fix: hook.ts - relogin needed

updated packages
fix: Lots of typescript thingy
fix: ssl request flow
fix: proxy cleanup flow
This commit is contained in:
Andras Bacsai 2022-02-18 13:59:23 +01:00
parent 4d8bf57135
commit 2ce64ac213
33 changed files with 243 additions and 247 deletions

View File

@ -25,9 +25,9 @@
"prepare": "husky install"
},
"devDependencies": {
"@sveltejs/adapter-node": "1.0.0-next.67",
"@sveltejs/adapter-static": "1.0.0-next.27",
"@sveltejs/kit": "1.0.0-next.259",
"@sveltejs/adapter-node": "1.0.0-next.68",
"@sveltejs/adapter-static": "1.0.0-next.28",
"@sveltejs/kit": "1.0.0-next.278",
"@types/bcrypt": "5.0.0",
"@types/js-cookie": "3.0.1",
"@types/node": "17.0.18",
@ -50,7 +50,7 @@
"svelte": "3.46.4",
"svelte-check": "2.4.3",
"svelte-preprocess": "4.10.3",
"tailwindcss": "3.0.22",
"tailwindcss": "3.0.23",
"ts-node": "10.5.0",
"tslib": "2.3.1",
"typescript": "4.5.5"
@ -59,9 +59,9 @@
"dependencies": {
"@iarna/toml": "2.2.5",
"@prisma/client": "3.9.2",
"@sentry/node": "6.17.8",
"@sentry/node": "6.17.9",
"bcrypt": "5.0.1",
"bullmq": "1.72.0",
"bullmq": "1.73.0",
"compare-versions": "4.1.3",
"cookie": "0.4.2",
"cuid": "2.1.8",
@ -69,15 +69,15 @@
"dockerode": "3.3.1",
"dotenv-extended": "2.9.0",
"generate-password": "1.7.0",
"get-port": "6.0.0",
"get-port": "6.1.0",
"got": "12.0.1",
"js-cookie": "3.0.1",
"js-yaml": "4.1.0",
"jsonwebtoken": "8.5.1",
"node-forge": "1.2.1",
"svelte-kit-cookie-session": "2.0.2",
"svelte-kit-cookie-session": "2.1.2",
"tailwindcss-scrollbar": "^0.1.0",
"unique-names-generator": "4.6.0"
"unique-names-generator": "4.7.1"
},
"prisma": {
"seed": "node prisma/seed.cjs"

