mirror of
https://github.com/fosrl/pangolin.git
synced 2026-02-23 13:26:41 +00:00
Fixing various things
This commit is contained in:
Owen
@@ -27,7 +27,7 @@ export const domains = pgTable("domains", {
|
||||
|
||||
|
||||
export const dnsRecords = pgTable("dnsRecords", {
|
||||
id: varchar("id").primaryKey(),
|
||||
id: serial("id").primaryKey(),
|
||||
domainId: varchar("domainId")
|
||||
.notNull()
|
||||
.references(() => domains.domainId, { onDelete: "cascade" }),
|
||||
|
||||
@@ -18,7 +18,7 @@ export const domains = sqliteTable("domains", {
|
||||
});
|
||||
|
||||
export const dnsRecords = sqliteTable("dnsRecords", {
|
||||
id: text("id").primaryKey(),
|
||||
id: integer("id").primaryKey({ autoIncrement: true }),
|
||||
domainId: text("domainId")
|
||||
.notNull()
|
||||
.references(() => domains.domainId, { onDelete: "cascade" }),
|
||||
|
||||
@@ -2,7 +2,7 @@ import path from "path";
|
||||
import { fileURLToPath } from "url";
|
||||
|
||||
// This is a placeholder value replaced by the build process
|
||||
export const APP_VERSION = "1.11.0";
|
||||
export const APP_VERSION = "1.12.0";
|
||||
|
||||
export const __FILENAME = fileURLToPath(import.meta.url);
|
||||
export const __DIRNAME = path.dirname(__FILENAME);
|
||||
|
||||
@@ -50,7 +50,7 @@ export const configSchema = z
|
||||
.string()
|
||||
.nonempty("base_domain must not be empty")
|
||||
.transform((url) => url.toLowerCase()),
|
||||
cert_resolver: z.string().optional().default("letsencrypt"),
|
||||
cert_resolver: z.string().optional(), // null falls back to traefik.cert_resolver
|
||||
prefer_wildcard_cert: z.boolean().optional().default(false)
|
||||
})
|
||||
)
|
||||
|
||||
@@ -3,9 +3,9 @@ import axios from "axios";
|
||||
let serverIp: string | null = null;
|
||||
|
||||
const services = [
|
||||
"https://checkip.amazonaws.com",
|
||||
"https://ifconfig.io/ip",
|
||||
"https://api.ipify.org",
|
||||
"https://checkip.amazonaws.com"
|
||||
];
|
||||
|
||||
export async function fetchServerIp() {
|
||||
|
||||
@@ -75,6 +75,7 @@ import { validateResourceSessionToken } from "@server/auth/sessions/resource";
|
||||
import { checkExitNodeOrg, resolveExitNodes } from "#private/lib/exitNodes";
|
||||
import { maxmindLookup } from "@server/db/maxmind";
|
||||
import { verifyResourceAccessToken } from "@server/auth/verifyResourceAccessToken";
|
||||
import semver from "semver";
|
||||
|
||||
// Zod schemas for request validation
|
||||
const getResourceByDomainParamsSchema = z
|
||||
@@ -1070,11 +1071,20 @@ hybridRouter.get(
|
||||
);
|
||||
}
|
||||
|
||||
const rules = await db
|
||||
let rules = await db
|
||||
.select()
|
||||
.from(resourceRules)
|
||||
.where(eq(resourceRules.resourceId, resourceId));
|
||||
|
||||
// backward compatibility: COUNTRY -> GEOIP
|
||||
if ((remoteExitNode.version && semver.lt(remoteExitNode.version, "1.1.0")) || !remoteExitNode.version) {
|
||||
for (const rule of rules) {
|
||||
if (rule.match == "COUNTRY") {
|
||||
rule.match = "GEOIP";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return response<(typeof resourceRules.$inferSelect)[]>(res, {
|
||||
data: rules,
|
||||
success: true,
|
