serve.zone/cloudly
3
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: serve.zone/cloudly:v4.5.5
Branches Tags
serve.zone/cloudly:main
serve.zone/cloudly:v6.4.3 serve.zone/cloudly:v6.4.2 serve.zone/cloudly:v6.4.1 serve.zone/cloudly:v6.4.0 serve.zone/cloudly:v6.3.1 serve.zone/cloudly:v6.3.0 serve.zone/cloudly:v6.2.0 serve.zone/cloudly:v6.1.0 serve.zone/cloudly:v6.0.0 serve.zone/cloudly:v5.9.0 serve.zone/cloudly:v5.8.2 serve.zone/cloudly:v5.8.1 serve.zone/cloudly:v5.8.0 serve.zone/cloudly:v5.7.1 serve.zone/cloudly:v5.7.0 serve.zone/cloudly:v5.6.0 serve.zone/cloudly:v5.3.0 serve.zone/cloudly:v5.2.0 serve.zone/cloudly:v5.1.0 serve.zone/cloudly:v5.0.6 serve.zone/cloudly:v5.0.5 serve.zone/cloudly:v5.0.4 serve.zone/cloudly:v5.0.3 serve.zone/cloudly:v5.0.2 serve.zone/cloudly:v5.0.1 serve.zone/cloudly:v5.0.0 serve.zone/cloudly:v4.13.0 serve.zone/cloudly:v4.12.2 serve.zone/cloudly:v4.12.1 serve.zone/cloudly:v4.12.0 serve.zone/cloudly:v4.11.0 serve.zone/cloudly:v4.10.0 serve.zone/cloudly:v4.9.0 serve.zone/cloudly:v4.8.1 serve.zone/cloudly:v4.8.0 serve.zone/cloudly:v4.7.1 serve.zone/cloudly:v4.7.0 serve.zone/cloudly:v4.6.0 serve.zone/cloudly:v4.5.5 serve.zone/cloudly:v4.5.4 serve.zone/cloudly:v4.5.3 serve.zone/cloudly:v4.5.2 serve.zone/cloudly:v4.5.1 serve.zone/cloudly:v4.5.0 serve.zone/cloudly:v4.4.0 serve.zone/cloudly:v4.3.21 serve.zone/cloudly:v4.3.20 serve.zone/cloudly:v4.3.19 serve.zone/cloudly:v4.3.18 serve.zone/cloudly:v4.3.17 serve.zone/cloudly:v4.3.16 serve.zone/cloudly:v4.3.15 serve.zone/cloudly:v4.3.14 serve.zone/cloudly:v4.3.13 serve.zone/cloudly:v4.3.12 serve.zone/cloudly:v4.3.11 serve.zone/cloudly:v4.3.10 serve.zone/cloudly:v4.3.9 serve.zone/cloudly:v4.3.8 serve.zone/cloudly:v4.3.7 serve.zone/cloudly:v4.3.6 serve.zone/cloudly:v4.3.5 serve.zone/cloudly:v4.3.4 serve.zone/cloudly:v4.3.3 serve.zone/cloudly:v4.3.2 serve.zone/cloudly:v4.3.1 serve.zone/cloudly:v4.3.0 serve.zone/cloudly:v4.2.1 serve.zone/cloudly:v4.2.0 serve.zone/cloudly:v4.1.3 serve.zone/cloudly:v4.1.2 serve.zone/cloudly:v4.1.1 serve.zone/cloudly:v4.1.0 serve.zone/cloudly:v4.0.1 serve.zone/cloudly:v4.0.0 serve.zone/cloudly:v1.2.5 serve.zone/cloudly:v1.2.4 serve.zone/cloudly:v1.2.3 serve.zone/cloudly:v1.2.2 serve.zone/cloudly:v1.2.1 serve.zone/cloudly:v1.2.0 serve.zone/cloudly:v1.1.9 serve.zone/cloudly:v1.1.8 serve.zone/cloudly:v1.1.7 serve.zone/cloudly:v1.1.6 serve.zone/cloudly:v1.1.5 serve.zone/cloudly:v1.1.4 serve.zone/cloudly:v1.1.3 serve.zone/cloudly:v1.1.2 serve.zone/cloudly:v1.1.1 serve.zone/cloudly:v1.1.0 serve.zone/cloudly:v1.0.216 serve.zone/cloudly:v1.0.215 serve.zone/cloudly:v1.0.214
..
compare: serve.zone/cloudly:v5.6.0
Branches Tags
serve.zone/cloudly:main
serve.zone/cloudly:v6.4.3 serve.zone/cloudly:v6.4.2 serve.zone/cloudly:v6.4.1 serve.zone/cloudly:v6.4.0 serve.zone/cloudly:v6.3.1 serve.zone/cloudly:v6.3.0 serve.zone/cloudly:v6.2.0 serve.zone/cloudly:v6.1.0 serve.zone/cloudly:v6.0.0 serve.zone/cloudly:v5.9.0 serve.zone/cloudly:v5.8.2 serve.zone/cloudly:v5.8.1 serve.zone/cloudly:v5.8.0 serve.zone/cloudly:v5.7.1 serve.zone/cloudly:v5.7.0 serve.zone/cloudly:v5.6.0 serve.zone/cloudly:v5.3.0 serve.zone/cloudly:v5.2.0 serve.zone/cloudly:v5.1.0 serve.zone/cloudly:v5.0.6 serve.zone/cloudly:v5.0.5 serve.zone/cloudly:v5.0.4 serve.zone/cloudly:v5.0.3 serve.zone/cloudly:v5.0.2 serve.zone/cloudly:v5.0.1 serve.zone/cloudly:v5.0.0 serve.zone/cloudly:v4.13.0 serve.zone/cloudly:v4.12.2 serve.zone/cloudly:v4.12.1 serve.zone/cloudly:v4.12.0 serve.zone/cloudly:v4.11.0 serve.zone/cloudly:v4.10.0 serve.zone/cloudly:v4.9.0 serve.zone/cloudly:v4.8.1 serve.zone/cloudly:v4.8.0 serve.zone/cloudly:v4.7.1 serve.zone/cloudly:v4.7.0 serve.zone/cloudly:v4.6.0 serve.zone/cloudly:v4.5.5 serve.zone/cloudly:v4.5.4 serve.zone/cloudly:v4.5.3 serve.zone/cloudly:v4.5.2 serve.zone/cloudly:v4.5.1 serve.zone/cloudly:v4.5.0 serve.zone/cloudly:v4.4.0 serve.zone/cloudly:v4.3.21 serve.zone/cloudly:v4.3.20 serve.zone/cloudly:v4.3.19 serve.zone/cloudly:v4.3.18 serve.zone/cloudly:v4.3.17 serve.zone/cloudly:v4.3.16 serve.zone/cloudly:v4.3.15 serve.zone/cloudly:v4.3.14 serve.zone/cloudly:v4.3.13 serve.zone/cloudly:v4.3.12 serve.zone/cloudly:v4.3.11 serve.zone/cloudly:v4.3.10 serve.zone/cloudly:v4.3.9 serve.zone/cloudly:v4.3.8 serve.zone/cloudly:v4.3.7 serve.zone/cloudly:v4.3.6 serve.zone/cloudly:v4.3.5 serve.zone/cloudly:v4.3.4 serve.zone/cloudly:v4.3.3 serve.zone/cloudly:v4.3.2 serve.zone/cloudly:v4.3.1 serve.zone/cloudly:v4.3.0 serve.zone/cloudly:v4.2.1 serve.zone/cloudly:v4.2.0 serve.zone/cloudly:v4.1.3 serve.zone/cloudly:v4.1.2 serve.zone/cloudly:v4.1.1 serve.zone/cloudly:v4.1.0 serve.zone/cloudly:v4.0.1 serve.zone/cloudly:v4.0.0 serve.zone/cloudly:v1.2.5 serve.zone/cloudly:v1.2.4 serve.zone/cloudly:v1.2.3 serve.zone/cloudly:v1.2.2 serve.zone/cloudly:v1.2.1 serve.zone/cloudly:v1.2.0 serve.zone/cloudly:v1.1.9 serve.zone/cloudly:v1.1.8 serve.zone/cloudly:v1.1.7 serve.zone/cloudly:v1.1.6 serve.zone/cloudly:v1.1.5 serve.zone/cloudly:v1.1.4 serve.zone/cloudly:v1.1.3 serve.zone/cloudly:v1.1.2 serve.zone/cloudly:v1.1.1 serve.zone/cloudly:v1.1.0 serve.zone/cloudly:v1.0.216 serve.zone/cloudly:v1.0.215 serve.zone/cloudly:v1.0.214

99 Commits
v4.5.5 .. v5.6.0

Author SHA1 Message Date
jkunz 50bcbe0f45 v5.6.0
Docker (tags) / release (push) Failing after 0s
Details
2026-05-21 11:35:49 +00:00
jkunz bb86f8882c docs(changelog): add dashboard navigation entry 2026-05-21 11:34:58 +00:00
jkunz 1874d791b2 feat(web): group dashboard navigation 2026-05-21 11:18:06 +00:00
jkunz f40ef6b7c0 chore: update cloudly dependency stack 
Align Cloudly with the current typedserver, smartconfig, smartstate, and Docker tooling releases so builds and Docker output stay compatible with the upgraded stack.
 2026-05-08 13:56:20 +00:00
jkunz 80226c8a1c fix: correct cloudly package exports 2026-05-07 20:49:33 +00:00
jkunz 5ba2bb2168 chore: use baseos interfaces release 2026-05-07 20:47:31 +00:00
jkunz 60c51fbf5d feat: add baseos source presets 2026-05-07 20:33:14 +00:00
jkunz 0fcf35c019 docs: refresh readme and legal info 2026-05-07 20:22:12 +00:00
jkunz d9dcc5b048 feat: add corebuild worker selection 2026-05-07 19:49:56 +00:00
jkunz c55eb5b832 feat: harden baseos image builds 2026-05-07 19:04:12 +00:00
jkunz 1792ea89e1 feat: add backup replication targets 2026-05-07 17:44:31 +00:00
jkunz b0f0963143 feat: add baseos image builds 2026-05-07 17:44:31 +00:00
jkunz be7735a9c3 feat: add baseos node enrollment 2026-05-07 15:53:16 +00:00
jkunz 3624c78f9d feat: orchestrate service backups 2026-05-02 21:59:42 +00:00
jkunz d1ce149487 feat: expose external gateway settings 2026-04-29 15:57:02 +00:00
jkunz 4eba247472 feat: discover external gateway domains 2026-04-29 15:34:48 +00:00
jkunz 452aaa3862 feat: pass external gateway config to coreflow 2026-04-29 15:29:17 +00:00
jkunz 7d380d04fc fix: use relative runtime imports 2026-04-29 08:25:58 +00:00
jkunz aab6e9044d fix: modernize docker publishing 2026-04-29 08:13:29 +00:00
jkunz 195236b693 fix: trim registry repository slugs 2026-04-29 01:39:40 +00:00
jkunz 1925f66efc fix: generate docker-compatible registry repositories 2026-04-28 19:46:44 +00:00
jkunz 865c8f2546 fix: allow coreflow deployment input reads 2026-04-28 16:57:54 +00:00
jkunz 1bed907f53 feat: push config updates to coreflow 2026-04-28 16:02:05 +00:00
jkunz ee6d4c3d04 feat: wire service registry targets 2026-04-28 15:50:59 +00:00
jkunz 94f1199858 feat: add built-in OCI registry 2026-04-28 15:23:51 +00:00
jkunz 333cbeb221 fix: make startup bootstrap production-safe 2026-04-28 15:07:08 +00:00
jkunz 13a7d5969d fix: send registry update payload 2026-04-28 14:35:19 +00:00
jkunz 675a95f857 chore: clean local tooling metadata 2026-04-28 14:35:19 +00:00
jkunz 3080075811 feat: add platform desired state manager 2026-04-28 12:18:12 +00:00
jkunz 84d3e8f52f fix(test): use dynamic Cloudly test port 2026-04-28 08:54:29 +00:00
jkunz 500cec008a refactor(cloudly): consume external api package 2026-04-25 15:03:12 +00:00
jkunz 37512cfaa6 refactor(cloudly): consume external interfaces package 2026-04-25 13:57:59 +00:00
jkunz 94e0c38191 feat(domain): improve domain update logic and ensure default activation state 2025-09-14 17:44:59 +00:00
jkunz 6cc3700d29 feat(domains): enhance domain management with activation states and sync options 2025-09-14 17:38:16 +00:00
jkunz bb313fd9dc feat: Add settings view for cloud provider configurations 
- Implemented CloudlyViewSettings component for managing cloud provider settings including Hetzner, Cloudflare, AWS, DigitalOcean, Azure, and Google Cloud.
- Added functionality to load, save, and test connections for each provider.
- Enhanced UI with loading states and success/error notifications.

feat: Create tasks view with execution history

- Developed CloudlyViewTasks component to display and manage tasks and their executions.
- Integrated auto-refresh functionality for task executions.
- Added filtering and searching capabilities for tasks.

feat: Implement execution details and task panel components

- Created CloudlyExecutionDetails component to show detailed information about task executions including logs and metrics.
- Developed CloudlyTaskPanel component to display individual tasks with execution status and actions to run or cancel tasks.

feat: Utility functions for formatting and categorization

- Added utility functions for formatting dates, durations, and cron expressions.
- Implemented functions to retrieve category icons and hues for task categorization.
 2025-09-14 17:28:21 +00:00
jkunz 5ef8621db7 feat(task-execution): implement task cancellation handling and improve UI feedback for canceling tasks 2025-09-12 23:53:10 +00:00
jkunz 6cd348ca28 feat(cloudly-view-tasks): add search and category filters, implement auto-refresh for task executions 2025-09-12 23:38:18 +00:00
jkunz 3183f9e909 chore(deps): update dependencies for @push.rocks/smartjson, @push.rocks/smartstate, @push.rocks/smartstring, and @git.zone/tstest 2025-09-12 22:20:30 +00:00
jkunz ff7004412b feat(appstate): Remove helper function for stripping class instances from data fetching 2025-09-12 10:58:16 +00:00
jkunz f07bcc4660 feat(appstate): Refactor data fetching to use helper for stripping class instances 2025-09-12 07:56:06 +00:00
jkunz d773e13aab feat(api-client): Add update and delete methods for external registries and secret bundles/groups 2025-09-10 20:33:32 +00:00
jkunz dc0d128892 feat(api-client): Add advanced cluster creation method and refactor login actions to use API client 2025-09-10 20:23:12 +00:00
jkunz 124c4ca46f feat: Enhance API client integration across web and CLI 
- Added typedRequestInterfaces import to plugins.ts for better type handling.
- Updated CLI client to utilize environment variables for Cloudly API credentials and improved authentication flow.
- Refactored appstate.ts to use a shared API client instance, reducing redundancy in API calls for various actions.
- Simplified external registry actions in appstate.ts by leveraging the shared API client.
- Updated CloudlyDashboard and CloudlyViewSettings components to utilize the shared API client for fetching settings and managing connections.
- Removed redundant TypedRequest instances in favor of direct API client calls for improved performance and maintainability.
- Exposed the API client in plugins.ts for easier access in UI components.
 2025-09-10 19:06:16 +00:00
jkunz 5d281d9b6c feat(tasks): Enhance task management with identity handling and initial data loading 2025-09-10 17:04:18 +00:00
jkunz 5b37bb5b11 feat: Implement Cloudly Task Manager with predefined tasks and execution tracking 
- Added CloudlyTaskManager class for managing tasks, including registration, execution, scheduling, and cancellation.
- Created predefined tasks: DNS Sync, Certificate Renewal, Cleanup, Health Check, Resource Report, Database Maintenance, Security Scan, and Docker Cleanup.
- Introduced ITaskExecution interface for tracking task execution details and outcomes.
- Developed API request interfaces for task management operations (getTasks, getTaskExecutions, triggerTask, cancelTask).
- Implemented CloudlyViewTasks web component for displaying tasks and their execution history, including filtering and detailed views.
 2025-09-10 16:37:03 +00:00
jkunz fd1da01a3f feat(dns): Enhance DNS management with auto-generated entries and service activation 2025-09-10 15:38:42 +00:00
jkunz 6a447369f8 feat(external-registry): Enhance authentication handling and update UI for external registries 2025-09-10 08:50:32 +00:00
jkunz 01d877f7ed feat(external-registry): Implement CRUD operations and connection verification for external registries 2025-09-10 08:24:55 +00:00
jkunz 73505d1ed8 feat(dns): Add domain validation and dropdown for DNS entry creation and updates 2025-09-09 15:13:44 +00:00
jkunz 766191899c feat(dns): Implement DNS management functionality 
- Added DnsManager and DnsEntry classes to handle DNS entries.
- Introduced new interfaces for DNS entry requests and data structures.
- Updated Cloudly class to include DnsManager instance.
- Enhanced app state to manage DNS entries and actions for creating, updating, and deleting DNS records.
- Created UI components for DNS management, including forms for adding and editing DNS entries.
- Updated overview and services views to reflect DNS entries.
- Added validation and formatting methods for DNS entries.
 2025-09-09 15:08:28 +00:00
jkunz 38e8b4086d feat(requests): Add deploymentRequests to index for improved request handling 2025-09-08 13:03:33 +00:00
jkunz ce047d1bb0 feat(deployment): Implement Deployment and DeploymentManager classes with CRUD operations and service integration 2025-09-08 12:46:23 +00:00
jkunz 4e38d2ff43 5.3.0
Docker (tags) / security (push) Successful in 52s
Details
Docker (tags) / test (push) Failing after 2m4s
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2025-09-08 06:46:14 +00:00
jkunz e19639c9be feat(web): Add deployments API typings and web UI improvements: services & deployments management with CRUD and actions 2025-09-08 06:46:14 +00:00
jkunz c142519004 5.2.0
Docker (tags) / security (push) Successful in 56s
Details
Docker (tags) / test (push) Failing after 1m55s
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2025-09-07 17:21:30 +00:00
jkunz 54ef62e7af feat(settings): Add runtime settings management, node & baremetal managers, and settings UI 2025-09-07 17:21:30 +00:00
jkunz 83abe37d8c 5.1.0
Docker (tags) / security (push) Successful in 53s
Details
Docker (tags) / test (push) Failing after 1m59s
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2025-09-05 16:07:46 +00:00
jkunz eefaa55e13 feat(cluster): Add cluster setupMode (manual|hetzner|aws|digitalocean) with conditional Hetzner auto-provisioning; UI and dashboard improvements; dependency upgrades 2025-09-05 16:07:46 +00:00
jkunz 330797ab1a 5.0.6
Docker (tags) / security (push) Successful in 41s
Details
Docker (tags) / test (push) Failing after 1m57s
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2025-08-18 21:24:47 +00:00
jkunz 4b3b91312b fix(connector.letsencrypt): Improve Lets Encrypt integration and certificate handling; fix coreflow certificate response; add local assistant permissions config 2025-08-18 21:24:46 +00:00
jkunz 1580bb1585 5.0.5
Docker (tags) / security (push) Successful in 1m13s
Details
Docker (tags) / test (push) Failing after 7m12s
Details
Docker (tags) / release (push) Has been skipped
Details
Docker (tags) / metadata (push) Has been skipped
Details
2025-08-18 21:11:28 +00:00
jkunz af7fcf6c2e fix(coreflow): Fix Coreflow identity lookup and response shape; improve API client tests and bump dependencies 2025-08-18 21:11:28 +00:00
jkunz 23c9e3f678 Enhance README for @serve.zone/interfaces: improve structure, add features, and clarify installation instructions 2025-08-18 03:16:28 +00:00
jkunz 7d4e766e9e Enhance documentation for @serve.zone/api and @serve.zone/cli 
- Updated the README for @serve.zone/api to improve clarity and organization, adding sections for features, quick start, authentication, core operations, and advanced usage.
- Improved the installation instructions and added examples for various operations including image management, cluster operations, and real-time updates.
- Enhanced the @serve.zone/cli README with a focus on features, installation, quick start, core commands, and advanced usage.
- Added detailed command examples for cluster management, service deployment, secret management, and DNS management.
- Included sections for CI/CD integration and troubleshooting in both README files.
- Improved formatting and added emojis for better readability and engagement.
 2025-08-18 03:14:49 +00:00
jkunz 907f3e8320 Enhance Cloudly Configuration and Testing Setup 
- Updated README to include architecture overview and details on components.
- Changed import paths in test helpers and test files to use the new Git zone packages.
- Modified S3 bucket name in test setup for consistency.
- Updated CloudlyConfig class to use more descriptive environment variable names for MongoDB and S3 configuration.
- Adjusted ImageManager to retrieve the S3 bucket name from the configuration instead of hardcoding it.
 2025-08-18 03:07:12 +00:00
philkunz bc7a2ca5f1 5.0.4
Docker (tags) / security (push) Successful in 48s
Details
Docker (tags) / test (push) Successful in 1m56s
Details
Docker (tags) / metadata (push) Successful in 3s
Details
Docker (tags) / release (push) Failing after 14s
Details
2025-04-25 18:20:18 +00:00
philkunz 77d911e47a fix(platformservice/mta): Update getEmailStatus response schema: make details property optional 2025-04-25 18:20:18 +00:00
philkunz b9c9c2d0a9 5.0.3
Docker (tags) / security (push) Successful in 49s
Details
Docker (tags) / test (push) Successful in 1m55s
Details
Docker (tags) / metadata (push) Successful in 3s
Details
Docker (tags) / release (push) Failing after 14s
Details
2025-04-25 17:02:48 +00:00
philkunz d5b91789d1 fix(mta): update email status response type in MTA platform service 2025-04-25 17:02:48 +00:00
philkunz eb8350f453 5.0.2
Docker (tags) / security (push) Successful in 38s
Details
Docker (tags) / test (push) Successful in 1m56s
Details
Docker (tags) / metadata (push) Successful in 3s
Details
Docker (tags) / release (push) Failing after 13s
Details
2025-04-25 16:34:01 +00:00
philkunz b987ce27b8 fix(platformservice/mta): Refactor email status response in MTA service 2025-04-25 16:34:00 +00:00
philkunz 630e363e53 5.0.1
Docker (tags) / security (push) Successful in 48s
Details
Docker (tags) / test (push) Successful in 1m54s
Details
Docker (tags) / metadata (push) Successful in 3s
Details
Docker (tags) / release (push) Failing after 14s
Details
2025-04-25 16:27:48 +00:00
philkunz a602021952 fix(mta): Update email stats response interface in mta platform service to include totalEmailsSent, totalEmailsDelivered, totalEmailsBounced, averageDeliveryTimeMs, and lastUpdated timestamp. 2025-04-25 16:27:48 +00:00
philkunz 80585437a0 5.0.0
Docker (tags) / security (push) Successful in 47s
Details
Docker (tags) / test (push) Successful in 1m54s
Details
Docker (tags) / metadata (push) Successful in 3s
Details
Docker (tags) / release (push) Failing after 41s
Details
2025-04-25 15:57:35 +00:00
philkunz 4674a20a2c BREAKING CHANGE(ts_interfaces/platformservice/mta): Rename mta interfaces and upgrade dependency versions 2025-04-25 15:57:35 +00:00
philkunz 820cdfcd48 4.13.0
Docker (tags) / security (push) Successful in 52s
Details
Docker (tags) / test (push) Successful in 3m5s
Details
Docker (tags) / metadata (push) Successful in 8s
Details
Docker (tags) / release (push) Failing after 22s
Details
2025-01-20 02:18:58 +01:00
philkunz 6e5dd9b05a feat(service): Add support for service creation, update, and deletion. 2025-01-20 02:18:58 +01:00
philkunz f3d5c21fab 4.12.2
Docker (tags) / security (push) Successful in 1m6s
Details
Docker (tags) / test (push) Successful in 3m5s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 24s
Details
2025-01-20 02:11:12 +01:00
philkunz 04b278ee28 fix(service): Fix secret bundle and service management bugs 2025-01-20 02:11:12 +01:00
philkunz 7084d76c43 4.12.1
Docker (tags) / security (push) Successful in 51s
Details
Docker (tags) / test (push) Successful in 2m53s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 20s
Details
2025-01-02 04:07:43 +01:00
philkunz 41d7550e89 fix(deps): Updated @git.zone/tspublish to version ^1.9.1 2025-01-02 04:07:43 +01:00
philkunz 4bf361d3a6 4.12.0
Docker (tags) / security (push) Successful in 1m1s
Details
Docker (tags) / test (push) Successful in 2m57s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 31s
Details
2025-01-02 03:58:09 +01:00
philkunz d70617a90c feat(cli): Add CLI support and external registries view 2025-01-02 03:58:09 +01:00
philkunz 62ad1655d5 4.11.0
Docker (tags) / security (push) Successful in 1m7s
Details
Docker (tags) / test (push) Successful in 3m0s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 23s
Details
2024-12-30 00:01:27 +01:00
philkunz caf3a095f2 feat(external-registry): Introduce external registry management 2024-12-30 00:01:26 +01:00
philkunz 89e44b2e5f 4.10.0
Docker (tags) / security (push) Successful in 1m3s
Details
Docker (tags) / test (push) Successful in 2m59s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 22s
Details
2024-12-29 13:40:51 +01:00
philkunz a617f51b19 feat(apiclient): Added support for managing external registries in the API client. 2024-12-29 13:40:51 +01:00
philkunz 355e04fd1d 4.9.0
Docker (tags) / security (push) Successful in 1m6s
Details
Docker (tags) / test (push) Successful in 3m2s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 30s
Details
2024-12-29 13:19:46 +01:00
philkunz 89bd767bea feat(apiclient): Add external registry management capabilities to Cloudly API client. 2024-12-29 13:19:46 +01:00
philkunz e567ebbf21 4.8.1
Docker (tags) / security (push) Successful in 53s
Details
Docker (tags) / test (push) Successful in 2m58s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 22s
Details
2024-12-28 21:48:57 +01:00
philkunz 33311348e2 fix(interfaces): Fix image location schema in IImage interface 2024-12-28 21:48:57 +01:00
philkunz d6e914edab 4.8.0
Docker (tags) / security (push) Successful in 1m5s
Details
Docker (tags) / test (push) Successful in 2m58s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 22s
Details
2024-12-28 21:39:44 +01:00
philkunz da7b866f23 feat(manager.registry): Add external registry management 2024-12-28 21:39:44 +01:00
philkunz 7654d780b1 4.7.1
Docker (tags) / security (push) Successful in 1m10s
Details
Docker (tags) / test (push) Successful in 3m1s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 23s
Details
2024-12-28 19:50:30 +01:00
philkunz dbd9b661c6 fix(secretmanagement): Refactor secret bundle actions and improve authorization handling 2024-12-28 19:50:29 +01:00
philkunz e19d0b4deb 4.7.0
Docker (tags) / security (push) Successful in 53s
Details
Docker (tags) / test (push) Successful in 3m3s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 22s
Details
2024-12-22 20:09:23 +01:00
philkunz f0ebb719f7 feat(apiclient): Add method to flatten secret bundles into key-value objects. 2024-12-22 20:09:23 +01:00
philkunz c8e0666bc6 4.6.0
Docker (tags) / security (push) Successful in 54s
Details
Docker (tags) / test (push) Successful in 3m0s
Details
Docker (tags) / metadata (push) Successful in 7s
Details
Docker (tags) / release (push) Failing after 23s
Details
2024-12-22 20:03:11 +01:00
philkunz 0d0b106f90 feat(cloudlyapiclient): Extend CloudlyApiClient with cluster, secretbundle, and secretgroup methods 2024-12-22 20:03:11 +01:00
180 changed files with 17856 additions and 13856 deletions
Expand all files Collapse all files
.dockerignore
+4
View File
@@ -1 +1,5 @@
node_modules/
.nogit/
.git/
.pnpm-store/
.vagrant/
.gitea/workflows/docker_nottags.yaml
+12 -48
View File
@@ -1,4 +1,4 @@
name: Docker (tags)
name: Docker (non-tag pushes)
on:
push:
@@ -6,44 +6,12 @@ on:
- '**'
env:
IMAGE: code.foss.global/hosttoday/ht-docker-node:npmci
NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@/${{gitea.repository}}.git
NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
NPMCI_LOGIN_DOCKER_GITEA: ${{ github.server_url }}|${{ gitea.repository_owner }}|${{ secrets.GITEA_TOKEN }}
IMAGE: code.foss.global/host.today/ht-docker-node:szci
NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@gitea.lossless.digital/${{gitea.repository}}.git
NPMCI_LOGIN_DOCKER_DOCKERREGISTRY: ${{ secrets.NPMCI_LOGIN_DOCKER_DOCKERREGISTRY }}
jobs:
security:
runs-on: ubuntu-latest
container:
image: ${{ env.IMAGE }}
continue-on-error: true
steps:
- uses: actions/checkout@v3
- name: Install pnpm and npmci
run: |
pnpm install -g pnpm
pnpm install -g @ship.zone/npmci
npmci npm prepare
- name: Audit production dependencies
run: |
npmci command npm config set registry https://registry.npmjs.org
npmci command pnpm audit --audit-level=high --prod
continue-on-error: true
- name: Audit development dependencies
run: |
npmci command npm config set registry https://registry.npmjs.org
npmci command pnpm audit --audit-level=high --dev
continue-on-error: true
test:
needs: security
runs-on: ubuntu-latest
container:
image: ${{ env.IMAGE }}
@@ -54,18 +22,14 @@ jobs:
- name: Prepare
run: |
pnpm install -g pnpm
pnpm install -g @ship.zone/npmci
npmci npm prepare
pnpm install -g @git.zone/tsdocker@latest
pnpm install
- name: Test stable
run: |
npmci node install stable
npmci npm install
npmci npm test
- name: Test
run: pnpm test
- name: Test build
run: |
npmci npm prepare
npmci node install stable
npmci npm install
npmci command npm run build
- name: Build image
run: tsdocker build
- name: Test image
run: tsdocker test
.gitea/workflows/docker_tags.yaml
+16 -81
View File
@@ -6,76 +6,15 @@ on:
- '*'
env:
IMAGE: code.foss.global/host.today/ht-docker-node:npmci
NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@/${{gitea.repository}}.git
NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
# NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
# NPMCI_LOGIN_DOCKER_GITEA: ${{ github.server_url }}|${{ gitea.repository_owner }}|${{ secrets.GITEA_TOKEN }}
IMAGE: code.foss.global/host.today/ht-docker-node:szci
NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@gitea.lossless.digital/${{gitea.repository}}.git
NPMCI_LOGIN_DOCKER_DOCKERREGISTRY: ${{ secrets.NPMCI_LOGIN_DOCKER_DOCKERREGISTRY }}
NPMCI_SECRET01: ${{ secrets.NPMCI_SECRET01 }}
jobs:
security:
runs-on: ubuntu-latest
container:
image: ${{ env.IMAGE }}
continue-on-error: true
steps:
- uses: actions/checkout@v3
- name: Prepare
run: |
pnpm install -g pnpm
pnpm install -g @ship.zone/npmci
npmci npm prepare
- name: Audit production dependencies
run: |
npmci command npm config set registry https://registry.npmjs.org
npmci command pnpm audit --audit-level=high --prod
continue-on-error: true
- name: Audit development dependencies
run: |
npmci command npm config set registry https://registry.npmjs.org
npmci command pnpm audit --audit-level=high --dev
continue-on-error: true
test:
needs: security
runs-on: ubuntu-latest
container:
image: ${{ env.IMAGE }}
steps:
- uses: actions/checkout@v3
- name: Prepare
run: |
pnpm install -g pnpm
pnpm install -g @ship.zone/npmci
npmci npm prepare
- name: Test stable
run: |
npmci node install stable
npmci npm install
npmci npm test
- name: Test build
run: |
npmci node install stable
npmci npm install
npmci command npm run build
release:
needs: test
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
container:
image: code.foss.global/host.today/ht-docker-dbase:npmci
image: code.foss.global/host.today/ht-docker-dbase:szci
steps:
- uses: actions/checkout@v3
@@ -83,24 +22,20 @@ jobs:
- name: Prepare
run: |
pnpm install -g pnpm
pnpm install -g @ship.zone/npmci
pnpm install -g @git.zone/tsdocker@latest
pnpm install
- name: Release
run: |
npmci docker login
npmci docker build
npmci docker test
npmci docker push code.foss.global
- name: Login to registries
run: tsdocker login
metadata:
needs: test
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
container:
image: ${{ env.IMAGE }}
- name: List images
run: tsdocker list
steps:
- uses: actions/checkout@v3
- name: Build images
run: tsdocker build
- name: Trigger
run: npmci trigger
- name: Test images
run: tsdocker test
- name: Push to code.foss.global
run: tsdocker push code.foss.global
npmextra.json → .smartconfig.json
+56 -6
View File
@@ -1,5 +1,55 @@
{
"npmci": {
"@git.zone/tsdocker": {
"registries": ["code.foss.global"],
"registryRepoMap": {
"code.foss.global": "serve.zone/cloudly"
},
"platforms": ["linux/amd64", "linux/arm64"]
},
"@git.zone/tsbundle": {
"bundles": [
{
"from": "./ts_web/index.ts",
"to": "./dist_serve/bundle.js",
"outputMode": "bundle",
"bundler": "esbuild",
"production": true,
"includeFiles": ["./html/**/*.html"]
}
]
},
"@git.zone/tswatch": {
"preset": "website",
"server": {
"enabled": true,
"port": 3000,
"serveDir": "./dist_serve/",
"liveReload": true
},
"watchers": [
{
"name": "backend",
"watch": ["./ts/**/*", "./ts_cliclient/**/*"],
"command": "pnpm run startTs",
"restart": true,
"debounce": 300,
"runOnStart": true
}
],
"bundles": [
{
"name": "website",
"from": "./ts_web/index.ts",
"to": "./dist_serve/bundle.js",
"watchPatterns": ["./ts_web/**/*", "./html/**/*"],
"triggerReload": true,
"bundler": "esbuild",
"production": false,
"includeFiles": ["./html/**/*.html"]
}
]
},
"@ship.zone/szci": {
"npmGlobalTools": [],
"npmAccessLevel": "public",
"npmRegistryUrl": "verdaccio.lossless.digital",
@@ -8,7 +58,10 @@
},
"dockerBuildargEnvMap": {}
},
"gitzone": {
"tsdoc": {
"legal": "\n## License and Legal Information\n\nThis repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. \n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.\n\n### Company Information\n\nTask Venture Capital GmbH \nRegistered at District court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or if you require further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n"
},
"@git.zone/cli": {
"projectType": "service",
"module": {
"githost": "code.foss.global",
@@ -46,8 +99,5 @@
"security"
]
}
},
"tsdoc": {
"legal": "\n## License and Legal Information\n\nThis repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. \n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.\n\n### Company Information\n\nTask Venture Capital GmbH \nRegistered at District court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or if you require further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n"
}
}
}
.vscode/settings.json
Vendored
+1 -1
View File
@@ -1,7 +1,7 @@
{
"json.schemas": [
{
"fileMatch": ["/npmextra.json"],
"fileMatch": ["/.smartconfig.json"],
"schema": {
"type": "object",
"properties": {
Dockerfile
+23 -34
View File
@@ -1,46 +1,35 @@
# gitzone dockerfile_service
## STAGE 1 // BUILD
FROM code.foss.global/host.today/ht-docker-node:npmci as node1
COPY ./ /app
FROM code.foss.global/host.today/ht-docker-node:lts AS build
WORKDIR /app
ARG NPMCI_TOKEN_NPM2
ENV NPMCI_TOKEN_NPM2 $NPMCI_TOKEN_NPM2
RUN npmci npm prepare
RUN pnpm config set store-dir .pnpm-store
RUN rm -rf node_modules && pnpm install
COPY package.json pnpm-lock.yaml ./
RUN pnpm install --frozen-lockfile
COPY . ./
RUN pnpm run build
RUN pnpm prune --prod
## STAGE 2 // PRODUCTION
FROM code.foss.global/host.today/ht-docker-node:lts AS production
# gitzone dockerfile_service
## STAGE 2 // install production
FROM code.foss.global/host.today/ht-docker-node:npmci as node2
WORKDIR /app
COPY --from=node1 /app /app
RUN rm -rf .pnpm-store
ARG NPMCI_TOKEN_NPM2
ENV NPMCI_TOKEN_NPM2 $NPMCI_TOKEN_NPM2
RUN npmci npm prepare
RUN pnpm config set store-dir .pnpm-store
RUN rm -rf node_modules/ && pnpm install --prod
ENV NODE_ENV=production
ENV SERVEZONE_PORT=80
## STAGE 3 // rebuild dependencies for alpine
FROM code.foss.global/host.today/ht-docker-node:alpine_npmci as node3
WORKDIR /app
COPY --from=node2 /app /app
ARG NPMCI_TOKEN_NPM2
ENV NPMCI_TOKEN_NPM2 $NPMCI_TOKEN_NPM2
RUN npmci npm prepare
RUN pnpm config set store-dir .pnpm-store
RUN pnpm rebuild -r
COPY --from=build /app/package.json ./package.json
COPY --from=build /app/node_modules ./node_modules
COPY --from=build /app/cli.js ./cli.js
COPY --from=build /app/dist_ts ./dist_ts
COPY --from=build /app/dist_serve ./dist_serve
## STAGE 4 // the final production image with all dependencies in place
FROM code.foss.global/host.today/ht-docker-node:alpine as node4
WORKDIR /app
COPY --from=node3 /app /app
LABEL org.opencontainers.image.title="cloudly" \
org.opencontainers.image.description="serve.zone control plane" \
org.opencontainers.image.source="https://code.foss.global/serve.zone/cloudly"
### Healthchecks
RUN pnpm install -g @servezone/healthy
HEALTHCHECK --interval=30s --timeout=30s --start-period=30s --retries=3 CMD [ "healthy" ]
HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 CMD node -e "const http=require('node:http');const port=process.env.SERVEZONE_PORT||80;const req=http.get({host:'127.0.0.1',port,path:'/'},res=>process.exit(res.statusCode<500?0:1));req.on('error',()=>process.exit(1));req.setTimeout(5000,()=>{req.destroy();process.exit(1);});"
EXPOSE 80
CMD ["npm", "start"]
CMD ["node", "cli.js"]
changelog.md
+178
View File
@@ -1,5 +1,183 @@
# Changelog
## Pending
## 2026-05-21 - 5.6.0
### Features
- group dashboard navigation (web)
- reorganize Cloudly sidebar into Platform, Runtime, Registry & Build, Secrets, Domains & Messaging, Storage, and Logs sections
- keep Images next to Services in the Runtime group because services reference imageId and imageVersion
## 2025-09-08 - 5.3.0 - feat(web)
Add deployments API typings and web UI improvements: services & deployments management with CRUD and actions
- Add deployment request interfaces (ts_interfaces/requests/deployment.ts) to define typed API for create/read/update/delete/scale/restart operations.
- Extend web app state (ts_web/appstate.ts) to include typed services and deployments, and add actions for create/update/delete of services and deployments.
- Enhance web views (ts_web/elements/*): CloudlyViewServices and CloudlyViewDeployments now include richer display, styling, and UI actions (create, edit, deploy, restart, stop, delete).
- Fix subscription variable naming in several web components (subecription -> subscription) and improve table display functions to handle missing data safely.
- Add .claude/settings.local.json (tooling/permissions) used for local development/test tooling.
## 2025-09-07 - 5.2.0 - feat(settings)
Add runtime settings management, node & baremetal managers, and settings UI
- Introduce CloudlySettingsManager to store runtime settings in an EasyStore (MongoDB) with API handlers for get/update/clear/test.
- Add settings data/interface and typedrequest definitions (ts_interfaces/data/settings.ts, ts_interfaces/requests/settings.ts) and expose via interfaces index.
- Add web UI for managing provider credentials and connections (ts_web/elements/cloudly-view-settings.ts) and integrate the Settings view into the dashboard.
- Replace the previous ServerManager concept with NodeManager and BaremetalManager: new ClusterNode and BareMetal models and managers (auto-provisioning / Hetzner integration), plus curlfresh moved to node manager.
- Update Cluster data shape (servers -> nodes) and adjust related code paths (overview stats, cluster creation and provisioning flows).
- Use settingsManager for provider tokens (cloudflareToken, hetznerToken) instead of reading tokens directly from config/env; connector and manager init code updated accordingly.
- Add numerous implementations and API handlers to support baremetal/node lifecycle and control (getBaremetalServers, controlBaremetal, getNodeConfig, node provisioning helpers).
- Reorder Cloudly startup to initialize MongoDB and settings manager before managers that depend on settings; wire settingsManager into Cloudly class.
- Bump package dependency versions for @git.zone/tsdoc, @design.estate/dees-catalog and @push.rocks/taskbuffer in package.json.
## 2025-09-05 - 5.1.0 - feat(cluster)
Add cluster setupMode (manual|hetzner|aws|digitalocean) with conditional Hetzner auto-provisioning; UI and dashboard improvements; dependency upgrades
- Introduce optional setupMode on cluster configs and requests (ICluster.data.setupMode, createCluster request) to allow 'manual' | 'hetzner' | 'aws' | 'digitalocean'.
- ClusterManager: default setupMode to 'manual' when creating clusters and only trigger serverManager.ensureServerInfrastructure() for 'hetzner' clusters.
- ServerManager: skip provisioning for clusters not configured with setupMode 'hetzner' and log skipped clusters.
- Web UI: add a 'Setup Mode' dropdown when creating a cluster so users can choose auto-provisioning provider; ensure the add-cluster action passes setupMode.
- Web UI: dashboard enhancements — add icons to view tabs and replace cluster overview with a stats grid (including total clusters, total servers, images, services, deployments, secret groups/bundles, DNS, DBs, backups, mails, s3). The overview now computes total servers across clusters.
- Package dependency bumps (devDependencies and dependencies) to keep libs up-to-date (examples: @git.zone/tsbuild, @git.zone/tstest, @api.global/typedserver, @apiclient.xyz/docker, @design.estate/dees-catalog, @push.rocks/smartlog, @push.rocks/smartrequest, @push.rocks/taskbuffer, etc.).