View File

@ -3,10 +3,10 @@ lockfileVersion: 5.3
specifiers:
'@iarna/toml': 2.2.5
'@prisma/client': 3.9.2
'@sentry/node': 6.17.8
'@sveltejs/adapter-node': 1.0.0-next.67
'@sveltejs/adapter-static': 1.0.0-next.27
'@sveltejs/kit': 1.0.0-next.259
'@sentry/node': 6.17.9
'@sveltejs/adapter-node': 1.0.0-next.68
'@sveltejs/adapter-static': 1.0.0-next.28
'@sveltejs/kit': 1.0.0-next.278
'@types/bcrypt': 5.0.0
'@types/js-cookie': 3.0.1
'@types/node': 17.0.18
@ -16,7 +16,7 @@ specifiers:
'@zerodevx/svelte-toast': 0.6.3
autoprefixer: 10.4.2
bcrypt: 5.0.1
bullmq: 1.72.0
bullmq: 1.73.0
compare-versions: 4.1.3
cookie: 0.4.2
cross-var: 1.1.0
@ -28,7 +28,7 @@ specifiers:
eslint-config-prettier: 8.3.0
eslint-plugin-svelte3: 3.2.1
generate-password: 1.7.0
get-port: 6.0.0
get-port: 6.1.0
got: 12.0.1
husky: 7.0.4
js-cookie: 3.0.1
@ -43,21 +43,21 @@ specifiers:
prisma: 3.9.2
svelte: 3.46.4
svelte-check: 2.4.3
svelte-kit-cookie-session: 2.0.2
svelte-kit-cookie-session: 2.1.2
svelte-preprocess: 4.10.3
tailwindcss: 3.0.22
tailwindcss: 3.0.23
tailwindcss-scrollbar: ^0.1.0
ts-node: 10.5.0
tslib: 2.3.1
typescript: 4.5.5
unique-names-generator: 4.6.0
unique-names-generator: 4.7.1
dependencies:
'@iarna/toml': 2.2.5
'@prisma/client': 3.9.2_prisma@3.9.2
'@sentry/node': 6.17.8
'@sentry/node': 6.17.9
bcrypt: 5.0.1
bullmq: 1.72.0
bullmq: 1.73.0
compare-versions: 4.1.3
cookie: 0.4.2
cuid: 2.1.8
@ -65,20 +65,20 @@ dependencies:
dockerode: 3.3.1
dotenv-extended: 2.9.0
generate-password: 1.7.0
get-port: 6.0.0
get-port: 6.1.0
got: 12.0.1
js-cookie: 3.0.1
js-yaml: 4.1.0
jsonwebtoken: 8.5.1
node-forge: 1.2.1
svelte-kit-cookie-session: 2.0.2
tailwindcss-scrollbar: 0.1.0_tailwindcss@3.0.22
unique-names-generator: 4.6.0
svelte-kit-cookie-session: 2.1.2
tailwindcss-scrollbar: 0.1.0_tailwindcss@3.0.23
unique-names-generator: 4.7.1
devDependencies:
'@sveltejs/adapter-node': 1.0.0-next.67
'@sveltejs/adapter-static': 1.0.0-next.27
'@sveltejs/kit': 1.0.0-next.259_svelte@3.46.4
'@sveltejs/adapter-node': 1.0.0-next.68
'@sveltejs/adapter-static': 1.0.0-next.28
'@sveltejs/kit': 1.0.0-next.278_svelte@3.46.4
'@types/bcrypt': 5.0.0
'@types/js-cookie': 3.0.1
'@types/node': 17.0.18
@ -101,7 +101,7 @@ devDependencies:
svelte: 3.46.4
svelte-check: 2.4.3_postcss@8.4.6+svelte@3.46.4
svelte-preprocess: 4.10.3_88b359da5cac6d8f6ee1bbb7080a3fa9
tailwindcss: 3.0.22_c940fbabf228b85b1c73d314b43e31f1
tailwindcss: 3.0.23_c940fbabf228b85b1c73d314b43e31f1
ts-node: 10.5.0_f3bd4037939c2ed2942ba074291f8ef2
tslib: 2.3.1
typescript: 4.5.5
@ -295,56 +295,56 @@ packages:
picomatch: 2.3.0
dev: true
/@sentry/core/6.17.8:
/@sentry/core/6.17.9:
resolution:
{
integrity: sha512-4WTjgQom75Rvgn6XYy6e7vMIbWlj8utau1wWvr7kjqFKuuuuycRvPgVzAdVr4B3WDHHCInAZpUchsOLs2qwIEA==
integrity: sha512-14KalmTholGUtgdh9TklO+jUpyQ/D3OGkhlH1rnGQGoJgFy2eYm+s+MnUEMxFdGIUCz5kOteuNqYZxaDmFagpQ==
}
engines: { node: '>=6' }
dependencies:
'@sentry/hub': 6.17.8
'@sentry/minimal': 6.17.8
'@sentry/types': 6.17.8
'@sentry/utils': 6.17.8
'@sentry/hub': 6.17.9
'@sentry/minimal': 6.17.9
'@sentry/types': 6.17.9
'@sentry/utils': 6.17.9
tslib: 1.14.1
dev: false
/@sentry/hub/6.17.8:
/@sentry/hub/6.17.9:
resolution:
{
integrity: sha512-GW0XYpkoQu/kSJaTLfsF4extHDOBPNRnT0qKr/YO20Z5wGxYp8LsdnAuU3njcFHcAV2F/QDTj2BPq1U385/4+A==
integrity: sha512-34EdrweWDbBV9EzEFIXcO+JeoyQmKzQVJxpTKZoJA6PUwf2NrndaUdjlkDEtBEzjuLUTxhLxtOzEsYs1O6RVcg==
}
engines: { node: '>=6' }
dependencies:
'@sentry/types': 6.17.8
'@sentry/utils': 6.17.8
'@sentry/types': 6.17.9
'@sentry/utils': 6.17.9
tslib: 1.14.1
dev: false
/@sentry/minimal/6.17.8:
/@sentry/minimal/6.17.9:
resolution:
{
integrity: sha512-VJXFZBO/O8SViK0fdzodxpNr+pbpgczNgLpz/MNuSooV6EBesgCMVjXtxDUp1Ie1odc0GUprN/ZMLYBmYdIrKQ==
integrity: sha512-T3PMCHcKk6lkZq6zKgANrYJJxXBXKOe+ousV1Fas1rVBMv7dtKfsa4itqQHszcW9shusPDiaQKIJ4zRLE5LKmg==
}
engines: { node: '>=6' }
dependencies:
'@sentry/hub': 6.17.8
'@sentry/types': 6.17.8
'@sentry/hub': 6.17.9
'@sentry/types': 6.17.9
tslib: 1.14.1
dev: false
/@sentry/node/6.17.8:
/@sentry/node/6.17.9:
resolution:
{
integrity: sha512-b3zg1XjKtxp7o821ENORO1CCzMM4QzKP01rzztMwyMcj28dmUq36QXoQAnwdKn7jEYkJdLnMeniIBR6U6NUJrQ==
integrity: sha512-jbn+q7qPGOh6D7nYoYGaAlmuvMDpQmyMwBtUVYybuZp2AALe43O3Z4LtoJ+1+F31XowpsIPZx1mwNs4ZrILskA==
}
engines: { node: '>=6' }
dependencies:
'@sentry/core': 6.17.8
'@sentry/hub': 6.17.8
'@sentry/tracing': 6.17.8
'@sentry/types': 6.17.8
'@sentry/utils': 6.17.8
'@sentry/core': 6.17.9
'@sentry/hub': 6.17.9
'@sentry/tracing': 6.17.9
'@sentry/types': 6.17.9
'@sentry/utils': 6.17.9
cookie: 0.4.2
https-proxy-agent: 5.0.0
lru_map: 0.3.3
@ -353,36 +353,36 @@ packages:
- supports-color
dev: false
/@sentry/tracing/6.17.8:
/@sentry/tracing/6.17.9:
resolution:
{
integrity: sha512-WJ3W8O6iPI3w7MrzTnYcw3s5PGBNFqT4b9oBCl5Ndjexs8DsGlQOxjrsipo36z6TpnRHpAE4FEbOETb2R8JRJQ==
integrity: sha512-5Rb/OS4ryNJLvz2nv6wyjwhifjy6veqaF9ffLrwFYij/WDy7m62ASBblxgeiI3fbPLX0aBRFWIJAq1vko26+AQ==
}
engines: { node: '>=6' }
dependencies:
'@sentry/hub': 6.17.8
'@sentry/minimal': 6.17.8
'@sentry/types': 6.17.8
'@sentry/utils': 6.17.8
'@sentry/hub': 6.17.9
'@sentry/minimal': 6.17.9
'@sentry/types': 6.17.9
'@sentry/utils': 6.17.9
tslib: 1.14.1
dev: false
/@sentry/types/6.17.8:
/@sentry/types/6.17.9:
resolution:
{
integrity: sha512-0i0f+dpvV62Pm5QMVBHNfEsTGIXoXRGQbeN2LGL4XbhzrzUmIrBPzrnZHv9c/JYtSJnI6A0B9OG7Bdlh3aku+Q==
integrity: sha512-xuulX6qUCL14ayEOh/h6FUIvZtsi1Bx34dSOaWDrjXUOJHJAM7214uiqW1GZxPJ13YuaUIubjTSfDmSQ9CBzTw==
}
engines: { node: '>=6' }
dev: false
/@sentry/utils/6.17.8:
/@sentry/utils/6.17.9:
resolution:
{
integrity: sha512-cAOM53A5FHv95hpDuXKJU8rI4B1XdZ6qe3Yo+/nDS9QDpOgzvyjcItgXPvKW1wUjdHCcnwu7VBfBxB7teYOW9g==
integrity: sha512-4eo9Z3JlJCGlGrQRbtZWL+L9NnlUXgTbfK3Lk7oO8D1ev8R5b5+iE6tZHTvU5rQRcq6zu+POT+tK5u9oxc/rnQ==
}
engines: { node: '>=6' }
dependencies:
'@sentry/types': 6.17.8
'@sentry/types': 6.17.9
tslib: 1.14.1
dev: false
@ -394,28 +394,28 @@ packages:
engines: { node: '>=10' }
dev: false
/@sveltejs/adapter-node/1.0.0-next.67:
/@sveltejs/adapter-node/1.0.0-next.68:
resolution:
{
integrity: sha512-+LuLn91xARZsRANiQNIIDpMMncUTnP2pJc8tyL+FdpVvs5UtlvkYJpeCBPFqjjseRpIIbi8Slu89GCdrRXBDUg==
integrity: sha512-MiEjtl15Aupm6bjirVlq0kkc9AL8qDXz/blsh4jYMsaiidmcEHeDgfZQFM5YiXy95DbxV30MAkhwCQiYK/J8Kw==
}
dependencies:
tiny-glob: 0.2.9
dev: true
/@sveltejs/adapter-static/1.0.0-next.27:
/@sveltejs/adapter-static/1.0.0-next.28:
resolution:
{
integrity: sha512-dcN1p1D7ZY/a9SClfN14mgm9pyWbLxdwM9gzPMZG6xXOoqMtwI03aZOFgGGumHPdv+XcGRZM96vUSRoDm6vBJQ==
integrity: sha512-c4xLyeSwnbGQxe4f1SLpHTbxZDm3TEr43scR3tOlVgQN+mnAL9aDdl3nTtdzWmrUDmDEmY4GriAwLyFLZuINLw==
}
dependencies:
tiny-glob: 0.2.9
dev: true
/@sveltejs/kit/1.0.0-next.259_svelte@3.46.4:
/@sveltejs/kit/1.0.0-next.278_svelte@3.46.4:
resolution:
{
integrity: sha512-+Tss6cQXmpi4Jno/ZP0zJ3INBLMED+WeW4UI81tmexheC76Y2p+cbInneKO/REx/8QFo1iroYrWAUkZPsOg8Ew==
integrity: sha512-WT93Wnu05X9WG9BMMk/dj0gy6R7iXm9aXRDVgmIl9z8jT2ukejgmkhi5IwBYrK0OMIUALRVfukn+iy+srPc91Q==
}
engines: { node: '>=14.13' }
hasBin: true
@ -1748,10 +1748,10 @@ packages:
ieee754: 1.2.1
dev: false
/bullmq/1.72.0:
/bullmq/1.73.0:
resolution:
{
integrity: sha512-Q0pk6GphHyYsacpjZZFhjp/+TY+2g2FDsJS3qwIyskQL4j7vZaa1iYX3gKDEBn4C5eZMP1EOl9GWkm2bhdB0Wg==
integrity: sha512-+BF7yeGagYD/iMkM3FA8Wvb3j3MyKE/OdXv404+nQjUsKXfL7PbqX5NSA9lBtFzOdyFx9ZWyKRnBwuGQsLfM0w==
}
dependencies:
cron-parser: 2.18.0
@ -3116,10 +3116,10 @@ packages:
engines: { node: '>=8' }
dev: false
/get-port/6.0.0:
/get-port/6.1.0:
resolution:
{
integrity: sha512-qSVkVF6Eq1GdL/cBNiFuP4nUHMF7OEMTqEjC6alR2N90u8BFOoO0PFhNTX2QtAUoGrz8NnrSWj85TZ8YXZ6LOA==
integrity: sha512-JKnPFW/G2ZRirH/25sLK1aLBQktJfQLixzMMuMBP8A2G/ivSaIwdTnlJeO7PWeyhyIGVorezNf6+CXZU9i0cIQ==
}
engines: { node: ^12.20.0 || ^14.13.1 || >=16.0.0 }
dev: false
@ -5205,10 +5205,10 @@ packages:
svelte: 3.46.4
dev: true
/svelte-kit-cookie-session/2.0.2:
/svelte-kit-cookie-session/2.1.2:
resolution:
{
integrity: sha512-+JfunYbraIOkecOJlC1iYqH9g6YOY8MXyUdE3hTZquR1JrODmOZZ+pVPmZuVIFpM5sStJf/jF1NT5306TWE9Gw==
integrity: sha512-PfxIWDhiyYWu7iKlL0GHpmwDrdFh+rX/WmBzOuvctF25UqngIo9MCiegWBSBLE1RBwNs5UqaIeI8+vligmY07g==
}
dev: false
@ -5290,7 +5290,7 @@ packages:
strip-ansi: 6.0.1
dev: true
/tailwindcss-scrollbar/0.1.0_tailwindcss@3.0.22:
/tailwindcss-scrollbar/0.1.0_tailwindcss@3.0.23:
resolution:
{
integrity: sha512-egipxw4ooQDh94x02XQpPck0P0sfwazwoUGfA9SedPATIuYDR+6qe8d31Gl7YsSMRiOKDkkqfI0kBvEw9lT/Hg==
@ -5298,13 +5298,13 @@ packages:
peerDependencies:
tailwindcss: '>= 2.x.x'
dependencies:
tailwindcss: 3.0.22_c940fbabf228b85b1c73d314b43e31f1
tailwindcss: 3.0.23_c940fbabf228b85b1c73d314b43e31f1
dev: false
/tailwindcss/3.0.22_c940fbabf228b85b1c73d314b43e31f1:
/tailwindcss/3.0.23_c940fbabf228b85b1c73d314b43e31f1:
resolution:
{
integrity: sha512-F8lt74RlNZirnkaSk310+vGQta7c0/hgx7/bqxruM4wS9lp8oqV93lzavajC3VT0Lp4UUtUVIt8ifKcmGzkr0A==
integrity: sha512-+OZOV9ubyQ6oI2BXEhzw4HrqvgcARY38xv3zKcjnWtMIZstEsXdI9xftd1iB7+RbOnj2HOEzkA0OyB5BaSxPQA==
}
engines: { node: '>=12.13.0' }
hasBin: true
@ -5528,10 +5528,10 @@ packages:
function.name: 1.0.13
dev: false
/unique-names-generator/4.6.0:
/unique-names-generator/4.7.1:
resolution:
{
integrity: sha512-m0fke1emBeT96UYn2psPQYwljooDWRTKt9oUZ5vlt88ZFMBGxqwPyLHXwCfkbgdm8jzioCp7oIpo6KdM+fnUlQ==
integrity: sha512-lMx9dX+KRmG8sq6gulYYpKWZc9RlGsgBR6aoO8Qsm3qvkSJ+3rAymr+TnV8EDMrIrwuFJ4kruzMWM/OpYzPoow==
}
engines: { node: '>=8' }
dev: false

