = z const deleteResourceSchema = z
@ -75,25 +76,9 @@ export async function deleteResource(
if (site.pubKey) { if (site.pubKey) {
if (site.type == "wireguard") { if (site.type == "wireguard") {
// TODO: is this all inefficient?
// Fetch resources for this site
const resourcesRes = await db.query.resources.findMany({
where: eq(resources.siteId, site.siteId)
});
// Fetch targets for all resources of this site
const targetIps = await Promise.all(
resourcesRes.map(async (resource) => {
const targetsRes = await db.query.targets.findMany({
where: eq(targets.resourceId, resource.resourceId)
});
return targetsRes.map((target) => `${target.ip}/32`);
})
);
await addPeer(site.exitNodeId!, { await addPeer(site.exitNodeId!, {
publicKey: site.pubKey, publicKey: site.pubKey,
allowedIps: targetIps.flat() allowedIps: await getAllowedIps(site.siteId)
}); });
} else if (site.type == "newt") { } else if (site.type == "newt") {
// get the newt on the site by querying the newt table for siteId // get the newt on the site by querying the newt table for siteId

110
server/routers/resource/transferResource.ts
View file

@ -1,13 +1,16 @@
import { Request, Response, NextFunction } from "express"; import { Request, Response, NextFunction } from "express";
import { z } from "zod"; import { z } from "zod";
import { db } from "@server/db"; import { db } from "@server/db";
import { resources } from "@server/db/schema"; import { newts, resources, sites, targets } from "@server/db/schema";
import { eq } from "drizzle-orm"; import { eq } from "drizzle-orm";
import response from "@server/lib/response"; import response from "@server/lib/response";
import HttpCode from "@server/types/HttpCode"; import HttpCode from "@server/types/HttpCode";
import createHttpError from "http-errors"; import createHttpError from "http-errors";
import logger from "@server/logger"; import logger from "@server/logger";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import { addPeer } from "../gerbil/peers";
import { addTargets, removeTargets } from "../newt/targets";
import { getAllowedIps } from "../target/helpers";
const transferResourceParamsSchema = z const transferResourceParamsSchema = z
.object({ .object({
@ -53,6 +56,60 @@ export async function transferResource(
const { resourceId } = parsedParams.data; const { resourceId } = parsedParams.data;
const { siteId } = parsedBody.data; const { siteId } = parsedBody.data;
const [oldResource] = await db
.select()
.from(resources)
.where(eq(resources.resourceId, resourceId))
.limit(1);
if (!oldResource) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`Resource with ID ${resourceId} not found`
)
);
}
if (oldResource.siteId === siteId) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
`Resource is already assigned to site with ID ${siteId}`
)
);
}
const [newSite] = await db
.select()
.from(sites)
.where(eq(sites.siteId, siteId))
.limit(1);
if (!newSite) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`Site with ID ${siteId} not found`
)
);
}
const [oldSite] = await db
.select()
.from(sites)
.where(eq(sites.siteId, oldResource.siteId))
.limit(1);
if (!oldSite) {
return next(
createHttpError(
HttpCode.NOT_FOUND,
`Site with ID ${oldResource.siteId} not found`
)
);
}
const [updatedResource] = await db const [updatedResource] = await db
.update(resources) .update(resources)
.set({ siteId }) .set({ siteId })
@ -68,6 +125,57 @@ export async function transferResource(
); );
} }
const resourceTargets = await db
.select()
.from(targets)
.where(eq(targets.resourceId, resourceId));
if (resourceTargets.length > 0) {
////// REMOVE THE TARGETS FROM THE OLD SITE //////
if (oldSite.pubKey) {
if (oldSite.type == "wireguard") {
await addPeer(oldSite.exitNodeId!, {
publicKey: oldSite.pubKey,
allowedIps: await getAllowedIps(oldSite.siteId)
});
} else if (oldSite.type == "newt") {
const [newt] = await db
.select()
.from(newts)
.where(eq(newts.siteId, oldSite.siteId))
.limit(1);
removeTargets(
newt.newtId,
resourceTargets,
updatedResource.protocol
);
}
}
////// ADD THE TARGETS TO THE NEW SITE //////
if (newSite.pubKey) {
if (newSite.type == "wireguard") {
await addPeer(newSite.exitNodeId!, {
publicKey: newSite.pubKey,
allowedIps: await getAllowedIps(newSite.siteId)
});
} else if (newSite.type == "newt") {
const [newt] = await db
.select()
.from(newts)
.where(eq(newts.siteId, newSite.siteId))
.limit(1);
addTargets(
newt.newtId,
resourceTargets,
updatedResource.protocol
);
}
}
}
return response(res, { return response(res, {
data: updatedResource, data: updatedResource,
success: true, success: true,

2
server/routers/target/createTarget.ts
View file

@ -11,7 +11,7 @@ import { isIpInCidr } from "@server/lib/ip";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import { addTargets } from "../newt/targets"; import { addTargets } from "../newt/targets";
import { eq } from "drizzle-orm"; import { eq } from "drizzle-orm";
import { pickPort } from "./ports"; import { pickPort } from "./helpers";
// Regular expressions for validation // Regular expressions for validation
const DOMAIN_REGEX = const DOMAIN_REGEX =