- Add .claude/settings.local.json with local Claude permissions (editor/automation config).
## 2025-08-18 - 5.0.6 - fix(connector.letsencrypt)
Improve Let's Encrypt integration and certificate handling; fix coreflow certificate response; add local assistant permissions config
- Replace ad-hoc setChallenge/removeChallenge hooks with a DNS-01 handler (smartacme.handlers.Dns01Handler) using Cloudflare to manage ACME DNS challenges.
- Add MongoDB-backed certificate manager (smartacme.certmanagers.MongoCertManager) and pass it to SmartAcme as certManager.
- Initialize SmartAcme with certManager and challengeHandlers instead of setChallenge/removeChallenge/mongoDescriptor options.
- Return certificate object directly from coreflow certificate request handler (avoid createSavableObject) to fix the getCertificateForDomain response payload.
- Add .claude/settings.local.json with local assistant/permissions entries to allow specific debugging/automation commands.
- Bump commitinfo versions to 5.0.6 and update changelog.
## 2025-08-18 - 5.0.6 - fix(connector.letsencrypt)
Improve Let's Encrypt integration and certificate handling; add local assistant permissions config
- Replace ad-hoc setChallenge/removeChallenge hooks with a DNS-01 handler using Cloudflare (smartacme.handlers.Dns01Handler) to manage ACME DNS challenges.
- Add MongoDB-backed certificate manager (smartacme.certmanagers.MongoCertManager) and pass it to SmartAcme as certManager.
- Update SmartAcme initialization to use certManager and challengeHandlers instead of setChallenge/removeChallenge/mongoDescriptor options.
- Return certificate object directly from coreflow certificate request handler (avoid createSavableObject), fixing the response payload for getCertificateForDomain.
- Add .claude/settings.local.json with local assistant/permissions entries to allow specific debugging/automation commands.
## 2025-08-18 - 5.0.5 - fix(coreflow)
Fix Coreflow identity lookup and response shape; improve API client tests and bump dependencies
- ts/manager.coreflow/coreflowmanager.ts: Use $elemMatch to correctly query nested user.tokens when resolving identities and validate machine user types.
- ts/manager.coreflow/coreflowmanager.ts: Normalize getClusterConfig response to include services (was deploymentDirectives) and tidy handler signatures.
- test/test.apiclient.ts: Add detailed logging and improved error handling across preTask, client startup, identity retrieval, image creation and image upload to aid debugging and test observability.
- package.json: Update dependency versions (notable bumps): @types/node -> ^22.0.0, @push.rocks/smartacme -> ^8.0.0, @push.rocks/smartdata -> ^5.16.4, @push.rocks/smartexpect -> ^2.5.0, @push.rocks/smartpath -> ^6.0.0, @push.rocks/smartrequest -> ^4.2.2, plus other maintenance bumps.
- Add .claude/settings.local.json to provide local Claude permissions for developer tooling.
## 2025-04-25 - 5.0.4 - fix(platformservice/mta)
Update getEmailStatus response schema: make details property optional
- Changed details property from required with fixed message to optional with a flexible message structure in IReq_GetEMailStats response
## 2025-04-25 - 5.0.3 - fix(mta)
update email status response type in MTA platform service
- Changed the response 'status' field in IRequest_CheckEmailStatus from a literal 'unknown' to a generic string for improved flexibility
## 2025-04-25 - 5.0.2 - fix(platformservice/mta)
Refactor email status response in MTA service
- Updated IReq_CheckEmailStatus response: replaced union type ('ok' | 'not ok') with fixed status 'unknown' and added a details object with message 'Email not found'.
## 2025-04-25 - 5.0.1 - fix(mta)
Update email stats response interface in mta platform service to include totalEmailsSent, totalEmailsDelivered, totalEmailsBounced, averageDeliveryTimeMs, and lastUpdated timestamp.
- Modified IReq_GetEMailStats response in ts_interfaces/platformservice/mta.ts from an empty status object to a detailed email statistics structure.
## 2025-04-25 - 5.0.0 - BREAKING CHANGE(ts_interfaces/platformservice/mta)
Rename mta interfaces and upgrade dependency versions
- Upgraded devDependencies: @git.zone/tsbuild, tsbundle, tsdoc, tstest, tswatch, and @push.rocks/tapbundle to newer versions.
- Upgraded dependencies: @design.estate/dees-catalog, dees-domtools, dees-element, @push.rocks/smartdata, smartexpect, smartfile, smartpromise, smartrequest, smartrx, and tsclass (v4.2.0 to v9.0.0).
- Added new packageManager field in package.json and introduced pnpm-workspace.yaml for additional workspace configuration.
- Refactored mta API interfaces: renamed IRequest_SendEmail to IReq_SendEmail and IRequestRegisterRecipient to IReq_RegisterRecipient; added IReq_CheckEmailStatus and IReq_GetEMailStats.
## 2025-01-20 - 4.13.0 - feat(service)
Add support for service creation, update, and deletion.
- Implemented TypedHandlers for creating a new service.
- Added features to update existing service details.
- Enabled deletion of services by their unique ID.
## 2025-01-20 - 4.12.2 - fix(service)
Fix secret bundle and service management bugs
- Corrected the field name from 'includedImages' to 'imageClaims' in secret bundles.
- Implemented 'getFlatKeyValueObject' for secret bundles and modified related API interactions.
- Enhanced the Service class with methods for handling secret bundle data by resolving related groups and environments.
## 2025-01-02 - 4.12.1 - fix(deps)
Updated @git.zone/tspublish to version ^1.9.1
## 2025-01-02 - 4.12.0 - feat(cli)
Add CLI support and external registries view
- Adds CLI client functionality
- Introduces a new view for External Registries in the dashboard
## 2024-12-30 - 4.11.0 - feat(external-registry)
Introduce external registry management
- Added ExternalRegistryManager to handle external registry operations.
- Implemented ability to create, retrieve, and delete external registries.
- Enhanced Cloudly class to include ExternalRegistryManager.
## 2024-12-29 - 4.10.0 - feat(apiclient)
Added support for managing external registries in the API client.
- Introduced methods to get a registry by ID, get all registries, and create a new registry in the externalRegistry object.
- Updated external registry request interfaces to match new API client capabilities.
## 2024-12-29 - 4.9.0 - feat(apiclient)
Add external registry management capabilities to Cloudly API client.
- Introduce ExternalRegistry class with methods for getting, creating, and updating external registries.
- Expand requests module to handle external registry management, including creation and deletion.
## 2024-12-28 - 4.8.1 - fix(interfaces)
Fix image location schema in IImage interface
- Refactored the 'external' object within IImage data to a 'location' object.
- Added 'internal' boolean to 'location' to specify internal/external status.
## 2024-12-28 - 4.8.0 - feat(manager.registry)
Add external registry management
- Introduced ExternalRegistry class for handling external registry configurations.
- Updated IExternalRegistry interface to include registry details.
- Enhanced IImage interface to support linking with external registries.
## 2024-12-28 - 4.7.1 - fix(secretmanagement)
Refactor secret bundle actions and improve authorization handling
- Refactored secret bundle handling by renaming methods and reorganizing static and instance methods in SecretBundle class.
- Added getSecretBundleByAuthorization method to SecretBundle.
- Improved getFlatKeyValueObjectForEnvironment to accurately retrieve key-value pairs for specified environments.
- Removed deprecated IEnvBundle interface and related request handler for better clarity and code usage.
- Updated request interfaces related to secret bundles for consistent method naming and arguments.
## 2024-12-22 - 4.7.0 - feat(apiclient)
Add method to flatten secret bundles into key-value objects.
- SecretBundle: Implemented toFlatKeyValueObject method to flatten secret groups into key-value pairs.
- Removed stale SecretManager class from apiclient.
## 2024-12-22 - 4.6.0 - feat(cloudlyapiclient)
Extend CloudlyApiClient with cluster, secretbundle, and secretgroup methods
- Added methods to CloudlyApiClient for managing clusters: getClusterById, getClusters, createCluster.
- Added methods to CloudlyApiClient for managing secret bundles: getSecretBundleById, getSecretBundles, createSecretBundle.
- Added methods to CloudlyApiClient for managing secret groups: getSecretGroupById, getSecretGroups, createSecretGroup.
## 2024-12-22 - 4.5.5 - fix(apiclient)
Fixed image creation method in cloudlyApiClient
package.json
+66 -58
View File
@@ -1,91 +1,98 @@
{
"name": "@serve.zone/cloudly",
"version": "4.5.5",
"private": false,
"version": "5.6.0",
"private": true,
"description": "A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.",
"type": "module",
"exports": {
".": "./dist/index.js",
"./apiclient": "./dist_apiclient/index.js",
"./cliclient": "./dist_cliclient/index.js",
"./web": "./dist_web/index.js"
".": "./dist_ts/index.js",
"./cliclient": "./dist_ts_cliclient/index.js",
"./web": "./dist_ts_web/index.js"
},
"author": "Task Venture Capital GmbH",
"license": "MIT",
"scripts": {
"test": "(tstest test/)",
"build": "tsbuild tsfolders --web --allowimplicitany && tsbundle website --production",
"test": "(tstest test/ --verbose --logfile --timeout 120)",
"build": "tsbuild tsfolders && tsbundle",
"build:docker": "tsdocker build --verbose",
"start": "node cli.js",
"startTs": "node cli.ts.js",
"watch": "tswatch website",
"watch": "tswatch",
"release:docker": "tsdocker push --verbose",
"publish": "tspublish",
"docs": "tsdoc aidoc"
},
"devDependencies": {
"@git.zone/tsbuild": "^2.2.0",
"@git.zone/tsbundle": "^2.1.0",
"@git.zone/tsdoc": "^1.4.2",
"@git.zone/tspublish": "^1.7.7",
"@git.zone/tstest": "^1.0.90",
"@git.zone/tswatch": "^2.0.37",
"@push.rocks/tapbundle": "^5.5.3",
"@types/node": "^22.10.2"
"@git.zone/tsbuild": "^4.4.0",
"@git.zone/tsbundle": "^2.10.1",
"@git.zone/tsdoc": "^2.0.3",
"@git.zone/tsdocker": "^2.2.6",
"@git.zone/tspublish": "^1.11.6",
"@git.zone/tstest": "^3.6.5",
"@git.zone/tswatch": "^3.3.3",
"@push.rocks/smartnetwork": "^4.7.1",
"@types/node": "^25.6.2"
},
"dependencies": {
"@api.global/typedrequest": "3.1.10",
"@api.global/typedrequest": "3.3.1",
"@api.global/typedrequest-interfaces": "^3.0.19",
"@api.global/typedserver": "^3.0.51",
"@api.global/typedsocket": "^3.0.1",
"@apiclient.xyz/cloudflare": "^6.0.1",
"@apiclient.xyz/docker": "^1.2.7",
"@apiclient.xyz/hetznercloud": "^1.2.0",
"@api.global/typedserver": "^8.4.6",
"@api.global/typedsocket": "^4.1.3",
"@apiclient.xyz/cloudflare": "^7.1.0",
"@apiclient.xyz/docker": "^5.1.4",
"@apiclient.xyz/hetznercloud": "^1.2.1",
"@apiclient.xyz/slack": "^3.0.9",
"@design.estate/dees-catalog": "^1.3.2",
"@design.estate/dees-domtools": "^2.0.64",
"@design.estate/dees-element": "^2.0.39",
"@git.zone/tsrun": "^1.3.3",
"@push.rocks/early": "^4.0.3",
"@push.rocks/npmextra": "^5.1.2",
"@push.rocks/projectinfo": "^5.0.1",
"@push.rocks/qenv": "^6.1.0",
"@push.rocks/smartacme": "^5.0.0",
"@push.rocks/smartbucket": "^3.3.7",
"@push.rocks/smartcli": "^4.0.11",
"@push.rocks/smartclickhouse": "^2.0.17",
"@push.rocks/smartdata": "^5.2.10",
"@push.rocks/smartdelay": "^3.0.5",
"@push.rocks/smartexit": "^1.0.23",
"@push.rocks/smartexpect": "^1.2.1",
"@push.rocks/smartfile": "^11.0.23",
"@design.estate/dees-catalog": "^3.81.0",
"@design.estate/dees-domtools": "^2.5.6",
"@design.estate/dees-element": "^2.2.4",
"@git.zone/tsrun": "^2.0.3",
"@push.rocks/early": "^4.0.4",
"@push.rocks/projectinfo": "^5.1.0",
"@push.rocks/qenv": "^6.1.4",
"@push.rocks/smartacme": "^9.5.0",
"@push.rocks/smartbucket": "^4.6.1",
"@push.rocks/smartcli": "^4.0.21",
"@push.rocks/smartclickhouse": "^2.2.1",
"@push.rocks/smartconfig": "^6.1.1",
"@push.rocks/smartdata": "^7.1.7",
"@push.rocks/smartdelay": "^3.1.0",
"@push.rocks/smartexit": "^2.0.3",
"@push.rocks/smartexpect": "^2.5.0",
"@push.rocks/smartfile": "^13.1.3",
"@push.rocks/smartguard": "^3.1.0",
"@push.rocks/smartjson": "^5.0.19",
"@push.rocks/smartjwt": "^2.2.1",
"@push.rocks/smartlog": "^3.0.7",
"@push.rocks/smartjson": "^6.0.1",
"@push.rocks/smartjwt": "^2.2.2",
"@push.rocks/smartlog": "^3.2.2",
"@push.rocks/smartlog-destination-clickhouse": "^1.0.13",
"@push.rocks/smartlog-interfaces": "^3.0.2",
"@push.rocks/smartpath": "^5.0.18",
"@push.rocks/smartpromise": "^4.0.4",
"@push.rocks/smartrequest": "^2.0.23",
"@push.rocks/smartrx": "^3.0.7",
"@push.rocks/smartssh": "^2.0.1",
"@push.rocks/smartstate": "^2.0.19",
"@push.rocks/smartstream": "^3.2.5",
"@push.rocks/smartstring": "^4.0.15",
"@push.rocks/smartpath": "^6.0.0",
"@push.rocks/smartpromise": "^4.2.4",
"@push.rocks/smartregistry": "^2.9.2",
"@push.rocks/smartrequest": "^5.0.3",
"@push.rocks/smartrx": "^3.0.10",
"@push.rocks/smartsamba": "^0.2.0",
"@push.rocks/smartssh": "^2.1.0",
"@push.rocks/smartstate": "^2.3.1",
"@push.rocks/smartstream": "^3.4.2",
"@push.rocks/smartstring": "^4.1.1",
"@push.rocks/smartunique": "^3.0.9",
"@push.rocks/taskbuffer": "^3.0.2",
"@push.rocks/webjwt": "^1.0.9",
"@tsclass/tsclass": "^4.2.0"
"@push.rocks/taskbuffer": "^8.0.2",
"@push.rocks/webjwt": "^1.0.10",
"@serve.zone/api": "^5.3.7",
"@serve.zone/interfaces": "^5.6.0",
"@tsclass/tsclass": "^9.5.1"
},
"files": [
"ts/**/*",
"ts_cliclient/**/*",
"ts_web/**/*",
"dist/**/*",
"dist_*/**/*",
"dist_serve/**/*",
"dist_ts/**/*",
"dist_ts_cliclient/**/*",
"dist_ts_web/**/*",
"assets/**/*",
"cli.js",
"npmextra.json",
".smartconfig.json",
"readme.md"
],
"browserslist": [
@@ -126,5 +133,6 @@
"frontend",
"backend",
"security"
]
],
"packageManager": "pnpm@10.7.0+sha512.6b865ad4b62a1d9842b61d674a393903b871d9244954f652b8842c2b553c72176b278f64c463e52d40fff8aba385c235c8c9ecf5cc7de4fd78b8bb6d49633ab6"
}
pnpm-lock.yaml
Generated
+6112 -7823
View File
File diff suppressed because it is too large Load Diff
readme.hints.md
+9 -1
View File
@@ -8,4 +8,12 @@
`code.foss.global/serve.zone/cloudly:latest`
- Note: the exports are defined in the package.json.
- For now, cloud wise only the setup with cloudron and hetzner cloud is supported.
- For now, cloud wise only the setup with cloudron and hetzner cloud is supported.
## Architecture Overview
- serve.zone is a monorepo containing multiple packages that work together to provide a complete container orchestration platform
- Uses Docker Swarm as the underlying container orchestration technology
- cloudly acts as the control plane providing API, web UI, and CLI interfaces
- coreflow runs inside Docker Swarm clusters to manage containers
- coretraffic runs on each node to handle traffic routing and SSL
- spark manages individual servers at the OS level
readme.md
+238 -279
View File
@@ -1,351 +1,310 @@
# @serve.zone/cloudly
A multi-cloud management tool utilizing Docker Swarmkit for orchestrating containerized apps across various cloud providers, with web, CLI, and API interfaces for configuration and integration management.
Cloudly is the serve.zone control plane: a TypeScript service and browser dashboard that stores desired infrastructure state, authenticates humans and machines, coordinates clusters, serves an OCI registry, manages workload metadata, and pushes runtime configuration to connected node components.
## Install
## Issue Reporting and Security
To install `@serve.zone/cloudly`, run the following command in your terminal:
For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly.
```bash
npm install @serve.zone/cloudly --save
## Why It Exists
Cloudly is the place where serve.zone operators describe what should run. It does not directly run every workload itself. Instead, it keeps the authoritative desired state in MongoDB and exposes TypedRequest/TypedSocket APIs so runtime components can reconcile that state where the containers actually live.
The current runtime pattern is reverse-connect:
```text
browser / CLI / SDK
-> Cloudly HTTP + TypedSocket API
-> MongoDB-backed managers
-> S3-backed image and artifact storage
<- Coreflow cluster agents connect outward
-> Docker Swarm reconciliation
-> Coretraffic routing updates
-> Corestore platform resources and backups
```
This will install the package and add it to your project's `package.json` dependencies.
## What Cloudly Manages
## Usage
Cloudly currently coordinates these areas:
`@serve.zone/cloudly` is designed to provide a unified interface for managing multi-cloud environments, encapsulating complex cloud interactions with Docker Swarmkit into simpler, programmable entities. This document will guide you through various use-cases and implementation examples to give you a comprehensive understanding of the module's capabilities.
- **Authentication and identity**: human admin login, JWT identities, machine tokens, and cluster identities.
- **Clusters**: desired cluster records and machine users used by Coreflow to authenticate back to Cloudly.
- **Services**: workload definitions, image references, domains, ports, scale factors, secret bundles, volumes, and deployment metadata.
- **Deployments**: deployment records, node placement metadata, health/resource fields, restart/scale API stubs, and DNS activation/deactivation hooks.
- **Images and registries**: image metadata, S3-backed image storage, external registry records, and an embedded OCI registry mounted at `/v2`.
- **Secrets**: secret groups and bundles that Coreflow flattens into Docker secrets for workloads.
- **Domains and DNS**: domain records, DNS entries, and optional domain sync from a dcrouter external gateway.
- **Platform bindings**: capabilities such as `database`, `objectstorage`, `logging`, `backup`, and RPC-style platform services that Coreflow/Corestore can reconcile.
- **Backups**: backup records, service backup/restore requests, scheduled backup tasks, and archive replication handshakes with Coreflow/Corestore.
- **BaseOS**: managed BaseOS node registration, heartbeat handling, desired-state response, image build tracking, and image download URLs.
- **CoreBuild workers**: selection of external build workers for BaseOS ISO and balena raw-image artifact generation.
- **Tasks**: TaskBuffer-backed operational tasks with execution history, metrics, logs, manual triggers, cancellation, and cron schedules.
- **Node and bare-metal inventory**: Hetzner-backed node creation paths and bare-metal metadata records where configured.
- **Dashboard**: a web component UI rendered from `ts_web` with views for overview, settings, secrets, clusters, external registries, images, services, deployments, tasks, domains, DNS, mail/log/storage/database shells, backups, and BaseOS.
### Prerequisites
## Runtime Components
Before you begin, ensure your environment is set up correctly:
- You have Node.js installed (preferably the latest LTS version).
- Your environment is configured to use TypeScript if you're working in a TypeScript project.
| Component | Role |
| --- | --- |
| `Cloudly` | Main service coordinator. Creates connectors and managers, then starts the API server. |
| `CloudlyServer` | TypedServer/TypedSocket HTTP server, dashboard static server, OCI registry HTTP bridge, and BaseOS HTTP endpoints. |
| `MongodbConnector` | SmartData persistence layer for Cloudly records. |
| `CloudflareConnector` | Optional Cloudflare account used by ACME DNS-01 when `cloudflareToken` is configured in settings. |
| `LetsencryptConnector` | SmartACME certificate issuance and certificate lookup. |
| `CloudlyCoreflowManager` | Authenticates Coreflow, returns cluster config payloads, and pushes config updates to connected Coreflow clients. |
| `CloudlyRegistryManager` | Embedded OCI registry backed by configured S3 storage, including deploy-on-push metadata updates. |
| `CloudlyBaseOsManager` | BaseOS registration, heartbeat, image build orchestration, worker selection, and artifact downloads. |
| `CloudlyBackupManager` | Service backup/restore orchestration and remote archive object replication. |
| `CloudlyTaskManager` | Registers predefined and runtime tasks, tracks task executions, schedules cron jobs, and exposes task APIs. |
| `CloudlySettingsManager` | Stores runtime settings in MongoDB, masks sensitive values for API responses, and refreshes gateway/Coreflow state after relevant changes. |
### Basic Setup
## Configuration
#### Creating a Cloudly Instance
Cloudly uses `@push.rocks/smartconfig` `AppData` with environment mappings. The runtime entry point loads `.nogit`/environment values through `@push.rocks/qenv`, and embedded callers can override values by constructing `new Cloudly(config)` programmatically.
The foundation of working with `@serve.zone/cloudly` involves creating an instance of the `Cloudly` class. This instance serves as the gateway to managing cloud resources and orchestrates interactions within the platform. Heres how to get started:
Required runtime configuration:
```typescript
import { Cloudly, ICloudlyConfig } from '@serve.zone/cloudly';
| Variable | Purpose |
| --- | --- |
| `SERVEZONE_ENVIRONMENT` | ACME/runtime environment, currently `production` or `integration`. |
| `SERVEZONE_URL` | Public Cloudly hostname without protocol. |
| `SERVEZONE_PORT` | Public API/dashboard port as a string. |
| `SERVEZONE_SSLMODE` | `none`, `external`, or `letsencrypt`. |
| `SERVEZONE_ADMINACCOUNT` | First-run admin bootstrap in `username:password` format. |
| `MONGODB_URL` | MongoDB connection URL used by SmartData. |
| `MONGODB_NAME` | MongoDB database name. |
| `MONGODB_USER` | MongoDB username. |
| `MONGODB_PASS` | MongoDB password. |
| `S3_ENDPOINT` | S3-compatible endpoint for registry, images, and artifacts. |
| `S3_ACCESSKEY` | S3 access key. |
| `S3_SECRETKEY` | S3 secret key. |
| `S3_BUCKET` | S3 bucket name. |
| `S3_PORT` | S3 endpoint port. |
| `S3_USESSL` | Boolean SSL flag for the S3 endpoint. |
const myCloudlyConfig: ICloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
hetznerToken: 'your_hetzner_api_token',
environment: 'development',
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: '8443',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
};
Common optional settings are stored through the Cloudly settings manager rather than direct environment variables:
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
| Setting | Purpose |
| --- | --- |
| `cloudflareToken` | Enables Cloudflare-backed ACME DNS-01 challenges. |
| `hetznerToken` | Enables Hetzner node and bare-metal provisioning paths. |
| `baseosJoinToken` | Allows BaseOS devices to enroll without a one-time image provisioning token. |
| `corebuildWorkersJson` | JSON array of CoreBuild worker URLs or `{ "url", "token", "id" }` objects. |
| `corebuildWorkerUrl` / `corebuildWorkerToken` | Legacy single-worker CoreBuild settings. |
| `dcrouterGatewayUrl` / `dcrouterGatewayApiToken` | Optional external gateway integration for domain and route sync. |
| `dcrouterWorkHosterId` | Optional stable external gateway work hoster ID; defaults to the cluster ID. |
| `dcrouterTargetHost` / `dcrouterTargetPort` | Optional target address that dcrouter should forward workload traffic to. |
Optional runtime environment variables:
| Variable | Purpose |
| --- | --- |
| `SERVEZONE_INSTALL_DEMO_DATA` | Runs the destructive demo data installer when set to `true`. |
| `CLOUDLY_BACKUP_CRON` | Enables the scheduled `backup-all-services` task with the supplied cron expression. |
| `CLOUDLY_BACKUP_KEEP_LAST` | Number of completed/failed backups to retain per service; defaults to `24`. |
| `CLOUDLY_BACKUP_TARGET_TYPE` | Remote archive replication target, currently `s3` or `smb`. |
| `CLOUDLY_BACKUP_TARGET_PREFIX` | Remote backup path prefix; defaults to `serve.zone-backups`. |
| `CLOUDLY_BASEOS_IMAGE_CLEANUP_INTERVAL_MS` | BaseOS image artifact cleanup interval; defaults to 12 hours. |
For backup replication with `CLOUDLY_BACKUP_TARGET_TYPE=s3`, set `CLOUDLY_BACKUP_S3_ENDPOINT`, `CLOUDLY_BACKUP_S3_ACCESS_KEY`, `CLOUDLY_BACKUP_S3_SECRET_KEY`, and `CLOUDLY_BACKUP_S3_BUCKET`. Optional S3 variables are `CLOUDLY_BACKUP_S3_REGION`, `CLOUDLY_BACKUP_S3_PORT`, and `CLOUDLY_BACKUP_S3_USE_SSL`.
For backup replication with `CLOUDLY_BACKUP_TARGET_TYPE=smb`, set `CLOUDLY_BACKUP_SMB_HOST` and `CLOUDLY_BACKUP_SMB_SHARE`. Optional SMB variables are `CLOUDLY_BACKUP_SMB_PORT`, `CLOUDLY_BACKUP_SMB_USERNAME`, `CLOUDLY_BACKUP_SMB_PASSWORD`, and `CLOUDLY_BACKUP_SMB_DOMAIN`.
## Starting Cloudly
Install and build with pnpm:
```sh
pnpm install
pnpm build
pnpm start
```
The configuration object `ICloudlyConfig` provides essential information needed for initializing external services, such as Cloudflare, Hetzner, and a MongoDB server. Adjust the parameters to match your actual service credentials and specifications.
Run the TypeScript entry point during development:
### Core Features and Use Cases
```sh
pnpm run startTs
```
#### Orchestrating Docker Swarmkit Clusters
Start from code when embedding the control plane in another Node.js process:
Docker Swarmkit cluster management is a primary feature of `@serve.zone/cloudly`. Through its abstracted, programmable interface, you can operate clusters effortlessly. Heres an example of how to create a cluster using `Cloudly`:
```typescript
```ts
import { Cloudly } from '@serve.zone/cloudly';
interface ICluster {
name: string;
id: string;
cloudlyUrl: string;
servers: string[];
sshKeys: string[];
}
const cloudly = new Cloudly({
environment: 'production',
publicUrl: 'cloudly.example.com',
publicPort: '443',
sslMode: 'external',
servezoneAdminaccount: 'admin:change-me',
mongoDescriptor: {
mongoDbUrl: process.env.MONGODB_URL,
mongoDbName: 'cloudly',
mongoDbUser: process.env.MONGODB_USER,
mongoDbPass: process.env.MONGODB_PASS,
},
s3Descriptor: {
endpoint: process.env.S3_ENDPOINT,
accessKey: process.env.S3_ACCESSKEY,
accessSecret: process.env.S3_SECRETKEY,
bucketName: process.env.S3_BUCKET,
port: process.env.S3_PORT,
useSsl: true,
},
});
async function manageClusters() {
const myCloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
environment: 'development',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: 8443,
hetznerToken: 'your_hetzner_api_token',
};
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
await myCloudlyInstance.start();
const newCluster: ICluster = {
name: 'example_cluster',
id: 'example_cluster_id',
cloudlyUrl: 'https://example.com:8443',
servers: [],
sshKeys: [],
};
// Store the newly created cluster with Cloudly
const storedCluster = await myCloudlyInstance.clusterManager.storeCluster(newCluster);
console.log('Cluster stored:', storedCluster);
}
manageClusters();
await cloudly.start();
```
In this scenario, a cluster called `example_cluster` is initialized using the `Cloudly` instance. This method represents a central mechanism to efficiently handle cluster entities and associated metadata.
Set `SERVEZONE_INSTALL_DEMO_DATA=true` only when you intentionally want the demo data installer to run. The code labels that path destructive.
#### Integrating With Cloudflare for DNS Management
## API Model
`@serve.zone/cloudly` provides built-in capabilities for managing DNS records through integration with Cloudflare. Using the `CloudflareConnector`, you can programmatically create, manage, and delete DNS entries:
Cloudly exposes a single composed TypedRouter. Managers add their own typed handlers to the main router, and `CloudlyServer` exposes that router through the HTTP/WebSocket server.
```typescript
import { Cloudly } from '@serve.zone/cloudly';
On first startup, Cloudly bootstraps the first human admin from `SERVEZONE_ADMINACCOUNT`. Human clients authenticate through `adminLoginWithUsernameAndPassword`; machine clients authenticate through `getIdentityByToken`. Cluster creation creates a machine user and token for Coreflow.
async function configureCloudflareDNS() {
const myCloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
environment: 'development',
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: 8443,
hetznerToken: 'your_hetzner_api_token',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
};
Typical consumers use `@serve.zone/api`:
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
await myCloudlyInstance.start();
```ts
import { CloudlyApiClient } from '@serve.zone/api';
const cfConnector = myCloudlyInstance.cloudflareConnector.cloudflare;
const client = new CloudlyApiClient({
registerAs: 'admin-tool',
cloudlyUrl: 'https://cloudly.example.com',
});
const dnsRecord = await cfConnector.createDNSRecord('example.com', 'sub.example.com', 'A', '127.0.0.1');
console.log('DNS Record:', dnsRecord);
}
configureCloudflareDNS();
await client.start();
const identity = await client.loginWithUsernameAndPassword('admin', 'change-me');
const clusters = await client.cluster.getClusters();
```
Here, you create an A record for the subdomain `sub.example.com` pointing to `127.0.0.1`. All communication with Cloudflare is handled directly through the interface without manual intervention.
Machine clients such as Coreflow authenticate with `getIdentityByToken`, request a stateful identity, and tag their WebSocket connection. That lets Cloudly push configuration to already-connected Coreflow instances instead of opening inbound connections to cluster nodes.
#### Dynamic Interaction with DigitalOcean
## Cluster Flow
DigitalOcean resource management, including droplet creation, is simplified in Cloudly. By extending the API to encapsulate calls to external providers, Cloudly provides a seamless experience:
The implemented cluster flow is intentionally simple:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
1. An admin creates a Cloudly cluster record.
2. Cloudly creates a machine user with a long-lived cluster token.
3. Coreflow starts on a Docker Swarm manager node with `CLOUDLY_URL` and `JUMPCODE`.
4. Coreflow authenticates to Cloudly and requests the cluster configuration payload.
5. Cloudly returns cluster data, workload services, platform bindings, provider configs, and optional external gateway configuration.
6. Coreflow reconciles Docker networks, base services, workload services, secrets, volumes, platform bindings, backups, and routing.
async function createDigitalOceanDroplets() {
const myCloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
environment: 'development',
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: 8443,
hetznerToken: 'your_hetzner_api_token',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
};
When service, platform, or gateway settings change, Cloudly pushes updated config to connected Coreflow clients where supported.
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
await myCloudlyInstance.start();
## Registry and Deploy-On-Push
const doConnector = myCloudlyInstance.digitaloceanConnector;
Cloudly serves an OCI registry under `/v2` through `CloudlyRegistryManager`. The registry uses configured S3 storage and issues OCI tokens from Cloudly authentication state.
const droplet = await doConnector.createDroplet('example-droplet', 'nyc3', 's-1vcpu-1gb', 'ubuntu-20-04-x64');
console.log('Droplet created:', droplet);
}
For Cloudly-managed services, `getServiceRegistryTarget()` creates stable registry targets like:
createDigitalOceanDroplets();
```text
<cloudly-host>/workloads/<service-name>-<service-id-prefix>:<tag>
```
In this script, a droplet named `example-droplet` is created within the `nyc3` region using the `ubuntu-20-04-x64` image. The module abstracts complexities by directly interfacing with DigitalOcean.
Registry push hooks record tag/digest metadata on the linked image and service. Unless `deployOnPush` is explicitly `false`, a successful push updates the service image version and asks connected Coreflow clients to reconcile.
### Advanced Use Cases
Registry token requests use HTTP Basic credentials against Cloudly users. User passwords and unexpired user tokens are accepted; push/delete scopes require an admin user or a token with the `admin` assigned role.
#### Implementing Web Management Interface
## BaseOS and CoreBuild
`@serve.zone/cloudly` facilitates dashboard management with advanced Web Components built with `@design.estate`. This section of the library allows the creation of dynamic, interactive panels for real-time resource management in a modern browser interface.
Cloudly can manage BaseOS nodes and image builds:
```typescript
import { html } from '@design.estate/dees-element';
- BaseOS devices register through `POST /baseos/v1/nodes/register` and heartbeat through `POST /baseos/v1/nodes/heartbeat`.
- A configured `baseosJoinToken` accepts generic device enrollment.
- BaseOS image builds create one-time provisioning tokens that are embedded in generated images.
- Cloudly selects a CoreBuild worker based on `/corebuild/v1/capabilities` and sends the build to `/corebuild/v1/jobs/baseos-image`.
- Supported build kinds are `ubuntu-iso` and `balena-raw`; Raspberry Pi builds use `balena-raw`.
- Supported architecture values are `amd64`, `arm64`, and `rpi`.
- Completed artifacts are stored in the configured S3 bucket and served through short-lived `/baseos/v1/images/:buildId/download` URLs.
const renderDashboard = () => {
return html`
<cloudly-dashboard>
<dees-simple-appdash>
<!-- Define sections and elements -->
<cloudly-view-clusters></cloudly-view-clusters>
<cloudly-view-dns></cloudly-view-dns>
<cloudly-view-images></cloudly-view-images>
<!-- Other custom views -->
</dees-simple-appdash>
</cloudly-dashboard>
`;
};
CoreBuild worker configuration can use `corebuildWorkersJson` for multiple workers or the legacy `corebuildWorkerUrl` and `corebuildWorkerToken` settings for one worker.
document.body.appendChild(renderDashboard());
## Backups and Corestore
Cloudly owns backup records and user-facing backup/restore requests. Coreflow executes the cluster-local work, and Corestore snapshots volumes, database resources, object storage resources, and archive objects.
The backup path includes:
- `createServiceBackup` and `restoreServiceBackup` typed requests for admins.
- `executeServiceBackup` and `executeServiceRestore` requests from Cloudly to Coreflow.
- Corestore volume/resource snapshot and restore endpoints behind Coreflow.
- Optional archive replication through `prepareBackupReplication`, `uploadBackupArchiveObject`, `completeBackupReplication`, `getBackupArchiveManifest`, and `downloadBackupArchiveObject`.
- Optional scheduled `backup-all-services` task when `CLOUDLY_BACKUP_CRON` is set.
Manual `createServiceBackup` requests expect Coreflow to complete remote archive replication. Cloudly validates archive object size and SHA-256 checksums, writes a manifest, records target metadata, and marks completed backups as `replicated`. Restores read the manifest and objects back through the configured target writer.
## Task Automation
Cloudly registers a TaskBuffer-backed task manager. The API and dashboard can list tasks, trigger tasks manually, inspect execution logs/metrics, and request cancellation for running tasks.
Predefined tasks currently include:
| Task | Purpose |
| --- | --- |
| `cloudflare-domain-sync` | Imports and updates domains from configured Cloudflare zones. |
| `dns-sync` | Iterates DNS entries marked as external; provider sync is currently a placeholder. |
| `cert-renewal` | Checks activated domains for certificate renewal; renewal logic is currently a placeholder. |
| `cleanup` | Removes old task executions and contains placeholders for log/image cleanup. |
| `health-check` | Iterates deployments and records health metrics; runtime health checks are currently placeholders. |
| `resource-report` | Generates node resource metrics; values are currently placeholders until runtime metrics are wired in. |
| `db-maintenance` | Maintenance shell for database optimization tasks. |
| `security-scan` | Security scan shell for exposed ports, image freshness, and weak configuration checks. |
| `docker-cleanup` | Docker cleanup shell for containers, images, volumes, and networks. |
| `backup-all-services` | Registered by the backup manager and enabled only when `CLOUDLY_BACKUP_CRON` is set. |
## External Gateway Integration
Cloudly can integrate with a dcrouter gateway when the gateway URL and API token are present in settings. The current integration syncs externally available domains into Cloudly and passes an external gateway route configuration to Coreflow. Coreflow can then ask dcrouter for certificates and synchronize public routes while still routing to cluster-local Coretraffic.
## Development
Common commands:
```sh
pnpm install
pnpm build
pnpm test
pnpm run build:docker
pnpm run release:docker
pnpm run docs
```
Utilizing the custom web components designed specifically for Cloudly, dashboards are adaptable, interactive, and maintainable. These elements allow you to structure a complete cloud management center without needing to delve into detailed UI engineering.
Important paths:
#### Comprehensive Log Management
| Path | Purpose |
| --- | --- |
| `ts/index.ts` | CLI/runtime entry point exporting `runCli`, `Cloudly`, and `ICloudlyConfig`. |
| `ts/classes.cloudly.ts` | Main service coordinator and startup order. |
| `ts/classes.server.ts` | API/dashboard server, registry bridge, and BaseOS HTTP routes. |
| `ts/manager.*` | Domain managers for auth, clusters, services, images, registry, platform, backups, BaseOS, and more. |
| `ts/connector.*` | External system connectors for MongoDB, Cloudflare, and Let's Encrypt. |
| `ts_web/` | Browser dashboard web components. |
| `ts_cliclient/` | Published `@serve.zone/cli` submodule. |
With Cloudlys Log Management capabilities, you can track and analyze system logs for better insights into your cloud ecosystems behavior:
## Accuracy Notes
```typescript
import { Cloudly } from '@serve.zone/cloudly';
async function initiateLogManagement() {
const myCloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
environment: 'development',
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: 8443,
hetznerToken: 'your_hetzner_api_token',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
};
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
await myCloudlyInstance.start();
const logs = await myCloudlyInstance.logManager.fetchLogs();
console.log('Logs:', logs);
}
initiateLogManagement();
```
Cloudly provides the tools needed to collect and process logs within your cloud infrastructure. Logs are an essential part of system validation, troubleshooting, monitoring, and auditing.
#### Secret Management and Bundles
Managing secrets securely and efficiently is critical for cloud operations. Cloudly allows you to create and manage secret groups and bundles that can be used across multiple applications and environments:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
async function createSecrets() {
const myCloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
environment: 'development',
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: 8443,
hetznerToken: 'your_hetzner_api_token',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
};
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
await myCloudlyInstance.start();
const newSecretGroup = await myCloudlyInstance.secretManager.createSecretGroup({
name: 'example_secret_group',
secrets: [
{ key: 'SECRET_KEY', value: 's3cr3t' },
],
});
const newSecretBundle = await myCloudlyInstance.secretManager.createSecretBundle({
name: 'example_bundle',
secretGroups: [newSecretGroup],
});
console.log('Created Secret Group and Bundle:', newSecretGroup, newSecretBundle);
}
createSecrets();
```
Secrets, such as API keys and sensitive configuration data, are managed efficiently using secret groups and bundles. This structured approach to secret management enhances both security and accessibility.
### Task Scheduling and Management
With task buffers, you can schedule and manage background tasks integral to cloud operations:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
import { TaskBuffer } from '@push.rocks/taskbuffer';
async function scheduleTasks() {
const myCloudlyConfig = {
cfToken: 'your_cloudflare_api_token',
environment: 'development',
letsEncryptEmail: 'lets_encrypt_email@example.com',
publicUrl: 'example.com',
publicPort: 8443,
hetznerToken: 'your_hetzner_api_token',
mongoDescriptor: {
mongoDbUrl: 'mongodb+srv://<username>:<password>@<cluster>.mongodb.net/myFirstDatabase',
mongoDbName: 'myDatabase',
mongoDbUser: 'myUser',
mongoDbPass: 'myPassword',
},
};
const myCloudlyInstance = new Cloudly(myCloudlyConfig);
await myCloudlyInstance.start();
const taskManager = new TaskBuffer();
taskManager.scheduleEvery('minute', async () => {
console.log('Running scheduled task...');
// Task logic
});
console.log('Tasks scheduled.');
}
scheduleTasks();
```
The example demonstrates setting up periodic task execution using task buffers as part of Cloudly's task management. Whether it's maintenance routines, data updates, or resource checks, tasks can be managed effectively.
This comprehensive overview of `@serve.zone/cloudly` is designed to help you leverage its full capabilities in managing multi-cloud environments. Each example is meant to serve as a starting point, and you are encouraged to explore further by consulting the relevant sections in the documentation, engaging with community discussions, or experimenting in your own environment.
The package metadata and settings schema include fields for several cloud providers. The code paths currently exercised in this repository are Cloudflare for ACME DNS-01 and domain sync, Hetzner for selected node/bare-metal provisioning paths, S3-compatible storage, SMB/S3 backup archive targets, MongoDB/SmartData, CoreBuild, Coreflow, Corestore, and optional dcrouter integration. Several provider connection tests and predefined tasks are configuration checks or implementation shells; verify provider-specific behavior in the relevant manager before relying on it operationally.
## License and Legal Information
This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository.
This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](./license) file.
**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
### Trademarks
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.
Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.
### Company Information
Task Venture Capital GmbH
Registered at District court Bremen HRB 35230 HB, Germany
Registered at District Court Bremen HRB 35230 HB, Germany
For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
For any legal inquiries or further information, please contact us via email at hello@task.vc.