View File

@ -1,74 +1,25 @@
/// <reference types="@sveltejs/kit" />
interface Cookies {
teamId?: string;
gitlabToken?: string;
'kit.session'?: string;
}
declare namespace App {
interface Locals {
gitlabToken?: string;
user: {
teamId: string;
permission: string;
isAdmin: boolean;
};
session: {
data: {
uid?: string;
teams?: string[];
expires?: string;
};
};
session: import('svelte-kit-cookie-session').Session<SessionData>;
cookies: Record<string, string>;
}
interface Platform {}
interface Session extends SessionData {}
interface Stuff {}
}
type Applications = {
name: string;
domain: string;
};
interface Hash {
iv: string;
content: string;
interface SessionData {
version?: string;
userId?: string | null;
teamId?: string | null;
permission?: string;
isAdmin?: boolean;
expires?: string | null;
gitlabToken?: string | null;
}
interface BuildPack {
name: string;
}
// TODO: Not used, not working what?!
enum GitSource {
Github = 'github',
Gitlab = 'gitlab',
Bitbucket = 'bitbucket'
}
type RawHaproxyConfiguration = {
_version: number;
data: string;
};
type NewTransaction = {
_version: number;
id: string;
status: string;
};
type HttpRequestRuleForceSSL = {
return_hdrs: null;
cond: string;
cond_test: string;
index: number;
redir_code: number;
redir_type: string;
redir_value: string;
type: string;
};
// TODO: No any please
type HttpRequestRule = {
_version: number;
data: Array<any>;
};
type DateTimeFormatOptions = {
localeMatcher?: 'lookup' | 'best fit';
weekday?: 'long' | 'short' | 'narrow';
@ -84,3 +35,24 @@ type DateTimeFormatOptions = {
hour12?: boolean;
timeZone?: string;
};
interface Hash {
iv: string;
content: string;
}
type RawHaproxyConfiguration = {
_version: number;
data: string;
};
type NewTransaction = {
_version: number;
id: string;
status: string;
};
type Application = {
name: string;
domain: string;
};

View File

@ -2,7 +2,7 @@ import dotEnvExtended from 'dotenv-extended';
dotEnvExtended.load();
import type { GetSession } from '@sveltejs/kit';
import { handleSession } from 'svelte-kit-cookie-session';
import { getUserDetails, isTeamIdTokenAvailable, sentry } from '$lib/common';
import { getUserDetails, sentry } from '$lib/common';
import { version } from '$lib/common';
import cookie from 'cookie';
import { dev } from '$app/env';
@ -16,22 +16,29 @@ export const handle = handleSession(
async function ({ event, resolve }) {
let response;
try {
const cookies: Cookies = cookie.parse(event.request.headers.get('cookie') || '');
if (cookies['kit.session']) {
const { permission, teamId } = await getUserDetails(event, false);
event.locals.user = {
let gitlabToken = event.locals.cookies.gitlabToken;
if (event.locals.cookies['kit.session']) {
const { permission, teamId, userId } = await getUserDetails(event, false);
const newSession = {
userId,
teamId,
permission,
isAdmin: permission === 'admin' || permission === 'owner'
isAdmin: permission === 'admin' || permission === 'owner',
expires: event.locals.session.data.expires,
gitlabToken: gitlabToken
};
if (JSON.stringify(event.locals.session.data) !== JSON.stringify(newSession)) {
event.locals.session.data = { ...newSession };
}
if (cookies.gitlabToken) {
event.locals.gitlabToken = cookies.gitlabToken;
}
response = await resolve(event, {
ssr: !event.url.pathname.startsWith('/webhooks/success')
});
} catch (error) {
console.log(error);
response = await resolve(event, {
ssr: !event.url.pathname.startsWith('/webhooks/success')
});
@ -62,17 +69,13 @@ export const handle = handleSession(
}
);
export const getSession: GetSession = function (request) {
export const getSession: GetSession = function ({ locals }) {
return {
version,
gitlabToken: request.locals?.gitlabToken || null,
uid: request.locals.session.data?.uid || null,
teamId: request.locals.user?.teamId || null,
permission: request.locals.user?.permission,
isAdmin: request.locals.user?.isAdmin || false
...locals.session.data
};
};
export async function handleError({ error, event }) {
if (!dev) sentry.captureException(error, { event });
if (!dev) sentry.captureException(error, event);
}