||||
|
||||
@@ -286,7 +286,6 @@ export async function createOrgDomain(
|
||||
// Save NS records to database
|
||||
for (const nsValue of nsRecords) {
|
||||
recordsToInsert.push({
|
||||
id: generateId(15),
|
||||
domainId,
|
||||
recordType: "NS",
|
||||
baseDomain: baseDomain,
|
||||
@@ -309,7 +308,6 @@ export async function createOrgDomain(
|
||||
// Save CNAME records to database
|
||||
for (const cnameRecord of cnameRecords) {
|
||||
recordsToInsert.push({
|
||||
id: generateId(15),
|
||||
domainId,
|
||||
recordType: "CNAME",
|
||||
baseDomain: cnameRecord.baseDomain,
|
||||
@@ -332,7 +330,6 @@ export async function createOrgDomain(
|
||||
// Save A records to database
|
||||
for (const aRecord of aRecords) {
|
||||
recordsToInsert.push({
|
||||
id: generateId(15),
|
||||
domainId,
|
||||
recordType: "A",
|
||||
baseDomain: aRecord.baseDomain,
|
||||
|
||||
@@ -98,15 +98,16 @@ export async function updateOrg(
|
||||
parsedBody.data.passwordExpiryDays = undefined;
|
||||
}
|
||||
|
||||
const { tier } = await getOrgTierData(orgId);
|
||||
if (
|
||||
!isLicensed &&
|
||||
tier != TierId.STANDARD &&
|
||||
parsedBody.data.settingsLogRetentionDaysRequest &&
|
||||
parsedBody.data.settingsLogRetentionDaysRequest > 30
|
||||
) {
|
||||
return next(
|
||||
createHttpError(
|
||||
HttpCode.FORBIDDEN,
|
||||
"You are not allowed to set log retention days greater than 30 because you are not subscribed to the Standard tier"
|
||||
"You are not allowed to set log retention days greater than 30 with your current subscription"
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import { db } from "@server/db";
|
||||
import { db, dnsRecords } from "@server/db";
|
||||
import { domains, exitNodes, orgDomains, orgs, resources } from "@server/db";
|
||||
import config from "@server/lib/config";
|
||||
import { eq, ne } from "drizzle-orm";
|
||||
@@ -8,7 +8,10 @@ export async function copyInConfig() {
|
||||
const endpoint = config.getRawConfig().gerbil.base_endpoint;
|
||||
const listenPort = config.getRawConfig().gerbil.start_port;
|
||||
|
||||
if (!config.getRawConfig().flags?.disable_config_managed_domains && config.getRawConfig().domains) {
|
||||
if (
|
||||
!config.getRawConfig().flags?.disable_config_managed_domains &&
|
||||
config.getRawConfig().domains
|
||||
) {
|
||||
await copyInDomains();
|
||||
}
|
||||
|
||||
@@ -39,7 +42,7 @@ async function copyInDomains() {
|
||||
domainId: key,
|
||||
baseDomain: value.base_domain.toLowerCase(),
|
||||
certResolver: value.cert_resolver || null,
|
||||
preferWildcardCert: value.prefer_wildcard_cert || null,
|
||||
preferWildcardCert: value.prefer_wildcard_cert || null
|
||||
})
|
||||
);
|
||||
|
||||
@@ -56,31 +59,79 @@ async function copyInDomains() {
|
||||
if (!configDomainKeys.has(existingDomain.domainId)) {
|
||||
await trx
|
||||
.delete(domains)
|
||||
.where(eq(domains.domainId, existingDomain.domainId))
|
||||
.execute();
|
||||
.where(eq(domains.domainId, existingDomain.domainId));
|
||||
await trx
|
||||
.delete(dnsRecords)
|
||||
.where(eq(dnsRecords.domainId, existingDomain.domainId));
|
||||
}
|
||||
}
|
||||
|
||||