By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
scripts/deployclusterconfigs.ts
+8 -10
View File
@@ -1,4 +1,4 @@
import { expect, tap } from '@push.rocks/tapbundle';
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { Qenv } from '@push.rocks/qenv';
const testQenv = new Qenv('./', './.nogit/');
@@ -12,17 +12,15 @@ let testCloudly: cloudly.Cloudly;
tap.test('first test', async () => {
const cloudlyConfig: cloudly.ICloudlyConfig = {
cfToken: await testQenv.getEnvVarOnDemand('CF_TOKEN'),
environment: 'integration',
letsEncryptEmail: await testQenv.getEnvVarOnDemand('LETSENCRYPT_EMAIL'),
publicUrl: await testQenv.getEnvVarOnDemand('SERVEZONE_URL'),
publicPort: await testQenv.getEnvVarOnDemand('SERVEZONE_PORT'),
letsEncryptEmail: await testQenv.getEnvVarOnDemandStrict('LETSENCRYPT_EMAIL'),
publicUrl: await testQenv.getEnvVarOnDemandStrict('SERVEZONE_URL'),
publicPort: await testQenv.getEnvVarOnDemandStrict('SERVEZONE_PORT'),
mongoDescriptor: {
mongoDbName: await testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
mongoDbPass: await testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
mongoDbUrl: await testQenv.getEnvVarOnDemand('MONGODB_URL')
mongoDbName: await testQenv.getEnvVarOnDemandStrict('MONGODB_DATABASE'),
mongoDbPass: await testQenv.getEnvVarOnDemandStrict('MONGODB_PASSWORD'),
mongoDbUrl: await testQenv.getEnvVarOnDemandStrict('MONGODB_URL')
},
digitalOceanToken: await testQenv.getEnvVarOnDemand('DIGITALOCEAN_TOKEN')
};
testCloudly = new cloudly.Cloudly(cloudlyConfig);
expect(testCloudly).toBeInstanceOf(cloudly.Cloudly);
@@ -36,4 +34,4 @@ tap.test('should end the service', async () => {
await testCloudly.stop();
});
tap.start();
export default tap.start();
scripts/informofnewcontainer.ts
+10 -12
View File
@@ -1,10 +1,10 @@
import { expect, tap } from '@push.rocks/tapbundle';
import { expect, tap } from '@git.zone/tstest/tapbundle';
import { Qenv } from '@push.rocks/qenv';
const testQenv = new Qenv('./', './.nogit/');
delete process.env.CLI_CALL;
import * as cloudly from '../ts/index';
import * as cloudly from '../ts/index.js';
process.env.TESTING_CLOUDLY = 'true';
@@ -12,20 +12,18 @@ let testCloudly: cloudly.Cloudly;
tap.test('first test', async () => {
const cloudlyConfig: cloudly.ICloudlyConfig = {
cfToken: testQenv.getEnvVarOnDemand('CF_TOKEN'),
environment: 'integration',
letsEncryptEmail: testQenv.getEnvVarOnDemand('LETSENCRYPT_EMAIL'),
publicUrl: testQenv.getEnvVarOnDemand('SERVEZONE_URL'),
publicPort: testQenv.getEnvVarOnDemand('SERVEZONE_PORT'),
letsEncryptEmail: await testQenv.getEnvVarOnDemandStrict('LETSENCRYPT_EMAIL'),
publicUrl: await testQenv.getEnvVarOnDemandStrict('SERVEZONE_URL'),
publicPort: await testQenv.getEnvVarOnDemandStrict('SERVEZONE_PORT'),
mongoDescriptor: {
mongoDbName: testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
mongoDbPass: testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
mongoDbUrl: testQenv.getEnvVarOnDemand('MONGODB_URL')
mongoDbName: await testQenv.getEnvVarOnDemandStrict('MONGODB_DATABASE'),
mongoDbPass: await testQenv.getEnvVarOnDemandStrict('MONGODB_PASSWORD'),
mongoDbUrl: await testQenv.getEnvVarOnDemandStrict('MONGODB_URL')
},
digitalOceanToken: testQenv.getEnvVarOnDemand('DIGITALOCEAN_TOKEN')
};
testCloudly = new cloudly.Cloudly(cloudlyConfig);
expect(testCloudly).to.be.instanceof(cloudly.Cloudly);
expect(testCloudly).toBeInstanceOf(cloudly.Cloudly);
});
tap.test('should init servezone', async () => {
@@ -36,4 +34,4 @@ tap.test('should end the service', async () => {
await testCloudly.stop();
});
tap.start();
export default tap.start();
test/helpers/cloudlyfactory.ts
+33 -9
View File
@@ -1,30 +1,54 @@
import { Qenv } from '@push.rocks/qenv';
import { SmartNetwork } from '@push.rocks/smartnetwork';
import { tap } from '@git.zone/tstest/tapbundle';
import { TapNodeTools } from '@git.zone/tstest/tapbundle_serverside';
const tapNodeTools = new TapNodeTools(tap);
const testQenv = new Qenv('./', './.nogit/');
import * as cloudly from '../../ts/index.js';
const stopFunctions: Array<() => Promise<void>> = [];
const tapToolsNodeMod = await import('@push.rocks/tapbundle/node');
const smartmongo = await tapToolsNodeMod.tapNodeTools.createSmartmongo();
const getPublicPort = async () => {
if (process.env.SERVEZONE_TEST_PORT) {
return process.env.SERVEZONE_TEST_PORT;
}
const smartnetwork = new SmartNetwork();
const publicPort = await smartnetwork.findFreePort(30000, 40000, { randomize: true });
if (!publicPort) {
throw new Error('Could not find a free Cloudly test port in range 30000-40000');
}
return String(publicPort);
};
const smartmongo = await tapNodeTools.createSmartmongo();
stopFunctions.push(async () => {
await smartmongo.stopAndDumpToDir('./.nogit/mongodump');
});
const smarts3 = await tapToolsNodeMod.tapNodeTools.createSmarts3();
await smarts3.createBucket('cloudly-test');
const smartstorage = await tapNodeTools.createSmartStorage();
await smartstorage.createBucket('cloudly_test_bucket');
stopFunctions.push(async () => {
await smarts3.stop();
await smartstorage.stop();
});
export const testCloudlyAdminAccount = {
username: 'testadmin',
password: 'testpassword',
};
export const testCloudlyConfig: cloudly.ICloudlyConfig = {
cfToken: await testQenv.getEnvVarOnDemand('CF_TOKEN'),
environment: 'integration',
letsEncryptEmail: 'test@serve.zone',
publicUrl: '127.0.0.1',
publicPort: '8080',
publicPort: await getPublicPort(),
mongoDescriptor: await smartmongo.getMongoDescriptor(),
s3Descriptor: await smarts3.getS3Descriptor(),
s3Descriptor: await smartstorage.getStorageDescriptor({
bucketName: 'cloudly_test_bucket'
}),
sslMode: 'none',
servezoneAdminaccount: `${testCloudlyAdminAccount.username}:${testCloudlyAdminAccount.password}`,
...(() => {
if (process.env.NPMCI_SECRET01) {
return {
@@ -34,7 +58,7 @@ export const testCloudlyConfig: cloudly.ICloudlyConfig = {
})(),
};
await tapToolsNodeMod.tapNodeTools.testFileProvider.getDockerAlpineImageAsLocalTarball();
await tapNodeTools.testFileProvider.getDockerAlpineImageAsLocalTarball();
export const createCloudly = async () => {
const cloudlyInstance = new cloudly.Cloudly(testCloudlyConfig);
test/test.apiclient.ts
+367 -28
View File
@@ -1,21 +1,31 @@
import { tap, expect } from '@push.rocks/tapbundle';
import { tap, expect } from '@git.zone/tstest/tapbundle';
import * as helpers from './helpers/index.js';
import * as cloudly from '../ts/index.js';
import * as cloudlyApiClient from '../ts_apiclient/index.js';
import { Image } from '../ts_apiclient/classes.image.js';
import * as cloudlyApiClient from '@serve.zone/api';
let testCloudly: cloudly.Cloudly;
let testClient: cloudlyApiClient.CloudlyApiClient;
const logErrorDetails = (errorArg: unknown) => {
if (errorArg instanceof Error) {
console.error(` - Error message: ${errorArg.message}`);
console.error(` - Error stack:`, errorArg.stack);
return;
}
console.error(` - Error:`, errorArg);
};
tap.preTask('should start cloudly', async () => {
testCloudly = await helpers.createCloudly();
await testCloudly.start();
});
tap.preTask('should create a new machine user for testing', async () => {
console.log('🔵 PreTask: Creating first machine user...');
const machineUser = new testCloudly.authManager.CUser();
machineUser.id = await testCloudly.authManager.CUser.getNewId();
console.log(` - User ID: ${machineUser.id}`);
machineUser.data = {
type: 'machine',
username: 'test',
@@ -27,48 +37,377 @@ tap.preTask('should create a new machine user for testing', async () => {
}],
role: 'admin',
};
console.log(` - Username: ${machineUser.data.username}`);
console.log(` - Role: ${machineUser.data.role}`);
console.log(` - Token: 'test'`);
console.log(` - Token roles: ${machineUser.data.tokens?.[0]?.assignedRoles?.join(', ') ?? ''}`);
await machineUser.save();
console.log('✅ PreTask: First machine user saved successfully');
});
tap.test('should create a new cloudlyApiClient', async () => {
console.log('🔵 Test: Creating CloudlyApiClient...');
testClient = new cloudlyApiClient.CloudlyApiClient({
registerAs: 'api',
cloudlyUrl: `http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}`,
});
console.log(` - URL: http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}`);
await testClient.start();
console.log('✅ CloudlyApiClient started successfully');
expect(testClient).toBeTruthy();
});
tap.test('create a new machine user', async () => {
const machineUser = await testCloudly.authManager.CUser.createMachineUser('test', 'api');
machineUser.data.tokens.push({
token: 'test',
expiresAt: Date.now() + 3600 * 1000 * 24 * 365,
assignedRoles: ['api'],
})
await machineUser.save();
})
tap.test('should get an identity', async () => {
const identity = await testClient.getIdentityByToken('test');
expect(identity).toBeTruthy();
console.log(identity);
tap.test('DEBUG: Check existing users', async () => {
console.log('🔍 DEBUG: Checking existing users in database...');
const allUsers = await testCloudly.authManager.CUser.getInstances({});
console.log(` - Total users found: ${allUsers.length}`);
for (const user of allUsers) {
console.log(` - User: ${user.data.username} (ID: ${user.id})`);
console.log(` - Type: ${user.data.type}`);
console.log(` - Role: ${user.data.role}`);
console.log(` - Tokens: ${user.data.tokens?.length ?? 0}`);
for (const token of user.data.tokens ?? []) {
console.log(` - Token: '${token.token}' | Roles: ${token.assignedRoles?.join(', ')}`);
}
}
});
let image: Image;
tap.test('should create and upload an image', async () => {
image = await testClient.image.createImage({
name: 'test',
description: 'test'
tap.test('should get an identity', async () => {
console.log('🔵 Test: Getting identity by token...');
console.log(` - Using token: 'test'`);
console.log(` - API URL: http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}`);
try {
const identity = await testClient.getIdentityByToken('test');
console.log('✅ Identity retrieved successfully:');
console.log(` - Identity exists: ${!!identity}`);
if (identity) {
console.log(` - Identity data:`, JSON.stringify(identity, null, 2));
}
expect(identity).toBeTruthy();
} catch (error) {
console.error('❌ Failed to get identity:');
logErrorDetails(error);
throw error;
}
});
tap.test('should expose the OCI registry endpoint', async () => {
const response = await fetch(
`http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}/v2/`,
);
expect(response.status).toEqual(200);
expect(response.headers.get('docker-distribution-api-version')).toEqual('registry/2.0');
});
tap.test('should require authentication for OCI registry tokens', async () => {
const response = await fetch(
`http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}/v2/token?service=cloudly&scope=repository:test/app:pull`,
);
expect(response.status).toEqual(401);
});
tap.test('should issue OCI registry tokens for the initial admin', async () => {
const credentials = Buffer.from(
`${helpers.testCloudlyAdminAccount.username}:${helpers.testCloudlyAdminAccount.password}`,
).toString('base64');
const response = await fetch(
`http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}/v2/token?service=cloudly&scope=repository:test/app:pull,push`,
{
headers: {
Authorization: `Basic ${credentials}`,
},
},
);
const body = await response.json();
expect(response.status).toEqual(200);
expect(body.token).toBeTruthy();
expect(body.access_token).toEqual(body.token);
});
tap.test('should deny OCI registry push tokens for non-admin users', async () => {
const readonlyUsername = 'registry-readonly';
const readonlyToken = 'registry-readonly-token';
const readonlyUser = new testCloudly.authManager.CUser();
readonlyUser.id = await testCloudly.authManager.CUser.getNewId();
readonlyUser.data = {
type: 'machine',
username: readonlyUsername,
password: readonlyToken,
tokens: [{
token: readonlyToken,
expiresAt: Date.now() + 3600 * 1000,
assignedRoles: [],
}],
role: 'user',
};
await readonlyUser.save();
const credentials = Buffer.from(`${readonlyUsername}:${readonlyToken}`).toString('base64');
const pullResponse = await fetch(
`http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}/v2/token?service=cloudly&scope=repository:test/readonly:pull`,
{
headers: {
Authorization: `Basic ${credentials}`,
},
},
);
expect(pullResponse.status).toEqual(200);
const pushResponse = await fetch(
`http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}/v2/token?service=cloudly&scope=repository:test/readonly:pull,push`,
{
headers: {
Authorization: `Basic ${credentials}`,
},
},
);
expect(pushResponse.status).toEqual(403);
});
tap.test('should expose generated service registry targets', async () => {
const image = await testClient.image.createImage({
name: 'Registry Target Test Image',
description: 'Image used by the registry target test',
});
console.log('created image: ', image);
expect(image).toBeInstanceOf(Image);
const service = await testClient.services.createService({
name: 'Registry Target Test Service',
description: 'Service used by the registry target test',
imageId: image.id,
imageVersion: 'latest',
environment: {},
secretBundleId: '',
serviceCategory: 'workload',
deploymentStrategy: 'custom',
scaleFactor: 1,
balancingStrategy: 'round-robin',
ports: {
web: 3000,
},
domains: [],
deploymentIds: [],
});
const registryTarget = await testClient.services.getRegistryTarget(service.id, 'latest');
expect(registryTarget.protocol).toEqual('oci');
expect(registryTarget.registryHost).toEqual(`${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}`);
expect(registryTarget.repository.startsWith('workloads/registry-target-test-service-')).toBeTrue();
expect(registryTarget.repository.split('/').every((partArg) => /^[a-z0-9]+(?:-[a-z0-9]+)*$/.test(partArg))).toBeTrue();
expect(registryTarget.imageUrl).toEqual(`${registryTarget.registryHost}/${registryTarget.repository}:latest`);
const refreshedService = await testClient.services.getServiceById(service.id);
expect(refreshedService.data.registryTarget?.imageUrl).toEqual(registryTarget.imageUrl);
});
tap.test('should trim truncated registry repository suffixes', async () => {
const registryTarget = testCloudly.registryManager.getServiceRegistryTarget({
id: 'service-5gv-123456',
data: {
name: 'Registry Target Test Service',
},
} as any);
expect(registryTarget.repository).toEqual('workloads/registry-target-test-service-service-5gv');
expect(registryTarget.repository.split('/').every((partArg) => /^[a-z0-9]+(?:-[a-z0-9]+)*$/.test(partArg))).toBeTrue();
});
tap.test('should push service config updates to connected coreflows', async (toolsArg) => {
const cluster = await testClient.cluster.createCluster('Registry Config Push Test Cluster');
const persistedCluster = await testCloudly.clusterManager.getConfigBy_ConfigID(cluster.id);
const clusterUser = await testCloudly.authManager.CUser.getInstance({
id: persistedCluster.data.userId,
});
const clusterToken = clusterUser.data.tokens?.[0]?.token;
expect(clusterToken).toBeTruthy();
const coreflowClient = new cloudlyApiClient.CloudlyApiClient({
registerAs: 'coreflow',
cloudlyUrl: `http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}`,
});
const configUpdates: any[] = [];
let subscription: { unsubscribe: () => void } | undefined;
try {
await coreflowClient.start();
await coreflowClient.getIdentityByToken(clusterToken!, {
statefullIdentity: true,
tagConnection: true,
});
subscription = coreflowClient.configUpdateSubject.subscribe((updateArg) => {
configUpdates.push(updateArg);
});
const image = await testClient.image.createImage({
name: 'Registry Config Push Test Image',
description: 'Image used by the config push test',
});
const service = await testClient.services.createService({
name: 'Registry Config Push Test Service',
description: 'Service used by the config push test',
imageId: image.id,
imageVersion: 'latest',
environment: {},
secretBundleId: '',
serviceCategory: 'workload',
deploymentStrategy: 'custom',
scaleFactor: 1,
balancingStrategy: 'round-robin',
ports: {
web: 3000,
},
domains: [],
deploymentIds: [],
});
await toolsArg.delayFor(100);
expect(configUpdates[0]?.configData.id).toEqual(cluster.id);
expect(configUpdates[0]?.services.find((serviceArg: any) => serviceArg.id === service.id)).toBeTruthy();
} finally {
subscription?.unsubscribe();
await coreflowClient.stop();
}
});
tap.test('should allow cluster coreflows to read deployment inputs', async () => {
const cluster = await testClient.cluster.createCluster('Registry Coreflow Read Test Cluster');
const persistedCluster = await testCloudly.clusterManager.getConfigBy_ConfigID(cluster.id);
const clusterUser = await testCloudly.authManager.CUser.getInstance({
id: persistedCluster.data.userId,
});
const clusterToken = clusterUser.data.tokens?.[0]?.token;
expect(clusterToken).toBeTruthy();
const image = await testClient.image.createImage({
name: 'Registry Coreflow Read Test Image',
description: 'Image used by the coreflow read test',
});
const secretBundle = await testClient.secretbundle.createSecretBundle({
name: 'Registry Coreflow Read Test Secret Bundle',
description: 'Secret bundle used by the coreflow read test',
type: 'service',
includedSecretGroupIds: [],
includedTags: [],
imageClaims: [],
authorizations: [
{
environment: 'production',
secretAccessKey: 'registry-coreflow-read-test',
},
],
});
const coreflowClient = new cloudlyApiClient.CloudlyApiClient({
registerAs: 'coreflow',
cloudlyUrl: `http://${helpers.testCloudlyConfig.publicUrl}:${helpers.testCloudlyConfig.publicPort}`,
});
try {
await coreflowClient.start();
await coreflowClient.getIdentityByToken(clusterToken!, {
statefullIdentity: true,
tagConnection: true,
});
const clusterImage = await coreflowClient.image.getImageById(image.id);
const clusterSecretBundle = await coreflowClient.secretbundle.getSecretBundleById(secretBundle.id);
expect(clusterImage.id).toEqual(image.id);
expect(clusterSecretBundle.id).toEqual(secretBundle.id);
} finally {
await coreflowClient.stop();
}
});
tap.test('should expose platform desired state', async () => {
const capabilitiesResponse = await testClient.platform.getPlatformCapabilities();
expect(capabilitiesResponse.capabilities.find((capability) => capability.id === 'database')).toBeTruthy();
const desiredState = await testClient.platform.getPlatformDesiredState();
expect(desiredState.capabilities).toBeTruthy();
expect(desiredState.providerConfigs).toBeTruthy();
expect(desiredState.bindings).toBeTruthy();
});
let platformProviderConfigId: string;
let platformBindingId: string;
tap.test('should upsert platform provider config and binding', async () => {
const providerConfigResponse = await testClient.platform.upsertPlatformProviderConfig({
id: '',
capability: 'database',
providerType: 'docker',
name: 'Local Docker Database',
enabled: true,
});
platformProviderConfigId = providerConfigResponse.providerConfig.id;
expect(platformProviderConfigId).toBeTruthy();
const bindingResponse = await testClient.platform.upsertPlatformBinding({
id: '',
serviceId: 'test-service',
capability: 'database',
desiredState: 'enabled',
status: 'requested',
providerConfigId: platformProviderConfigId,
});
platformBindingId = bindingResponse.binding.id;
expect(platformBindingId).toBeTruthy();
const statusResponse = await testClient.platform.updatePlatformBindingStatus({
bindingId: platformBindingId,
status: 'ready',
endpoints: [
{
name: 'primary',
capability: 'database',
protocol: 'mongodb',
internalUrl: 'mongodb://platform-database:27017/test-service',
},
],
});
expect(statusResponse.binding.status).toEqual('ready');
const bindingsResponse = await testClient.platform.getPlatformBindings({
serviceId: 'test-service',
});
expect(bindingsResponse.bindings.find((binding) => binding.id === platformBindingId)).toBeTruthy();
});
let image: any;
tap.test('should create and upload an image', async () => {
console.log('🔵 Test: Creating and uploading image...');
console.log(` - Image name: 'test'`);
console.log(` - Image description: 'test'`);
try {
image = await testClient.image.createImage({
name: 'test',
description: 'test'
});
console.log('✅ Image created successfully:');
console.log(` - Image ID: ${image?.id}`);
console.log(` - Image data:`, image);
expect(image).toBeTruthy();
} catch (error) {
console.error('❌ Failed to create image:');
logErrorDetails(error);
throw error;
}
})
tap.test('should upload an image version', async () => {
const imageStream = await helpers.getAlpineImageReadableStream();
await image.pushImageVersion('v1.0.0', imageStream);
console.log('🔵 Test: Uploading image version...');
console.log(` - Version: 'v1.0.0'`);
console.log(` - Image exists: ${!!image}`);
console.log(` - Image ID: ${image?.id}`);
try {
const imageStream = await helpers.getAlpineImageReadableStream();
console.log(' - Image stream obtained successfully');
await image.pushImageVersion('v1.0.0', imageStream);
console.log('✅ Image version uploaded successfully');
} catch (error) {
console.error('❌ Failed to upload image version:');
logErrorDetails(error);
throw error;
}
});
tap.test('should stop the apiclient', async (toolsArg) => {
@@ -78,4 +417,4 @@ tap.test('should stop the apiclient', async (toolsArg) => {
await testCloudly.stop();
})
export default tap.start();
export default tap.start();
test/test.ts
+2 -2
View File
@@ -1,4 +1,4 @@
import { expect, tap } from '@push.rocks/tapbundle';
import { expect, tap } from '@git.zone/tstest/tapbundle';
import * as helpers from './helpers/index.js';
import * as cloudly from '../ts/index.js';
@@ -20,4 +20,4 @@ tap.test('should end the service', async (tools) => {
tools.delayFor(1000).then(() => process.exit());
});
tap.start();
export default tap.start();
test/test_latest.sh
+32 -1
View File
@@ -1 +1,32 @@
echo 'hi'
#!/usr/bin/env bash
set -euo pipefail
node --input-type=module <<'NODE'
import fs from 'node:fs';
const readJson = (path) => JSON.parse(fs.readFileSync(path, 'utf8'));
const checks = {
packageVersion: readJson('/app/package.json').version,
interfacesVersion: readJson('/app/node_modules/@serve.zone/interfaces/package.json').version,
apiVersion: readJson('/app/node_modules/@serve.zone/api/package.json').version,
hasDistServe: fs.existsSync('/app/dist_serve/index.html'),
};
await import('/app/dist_ts/index.js');
if (checks.packageVersion !== '5.3.0') {
throw new Error(`Unexpected Cloudly package version ${checks.packageVersion}`);
}
if (checks.interfacesVersion !== '5.4.6') {
throw new Error(`Unexpected interfaces version ${checks.interfacesVersion}`);
}
if (checks.apiVersion !== '5.3.4') {
throw new Error(`Unexpected api version ${checks.apiVersion}`);
}
if (!checks.hasDistServe) {
throw new Error('Missing dist_serve/index.html');
}
console.log(JSON.stringify(checks));
NODE
ts/00_commitinfo_data.ts
+1 -1
View File
@@ -3,6 +3,6 @@
*/
export const commitinfo = {
name: '@serve.zone/cloudly',
version: '4.5.5',
version: '5.6.0',
description: 'A comprehensive tool for managing containerized applications across multiple cloud providers using Docker Swarmkit, featuring web, CLI, and API interfaces.'
}
ts/00demo/demo.data.images.ts
+5 -1
View File
@@ -6,8 +6,12 @@ export const demoImages: plugins.servezoneInterfaces.data.IImage[] = [
data: {
name: 'DemoImage1',
description: 'DemoImage1',
location: {
internal: true,
externalRegistryId: '',
externalImageTag: '',
},
versions: [],
}
}
];
ts/00demo/demo.data.secrets.ts
+1 -1
View File
@@ -63,7 +63,7 @@ for (let i = 0; i < demoSecretGroups.length; i++) {
id: `configBundleId${i + 1}`,
data: {
name: `Demo Config Bundle ${i + 1}`,
includedImages: [],
imageClaims: [],
type: 'external',
description: 'Demo Purpose',
includedSecretGroupIds: [secretGroup.id],
ts/classes.cloudly.ts
+72 -13
View File
@@ -16,13 +16,24 @@ import { MongodbConnector } from './connector.mongodb/connector.js';
// processes
import { CloudlyCoreflowManager } from './manager.coreflow/coreflowmanager.js';
import { ClusterManager } from './manager.cluster/classes.clustermanager.js';
import { CloudlyTaskmanager } from './manager.task/taskmanager.js';
import { CloudlyTaskManager } from './manager.task/classes.taskmanager.js';
import { CloudlySecretManager } from './manager.secret/classes.secretmanager.js';
import { CloudlyServerManager } from './manager.server/classes.servermanager.js';
import { CloudlyNodeManager } from './manager.node/classes.nodemanager.js';
import { CloudlyBaremetalManager } from './manager.baremetal/classes.baremetalmanager.js';
import { ExternalApiManager } from './manager.status/statusmanager.js';
import { ExternalRegistryManager } from './manager.externalregistry/index.js';
import { CloudlyRegistryManager } from './manager.registry/index.js';
import { ImageManager } from './manager.image/classes.imagemanager.js';
import { ServiceManager } from './manager.service/classes.servicemanager.js';
import { DeploymentManager } from './manager.deployment/classes.deploymentmanager.js';
import { DnsManager } from './manager.dns/classes.dnsmanager.js';
import { DomainManager } from './manager.domain/classes.domainmanager.js';
import { logger } from './logger.js';
import { CloudlyAuthManager } from './manager.auth/classes.authmanager.js';
import { CloudlySettingsManager } from './manager.settings/classes.settingsmanager.js';
import { CloudlyPlatformManager } from './manager.platform/classes.platformmanager.js';
import { CloudlyBackupManager } from './manager.backup/classes.backupmanager.js';
import { CloudlyBaseOsManager } from './manager.baseos/classes.baseosmanager.js';
/**
* Cloudly class can be used to instantiate a cloudly server.
@@ -51,16 +62,27 @@ export class Cloudly {
// managers
public authManager: CloudlyAuthManager;
public secretManager: CloudlySecretManager;
public settingsManager: CloudlySettingsManager;
public platformManager: CloudlyPlatformManager;
public clusterManager: ClusterManager;
public coreflowManager: CloudlyCoreflowManager;
public externalApiManager: ExternalApiManager;
public externalRegistryManager: ExternalRegistryManager;
public registryManager: CloudlyRegistryManager;
public imageManager: ImageManager;
public taskManager: CloudlyTaskmanager;
public serverManager: CloudlyServerManager;
public serviceManager: ServiceManager;
public deploymentManager: DeploymentManager;
public dnsManager: DnsManager;
public domainManager: DomainManager;
public taskManager: CloudlyTaskManager;
public backupManager: CloudlyBackupManager;
public nodeManager: CloudlyNodeManager;
public baremetalManager: CloudlyBaremetalManager;
public baseOsManager: CloudlyBaseOsManager;
private readyDeferred = new plugins.smartpromise.Deferred();
private configOptions: plugins.servezoneInterfaces.data.ICloudlyConfig;
private configOptions?: plugins.servezoneInterfaces.data.ICloudlyConfig;
constructor(configArg?: plugins.servezoneInterfaces.data.ICloudlyConfig) {
this.configOptions = configArg;
this.cloudlyInfo = new CloudlyInfo(this);
@@ -77,13 +99,24 @@ export class Cloudly {
// managers
this.authManager = new CloudlyAuthManager(this);
this.settingsManager = new CloudlySettingsManager(this);
this.platformManager = new CloudlyPlatformManager(this);
this.clusterManager = new ClusterManager(this);
this.coreflowManager = new CloudlyCoreflowManager(this);
this.externalApiManager = new ExternalApiManager(this);
this.externalRegistryManager = new ExternalRegistryManager(this);
this.registryManager = new CloudlyRegistryManager(this);
this.imageManager = new ImageManager(this);
this.taskManager = new CloudlyTaskmanager(this);
this.serviceManager = new ServiceManager(this);
this.deploymentManager = new DeploymentManager(this);
this.dnsManager = new DnsManager(this);
this.domainManager = new DomainManager(this);
this.taskManager = new CloudlyTaskManager(this);
this.backupManager = new CloudlyBackupManager(this);
this.baseOsManager = new CloudlyBaseOsManager(this);
this.secretManager = new CloudlySecretManager(this);
this.serverManager = new CloudlyServerManager(this);
this.nodeManager = new CloudlyNodeManager(this);
this.baremetalManager = new CloudlyBaremetalManager(this);
}
/**
@@ -94,21 +127,37 @@ export class Cloudly {
// config
await this.config.init(this.configOptions);
// database (data comes from config)
await this.mongodbConnector.init();
// settings (are stored in db)
await this.settingsManager.init();
// manageers
await this.authManager.start();
await this.secretManager.start();
await this.serverManager.start();
// connectors
await this.mongodbConnector.init();
await this.nodeManager.start();
await this.baremetalManager.start();
await this.serviceManager.start();
await this.platformManager.start();
await this.deploymentManager.start();
await this.taskManager.init();
await this.backupManager.start();
await this.baseOsManager.start();
await this.registryManager.start();
await this.domainManager.init();
await this.cloudflareConnector.init();
await this.letsencryptConnector.init();
if (this.config.data.sslMode === 'letsencrypt') {
await this.letsencryptConnector.init();
}
await this.clusterManager.init();
await this.server.start();
this.readyDeferred.resolve();
// start the managers
this.imageManager.start();
this.externalRegistryManager.start();
}
/**
@@ -116,8 +165,18 @@ export class Cloudly {
*/
public async stop() {
await this.server.stop();
await this.letsencryptConnector.stop();
if (this.config.data.sslMode === 'letsencrypt') {
await this.letsencryptConnector.stop();
}
await this.mongodbConnector.stop();
await this.secretManager.stop();
await this.serviceManager.stop();
await this.platformManager.stop();
await this.deploymentManager.stop();
await this.taskManager.stop();
await this.backupManager.stop();
await this.baseOsManager.stop();
await this.registryManager.stop();
await this.externalRegistryManager.stop();
}
}
ts/classes.cloudlyinfo.ts
+1 -1
View File
@@ -9,5 +9,5 @@ export class CloudlyInfo {
this.cloudlyRef = cloudlyRefArg;
}
public projectInfo = new plugins.projectinfo.ProjectInfo(paths.packageDir);
public projectInfo = plugins.projectinfo.ProjectInfo.create(paths.packageDir);
}
ts/classes.config.ts
+9 -11
View File
@@ -8,8 +8,8 @@ import type { Cloudly } from './classes.cloudly.js';
*/
export class CloudlyConfig {
public cloudlyRef: Cloudly;
public appData: plugins.npmextra.AppData<plugins.servezoneInterfaces.data.ICloudlyConfig>;
public data: plugins.servezoneInterfaces.data.ICloudlyConfig;
public appData!: plugins.smartconfig.AppData<plugins.servezoneInterfaces.data.ICloudlyConfig>;
public data!: plugins.servezoneInterfaces.data.ICloudlyConfig;
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
@@ -17,42 +17,40 @@ export class CloudlyConfig {
public async init(configArg?: plugins.servezoneInterfaces.data.ICloudlyConfig) {
this.appData =
await plugins.npmextra.AppData.createAndInit<plugins.servezoneInterfaces.data.ICloudlyConfig>(
await plugins.smartconfig.AppData.createAndInit<plugins.servezoneInterfaces.data.ICloudlyConfig>(
{
envMapping: {
cfToken: 'CF_TOKEN',
environment: 'SERVEZONE_ENVIRONMENT' as 'production' | 'integration',
letsEncryptEmail: 'hard:domains@lossless.org',
hetznerToken: 'HETZNER_API_TOKEN',
letsEncryptPrivateKey: null,
letsEncryptPrivateKey: undefined,
publicUrl: 'SERVEZONE_URL',
publicPort: 'SERVEZONE_PORT',
mongoDescriptor: {
mongoDbUrl: 'MONGODB_URL',
mongoDbName: 'MONGODB_DATABASE',
mongoDbName: 'MONGODB_NAME',
mongoDbUser: 'MONGODB_USER',
mongoDbPass: 'MONGODB_PASSWORD',
mongoDbPass: 'MONGODB_PASS',
},
s3Descriptor: {
endpoint: 'S3_ENDPOINT',
accessKey: 'S3_ACCESSKEY',
accessSecret: 'S3_SECRETKEY',
port: 'S3_PORT', // Note: This will remain as a string. Ensure to parse it to an integer where it's used.
useSsl: true,
useSsl: 'boolean:S3_USESSL' as any as boolean,
bucketName: 'S3_BUCKET'
},
sslMode:
'SERVEZONE_SSLMODE' as plugins.servezoneInterfaces.data.ICloudlyConfig['sslMode'],
servezoneAdminaccount: 'SERVEZONE_ADMINACCOUNT',
},
requiredKeys: [
'cfToken',
'hetznerToken',
'letsEncryptEmail',
'publicUrl',
'publicPort',
'sslMode',
'environment',
'mongoDescriptor',
's3Descriptor',
],
overwriteObject: configArg,
},
ts/classes.server.ts
+39 -27
View File
@@ -11,13 +11,13 @@ export class CloudlyServer {
* a reference to the cloudly instance
*/
public cloudlyRef: Cloudly;
public additionalHandlers: plugins.typedserver.servertools.Handler[] = [];
public additionalHandlers: plugins.typedserver.IRouteHandler[] = [];
/**
* the smartexpress server handling the actual requests
*/
public typedServer: plugins.typedserver.TypedServer;
public typedsocketServer: plugins.typedsocket.TypedSocket;
public typedServer!: plugins.typedserver.TypedServer;
public typedsocketServer!: plugins.typedsocket.TypedSocket;
/**
* typedrouter
@@ -39,13 +39,13 @@ export class CloudlyServer {
*/
public async start() {
logger.log('info', `cloudly domain is ${this.cloudlyRef.config.data.publicUrl}`);
let sslCert: plugins.smartacme.Cert;
let sslCert: plugins.smartacme.Cert | undefined;
if (this.cloudlyRef.config.data.sslMode === 'letsencrypt') {
logger.log('info', `Using letsencrypt for ssl mode. Trying to obtain a certificate...`);
logger.log('info', `This might take 10 minutes...`);
sslCert = await this.cloudlyRef.letsencryptConnector.getCertificateForDomain(
this.cloudlyRef.config.data.publicUrl,
this.cloudlyRef.config.data.publicUrl!,
);
logger.log(
'success',
@@ -58,23 +58,6 @@ export class CloudlyServer {
);
}
interface IRequestGuardData {
req: plugins.typedserver.Request;
res: plugins.typedserver.Response;
}
// guards
const guardIp = new plugins.smartguard.Guard<IRequestGuardData>(async (dataArg) => {
if (true) {
return true;
} else {
dataArg.res.status(500);
dataArg.res.send(`Not allowed to perform this operation!`);
dataArg.res.end();
return false;
}
});
// server
this.typedServer = new plugins.typedserver.TypedServer({
cors: true,
@@ -89,13 +72,42 @@ export class CloudlyServer {
injectReload: true,
serveDir: paths.distServeDir,
watch: true,
enableCompression: true,
preferredCompressionMethod: 'gzip',
compression: {
enabled: true,
algorithms: ['gzip'],
},
});
this.typedsocketServer = this.typedServer.typedsocket;
this.typedServer.typedrouter.addTypedRouter(this.typedrouter);
this.typedServer.server.addRoute(
this.typedServer.addRoute(
'/v2',
'ALL',
async (ctx) => this.cloudlyRef.registryManager.handleHttpRequest(ctx),
);
this.typedServer.addRoute(
'/v2/*',
'ALL',
async (ctx) => this.cloudlyRef.registryManager.handleHttpRequest(ctx),
);
this.typedServer.addRoute(
'/curlfresh/:scriptname',
this.cloudlyRef.serverManager.curlfreshInstance.handler,
'ALL',
async (ctx) => this.cloudlyRef.nodeManager.curlfreshInstance.handleRequest(ctx),
);
this.typedServer.addRoute(
'/baseos/v1/nodes/register',
'POST',
async (ctx) => this.cloudlyRef.baseOsManager.handleRegisterHttpRequest(ctx),
);
this.typedServer.addRoute(
'/baseos/v1/nodes/heartbeat',
'POST',
async (ctx) => this.cloudlyRef.baseOsManager.handleHeartbeatHttpRequest(ctx),
);
this.typedServer.addRoute(
'/baseos/v1/images/:buildId/download',
'GET',
async (ctx) => this.cloudlyRef.baseOsManager.handleImageDownloadHttpRequest(ctx),
);
await this.typedServer.start();
}
@@ -104,6 +116,6 @@ export class CloudlyServer {
* stop the reception instance
*/
public async stop() {
await this.typedServer.stop();
await this.typedServer?.stop();
}
}
ts/connector.cloudflare/connector.ts
+9 -2
View File
@@ -6,7 +6,7 @@ import { Cloudly } from '../classes.cloudly.js';
*/
export class CloudflareConnector {
private cloudlyRef: Cloudly;
public cloudflare: plugins.cloudflare.CloudflareAccount;
public cloudflare?: plugins.cloudflare.CloudflareAccount;
constructor(cloudlyArg: Cloudly) {
this.cloudlyRef = cloudlyArg;
@@ -14,6 +14,13 @@ export class CloudflareConnector {
// init the instance
public async init() {
this.cloudflare = new plugins.cloudflare.CloudflareAccount(this.cloudlyRef.config.data.cfToken);
const cloudflareToken = await this.cloudlyRef.settingsManager.getSetting('cloudflareToken');
if (!cloudflareToken) {
console.log('warn', 'No Cloudflare token configured in settings. Cloudflare features will be disabled.');
return;
}
this.cloudflare = new plugins.cloudflare.CloudflareAccount(cloudflareToken);
}
}
ts/connector.letsencrypt/connector.ts
+20 -15
View File
@@ -3,7 +3,7 @@ import { Cloudly } from '../classes.cloudly.js';
export class LetsencryptConnector {
private cloudlyRef: Cloudly;
private smartacme: plugins.smartacme.SmartAcme;
private smartacme!: plugins.smartacme.SmartAcme;
constructor(cloudlyArg: Cloudly) {
this.cloudlyRef = cloudlyArg;
@@ -18,21 +18,26 @@ export class LetsencryptConnector {
* inits letsencrypt
*/
public async init() {
if (!this.cloudlyRef.cloudflareConnector.cloudflare) {
throw new Error('Cloudflare token is required for letsencrypt DNS-01 challenges');
}
// Create DNS-01 challenge handler using Cloudflare
const dnsHandler = new plugins.smartacme.handlers.Dns01Handler(
this.cloudlyRef.cloudflareConnector.cloudflare
);
// Create MongoDB certificate manager
const certManager = new plugins.smartacme.certmanagers.MongoCertManager(
this.cloudlyRef.config.data.mongoDescriptor!