View File

@ -67,7 +67,7 @@ export const isTeamIdTokenAvailable = (request) => {
};
export const getTeam = (event) => {
const cookies: Cookies = Cookie.parse(event.request.headers.get('cookie'));
const cookies = Cookie.parse(event.request.headers.get('cookie'));
if (cookies.teamId) {
return cookies.teamId;
} else if (event.locals.session.data.teamId) {
@ -78,7 +78,7 @@ export const getTeam = (event) => {
export const getUserDetails = async (event, isAdminRequired = true) => {
const teamId = getTeam(event);
const userId = event.locals.session.data.uid || null;
const userId = event.locals.session.data.userId || null;
const { permission = 'read' } = await db.prisma.permission.findFirst({
where: { teamId, userId },
select: { permission: true },

View File

@ -6,6 +6,7 @@
export let description;
export let isCenter = true;
export let disabled = false;
export let dataTooltip = null;
</script>
<div class="flex items-center py-4 pr-8">
@ -14,7 +15,7 @@
<Explainer text={description} />
</div>
</div>
<div class:text-center={isCenter}>
<div class:tooltip={dataTooltip} class:text-center={isCenter} data-tooltip={dataTooltip}>
<div
type="button"
on:click

View File

@ -1,5 +1,5 @@
import { decrypt, encrypt } from '$lib/crypto';
import { removeProxyConfiguration, removeWwwRedirection } from '$lib/haproxy';
import { removeProxyConfiguration } from '$lib/haproxy';
import { asyncExecShell, getEngine } from '$lib/common';
import { getDomain, removeDestinationDocker } from '$lib/common';

View File

@ -2,6 +2,7 @@ import { dev } from '$app/env';
import { sentry } from '$lib/common';
import * as Prisma from '@prisma/client';
import { default as ProdPrisma } from '@prisma/client';
import type { PrismaClientOptions } from '@prisma/client/runtime';
import generator from 'generate-password';
import forge from 'node-forge';
@ -19,28 +20,20 @@ if (!dev) {
PrismaClient = ProdPrisma.PrismaClient;
P = ProdPrisma.Prisma;
}
let prismaOptions = {
rejectOnNotFound: false
};
if (dev) {
prismaOptions = {
export const prisma = new PrismaClient({
errorFormat: 'pretty',
rejectOnNotFound: false,
log: [
{
emit: 'event',
level: 'query'
}
]
};
}
export const prisma = new PrismaClient(prismaOptions);
rejectOnNotFound: false
});
export function ErrorHandler(e) {
if (e! instanceof Error) {
e = new Error(e.toString());
}
let truncatedError = e;
if (e.stdout) {
truncatedError = e.stdout;
}
if (e.message?.includes('docker run')) {
let truncatedArray = [];
truncatedArray = truncatedError.message.split('-').filter((line) => {

View File

@ -12,13 +12,16 @@ export async function login({ email, password }) {
const users = await prisma.user.count();
const userFound = await prisma.user.findUnique({
where: { email },
include: { teams: true },
include: { teams: true, permission: true },
rejectOnNotFound: false
});
console.log(userFound);
// Registration disabled if database is not seeded properly
const { isRegistrationEnabled, id } = await db.listSettings();
let uid = cuid();
let permission = 'read';
let isAdmin = false;
// Disable registration if we are registering the first user.
if (users === 0) {
await prisma.setting.update({ where: { id }, data: { isRegistrationEnabled: false } });
@ -50,6 +53,8 @@ export async function login({ email, password }) {
};
}
uid = userFound.id;
// permission = userFound.permission;
isAdmin = true;
}
} else {
// If registration disabled, return 403
@ -61,6 +66,8 @@ export async function login({ email, password }) {
const hashedPassword = await bcrypt.hash(password, saltRounds);
if (users === 0) {
permission = 'owner';
isAdmin = true;
await prisma.user.create({
data: {
id: uid,
@ -103,8 +110,10 @@ export async function login({ email, password }) {
'Set-Cookie': `teamId=${uid}; HttpOnly; Path=/; Max-Age=15778800;`
},
body: {
uid,
teamId: uid
userId: uid,
teamId: uid,
permission,
isAdmin
}
};
}

