diff --git a/build-images.sh b/build-images.sh index 167c0eee..8eedf60c 100644 --- a/build-images.sh +++ b/build-images.sh @@ -133,11 +133,11 @@ container=$(buildah from scratch) # Reuse existing nodebuilder-webtop container, to speed up builds if ! buildah containers --format "{{.ContainerName}}" | grep -q nodebuilder-webtop; then echo "Pulling NodeJS runtime..." - buildah from --name nodebuilder-webtop -v "${PWD}:/usr/src:Z" docker.io/library/node:lts + buildah from --name nodebuilder-webtop -v "${PWD}:/usr/src:Z" docker.io/library/node:18-slim fi echo "Build static UI files with node..." -buildah run nodebuilder-webtop sh -c "cd /usr/src/ui && yarn install && yarn build" +buildah run --env="NODE_OPTIONS=--openssl-legacy-provider" nodebuilder-webtop sh -c "cd /usr/src/ui && yarn install && yarn build" # Add imageroot directory to the container image buildah add "${container}" imageroot /imageroot diff --git a/imageroot/actions/configure-module/10start_service b/imageroot/actions/configure-module/10start_service new file mode 100755 index 00000000..439a11a0 --- /dev/null +++ b/imageroot/actions/configure-module/10start_service @@ -0,0 +1,41 @@ +#!/bin/bash + +# +# Copyright (C) 2022 Nethesis S.r.l. +# http://www.nethesis.it - nethserver@nethesis.it +# +# This script is part of NethServer. +# +# NethServer is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, +# or any later version. +# +# NethServer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with NethServer. If not, see COPYING. +# +# Redirect any output to the journal (stderr) + +set -e + +exec 1>&2 + +systemctl --user start postgres + +podman exec -i postgres sh -s <<'EOF' +query="SELECT EXISTS ( SELECT * FROM pg_tables WHERE schemaname = 'core' AND tablename = 'settings');" +psql -q -U postgres webtop5 -tA -c "$query" 2> /dev/null | grep -q t +db_check=$? +c=10 +while [ "$db_check" -ne 0 -o $c -eq 0 ]; do + sleep 1s + psql -q -U postgres webtop5 -tA -c "$query" 2> /dev/null | grep -q t + db_check=$? + c=$(expr $c - 1 ) +done +EOF diff --git a/imageroot/actions/configure-module/20config b/imageroot/actions/configure-module/20config new file mode 100755 index 00000000..14a4d9f2 --- /dev/null +++ b/imageroot/actions/configure-module/20config @@ -0,0 +1,87 @@ +#!/usr/bin/env python3 + +# +# Copyright (C) 2022 Nethesis S.r.l. +# http://www.nethesis.it - nethserver@nethesis.it +# +# This script is part of NethServer. +# +# NethServer is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, +# or any later version. +# +# NethServer is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with NethServer. If not, see COPYING. +# + +# +# Create a virtual host configuration +# Input example: +# {"instance": "module1", "url": "http://127.0.0.0:2000", "path": "/foo", "http2https": true} +# + +import json +import sys +import os +import agent +import subprocess + +# Try to parse the stdin as JSON. +# If parsing fails, output everything to stderr +data = json.load(sys.stdin) + +agent_id = os.getenv("AGENT_ID", "") +if not agent_id: + raise Exception("AGENT_ID not found inside the environemnt") + +# Connect to redis +r = agent.redis_connect(privileged=True).pipeline() + +restart_webapp = False + +webtop_request_https_certificate = os.environ["WEBTOP_REQUEST_HTTPS_CERTIFICATE"].lower() in ('true', '1', 't') +if data.get("request_https_certificate") is not None: + if data.get("request_https_certificate") != webtop_request_https_certificate: + webtop_request_https_certificate = data["request_https_certificate"] + agent.set_env("WEBTOP_REQUEST_HTTPS_CERTIFICATE", data["request_https_certificate"]) + +# Configure Traefik to route WebTop's host requests to the webtop module +response = agent.tasks.run( + agent_id=agent.resolve_agent_id('traefik@node'), + action='set-route', + data={ + 'instance': os.environ['MODULE_ID'], + 'url': 'http://127.0.0.1:' + os.environ["TCP_PORT"], + 'http2https': True, + 'lets_encrypt': webtop_request_https_certificate, + 'host': data["hostname"], + }, +) +# Check if traefik configuration has been successfull +agent.assert_exp(response['exit_code'] == 0) + +if data["hostname"] != os.getenv("WEBTOP_HOSTNAME"): + + public_url = 'https://' + data["hostname"] + '/webtop' + dav_url = 'https://' + data["hostname"] + '/webtop-dav/server.php' + + with subprocess.Popen(['podman', 'exec', '-i', 'postgres', 'psql', '-U', 'postgres', 'webtop5'], stdin=subprocess.PIPE, text=True) as psql: + print("DELETE FROM \"core\".\"settings\" WHERE service_id = 'com.sonicle.webtop.core' and key = 'public.url';\n", file=psql.stdin) + print("INSERT INTO \"core\".\"settings\" (\"service_id\", \"key\", \"value\") VALUES ('com.sonicle.webtop.core', 'public.url', \'" + public_url + "\');\n", file=psql.stdin) + + print("DELETE FROM \"core\".\"settings\" WHERE service_id = 'com.sonicle.webtop.core' and key = 'davserver.url';\n", file=psql.stdin) + print("INSERT INTO \"core\".\"settings\" (\"service_id\", \"key\", \"value\") VALUES ('com.sonicle.webtop.core', 'davserver.url',\'" + dav_url + "\');\n", file=psql.stdin) + + agent.assert_exp(psql.returncode == 0) # check the command is succesfull + + agent.set_env("WEBTOP_HOSTNAME", data["hostname"]) + restart_webapp = True + +if restart_webapp: + agent.run_helper("systemctl", "--user", "restart", "webapp").check_returncode() diff --git a/imageroot/actions/create-module/80start_services b/imageroot/actions/configure-module/80enable_service similarity index 100% rename from imageroot/actions/create-module/80start_services rename to imageroot/actions/configure-module/80enable_service diff --git a/imageroot/actions/configure-module/validate-input.json b/imageroot/actions/configure-module/validate-input.json new file mode 100644 index 00000000..4948358a --- /dev/null +++ b/imageroot/actions/configure-module/validate-input.json @@ -0,0 +1,31 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "configure-module input", + "$id": "http://schema.nethserver.org/webtop/configure-route-input.json", + "description": "Configure webtop", + "examples": [ + { + "hostname": "example.com" + }, + { + "hostname": "example.com", + "request_https_certificate": true + } + ], + "type": "object", + "required": ["hostname"], + "properties": { + "hostname": { + "type": "string", + "format": "hostname", + "title": "Hostname of the WebTop instance", + "examples": [ + "example.com" + ] + }, + "request_https_certificate": { + "type": "boolean", + "title": "Request a valid HTTPS certificate" + } + } +} diff --git a/imageroot/actions/create-module/10env b/imageroot/actions/create-module/10env index 06b17484..cc979816 100755 --- a/imageroot/actions/create-module/10env +++ b/imageroot/actions/create-module/10env @@ -25,6 +25,7 @@ exec 1>&2 # Send any output to stderr, to not alter the action response protocol cat >&${AGENT_COMFD} <