);
this.smartacme = new plugins.smartacme.SmartAcme({
accountEmail: this.cloudlyRef.config.data.letsEncryptEmail,
accountEmail: this.cloudlyRef.config.data.letsEncryptEmail!,
accountPrivateKey: this.cloudlyRef.config.data.letsEncryptPrivateKey,
environment: this.cloudlyRef.config.data.environment,
setChallenge: async (dnsChallenge) => {
await this.cloudlyRef.cloudflareConnector.cloudflare.convenience.acmeSetDnsChallenge(
dnsChallenge,
);
},
removeChallenge: async (dnsChallenge) => {
await this.cloudlyRef.cloudflareConnector.cloudflare.convenience.acmeRemoveDnsChallenge(
dnsChallenge,
);
},
mongoDescriptor: this.cloudlyRef.config.data.mongoDescriptor,
environment: this.cloudlyRef.config.data.environment!,
certManager: certManager,
challengeHandlers: [dnsHandler],
});
await this.smartacme.start().catch((err) => {
console.error('error in init', err);
@@ -44,6 +49,6 @@ export class LetsencryptConnector {
* stops the instance
*/
public async stop() {
await this.smartacme.stop();
await this.smartacme?.stop();
}
}
ts/connector.mongodb/connector.ts
+2 -2
View File
@@ -4,7 +4,7 @@ import { Cloudly } from '../classes.cloudly.js';
export class MongodbConnector {
// INSTANCE
private cloudlyRef: Cloudly;
public smartdataDb: plugins.smartdata.SmartdataDb;
public smartdataDb!: plugins.smartdata.SmartdataDb;
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
@@ -12,7 +12,7 @@ export class MongodbConnector {
public async init() {
this.smartdataDb = new plugins.smartdata.SmartdataDb(
this.cloudlyRef.config.data.mongoDescriptor,
this.cloudlyRef.config.data.mongoDescriptor!,
);
await this.smartdataDb.init();
}
ts/index.ts
+6 -3
View File
@@ -11,7 +11,7 @@ early.stop();
* starts the cloudly instance
*/
const runCli = async () => {
logger.log('info', process.env.SERVEZONE_ENVIRONMENT);
logger.log('info', process.env.SERVEZONE_ENVIRONMENT || '');
const cloudlyInstance = new Cloudly();
logger.log(
@@ -20,8 +20,11 @@ const runCli = async () => {
);
await cloudlyInstance.start();
const demoMod = await import('./00demo/index.js');
demoMod.installDemoData(cloudlyInstance);
if (process.env.SERVEZONE_INSTALL_DEMO_DATA === 'true') {
logger.log('warn', 'SERVEZONE_INSTALL_DEMO_DATA=true: installing destructive demo data');
const demoMod = await import('./00demo/index.js');
await demoMod.installDemoData(cloudlyInstance);
}
};
export { runCli, Cloudly };
ts/logger.ts
+6 -6
View File
@@ -3,12 +3,12 @@ import * as paths from './paths.js';
export const logger = new plugins.smartlog.Smartlog({
logContext: {
company: null,
environment: null,
runtime: null,
zone: null,
companyunit: null,
containerName: null,
company: undefined,
environment: undefined,
runtime: undefined,
zone: undefined,
companyunit: undefined,
containerName: undefined,
},
});
logger.enableConsole({
ts/manager.auth/classes.authmanager.ts
+57 -3
View File
@@ -20,7 +20,7 @@ export class CloudlyAuthManager {
public CAuthorization = plugins.smartdata.setDefaultManagerForDoc(this, Authorization);
public typedrouter = new plugins.typedrequest.TypedRouter();
public smartjwtInstance: plugins.smartjwt.SmartJwt<IJwtData>;
public smartjwtInstance!: plugins.smartjwt.SmartJwt<IJwtData>;
constructor(cloudlyRef: Cloudly) {
this.cloudlyRef = cloudlyRef;
@@ -49,8 +49,10 @@ export class CloudlyAuthManager {
this.smartjwtInstance.setKeyPairAsJson(existingJwtKeys);
}
await this.bootstrapInitialAdmin();
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secret.IReq_Admin_LoginWithUsernameAndPassword>(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.admin.IReq_Admin_LoginWithUsernameAndPassword>(
'adminLoginWithUsernameAndPassword',
async (dataArg) => {
let jwt: string;
@@ -71,7 +73,7 @@ export class CloudlyAuthManager {
identity: {
jwt,
userId: user.id,
name: user.data.username,
name: user.data.username || user.id,
expiresAt: expiresAtTimestamp,
role: user.data.role,
type: user.data.type,
@@ -82,6 +84,42 @@ export class CloudlyAuthManager {
);
}
private async bootstrapInitialAdmin() {
const users = await this.CUser.getInstances({});
const hasHumanUser = users.some((userArg) => userArg.data?.type === 'human');
if (hasHumanUser) {
return;
}
const adminAccount = this.cloudlyRef.config.data.servezoneAdminaccount;
if (!adminAccount) {
throw new Error('SERVEZONE_ADMINACCOUNT is required for first-run Cloudly bootstrap');
}
const separatorIndex = adminAccount.indexOf(':');
if (separatorIndex <= 0 || separatorIndex === adminAccount.length - 1) {
throw new Error('SERVEZONE_ADMINACCOUNT must use username:password format');
}
const username = adminAccount.slice(0, separatorIndex).trim();
const password = adminAccount.slice(separatorIndex + 1);
if (!username || !password) {
throw new Error('SERVEZONE_ADMINACCOUNT must include a non-empty username and password');
}
const user = new this.CUser({
id: await this.CUser.getNewId(),
data: {
type: 'human',
username,
password,
role: 'admin',
},
});
await user.save();
logger.log('success', `created initial admin user ${username}`);
}
public async stop() {}
public validIdentityGuard = new plugins.smartguard.Guard<{
@@ -134,4 +172,20 @@ export class CloudlyAuthManager {
name: 'adminIdentityGuard',
},
);
public adminOrClusterIdentityGuard = new plugins.smartguard.Guard<{
identity: plugins.servezoneInterfaces.data.IIdentity;
}>(
async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [this.validIdentityGuard]);
const jwt = dataArg.identity.jwt;
const jwtData: IJwtData = await this.smartjwtInstance.verifyJWTAndGetData(jwt);
const user = await this.CUser.getInstance({ id: jwtData.userId });
return user.data.role === 'admin' || user.data.role === 'cluster';
},
{
failedHint: 'user is not admin or cluster.',
name: 'adminOrClusterIdentityGuard',
},
);
}
ts/manager.auth/classes.user.ts
+2 -2
View File
@@ -45,8 +45,8 @@ export class User extends plugins.smartdata.SmartDataDbDoc<
// INSTANCE
@plugins.smartdata.unI()
public id: string;
public id!: string;
@plugins.smartdata.svDb()
public data: plugins.servezoneInterfaces.data.IUser['data'];
public data!: plugins.servezoneInterfaces.data.IUser['data'];
}
ts/manager.backup/classes.backupmanager.ts
+593
View File
@@ -0,0 +1,593 @@
import type { Cloudly } from '../classes.cloudly.js';
import * as plugins from '../plugins.js';
import { BackupRecord } from './classes.backuprecord.js';
import { createBackupTargetWriterFromEnv, type IBackupTargetWriter } from './classes.replicationtarget.js';
export type TBackupStatus =
| 'pending'
| 'running'
| 'replicating'
| 'replicated'
| 'ready'
| 'failed'
| 'restoring'
| 'restored';
export type TBackupResourceType = 'volume' | 'database' | 'objectstorage';
export type TBackupReplicationTargetType = 's3' | 'smb';
export interface IBackupArchiveObject {
path: string;
size: number;
sha256: string;
}
export interface IBackupArchiveManifest {
version: 1;
backupId: string;
createdAt: number;
objects: IBackupArchiveObject[];
totalSize: number;
}
export interface IBackupReplicationResult {
targetType: TBackupReplicationTargetType;
targetPath: string;
manifestPath: string;
manifestSha256: string;
objectCount: number;
totalSize: number;
completedAt: number;
}
export interface IBackupSnapshotData {
type: TBackupResourceType;
snapshotId: string;
snapshotName?: string;
originalSize: number;
storedSize: number;
createdAt: number;
tags?: Record<string, string>;
volumeName?: string;
mountPath?: string;
resourceName?: string;
databaseName?: string;
bucketName?: string;
}
export interface IBackupRecordData {
id: string;
serviceId: string;
serviceName?: string;
clusterId?: string;
status: TBackupStatus;
trigger: 'manual' | 'scheduled';
snapshots: IBackupSnapshotData[];
replication?: IBackupReplicationResult;
createdAt: number;
updatedAt: number;
completedAt?: number;
requestedBy?: string;
errorText?: string;
restoreHistory?: Array<{
restoredAt: number;
status: 'restored' | 'failed';
errorText?: string;
}>;
tags?: Record<string, string>;
}
export class CloudlyBackupManager {
public typedrouter = new plugins.typedrequest.TypedRouter();
public cloudlyRef: Cloudly;
private backupTargetWriter?: IBackupTargetWriter;
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CBackupRecord = plugins.smartdata.setDefaultManagerForDoc(this, BackupRecord);
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('createServiceBackup', async (requestArg) => {
await this.passAdminIdentity(requestArg);
return {
backup: await this.createServiceBackup(requestArg),
};
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('getServiceBackups', async (requestArg) => {
await this.passValidIdentity(requestArg);
return {
backups: await this.getBackups({
...(requestArg.serviceId ? { serviceId: requestArg.serviceId } : {}),
...(requestArg.status ? { status: requestArg.status } : {}),
}),
};
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('getBackupById', async (requestArg) => {
await this.passValidIdentity(requestArg);
return {
backup: await this.getBackupById(requestArg.backupId),
};
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('restoreServiceBackup', async (requestArg) => {
await this.passAdminIdentity(requestArg);
return {
backup: await this.restoreServiceBackup(requestArg),
};
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('prepareBackupReplication', async (requestArg) => {
await this.passClusterIdentity(requestArg);
return await this.prepareBackupReplication(requestArg);
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('uploadBackupArchiveObject', async (requestArg) => {
await this.passClusterIdentity(requestArg);
return await this.uploadBackupArchiveObject(requestArg);
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('completeBackupReplication', async (requestArg) => {
await this.passClusterIdentity(requestArg);
return await this.completeBackupReplication(requestArg);
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('getBackupArchiveManifest', async (requestArg) => {
await this.passClusterIdentity(requestArg);
return await this.getBackupArchiveManifest(requestArg);
}),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<any>('downloadBackupArchiveObject', async (requestArg) => {
await this.passClusterIdentity(requestArg);
return await this.downloadBackupArchiveObject(requestArg);
}),
);
}
public async start() {
const schedule = process.env.CLOUDLY_BACKUP_CRON;
this.cloudlyRef.taskManager.registerTask(
'backup-all-services',
new plugins.taskbuffer.Task({
name: 'backup-all-services',
taskFunction: async () => await this.backupAllServices(),
}),
{
description: 'Create backups for every workload service with backup-enabled resources.',
category: 'backup',
schedule,
enabled: Boolean(schedule),
},
);
}
public async stop() {}
public async getBackups(queryArg: Record<string, unknown> = {}) {
const backups = await this.CBackupRecord.getInstances(queryArg);
return await Promise.all(backups.map((backupArg) => backupArg.createSavableObject()));
}
public async getBackupById(backupIdArg: string) {
const backup = await BackupRecord.getInstance({ id: backupIdArg });
if (!backup) {
throw new plugins.typedrequest.TypedResponseError(`Backup ${backupIdArg} not found`);
}
return await backup.createSavableObject();
}
public async backupAllServices() {
const services = await this.cloudlyRef.serviceManager.CService.getInstances({});
const results: Array<{ serviceId: string; backupId?: string; errorText?: string }> = [];
for (const service of services) {
if (service.data.serviceCategory && service.data.serviceCategory !== 'workload') {
continue;
}
try {
const backup = await this.createServiceBackup({
identity: {
name: 'cloudly-backup-scheduler',
role: 'admin',
type: 'machine',
userId: 'system',
expiresAt: Date.now() + 3600 * 1000,
jwt: '',
},
serviceId: service.id,
tags: {
trigger: 'scheduled',
},
});
results.push({ serviceId: service.id, backupId: backup.id });
} catch (error) {
results.push({ serviceId: service.id, errorText: (error as Error).message });
}
}
return { results };
}
public async createServiceBackup(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
serviceId: string;
clusterId?: string;
tags?: Record<string, string>;
}) {
const service = await this.cloudlyRef.serviceManager.CService.getInstance({
id: requestArg.serviceId,
});
if (!service) {
throw new plugins.typedrequest.TypedResponseError(`Service ${requestArg.serviceId} not found`);
}
const now = Date.now();
const backup = new BackupRecord();
backup.id = await BackupRecord.getNewId();
backup.serviceId = service.id;
backup.serviceName = service.data.name;
backup.clusterId = requestArg.clusterId || (requestArg.identity as any).clusterId;
backup.status = 'running';
backup.trigger = 'manual';
backup.snapshots = [];
backup.createdAt = now;
backup.updatedAt = now;
backup.requestedBy = requestArg.identity.userId;
backup.tags = requestArg.tags;
await backup.save();
const replicationEnabled = (requestArg as any).replicate !== false && !!process.env.CLOUDLY_BACKUP_TARGET_TYPE;
try {
const result = await this.fireCoreflowRequest('executeServiceBackup', {
backupId: backup.id,
service: await service.createSavableObject(),
tags: requestArg.tags,
replication: {
enabled: replicationEnabled,
},
}, backup.clusterId);
backup.snapshots = result.snapshots || [];
if (replicationEnabled && !result.replication) {
throw new Error('Coreflow did not complete remote backup replication');
}
backup.replication = result.replication;
backup.status = 'replicated';
backup.completedAt = Date.now();
backup.updatedAt = Date.now();
await backup.save();
await this.applyRetention(backup.serviceId);
} catch (error) {
backup.status = 'failed';
backup.errorText = (error as Error).message;
backup.completedAt = Date.now();
backup.updatedAt = Date.now();
await backup.save();
throw error;
}
return await backup.createSavableObject();
}
private async applyRetention(serviceIdArg: string) {
const keepLast = Number(process.env.CLOUDLY_BACKUP_KEEP_LAST || '24');
if (!Number.isInteger(keepLast) || keepLast <= 0) {
return;
}
const backups = await this.CBackupRecord.getInstances({
serviceId: serviceIdArg,
});
const completedBackups = backups
.filter((backupArg) => backupArg.status === 'replicated' || backupArg.status === 'restored' || backupArg.status === 'failed')
.sort((a, b) => (b.createdAt || 0) - (a.createdAt || 0));
for (const backup of completedBackups.slice(keepLast)) {
await backup.delete();
}
}
public async restoreServiceBackup(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
backupId: string;
clear?: boolean;
resourceTypes?: TBackupResourceType[];
}) {
const backup = await BackupRecord.getInstance({ id: requestArg.backupId });
if (!backup) {
throw new plugins.typedrequest.TypedResponseError(`Backup ${requestArg.backupId} not found`);
}
if (backup.status !== 'replicated' && backup.status !== 'restored') {
throw new plugins.typedrequest.TypedResponseError(`Backup ${backup.id} is not restorable in status ${backup.status}`);
}
const service = await this.cloudlyRef.serviceManager.CService.getInstance({
id: backup.serviceId,
});
if (!service) {
throw new plugins.typedrequest.TypedResponseError(`Service ${backup.serviceId} not found`);
}
const previousStatus = backup.status;
backup.status = 'restoring';
backup.updatedAt = Date.now();
await backup.save();
try {
await this.fireCoreflowRequest('executeServiceRestore', {
backupId: backup.id,
service: await service.createSavableObject(),
snapshots: backup.snapshots || [],
clear: requestArg.clear,
resourceTypes: requestArg.resourceTypes,
replication: {
enabled: true,
},
}, backup.clusterId);
backup.status = 'restored';
backup.restoreHistory = [
...(backup.restoreHistory || []),
{
restoredAt: Date.now(),
status: 'restored',
},
];
backup.updatedAt = Date.now();
await backup.save();
} catch (error) {
backup.status = previousStatus;
backup.restoreHistory = [
...(backup.restoreHistory || []),
{
restoredAt: Date.now(),
status: 'failed',
errorText: (error as Error).message,
},
];
backup.updatedAt = Date.now();
await backup.save();
throw error;
}
return await backup.createSavableObject();
}
private getBackupTargetWriter() {
if (!this.backupTargetWriter) {
this.backupTargetWriter = createBackupTargetWriterFromEnv();
}
return this.backupTargetWriter;
}
private normalizeTargetPath(pathArg: string) {
const normalized = plugins.path.posix
.normalize(String(pathArg || '').replace(/\\/g, '/').trim())
.replace(/^\/+/, '');
if (!normalized || normalized === '.' || normalized.startsWith('../') || normalized.includes('/../')) {
throw new Error(`Invalid backup target path ${pathArg}`);
}
return normalized;
}
private getBackupTargetPath(backupArg: BackupRecord) {
return this.normalizeTargetPath([
process.env.CLOUDLY_BACKUP_TARGET_PREFIX || 'serve.zone-backups',
'clusters',
backupArg.clusterId || 'default',
'services',
backupArg.serviceId,
'backups',
backupArg.id,
].filter(Boolean).join('/'));
}
private getArchiveObjectTargetPath(backupArg: BackupRecord, objectPathArg: string) {
return this.normalizeTargetPath(`${this.getBackupTargetPath(backupArg)}/archive/${objectPathArg}`);
}
private getManifestTargetPath(backupArg: BackupRecord) {
return this.normalizeTargetPath(`${this.getBackupTargetPath(backupArg)}/manifest.json`);
}
private getSha256(contentsArg: Buffer) {
return plugins.crypto.createHash('sha256').update(contentsArg).digest('hex');
}
private assertObjectMatches(objectArg: IBackupArchiveObject, contentsArg: Buffer) {
if (contentsArg.length !== objectArg.size || this.getSha256(contentsArg) !== objectArg.sha256) {
throw new Error(`Backup archive object checksum mismatch for ${objectArg.path}`);
}
}
private createManifestBuffer(backupArg: BackupRecord, manifestArg: IBackupArchiveManifest) {
return Buffer.from(`${JSON.stringify({
version: 1,
backupId: backupArg.id,
serviceId: backupArg.serviceId,
serviceName: backupArg.serviceName,
clusterId: backupArg.clusterId,
archive: manifestArg,
}, null, 2)}\n`);
}
private async getBackupForClusterRequest(backupIdArg: string, identityArg: plugins.servezoneInterfaces.data.IIdentity) {
const backup = await BackupRecord.getInstance({ id: backupIdArg });
if (!backup) {
throw new plugins.typedrequest.TypedResponseError(`Backup ${backupIdArg} not found`);
}
const identityClusterId = (identityArg as any).clusterId;
if (backup.clusterId && identityClusterId && backup.clusterId !== identityClusterId) {
throw new plugins.typedrequest.TypedResponseError(`Backup ${backupIdArg} does not belong to this cluster`);
}
return backup;
}
public async prepareBackupReplication(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
backupId: string;
manifest: IBackupArchiveManifest;
}) {
const backup = await this.getBackupForClusterRequest(requestArg.backupId, requestArg.identity);
const targetWriter = this.getBackupTargetWriter();
const missingObjects: IBackupArchiveObject[] = [];
for (const object of requestArg.manifest.objects || []) {
const targetPath = this.getArchiveObjectTargetPath(backup, object.path);
if (!await targetWriter.hasObject(targetPath, object)) {
missingObjects.push(object);
}
}
backup.status = 'replicating';
backup.updatedAt = Date.now();
await backup.save();
return { missingObjects };
}
public async uploadBackupArchiveObject(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
backupId: string;
object: IBackupArchiveObject;
contentsBase64: string;
}) {
const backup = await this.getBackupForClusterRequest(requestArg.backupId, requestArg.identity);
const contents = Buffer.from(requestArg.contentsBase64 || '', 'base64');
this.assertObjectMatches(requestArg.object, contents);
await this.getBackupTargetWriter().putObject(
this.getArchiveObjectTargetPath(backup, requestArg.object.path),
requestArg.object,
contents,
);
return { accepted: true };
}
public async completeBackupReplication(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
backupId: string;
manifest: IBackupArchiveManifest;
}) {
const backup = await this.getBackupForClusterRequest(requestArg.backupId, requestArg.identity);
const targetWriter = this.getBackupTargetWriter();
for (const object of requestArg.manifest.objects || []) {
const targetPath = this.getArchiveObjectTargetPath(backup, object.path);
if (!await targetWriter.hasObject(targetPath, object)) {
throw new Error(`Remote backup target is missing archive object ${object.path}`);
}
}
const manifestPath = this.getManifestTargetPath(backup);
const manifestBuffer = this.createManifestBuffer(backup, requestArg.manifest);
const manifestObject = {
path: 'manifest.json',
size: manifestBuffer.length,
sha256: this.getSha256(manifestBuffer),
};
await targetWriter.putObject(manifestPath, manifestObject, manifestBuffer);
const replication: IBackupReplicationResult = {
targetType: targetWriter.targetType,
targetPath: this.getBackupTargetPath(backup),
manifestPath,
manifestSha256: manifestObject.sha256,
objectCount: requestArg.manifest.objects.length,
totalSize: requestArg.manifest.totalSize,
completedAt: Date.now(),
};
backup.replication = replication;
backup.status = 'replicated';
backup.completedAt = replication.completedAt;
backup.updatedAt = replication.completedAt;
await backup.save();
return { replication };
}
public async getBackupArchiveManifest(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
backupId: string;
}) {
const backup = await this.getBackupForClusterRequest(requestArg.backupId, requestArg.identity);
if (!backup.replication) {
throw new plugins.typedrequest.TypedResponseError(`Backup ${backup.id} has not been replicated`);
}
const manifestBuffer = await this.getBackupTargetWriter().readObject(backup.replication.manifestPath);
if (this.getSha256(manifestBuffer) !== backup.replication.manifestSha256) {
throw new Error(`Remote manifest checksum mismatch for backup ${backup.id}`);
}
const parsedManifest = JSON.parse(manifestBuffer.toString('utf8'));
return { manifest: parsedManifest.archive as IBackupArchiveManifest };
}
public async downloadBackupArchiveObject(requestArg: {
identity: plugins.servezoneInterfaces.data.IIdentity;
backupId: string;
object: IBackupArchiveObject;
}) {
const backup = await this.getBackupForClusterRequest(requestArg.backupId, requestArg.identity);
if (!backup.replication) {
throw new plugins.typedrequest.TypedResponseError(`Backup ${backup.id} has not been replicated`);
}
const contents = await this.getBackupTargetWriter().readObject(
this.getArchiveObjectTargetPath(backup, requestArg.object.path),
);
this.assertObjectMatches(requestArg.object, contents);
return {
object: requestArg.object,
contentsBase64: contents.toString('base64'),
};
}
private async fireCoreflowRequest(methodArg: string, payloadArg: Record<string, unknown>, clusterIdArg?: string) {
const typedsocket = this.cloudlyRef.server.typedServer?.typedsocket;
if (!typedsocket) {
throw new Error('Cloudly TypedSocket server is not running');
}
const connections = await typedsocket.findAllTargetConnections(async (connectionArg) => {
const identityTag = await connectionArg.getTagById('identity');
const identity = identityTag?.payload as plugins.servezoneInterfaces.data.IIdentity | undefined;
return identity?.role === 'cluster' && (!clusterIdArg || (identity as any).clusterId === clusterIdArg);
});
if (connections.length === 0) {
throw new Error(clusterIdArg
? `No connected coreflow for cluster ${clusterIdArg}`
: 'No connected coreflow');
}
const request = typedsocket.createTypedRequest<any>(methodArg, connections[0]);
return await request.fire(payloadArg as any);
}
private async passValidIdentity(requestData: { identity: plugins.servezoneInterfaces.data.IIdentity }) {
await plugins.smartguard.passGuardsOrReject(requestData, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
}
private async passAdminIdentity(requestData: { identity: plugins.servezoneInterfaces.data.IIdentity }) {
await plugins.smartguard.passGuardsOrReject(requestData, [
this.cloudlyRef.authManager.adminIdentityGuard,
]);
}
private async passClusterIdentity(requestData: { identity: plugins.servezoneInterfaces.data.IIdentity }) {
await this.passValidIdentity(requestData);
if (requestData.identity.role !== 'cluster') {
throw new plugins.typedrequest.TypedResponseError('Cluster identity required');
}
}
}
ts/manager.backup/classes.backuprecord.ts
+54
View File
@@ -0,0 +1,54 @@
import * as plugins from '../plugins.js';
import type { CloudlyBackupManager, IBackupRecordData } from './classes.backupmanager.js';
@plugins.smartdata.managed()
export class BackupRecord extends plugins.smartdata.SmartDataDbDoc<
BackupRecord,
IBackupRecordData,
CloudlyBackupManager
> {
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public serviceId!: string;
@plugins.smartdata.svDb()
public serviceName?: string;
@plugins.smartdata.svDb()
public clusterId?: string;
@plugins.smartdata.svDb()
public status!: IBackupRecordData['status'];
@plugins.smartdata.svDb()
public trigger!: IBackupRecordData['trigger'];
@plugins.smartdata.svDb()
public snapshots!: IBackupRecordData['snapshots'];
@plugins.smartdata.svDb()
public replication?: IBackupRecordData['replication'];
@plugins.smartdata.svDb()
public createdAt!: number;
@plugins.smartdata.svDb()
public updatedAt!: number;
@plugins.smartdata.svDb()
public completedAt?: number;
@plugins.smartdata.svDb()
public requestedBy?: string;
@plugins.smartdata.svDb()
public errorText?: string;
@plugins.smartdata.svDb()
public restoreHistory?: IBackupRecordData['restoreHistory'];
@plugins.smartdata.svDb()
public tags?: Record<string, string>;
}
ts/manager.backup/classes.replicationtarget.ts
+197
View File
@@ -0,0 +1,197 @@
import * as plugins from '../plugins.js';
type TArchiveObject = {
path: string;
size: number;
sha256: string;
};
type TTargetType = 's3' | 'smb';
export interface IBackupTargetWriter {
targetType: TTargetType;
hasObject(pathArg: string, objectArg: TArchiveObject): Promise<boolean>;
putObject(pathArg: string, objectArg: TArchiveObject, contentsArg: Buffer): Promise<void>;
readObject(pathArg: string): Promise<Buffer>;
}
const requiredEnv = (nameArg: string) => {
const value = process.env[nameArg];
if (!value) {
throw new Error(`Missing required backup target env ${nameArg}`);
}
return value;
};
const normalizeRemotePath = (pathArg: string) => {
const normalized = plugins.path.posix
.normalize(String(pathArg || '').replace(/\\/g, '/').trim())
.replace(/^\/+/, '');
if (!normalized || normalized === '.' || normalized.startsWith('../') || normalized.includes('/../')) {
throw new Error(`Invalid backup target path ${pathArg}`);
}
return normalized;
};
const getBufferSha256 = (contentsArg: Buffer) => {
return plugins.crypto.createHash('sha256').update(contentsArg).digest('hex');
};
const assertObjectMatches = (objectArg: TArchiveObject, contentsArg: Buffer, labelArg: string) => {
const sha256 = getBufferSha256(contentsArg);
if (contentsArg.length !== objectArg.size || sha256 !== objectArg.sha256) {
throw new Error(`Backup target checksum mismatch for ${labelArg}`);
}
};
const objectMatches = (objectArg: TArchiveObject, contentsArg: Buffer) => {
return contentsArg.length === objectArg.size && getBufferSha256(contentsArg) === objectArg.sha256;
};
class S3BackupTargetWriter implements IBackupTargetWriter {
public targetType: TTargetType = 's3';
private bucketPromise?: Promise<any>;
private async getBucket() {
if (!this.bucketPromise) {
this.bucketPromise = (async () => {
const smartBucket = new plugins.smartbucket.SmartBucket({
endpoint: requiredEnv('CLOUDLY_BACKUP_S3_ENDPOINT'),
accessKey: requiredEnv('CLOUDLY_BACKUP_S3_ACCESS_KEY'),
accessSecret: requiredEnv('CLOUDLY_BACKUP_S3_SECRET_KEY'),
region: process.env.CLOUDLY_BACKUP_S3_REGION || 'us-east-1',
...(process.env.CLOUDLY_BACKUP_S3_PORT
? { port: Number(process.env.CLOUDLY_BACKUP_S3_PORT) }
: {}),
...(process.env.CLOUDLY_BACKUP_S3_USE_SSL
? { useSsl: process.env.CLOUDLY_BACKUP_S3_USE_SSL !== 'false' }
: {}),
} as any);
const bucketName = requiredEnv('CLOUDLY_BACKUP_S3_BUCKET');
if (await smartBucket.bucketExists(bucketName)) {
return await smartBucket.getBucketByName(bucketName);
}
return await smartBucket.createBucket(bucketName);
})();
}
return await this.bucketPromise;
}
public async hasObject(pathArg: string, objectArg: TArchiveObject) {
try {
return objectMatches(objectArg, await this.readObject(pathArg));
} catch {
return false;
}
}
public async putObject(pathArg: string, objectArg: TArchiveObject, contentsArg: Buffer) {
const targetPath = normalizeRemotePath(pathArg);
assertObjectMatches(objectArg, contentsArg, targetPath);
const bucket = await this.getBucket();
const tempPath = `${targetPath}.upload-${Date.now()}-${plugins.smartunique.shortId()}.tmp`;
try {
await bucket.fastPut({ path: tempPath, contents: contentsArg, overwrite: true });
assertObjectMatches(objectArg, await bucket.fastGet({ path: tempPath }), tempPath);
await bucket.fastMove({ sourcePath: tempPath, destinationPath: targetPath, overwrite: true });
assertObjectMatches(objectArg, await bucket.fastGet({ path: targetPath }), targetPath);
} finally {
await bucket.fastRemove({ path: tempPath }).catch(() => {});
}
}
public async readObject(pathArg: string) {
const bucket = await this.getBucket();
return await bucket.fastGet({ path: normalizeRemotePath(pathArg) });
}
}
class SmbBackupTargetWriter implements IBackupTargetWriter {
public targetType: TTargetType = 'smb';
private clientPromise?: Promise<plugins.smartsamba.SambaClient>;
private async getClient() {
if (!this.clientPromise) {
this.clientPromise = (async () => {
const client = new plugins.smartsamba.SambaClient({
host: requiredEnv('CLOUDLY_BACKUP_SMB_HOST'),
...(process.env.CLOUDLY_BACKUP_SMB_PORT
? { port: Number(process.env.CLOUDLY_BACKUP_SMB_PORT) }
: {}),
auth: {
...(process.env.CLOUDLY_BACKUP_SMB_USERNAME
? { username: process.env.CLOUDLY_BACKUP_SMB_USERNAME }
: {}),
...(process.env.CLOUDLY_BACKUP_SMB_PASSWORD
? { password: process.env.CLOUDLY_BACKUP_SMB_PASSWORD }
: {}),
...(process.env.CLOUDLY_BACKUP_SMB_DOMAIN
? { domain: process.env.CLOUDLY_BACKUP_SMB_DOMAIN }
: {}),
},
});
await client.start();
return client;
})();
}
return await this.clientPromise;
}
private getShare() {
return requiredEnv('CLOUDLY_BACKUP_SMB_SHARE');
}
private async ensureParentDirectory(pathArg: string) {
const client = await this.getClient();
const parent = plugins.path.posix.dirname(pathArg);
if (!parent || parent === '.') {
return;
}
const parts = parent.split('/').filter(Boolean);
let current = '';
for (const part of parts) {
current = current ? `${current}/${part}` : part;
await client.createDirectory(this.getShare(), current).catch(() => {});
}
}
public async hasObject(pathArg: string, objectArg: TArchiveObject) {
try {
return objectMatches(objectArg, await this.readObject(pathArg));
} catch {
return false;
}
}
public async putObject(pathArg: string, objectArg: TArchiveObject, contentsArg: Buffer) {
const targetPath = normalizeRemotePath(pathArg);
assertObjectMatches(objectArg, contentsArg, targetPath);
const client = await this.getClient();
const share = this.getShare();
const tempPath = `${targetPath}.upload-${Date.now()}-${plugins.smartunique.shortId()}.tmp`;
await this.ensureParentDirectory(targetPath);
try {
await client.writeFile(share, tempPath, contentsArg);
assertObjectMatches(objectArg, await client.readFile(share, tempPath), tempPath);
await client.deleteFile(share, targetPath).catch(() => {});
await client.rename(share, tempPath, targetPath);
assertObjectMatches(objectArg, await client.readFile(share, targetPath), targetPath);
} finally {
await client.deleteFile(share, tempPath).catch(() => {});
}
}
public async readObject(pathArg: string) {
return await (await this.getClient()).readFile(this.getShare(), normalizeRemotePath(pathArg));
}
}
export const createBackupTargetWriterFromEnv = (): IBackupTargetWriter => {
const targetType = process.env.CLOUDLY_BACKUP_TARGET_TYPE as TTargetType | undefined;
if (targetType === 's3') {
return new S3BackupTargetWriter();
}
if (targetType === 'smb') {
return new SmbBackupTargetWriter();
}
throw new Error('No remote backup target configured. Set CLOUDLY_BACKUP_TARGET_TYPE to s3 or smb.');
};
ts/manager.baremetal/classes.baremetal.ts
+113
View File
@@ -0,0 +1,113 @@
import * as plugins from '../plugins.js';
/**
* BareMetal represents an actual physical server
*/
@plugins.smartdata.Manager()
export class BareMetal extends plugins.smartdata.SmartDataDbDoc<
BareMetal,
plugins.servezoneInterfaces.data.IBareMetal
> {
// STATIC
public static async createFromHetznerServer(
hetznerServerArg: plugins.hetznercloud.HetznerServer,
) {
const serverData = hetznerServerArg.data;
if (!serverData) {
throw new Error('Hetzner server response is missing server data');
}
const ipv4 = serverData.public_net.ipv4;
if (!ipv4) {
throw new Error(`Hetzner server ${serverData.id} has no primary IPv4 address`);
}
const newBareMetal = new BareMetal();
newBareMetal.id = plugins.smartunique.shortId(8);
const data: plugins.servezoneInterfaces.data.IBareMetal['data'] = {
hostname: serverData.name,
primaryIp: ipv4.ip,
provider: 'hetzner',
location: serverData.datacenter.name,
specs: {
cpuModel: serverData.server_type.cpu_type,
cpuCores: serverData.server_type.cores,
memoryGB: serverData.server_type.memory,
storageGB: serverData.server_type.disk,
storageType: 'nvme',
},
powerState: serverData.status === 'running' ? 'on' : 'off',
osInfo: {
name: 'Debian',
version: '12',
},
assignedNodeIds: [],
providerMetadata: {
hetznerServerId: serverData.id,
hetznerServerName: serverData.name,
},
};
Object.assign(newBareMetal, { data });
await newBareMetal.save();
return newBareMetal;
}
// INSTANCE
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public data!: plugins.servezoneInterfaces.data.IBareMetal['data'];
constructor() {
super();
}
public async assignNode(nodeId: string) {
if (!this.data.assignedNodeIds.includes(nodeId)) {
this.data.assignedNodeIds.push(nodeId);
await this.save();
}
}
public async removeNode(nodeId: string) {
this.data.assignedNodeIds = this.data.assignedNodeIds.filter(id => id !== nodeId);
await this.save();
}
public async updatePowerState(state: 'on' | 'off' | 'unknown') {
this.data.powerState = state;
await this.save();
}
public async powerOn(): Promise<boolean> {
// TODO: Implement IPMI power on
if (this.data.ipmiAddress && this.data.ipmiCredentials) {
// Implement IPMI power on command
console.log(`Powering on BareMetal ${this.id} via IPMI`);
await this.updatePowerState('on');
return true;
}
return false;
}
public async powerOff(): Promise<boolean> {
// TODO: Implement IPMI power off
if (this.data.ipmiAddress && this.data.ipmiCredentials) {
// Implement IPMI power off command
console.log(`Powering off BareMetal ${this.id} via IPMI`);
await this.updatePowerState('off');
return true;
}
return false;
}
public async reset(): Promise<boolean> {
// TODO: Implement IPMI reset
if (this.data.ipmiAddress && this.data.ipmiCredentials) {
// Implement IPMI reset command
console.log(`Resetting BareMetal ${this.id} via IPMI`);
return true;
}
return false;
}
}
ts/manager.baremetal/classes.baremetalmanager.ts
+180
View File
@@ -0,0 +1,180 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import { BareMetal } from './classes.baremetal.js';
import { logger } from '../logger.js';
export class CloudlyBaremetalManager {
public cloudlyRef: Cloudly;
public typedRouter = new plugins.typedrequest.TypedRouter();
public hetznerAccount?: plugins.hetznercloud.HetznerAccount;
public get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CBareMetal = plugins.smartdata.setDefaultManagerForDoc(this, BareMetal);
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
this.cloudlyRef.typedrouter.addTypedRouter(this.typedRouter);
// API endpoint to get baremetal servers
this.typedRouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.baremetal.IRequest_Any_Cloudly_GetBaremetalServers>(
'getBaremetalServers',
async (requestData) => {
const baremetals = await this.getAllBaremetals();
return {
baremetals: await Promise.all(
baremetals.map((baremetal) => baremetal.createSavableObject())
),
};
},
),
);
// API endpoint to control baremetal via IPMI
this.typedRouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.baremetal.IRequest_Any_Cloudly_ControlBaremetal>(
'controlBaremetal',
async (requestData) => {
const baremetal = await this.CBareMetal.getInstance({
id: requestData.baremetalId,
});
if (!baremetal) {
return {
success: false,
message: 'BareMetal not found',
};
}
let success = false;
switch (requestData.action) {
case 'powerOn':
success = await baremetal.powerOn();
break;
case 'powerOff':
success = await baremetal.powerOff();
break;
case 'reset':
success = await baremetal.reset();
break;
}
return {
success,
message: success ? `Action ${requestData.action} completed` : `Action ${requestData.action} failed`,
};
},
),
);
}
public async start() {
const hetznerToken = await this.cloudlyRef.settingsManager.getSetting('hetznerToken');
if (hetznerToken) {
this.hetznerAccount = new plugins.hetznercloud.HetznerAccount(hetznerToken);
}
logger.log('info', 'BareMetal manager started');
}
public async stop() {
logger.log('info', 'BareMetal manager stopped');
}
/**
* Get all baremetal servers
*/
public async getAllBaremetals(): Promise<BareMetal[]> {
const baremetals = await this.CBareMetal.getInstances({});
return baremetals;
}
/**
* Get baremetal by ID
*/
public async getBaremetalById(id: string): Promise<BareMetal | null> {
const baremetal = await this.CBareMetal.getInstance({
id,
});
return baremetal;
}
/**
* Get baremetals by provider
*/
public async getBaremetalsByProvider(provider: 'hetzner' | 'aws' | 'digitalocean' | 'onpremise'): Promise<BareMetal[]> {
const baremetals = await this.CBareMetal.getInstances({
data: {
provider,
},
});
return baremetals;
}
/**
* Create baremetal from Hetzner server
*/
public async createBaremetalFromHetznerServer(hetznerServer: plugins.hetznercloud.HetznerServer): Promise<BareMetal> {
const serverData = hetznerServer.data;
if (!serverData) {
throw new Error('Hetzner server response is missing server data');
}
// Check if baremetal already exists for this Hetzner server
const existingBaremetals = await this.CBareMetal.getInstances({});
for (const baremetal of existingBaremetals) {
if (baremetal.data.providerMetadata?.hetznerServerId === serverData.id) {
logger.log('info', `BareMetal already exists for Hetzner server ${serverData.id}`);
return baremetal;
}
}
// Create new baremetal
const newBaremetal = await BareMetal.createFromHetznerServer(hetznerServer);
logger.log('success', `Created new BareMetal ${newBaremetal.id} from Hetzner server ${serverData.id}`);
return newBaremetal;
}
/**
* Sync baremetals with Hetzner
*/
public async syncWithHetzner() {
if (!this.hetznerAccount) {
logger.log('warn', 'Cannot sync with Hetzner - no account configured');
return;
}
const hetznerServers = await this.hetznerAccount.getServers();
for (const hetznerServer of hetznerServers) {
await this.createBaremetalFromHetznerServer(hetznerServer);
}
logger.log('success', `Synced ${hetznerServers.length} servers from Hetzner`);
}
/**
* Provision a new baremetal server
*/
public async provisionBaremetal(options: {
provider: 'hetzner' | 'aws' | 'digitalocean';
location: any; // TODO: Import proper type from hetznercloud when available
type: any; // TODO: Import proper type from hetznercloud when available
}): Promise<BareMetal> {
if (options.provider === 'hetzner' && this.hetznerAccount) {
const hetznerServer = await this.hetznerAccount.createServer({
name: plugins.smartunique.uniSimple('baremetal'),
location: options.location,
type: options.type,
});
const baremetal = await this.createBaremetalFromHetznerServer(hetznerServer);
return baremetal;
}
throw new Error(`Provider ${options.provider} not supported or not configured`);
}
}
ts/manager.baseos/classes.baseosimagebuild.ts
+87
View File
@@ -0,0 +1,87 @@
import * as plugins from '../plugins.js';
export type TBaseOsImageArchitecture = 'amd64' | 'arm64' | 'rpi';
export type TBaseOsImageKind = 'ubuntu-iso' | 'balena-raw';
export type TBaseOsImageSourcePreset =
| 'balena-generic-amd64'
| 'balena-generic-aarch64'
| 'balena-raspberrypi4-64';
export type TBaseOsImageBuildStatus = 'queued' | 'building' | 'ready' | 'failed' | 'cancelled';
export interface IBaseOsImageArtifact {
bucketName: string;
key: string;
filename: string;
contentType: string;
size: number;
sha256: string;
createdAt: number;
}
export interface IBaseOsImageBuildPublic {
id: string;
data: {
status: TBaseOsImageBuildStatus;
architecture: TBaseOsImageArchitecture;
imageKind?: TBaseOsImageKind;
cloudlyUrl: string;
sourceImageUrl?: string;
sourceImagePreset?: TBaseOsImageSourcePreset;
balenaOsVersion?: string;
ubuntuVersion?: string;
hostname?: string;
wifiSsid?: string;
sshPublicKey?: string;
artifact?: IBaseOsImageArtifact;
errorText?: string;
logs: string[];
createdAt: number;
updatedAt: number;
startedAt?: number;
completedAt?: number;
expiresAt?: number;
};
}
@plugins.smartdata.managed()
export class BaseOsImageBuild extends plugins.smartdata.SmartDataDbDoc<
BaseOsImageBuild,
IBaseOsImageBuildPublic
> {
constructor(optionsArg?: IBaseOsImageBuildPublic & {
provisioningTokenHash?: string;
provisioningTokenConsumedAt?: number;
downloadTokenHash?: string;
downloadTokenExpiresAt?: number;
}) {
super();
if (optionsArg) {
Object.assign(this, optionsArg);
}
}
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public provisioningTokenHash!: string;
@plugins.smartdata.svDb()
public provisioningTokenConsumedAt?: number;
@plugins.smartdata.svDb()
public downloadTokenHash?: string;
@plugins.smartdata.svDb()
public downloadTokenExpiresAt?: number;
@plugins.smartdata.svDb()
public data!: IBaseOsImageBuildPublic['data'];
public toPublicBuild(): IBaseOsImageBuildPublic {
return {
id: this.id,
data: this.data,
};
}
}
ts/manager.baseos/classes.baseosmanager.ts
+1001
View File
File diff suppressed because it is too large Load Diff
ts/manager.baseos/classes.baseosnode.ts
+67
View File
@@ -0,0 +1,67 @@
import * as plugins from '../plugins.js';
export type TBaseOsRuntimeLevel = 'app-layer' | 'host-os' | 'target-state';
export type TBaseOsCloudlyConnectionStatus =
| 'not-configured'
| 'connecting'
| 'connected'
| 'failed';
export interface IBaseOsRuntimeInfo {
runtime: 'baseos';
runtimeLevel: TBaseOsRuntimeLevel;
nodeId: string;
cloudlyUrl?: string;
cloudlyConnectionStatus: TBaseOsCloudlyConnectionStatus;
supervisorAvailable: boolean;
supervisorAddress?: string;
deviceState?: Record<string, unknown>;
stateStatus?: Record<string, unknown>;
checkedAt: number;
}
export interface IBaseOsDesiredState {
release?: string;
targetState?: Record<string, unknown>;
updatedAt?: number;
}
export interface IBaseOsNodeData {
runtimeInfo: IBaseOsRuntimeInfo;
desiredState?: IBaseOsDesiredState;
createdAt: number;
updatedAt: number;
lastHeartbeatAt?: number;
}
export interface IBaseOsNodePublic {
id: string;
data: IBaseOsNodeData;
}
@plugins.smartdata.managed()
export class BaseOsNode extends plugins.smartdata.SmartDataDbDoc<BaseOsNode, IBaseOsNodePublic> {
constructor(optionsArg?: IBaseOsNodePublic & { nodeToken?: string }) {
super();
if (optionsArg) {
Object.assign(this, optionsArg);
}
}
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public nodeToken!: string;
@plugins.smartdata.svDb()
public data!: IBaseOsNodeData;
public toPublicNode(): IBaseOsNodePublic {
return {
id: this.id,
data: this.data,
};
}
}
ts/manager.cluster/classes.cluster.ts
+2 -2
View File
@@ -17,10 +17,10 @@ export class Cluster extends plugins.smartdata.SmartDataDbDoc<
// INSTANCE
@plugins.smartdata.unI()
public id: string;
public id!: string;
@plugins.smartdata.svDb()
public data: plugins.servezoneInterfaces.data.ICluster['data'];
public data!: plugins.servezoneInterfaces.data.ICluster['data'];
constructor() {
super();
ts/manager.cluster/classes.clustermanager.ts
+54 -15
View File
@@ -22,21 +22,31 @@ export class ClusterManager {
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IRequest_CreateCluster>(
new plugins.typedrequest.TypedHandler('createCluster', async (dataArg) => {
// TODO: guards
new plugins.typedrequest.TypedHandler('createCluster', async (dataArg, toolsArg) => {
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
const setupMode = dataArg.setupMode || 'manual'; // Default to manual if not specified
const cluster = await this.createCluster({
id: plugins.smartunique.uniSimple('cluster'),
data: {
userId: null, // this is created by the createCluster method
userId: '', // this is created by the createCluster method
name: dataArg.clusterName,
acmeInfo: null,
setupMode: setupMode,
acmeInfo: {
serverAddress: '',
serverSecret: '',
},
cloudlyUrl: `https://${this.cloudlyRef.config.data.publicUrl}:${this.cloudlyRef.config.data.publicPort}/`,
servers: [],
nodes: [],
sshKeys: [],
},
});
console.log(await cluster.createSavableObject());
this.cloudlyRef.serverManager.ensureServerInfrastructure();
// Only auto-provision servers if setupMode is 'hetzner'
if (setupMode === 'hetzner') {
this.cloudlyRef.nodeManager.ensureNodeInfrastructure();
}
return {
cluster: await cluster.createSavableObject(),
};
@@ -44,8 +54,8 @@ export class ClusterManager {
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_GetClusters>(
new plugins.typedrequest.TypedHandler('getAllClusters', async (dataArg) => {
// TODO: do authentication here
new plugins.typedrequest.TypedHandler('getClusters', async (dataArg, toolsArg) => {
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
const clusters = await this.getAllClusters();
return {
clusters: await Promise.all(
@@ -55,13 +65,44 @@ export class ClusterManager {
}),
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_GetClusterById>(
new plugins.typedrequest.TypedHandler('getClusterById', async (dataArg, toolsArg) => {
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
const cluster = await this.CCluster.getInstance({ id: (dataArg as any).clusterId });
if (!cluster) {
throw new plugins.typedrequest.TypedResponseError('Cluster not found');
}
return {
cluster: await cluster.createSavableObject(),
};
}),
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_UpdateCluster>(
new plugins.typedrequest.TypedHandler('updateCluster', async (dataArg, toolsArg) => {
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
const cluster = await this.CCluster.getInstance({ id: (dataArg as any).clusterId });
if (!cluster) {
throw new plugins.typedrequest.TypedResponseError('Cluster not found');
}
cluster.data = {
...cluster.data,
...dataArg.clusterData,
};
await cluster.save();
return {
resultCluster: await cluster.createSavableObject(),
};
}),
);
// delete cluster
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_DeleteClusterById>(
new plugins.typedrequest.TypedHandler('deleteCluster', async (reqDataArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqDataArg);
new plugins.typedrequest.TypedHandler('deleteClusterById', async (reqDataArg, toolsArg) => {
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqDataArg);
await this.deleteCluster(reqDataArg.clusterId);
return {
success: true,
ok: true,
};
}),
);
@@ -127,11 +168,11 @@ export class ClusterManager {
* @param configObjectArg
*/
public async createCluster(configObjectArg: plugins.servezoneInterfaces.data.ICluster) {
// TODO: guards
// lets create the cluster user
const clusterUser = new this.cloudlyRef.authManager.CUser({
id: await this.cloudlyRef.authManager.CUser.getNewId(),
data: {
username: `cluster-${configObjectArg.id}`,
role: 'cluster',
type: 'machine',
tokens: [
@@ -144,9 +185,7 @@ export class ClusterManager {
},
});
await clusterUser.save();
Object.assign(configObjectArg, {
userId: clusterUser.id,
});
configObjectArg.data.userId = clusterUser.id;
const clusterInstance = await Cluster.fromConfigObject(configObjectArg);
await clusterInstance.save();
return clusterInstance;
ts/manager.coreflow/coreflowmanager.ts
+82 -22
View File
@@ -1,6 +1,7 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import type { Cluster } from '../manager.cluster/classes.cluster.js';
import { logger } from '../logger.js';
/**
* in charge of talking to coreflow services on clusters
@@ -16,34 +17,33 @@ export class CloudlyCoreflowManager {
this.typedRouter.addTypedHandler<plugins.servezoneInterfaces.requests.identity.IRequest_Any_Cloudly_CoreflowManager_GetIdentityByToken>(
new plugins.typedrequest.TypedHandler('getIdentityByToken', async (requestData) => {
// Use getInstance with $elemMatch for querying nested arrays
const user = await this.cloudlyRef.authManager.CUser.getInstance({
data: {
tokens: [
{
token: requestData.token,
},
], // find the proper user here.