View File

@ -48,7 +48,8 @@ export async function completeTransaction(transactionId) {
return await haproxy.put(`v2/services/haproxy/transactions/${transactionId}`);
}
export async function removeProxyConfiguration({ domain }) {
export async function removeProxyConfiguration(fqdn) {
const domain = getDomain(fqdn);
const haproxy = await haproxyInstance();
const backendFound = await haproxy
.get(`v2/services/haproxy/configuration/backends/${domain}`)
@ -64,10 +65,10 @@ export async function removeProxyConfiguration({ domain }) {
.json();
await completeTransaction(transactionId);
}
await forceSSLOffApplication({ domain });
await removeWwwRedirection(domain);
await forceSSLOffApplication(domain);
await removeWwwRedirection(fqdn);
}
export async function forceSSLOffApplication({ domain }) {
export async function forceSSLOffApplication(domain) {
const haproxy = await haproxyInstance();
await checkHAProxy(haproxy);
let transactionId;
@ -104,7 +105,7 @@ export async function forceSSLOffApplication({ domain }) {
if (transactionId) await completeTransaction(transactionId);
}
}
export async function forceSSLOnApplication({ domain }) {
export async function forceSSLOnApplication(domain) {
const haproxy = await haproxyInstance();
await checkHAProxy(haproxy);
let transactionId;
@ -283,7 +284,7 @@ export async function configureCoolifyProxyOff(fqdn) {
})
.json();
await completeTransaction(transactionId);
if (isHttps) await forceSSLOffApplication({ domain });
if (isHttps) await forceSSLOffApplication(domain);
await removeWwwRedirection(fqdn);
} catch (error) {
throw error?.response?.body || error;
@ -558,7 +559,8 @@ export async function configureSimpleServiceProxyOn({ id, domain, port }) {
await completeTransaction(transactionId);
}
export async function configureSimpleServiceProxyOff({ domain }) {
export async function configureSimpleServiceProxyOff(fqdn) {
const domain = getDomain(fqdn);
const haproxy = await haproxyInstance();
await checkHAProxy(haproxy);
try {
@ -573,12 +575,16 @@ export async function configureSimpleServiceProxyOff({ domain }) {
.json();
await completeTransaction(transactionId);
} catch (error) {}
await forceSSLOffApplication({ domain });
await removeWwwRedirection(domain);
await forceSSLOffApplication(domain);
await removeWwwRedirection(fqdn);
return;
}
export async function removeWwwRedirection(domain) {
export async function removeWwwRedirection(fqdn) {
const domain = getDomain(fqdn);
const isHttps = fqdn.startsWith('https://');
const redirectValue = `${isHttps ? 'https://' : 'http://'}${domain}%[capture.req.uri]`;
const haproxy = await haproxyInstance();
await checkHAProxy();
const rules: any = await haproxy
@ -590,9 +596,7 @@ export async function removeWwwRedirection(domain) {
})
.json();
if (rules.data.length > 0) {
const rule = rules.data.find((rule) =>
rule.redir_value.includes(`${domain}%[capture.req.uri]`)
);
const rule = rules.data.find((rule) => rule.redir_value.includes(redirectValue));
if (rule) {
const transactionId = await getNextTransactionId();
await haproxy
@ -617,6 +621,7 @@ export async function setWwwRedirection(fqdn) {
const domain = getDomain(fqdn);
const isHttps = fqdn.startsWith('https://');
const isWWW = fqdn.includes('www.');
const redirectValue = `${isHttps ? 'https://' : 'http://'}${domain}%[capture.req.uri]`;
const contTest = `{ req.hdr(host) -i ${isWWW ? domain.replace('www.', '') : `www.${domain}`} }`;
const rules: any = await haproxy
.get(`v2/services/haproxy/configuration/http_request_rules`, {
@ -628,13 +633,11 @@ export async function setWwwRedirection(fqdn) {
.json();
let nextRule = 0;
if (rules.data.length > 0) {
const rule = rules.data.find((rule) =>
rule.redir_value.includes(`${domain}%[capture.req.uri]`)
);
const rule = rules.data.find((rule) => rule.redir_value.includes(redirectValue));
if (rule) return;
nextRule = rules.data[rules.data.length - 1].index + 1;
}
const redirectValue = `${isHttps ? 'https://' : 'http://'}${domain}%[capture.req.uri]`;
transactionId = await getNextTransactionId();
await haproxy
.post(`v2/services/haproxy/configuration/http_request_rules`, {

View File

@ -46,35 +46,33 @@ export async function letsEncrypt({ domain, isCoolify = false, id = null }) {
}
}
}
await forceSSLOffApplication({ domain });
await forceSSLOffApplication(domain);
if (dualCerts) {
const error = await asyncExecShell(
await asyncExecShell(
`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${nakedDomain} -d ${wwwDomain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
dev ? '--test-cert' : ''
}`
);
if (error.stderr) throw error;
const sslCopyError = await asyncExecShell(
await asyncExecShell(
`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "test -d /etc/letsencrypt/live/${nakedDomain}/ && cat /etc/letsencrypt/live/${nakedDomain}/fullchain.pem /etc/letsencrypt/live/${nakedDomain}/privkey.pem > /app/ssl/${nakedDomain}.pem || cat /etc/letsencrypt/live/${wwwDomain}/fullchain.pem /etc/letsencrypt/live/${wwwDomain}/privkey.pem > /app/ssl/${wwwDomain}.pem"`
);
if (sslCopyError.stderr) throw sslCopyError;
} else {
const sslGenerateError = await asyncExecShell(
await asyncExecShell(
`DOCKER_HOST=${host} docker run --rm --name certbot-${randomCuid} -p ${randomPort}:${randomPort} -v "coolify-letsencrypt:/etc/letsencrypt" certbot/certbot --logs-dir /etc/letsencrypt/logs certonly --standalone --preferred-challenges http --http-01-address 0.0.0.0 --http-01-port ${randomPort} -d ${domain} --expand --agree-tos --non-interactive --register-unsafely-without-email ${
dev ? '--test-cert' : ''
}`
);
if (sslGenerateError.stderr) throw sslGenerateError;
const sslCopyError = await asyncExecShell(
await asyncExecShell(
`DOCKER_HOST=${host} docker run --rm -v "coolify-letsencrypt:/etc/letsencrypt" -v "coolify-ssl-certs:/app/ssl" alpine:latest sh -c "cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > /app/ssl/${domain}.pem"`
);
if (sslCopyError.stderr) throw sslCopyError;
}
} catch (error) {
if (error.code !== 0) {
throw error;
}
} finally {
if (!isCoolify) {
await forceSSLOnApplication({ domain });
await forceSSLOnApplication(domain);
}
}
}