19
server/routers/target/deleteTarget.ts
View file

@ -10,6 +10,7 @@ import logger from "@server/logger";
import { addPeer } from "../gerbil/peers"; import { addPeer } from "../gerbil/peers";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import { removeTargets } from "../newt/targets"; import { removeTargets } from "../newt/targets";
import { getAllowedIps } from "./helpers";
const deleteTargetSchema = z const deleteTargetSchema = z
.object({ .object({
@ -80,25 +81,9 @@ export async function deleteTarget(
if (site.pubKey) { if (site.pubKey) {
if (site.type == "wireguard") { if (site.type == "wireguard") {
// TODO: is this all inefficient?
// Fetch resources for this site
const resourcesRes = await db.query.resources.findMany({
where: eq(resources.siteId, site.siteId)
});
// Fetch targets for all resources of this site
const targetIps = await Promise.all(
resourcesRes.map(async (resource) => {
const targetsRes = await db.query.targets.findMany({
where: eq(targets.resourceId, resource.resourceId)
});
return targetsRes.map((target) => `${target.ip}/32`);
})
);
await addPeer(site.exitNodeId!, { await addPeer(site.exitNodeId!, {
publicKey: site.pubKey, publicKey: site.pubKey,
allowedIps: targetIps.flat() allowedIps: await getAllowedIps(site.siteId)
}); });
} else if (site.type == "newt") { } else if (site.type == "newt") {
// get the newt on the site by querying the newt table for siteId // get the newt on the site by querying the newt table for siteId

18
server/routers/target/ports.ts → server/routers/target/helpers.ts
View file

@ -46,3 +46,21 @@ export async function pickPort(siteId: number): Promise<{
return { internalPort, targetIps }; return { internalPort, targetIps };
} }
export async function getAllowedIps(siteId: number) {
// TODO: is this all inefficient?
const resourcesRes = await db.query.resources.findMany({
where: eq(resources.siteId, siteId)
});
// Fetch targets for all resources of this site
const targetIps = await Promise.all(
resourcesRes.map(async (resource) => {
const targetsRes = await db.query.targets.findMany({
where: eq(targets.resourceId, resource.resourceId)
});
return targetsRes.map((target) => `${target.ip}/32`);
})
);
return targetIps.flat();
}

2
server/routers/target/updateTarget.ts
View file

@ -10,7 +10,7 @@ import logger from "@server/logger";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import { addPeer } from "../gerbil/peers"; import { addPeer } from "../gerbil/peers";
import { addTargets } from "../newt/targets"; import { addTargets } from "../newt/targets";
import { pickPort } from "./ports"; import { pickPort } from "./helpers";
// Regular expressions for validation // Regular expressions for validation
const DOMAIN_REGEX = const DOMAIN_REGEX =

31
src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx
View file

@ -19,7 +19,7 @@ import {
CommandEmpty, CommandEmpty,
CommandGroup, CommandGroup,
CommandInput, CommandInput,
CommandItem, CommandItem
} from "@/components/ui/command"; } from "@/components/ui/command";
import { cn } from "@app/lib/cn"; import { cn } from "@app/lib/cn";
import { import {
@ -144,7 +144,8 @@ export default function GeneralForm() {
async function onSubmit(data: GeneralFormValues) { async function onSubmit(data: GeneralFormValues) {
setSaveLoading(true); setSaveLoading(true);
api.post<AxiosResponse<GetResourceAuthInfoResponse>>( const res = await api
.post<AxiosResponse<GetResourceAuthInfoResponse>>(
`resource/${resource?.resourceId}`, `resource/${resource?.resourceId}`,
{ {
name: data.name, name: data.name,
@ -161,24 +162,24 @@ export default function GeneralForm() {
"An error occurred while updating the resource" "An error occurred while updating the resource"
) )
}); });
}) });
.then(() => {
if (res && res.status === 200) {
toast({ toast({
title: "Resource updated", title: "Resource updated",
description: "The resource has been updated successfully" description: "The resource has been updated successfully"
}); });
updateResource({ name: data.name, subdomain: data.subdomain }); updateResource({ name: data.name, subdomain: data.subdomain });
}
router.refresh(); setSaveLoading(false);
})
.finally(() => setSaveLoading(false));
} }
async function onTransfer(data: TransferFormValues) { async function onTransfer(data: TransferFormValues) {
setTransferLoading(true); setTransferLoading(true);
api.post(`resource/${resource?.resourceId}/transfer`, { const res = await api
.post(`resource/${resource?.resourceId}/transfer`, {
siteId: data.siteId siteId: data.siteId
}) })
.catch((e) => { .catch((e) => {
@ -190,16 +191,16 @@ export default function GeneralForm() {
"An error occurred while transferring the resource" "An error occurred while transferring the resource"
) )
}); });
}) });
.then(() => {
if (res && res.status === 200) {
toast({ toast({
title: "Resource transferred", title: "Resource transferred",
description: description: "The resource has been transferred successfully"
"The resource has been transferred successfully"
}); });
router.refresh(); router.refresh();
}) }
.finally(() => setTransferLoading(false)); setTransferLoading(false);
} }
return ( return (