import db from "@server/db"; import { emailVerificationCodes, passwordResetTokens, resourceOtp, resources, resourceWhitelist, targets, userInvites, users } from "@server/db/schema"; import { APP_PATH, configFilePath1, configFilePath2 } from "@server/lib/consts"; import { eq, sql } from "drizzle-orm"; import fs from "fs"; import yaml from "js-yaml"; import path from "path"; import { z } from "zod"; import { fromZodError } from "zod-validation-error"; export default async function migration() { console.log("Running setup script 1.0.0-beta.9..."); await db.transaction(async (trx) => { try { // Determine which config file exists const filePaths = [configFilePath1, configFilePath2]; let filePath = ""; for (const path of filePaths) { if (fs.existsSync(path)) { filePath = path; break; } } if (!filePath) { throw new Error( `No config file found (expected config.yml or config.yaml).` ); } // Read and parse the YAML file let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); rawConfig = yaml.load(fileContents); rawConfig.server.resource_session_request_param = "p_session_request"; rawConfig.server.session_cookie_name = "p_session_token"; // rename to prevent conflicts delete rawConfig.server.resource_session_cookie_name; // Write the updated YAML back to the file const updatedYaml = yaml.dump(rawConfig); fs.writeFileSync(filePath, updatedYaml, "utf8"); } catch (e) { console.log( `Failed to add resource_session_request_param to config. Please add it manually. https://docs.fossorial.io/Pangolin/Configuration/config` ); trx.rollback(); return; } try { const traefikPath = path.join( APP_PATH, "traefik", "traefik_config.yml" ); // Define schema for traefik config validation const schema = z.object({ entryPoints: z .object({ websecure: z .object({ address: z.string(), transport: z .object({ respondingTimeouts: z.object({ readTimeout: z.string() }) }) .optional() }) .optional() }) .optional(), experimental: z.object({ plugins: z.object({ badger: z.object({ moduleName: z.string(), version: z.string() }) }) }) }); const traefikFileContents = fs.readFileSync(traefikPath, "utf8"); const traefikConfig = yaml.load(traefikFileContents) as any; const parsedConfig = schema.safeParse(traefikConfig); if (parsedConfig.success) { // Ensure websecure entrypoint exists if (traefikConfig.entryPoints?.websecure) { // Add transport configuration traefikConfig.entryPoints.websecure.transport = { respondingTimeouts: { readTimeout: "30m" } }; } traefikConfig.experimental.plugins.badger.version = "v1.0.0-beta.3"; const updatedTraefikYaml = yaml.dump(traefikConfig); fs.writeFileSync(traefikPath, updatedTraefikYaml, "utf8"); console.log( "Updated the version of Badger in your Traefik configuration to v1.0.0-beta.3 and added readTimeout to websecure entrypoint in your Traefik configuration.." ); } else { console.log(fromZodError(parsedConfig.error)); console.log( "We were unable to update the version of Badger in your Traefik configuration. Please update it manually to at least v1.0.0-beta.3. https://github.com/fosrl/badger" ); } } catch (e) { console.log( "We were unable to update the version of Badger in your Traefik configuration. Please update it manually to at least v1.0.0-beta.3. https://github.com/fosrl/badger" ); trx.rollback(); return; } trx.run(sql`UPDATE ${users} SET email = LOWER(email);`); trx.run( sql`UPDATE ${emailVerificationCodes} SET email = LOWER(email);` ); trx.run(sql`UPDATE ${passwordResetTokens} SET email = LOWER(email);`); trx.run(sql`UPDATE ${userInvites} SET email = LOWER(email);`); trx.run(sql`UPDATE ${resourceWhitelist} SET email = LOWER(email);`); trx.run(sql`UPDATE ${resourceOtp} SET email = LOWER(email);`); const resourcesAll = await trx .select({ resourceId: resources.resourceId, fullDomain: resources.fullDomain, subdomain: resources.subdomain }) .from(resources); trx.run(`DROP INDEX resources_fullDomain_unique;`); trx.run(`ALTER TABLE resources DROP COLUMN fullDomain; `); trx.run(`ALTER TABLE resources DROP COLUMN subdomain; `); trx.run(sql`ALTER TABLE resources ADD COLUMN fullDomain TEXT; `); trx.run(sql`ALTER TABLE resources ADD COLUMN subdomain TEXT; `); trx.run(sql`ALTER TABLE resources ADD COLUMN http INTEGER DEFAULT true NOT NULL; `); trx.run(sql`ALTER TABLE resources ADD COLUMN protocol TEXT DEFAULT 'tcp' NOT NULL; `); trx.run(sql`ALTER TABLE resources ADD COLUMN proxyPort INTEGER; `); // write the new fullDomain and subdomain values back to the database for (const resource of resourcesAll) { await trx .update(resources) .set({ fullDomain: resource.fullDomain, subdomain: resource.subdomain }) .where(eq(resources.resourceId, resource.resourceId)); } const targetsAll = await trx .select({ targetId: targets.targetId, method: targets.method }) .from(targets); trx.run(`ALTER TABLE targets DROP COLUMN method; `); trx.run(`ALTER TABLE targets DROP COLUMN protocol; `); trx.run(sql`ALTER TABLE targets ADD COLUMN method TEXT; `); // write the new method and protocol values back to the database for (const target of targetsAll) { await trx .update(targets) .set({ method: target.method }) .where(eq(targets.targetId, target.targetId)); } trx.run( sql`ALTER TABLE 'resourceSessions' ADD 'isRequestToken' integer;` ); trx.run( sql`ALTER TABLE 'resourceSessions' ADD 'userSessionId' text REFERENCES session(id);` ); }); console.log("Done."); }