View File

@ -48,7 +48,7 @@ export default async function () {
port
});
const isHttps = fqdn.startsWith('https://');
if (isHttps) await forceSSLOnApplication({ domain });
if (isHttps) await forceSSLOnApplication(domain);
await setWwwRedirection(fqdn);
}
}
@ -98,7 +98,7 @@ export default async function () {
await configureCoolifyProxyOn(fqdn);
await setWwwRedirection(fqdn);
const isHttps = fqdn.startsWith('https://');
if (isHttps) await forceSSLOnApplication({ domain });
if (isHttps) await forceSSLOnApplication(domain);
}
} catch (error) {
console.log(error);

View File

@ -3,13 +3,13 @@
import { publicPaths } from '$lib/settings';
export const load: Load = async ({ fetch, url, params, session }) => {
if (!session.uid && !publicPaths.includes(url.pathname)) {
if (!session.userId && !publicPaths.includes(url.pathname)) {
return {
status: 302,
redirect: '/login'
};
}
if (!session.uid) {
if (!session.userId) {
return {};
}
const endpoint = `/teams.json`;
@ -49,7 +49,7 @@
};
let latestVersion = 'latest';
onMount(async () => {
if ($session.uid) {
if ($session.userId) {
const overrideVersion = browser && window.localStorage.getItem('latestVersion');
try {
await get(`/login.json`);
@ -84,7 +84,7 @@
}
async function switchTeam() {
try {
await post(`/index.json?from=${$page.url.pathname}`, {
await post(`/dashboard.json?from=${$page.url.pathname}`, {
cookie: 'teamId',
value: selectedTeamId
});
@ -129,7 +129,7 @@
<title>Coolify</title>
</svelte:head>
<SvelteToast options={{ intro: { y: -64 }, duration: 3000, pausable: true }} />
{#if $session.uid}
{#if $session.userId}
<nav class="nav-main">
<div class="flex h-screen w-full flex-col items-center transition-all duration-100">
<div class="my-4 h-10 w-10"><img src="/favicon.png" alt="coolLabs logo" /></div>

View File

@ -8,7 +8,6 @@
import cuid from 'cuid';
import { goto } from '$app/navigation';
import { del, get, post, put } from '$lib/api';
const { id } = $page.params;
const from = $page.url.searchParams.get('from');

View File

@ -276,11 +276,13 @@
</div>
<div class="grid grid-cols-2 items-center pb-8">
<Setting
dataTooltip="Must be stopped to modify."
disabled={isRunning}
isCenter={false}
bind:setting={dualCerts}
title="Generate SSL for www and non-www?"
description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-green-500'>both DNS entries</span> set in advance.<br><br>Useful if you expect to have visitors on both.<br>Application must be redeployed."
on:click={() => changeSettings('dualCerts')}
description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-green-500'>both DNS entries</span> set in advance.<br><br>Useful if you expect to have visitors on both."
on:click={() => !isRunning && changeSettings('dualCerts')}
/>
</div>
{#if !staticDeployments.includes(application.buildPack)}

View File

@ -16,12 +16,11 @@ export const post: RequestHandler = async (event) => {
id,
teamId
});
const domain = getDomain(fqdn);
if (destinationDockerId) {
const docker = dockerInstance({ destinationDocker });
await docker.engine.getContainer(id).stop();
}
await removeProxyConfiguration({ domain });
await removeProxyConfiguration(fqdn);
return {
status: 200
};

View File

@ -20,7 +20,7 @@
</script>
<script lang="ts">
export let applications: Array<Applications>;
export let applications: Array<Application>;
import { session } from '$app/stores';
import Application from './_Application.svelte';
</script>

View File

@ -24,7 +24,7 @@ export const post: RequestHandler = async (event) => {
await configureCoolifyProxyOn(fqdn);
await setWwwRedirection(fqdn);
const isHttps = fqdn.startsWith('https://');
if (isHttps) await forceSSLOnApplication({ domain });
if (isHttps) await forceSSLOnApplication(domain);
return {
status: 200
};

View File

@ -1,7 +1,7 @@
<script context="module" lang="ts">
import type { Load } from '@sveltejs/kit';
export const load: Load = async ({ fetch, session }) => {
const url = `/index.json`;
const url = `/dashboard.json`;
const res = await fetch(url);
if (res.ok) {

View File

@ -9,7 +9,7 @@
let emailEl;
let email, password;
if (browser && $session.uid) {
if (browser && $session.userId) {
goto('/');
}
onMount(() => {
@ -34,7 +34,7 @@
</script>
<div class="flex h-screen flex-col items-center justify-center">
{#if $session.uid}
{#if $session.userId}
<div class="flex justify-center px-4 text-xl font-bold">Already logged in...</div>
{:else}
<div class="flex justify-center px-4">

View File

@ -129,10 +129,12 @@
</div>
<div class="grid grid-cols-2 items-center px-10">
<Setting
disabled={isRunning}
dataTooltip="Must be stopped to modify."
bind:setting={dualCerts}
title="Generate SSL for www and non-www?"
description="It will generate certificates for both www and non-www. <br>You need to have <span class='font-bold text-pink-600'>both DNS entries</span> set in advance.<br><br>Service needs to be restarted."
on:click={() => changeSettings('dualCerts')}
on:click={() => !isRunning && changeSettings('dualCerts')}
/>
</div>
{#if service.type === 'plausibleanalytics'}

View File

@ -35,7 +35,7 @@ export const post: RequestHandler = async (event) => {
}
try {
await stopTcpHttpProxy(destinationDocker, publicPort);
await configureSimpleServiceProxyOff({ domain });
await configureSimpleServiceProxyOff(fqdn);
} catch (error) {
console.log(error);
}

View File

@ -28,7 +28,7 @@ export const post: RequestHandler = async (event) => {
console.error(error);
}
try {
await configureSimpleServiceProxyOff({ domain });
await configureSimpleServiceProxyOff(fqdn);
} catch (error) {
console.log(error);
}

