pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-07 03:06:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Generate resources for remote subnets

Browse Source
This commit is contained in:
Owen
2025-12-07 20:04:30 -05:00
parent a3ba4fff54
commit e8f10b049e
3 changed files with 100 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/setup/migrationsPg.ts
View File

@@ -14,6 +14,7 @@ import m6 from "./scriptsPg/1.10.2";
import m7 from "./scriptsPg/1.11.0"; import m7 from "./scriptsPg/1.11.0";
import m8 from "./scriptsPg/1.11.1"; import m8 from "./scriptsPg/1.11.1";
import m9 from "./scriptsPg/1.12.0"; import m9 from "./scriptsPg/1.12.0";
import m10 from "./scriptsPg/1.13.0";
// THIS CANNOT IMPORT ANYTHING FROM THE SERVER // THIS CANNOT IMPORT ANYTHING FROM THE SERVER
// EXCEPT FOR THE DATABASE AND THE SCHEMA // EXCEPT FOR THE DATABASE AND THE SCHEMA
@@ -28,7 +29,8 @@ const migrations = [
{ version: "1.10.2", run: m6 }, { version: "1.10.2", run: m6 },
{ version: "1.11.0", run: m7 }, { version: "1.11.0", run: m7 },
{ version: "1.11.1", run: m8 }, { version: "1.11.1", run: m8 },
{ version: "1.12.0", run: m9 } { version: "1.12.0", run: m9 },
{ version: "1.13.0", run: m10 },
// Add new migrations here as they are created // Add new migrations here as they are created
] as { ] as {
version: string; version: string;

41
server/setup/scriptsPg/1.13.0.ts
View File

@@ -152,8 +152,49 @@ export default async function migration() {
await db.execute(sql`ALTER TABLE "userClients" ADD CONSTRAINT "userClients_clientId_clients_clientId_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("clientId") ON DELETE cascade ON UPDATE no action;`); await db.execute(sql`ALTER TABLE "userClients" ADD CONSTRAINT "userClients_clientId_clients_clientId_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("clientId") ON DELETE cascade ON UPDATE no action;`);
// set 100.96.128.0/24 as the utility subnet on all of the orgs
await db.execute(sql`UPDATE "orgs" SET "utilitySubnet" = '100.96.128.0/24'`);
// Query all of the sites to get their remoteSubnets
const sitesRemoteSubnetsData = await db.execute(sql`SELECT "siteId", "remoteSubnets" FROM "sites" WHERE "remoteSubnets" IS NOT NULL
`);
const sitesRemoteSubnets = sitesRemoteSubnetsData.rows as {
siteId: number;
remoteSubnets: string | null;
}[];
await db.execute(sql`ALTER TABLE "sites" DROP COLUMN "remoteSubnets";`); await db.execute(sql`ALTER TABLE "sites" DROP COLUMN "remoteSubnets";`);
// get all of the siteResources and set the the aliasAddress to 100.96.128.x starting at .8
const siteResourcesData = await db.execute(sql`SELECT "siteResourceId" FROM "siteResources" ORDER BY "siteResourceId" ASC`);
const siteResources = siteResourcesData.rows as {
siteResourceId: number;
}[];
let aliasIpOctet = 8;
for (const siteResource of siteResources) {
const aliasAddress = `100.96.128.${aliasIpOctet}`;
await db.execute(sql`
UPDATE "siteResources" SET "aliasAddress" = ${aliasAddress} WHERE "siteResourceId" = ${siteResource.siteResourceId}
`);
aliasIpOctet++;
}
// For each site with remote subnets we need to create a site resource of type cidr for each remote subnet
for (const site of sitesRemoteSubnets) {
if (site.remoteSubnets) {
const subnets = site.remoteSubnets.split(",");
for (const subnet of subnets) {
await db.execute(sql`
INSERT INTO "siteResources" ("siteId", "destination", "mode", "name")
VALUES (${site.siteId}, ${subnet.trim()}, 'cidr', 'Remote Subnet');
`);
}
}
}
// Associate clients with site resources based on their previous site access // Associate clients with site resources based on their previous site access
// Get all client-site associations from the renamed clientSitesAssociationsCache table // Get all client-site associations from the renamed clientSitesAssociationsCache table
const clientSiteAssociationsQuery = await db.execute(sql` const clientSiteAssociationsQuery = await db.execute(sql`