} as any,
tokens: {
$elemMatch: { token: requestData.token },
},
},
});
if (!user) {
throw new plugins.typedrequest.TypedResponseError(
'The supplied token is not valid. No matching user found.',
'The supplied token is not valid. No matching user found.'
);
}
if (user.data.type !== 'machine') {
throw new plugins.typedrequest.TypedResponseError(
'The supplied token is not valid. The user is not a machine.',
'The supplied token is not valid. The user is not a machine.'
);
}
let cluster: Cluster;
let cluster: Cluster | undefined;
if (user.data.role === 'cluster') {
cluster = await this.cloudlyRef.clusterManager.getClusterBy_UserId(user.id);
}
const expiryTimestamp = Date.now() + 3600 * 1000 * 24 * 365;
return {
identity: {
name: user.data.username,
name: user.data.username || user.id,
role: user.data.role,
type: 'machine', // if someone authenticates by token, they are a machine, no matter what.
userId: user.id,
@@ -61,7 +61,7 @@ export class CloudlyCoreflowManager {
}),
},
};
}),
})
);
// lets enable the getting of cluster configs
@@ -72,14 +72,11 @@ export class CloudlyCoreflowManager {
const identity = dataArg.identity;
console.log('trying to get clusterConfigSet');
console.log(dataArg);
const cluster = await this.cloudlyRef.clusterManager.getClusterBy_Identity(identity);
const clusterConfig = await this.getClusterConfigPayloadForIdentity(identity);
console.log('got cluster config and sending it back to coreflow');
return {
configData: await cluster.createSavableObject(),
deploymentDirectives: [],
};
},
),
return clusterConfig;
}
)
);
// lets enable getting of certificates
@@ -89,14 +86,77 @@ export class CloudlyCoreflowManager {
async (dataArg) => {
console.log(`incoming API request for certificate ${dataArg.domainName}`);
const cert = await this.cloudlyRef.letsencryptConnector.getCertificateForDomain(
dataArg.domainName,
dataArg.domainName
);
console.log(`got certificate ready for reponse ${dataArg.domainName}`);
return {
certificate: await cert.createSavableObject(),
certificate: cert,
};
},
),
}
)
);
}
public async getClusterConfigPayloadForIdentity(
identityArg: plugins.servezoneInterfaces.data.IIdentity,
): Promise<plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig['request']> {
const cluster = await this.cloudlyRef.clusterManager.getClusterBy_Identity(identityArg);
const services = await this.cloudlyRef.serviceManager.CService.getInstances({});
const platformDesiredState = await this.cloudlyRef.platformManager.getPlatformDesiredState();
const settings = await this.cloudlyRef.settingsManager.getSettings();
const targetPort = Number(settings.dcrouterTargetPort || '80');
const externalGateway = settings.dcrouterGatewayUrl && settings.dcrouterGatewayApiToken
? {
url: settings.dcrouterGatewayUrl,
apiToken: settings.dcrouterGatewayApiToken,
workHosterType: 'cloudly' as const,
workHosterId: settings.dcrouterWorkHosterId || cluster.id,
targetHost: settings.dcrouterTargetHost,
targetPort: Number.isInteger(targetPort) && targetPort > 0 ? targetPort : 80,
}
: undefined;
const payload: plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig['request'] & {
externalGateway?: typeof externalGateway;
} = {
configData: await cluster.createSavableObject(),
services: await Promise.all(services.map((service) => service.createSavableObject())),
platformProviderConfigs: platformDesiredState.providerConfigs,
platformBindings: platformDesiredState.bindings,
};
if (externalGateway) {
payload.externalGateway = externalGateway;
}
return payload;
}
public async pushClusterConfigToConnectedCoreflows() {
const typedsocket = this.cloudlyRef.server.typedServer?.typedsocket;
if (!typedsocket) {
return 0;
}
const connections = await typedsocket.findAllTargetConnections(async (connectionArg) => {
const identityTag = await connectionArg.getTagById('identity');
const identity = identityTag?.payload as plugins.servezoneInterfaces.data.IIdentity | undefined;
return identity?.role === 'cluster' && !!identity.userId;
});
await Promise.all(
connections.map(async (connectionArg) => {
const identityTag = await connectionArg.getTagById('identity');
const identity = identityTag?.payload as plugins.servezoneInterfaces.data.IIdentity;
try {
const pushClusterConfig = typedsocket.createTypedRequest<plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig>(
'pushClusterConfig',
connectionArg,
);
await pushClusterConfig.fire(await this.getClusterConfigPayloadForIdentity(identity));
} catch (error) {
logger.log('error', `failed to push cluster config to coreflow ${identity.userId}: ${(error as Error).message}`);
}
}),
);
return connections.length;
}
}
ts/manager.deployment/classes.deployment.ts
+98
View File
@@ -0,0 +1,98 @@
import * as plugins from '../plugins.js';
@plugins.smartdata.managed()
export class Deployment extends plugins.smartdata.SmartDataDbDoc<
Deployment,
plugins.servezoneInterfaces.data.IDeployment
> {
@plugins.smartdata.unI()
public id: string = plugins.smartunique.uniSimple('deployment');
@plugins.smartdata.svDb()
public serviceId!: string;
@plugins.smartdata.svDb()
public nodeId!: string;
@plugins.smartdata.svDb()
public containerId?: string;
@plugins.smartdata.svDb()
public usedImageId!: string;
@plugins.smartdata.svDb()
public version!: string;
@plugins.smartdata.svDb()
public deployedAt!: number;
@plugins.smartdata.svDb()
public deploymentLog: string[] = [];
@plugins.smartdata.svDb()
public status!: 'scheduled' | 'starting' | 'running' | 'stopping' | 'stopped' | 'failed';
@plugins.smartdata.svDb()
public healthStatus?: 'healthy' | 'unhealthy' | 'unknown';
@plugins.smartdata.svDb()
public resourceUsage?: {
cpuUsagePercent: number;
memoryUsedMB: number;
lastUpdated: number;
};
public static async createDeployment(
deploymentData: Partial<plugins.servezoneInterfaces.data.IDeployment>
): Promise<Deployment> {
const deployment = new Deployment();
if (deploymentData.serviceId) deployment.serviceId = deploymentData.serviceId;
if (deploymentData.nodeId) deployment.nodeId = deploymentData.nodeId;
if (deploymentData.containerId) deployment.containerId = deploymentData.containerId;
if (deploymentData.usedImageId) deployment.usedImageId = deploymentData.usedImageId;
if (deploymentData.version) deployment.version = deploymentData.version;
if (deploymentData.deployedAt) deployment.deployedAt = deploymentData.deployedAt;
if (deploymentData.deploymentLog) deployment.deploymentLog = deploymentData.deploymentLog;
if (deploymentData.status) deployment.status = deploymentData.status;
if (deploymentData.healthStatus) deployment.healthStatus = deploymentData.healthStatus;
if (deploymentData.resourceUsage) deployment.resourceUsage = deploymentData.resourceUsage;
await deployment.save();
return deployment;
}
public async updateHealthStatus(healthStatus: 'healthy' | 'unhealthy' | 'unknown') {
this.healthStatus = healthStatus;
await this.save();
}
public async updateResourceUsage(cpuUsagePercent: number, memoryUsedMB: number) {
this.resourceUsage = {
cpuUsagePercent,
memoryUsedMB,
lastUpdated: Date.now(),
};
await this.save();
}
public async addLogEntry(entry: string) {
this.deploymentLog.push(entry);
await this.save();
}
public async createSavableObject(): Promise<plugins.servezoneInterfaces.data.IDeployment> {
return {
id: this.id,
serviceId: this.serviceId,
nodeId: this.nodeId,
containerId: this.containerId,
usedImageId: this.usedImageId,
version: this.version,
deployedAt: this.deployedAt,
deploymentLog: this.deploymentLog,
status: this.status,
healthStatus: this.healthStatus,
resourceUsage: this.resourceUsage,
};
}
}
ts/manager.deployment/classes.deploymentmanager.ts
+329
View File
@@ -0,0 +1,329 @@
import type { Cloudly } from '../classes.cloudly.js';
import * as plugins from '../plugins.js';
import { Deployment } from './classes.deployment.js';
export class DeploymentManager {
public typedrouter = new plugins.typedrequest.TypedRouter();
public cloudlyRef: Cloudly;
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CDeployment = plugins.smartdata.setDefaultManagerForDoc(this, Deployment);
constructor(cloudlyRef: Cloudly) {
this.cloudlyRef = cloudlyRef;
// Connect typedrouter to main router
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
// Get all deployments
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_GetDeployments>(
'getDeployments',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployments = await this.CDeployment.getInstances({});
return {
deployments: await Promise.all(
deployments.map((deployment) => deployment.createSavableObject())
),
};
}
)
);
// Get deployment by ID
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_GetDeploymentById>(
'getDeploymentById',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployment = await this.CDeployment.getInstance({
id: reqArg.deploymentId,
});
if (!deployment) {
throw new Error('Deployment not found');
}
return {
deployment: await deployment.createSavableObject(),
};
}
)
);
// Get deployments by service
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_GetDeploymentsByService>(
'getDeploymentsByService',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployments = await this.CDeployment.getInstances({
serviceId: reqArg.serviceId,
});
return {
deployments: await Promise.all(
deployments.map((deployment) => deployment.createSavableObject())
),
};
}
)
);
// Get deployments by node
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_GetDeploymentsByNode>(
'getDeploymentsByNode',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployments = await this.CDeployment.getInstances({
nodeId: reqArg.nodeId,
});
return {
deployments: await Promise.all(
deployments.map((deployment) => deployment.createSavableObject())
),
};
}
)
);
// Create deployment
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_CreateDeployment>(
'createDeployment',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployment = await Deployment.createDeployment(reqArg.deploymentData);
return {
deployment: await deployment.createSavableObject(),
};
}
)
);
// Update deployment
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_UpdateDeployment>(
'updateDeployment',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployment = await this.CDeployment.getInstance({
id: reqArg.deploymentId,
});
if (!deployment) {
throw new Error('Deployment not found');
}
// Update fields
if (reqArg.deploymentData.status !== undefined) {
deployment.status = reqArg.deploymentData.status;
}
if (reqArg.deploymentData.healthStatus !== undefined) {
deployment.healthStatus = reqArg.deploymentData.healthStatus;
}
if (reqArg.deploymentData.containerId !== undefined) {
deployment.containerId = reqArg.deploymentData.containerId;
}
if (reqArg.deploymentData.resourceUsage !== undefined) {
deployment.resourceUsage = reqArg.deploymentData.resourceUsage;
}
await deployment.save();
return {
deployment: await deployment.createSavableObject(),
};
}
)
);
// Delete deployment
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_DeleteDeploymentById>(
'deleteDeploymentById',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployment = await this.CDeployment.getInstance({
id: reqArg.deploymentId,
});
if (!deployment) {
throw new Error('Deployment not found');
}
const serviceId = deployment.serviceId;
await deployment.delete();
// Check if this was the last deployment for the service
const remainingDeployments = await this.getDeploymentsForService(serviceId);
if (remainingDeployments.length === 0) {
// Deactivate DNS entries if no more deployments exist
await this.cloudlyRef.dnsManager.deactivateServiceDnsEntries(serviceId);
}
return {
success: true,
};
}
)
);
// Restart deployment
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_RestartDeployment>(
'restartDeployment',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const deployment = await this.CDeployment.getInstance({
id: reqArg.deploymentId,
});
if (!deployment) {
throw new Error('Deployment not found');
}
// TODO: Implement actual restart logic with Docker/container runtime
deployment.status = 'starting';
await deployment.save();
return {
success: true,
deployment: await deployment.createSavableObject(),
};
}
)
);
// Scale deployment
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.deployment.IReq_Any_Cloudly_ScaleDeployment>(
'scaleDeployment',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
// TODO: Implement scaling logic
// This would create/delete deployment instances based on replicas count
const deployment = await this.CDeployment.getInstance({
id: reqArg.deploymentId,
});
if (!deployment) {
throw new Error('Deployment not found');
}
return {
success: true,
deployment: await deployment.createSavableObject(),
};
}
)
);
}
/**
* Get all deployments
*/
public async getAllDeployments(): Promise<Deployment[]> {
return await this.CDeployment.getInstances({});
}
/**
* Get deployments for a specific service
*/
public async getDeploymentsForService(serviceId: string): Promise<Deployment[]> {
return await this.CDeployment.getInstances({
serviceId,
});
}
/**
* Get deployments for a specific node
*/
public async getDeploymentsForNode(nodeId: string): Promise<Deployment[]> {
return await this.CDeployment.getInstances({
nodeId,
});
}
/**
* Create a new deployment
*/
public async createDeployment(
serviceId: string,
nodeId: string,
version: string = 'latest'
): Promise<Deployment> {
const deployment = await Deployment.createDeployment({
serviceId,
nodeId,
version,
status: 'scheduled',
deployedAt: Date.now(),
deploymentLog: [`Deployment created at ${new Date().toISOString()}`],
});
// Activate DNS entries for the service
await this.cloudlyRef.dnsManager.activateServiceDnsEntries(serviceId);
// Get the node's IP address and update DNS entries
const node = await this.cloudlyRef.nodeManager.CClusterNode.getInstance({
id: nodeId,
});
if (node?.data.baremetalId) {
const baremetal = await this.cloudlyRef.baremetalManager.CBareMetal.getInstance({
id: node.data.baremetalId,
});
if (baremetal?.data.primaryIp) {
await this.cloudlyRef.dnsManager.updateServiceDnsEntriesIp(serviceId, baremetal.data.primaryIp);
}
}
return deployment;
}
public async start() {
// DeploymentManager is ready - handlers are already registered in constructor
console.log('DeploymentManager started');
}
public async stop() {
// Cleanup if needed
console.log('DeploymentManager stopped');
}
}
ts/manager.dns/classes.dnsentry.ts
+149
View File
@@ -0,0 +1,149 @@
import * as plugins from '../plugins.js';
import { DnsManager } from './classes.dnsmanager.js';
@plugins.smartdata.managed()
export class DnsEntry extends plugins.smartdata.SmartDataDbDoc<
DnsEntry,
plugins.servezoneInterfaces.data.IDnsEntry,
DnsManager
> {
// STATIC
public static async getDnsEntryById(dnsEntryIdArg: string) {
const dnsEntry = await this.getInstance({
id: dnsEntryIdArg,
});
return dnsEntry;
}
public static async getDnsEntries(filterArg?: { zone?: string }) {
const filter: any = {};
if (filterArg?.zone) {
filter['data.zone'] = filterArg.zone;
}
const dnsEntries = await this.getInstances(filter);
return dnsEntries;
}
public static async getDnsZones() {
const dnsEntries = await this.getInstances({});
const zones = new Set<string>();
for (const entry of dnsEntries) {
if (entry.data.zone) {
zones.add(entry.data.zone);
}
}
return Array.from(zones).sort();
}
public static async createDnsEntry(dnsEntryDataArg: plugins.servezoneInterfaces.data.IDnsEntry['data']) {
const dnsEntry = new DnsEntry();
dnsEntry.id = await DnsEntry.getNewId();
dnsEntry.data = {
...dnsEntryDataArg,
ttl: dnsEntryDataArg.ttl || 3600, // Default TTL: 1 hour
active: dnsEntryDataArg.active !== false, // Default to active
createdAt: Date.now(),
updatedAt: Date.now(),
};
await dnsEntry.save();
return dnsEntry;
}
public static async updateDnsEntry(
dnsEntryIdArg: string,
dnsEntryDataArg: Partial<plugins.servezoneInterfaces.data.IDnsEntry['data']>
) {
const dnsEntry = await this.getInstance({
id: dnsEntryIdArg,
});
if (!dnsEntry) {
throw new Error(`DNS entry with id ${dnsEntryIdArg} not found`);
}
Object.assign(dnsEntry.data, dnsEntryDataArg, {
updatedAt: Date.now(),
});
await dnsEntry.save();
return dnsEntry;
}
public static async deleteDnsEntry(dnsEntryIdArg: string) {
const dnsEntry = await this.getInstance({
id: dnsEntryIdArg,
});
if (!dnsEntry) {
throw new Error(`DNS entry with id ${dnsEntryIdArg} not found`);
}
await dnsEntry.delete();
return true;
}
// INSTANCE
@plugins.smartdata.svDb()
public id!: string;
@plugins.smartdata.svDb()
public data!: plugins.servezoneInterfaces.data.IDnsEntry['data'];
/**
* Validates the DNS entry data
*/
public validateData(): boolean {
const { type, name, value, zone } = this.data;
// Basic validation
if (!type || !name || !value || !zone) {
return false;
}
// Type-specific validation
switch (type) {
case 'A':
// Validate IPv4 address
return /^(\d{1,3}\.){3}\d{1,3}$/.test(value);
case 'AAAA':
// Validate IPv6 address (simplified)
return /^([0-9a-fA-F]{0,4}:){7}[0-9a-fA-F]{0,4}$/.test(value);
case 'MX':
// MX records must have priority
return this.data.priority !== undefined && this.data.priority >= 0;
case 'SRV':
// SRV records must have priority, weight, and port
return (
this.data.priority !== undefined &&
this.data.weight !== undefined &&
this.data.port !== undefined
);
case 'CNAME':
case 'NS':
case 'PTR':
// These should point to valid domain names
return /^[a-zA-Z0-9.-]+$/.test(value);
case 'TXT':
case 'CAA':
case 'SOA':
// These can contain any text
return true;
default:
return false;
}
}
/**
* Get a formatted string representation of the DNS entry
*/
public toFormattedString(): string {
const { type, name, value, ttl, priority } = this.data;
let result = `${name} ${ttl} IN ${type}`;
if (priority !== undefined) {
result += ` ${priority}`;
}
if (type === 'SRV' && this.data.weight !== undefined && this.data.port !== undefined) {
result += ` ${this.data.weight} ${this.data.port}`;
}
result += ` ${value}`;
return result;
}
}
ts/manager.dns/classes.dnsmanager.ts
+267
View File
@@ -0,0 +1,267 @@
import type { Cloudly } from '../classes.cloudly.js';
import * as plugins from '../plugins.js';
import { DnsEntry } from './classes.dnsentry.js';
export class DnsManager {
public typedrouter = new plugins.typedrequest.TypedRouter();
public cloudlyRef: Cloudly;
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CDnsEntry = plugins.smartdata.setDefaultManagerForDoc(this, DnsEntry);
constructor(cloudlyRef: Cloudly) {
this.cloudlyRef = cloudlyRef;
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
// Get all DNS entries
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.dns.IRequest_Any_Cloudly_GetDnsEntries>(
'getDnsEntries',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const dnsEntries = await this.CDnsEntry.getDnsEntries(
reqArg.zone ? { zone: reqArg.zone } : undefined
);
return {
dnsEntries: await Promise.all(
dnsEntries.map((entry) => entry.createSavableObject())
),
};
}
)
);
// Get DNS entry by ID
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.dns.IRequest_Any_Cloudly_GetDnsEntryById>(
'getDnsEntryById',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const dnsEntry = await this.CDnsEntry.getDnsEntryById(reqArg.dnsEntryId);
if (!dnsEntry) {
throw new Error(`DNS entry with id ${reqArg.dnsEntryId} not found`);
}
return {
dnsEntry: await dnsEntry.createSavableObject(),
};
}
)
);
// Create DNS entry
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.dns.IRequest_Any_Cloudly_CreateDnsEntry>(
'createDnsEntry',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
// Validate domain exists and is activated if domainId is provided
if (reqArg.dnsEntryData.domainId) {
const domain = await this.cloudlyRef.domainManager.CDomain.getDomainById(reqArg.dnsEntryData.domainId);
if (!domain) {
throw new Error(`Domain with id ${reqArg.dnsEntryData.domainId} not found`);
}
if ((domain.data as any).activationState !== 'activated') {
throw new Error(`Domain ${domain.data.name} is not activated; DNS changes are not allowed.`);
}
// Set the zone from the domain name
reqArg.dnsEntryData.zone = domain.data.name;
}
const dnsEntry = await this.CDnsEntry.createDnsEntry(reqArg.dnsEntryData);
return {
dnsEntry: await dnsEntry.createSavableObject(),
};
}
)
);
// Update DNS entry
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.dns.IRequest_Any_Cloudly_UpdateDnsEntry>(
'updateDnsEntry',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
// Validate domain exists and is activated if domainId is provided
if (reqArg.dnsEntryData.domainId) {
const domain = await this.cloudlyRef.domainManager.CDomain.getDomainById(reqArg.dnsEntryData.domainId);
if (!domain) {
throw new Error(`Domain with id ${reqArg.dnsEntryData.domainId} not found`);
}
if ((domain.data as any).activationState !== 'activated') {
throw new Error(`Domain ${domain.data.name} is not activated; DNS changes are not allowed.`);
}
// Set the zone from the domain name
reqArg.dnsEntryData.zone = domain.data.name;
}
const dnsEntry = await this.CDnsEntry.updateDnsEntry(
reqArg.dnsEntryId,
reqArg.dnsEntryData
);
return {
dnsEntry: await dnsEntry.createSavableObject(),
};
}
)
);
// Delete DNS entry
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.dns.IRequest_Any_Cloudly_DeleteDnsEntry>(
'deleteDnsEntry',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const success = await this.CDnsEntry.deleteDnsEntry(reqArg.dnsEntryId);
return {
success,
};
}
)
);
// Get DNS zones
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.dns.IRequest_Any_Cloudly_GetDnsZones>(
'getDnsZones',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const zones = await this.CDnsEntry.getDnsZones();
return {
zones,
};
}
)
);
}
/**
* Create a DNS entry for a service
* @param dnsEntryData The DNS entry data
*/
public async createServiceDnsEntry(dnsEntryData: plugins.servezoneInterfaces.data.IDnsEntry['data']) {
// If domainId is provided, get the domain and set the zone
if (dnsEntryData.domainId) {
const domain = await this.cloudlyRef.domainManager.CDomain.getInstance({
id: dnsEntryData.domainId,
});
if (domain) {
dnsEntryData.zone = domain.data.name;
}
}
// Create the DNS entry
const dnsEntry = await this.CDnsEntry.createDnsEntry(dnsEntryData);
return dnsEntry;
}
/**
* Activate DNS entries for a service when it's deployed
* @param serviceId The service ID
*/
public async activateServiceDnsEntries(serviceId: string) {
const dnsEntries = await this.CDnsEntry.getInstances({
'data.sourceServiceId': serviceId,
'data.sourceType': 'service',
});
for (const entry of dnsEntries) {
entry.data.active = true;
entry.data.updatedAt = Date.now();
await entry.save();
}
}
/**
* Deactivate DNS entries for a service when it's undeployed
* @param serviceId The service ID
*/
public async deactivateServiceDnsEntries(serviceId: string) {
const dnsEntries = await this.CDnsEntry.getInstances({
'data.sourceServiceId': serviceId,
'data.sourceType': 'service',
});
for (const entry of dnsEntries) {
entry.data.active = false;
entry.data.updatedAt = Date.now();
await entry.save();
}
}
/**
* Remove all DNS entries for a service
* @param serviceId The service ID
*/
public async removeServiceDnsEntries(serviceId: string) {
const dnsEntries = await this.CDnsEntry.getInstances({
'data.sourceServiceId': serviceId,
'data.sourceType': 'service',
});
for (const entry of dnsEntries) {
await entry.delete();
}
}
/**
* Update DNS entry values when deployment happens
* @param serviceId The service ID
* @param ipAddress The IP address to set for the DNS entries
*/
public async updateServiceDnsEntriesIp(serviceId: string, ipAddress: string) {
const dnsEntries = await this.CDnsEntry.getInstances({
'data.sourceServiceId': serviceId,
'data.sourceType': 'service',
});
for (const entry of dnsEntries) {
if (entry.data.type === 'A' || entry.data.type === 'AAAA') {
entry.data.value = ipAddress;
entry.data.updatedAt = Date.now();
await entry.save();
}
}
}
/**
* Initialize the DNS manager
*/
public async init() {
console.log('DNS Manager initialized');
}
/**
* Stop the DNS manager
*/
public async stop() {
console.log('DNS Manager stopped');
}
}
ts/manager.domain/classes.domain.ts
+211
View File
@@ -0,0 +1,211 @@
import * as plugins from '../plugins.js';
import { DomainManager } from './classes.domainmanager.js';
@plugins.smartdata.managed()
export class Domain extends plugins.smartdata.SmartDataDbDoc<
Domain,
plugins.servezoneInterfaces.data.IDomain,
DomainManager
> {
// STATIC
public static async getDomainById(domainIdArg: string) {
const domain = await this.getInstance({
id: domainIdArg,
});
return domain;
}
public static async getDomainByName(domainNameArg: string) {
const domain = await this.getInstance({
'data.name': domainNameArg,
});
return domain;
}
public static async getDomains() {
const domains = await this.getInstances({});
return domains;
}
public static async createDomain(domainDataArg: plugins.servezoneInterfaces.data.IDomain['data']) {
const domain = new Domain();
domain.id = await Domain.getNewId();
domain.data = {
...domainDataArg,
status: domainDataArg.status || 'pending',
verificationStatus: domainDataArg.verificationStatus || 'pending',
nameservers: domainDataArg.nameservers || [],
autoRenew: domainDataArg.autoRenew !== false,
activationState: domainDataArg.activationState || 'available',
syncSource: domainDataArg.syncSource ?? null,
lastSyncAt: domainDataArg.lastSyncAt,
createdAt: Date.now(),
updatedAt: Date.now(),
};
await domain.save();
return domain;
}
public static async updateDomain(
domainIdArg: string,
domainDataArg: Partial<plugins.servezoneInterfaces.data.IDomain['data']>
) {
const domain = await this.getInstance({
id: domainIdArg,
});
if (!domain) {
throw new Error(`Domain with id ${domainIdArg} not found`);
}
// Merge updates and respect incoming activationState when provided
Object.assign(domain.data, domainDataArg);
domain.data.updatedAt = Date.now();
// Ensure activationState has a sensible default if still missing
if (!domain.data.activationState) {
(domain.data as any).activationState = 'available';
}
await domain.save();
return domain;
}
public static async deleteDomain(domainIdArg: string) {
const domain = await this.getInstance({
id: domainIdArg,
});
if (!domain) {
throw new Error(`Domain with id ${domainIdArg} not found`);
}
// Check if there are DNS entries for this domain
const dnsManager = domain.manager.cloudlyRef.dnsManager;
const dnsEntries = await dnsManager.CDnsEntry.getInstances({
'data.zone': domain.data.name,
});
if (dnsEntries.length > 0) {
console.log(`Warning: Deleting domain ${domain.data.name} with ${dnsEntries.length} DNS entries`);
// Optionally delete associated DNS entries
for (const dnsEntry of dnsEntries) {
await dnsEntry.delete();
}
}
await domain.delete();
return true;
}
// INSTANCE
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public data!: plugins.servezoneInterfaces.data.IDomain['data'];
/**
* Verify domain ownership
*/
public async verifyDomain(methodArg?: 'dns' | 'http' | 'email' | 'manual') {
const method = methodArg || this.data.verificationMethod || 'dns';
// Generate verification token if not exists
if (!this.data.verificationToken) {
this.data.verificationToken = plugins.smartunique.shortId();
await this.save();
}
let verificationResult = {
success: false,
message: '',
details: {} as any,
};
switch (method) {
case 'dns':
// Check for TXT record with verification token
verificationResult = await this.verifyViaDns();
break;
case 'http':
// Check for file at well-known URL
verificationResult = await this.verifyViaHttp();
break;
case 'email':
// Send verification email
verificationResult = await this.verifyViaEmail();
break;
case 'manual':
// Manual verification
verificationResult.success = true;
verificationResult.message = 'Manually verified';
break;
}
// Update verification status
if (verificationResult.success) {
this.data.verificationStatus = 'verified';
this.data.lastVerificationAt = Date.now();
this.data.verificationMethod = method;
} else {
this.data.verificationStatus = 'failed';
this.data.lastVerificationAt = Date.now();
}
await this.save();
return verificationResult;
}
private async verifyViaDns(): Promise<{ success: boolean; message: string; details: any }> {
// TODO: Implement DNS verification
// Look for TXT record _cloudly-verify.{domain} with value {verificationToken}
return {
success: false,
message: 'DNS verification not yet implemented',
details: {
expectedRecord: `_cloudly-verify.${this.data.name}`,
expectedValue: this.data.verificationToken,
},
};
}
private async verifyViaHttp(): Promise<{ success: boolean; message: string; details: any }> {
// TODO: Implement HTTP verification
// Check for file at http://{domain}/.well-known/cloudly-verify.txt
return {
success: false,
message: 'HTTP verification not yet implemented',
details: {
expectedUrl: `http://${this.data.name}/.well-known/cloudly-verify.txt`,
expectedContent: this.data.verificationToken,
},
};
}
private async verifyViaEmail(): Promise<{ success: boolean; message: string; details: any }> {
// TODO: Implement email verification
return {
success: false,
message: 'Email verification not yet implemented',
details: {},
};
}
/**
* Check if domain is expiring soon
*/
public isExpiringSoon(daysThreshold: number = 30): boolean {
if (!this.data.expiresAt) {
return false;
}
const daysUntilExpiry = (this.data.expiresAt - Date.now()) / (1000 * 60 * 60 * 24);
return daysUntilExpiry <= daysThreshold;
}
/**
* Get all DNS entries for this domain
*/
public async getDnsEntries() {
const dnsManager = this.manager.cloudlyRef.dnsManager;
const dnsEntries = await dnsManager.CDnsEntry.getInstances({
'data.zone': this.data.name,
});
return dnsEntries;
}
}
ts/manager.domain/classes.domainmanager.ts
+258
View File
@@ -0,0 +1,258 @@
import type { Cloudly } from '../classes.cloudly.js';
import * as plugins from '../plugins.js';
import { Domain } from './classes.domain.js';
interface IWorkHosterDomain {
name: string;
nameservers?: string[];
capabilities?: {
canCreateSubdomains: boolean;
canManageDnsRecords: boolean;
canIssueCertificates: boolean;
canHostEmail: boolean;
};
}
export class DomainManager {
public typedrouter = new plugins.typedrequest.TypedRouter();
public cloudlyRef: Cloudly;
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CDomain = plugins.smartdata.setDefaultManagerForDoc(this, Domain);
constructor(cloudlyRef: Cloudly) {
this.cloudlyRef = cloudlyRef;
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
// Get all domains
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.domain.IRequest_Any_Cloudly_GetDomains>(
'getDomains',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const domains = await this.CDomain.getDomains();
return {
domains: await Promise.all(
domains.map((domain) => domain.createSavableObject())
),
};
}
)
);
// Get domain by ID
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.domain.IRequest_Any_Cloudly_GetDomainById>(
'getDomainById',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const domain = await this.CDomain.getDomainById(reqArg.domainId);
if (!domain) {
throw new Error(`Domain with id ${reqArg.domainId} not found`);
}
return {
domain: await domain.createSavableObject(),
};
}
)
);
// Create domain
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.domain.IRequest_Any_Cloudly_CreateDomain>(
'createDomain',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
// Check if domain already exists
const existingDomain = await this.CDomain.getDomainByName(reqArg.domainData.name);
if (existingDomain) {
throw new Error(`Domain ${reqArg.domainData.name} already exists`);
}
const domain = await this.CDomain.createDomain(reqArg.domainData);
return {
domain: await domain.createSavableObject(),
};
}
)
);
// Update domain
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.domain.IRequest_Any_Cloudly_UpdateDomain>(
'updateDomain',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const domain = await this.CDomain.updateDomain(
reqArg.domainId,
reqArg.domainData
);
return {
domain: await domain.createSavableObject(),
};
}
)
);
// Delete domain
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.domain.IRequest_Any_Cloudly_DeleteDomain>(
'deleteDomain',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const success = await this.CDomain.deleteDomain(reqArg.domainId);
return {
success,
};
}
)
);
// Verify domain
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.domain.IRequest_Any_Cloudly_VerifyDomain>(
'verifyDomain',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const domain = await this.CDomain.getDomainById(reqArg.domainId);
if (!domain) {
throw new Error(`Domain with id ${reqArg.domainId} not found`);
}
const verificationResult = await domain.verifyDomain(reqArg.verificationMethod);
return {
domain: await domain.createSavableObject(),
verificationResult,
};
}
)
);
}
/**
* Initialize the domain manager
*/
public async init() {
await this.syncExternalGatewayDomains().catch((error) => {
console.log(`External gateway domain sync failed: ${(error as Error).message}`);
});
console.log('Domain Manager initialized');
}
public async syncExternalGatewayDomains(): Promise<number> {
const settings = await this.cloudlyRef.settingsManager.getSettings();
if (!settings.dcrouterGatewayUrl || !settings.dcrouterGatewayApiToken) {
return 0;
}
const typedRequest = new plugins.typedrequest.TypedRequest<any>(
`${settings.dcrouterGatewayUrl.replace(/\/+$/, '')}/typedrequest`,
'getWorkHosterDomains',
);
const response = await typedRequest.fire({
apiToken: settings.dcrouterGatewayApiToken,
}) as { domains: IWorkHosterDomain[] };
const activeDomainNames = new Set<string>();
for (const gatewayDomain of response.domains) {
const domainName = gatewayDomain.name.trim().toLowerCase();
if (!domainName) continue;
activeDomainNames.add(domainName);
const existingDomain = await this.CDomain.getDomainByName(domainName);
const tags = Array.from(new Set([...(existingDomain?.data.tags || []), 'dcrouter']));
const domainData: Partial<plugins.servezoneInterfaces.data.IDomain['data']> = {
name: domainName,
status: 'active',
verificationStatus: 'not_required',
nameservers: gatewayDomain.nameservers || existingDomain?.data.nameservers || [],
autoRenew: gatewayDomain.capabilities?.canIssueCertificates !== false,
activationState: 'available',
syncSource: 'manual',
lastSyncAt: Date.now(),
isExternal: true,
tags,
};
if (existingDomain) {
await this.CDomain.updateDomain(existingDomain.id, domainData);
} else {
await this.CDomain.createDomain(domainData as plugins.servezoneInterfaces.data.IDomain['data']);
}
}
const knownDomains = await this.CDomain.getDomains();
for (const domain of knownDomains) {
if (domain.data.tags?.includes('dcrouter') && !activeDomainNames.has(domain.data.name)) {
await this.CDomain.updateDomain(domain.id, {
activationState: 'ignored',
lastSyncAt: Date.now(),
});
}
}
console.log(`Synced ${activeDomainNames.size} domain(s) from external dcrouter gateway`);
return activeDomainNames.size;
}
/**
* Stop the domain manager
*/
public async stop() {
console.log('Domain Manager stopped');
}
/**
* Get all active domains
*/
public async getActiveDomains() {
const domains = await this.CDomain.getInstances({
'data.status': 'active',
});
return domains;
}
/**
* Get domains that are expiring soon
*/
public async getExpiringDomains(daysThreshold: number = 30) {
const domains = await this.CDomain.getDomains();
return domains.filter(domain => domain.isExpiringSoon(daysThreshold));
}
/**
* Check if a domain name is available (not in our system)
*/
public async isDomainAvailable(domainName: string): Promise<boolean> {
const existingDomain = await this.CDomain.getDomainByName(domainName);
return !existingDomain;
}
}
ts/manager.externalregistry/classes.externalregistry.ts
+207
View File
@@ -0,0 +1,207 @@
import * as plugins from '../plugins.js';
import * as paths from '../paths.js';
import type { Cloudly } from '../classes.cloudly.js';
import type { ExternalRegistryManager } from './classes.externalregistrymanager.js';
@plugins.smartdata.managed()
export class ExternalRegistry extends plugins.smartdata.SmartDataDbDoc<ExternalRegistry, plugins.servezoneInterfaces.data.IExternalRegistry, ExternalRegistryManager> {
// STATIC
public static async getRegistryById(registryIdArg: string) {
const externalRegistry = await this.getInstance({
id: registryIdArg,
});
return externalRegistry;
}
public static async getRegistries() {
const externalRegistries = await this.getInstances({});
return externalRegistries;
}
public static async getDefaultRegistry(type: 'docker' | 'npm' = 'docker') {
const defaultRegistry = await this.getInstance({
'data.type': type,
'data.isDefault': true,
});
return defaultRegistry;
}
public static async createExternalRegistry(registryDataArg: Partial<plugins.servezoneInterfaces.data.IExternalRegistry['data']>) {
const externalRegistry = new ExternalRegistry();
externalRegistry.id = await this.getNewId();
externalRegistry.data = {
type: registryDataArg.type || 'docker',
name: registryDataArg.name || '',
url: registryDataArg.url || '',
username: registryDataArg.username,
password: registryDataArg.password,
description: registryDataArg.description,
isDefault: registryDataArg.isDefault || false,
authType: registryDataArg.authType || (registryDataArg.username || registryDataArg.password ? 'basic' : 'none'),
insecure: registryDataArg.insecure || false,
namespace: registryDataArg.namespace,
proxy: registryDataArg.proxy,
config: registryDataArg.config,
status: 'unverified',
createdAt: Date.now(),
updatedAt: Date.now(),
};
// If this is set as default, unset other defaults of the same type
if (externalRegistry.data.isDefault) {
const existingDefaults = await this.getInstances({
'data.type': externalRegistry.data.type,
'data.isDefault': true,
});
for (const existingDefault of existingDefaults) {
existingDefault.data.isDefault = false;
await existingDefault.save();
}
}
await externalRegistry.save();
return externalRegistry;
}
public static async updateExternalRegistry(
registryIdArg: string,
registryDataArg: Partial<plugins.servezoneInterfaces.data.IExternalRegistry['data']>
) {
const externalRegistry = await this.getRegistryById(registryIdArg);
if (!externalRegistry) {
throw new Error(`Registry with id ${registryIdArg} not found`);
}
// If setting as default, unset other defaults of the same type
if (registryDataArg.isDefault && !externalRegistry.data.isDefault) {
const existingDefaults = await this.getInstances({
'data.type': externalRegistry.data.type,
'data.isDefault': true,
});
for (const existingDefault of existingDefaults) {
if (existingDefault.id !== registryIdArg) {
existingDefault.data.isDefault = false;
await existingDefault.save();
}
}
}
// Update fields
Object.assign(externalRegistry.data, registryDataArg, {
updatedAt: Date.now(),
});
await externalRegistry.save();
return externalRegistry;
}
public static async deleteExternalRegistry(registryIdArg: string) {
const externalRegistry = await this.getRegistryById(registryIdArg);
if (!externalRegistry) {
return false;
}
await externalRegistry.delete();
return true;
}
// INSTANCE
@plugins.smartdata.svDb()
public id!: string;
@plugins.smartdata.svDb()
public data!: plugins.servezoneInterfaces.data.IExternalRegistry['data'];
constructor() {
super();
}
/**
* Verify the registry connection
*/
public async verifyConnection(): Promise<{ success: boolean; message?: string }> {
try {
// For Docker registries, try to access the v2 API
if (this.data.type === 'docker') {
const registryUrl = this.data.url.replace(/\/$/, ''); // Remove trailing slash
// Build headers based on auth type
const headers: any = {};
if (this.data.authType === 'basic' && this.data.username && this.data.password) {
headers['Authorization'] = 'Basic ' + Buffer.from(`${this.data.username}:${this.data.password}`).toString('base64');
} else if (this.data.authType === 'token' && this.data.password) {
// For token auth, password field contains the token
headers['Authorization'] = `Bearer ${this.data.password}`;
}
// For 'none' auth type or missing credentials, no auth header is added
// Try to access the Docker Registry v2 API
const response = await fetch(`${registryUrl}/v2/`, {
headers,
// Allow insecure if configured
...(this.data.insecure ? { rejectUnauthorized: false } : {}),
}).catch(err => {
throw new Error(`Failed to connect: ${err.message}`);
});
if (response.status === 200) {
// 200 means successful (either public or authenticated)
this.data.status = 'active';
this.data.lastVerified = Date.now();
this.data.lastError = undefined;
await this.save();
return { success: true, message: 'Registry connection successful' };
} else if (response.status === 401 && this.data.authType === 'none') {
// 401 with no auth means registry exists but needs auth
throw new Error('Registry requires authentication');
} else if (response.status === 401) {
throw new Error('Authentication failed - check credentials');
} else {
throw new Error(`Registry returned status ${response.status}`);
}
}
// For npm registries, implement npm-specific verification
if (this.data.type === 'npm') {
// TODO: Implement npm registry verification
this.data.status = 'unverified';
return { success: false, message: 'NPM registry verification not yet implemented' };