View File

@ -38,7 +38,7 @@ export const post: RequestHandler = async (event) => {
}
try {
await configureSimpleServiceProxyOff({ domain });
await configureSimpleServiceProxyOff(fqdn);
} catch (error) {
console.log(error);
}

View File

@ -28,7 +28,7 @@ export const post: RequestHandler = async (event) => {
console.error(error);
}
try {
await configureSimpleServiceProxyOff({ domain });
await configureSimpleServiceProxyOff(fqdn);
} catch (error) {
console.log(error);
}

View File

@ -28,7 +28,7 @@ export const post: RequestHandler = async (event) => {
console.error(error);
}
try {
await configureSimpleServiceProxyOff({ domain });
await configureSimpleServiceProxyOff(fqdn);
} catch (error) {
console.log(error);
}

View File

@ -31,7 +31,7 @@ export const post: RequestHandler = async (event) => {
console.error(error);
}
try {
await configureSimpleServiceProxyOff({ domain });
await configureSimpleServiceProxyOff(fqdn);
} catch (error) {
console.log(error);
}

View File

@ -101,7 +101,7 @@ export const post: RequestHandler = async (event) => {
await setWwwRedirection(fqdn);
if (isHttps) {
await letsEncrypt({ domain, isCoolify: true });
await forceSSLOnApplication({ domain });
await forceSSLOnApplication(domain);
await reloadHaproxy('/var/run/docker.sock');
}
}

View File

@ -131,6 +131,7 @@
</div>
<div class="grid grid-cols-2 items-center">
<Setting
dataTooltip="Must remove the domain before you can change this setting."
disabled={isFqdnSet}
bind:setting={dualCerts}
title="Generate SSL for www and non-www?"

View File

@ -22,21 +22,20 @@
<script lang="ts">
export let permissions;
export let team;
export let invitations;
export let invitations: any[];
import { page, session } from '$app/stores';
import Explainer from '$lib/components/Explainer.svelte';
import { errorNotification } from '$lib/form';
import { post } from '$lib/api';
const { id } = $page.params;
let invitation = {
teamName: team.name,
email: null,
permission: 'read'
};
let myPermission = permissions.find((u) => u.user.id === $session.uid).permission;
function isAdmin(permission = myPermission) {
if (myPermission === 'admin' || myPermission === 'owner') {
// let myPermission = permissions.find((u) => u.user.id === $session.userId).permission;
function isAdmin(permission: string) {
if (permission === 'admin' || permission === 'owner') {
return true;
}
@ -56,7 +55,7 @@
return errorNotification(error);
}
}
async function revokeInvitation(id) {
async function revokeInvitation(id: string) {
try {
await post(`/teams/${id}/invitation/revoke.json`, { id });
return window.location.reload();
@ -64,7 +63,7 @@
return errorNotification(error);
}
}
async function removeFromTeam(uid) {
async function removeFromTeam(uid: string) {
try {
await post(`/teams/${id}/remove/user.json`, { teamId: team.id, uid });
return window.location.reload();
@ -72,7 +71,7 @@
return errorNotification(error);
}
}
async function changePermission(userId, permissionId, currentPermission) {
async function changePermission(userId: string, permissionId: string, currentPermission: string) {
let newPermission = 'read';
if (currentPermission === 'read') {
newPermission = 'admin';
@ -136,10 +135,11 @@
<tr class="text-xs">
<td class="py-4"
>{permission.user.email}
<span class="font-bold">{permission.user.id === $session.uid ? '(You)' : ''}</span></td
<span class="font-bold">{permission.user.id === $session.userId ? '(You)' : ''}</span
></td
>
<td class="py-4">{permission.permission}</td>
{#if $session.isAdmin && permission.user.id !== $session.uid && permission.permission !== 'owner'}
{#if $session.isAdmin && permission.user.id !== $session.userId && permission.permission !== 'owner'}
<td class="flex flex-col items-center justify-center space-y-2 py-4 text-center">
<button
class="w-52 bg-red-600 hover:bg-red-500"

View File

@ -144,10 +144,17 @@ export const post: RequestHandler = async (event) => {
} else if (pullmergeRequestAction === 'closed') {
if (applicationFound.destinationDockerId) {
const domain = getDomain(applicationFound.fqdn);
const isHttps = applicationFound.fqdn.startsWith('https://');
const isWWW = applicationFound.fqdn.includes('www.');
const fqdn = `${isHttps ? 'https://' : 'http://'}${
isWWW ? 'www.' : ''
}${pullmergeRequestId}.${domain}`;
const id = `${applicationFound.id}-${pullmergeRequestId}`;
const engine = applicationFound.destinationDocker.engine;
await removeDestinationDocker({ id, engine });
await removeProxyConfiguration({ domain: `${pullmergeRequestId}.${domain}` });
await removeProxyConfiguration(fqdn);
}
return {
status: 200,

View File

@ -141,10 +141,17 @@ export const post: RequestHandler = async (event) => {
} else if (action === 'close') {
if (applicationFound.destinationDockerId) {
const domain = getDomain(applicationFound.fqdn);
const isHttps = applicationFound.fqdn.startsWith('https://');
const isWWW = applicationFound.fqdn.includes('www.');
const fqdn = `${isHttps ? 'https://' : 'http://'}${
isWWW ? 'www.' : ''
}${pullmergeRequestId}.${domain}`;
const id = `${applicationFound.id}-${pullmergeRequestId}`;
const engine = applicationFound.destinationDocker.engine;
await removeProxyConfiguration({ domain: `${pullmergeRequestId}.${domain}` });
await removeDestinationDocker({ id, engine });
await removeProxyConfiguration(fqdn);
}
return {