60
server/setup/scriptsSqlite/1.13.0.ts
View File

@@ -252,14 +252,68 @@ export default async function migration() {
`ALTER TABLE 'targetHealthCheck' ADD 'hcTlsServerName' text;` `ALTER TABLE 'targetHealthCheck' ADD 'hcTlsServerName' text;`
).run(); ).run();
// set 100.96.128.0/24 as the utility subnet on all of the orgs
db.prepare(
`UPDATE 'orgs' SET 'utilitySubnet' = '100.96.128.0/24'`
).run();
// Query all of the sites to get their remoteSubnets before dropping the column
const sitesRemoteSubnets = db
.prepare(
`SELECT siteId, remoteSubnets FROM 'sites' WHERE remoteSubnets IS NOT NULL`
)
.all() as {
siteId: number;
remoteSubnets: string | null;
}[];
db.prepare( db.prepare(
`ALTER TABLE 'sites' DROP COLUMN 'remoteSubnets';` `ALTER TABLE 'sites' DROP COLUMN 'remoteSubnets';`
).run(); ).run();
// get all of the siteResources and set the aliasAddress to 100.96.128.x starting at .8
const siteResourcesForAlias = db
.prepare(
`SELECT siteResourceId FROM 'siteResources' ORDER BY siteResourceId ASC`
)
.all() as {
siteResourceId: number;
}[];
const updateAliasAddress = db.prepare(
`UPDATE 'siteResources' SET aliasAddress = ? WHERE siteResourceId = ?`
);
let aliasIpOctet = 8;
for (const siteResource of siteResourcesForAlias) {
const aliasAddress = `100.96.128.${aliasIpOctet}`;
updateAliasAddress.run(aliasAddress, siteResource.siteResourceId);
aliasIpOctet++;
}
// For each site with remote subnets we need to create a site resource of type cidr for each remote subnet
const insertCidrResource = db.prepare(
`INSERT INTO 'siteResources' ('siteId', 'destination', 'mode', 'name', 'orgId', 'niceId')
SELECT ?, ?, 'cidr', 'Remote Subnet', orgId, ? FROM 'sites' WHERE siteId = ?`
);
for (const site of sitesRemoteSubnets) {
if (site.remoteSubnets) {
const subnets = site.remoteSubnets.split(",");
for (const subnet of subnets) {
// Generate a unique niceId for each new site resource
let niceId = generateName();
insertCidrResource.run(site.siteId, subnet.trim(), niceId, site.siteId);
}
}
}
// Associate clients with site resources based on their previous site access // Associate clients with site resources based on their previous site access
// Get all client-site associations from the renamed clientSitesAssociationsCache table // Get all client-site associations from the renamed clientSitesAssociationsCache table
const clientSiteAssociations = db const clientSiteAssociations = db
.prepare(`SELECT clientId, siteId FROM 'clientSitesAssociationsCache'`) .prepare(
`SELECT clientId, siteId FROM 'clientSitesAssociationsCache'`
)
.all() as { .all() as {
clientId: number; clientId: number;
siteId: number; siteId: number;
@@ -292,9 +346,7 @@ export default async function migration() {
// Associate existing site resources with their org's admin role // Associate existing site resources with their org's admin role
const siteResourcesWithOrg = db const siteResourcesWithOrg = db
.prepare( .prepare(`SELECT siteResourceId, orgId FROM 'siteResources'`)
`SELECT siteResourceId, orgId FROM 'siteResources'`
)
.all() as { .all() as {
siteResourceId: number; siteResourceId: number;
orgId: string; orgId: string;