}
return { success: false, message: 'Unknown registry type' };
} catch (error) {
const errorMessage = error instanceof Error ? error.message : String(error);
this.data.status = 'error';
this.data.lastError = errorMessage;
await this.save();
return { success: false, message: errorMessage };
}
}
/**
* Get the full registry URL with namespace if applicable
*/
public getFullRegistryUrl(): string {
let url = this.data.url.replace(/\/$/, ''); // Remove trailing slash
if (this.data.namespace) {
url = `${url}/${this.data.namespace}`;
}
return url;
}
/**
* Get Docker auth config for this registry
*/
public getDockerAuthConfig() {
if (this.data.type !== 'docker') {
return null;
}
return {
username: this.data.username,
password: this.data.password,
email: this.data.config?.dockerConfig?.email,
serveraddress: this.data.config?.dockerConfig?.serverAddress || this.data.url,
};
}
}
ts/manager.externalregistry/classes.externalregistrymanager.ts
+130
View File
@@ -0,0 +1,130 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import { ExternalRegistry } from './classes.externalregistry.js';
export class ExternalRegistryManager {
public cloudlyRef: Cloudly;
public typedrouter = new plugins.typedrequest.TypedRouter();
public CExternalRegistry = plugins.smartdata.setDefaultManagerForDoc(this, ExternalRegistry);
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
constructor(cloudlyRef: Cloudly) {
this.cloudlyRef = cloudlyRef;
// Add typedrouter to cloudly's main router
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
// Get registry by ID
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.externalRegistry.IReq_GetRegistryById>(
new plugins.typedrequest.TypedHandler('getExternalRegistryById', async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const registry = await this.CExternalRegistry.getRegistryById(dataArg.id);
if (!registry) {
throw new Error(`Registry with id ${dataArg.id} not found`);
}
return {
registry: await registry.createSavableObject(),
};
})
);
// Get all registries
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.externalRegistry.IReq_GetRegistries>(
new plugins.typedrequest.TypedHandler('getExternalRegistries', async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const registries = await this.CExternalRegistry.getRegistries();
return {
registries: await Promise.all(
registries.map((registry) => registry.createSavableObject())
),
};
})
);
// Create registry
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.externalRegistry.IReq_CreateRegistry>(
new plugins.typedrequest.TypedHandler('createExternalRegistry', async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const registry = await this.CExternalRegistry.createExternalRegistry(dataArg.registryData);
return {
registry: await registry.createSavableObject(),
};
})
);
// Update registry
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.externalRegistry.IReq_UpdateRegistry>(
new plugins.typedrequest.TypedHandler('updateExternalRegistry', async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const registry = await this.CExternalRegistry.updateExternalRegistry(
dataArg.registryId,
dataArg.registryData
);
return {
resultRegistry: await registry.createSavableObject(),
};
})
);
// Delete registry
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.externalRegistry.IReq_DeleteRegistryById>(
new plugins.typedrequest.TypedHandler('deleteExternalRegistryById', async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const success = await this.CExternalRegistry.deleteExternalRegistry(dataArg.registryId);
return {
ok: success,
};
})
);
// Verify registry connection
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.externalRegistry.IReq_VerifyRegistry>(
new plugins.typedrequest.TypedHandler('verifyExternalRegistry', async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const registry = await this.CExternalRegistry.getRegistryById(dataArg.registryId);
if (!registry) {
return {
success: false,
message: `Registry with id ${dataArg.registryId} not found`,
};
}
const result = await registry.verifyConnection();
return {
success: result.success,
message: result.message,
registry: await registry.createSavableObject(),
};
})
);
}
public async start() {
console.log('External Registry Manager started');
}
public async stop() {
console.log('External Registry Manager stopped');
}
}
ts/manager.externalregistry/index.ts
+2
View File
@@ -0,0 +1,2 @@
export * from './classes.externalregistrymanager.js';
export * from './classes.externalregistry.js';
ts/manager.image/classes.image.ts
+2 -2
View File
@@ -26,10 +26,10 @@ export class Image extends plugins.smartdata.SmartDataDbDoc<
}
@plugins.smartdata.unI()
public id: string;
public id!: string;
@plugins.smartdata.svDb()
public data: plugins.servezoneInterfaces.data.IImage['data'];
public data!: plugins.servezoneInterfaces.data.IImage['data'];
public async getVersions() {}
ts/manager.image/classes.imagemanager.ts
+45 -17
View File
@@ -7,9 +7,9 @@ import { Image } from './classes.image.js';
export class ImageManager {
cloudlyRef: Cloudly;
public typedrouter = new plugins.typedrequest.TypedRouter();
public smartbucketInstance: plugins.smartbucket.SmartBucket;
public imageDir: plugins.smartbucket.Directory;
public dockerImageStore: plugins.docker.DockerImageStore;
public smartbucketInstance!: plugins.smartbucket.SmartBucket;
public imageDir!: plugins.smartbucket.Directory;
public dockerImageStore!: plugins.docker.DockerImageStore;
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
@@ -26,7 +26,7 @@ export class ImageManager {
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_CreateImage>(
'createImage',
async (reqArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
const image = await this.CImage.create({
name: reqArg.name,
description: reqArg.description,
@@ -41,7 +41,7 @@ export class ImageManager {
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_GetImage>(
new plugins.typedrequest.TypedHandler('getImage', async (reqArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminOrClusterIdentityGuard], reqArg);
const image = await this.CImage.getInstance({
id: reqArg.imageId,
});
@@ -55,7 +55,7 @@ export class ImageManager {
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_DeleteImage>(
'deleteImage',
async (reqArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], reqArg);
const image = await this.CImage.getInstance({
id: reqArg.imageId,
});
@@ -69,7 +69,7 @@ export class ImageManager {
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.image.IRequest_GetAllImages>(
'getAllImages',
async (requestArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], requestArg);
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], requestArg);
const images = await this.CImage.getInstances({});
return {
images: await Promise.all(
@@ -96,9 +96,24 @@ export class ImageManager {
throw new plugins.typedrequest.TypedResponseError('Image not found');
}
const imageVersion = reqArg.versionString;
if (!imageVersion) {
throw new plugins.typedrequest.TypedResponseError('versionString is required');
}
console.log(
`got request to push image version ${imageVersion} for image ${refImage.data.name}`,
);
const storagePath = await refImage.getStoragePath(imageVersion);
refImage.data.versions = [
...refImage.data.versions.filter((version) => version.versionString !== imageVersion),
{
versionString: imageVersion,
source: 'upload',
storagePath,
size: 0,
createdAt: Date.now(),
},
];
await refImage.save();
const imagePushStream = reqArg.imageStream;
(async () => {
const smartWebDuplex = new plugins.smartstream.webstream.WebDuplexStream<
@@ -112,10 +127,12 @@ export class ImageManager {
});
imagePushStream.writeToWebstream(smartWebDuplex.writable);
await this.dockerImageStore.storeImage(
refImage.id,
storagePath,
plugins.smartstream.SmartDuplex.fromWebReadableStream(smartWebDuplex.readable),
);
})();
})().catch((error) => {
console.error(`failed to store image ${refImage.id}:${imageVersion}`, error);
});
return {
allowed: true,
};
@@ -133,13 +150,21 @@ export class ImageManager {
const imageVersion = image.data.versions.find(
(version) => version.versionString === reqArg.versionString,
);
const readable = this.imageDir.fastGetStream(
if (!imageVersion) {
throw new plugins.typedrequest.TypedResponseError('Image version not found');
}
const readable = await this.imageDir.fastGetStream(
{
path: await image.getStoragePath(reqArg.versionString),
path: imageVersion.storagePath || await image.getStoragePath(reqArg.versionString),
},
'webstream',
);
const imageVirtualStream = new plugins.typedrequest.VirtualStream();
(async () => {
await imageVirtualStream.readFromWebstream(readable);
})().catch((error) => {
console.error(`failed to stream image ${image.id}:${reqArg.versionString}`, error);
});
return {
imageStream: imageVirtualStream,
};
@@ -150,21 +175,24 @@ export class ImageManager {
public async start() {
// lets setup s3
const s3Descriptor: plugins.tsclass.storage.IS3Descriptor =
await this.cloudlyRef.config.appData.waitForAndGetKey('s3Descriptor');
const s3Descriptor =
await this.cloudlyRef.config.appData.waitForAndGetKey('s3Descriptor') as plugins.tsclass.storage.IS3Descriptor;
console.log(this.cloudlyRef.config.data.s3Descriptor);
this.smartbucketInstance = new plugins.smartbucket.SmartBucket(
this.cloudlyRef.config.data.s3Descriptor,
this.cloudlyRef.config.data.s3Descriptor!,
);
const bucket = await this.smartbucketInstance.getBucketByName('cloudly-test');
await bucket.fastPut({ path: 'images/00init', contents: 'init' });
const bucketName = s3Descriptor.bucketName!;
const bucket = await this.smartbucketInstance.bucketExists(bucketName)
? await this.smartbucketInstance.getBucketByName(bucketName)
: await this.smartbucketInstance.createBucket(bucketName);
await bucket.fastPut({ path: 'images/00init', contents: 'init', overwrite: true });
this.imageDir = await bucket.getDirectoryFromPath({
path: '/images',
});
// lets setup dockerstore
await plugins.smartfile.fs.ensureDir(paths.dockerImageStoreDir);
await plugins.fsPromises.mkdir(paths.dockerImageStoreDir, { recursive: true });
this.dockerImageStore = new plugins.docker.DockerImageStore({
localDirPath: paths.dockerImageStoreDir,
bucketDir: this.imageDir,
ts/manager.node/classes.clusternode.ts
+61
View File
@@ -0,0 +1,61 @@
import * as plugins from '../plugins.js';
/**
* ClusterNode represents a logical node participating in a cluster
*/
@plugins.smartdata.Manager()
export class ClusterNode extends plugins.smartdata.SmartDataDbDoc<
ClusterNode,
plugins.servezoneInterfaces.data.IClusterNode
> {
// STATIC
public static async createFromHetznerServer(
hetznerServerArg: plugins.hetznercloud.HetznerServer,
clusterId: string,
baremetalId: string,
) {
const newNode = new ClusterNode();
newNode.id = plugins.smartunique.shortId(8);
const data: plugins.servezoneInterfaces.data.IClusterNode['data'] = {
clusterId: clusterId,
baremetalId: baremetalId,
nodeType: 'baremetal',
status: 'initializing',
role: 'worker',
joinedAt: Date.now(),
lastHealthCheck: Date.now(),
sshKeys: [],
requiredDebianPackages: [],
};
Object.assign(newNode, { data });
await newNode.save();
return newNode;
}
// INSTANCE
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public data!: plugins.servezoneInterfaces.data.IClusterNode['data'];
constructor() {
super();
}
public async getDeployments(): Promise<plugins.servezoneInterfaces.data.IDeployment[]> {
// TODO: Implement getting deployments for this node
return [];
}
public async updateMetrics(metrics: plugins.servezoneInterfaces.data.IClusterNodeMetrics) {
this.data.metrics = metrics;
this.data.lastHealthCheck = Date.now();
await this.save();
}
public async updateStatus(status: plugins.servezoneInterfaces.data.IClusterNode['data']['status']) {
this.data.status = status;
await this.save();
}
}
ts/manager.node/classes.curlfresh.ts
+101
View File
@@ -0,0 +1,101 @@
import { logger } from '../logger.js';
import * as plugins from '../plugins.js';
import type { CloudlyNodeManager } from './classes.nodemanager.js';
import type { Cluster } from '../manager.cluster/classes.cluster.js';
export class CurlFresh {
public optionsArg = {
npmRegistry: 'https://registry.npmjs.org',
};
public scripts = {
'setup.sh': `#!/bin/bash
# lets update the system and install curl
# might be installed already, but entrypoint could have been wget
apt-get update
apt-get install -y --force-yes curl
# Basic updating of the software lists
echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
apt-get update
apt-get upgrade -y --force-yes
apt-get install -y --force-yes fail2ban curl git
curl -sL https://deb.nodesource.com/setup_18.x | bash
# Install docker
curl -sSL https://get.docker.com/ | sh
# Install default nodejs to run nodejs tools
apt-get install -y nodejs zsh
zsh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
npm config set unsafe-perm true
# lets install pnpm
curl -fsSL https://get.pnpm.io/install.sh | sh -
# lets make sure we use the correct npm registry
bash -c "npm config set registry ${this.optionsArg.npmRegistry}"
# lets install spark
bash -c "pnpm install -g @serve.zone/spark"
# lets install the spark daemon
bash -c "spark installdaemon --mode=coreflow-node --cloudlyUrl='__CLOUDLY_URL__' --jumpcode='__JUMPCODE__'"
`,
};
public nodeManagerRef: CloudlyNodeManager;
public async handleRequest(ctx: plugins.typedserver.IRequestContext): Promise<Response> {
logger.log('info', 'curlfresh handler called. a server might be coming online soon :)');
const scriptname = ctx.params.scriptname;
switch (scriptname) {
case 'setup.sh':
logger.log('info', 'sending setup.sh');
return new Response(this.scripts['setup.sh']
.replaceAll('__CLOUDLY_URL__', ctx.url.searchParams.get('cloudlyUrl') || '')
.replaceAll('__JUMPCODE__', ctx.url.searchParams.get('jumpcode') || ''), {
headers: {
'Content-Type': 'application/x-sh',
},
});
default:
return new Response('no script found', { status: 404 });
}
}
constructor(nodeManagerRefArg: CloudlyNodeManager) {
this.nodeManagerRef = nodeManagerRefArg;
}
public async getServerUserData(clusterArg?: Cluster): Promise<string> {
const sslMode =
await this.nodeManagerRef.cloudlyRef.config.appData.waitForAndGetKey('sslMode');
let protocol: 'http' | 'https';
if (sslMode === 'none') {
protocol = 'http';
} else {
protocol = 'https';
}
const domain =
await this.nodeManagerRef.cloudlyRef.config.appData.waitForAndGetKey('publicUrl');
const port =
await this.nodeManagerRef.cloudlyRef.config.appData.waitForAndGetKey('publicPort');
let cloudlyUrl = `${protocol}://${domain}:${port}/`;
let jumpcode = '';
if (clusterArg?.data.userId) {
const clusterUser = await this.nodeManagerRef.cloudlyRef.authManager.CUser.getInstance({
id: clusterArg.data.userId,
});
jumpcode = clusterUser?.data.tokens?.[0]?.token || '';
cloudlyUrl = clusterArg.data.cloudlyUrl || cloudlyUrl;
}
const serverUserData = `#cloud-config
runcmd:
- curl -o- '${protocol}://${domain}:${port}/curlfresh/setup.sh?cloudlyUrl=${encodeURIComponent(cloudlyUrl)}&jumpcode=${encodeURIComponent(jumpcode)}' | sh
`;
console.log(serverUserData);
return serverUserData;
}
}
ts/manager.node/classes.nodemanager.ts
+136
View File
@@ -0,0 +1,136 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import { Cluster } from '../manager.cluster/classes.cluster.js';
import { ClusterNode } from './classes.clusternode.js';
import { CurlFresh } from './classes.curlfresh.js';
export class CloudlyNodeManager {
public cloudlyRef: Cloudly;
public typedRouter = new plugins.typedrequest.TypedRouter();
public curlfreshInstance = new CurlFresh(this);
public hetznerAccount?: plugins.hetznercloud.HetznerAccount;
public get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CClusterNode = plugins.smartdata.setDefaultManagerForDoc(this, ClusterNode);
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
/**
* is used be serverconfig module on the node to get the actual node config
*/
this.typedRouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.node.IRequest_Any_Cloudly_GetNodeConfig>(
'getNodeConfig',
async (requestData) => {
const nodeId = requestData.nodeId;
const node = await this.CClusterNode.getInstance({
id: nodeId,
});
return {
configData: await node.createSavableObject(),
};
},
),
);
}
public async start() {
const hetznerToken = await this.cloudlyRef.settingsManager.getSetting('hetznerToken');
if (!hetznerToken) {
console.log('warn', 'No Hetzner token configured in settings. Hetzner features will be disabled.');
return;
}
this.hetznerAccount = new plugins.hetznercloud.HetznerAccount(hetznerToken);
}
public async stop() {}
/**
* creates the node infrastructure on hetzner
* ensures that there are exactly the resources that are needed
* no more, no less
*/
public async ensureNodeInfrastructure() {
// get all clusters
const allClusters = await this.cloudlyRef.clusterManager.getAllClusters();
for (const cluster of allClusters) {
// Skip clusters that are not set up for Hetzner auto-provisioning
if (cluster.data.setupMode !== 'hetzner') {
console.log(`Skipping node provisioning for cluster ${cluster.id} - setupMode is ${cluster.data.setupMode || 'manual'}`);
continue;
}
const hetznerAccount = this.hetznerAccount;
if (!hetznerAccount) {
throw new Error('Hetzner account is not configured');
}
// get existing nodes
const nodes = await this.getNodesByCluster(cluster);
// if there is no node, create one
if (nodes.length === 0) {
const hetznerServer = await hetznerAccount.createServer({
name: plugins.smartunique.uniSimple('node'),
location: 'nbg1',
type: 'cpx41',
labels: {
clusterId: cluster.id,
priority: '1',
},
userData: await this.curlfreshInstance.getServerUserData(cluster),
});
// First create BareMetal record
const baremetal = await this.cloudlyRef.baremetalManager.createBaremetalFromHetznerServer(hetznerServer);
const newNode = await ClusterNode.createFromHetznerServer(hetznerServer, cluster.id, baremetal.id);
await baremetal.assignNode(newNode.id);
console.log(`cluster created new node for cluster ${cluster.id}`);
} else {
console.log(
`cluster ${cluster.id} already has nodes. Making sure that they actually exist in the real world...`,
);
// if there is a node, make sure that it exists
for (const node of nodes) {
const hetznerServers = await hetznerAccount.getServersByLabel({
clusterId: cluster.id,
});
if (!hetznerServers || hetznerServers.length === 0) {
console.log(`node ${node.id} does not exist in the real world. Creating it now...`);
const hetznerServer = await hetznerAccount.createServer({
name: plugins.smartunique.uniSimple('node'),
location: 'nbg1',
type: 'cpx41',
labels: {
clusterId: cluster.id,
priority: '1',
},
userData: await this.curlfreshInstance.getServerUserData(cluster),
});
// First create BareMetal record
const baremetal = await this.cloudlyRef.baremetalManager.createBaremetalFromHetznerServer(hetznerServer);
const newNode = await ClusterNode.createFromHetznerServer(hetznerServer, cluster.id, baremetal.id);
await baremetal.assignNode(newNode.id);
}
}
}
}
}
public async getNodesByCluster(clusterArg: Cluster) {
const results = await this.CClusterNode.getInstances({
data: {
clusterId: clusterArg.id,
},
});
return results;
}
}
ts/manager.platform/classes.platformbinding.ts
+68
View File
@@ -0,0 +1,68 @@
import * as plugins from '../plugins.js';
import type { CloudlyPlatformManager } from './classes.platformmanager.js';
@plugins.smartdata.managed()
export class PlatformBinding extends plugins.smartdata.SmartDataDbDoc<
PlatformBinding,
plugins.servezoneInterfaces.platform.IPlatformBinding,
CloudlyPlatformManager
> {
public static async upsertBinding(
bindingArg: plugins.servezoneInterfaces.platform.IPlatformBinding,
) {
const existingBinding = bindingArg.id
? await this.getInstance({
id: bindingArg.id,
})
: undefined;
const binding = existingBinding || new PlatformBinding();
const timestamp = Date.now();
Object.assign(binding, {
...bindingArg,
id: bindingArg.id || (await this.getNewId()),
status: bindingArg.status || 'requested',
desiredState: bindingArg.desiredState || 'enabled',
createdAt: bindingArg.createdAt || existingBinding?.createdAt || timestamp,
updatedAt: timestamp,
});
await binding.save();
return binding;
}
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public serviceId!: string;
@plugins.smartdata.svDb()
public capability!: plugins.servezoneInterfaces.platform.TPlatformCapability;
@plugins.smartdata.svDb()
public desiredState!: plugins.servezoneInterfaces.platform.TPlatformDesiredState;
@plugins.smartdata.svDb()
public status!: plugins.servezoneInterfaces.platform.TPlatformBindingStatus;
@plugins.smartdata.svDb()
public providerConfigId?: string;
@plugins.smartdata.svDb()
public config?: { [key: string]: plugins.servezoneInterfaces.platform.TPlatformConfigValue };
@plugins.smartdata.svDb()
public endpoints?: plugins.servezoneInterfaces.platform.IPlatformServiceEndpoint[];
@plugins.smartdata.svDb()
public credentials?: plugins.servezoneInterfaces.platform.IPlatformCredentialRef[];
@plugins.smartdata.svDb()
public createdAt?: number;
@plugins.smartdata.svDb()
public updatedAt?: number;
@plugins.smartdata.svDb()
public errorText?: string;
}
ts/manager.platform/classes.platformmanager.ts
+228
View File
@@ -0,0 +1,228 @@
import type { Cloudly } from '../classes.cloudly.js';
import * as plugins from '../plugins.js';
import { PlatformBinding } from './classes.platformbinding.js';
import { PlatformProviderConfig } from './classes.platformproviderconfig.js';
export class CloudlyPlatformManager {
public typedrouter = new plugins.typedrequest.TypedRouter();
public cloudlyRef: Cloudly;
public capabilities: plugins.servezoneInterfaces.platform.IPlatformCapability[] = [
{ id: 'email', title: 'Email', accessMode: 'rpc', defaultProviderType: 'cloudly' },
{ id: 'sms', title: 'SMS', accessMode: 'rpc', defaultProviderType: 'cloudly' },
{ id: 'pushnotification', title: 'Push Notifications', accessMode: 'rpc', defaultProviderType: 'cloudly' },
{ id: 'letter', title: 'Letters', accessMode: 'rpc', defaultProviderType: 'cloudly' },
{ id: 'ai', title: 'AI', accessMode: 'rpc', defaultProviderType: 'cloudly' },
{ id: 'database', title: 'Database', accessMode: 'binding', defaultProviderType: 'docker' },
{ id: 'objectstorage', title: 'Object Storage', accessMode: 'binding', defaultProviderType: 's3' },
{ id: 'logging', title: 'Logging', accessMode: 'sidecar', defaultProviderType: 'corelog' },
{ id: 'backup', title: 'Backup', accessMode: 'internal', defaultProviderType: 'corebackup' },
{ id: 'sip', title: 'SIP', accessMode: 'rpc', defaultProviderType: 'cloudly' },
];
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CPlatformProviderConfig = plugins.smartdata.setDefaultManagerForDoc(
this,
PlatformProviderConfig,
);
public CPlatformBinding = plugins.smartdata.setDefaultManagerForDoc(this, PlatformBinding);
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_GetPlatformDesiredState>(
'getPlatformDesiredState',
async (requestData) => {
await this.passValidIdentity(requestData);
return await this.getPlatformDesiredState();
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_GetPlatformCapabilities>(
'getPlatformCapabilities',
async (requestData) => {
await this.passValidIdentity(requestData);
return {
capabilities: this.capabilities,
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_GetPlatformProviderConfigs>(
'getPlatformProviderConfigs',
async (requestData) => {
await this.passValidIdentity(requestData);
const query = requestData.capability ? { capability: requestData.capability } : {};
return {
providerConfigs: await this.getProviderConfigs(query),
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_UpsertPlatformProviderConfig>(
'upsertPlatformProviderConfig',
async (requestData) => {
await this.passAdminIdentity(requestData);
const providerConfig = await PlatformProviderConfig.upsertProviderConfig(
requestData.providerConfig,
);
return {
providerConfig: await providerConfig.createSavableObject(),
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_DeletePlatformProviderConfigById>(
'deletePlatformProviderConfigById',
async (requestData) => {
await this.passAdminIdentity(requestData);
const providerConfig = await PlatformProviderConfig.getInstance({
id: requestData.providerConfigId,
});
if (providerConfig) {
await providerConfig.delete();
}
return {
success: true,
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_GetPlatformBindings>(
'getPlatformBindings',
async (requestData) => {
await this.passValidIdentity(requestData);
return {
bindings: await this.getBindings({
...(requestData.serviceId ? { serviceId: requestData.serviceId } : {}),
...(requestData.capability ? { capability: requestData.capability } : {}),
}),
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_UpsertPlatformBinding>(
'upsertPlatformBinding',
async (requestData) => {
await this.passAdminIdentity(requestData);
const binding = await PlatformBinding.upsertBinding(requestData.binding);
return {
binding: await binding.createSavableObject(),
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_UpdatePlatformBindingStatus>(
'updatePlatformBindingStatus',
async (requestData) => {
await this.passAdminOrClusterIdentity(requestData);
const binding = await PlatformBinding.getInstance({
id: requestData.bindingId,
});
if (!binding) {
throw new plugins.typedrequest.TypedResponseError(
`Platform binding ${requestData.bindingId} not found`,
);
}
binding.status = requestData.status;
binding.updatedAt = Date.now();
if (requestData.endpoints) {
binding.endpoints = requestData.endpoints;
}
if (requestData.credentials) {
binding.credentials = requestData.credentials;
}
if (requestData.errorText !== undefined) {
binding.errorText = requestData.errorText;
}
await binding.save();
return {
binding: await binding.createSavableObject(),
};
},
),
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.platform.IReq_Any_Cloudly_DeletePlatformBindingById>(
'deletePlatformBindingById',
async (requestData) => {
await this.passAdminIdentity(requestData);
const binding = await PlatformBinding.getInstance({
id: requestData.bindingId,
});
if (binding) {
await binding.delete();
}
return {
success: true,
};
},
),
);
}
public async start() {}
public async stop() {}
public async getPlatformDesiredState() {
return {
capabilities: this.capabilities,
providerConfigs: await this.getProviderConfigs(),
bindings: await this.getBindings(),
};
}
public async getProviderConfigs(queryArg: Record<string, unknown> = {}) {
const providerConfigs = await this.CPlatformProviderConfig.getInstances(queryArg);
return await Promise.all(
providerConfigs.map((providerConfig) => providerConfig.createSavableObject()),
);
}
public async getBindings(queryArg: Record<string, unknown> = {}) {
const bindings = await this.CPlatformBinding.getInstances(queryArg);
return await Promise.all(bindings.map((binding) => binding.createSavableObject()));
}
private async passValidIdentity(requestData: { identity: plugins.servezoneInterfaces.data.IIdentity }) {
await plugins.smartguard.passGuardsOrReject(requestData, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
}
private async passAdminIdentity(requestData: { identity: plugins.servezoneInterfaces.data.IIdentity }) {
await plugins.smartguard.passGuardsOrReject(requestData, [
this.cloudlyRef.authManager.adminIdentityGuard,
]);
}
private async passAdminOrClusterIdentity(requestData: {
identity: plugins.servezoneInterfaces.data.IIdentity;
}) {
await this.passValidIdentity(requestData);
if (requestData.identity.role !== 'admin' && requestData.identity.role !== 'cluster') {
throw new plugins.typedrequest.TypedResponseError('identity must be admin or cluster');
}
}
}
ts/manager.platform/classes.platformproviderconfig.ts
+47
View File
@@ -0,0 +1,47 @@
import * as plugins from '../plugins.js';
import type { CloudlyPlatformManager } from './classes.platformmanager.js';
@plugins.smartdata.managed()
export class PlatformProviderConfig extends plugins.smartdata.SmartDataDbDoc<
PlatformProviderConfig,
plugins.servezoneInterfaces.platform.IPlatformProviderConfig,
CloudlyPlatformManager
> {
public static async upsertProviderConfig(
providerConfigArg: plugins.servezoneInterfaces.platform.IPlatformProviderConfig,
) {
const providerConfig =
(providerConfigArg.id &&
(await this.getInstance({
id: providerConfigArg.id,
}))) || new PlatformProviderConfig();
Object.assign(providerConfig, {
...providerConfigArg,
id: providerConfigArg.id || (await this.getNewId()),
});
await providerConfig.save();
return providerConfig;
}
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public capability!: plugins.servezoneInterfaces.platform.TPlatformCapability;
@plugins.smartdata.svDb()
public providerType!: string;
@plugins.smartdata.svDb()
public name!: string;
@plugins.smartdata.svDb()
public enabled!: boolean;
@plugins.smartdata.svDb()
public config?: { [key: string]: plugins.servezoneInterfaces.platform.TPlatformConfigValue };
@plugins.smartdata.svDb()
public secretBundleId?: string;
}
ts/manager.registry/classes.registrymanager.ts
+416
View File
@@ -0,0 +1,416 @@
import type { Cloudly } from '../classes.cloudly.js';
import { logger } from '../logger.js';
import * as plugins from '../plugins.js';
import type { Service } from '../manager.service/classes.service.js';
type TAuthenticatedRegistryUser = {
userId: string;
username: string;
canWrite: boolean;
};
export class CloudlyRegistryManager {
private cloudlyRef: Cloudly;
private smartRegistry!: plugins.smartregistry.SmartRegistry;
private recordedTagDigests = new Map<string, string>();
private started = false;
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
}
public async start() {
const publicRegistryUrl = this.getPublicRegistryUrl();
const registryJwtSecret = JSON.stringify(this.cloudlyRef.authManager.smartjwtInstance.getKeyPairAsJson());
const s3Descriptor = this.cloudlyRef.config.data.s3Descriptor;
if (!s3Descriptor?.bucketName) {
throw new Error('Cloudly registry requires an S3 bucketName');
}
this.smartRegistry = new plugins.smartregistry.SmartRegistry({
storage: s3Descriptor as plugins.smartregistry.IStorageConfig,
storageHooks: {
afterPut: async (contextArg) => {
await this.handleRegistryStorageAfterPut(contextArg);
},
},
auth: {
jwtSecret: registryJwtSecret,
tokenStore: 'memory',
npmTokens: { enabled: false },
ociTokens: {
enabled: true,
realm: `${publicRegistryUrl}/v2/token`,
service: this.cloudlyRef.config.data.publicUrl || 'cloudly',
},
pypiTokens: { enabled: false },
rubygemsTokens: { enabled: false },
},
oci: {
enabled: true,
basePath: '/v2',
registryUrl: publicRegistryUrl,
},
});
await this.smartRegistry.init();
this.started = true;
logger.log('info', `Cloudly OCI registry available at ${publicRegistryUrl}/v2`);
}
public async stop() {
if (this.smartRegistry) {
this.smartRegistry.destroy();
}
this.started = false;
}
public async handleHttpRequest(
ctx: plugins.typedserver.IRequestContext,
): Promise<Response> {
try {
const requestUrl = ctx.url;
if (requestUrl.pathname === '/v2/token') {
return await this.handleTokenRequest(ctx, requestUrl);
}
if (!this.started) {
return new Response('registry is not ready', { status: 503 });
}
const rawBody = Buffer.from(await ctx.request.arrayBuffer());
const response = await this.smartRegistry.handleRequest({
method: ctx.method || 'GET',
path: requestUrl.pathname,
query: Object.fromEntries(requestUrl.searchParams),
headers: this.headersToRecord(ctx.headers),
rawBody: rawBody.length > 0 ? rawBody : undefined,
});
return this.createRegistryResponse(response);
} catch (error) {
logger.log('error', `registry request failed: ${(error as Error).message}`);
return new Response('registry request failed', { status: 500 });
}
}
public getRegistryHost() {
if (!this.cloudlyRef.config.data.publicUrl) {
throw new Error('Cloudly registry requires publicUrl');
}
const publicPort = this.cloudlyRef.config.data.publicPort;
const includePort =
this.cloudlyRef.config.data.sslMode === 'none' && publicPort && !['80', '443'].includes(publicPort);
return `${this.cloudlyRef.config.data.publicUrl}${includePort ? `:${publicPort}` : ''}`;
}
public getServiceRegistryTarget(
serviceArg: Service,
tagArg = 'latest',
): plugins.servezoneInterfaces.data.IRegistryTarget {
const registryHost = this.getRegistryHost();
const repository = this.getServiceRepository(serviceArg);
return {
protocol: 'oci',
registryHost,
repository,
tag: tagArg,
imageUrl: `${registryHost}/${repository}:${tagArg}`,
serviceId: serviceArg.id,
imageId: serviceArg.data?.imageId,
};
}
private async handleRegistryStorageAfterPut(
contextArg: plugins.smartregistry.IStorageHookContext,
) {
try {
if (contextArg.protocol !== 'oci') {
return;
}
if (!contextArg.key.startsWith('oci/tags/') || !contextArg.key.endsWith('/tags.json')) {
return;
}
const repository = contextArg.key.slice('oci/tags/'.length, -'/tags.json'.length);
const tagsBuffer = await this.smartRegistry.getStorage().getObject(contextArg.key);
if (!tagsBuffer) {
return;
}
const tags = JSON.parse(tagsBuffer.toString('utf8')) as Record<string, string>;
for (const [tag, digest] of Object.entries(tags)) {
const tagKey = `${repository}:${tag}`;
if (this.recordedTagDigests.get(tagKey) === digest) {
continue;
}
this.recordedTagDigests.set(tagKey, digest);
await this.recordRegistryPushEvent(repository, tag, digest, contextArg.actor?.userId);
}
} catch (error) {
logger.log('error', `registry push event handling failed: ${(error as Error).message}`);
}
}
private async recordRegistryPushEvent(
repositoryArg: string,
tagArg: string,
digestArg: string,
actorUserIdArg?: string,
) {
const service = await this.getServiceByRegistryRepository(repositoryArg);
if (!service) {
logger.log('info', `registry push for unmapped repository ${repositoryArg}:${tagArg}`);
return;
}
const registryTarget = this.getServiceRegistryTarget(service, tagArg);
const pushEvent: plugins.servezoneInterfaces.data.IRegistryPushEvent = {
protocol: 'oci',
registryHost: registryTarget.registryHost,
repository: repositoryArg,
tag: tagArg,
digest: digestArg,
imageUrl: registryTarget.imageUrl,
pushedAt: Date.now(),
serviceId: service.id,
imageId: service.data.imageId,
actorUserId: actorUserIdArg,
};
service.data = {
...service.data,
...(service.data.deployOnPush === false ? {} : { imageVersion: tagArg }),
registryTarget,
};
await service.save();
await this.recordImagePushEvent(service, pushEvent);
if (service.data.deployOnPush !== false) {
await this.cloudlyRef.coreflowManager.pushClusterConfigToConnectedCoreflows();
}
logger.log('info', `recorded registry push ${repositoryArg}:${tagArg} -> ${digestArg}`);
}
private async recordImagePushEvent(
serviceArg: Service,
pushEventArg: plugins.servezoneInterfaces.data.IRegistryPushEvent,
) {
if (!serviceArg.data.imageId) {
return;
}
const image = await this.cloudlyRef.imageManager.CImage.getInstance({
id: serviceArg.data.imageId,
}).catch(() => null);
if (!image) {
return;
}
image.data.versions = image.data.versions || [];
const existingVersion = image.data.versions.find((versionArg) => {
return versionArg.versionString === pushEventArg.tag;
});
const versionData = {
versionString: pushEventArg.tag,
digest: pushEventArg.digest,
registryRepository: pushEventArg.repository,
registryTag: pushEventArg.tag,
source: 'registry' as const,
size: existingVersion?.size || 0,
createdAt: existingVersion?.createdAt || pushEventArg.pushedAt,
};
if (existingVersion) {
Object.assign(existingVersion, versionData);
} else {
image.data.versions.push(versionData);
}
image.data.lastPushEvent = pushEventArg;
await image.save();
}
private async getServiceByRegistryRepository(repositoryArg: string) {
const services = await this.cloudlyRef.serviceManager.CService.getInstances({});
return services.find((serviceArg) => {
return this.getServiceRepository(serviceArg) === repositoryArg;
});
}
private getServiceRepository(serviceArg: Service) {
const serviceName = this.slugify(serviceArg.data?.name || serviceArg.id);
const serviceId = this.slugify(serviceArg.id).slice(0, 12) || serviceArg.id;
return `workloads/${this.slugify(`${serviceName}-${serviceId}`)}`;
}
private slugify(valueArg: string) {
return valueArg
.toLowerCase()
.replace(/[^a-z0-9]+/g, '-')
.replace(/-+/g, '-')
.replace(/^-+|-+$/g, '')
|| 'service';
}
private async handleTokenRequest(
ctx: plugins.typedserver.IRequestContext,
requestUrl: URL,
): Promise<Response> {
const user = await this.authenticateRequest(ctx);
if (!user) {
return new Response('authentication required', {
status: 401,
headers: {
'WWW-Authenticate': 'Basic realm="Cloudly Registry"',
},
});
}
const requestedScopes = this.getRequestedOciScopes(requestUrl.searchParams);
const requestedWriteAccess = requestedScopes.some((scopeArg) => {
const action = scopeArg.split(':').at(-1);
return action === 'push' || action === 'delete';
});
if (requestedWriteAccess && !user.canWrite) {
return new Response('registry write access denied', { status: 403 });
}
const token = await this.smartRegistry.getAuthManager().createOciToken(
user.userId,
requestedScopes,
3600,
);
return new Response(
JSON.stringify({
token,
access_token: token,
expires_in: 3600,
issued_at: new Date().toISOString(),
}),
{
status: 200,
headers: {
'Content-Type': 'application/json',
},
},
);
}
private async authenticateRequest(
ctx: plugins.typedserver.IRequestContext,
): Promise<TAuthenticatedRegistryUser | null> {
const credentials = this.getBasicCredentials(ctx);
if (!credentials) {
return null;
}
const users = await this.cloudlyRef.authManager.CUser.getInstances({});
for (const user of users) {
if (user.data?.username !== credentials.username) {
continue;
}
const passwordMatches = user.data.password === credentials.password;
const matchingToken = user.data.tokens?.find((tokenArg) => {
return tokenArg.token === credentials.password && tokenArg.expiresAt > Date.now();
});
if (!passwordMatches && !matchingToken) {
continue;
}
const assignedRoles = matchingToken?.assignedRoles || [];
return {
userId: user.id,
username: user.data.username,
canWrite: user.data.role === 'admin' || assignedRoles.includes('admin'),
};
}
return null;
}
private getBasicCredentials(ctx: plugins.typedserver.IRequestContext) {
const authHeader = ctx.headers.get('authorization');
if (!authHeader?.startsWith('Basic ')) {
return null;
}
const decoded = Buffer.from(authHeader.slice('Basic '.length), 'base64').toString('utf8');
const separatorIndex = decoded.indexOf(':');
if (separatorIndex <= 0) {
return null;
}
return {
username: decoded.slice(0, separatorIndex),
password: decoded.slice(separatorIndex + 1),
};
}
private getRequestedOciScopes(searchParamsArg: URLSearchParams) {
const scopes: string[] = [];
for (const scope of searchParamsArg.getAll('scope')) {
const [scopeType, scopeName, actionsString] = scope.split(':');
if (scopeType !== 'repository' || !scopeName || !actionsString) {
continue;
}
for (const action of actionsString.split(',')) {
if (action) {
scopes.push(`oci:${scopeType}:${scopeName}:${action}`);
}
}
}
return scopes;
}
private getPublicRegistryUrl() {
return `${this.cloudlyRef.config.data.sslMode === 'none' ? 'http' : 'https'}://${this.getRegistryHost()}`;
}
private headersToRecord(headersArg: Headers) {
const headers: Record<string, string> = {};
headersArg.forEach((value, key) => {
headers[key.toLowerCase()] = value;
});
return headers;
}
private createRegistryResponse(
responseArg: plugins.smartregistry.IResponse,
): Response {
const headers = new Headers();
for (const [key, value] of Object.entries(responseArg.headers)) {
headers.set(key, value);
}
if (!responseArg.body) {
return new Response(null, {
status: responseArg.status,
headers,
});
}
if (responseArg.body instanceof ReadableStream) {
return new Response(responseArg.body, {
status: responseArg.status,
headers,
});
}
if (Buffer.isBuffer(responseArg.body) || typeof responseArg.body === 'string') {
return new Response(responseArg.body as BodyInit, {
status: responseArg.status,
headers,
});
}
if (!headers.has('Content-Type')) {
headers.set('Content-Type', 'application/json');
}
return new Response(JSON.stringify(responseArg.body), {
status: responseArg.status,
headers,
});
}
}
ts/manager.registry/index.ts
+1
View File
@@ -0,0 +1 @@
export * from './classes.registrymanager.js';
ts/manager.secret/classes.secretbundle.ts
+14 -2
View File
@@ -12,10 +12,10 @@ export class SecretBundle extends plugins.smartdata.SmartDataDbDoc<
// INSTANCE
@plugins.smartdata.unI()
public id: string;
public id!: string;
@plugins.smartdata.svDb()
public data: plugins.servezoneInterfaces.data.ISecretBundle['data'];
public data!: plugins.servezoneInterfaces.data.ISecretBundle['data'];
public async getSecretGroups() {
const secretGroups: SecretGroup[] = [];
@@ -59,4 +59,16 @@ export class SecretBundle extends plugins.smartdata.SmartDataDbDoc<
}
return returnObject;
}
public async getFlatKeyValueObject(environmentArg: string) {
if (!environmentArg) {
throw new Error('environment is required');
}
const secretGroups = await this.getSecretGroups();
const returnObject = {};
for (const secretGroup of secretGroups) {
returnObject[secretGroup.data.key] = secretGroup.data.environments[environmentArg].value;
}
return returnObject;
}
}