for (const { domainId, baseDomain, certResolver, preferWildcardCert } of configDomains) {
|
||||
for (const {
|
||||
domainId,
|
||||
baseDomain,
|
||||
certResolver,
|
||||
preferWildcardCert
|
||||
} of configDomains) {
|
||||
if (existingDomainKeys.has(domainId)) {
|
||||
await trx
|
||||
.update(domains)
|
||||
.set({ baseDomain, verified: true, type: "wildcard", certResolver, preferWildcardCert })
|
||||
.where(eq(domains.domainId, domainId))
|
||||
.execute();
|
||||
} else {
|
||||
await trx
|
||||
.insert(domains)
|
||||
.values({
|
||||
domainId,
|
||||
.set({
|
||||
baseDomain,
|
||||
configManaged: true,
|
||||
type: "wildcard",
|
||||
verified: true,
|
||||
type: "wildcard",
|
||||
certResolver,
|
||||
preferWildcardCert
|
||||
})
|
||||
.execute();
|
||||
.where(eq(domains.domainId, domainId));
|
||||
|
||||
// delete the dns records and add them again to ensure they are correct
|
||||
await trx
|
||||
.delete(dnsRecords)
|
||||
.where(eq(dnsRecords.domainId, domainId));
|
||||
|
||||
await trx.insert(dnsRecords).values([
|
||||
{
|
||||
domainId,
|
||||
recordType: "A",
|
||||
baseDomain,
|
||||
value: "Server IP Address",
|
||||
verified: true
|
||||
},
|
||||
{
|
||||
domainId,
|
||||
recordType: "A",
|
||||
baseDomain,
|
||||
value: "Server IP Address",
|
||||
verified: true
|
||||
}
|
||||
]);
|
||||
} else {
|
||||
await trx.insert(domains).values({
|
||||
domainId,
|
||||
baseDomain,
|
||||
configManaged: true,
|
||||
type: "wildcard",
|
||||
verified: true,
|
||||
certResolver,
|
||||
preferWildcardCert
|
||||
});
|
||||
|
||||
await trx.insert(dnsRecords).values([
|
||||
{
|
||||
domainId,
|
||||
recordType: "A",
|
||||
baseDomain,
|
||||
value: "Server IP Address",
|
||||
verified: true
|
||||
},
|
||||
{
|
||||
domainId,
|
||||
recordType: "A",
|
||||
baseDomain,
|
||||
value: "Server IP Address",
|
||||
verified: true
|
||||
}
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -44,7 +44,7 @@ export default async function migration() {
|
||||
|
||||
await db.execute(sql`
|
||||
CREATE TABLE "dnsRecords" (
|
||||
"id" varchar PRIMARY KEY NOT NULL,
|
||||
"id" serial PRIMARY KEY NOT NULL,
|
||||
"domainId" varchar NOT NULL,
|
||||
"recordType" varchar NOT NULL,
|
||||
"baseDomain" varchar,
|
||||
@@ -108,10 +108,10 @@ export default async function migration() {
|
||||
await db.execute(sql`ALTER TABLE "orgs" DROP COLUMN "settings";`);
|
||||
|
||||
await db.execute(sql`COMMIT`);
|
||||
console.log(`Updated resource rules match value from GEOIP to COUNTRY`);
|
||||
console.log("Migrated database");
|
||||
} catch (e) {
|
||||
await db.execute(sql`ROLLBACK`);
|
||||
console.log("Unable to update resource rules match value");
|
||||
console.log("Unable to migrate database");
|
||||
console.log(e);
|
||||
throw e;
|
||||
}
|
||||
|
||||
@@ -72,7 +72,7 @@ export default async function migration() {
|
||||
db.prepare(
|
||||
`
|
||||
CREATE TABLE 'dnsRecords' (
|
||||
'id' text PRIMARY KEY NOT NULL,
|
||||
'id' integer PRIMARY KEY AUTOINCREMENT NOT NULL,
|
||||
'domainId' text NOT NULL,
|
||||
'recordType' text NOT NULL,
|
||||
'baseDomain' text,
|
||||
|
||||
Reference in New Issue
Block a user