ts/manager.secret/classes.secretgroup.ts
+2 -2
View File
@@ -14,8 +14,8 @@ export class SecretGroup extends plugins.smartdata.SmartDataDbDoc<
* the insatnce id. This should be a random id, except for default
*/
@plugins.smartdata.unI()
id: string;
id!: string;
@plugins.smartdata.svDb()
data: plugins.servezoneInterfaces.data.ISecretGroup['data'];
data!: plugins.servezoneInterfaces.data.ISecretGroup['data'];
}
ts/manager.secret/classes.secretmanager.ts
+26 -15
View File
@@ -18,9 +18,9 @@ export class CloudlySecretManager {
// INSTANCE
public cloudlyRef: Cloudly;
public projectinfo = new plugins.projectinfo.ProjectinfoNpm(paths.packageDir);
public projectinfo = plugins.projectinfo.ProjectinfoNpm.create(paths.packageDir);
public serviceQenv = new plugins.qenv.Qenv(paths.packageDir, paths.nogitDir);
public typedrouter: plugins.typedrequest.TypedRouter;
public typedrouter!: plugins.typedrequest.TypedRouter;
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
@@ -40,7 +40,7 @@ export class CloudlySecretManager {
new plugins.typedrequest.TypedHandler(
'getSecretBundles',
async (dataArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
dataArg.identity.jwt;
const secretBundles = await SecretBundle.getInstances({});
return {
@@ -54,6 +54,18 @@ export class CloudlySecretManager {
),
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundleById>(
new plugins.typedrequest.TypedHandler('getSecretBundleById', async (dataArg, toolsArg) => {
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminOrClusterIdentityGuard], dataArg);
const secretBundle = await SecretBundle.getInstance({
id: dataArg.secretBundleId,
});
return {
secretBundle: await secretBundle.createSavableObject(),
};
}),
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_CreateSecretBundle>(
new plugins.typedrequest.TypedHandler('createSecretBundle', async (dataArg) => {
const secretBundle = new SecretBundle();
@@ -96,7 +108,7 @@ export class CloudlySecretManager {
new plugins.typedrequest.TypedHandler(
'getSecretGroups',
async (dataArg, toolsArg) => {
await toolsArg.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
await toolsArg!.passGuards([this.cloudlyRef.authManager.adminIdentityGuard], dataArg);
dataArg.identity.jwt;
const secretGroups = await SecretGroup.getInstances({});
return {
@@ -148,30 +160,29 @@ export class CloudlySecretManager {
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetEnvBundle>(
'getEnvBundle',
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetFlatKeyValueObject>(
'getFlatKeyValueObject',
async (dataArg) => {
const wantedBundle = await SecretBundle.getInstance({
data: {
authorizations: {
// @ts-ignore
$elemMatch: {
secretAccessKey: dataArg.authorization,
secretAccessKey: dataArg.secretBundleAuthorization.secretAccessKey,
},
},
},
});
const authorization = await wantedBundle.getAuthorizationFromAuthKey(
dataArg.authorization,
dataArg.secretBundleAuthorization.secretAccessKey,
);
if (!authorization) {
throw new plugins.typedrequest.TypedResponseError('secret bundle authorization not found');
}
return {
envBundle: {
configKeyValueObject: await wantedBundle.getKeyValueObjectForEnvironment(
authorization.environment,
),
environment: authorization.environment,
timeSensitive: false,
},
flatKeyValueObject: await wantedBundle.getKeyValueObjectForEnvironment(
authorization.environment,
),
};
},
),
ts/manager.server/classes.curlfresh.ts
-90
View File
@@ -1,90 +0,0 @@
import { logger } from '../logger.js';
import * as plugins from '../plugins.js';
import type { CloudlyServerManager } from './classes.servermanager.js';
export class CurlFresh {
public optionsArg = {
npmRegistry: 'https://registry.npmjs.org',
};
public scripts = {
'setup.sh': `#!/bin/bash
# lets update the system and install curl
# might be installed already, but entrypoint could have been wget
apt-get update
apt-get install -y --force-yes curl
# Basic updating of the software lists
echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
apt-get update
apt-get upgrade -y --force-yes
apt-get install -y --force-yes fail2ban curl git
curl -sL https://deb.nodesource.com/setup_18.x | bash
# Install docker
curl -sSL https://get.docker.com/ | sh
# Install default nodejs to run nodejs tools
apt-get install -y nodejs zsh
zsh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
npm config set unsafe-perm true
# lets install pnpm
curl -fsSL https://get.pnpm.io/install.sh | sh -
# lets make sure we use the correct npm registry
bash -c "npm config set registry ${this.optionsArg.npmRegistry}"
# lets install spark
bash -c "pnpm install -g @serve.zone/spark"
# lets install the spark daemon
bash -c "spark installdaemon"
# TODO: start spark with jump code
`,
};
public serverManagerRef: CloudlyServerManager;
public curlFreshRoute: plugins.typedserver.servertools.Route;
public handler = new plugins.typedserver.servertools.Handler('ALL', async (req, res) => {
logger.log('info', 'curlfresh handler called. a server might be coming online soon :)');
const scriptname = req.params.scriptname;
switch (scriptname) {
case 'setup.sh':
logger.log('info', 'sending setup.sh');
res.type('application/x-sh');
res.send(this.scripts['setup.sh']);
break;
default:
res.send('no script found');
break;
}
});
constructor(serverManagerRefArg: CloudlyServerManager) {
this.serverManagerRef = serverManagerRefArg;
}
public async getServerUserData(): Promise<string> {
const sslMode =
await this.serverManagerRef.cloudlyRef.config.appData.waitForAndGetKey('sslMode');
let protocol: 'http' | 'https';
if (sslMode === 'none') {
protocol = 'http';
} else {
protocol = 'https';
}
const domain =
await this.serverManagerRef.cloudlyRef.config.appData.waitForAndGetKey('publicUrl');
const port =
await this.serverManagerRef.cloudlyRef.config.appData.waitForAndGetKey('publicPort');
const serverUserData = `#cloud-config
runcmd:
- curl -o- ${protocol}://${domain}:${port}/curlfresh/setup.sh | sh
`;
console.log(serverUserData);
return serverUserData;
}
}
ts/manager.server/classes.server.ts
-42
View File
@@ -1,42 +0,0 @@
import * as plugins from '../plugins.js';
/*
* cluster defines a swarmkit cluster
*/
@plugins.smartdata.Manager()
export class Server extends plugins.smartdata.SmartDataDbDoc<
Server,
plugins.servezoneInterfaces.data.IServer
> {
// STATIC
public static async createFromHetznerServer(
hetznerServerArg: plugins.hetznercloud.HetznerServer,
) {
const newServer = new Server();
newServer.id = plugins.smartunique.shortId(8);
const data: plugins.servezoneInterfaces.data.IServer['data'] = {
assignedClusterId: hetznerServerArg.data.labels.clusterId,
requiredDebianPackages: [],
sshKeys: [],
type: 'hetzner',
};
Object.assign(newServer, { data });
await newServer.save();
return newServer;
}
// INSTANCE
@plugins.smartdata.unI()
public id: string;
@plugins.smartdata.svDb()
public data: plugins.servezoneInterfaces.data.IServer['data'];
constructor() {
super();
}
public async getServices(): Promise<plugins.servezoneInterfaces.data.IService[]> {
return [];
}
}
ts/manager.server/classes.servermanager.ts
-110
View File
@@ -1,110 +0,0 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import { Cluster } from '../manager.cluster/classes.cluster.js';
import { Server } from './classes.server.js';
import { CurlFresh } from './classes.curlfresh.js';
export class CloudlyServerManager {
public cloudlyRef: Cloudly;
public typedRouter = new plugins.typedrequest.TypedRouter();
public curlfreshInstance = new CurlFresh(this);
public hetznerAccount: plugins.hetznercloud.HetznerAccount;
public get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
public CServer = plugins.smartdata.setDefaultManagerForDoc(this, Server);
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
/**
* is used be serverconfig module on the server to get the actual server config
*/
this.typedRouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.config.IRequest_Any_Cloudly_GetServerConfig>(
'getServerConfig',
async (requestData) => {
const serverId = requestData.serverId;
const server = await this.CServer.getInstance({
id: serverId,
});
return {
configData: await server.createSavableObject(),
};
},
),
);
}
public async start() {
this.hetznerAccount = new plugins.hetznercloud.HetznerAccount(
this.cloudlyRef.config.data.hetznerToken,
);
}
public async stop() {}
/**
* creates the server infrastructure on hetzner
* ensures that there are exactly the reources that are needed
* no more, no less
*/
public async ensureServerInfrastructure() {
// get all clusters
const allClusters = await this.cloudlyRef.clusterManager.getAllClusters();
for (const cluster of allClusters) {
// get existing servers
const servers = await this.getServersByCluster(cluster);
// if there is no server, create one
if (servers.length === 0) {
const server = await this.hetznerAccount.createServer({
name: plugins.smartunique.uniSimple('server'),
location: 'nbg1',
type: 'cpx41',
labels: {
clusterId: cluster.id,
priority: '1',
},
userData: await this.curlfreshInstance.getServerUserData(),
});
const newServer = await Server.createFromHetznerServer(server);
console.log(`cluster created new server for cluster ${cluster.id}`);
} else {
console.log(
`cluster ${cluster.id} already has servers. Making sure that they actually exist in the real world...`,
);
// if there is a server, make sure that it exists
for (const server of servers) {
const hetznerServer = await this.hetznerAccount.getServersByLabel({
clusterId: cluster.id,
});
if (!hetznerServer) {
console.log(`server ${server.id} does not exist in the real world. Creating it now...`);
const hetznerServer = await this.hetznerAccount.createServer({
name: plugins.smartunique.uniSimple('server'),
location: 'nbg1',
type: 'cpx41',
labels: {
clusterId: cluster.id,
priority: '1',
},
});
const newServer = await Server.createFromHetznerServer(hetznerServer);
}
}
}
}
}
public async getServersByCluster(clusterArg: Cluster) {
const results = await this.CServer.getInstances({
data: {
assignedClusterId: clusterArg.id,
},
});
return results;
}
}
ts/manager.service/classes.service.ts
+89 -3
View File
@@ -1,14 +1,100 @@
import { SecretBundle } from '../manager.secret/classes.secretbundle.js';
import * as plugins from '../plugins.js';
import { ServiceManager } from './classes.servicemanager.js';
@plugins.smartdata.managed()
export class Service extends plugins.smartdata.SmartDataDbDoc<
Service,
plugins.servezoneInterfaces.data.IService,
ServiceManager
> {
@plugins.smartdata.svDb()
public id: string;
// STATIC
public static async getServiceById(serviceIdArg: string) {
const service = await this.getInstance({
id: serviceIdArg,
});
return service;
}
public static async getServices() {
const services = await this.getInstances({});
return services;
}
public static async createService(serviceDataArg: Partial<plugins.servezoneInterfaces.data.IService['data']>) {
const service = new Service();
service.id = await Service.getNewId();
service.data = serviceDataArg as plugins.servezoneInterfaces.data.IService['data'];
await service.save();
// Create DNS entries if service has web port and domains configured
if (service.data.ports?.web && service.data.domains?.length > 0) {
await service.createDnsEntries();
}
return service;
}
// INSTANCE
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public data: plugins.servezoneInterfaces.data.IService['data'];
public data!: plugins.servezoneInterfaces.data.IService['data'];
/**
* a service runs in a specific environment
* so -> this method returns the secret bundles as a flat object accordingly.
* in other words, it resolves secret groups for the relevant environment
* @param environmentArg
*/
public async getSecretBundlesAsFlatObject(environmentArg: string = 'production') {
const secreBundleIds = this.data.additionalSecretBundleIds || [];
secreBundleIds.push(this.data.secretBundleId); // put this last, so it overwrites any other secret bundles.
let finalFlatObject = {};
for (const secretBundleId of secreBundleIds) {
const secretBundle = await SecretBundle.getInstance({
id: secretBundleId,
});
const flatObject = await secretBundle.getFlatKeyValueObject(environmentArg);
Object.assign(finalFlatObject, flatObject);
}
return finalFlatObject;
}
/**
* Creates DNS entries for this service (in inactive state)
* These will be activated when the service is deployed
*/
public async createDnsEntries() {
const dnsManager = this.manager.cloudlyRef.dnsManager;
for (const domain of this.data.domains) {
const dnsEntryData: plugins.servezoneInterfaces.data.IDnsEntry['data'] = {
type: 'A', // Default to A record, could be made configurable
name: domain.name,
value: '0.0.0.0', // Placeholder, will be updated on deployment
ttl: 3600,
zone: '', // Will be set based on domainId
domainId: domain.domainId,
active: false, // Created as inactive
description: `Auto-generated DNS entry for service ${this.data.name}`,
createdAt: Date.now(),
isAutoGenerated: true,
sourceServiceId: this.id,
sourceType: 'service',
};
// Create the DNS entry
await dnsManager.createServiceDnsEntry(dnsEntryData);
}
}
/**
* Removes DNS entries for this service
*/
public async removeDnsEntries() {
const dnsManager = this.manager.cloudlyRef.dnsManager;
await dnsManager.removeServiceDnsEntries(this.id);
}
}
ts/manager.service/classes.servicemanager.ts
+134
View File
@@ -14,6 +14,8 @@ export class ServiceManager {
constructor(cloudlyRef: Cloudly) {
this.cloudlyRef = cloudlyRef;
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_GetServices>(
@@ -35,5 +37,137 @@ export class ServiceManager {
}
)
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_GetServiceById>(
'getServiceById',
async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const service = await Service.getInstance({
id: dataArg.serviceId,
});
return {
service: await service.createSavableObject(),
};
}
)
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_GetServiceSecretBundlesAsFlatObject>(
'getServiceSecretBundlesAsFlatObject',
async (dataArg) => {
const service = await Service.getInstance({
id: dataArg.serviceId,
});
const flatKeyValueObject = await service.getSecretBundlesAsFlatObject(dataArg.environment);
return {
flatKeyValueObject: flatKeyValueObject,
};
}
)
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_GetServiceRegistryTarget>(
'getServiceRegistryTarget',
async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const service = await Service.getInstance({
id: dataArg.serviceId,
});
return {
registryTarget: this.cloudlyRef.registryManager.getServiceRegistryTarget(
service,
dataArg.tag || service.data.imageVersion || 'latest',
),
};
}
)
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_CreateService>(
'createService',
async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.adminIdentityGuard,
]);
const service = await Service.createService(dataArg.serviceData);
service.data.registryTarget = this.cloudlyRef.registryManager.getServiceRegistryTarget(
service,
service.data.imageVersion || 'latest',
);
await service.save();
await this.cloudlyRef.coreflowManager.pushClusterConfigToConnectedCoreflows();
return {
service: await service.createSavableObject(),
};
}
)
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_UpdateService>(
'updateService',
async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.adminIdentityGuard,
]);
const service = await Service.getInstance({
id: dataArg.serviceId,
});
service.data = {
...service.data,
...dataArg.serviceData,
};
service.data.registryTarget = this.cloudlyRef.registryManager.getServiceRegistryTarget(
service,
service.data.imageVersion || 'latest',
);
await service.save();
await this.cloudlyRef.coreflowManager.pushClusterConfigToConnectedCoreflows();
return {
service: await service.createSavableObject(),
};
}
)
);
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_DeleteServiceById>(
'deleteServiceById',
async (dataArg) => {
await plugins.smartguard.passGuardsOrReject(dataArg, [
this.cloudlyRef.authManager.adminIdentityGuard,
]);
const service = await Service.getInstance({
id: dataArg.serviceId,
});
// Remove DNS entries before deleting the service
await service.removeDnsEntries();
await service.delete();
return {
success: true,
};
}
)
);
}
public async start() {
// ServiceManager is ready - handlers are already registered in constructor
console.log('ServiceManager started');
}
public async stop() {
// Cleanup if needed
console.log('ServiceManager stopped');
}
}
ts/manager.settings/classes.settingsmanager.ts
+298
View File
@@ -0,0 +1,298 @@
import * as plugins from '../plugins.js';
import type { Cloudly } from '../classes.cloudly.js';
import * as servezoneInterfaces from '@serve.zone/interfaces';
export class CloudlySettingsManager {
public cloudlyRef: Cloudly;
public readyDeferred = plugins.smartpromise.defer();
public settingsStore!: plugins.smartdata.EasyStore<servezoneInterfaces.data.ICloudlySettings>;
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
}
/**
* Initialize the settings manager and create the EasyStore
*/
public async init() {
this.settingsStore = await this.cloudlyRef.mongodbConnector.smartdataDb
.createEasyStore('cloudly-settings') as plugins.smartdata.EasyStore<servezoneInterfaces.data.ICloudlySettings>;
// Setup API route handlers
await this.setupRoutes();
this.readyDeferred.resolve();
}
/**
* Get all settings
*/
public async getSettings(): Promise<servezoneInterfaces.data.ICloudlySettings> {
await this.readyDeferred.promise;
return await this.settingsStore.readAll();
}
/**
* Get all settings with masked sensitive values (for API responses)
*/
public async getSettingsMasked(): Promise<servezoneInterfaces.data.ICloudlySettingsMasked> {
await this.readyDeferred.promise;
const settings = await this.getSettings();
const masked: servezoneInterfaces.data.ICloudlySettingsMasked = {};
for (const [key, value] of Object.entries(settings)) {
if (this.isSensitiveSettingKey(key) && typeof value === 'string' && value.length > 4) {
// Mask the token, showing only last 4 characters
masked[key] = '****' + value.slice(-4);
} else {
masked[key] = value;
}
}
return masked;
}
private isSensitiveSettingKey(key: string): boolean {
if (key === 'corebuildWorkersJson') {
return true;
}
const normalizedKey = key.toLowerCase();
return [
'token',
'secret',
'apikey',
'accesskey',
'applicationkey',
'consumerkey',
'keyjson',
'privatekey',
'password',
].some((sensitivePart) => normalizedKey.includes(sensitivePart));
}
/**
* Update multiple settings at once
*/
public async updateSettings(updates: Partial<servezoneInterfaces.data.ICloudlySettings>): Promise<void> {
await this.readyDeferred.promise;
for (const [key, value] of Object.entries(updates)) {
if (value !== undefined && value !== '') {
await this.settingsStore.writeKey(key as keyof servezoneInterfaces.data.ICloudlySettings, value);
} else if (value === '') {
// Empty string means clear the setting
await this.settingsStore.deleteKey(key as keyof servezoneInterfaces.data.ICloudlySettings);
}
}
if (Object.keys(updates).some((key) => this.isExternalGatewaySettingKey(key))) {
this.refreshExternalGatewayConfig().catch((error) => {
console.log(`External gateway settings refresh failed: ${(error as Error).message}`);
});
}
}
private isExternalGatewaySettingKey(key: string): boolean {
return [
'dcrouterGatewayUrl',
'dcrouterGatewayApiToken',
'dcrouterWorkHosterId',
'dcrouterTargetHost',
'dcrouterTargetPort',
].includes(key);
}
private async refreshExternalGatewayConfig(): Promise<void> {
await Promise.all([
this.cloudlyRef.domainManager.syncExternalGatewayDomains(),
this.cloudlyRef.coreflowManager.pushClusterConfigToConnectedCoreflows(),
]);
}
/**
* Get a specific setting value
*/
public async getSetting<K extends keyof servezoneInterfaces.data.ICloudlySettings>(key: K): Promise<servezoneInterfaces.data.ICloudlySettings[K]> {
await this.readyDeferred.promise;
return await this.settingsStore.readKey(key);
}
/**
* Set a specific setting value
*/
public async setSetting<K extends keyof servezoneInterfaces.data.ICloudlySettings>(key: K, value: servezoneInterfaces.data.ICloudlySettings[K]): Promise<void> {
await this.readyDeferred.promise;
if (value !== undefined && value !== '') {
await this.settingsStore.writeKey(key, value);
}
}
/**
* Clear a specific setting
*/
public async clearSetting(key: keyof servezoneInterfaces.data.ICloudlySettings): Promise<void> {
await this.readyDeferred.promise;
await this.settingsStore.deleteKey(key);
}
/**
* Clear all settings
*/
public async clearAllSettings(): Promise<void> {
await this.readyDeferred.promise;
await this.settingsStore.wipe();
}
/**
* Test connection for a specific provider
*/
public async testProviderConnection(provider: string): Promise<{success: boolean; message: string}> {
await this.readyDeferred.promise;
try {
switch (provider) {
case 'hetzner':
const hetznerToken = await this.getSetting('hetznerToken');
if (!hetznerToken) {
return { success: false, message: 'No Hetzner token configured' };
}
// TODO: Implement actual Hetzner API test
return { success: true, message: 'Hetzner connection test successful' };
case 'cloudflare':
const cloudflareToken = await this.getSetting('cloudflareToken');
if (!cloudflareToken) {
return { success: false, message: 'No Cloudflare token configured' };
}
// TODO: Implement actual Cloudflare API test
return { success: true, message: 'Cloudflare connection test successful' };
case 'aws':
const awsKey = await this.getSetting('awsAccessKey');
const awsSecret = await this.getSetting('awsSecretKey');
if (!awsKey || !awsSecret) {
return { success: false, message: 'AWS credentials not configured' };
}
// TODO: Implement actual AWS API test
return { success: true, message: 'AWS connection test successful' };
case 'digitalocean':
const doToken = await this.getSetting('digitalOceanToken');
if (!doToken) {
return { success: false, message: 'No DigitalOcean token configured' };
}
// TODO: Implement actual DigitalOcean API test
return { success: true, message: 'DigitalOcean connection test successful' };
case 'azure':
const azureClientId = await this.getSetting('azureClientId');
const azureClientSecret = await this.getSetting('azureClientSecret');
const azureTenantId = await this.getSetting('azureTenantId');
if (!azureClientId || !azureClientSecret || !azureTenantId) {
return { success: false, message: 'Azure credentials not configured' };
}
// TODO: Implement actual Azure API test
return { success: true, message: 'Azure connection test successful' };
default:
return { success: false, message: `Unknown provider: ${provider}` };
}
} catch (error) {
return { success: false, message: `Connection test failed: ${error instanceof Error ? error.message : String(error)}` };
}
}
/**
* Setup API route handlers for settings management
*/
private async setupRoutes() {
// Get Settings Handler
this.cloudlyRef.typedrouter.addTypedHandler<servezoneInterfaces.requests.settings.IRequest_GetSettings>(
new plugins.typedrequest.TypedHandler<servezoneInterfaces.requests.settings.IRequest_GetSettings>(
'getSettings',
async (requestData) => {
// TODO: Add authentication check for admin users
const maskedSettings = await this.getSettingsMasked();
return {
settings: maskedSettings
};
}
)
);
// Update Settings Handler
this.cloudlyRef.typedrouter.addTypedHandler<servezoneInterfaces.requests.settings.IRequest_UpdateSettings>(
new plugins.typedrequest.TypedHandler<servezoneInterfaces.requests.settings.IRequest_UpdateSettings>(
'updateSettings',
async (requestData) => {
// TODO: Add authentication check for admin users
try {
await this.updateSettings(requestData.updates);
return {
success: true,
message: 'Settings updated successfully'
};
} catch (error) {
const errorMessage = error instanceof Error ? error.message : String(error);
return {
success: false,
message: `Failed to update settings: ${errorMessage}`
};
}
}
)
);
// Clear Setting Handler
this.cloudlyRef.typedrouter.addTypedHandler<servezoneInterfaces.requests.settings.IRequest_ClearSetting>(
new plugins.typedrequest.TypedHandler<servezoneInterfaces.requests.settings.IRequest_ClearSetting>(
'clearSetting',
async (requestData) => {
// TODO: Add authentication check for admin users
try {
await this.clearSetting(requestData.key);
return {
success: true,
message: `Setting ${requestData.key} cleared successfully`
};
} catch (error) {
const errorMessage = error instanceof Error ? error.message : String(error);
return {
success: false,
message: `Failed to clear setting: ${errorMessage}`
};
}
}
)
);
// Test Provider Connection Handler
this.cloudlyRef.typedrouter.addTypedHandler<servezoneInterfaces.requests.settings.IRequest_TestProviderConnection>(
new plugins.typedrequest.TypedHandler<servezoneInterfaces.requests.settings.IRequest_TestProviderConnection>(
'testProviderConnection',
async (requestData) => {
// TODO: Add authentication check for admin users
const testResult = await this.testProviderConnection(requestData.provider);
return {
success: testResult.success,
message: testResult.message,
connectionValid: testResult.success
};
}
)
);
// Get Single Setting Handler (for internal use)
this.cloudlyRef.typedrouter.addTypedHandler<servezoneInterfaces.requests.settings.IRequest_GetSetting>(
new plugins.typedrequest.TypedHandler<servezoneInterfaces.requests.settings.IRequest_GetSetting>(
'getSetting',
async (requestData) => {
// TODO: Add authentication check for admin users
const value = await this.getSetting(requestData.key);
return {
value
};
}
)
);
}
}
ts/manager.settings/index.ts
+1
View File
@@ -0,0 +1 @@
export * from './classes.settingsmanager.js';
ts/manager.task/classes.taskexecution.ts
+165
View File
@@ -0,0 +1,165 @@
import * as plugins from '../plugins.js';
import { CloudlyTaskManager } from './classes.taskmanager.js';
@plugins.smartdata.managed()
export class TaskExecution extends plugins.smartdata.SmartDataDbDoc<
TaskExecution,
plugins.servezoneInterfaces.data.ITaskExecution,
CloudlyTaskManager
> {
// STATIC
public static async getTaskExecutionById(executionIdArg: string) {
const execution = await this.getInstance({
id: executionIdArg,
});
return execution;
}
public static async getTaskExecutions(filterArg?: {
taskName?: string;
status?: string;
startedAfter?: number;
startedBefore?: number;
}) {
const query: any = {};
if (filterArg?.taskName) {
query['data.taskName'] = filterArg.taskName;
}
if (filterArg?.status) {
query['data.status'] = filterArg.status;
}
if (filterArg?.startedAfter || filterArg?.startedBefore) {
query['data.startedAt'] = {};
if (filterArg.startedAfter) {
query['data.startedAt'].$gte = filterArg.startedAfter;
}
if (filterArg.startedBefore) {
query['data.startedAt'].$lte = filterArg.startedBefore;
}
}
const executions = await this.getInstances(query);
return executions;
}
public static async createTaskExecution(
taskName: string,
triggeredBy: 'schedule' | 'manual' | 'system',
userId?: string
) {
const execution = new TaskExecution();
execution.id = await TaskExecution.getNewId();
execution.data = {
taskName,
startedAt: Date.now(),
status: 'running',
triggeredBy,
userId,
logs: [],
};
await execution.save();
return execution;
}
// INSTANCE
@plugins.smartdata.unI()
public id!: string;
@plugins.smartdata.svDb()
public data!: plugins.servezoneInterfaces.data.ITaskExecution['data'];
/**
* Add a log entry to the execution
*/
public async addLog(message: string, severity: 'info' | 'warning' | 'error' | 'success' = 'info') {
this.data.logs.push({
timestamp: Date.now(),
message,
severity,
});
await this.save();
}
/**
* Set a metric for the execution
*/
public async setMetric(key: string, value: any) {
if (!this.data.metrics) {
this.data.metrics = {};
}
this.data.metrics[key] = value;
await this.save();
}
/**
* Mark the execution as completed
*/
public async complete(result?: any) {
this.data.completedAt = Date.now();
this.data.duration = this.data.completedAt - this.data.startedAt;
this.data.status = 'completed';
if (result !== undefined) {
this.data.result = result;
}
await this.save();
}
/**
* Mark the execution as failed
*/
public async fail(error: Error | string) {
this.data.completedAt = Date.now();
this.data.duration = this.data.completedAt - this.data.startedAt;
this.data.status = 'failed';
if (typeof error === 'string') {
this.data.error = {
message: error,
};
} else {
this.data.error = {
message: error.message,
stack: error.stack,
code: (error as any).code,
};
}
await this.save();
}
/**
* Cancel the execution
*/
public async cancel() {
this.data.completedAt = Date.now();
this.data.duration = this.data.completedAt - this.data.startedAt;
this.data.status = 'cancelled';
await this.save();
}
/**
* Get running executions
*/
public static async getRunningExecutions() {
return await this.getInstances({
'data.status': 'running',
});
}
/**
* Clean up old executions
*/
public static async cleanupOldExecutions(olderThanDays: number = 30) {
const cutoffTime = Date.now() - (olderThanDays * 24 * 60 * 60 * 1000);
const oldExecutions = await this.getInstances({
'data.completedAt': { $lt: cutoffTime },
});
for (const execution of oldExecutions) {
await execution.delete();
}
return oldExecutions.length;
}
}
ts/manager.task/classes.taskmanager.ts
+353
View File
@@ -0,0 +1,353 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import { TaskExecution } from './classes.taskexecution.js';
import { createPredefinedTasks } from './predefinedtasks.js';
import { logger } from '../logger.js';
export interface ITaskInfo {
name: string;
description: string;
category: 'maintenance' | 'deployment' | 'backup' | 'monitoring' | 'cleanup' | 'system' | 'security';
schedule?: string; // Cron expression if scheduled
lastRun?: number;
enabled: boolean;
}
export class CloudlyTaskManager {
public typedrouter = new plugins.typedrequest.TypedRouter();
public cloudlyRef: Cloudly;
// TaskBuffer integration
private taskBufferManager = new plugins.taskbuffer.TaskManager();
private taskRegistry = new Map<string, plugins.taskbuffer.Task>();
private taskInfo = new Map<string, ITaskInfo>();
private currentExecutions = new Map<string, TaskExecution>();
private cancellationRequests = new Set<string>();
// Database connection helper
get db() {
return this.cloudlyRef.mongodbConnector.smartdataDb;
}
// Set up TaskExecution document manager
public CTaskExecution = plugins.smartdata.setDefaultManagerForDoc(this, TaskExecution);
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
// Add router to main router
this.cloudlyRef.typedrouter.addTypedRouter(this.typedrouter);
// Set up API endpoints
this.setupApiEndpoints();
// Register predefined tasks
createPredefinedTasks(this);
}
/**
* Register a task with the manager
*/
public registerTask(
name: string,
task: plugins.taskbuffer.Task,
info: Omit<ITaskInfo, 'name' | 'lastRun'>
) {
this.taskRegistry.set(name, task);
this.taskInfo.set(name, {
name,
...info,
lastRun: undefined,
});
// Schedule if cron expression provided
if (info.schedule && info.enabled) {
this.scheduleTask(name, info.schedule);
}
logger.log('info', `Registered task: ${name}`);
}
/**
* Execute a task with tracking
*/
public async executeTask(
taskName: string,
triggeredBy: 'schedule' | 'manual' | 'system',
userId?: string
): Promise<TaskExecution | null> {
const task = this.taskRegistry.get(taskName);
const info = this.taskInfo.get(taskName);
if (!task) {
throw new Error(`Task ${taskName} not found`);
}
if (!info?.enabled && triggeredBy === 'schedule') {
logger.log('warn', `Skipping disabled scheduled task: ${taskName}`);
return null;
}
// Create execution record
const execution = await TaskExecution.createTaskExecution(taskName, triggeredBy, userId);
if (info?.description) {
execution.data.taskDescription = info.description;
}
if (info?.category) {
execution.data.category = info.category;
}
await execution.save();
// Store current execution for task to access
this.currentExecutions.set(taskName, execution);
try {
await execution.addLog(`Starting task: ${taskName}`, 'info');
// Execute the task
const result = await task.trigger();
// If a cancellation was requested during execution, don't mark as completed
if (execution.data.status === 'cancelled' || this.cancellationRequests.has(execution.id)) {
await execution.addLog('Task cancelled during execution', 'warning');
} else {
// Task completed successfully
await execution.complete(result);
await execution.addLog(`Task completed successfully`, 'success');
}
// Update last run time
if (info) {
info.lastRun = Date.now();
}
} catch (error) {
// If already cancelled, don't mark as failed
if (execution.data.status === 'cancelled' || this.cancellationRequests.has(execution.id)) {
await execution.addLog('Task was cancelled', 'warning');
} else {
// Task failed
await execution.fail(error as any);
await execution.addLog(`Task failed: ${(error as any).message}`, 'error');
logger.log('error', `Task ${taskName} failed: ${(error as any).message}`);
}
} finally {
// Clean up current execution
this.currentExecutions.delete(taskName);
this.cancellationRequests.delete(execution.id);
}
return execution;
}
/**
* Get current execution for a task (used by tasks to log)
*/
public getCurrentExecution(taskName: string): TaskExecution | undefined {
return this.currentExecutions.get(taskName);
}
/**
* Schedule a task with cron expression
*/
public scheduleTask(taskName: string, cronExpression: string) {
const task = this.taskRegistry.get(taskName);
if (!task) {
throw new Error(`Task ${taskName} not found`);
}
// Wrap task execution with tracking
const wrappedTask = new plugins.taskbuffer.Task({
name: `${taskName}-scheduled`,
taskFunction: async () => {
await this.executeTask(taskName, 'schedule');
},
});
this.taskBufferManager.addAndScheduleTask(wrappedTask, cronExpression);
logger.log('info', `Scheduled task ${taskName} with cron: ${cronExpression}`);
}
/**
* Cancel a running task
*/
public async cancelTask(executionId: string): Promise<boolean> {
const execution = await TaskExecution.getTaskExecutionById(executionId);
if (!execution || execution.data.status !== 'running') {
return false;
}
await execution.cancel();
await execution.addLog('Task cancelled by user', 'warning');
// mark cancellation request so running task functions can react cooperatively
this.cancellationRequests.add(execution.id);
return true;
}
/**
* Check if cancellation is requested for an execution
*/
public isCancellationRequested(executionId: string): boolean {
return this.cancellationRequests.has(executionId);
}
/**
* Get all registered tasks
*/
public getAllTasks(): ITaskInfo[] {
return Array.from(this.taskInfo.values());
}
/**
* Enable or disable a task
*/
public async setTaskEnabled(taskName: string, enabled: boolean) {
const info = this.taskInfo.get(taskName);
if (!info) {
throw new Error(`Task ${taskName} not found`);
}
info.enabled = enabled;
if (!enabled) {
// TODO: Remove from scheduler if disabled
logger.log('info', `Disabled task: ${taskName}`);
} else if (info.schedule) {
// Reschedule if enabled with schedule
this.scheduleTask(taskName, info.schedule);
}
}
/**
* Set up API endpoints
*/
private setupApiEndpoints() {
// Get all tasks
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.task.IRequest_Any_Cloudly_GetTasks>(
'getTasks',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const tasks = this.getAllTasks();
return {
tasks,
};
}
)
);
// Get task executions
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.task.IRequest_Any_Cloudly_GetTaskExecutions>(
'getTaskExecutions',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const executions = await TaskExecution.getTaskExecutions(reqArg.filter);
return {
executions: await Promise.all(
executions.map(e => e.createSavableObject())
),
};
}
)
);
// Get task execution by ID
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.task.IRequest_Any_Cloudly_GetTaskExecutionById>(
'getTaskExecutionById',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const execution = await TaskExecution.getTaskExecutionById(reqArg.executionId);
if (!execution) {
throw new Error('Task execution not found');
}
return {
execution: await execution.createSavableObject(),
};
}
)
);
// Trigger task manually
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.task.IRequest_Any_Cloudly_TriggerTask>(
'triggerTask',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const execution = await this.executeTask(
reqArg.taskName,
'manual',
reqArg.userId
);
if (!execution) {
throw new Error(`Task ${reqArg.taskName} did not start`);
}
return {
execution: await execution.createSavableObject(),
};
}
)
);
// Cancel task
this.typedrouter.addTypedHandler(
new plugins.typedrequest.TypedHandler<plugins.servezoneInterfaces.requests.task.IRequest_Any_Cloudly_CancelTask>(
'cancelTask',
async (reqArg) => {
await plugins.smartguard.passGuardsOrReject(reqArg, [
this.cloudlyRef.authManager.validIdentityGuard,
]);
const success = await this.cancelTask(reqArg.executionId);
return {
success,
};
}
)
);
}
/**
* Initialize the task manager
*/
public async init() {
logger.log('info', 'Task Manager initialized');
// Clean up old executions on startup
const deletedCount = await TaskExecution.cleanupOldExecutions(30);
if (deletedCount > 0) {
logger.log('info', `Cleaned up ${deletedCount} old task executions`);
}
await this.taskBufferManager.start();
}
/**
* Stop the task manager
*/
public async stop() {
// Stop all scheduled tasks
await this.taskBufferManager.stop();
logger.log('info', 'Task Manager stopped');
}
}
ts/manager.task/predefinedtasks.ts
+574
View File
@@ -0,0 +1,574 @@
import * as plugins from '../plugins.js';
import { CloudlyTaskManager } from './classes.taskmanager.js';
import { logger } from '../logger.js';
const getErrorMessage = (errorArg: unknown) => errorArg instanceof Error ? errorArg.message : String(errorArg);
/**
* Create and register all predefined tasks
*/
export function createPredefinedTasks(taskManager: CloudlyTaskManager) {
// Cloudflare Domain Sync Task
const cfDomainSync = new plugins.taskbuffer.Task({
name: 'cloudflare-domain-sync',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('cloudflare-domain-sync');
try {
await execution?.addLog('Starting Cloudflare domain sync…', 'info');
const cf = taskManager.cloudlyRef.cloudflareConnector?.cloudflare;
if (!cf) {
await execution?.addLog('Cloudflare not configured; skipping sync.', 'warning');
return { created: 0, updated: 0, totalZones: 0 };
}
const zones = await cf.convenience.listZones();
await execution?.setMetric('totalZones', zones.length);
await execution?.addLog(`Fetched ${zones.length} zones from Cloudflare`, 'info');
let created = 0;
let updated = 0;
const now = Date.now();
for (const zone of zones) {
// zone fields from Cloudflare typings
const zoneName = (zone as any).name as string;
const zoneId = (zone as any).id as string;
const zoneStatus = ((zone as any).status || 'active') as 'active'|'pending'|'suspended'|'transferred'|'expired';
const nameServers: string[] = (zone as any).name_servers || [];
const existing = await taskManager.cloudlyRef.domainManager.CDomain.getDomainByName(zoneName);
if (existing) {
if (execution && (taskManager.isCancellationRequested(execution.id) || existing.data == null)) {
await execution?.addLog('Cancellation requested. Stopping CF sync…', 'warning');
break;
}
await execution?.addLog(`Updating domain: ${zoneName}`, 'info');
await taskManager.cloudlyRef.domainManager.CDomain.updateDomain(existing.id, {
status: zoneStatus as any,
nameservers: nameServers,
cloudflareZoneId: zoneId,
syncSource: 'cloudflare',
lastSyncAt: now,
activationState: existing.data.activationState || 'available',
});
updated++;
} else {
await execution?.addLog(`Creating domain: ${zoneName}`, 'info');
await taskManager.cloudlyRef.domainManager.CDomain.createDomain({
name: zoneName,
description: `Synced from Cloudflare zone ${zoneId}`,
status: zoneStatus as any,
verificationStatus: 'pending',
nameservers: nameServers,
autoRenew: true,
cloudflareZoneId: zoneId,
activationState: 'available',
syncSource: 'cloudflare',
lastSyncAt: now,
} as any);
created++;
}
}
await execution?.setMetric('created', created);
await execution?.setMetric('updated', updated);
await execution?.addLog(`Cloudflare sync done: ${created} created, ${updated} updated`, 'success');
return { created, updated, totalZones: zones.length };
} catch (error) {
await execution?.addLog(`Cloudflare sync error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('cloudflare-domain-sync', cfDomainSync, {
description: 'Import and update domains from Cloudflare zones',
category: 'system',
schedule: '0 3 * * *', // Daily at 3 AM
enabled: true,
});
// DNS Sync Task
const dnsSync = new plugins.taskbuffer.Task({
name: 'dns-sync',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('dns-sync');
const dnsManager = taskManager.cloudlyRef.dnsManager;
try {
await execution?.addLog('Starting DNS synchronization...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting DNS sync...', 'warning');
return;
}
// Get all DNS entries marked as external
const dnsEntries = await dnsManager.CDnsEntry.getInstances({
'data.sourceType': 'external',
});
await execution?.addLog(`Found ${dnsEntries.length} external DNS entries to sync`, 'info');
await execution?.setMetric('totalEntries', dnsEntries.length);
let syncedCount = 0;
let failedCount = 0;
for (const entry of dnsEntries) {
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Stopping loop...', 'warning');
break;
}
try {
// TODO: Implement actual sync with external DNS provider
await execution?.addLog(`Syncing DNS entry: ${entry.data.name}.${entry.data.zone}`, 'info');
syncedCount++;
} catch (error) {
await execution?.addLog(`Failed to sync ${entry.data.name}: ${getErrorMessage(error)}`, 'warning');
failedCount++;
}
}
await execution?.setMetric('syncedCount', syncedCount);
await execution?.setMetric('failedCount', failedCount);
await execution?.addLog(`DNS sync completed: ${syncedCount} synced, ${failedCount} failed`, 'success');
return { synced: syncedCount, failed: failedCount };
} catch (error) {
await execution?.addLog(`DNS sync error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('dns-sync', dnsSync, {
description: 'Synchronize DNS entries with external providers',
category: 'system',
schedule: '0 */6 * * *', // Every 6 hours
enabled: true,
});
// Certificate Renewal Task
const certRenewal = new plugins.taskbuffer.Task({
name: 'cert-renewal',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('cert-renewal');
try {
await execution?.addLog('Checking certificates for renewal...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting certificate renewal...', 'warning');
return;
}
// Get all domains (only activated ones are considered for renewal)
const domains = await taskManager.cloudlyRef.domainManager.CDomain.getInstances({
'data.activationState': 'activated',
} as any);
await execution?.setMetric('totalDomains', domains.length);
let renewedCount = 0;
let upToDateCount = 0;
for (const domain of domains) {
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Stopping loop...', 'warning');
break;
}
// TODO: Check certificate expiry and renew if needed
await execution?.addLog(`Checking certificate for ${domain.data.name}`, 'info');
// Placeholder logic
const needsRenewal = Math.random() > 0.8; // 20% chance for demo
if (needsRenewal) {
await execution?.addLog(`Renewing certificate for ${domain.data.name}`, 'info');
// TODO: Actual renewal logic
renewedCount++;
} else {
upToDateCount++;
}
}
await execution?.setMetric('renewedCount', renewedCount);
await execution?.setMetric('upToDateCount', upToDateCount);
await execution?.addLog(`Certificate check completed: ${renewedCount} renewed, ${upToDateCount} up to date`, 'success');
return { renewed: renewedCount, upToDate: upToDateCount };
} catch (error) {
await execution?.addLog(`Certificate renewal error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('cert-renewal', certRenewal, {
description: 'Check and renew SSL certificates',
category: 'security',
schedule: '0 2 * * *', // Daily at 2 AM
enabled: true,
});
// Cleanup Task
const cleanup = new plugins.taskbuffer.Task({
name: 'cleanup',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('cleanup');
try {
await execution?.addLog('Starting cleanup tasks...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting cleanup...', 'warning');
return;
}
// Clean up old task executions
await execution?.addLog('Cleaning old task executions...', 'info');
const deletedExecutions = await taskManager.CTaskExecution.cleanupOldExecutions(30);
await execution?.setMetric('deletedExecutions', deletedExecutions);
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) return;
// TODO: Clean up old logs
await execution?.addLog('Cleaning old logs...', 'info');
// Placeholder
const deletedLogs = 0;
await execution?.setMetric('deletedLogs', deletedLogs);
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) return;
// TODO: Clean up Docker images
await execution?.addLog('Cleaning unused Docker images...', 'info');
// Placeholder
const deletedImages = 0;
await execution?.setMetric('deletedImages', deletedImages);
await execution?.addLog(`Cleanup completed: ${deletedExecutions} executions, ${deletedLogs} logs, ${deletedImages} images deleted`, 'success');
return {
executions: deletedExecutions,
logs: deletedLogs,
images: deletedImages,
};
} catch (error) {
await execution?.addLog(`Cleanup error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('cleanup', cleanup, {
description: 'Remove old logs, executions, and temporary files',
category: 'cleanup',
schedule: '0 3 * * *', // Daily at 3 AM
enabled: true,
});
// Health Check Task
const healthCheck = new plugins.taskbuffer.Task({
name: 'health-check',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('health-check');
try {
await execution?.addLog('Starting health checks...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting health checks...', 'warning');
return;
}
// Check all deployments
const deployments = await taskManager.cloudlyRef.deploymentManager.getAllDeployments();
await execution?.setMetric('totalDeployments', deployments.length);
let healthyCount = 0;
let unhealthyCount = 0;
const issues: Array<{ deploymentId: string; serviceId: string; issue: string }> = [];
for (const deployment of deployments) {
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Stopping loop...', 'warning');
break;
}
if (deployment.status === 'running') {
// TODO: Actual health check logic
const isHealthy = Math.random() > 0.1; // 90% healthy for demo
if (isHealthy) {
healthyCount++;
} else {
unhealthyCount++;
issues.push({
deploymentId: deployment.id,
serviceId: deployment.serviceId,
issue: 'Health check failed',
});
await execution?.addLog(`Deployment ${deployment.id} is unhealthy`, 'warning');
}
}
}
await execution?.setMetric('healthyCount', healthyCount);
await execution?.setMetric('unhealthyCount', unhealthyCount);
await execution?.setMetric('issues', issues);
const severity = unhealthyCount > 0 ? 'warning' : 'success';
await execution?.addLog(
`Health check completed: ${healthyCount} healthy, ${unhealthyCount} unhealthy`,
severity as any
);
return { healthy: healthyCount, unhealthy: unhealthyCount, issues };
} catch (error) {
await execution?.addLog(`Health check error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('health-check', healthCheck, {
description: 'Monitor service health across deployments',
category: 'monitoring',
schedule: '*/15 * * * *', // Every 15 minutes
enabled: true,
});
// Resource Usage Report
const resourceReport = new plugins.taskbuffer.Task({
name: 'resource-report',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('resource-report');
try {
await execution?.addLog('Generating resource usage report...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting report...', 'warning');
return;
}
// Get all nodes
const nodes = await taskManager.cloudlyRef.nodeManager.CClusterNode.getInstances({});
const report: {
timestamp: number;
nodes: Array<{ nodeId: string; nodeName: string; cpu: number; memory: number; disk: number }>;
totalCpu: number;
totalMemory: number;
totalDisk: number;
} = {
timestamp: Date.now(),
nodes: [],
totalCpu: 0,
totalMemory: 0,
totalDisk: 0,
};
for (const node of nodes) {
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Stopping loop...', 'warning');
break;
}
// TODO: Get actual resource usage
const nodeUsage = {
nodeId: node.id,
nodeName: node.data.swarmNodeId || node.id,
cpu: Math.random() * 100, // Placeholder
memory: Math.random() * 100, // Placeholder
disk: Math.random() * 100, // Placeholder
};
report.nodes.push(nodeUsage);
report.totalCpu += nodeUsage.cpu;
report.totalMemory += nodeUsage.memory;
report.totalDisk += nodeUsage.disk;
}
// Calculate averages
if (nodes.length > 0) {
report.totalCpu /= nodes.length;
report.totalMemory /= nodes.length;
report.totalDisk /= nodes.length;
}
await execution?.setMetric('report', report);
await execution?.addLog(
`Resource report generated: Avg CPU ${report.totalCpu.toFixed(1)}%, Memory ${report.totalMemory.toFixed(1)}%, Disk ${report.totalDisk.toFixed(1)}%`,
'success'
);
return report;
} catch (error) {
await execution?.addLog(`Resource report error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('resource-report', resourceReport, {
description: 'Generate resource usage reports',
category: 'monitoring',
schedule: '0 * * * *', // Every hour
enabled: true,
});
// Database Maintenance
const dbMaintenance = new plugins.taskbuffer.Task({
name: 'db-maintenance',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('db-maintenance');
try {
await execution?.addLog('Starting database maintenance...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting DB maintenance...', 'warning');
return;
}
// TODO: Implement actual database maintenance
await execution?.addLog('Analyzing indexes...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) return;
await execution?.addLog('Compacting collections...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) return;
await execution?.addLog('Updating statistics...', 'info');
await execution?.setMetric('collectionsOptimized', 5); // Placeholder
await execution?.setMetric('indexesRebuilt', 3); // Placeholder
await execution?.addLog('Database maintenance completed', 'success');
return { success: true };
} catch (error) {
await execution?.addLog(`Database maintenance error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('db-maintenance', dbMaintenance, {
description: 'Optimize database performance',
category: 'maintenance',
schedule: '0 4 * * 0', // Weekly on Sunday at 4 AM
enabled: true,
});
// Security Scan
const securityScan = new plugins.taskbuffer.Task({
name: 'security-scan',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('security-scan');
try {
await execution?.addLog('Starting security scan...', 'info');
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Aborting security scan...', 'warning');
return;
}
const vulnerabilities: Array<{ type: string; severity: string; image: string; version: string }> = [];
// Check for exposed ports
await execution?.addLog('Checking for exposed ports...', 'info');
// TODO: Actual port scanning logic
// Check for outdated images
await execution?.addLog('Checking for outdated images...', 'info');
const images = await taskManager.cloudlyRef.imageManager.CImage.getInstances({});
for (const image of images) {
if (execution && (taskManager.isCancellationRequested(execution.id) || execution.data.status === 'cancelled')) {
await execution.addLog('Cancellation requested. Stopping loop...', 'warning');
break;
}
// TODO: Check if image is outdated
const isOutdated = Math.random() > 0.7; // 30% outdated for demo
if (isOutdated) {
vulnerabilities.push({
type: 'outdated-image',
severity: 'medium',
image: image.data.name,
version: image.data.versions[0]?.versionString || 'unknown',
});
}
}
// Check for weak passwords
await execution?.addLog('Checking for weak configurations...', 'info');
// TODO: Configuration checks
await execution?.setMetric('vulnerabilitiesFound', vulnerabilities.length);
await execution?.setMetric('vulnerabilities', vulnerabilities);
const severity = vulnerabilities.length > 0 ? 'warning' : 'success';
await execution?.addLog(
`Security scan completed: ${vulnerabilities.length} vulnerabilities found`,
severity as any
);
return { vulnerabilities };
} catch (error) {
await execution?.addLog(`Security scan error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('security-scan', securityScan, {
description: 'Run security checks on services',
category: 'security',
schedule: '0 1 * * *', // Daily at 1 AM
enabled: true,
});
// Docker Cleanup
const dockerCleanup = new plugins.taskbuffer.Task({
name: 'docker-cleanup',
taskFunction: async () => {
const execution = taskManager.getCurrentExecution('docker-cleanup');
try {
await execution?.addLog('Starting Docker cleanup...', 'info');
// TODO: Implement actual Docker cleanup
await execution?.addLog('Removing stopped containers...', 'info');
const removedContainers = 0; // Placeholder
await execution?.addLog('Removing unused images...', 'info');
const removedImages = 0; // Placeholder
await execution?.addLog('Removing unused volumes...', 'info');
const removedVolumes = 0; // Placeholder
await execution?.addLog('Removing unused networks...', 'info');
const removedNetworks = 0; // Placeholder
await execution?.setMetric('removedContainers', removedContainers);
await execution?.setMetric('removedImages', removedImages);
await execution?.setMetric('removedVolumes', removedVolumes);
await execution?.setMetric('removedNetworks', removedNetworks);
await execution?.addLog(
`Docker cleanup completed: ${removedContainers} containers, ${removedImages} images, ${removedVolumes} volumes, ${removedNetworks} networks removed`,
'success'
);
return {
containers: removedContainers,
images: removedImages,
volumes: removedVolumes,
networks: removedNetworks,
};
} catch (error) {
await execution?.addLog(`Docker cleanup error: ${getErrorMessage(error)}`, 'error');
throw error;
}
},
});
taskManager.registerTask('docker-cleanup', dockerCleanup, {
description: 'Remove unused Docker images and containers',
category: 'cleanup',
schedule: '0 5 * * *', // Daily at 5 AM
enabled: true,
});
logger.log('info', 'Predefined tasks registered successfully');
}
ts/manager.task/taskmanager.ts
-35
View File
@@ -1,35 +0,0 @@
import * as plugins from '../plugins.js';
import { Cloudly } from '../classes.cloudly.js';
import { logger } from '../logger.js';
export class CloudlyTaskmanager {
public cloudlyRef: Cloudly;
constructor(cloudlyRefArg: Cloudly) {
this.cloudlyRef = cloudlyRefArg;
}
public everyMinuteTask = new plugins.taskbuffer.Task({
taskFunction: async () => {},
});
public everyHourTask = new plugins.taskbuffer.Task({
taskFunction: async () => {
logger.log('info', `Performing hourly maintenance check.`);
const configs = await this.cloudlyRef.clusterManager.getAllClusters();
logger.log('info', `Got ${configs.length} configs`);
configs.map((configArg) => {
console.log(configArg.name);
});
},
});
public everyDayTask = new plugins.taskbuffer.Task({
taskFunction: async () => {},
});
public everyWeekTask = new plugins.taskbuffer.Task({
taskFunction: async () => {},
});
}
ts/plugins.ts
+10 -3
View File
@@ -1,7 +1,10 @@
// node native
import * as path from 'path';
import * as crypto from 'node:crypto';
import * as stream from 'stream';
import * as fsPromises from 'node:fs/promises';
export { path };
export { path, crypto, stream, fsPromises };
// @apiglobal scope
import * as typedrequest from '@api.global/typedrequest';
@@ -23,7 +26,7 @@ import * as tsclass from '@tsclass/tsclass';
export { tsclass };
// @push.rocks scope
import * as npmextra from '@push.rocks/npmextra';
import * as smartconfig from '@push.rocks/smartconfig';
import * as projectinfo from '@push.rocks/projectinfo';
import * as qenv from '@push.rocks/qenv';
import * as smartacme from '@push.rocks/smartacme';
@@ -42,6 +45,8 @@ import * as smartlog from '@push.rocks/smartlog';
import * as smartpath from '@push.rocks/smartpath';
import * as smartpromise from '@push.rocks/smartpromise';
import * as smartrequest from '@push.rocks/smartrequest';
import * as smartregistry from '@push.rocks/smartregistry';
import * as smartsamba from '@push.rocks/smartsamba';
import * as smartssh from '@push.rocks/smartssh';
import * as smartstream from '@push.rocks/smartstream';
import * as smartstring from '@push.rocks/smartstring';
@@ -50,7 +55,7 @@ import * as taskbuffer from '@push.rocks/taskbuffer';
import * as typedserver from '@api.global/typedserver';
export {
npmextra,
smartconfig,
projectinfo,
qenv,
smartacme,
@@ -68,7 +73,9 @@ export {
smartlog,
smartpath,
smartpromise,
smartregistry,
smartrequest,
smartsamba,
smartssh,
smartstream,
smartstring,
ts_apiclient/classes.cloudlyapiclient.ts
-184
View File
@@ -1,184 +0,0 @@
import * as plugins from './plugins.js';
export type TClientType = 'api' | 'ci' | 'coreflow' | 'cli' | 'serverconfig';
import { Image } from './classes.image.js';
import { Service } from './classes.service.js';
export class CloudlyApiClient {
private cloudlyUrl: string;
private registerAs: string;
public typedrouter = new plugins.typedrequest.TypedRouter();
public typedsocketClient: plugins.typedsocket.TypedSocket;
// Subjects
public configUpdateSubject = new plugins.smartrx.rxjs.Subject<
plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig['request']
>();
public serverActionSubject = new plugins.smartrx.rxjs.Subject<
plugins.servezoneInterfaces.requests.server.IRequest_TriggerServerAction['request']
>();
constructor(optionsArg: {
registerAs: TClientType;
cloudlyUrl?: string;
}) {
this.registerAs = optionsArg.registerAs;
this.cloudlyUrl =
optionsArg?.cloudlyUrl || process.env.CLOUDLY_URL || 'https://cloudly.layer.io:443';
console.log(
`creating LoleCloudlyClient: registering as ${this.registerAs} and target url ${this.cloudlyUrl}`
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.config.IRequest_Cloudly_Coreflow_PushClusterConfig>(
new plugins.typedrequest.TypedHandler('pushClusterConfig', async (dataArg) => {
this.configUpdateSubject.next(dataArg);
return {};
})
);
this.typedrouter.addTypedHandler<plugins.servezoneInterfaces.requests.server.IRequest_TriggerServerAction>(
new plugins.typedrequest.TypedHandler('triggerServerAction', async (dataArg) => {
this.serverActionSubject.next(dataArg);
return {
actionConfirmed: true,
};
})
);
}
public async start() {
this.typedsocketClient = await plugins.typedsocket.TypedSocket.createClient(
this.typedrouter,
this.cloudlyUrl
);
console.log(
`CloudlyClient connected to cloudly at ${this.cloudlyUrl}. Remember to get an identity.`
);
}
public async stop() {
await this.typedsocketClient.stop();
}
public identity: plugins.servezoneInterfaces.data.IIdentity;
public async getIdentityByToken(
token: string,
optionsArg?: {
tagConnection?: boolean;
statefullIdentity?: boolean;
}
): Promise<plugins.servezoneInterfaces.data.IIdentity> {
optionsArg = Object.assign({}, {
tagConnection: false,
statefullIdentity: true,
}, optionsArg);
const identityRequest =
this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.identity.IRequest_Any_Cloudly_CoreflowManager_GetIdentityByToken>(
'getIdentityByToken'
);
console.log(`trying to get identity from cloudly with supplied jumpCodeArg: ${token}`);
const response = await identityRequest.fire({
token: token,
});
console.log('got identity response');
const identity = response.identity;
if (optionsArg.tagConnection) {
this.typedsocketClient.addTag('identity', identity);
}
if (optionsArg.statefullIdentity) {
this.identity = identity;
}
return identity;
}
/**
* will use statefull identity by default
*/
public async getClusterConfigFromCloudlyByIdentity(
identityArg: plugins.servezoneInterfaces.data.IIdentity = this.identity
): Promise<plugins.servezoneInterfaces.data.ICluster> {
const clusterConfigRequest =
this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.config.IRequest_Any_Cloudly_GetClusterConfig>(
'getClusterConfig'
);
const response = await clusterConfigRequest.fire({
identity: identityArg,
});
return response.configData;
}
/**
* will use statefull identity by default
*/
public async getServerConfigFromCloudlyByIdentity(
identityArg: plugins.servezoneInterfaces.data.IIdentity = this.identity
): Promise<plugins.servezoneInterfaces.data.IServer> {
const serverConfigRequest =
this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.config.IRequest_Any_Cloudly_GetServerConfig>(
'getServerConfig'
);
const response = await serverConfigRequest.fire({
identity: identityArg,
serverId: '', // TODO: get server id here
});
return response.configData;
}
/**
* gets a certificate for a domain used by a service
*/
public async getCertificateForDomain(optionsArg: {
domainName: string;
type: plugins.servezoneInterfaces.requests.certificate.IRequest_Any_Cloudly_GetCertificateForDomain['request']['type'];
identity?: plugins.servezoneInterfaces.data.IIdentity;
}): Promise<plugins.tsclass.network.ICert> {
optionsArg.identity = optionsArg.identity || this.identity;
if (!optionsArg.identity) {
throw new Error('identity is required. Either provide one or login first.');
}
const typedCertificateRequest =
this.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.certificate.IRequest_Any_Cloudly_GetCertificateForDomain>(
'getCertificateForDomain'
);
const typedResponse = await typedCertificateRequest.fire({
identity: this.identity, // do proper auth here
domainName: optionsArg.domainName,
type: optionsArg.type,
});
return typedResponse.certificate;
}
public image = {
// Images
getImageById: async (imageIdArg: string) => {
return Image.getImageById(this, imageIdArg);
},
getImages: async () => {
return Image.getImages(this);
},
createImage: async (optionsArg: Parameters<typeof Image.createImage>[1]) => {
return Image.createImage(this, optionsArg);
}
}
public services = {
// Services
getServiceById: async (serviceIdArg: string) => {
return Service.getServiceById(this, serviceIdArg);
},
getServices: async () => {
return Service.getServices(this);
},
createService: async (optionsArg: Parameters<typeof Service.createService>[1]) => {
return Service.createService(this, optionsArg);
}
}
}
ts_apiclient/classes.cluster.ts
-84
View File
@@ -1,84 +0,0 @@
import { CloudlyApiClient } from './classes.cloudlyapiclient.js';
import * as plugins from './plugins.js';
export class Cluster implements plugins.servezoneInterfaces.data.ICluster {
// STATIC
public static async getClusterById(cloudlyClientRef: CloudlyApiClient, clusterIdArg: string) {
const getClusterByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_GetClusterById>(
'getClusterById'
);
const response = await getClusterByIdTR.fire({
identity: cloudlyClientRef.identity,
clusterId: clusterIdArg,
});
const newCluster = new Cluster(cloudlyClientRef);
Object.assign(newCluster, response.cluster);
return newCluster;
}
public static async getClusters(cloudlyClientRef: CloudlyApiClient) {
const getClustersTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_GetClusters>(
'getClusters'
);
const response = await getClustersTR.fire({
identity: cloudlyClientRef.identity,
});
const clusterConfigs: Cluster[] = [];
for (const clusterConfig of response.clusters) {
const newCluster = new Cluster(cloudlyClientRef);
Object.assign(newCluster, clusterConfig);
clusterConfigs.push(newCluster);
}
return clusterConfigs;
}
public static async createCluster(cloudlyClientRef: CloudlyApiClient, clusterNameArg: string) {
const createClusterTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.cluster.IRequest_CreateCluster>(
'createCluster'
);
const response = await createClusterTR.fire({
identity: cloudlyClientRef.identity,
clusterName: clusterNameArg,
});
const newCluster = new Cluster(cloudlyClientRef);
Object.assign(newCluster, response.cluster);
return newCluster;
}
// INSTANCE
public id: string;
public data: plugins.servezoneInterfaces.data.ICluster['data'];
public cloudlyClientRef: CloudlyApiClient;
constructor(cloudlyClientRef: CloudlyApiClient) {
this.cloudlyClientRef = cloudlyClientRef;
}
public async update() {
const updateClusterTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_UpdateCluster>(
'updateCluster'
);
const response = await updateClusterTR.fire({
identity: this.cloudlyClientRef.identity,
clusterData: this.data,
});
const resultClusterData = response.resultCluster.data;
plugins.smartexpect.expect(resultClusterData).toEqual(this.data);
return this;
}
public async delete(cloudlyClientRef: CloudlyApiClient, clusterIdArg: string) {
const deleteClusterTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.cluster.IReq_Any_Cloudly_DeleteClusterById>(
'deleteClusterById'
);
const response = await deleteClusterTR.fire({
identity: cloudlyClientRef.identity,
clusterId: this.id,
});
plugins.smartexpect.expect(response.ok).toBeTrue();
return null;
}
}
ts_apiclient/classes.image.ts
-113
View File
@@ -1,113 +0,0 @@
import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
import * as plugins from './plugins.js';
export class Image implements plugins.servezoneInterfaces.data.IImage {
public static async getImages(cloudlyClientRef: CloudlyApiClient) {
const getAllImagesTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_GetAllImages>(
'getAllImages'
);
const response = await getAllImagesTR.fire({
identity: cloudlyClientRef.identity,
});
const resultImages: Image[] = [];
for (const image of response.images) {
const newImage = new Image(cloudlyClientRef);
Object.assign(newImage, image);
resultImages.push(newImage);
}
return resultImages;
}
public static async getImageById(cloudlyClientRef: CloudlyApiClient, imageIdArg: string) {
const getImageByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_GetImage>(
'getImage'
);
const response = await getImageByIdTR.fire({
identity: cloudlyClientRef.identity,
imageId: imageIdArg,
});
const newImage = new Image(cloudlyClientRef);
Object.assign(newImage, response.image);
return newImage;
}
/**
* creates a new image
*/
public static async createImage(cloudlyClientRef: CloudlyApiClient, imageDataArg: Partial<plugins.servezoneInterfaces.data.IImage['data']>) {
const createImageTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_CreateImage>(
'createImage'
);
const response = await createImageTR.fire({
identity: cloudlyClientRef.identity,
name: imageDataArg.name,
description: imageDataArg.description,
});
const newImage = new Image(cloudlyClientRef);
Object.assign(newImage, response.image);
return newImage;
}
// INSTANCE
cloudlyClientRef: CloudlyApiClient;
id: plugins.servezoneInterfaces.data.IImage['id'];
data: plugins.servezoneInterfaces.data.IImage['data'];
constructor(cloudlyClientRef: CloudlyApiClient) {
this.cloudlyClientRef = cloudlyClientRef;
}
/**
* updates the image data
*/
public async update() {
const getVersionsTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_GetImage>(
'getImage'
);
const response = await getVersionsTR.fire({
identity: this.cloudlyClientRef.identity,
imageId: this.id,
});
Object.assign(this, response.image);
}
/**
* pushes a new version of the image
* @param imageVersion
* @param imageReadableArg
*/
public async pushImageVersion(imageVersion: string, imageReadableArg: ReadableStream<Uint8Array>): Promise<void> {
const done = plugins.smartpromise.defer();
const pushImageTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_PushImageVersion>(
'pushImageVersion'
);
const virtualStream = new plugins.typedrequest.VirtualStream();
const response = await pushImageTR.fire({
identity: this.cloudlyClientRef.identity,
imageId: this.id,
versionString: '',
imageStream: virtualStream,
});
await virtualStream.readFromWebstream(imageReadableArg);
await this.update();
};
/**
* pulls a version of the image
*/
public async pullImageVersion(versionStringArg: string): Promise<ReadableStream<Uint8Array>> {
const pullImageTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.image.IRequest_PullImageVersion>(
'pullImageVersion'
);
const response = await pullImageTR.fire({
identity: this.cloudlyClientRef.identity,
imageId: this.id,
versionString: versionStringArg,
});
const imageStream = response.imageStream;
const webduplexStream = new plugins.webstream.WebDuplexStream({});
imageStream.writeToWebstream(webduplexStream.writable);
return webduplexStream.readable;
};
}
ts_apiclient/classes.secretbundle.ts
-96
View File
@@ -1,96 +0,0 @@
import * as plugins from './plugins.js';
import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
export class SecretBundle implements plugins.servezoneInterfaces.data.ISecretBundle {
public cloudlyClientRef: CloudlyApiClient;
public id: string;
public data: plugins.servezoneInterfaces.data.ISecretBundle['data'];
constructor(cloudlyClientRef: CloudlyApiClient) {
this.cloudlyClientRef = cloudlyClientRef;
}
public static async getSecretBundleById(cloudlyClientRef: CloudlyApiClient, secretBundleIdArg: string) {
const getSecretBundleByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundleById>(
'getSecretBundleById'
);
const response = await getSecretBundleByIdTR.fire({
identity: cloudlyClientRef.identity,
secretBundleId: secretBundleIdArg,
});
const newSecretBundle = new SecretBundle(cloudlyClientRef);
Object.assign(newSecretBundle, response.secretBundle);
return newSecretBundle;
}
public static async getSecretBundles(cloudlyClientRef: CloudlyApiClient) {
const getSecretBundlesTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_GetSecretBundles>(
'getSecretBundles'
);
const response = await getSecretBundlesTR.fire({
identity: cloudlyClientRef.identity,
});
const secretBundles: SecretBundle[] = [];
for (const secretBundle of response.secretBundles) {
const newSecretBundle = new SecretBundle(cloudlyClientRef);
Object.assign(newSecretBundle, secretBundle);
secretBundles.push(newSecretBundle);
}
return secretBundles;
}
public static async createSecretBundle(cloudlyClientRef: CloudlyApiClient, secretBundleDataArg: Partial<plugins.servezoneInterfaces.data.ISecretBundle['data']>) {
const createSecretBundleTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_CreateSecretBundle>(
'createSecretBundle'
);
const response = await createSecretBundleTR.fire({
identity: cloudlyClientRef.identity,
secretBundle: {
id: null,
data: {
name: secretBundleDataArg.name,
description: secretBundleDataArg.description,
type: secretBundleDataArg.type,
authorizations: secretBundleDataArg.authorizations,
includedImages: secretBundleDataArg.includedImages,
includedSecretGroupIds: secretBundleDataArg.includedSecretGroupIds,
includedTags: secretBundleDataArg.includedTags,
},
},
});
const newSecretBundle = new SecretBundle(cloudlyClientRef);
Object.assign(newSecretBundle, response.resultSecretBundle);
return newSecretBundle;
}
public async update() {
const updateSecretBundleTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_UpdateSecretBundle>(
'updateSecretBundle'
);
const response = await updateSecretBundleTR.fire({
identity: this.cloudlyClientRef.identity,
secretBundle: {
id: this.id,
data: this.data,
},
});
const resultSecretBundleData = response.resultSecretBundle.data;
plugins.smartexpect.expect(resultSecretBundleData).toEqual(this.data);
return this;
}
public async delete(cloudlyClientRef: CloudlyApiClient, secretBundleIdArg: string) {
const deleteSecretBundleTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretbundle.IReq_DeleteSecretBundleById>(
'deleteSecretBundleById'
);
const response = await deleteSecretBundleTR.fire({
identity: cloudlyClientRef.identity,
secretBundleId: this.id,
});
plugins.smartexpect.expect(response.ok).toBeTrue();
return null;
}
}
ts_apiclient/classes.secretgroup.ts
-103
View File
@@ -1,103 +0,0 @@
import * as plugins from './plugins.js';
import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
export class SecretGroup implements plugins.servezoneInterfaces.data.ISecretGroup {
public cloudlyClientRef: CloudlyApiClient;
public id: string;
public data: plugins.servezoneInterfaces.data.ISecretGroup['data'];
constructor(cloudlyClientRef: CloudlyApiClient) {
this.cloudlyClientRef = cloudlyClientRef;
}
public static async getSecretGroupById(cloudlyClientRef: CloudlyApiClient, secretGroupIdArg: string) {
const getSecretGroupByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretgroup.IReq_GetSecretGroupById>(
'getSecretGroupById'
);
const response = await getSecretGroupByIdTR.fire({
identity: cloudlyClientRef.identity,
secretGroupId: secretGroupIdArg,
});
const newSecretGroup = new SecretGroup(cloudlyClientRef);
Object.assign(newSecretGroup, response.secretGroup);
return newSecretGroup;
}
public static async getSecretGroups(cloudlyClientRef: CloudlyApiClient) {
const getSecretGroupsTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretgroup.IReq_GetSecretGroups>(
'getSecretGroups'
);
const response = await getSecretGroupsTR.fire({
identity: cloudlyClientRef.identity,
});
const secretGroups: SecretGroup[] = [];
for (const secretGroup of response.secretGroups) {
const newSecretGroup = new SecretGroup(cloudlyClientRef);
Object.assign(newSecretGroup, secretGroup);
secretGroups.push(newSecretGroup);
}
return secretGroups;
}
public static async createSecretGroup(cloudlyClientRef: CloudlyApiClient, secretGroupDataArg: Partial<plugins.servezoneInterfaces.data.ISecretGroup['data']>) {
const createSecretGroupTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretgroup.IReq_CreateSecretGroup>(
'createSecretGroup'
);
const response = await createSecretGroupTR.fire({
identity: cloudlyClientRef.identity,
secretGroup: {
id: null,
data: {
name: secretGroupDataArg.name,
description: secretGroupDataArg.description,
environments: secretGroupDataArg.environments,
key: secretGroupDataArg.key,
tags: secretGroupDataArg.tags,
priority: secretGroupDataArg.priority,
},
},
});
const newSecretGroup = new SecretGroup(cloudlyClientRef);
Object.assign(newSecretGroup, response.resultSecretGroup);
return newSecretGroup;
}
// INSTANCE
public async update() {
const updateSecretGroupTR = this.cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretgroup.IReq_UpdateSecretGroup>(
'updateSecretGroup'
);
const response = await updateSecretGroupTR.fire({
identity: this.cloudlyClientRef.identity,
secretGroup: {
id: this.id,
data: {
name: this.data.name,
description: this.data.description,
environments: this.data.environments,
key: this.data.key,
tags: this.data.tags,
priority: this.data.priority,
},
},
});
const resultSecretGroupData = response.resultSecretGroup.data;
plugins.smartexpect.expect(resultSecretGroupData).toEqual(this.data);
return this;
}
public async delete(cloudlyClientRef: CloudlyApiClient, secretGroupIdArg: string) {
const deleteSecretGroupTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.secretgroup.IReq_DeleteSecretGroupById>(
'deleteSecretGroupById'
);
const response = await deleteSecretGroupTR.fire({
identity: cloudlyClientRef.identity,
secretGroupId: this.id,
});
plugins.smartexpect.expect(response.ok).toBeTrue();
return null;
}
}
ts_apiclient/classes.secretmanager.ts
-27
View File
@@ -1,27 +0,0 @@
import * as plugins from './plugins.js';
import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
import { SecretBundle } from './classes.secretbundle.js';
import { SecretGroup } from './classes.secretgroup.js';
export class SecretManager {
// INSTANCE
cloudlyClientRef: CloudlyApiClient;
constructor(cloudlyClientRef: CloudlyApiClient) {
this.cloudlyClientRef = cloudlyClientRef;
}
public async getSecretGroupsAndBundles() {
}
/**
* The secret group has a secret bundle.
* This function essentially returns the secret bundle as a flat object.
* In other words, it resolves secret groups and
*/
public async getSecretBundleAsFlatObject(environmentArg: string = 'production') {
}
}
ts_apiclient/classes.server.ts
-7
View File
@@ -1,7 +0,0 @@
import * as plugins from './plugins.js';
export class Server {
public static getServers() {
}
}
ts_apiclient/classes.service.ts
-80
View File
@@ -1,80 +0,0 @@
import * as plugins from './plugins.js';
import type { CloudlyApiClient } from './classes.cloudlyapiclient.js';
export class Service implements plugins.servezoneInterfaces.data.IService {
public static async getServices(cloudlyClientRef: CloudlyApiClient) {
const getAllServicesTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_GetServices>(
'getServices'
);
const response = await getAllServicesTR.fire({
identity: cloudlyClientRef.identity,
});
const resultServices: Service[] = [];
for (const service of response.services) {
const newService = new Service(cloudlyClientRef);
Object.assign(newService, service);
resultServices.push(newService);
}
return resultServices;
}
public static async getServiceById(cloudlyClientRef: CloudlyApiClient, serviceIdArg: string) {
const getServiceByIdTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_GetServiceById>(
'getServiceById'
);
const response = await getServiceByIdTR.fire({
identity: cloudlyClientRef.identity,
serviceId: serviceIdArg,
});
const newService = new Service(cloudlyClientRef);
Object.assign(newService, response.service);
return newService;
}
/**
* creates a new service
*/
public static async createService(cloudlyClientRef: CloudlyApiClient, serviceDataArg: Partial<plugins.servezoneInterfaces.data.IService['data']>) {
const createServiceTR = cloudlyClientRef.typedsocketClient.createTypedRequest<plugins.servezoneInterfaces.requests.service.IRequest_Any_Cloudly_CreateService>(
'createService'
);
const response = await createServiceTR.fire({
identity: cloudlyClientRef.identity,
name: serviceDataArg.name,
description: serviceDataArg.description,
imageId: serviceDataArg.imageId,
imageVersion: serviceDataArg.imageVersion,
environment: {},
secretBundleId: null,
scaleFactor: 1,
balancingStrategy: serviceDataArg.balancingStrategy,
ports: {
web: null,
},
resources: serviceDataArg.resources,
domains: [],
});
const newService = new Service(cloudlyClientRef);
Object.assign(newService, response.service);
return newService;
}
// INSTANCE
cloudlyClientRef: CloudlyApiClient;
public id: string;
public data: plugins.servezoneInterfaces.data.IService['data'];
constructor(cloudlyClientRef: CloudlyApiClient) {
this.cloudlyClientRef = cloudlyClientRef;
}
/**
* The service has a secret bundle.
* This function essentially returns the secret bundle as a flat object.
* In other words, it resolves secret groups and
*/
public async getSecretBundleAsFlatObject(environmentArg: string = 'production') {
}
}
ts_apiclient/index.ts
-1
View File
@@ -1 +0,0 @@
export * from './classes.cloudlyapiclient.js';
ts_apiclient/plugins.ts
-35
View File
@@ -1,35 +0,0 @@
// @serve.zone scope
import * as servezoneInterfaces from '@serve.zone/interfaces';
export {
servezoneInterfaces
}
// @push.rocks scope
import * as smartexpect from '@push.rocks/smartexpect';
import * as smartpromise from '@push.rocks/smartpromise';
import * as smartrx from '@push.rocks/smartrx';
import * as webstream from '@push.rocks/smartstream/web';
export {
smartexpect,
smartpromise,
smartrx,
webstream,
}
// @api.global scope
import * as typedrequest from '@api.global/typedrequest';
import * as typedsocket from '@api.global/typedsocket';
export {
typedrequest,
typedsocket
}
// @tsclass scope
import * as tsclass from '@tsclass/tsclass';
export {
tsclass,
}
ts_apiclient/readme.md
-202
View File
@@ -1,202 +0,0 @@
# @serve.zone/api
The `@serve.zone/api` module is a robust and versatile API client, designed to facilitate seamless communication with various cloud resources managed by the Cloudly platform. This API client extends a rich set of functionalities, offering developers a comprehensive and programmable interface for interacting with their multi-cloud infrastructure.
## Install
To install the `@serve.zone/api` package, execute the following command in your terminal:
```bash
npm install @serve.zone/api --save
```
This command will download the module and add it to your project's `package.json` dependencies, allowing you to utilize its capabilities within your application.
## Usage
The `@serve.zone/api` client is tailored to handle various operations within a multi-cloud environment efficiently. Throughout this section, we will explore the different features and use-cases of this API client, aiding you in leveraging its full potential.
### Prerequisites
Before integrating `@serve.zone/api` into your project, ensure the following prerequisites are satisfied:
- You have Node.js installed on your system (preferably the latest Long-Term Support version).
- You're utilizing a TypeScript-compatible environment for development.
### Establishing an API Client Instance
The cornerstone of using `@serve.zone/api` is initializing a `CloudlyApiClient` instance. It serves as the main point of interaction, enabling communication with underlying cloud infrastructures managed by Cloudly. Here's a basic setup guide:
```typescript
import { CloudlyApiClient, TClientType } from '@serve.zone/api';
async function initializeClient() {
const client = new CloudlyApiClient({
registerAs: 'api' as TClientType,
cloudlyUrl: 'https://yourcloudly.url:443'
});
await client.start();
return client;
}
const cloudlyClient = await initializeClient();
```
The above code initializes the `CloudlyApiClient` object, connecting your application to the configured Cloudly environment.
### Authentication and Identity Management
To execute operations via the API client, authenticated access is necessary. The most prevalent method for this is obtaining an identity token using a service token:
```typescript
import { CloudlyApiClient } from '@serve.zone/api';
async function authenticate(client: CloudlyApiClient, serviceToken: string) {
const identity = await client.getIdentityByToken(serviceToken, {
tagConnection: true,
statefullIdentity: true
});
console.log(`Authenticated identity:`, identity);
return identity;
}
const serviceToken = 'your_service_token';
const identity = await authenticate(cloudlyClient, serviceToken);
```
In this function, the `getIdentityByToken` method authenticates using a service token and acquires an identity object that includes user details and security claims.
### Interacting with Cloudly Features
#### Image Management
Image management is one of the key features supported by the API Client. You can create, upload, and manage Docker images easily within your cloud ecosystem:
```typescript
async function manageImages(client: CloudlyApiClient, identity) {
// Creating a new image
const newImage = await client.images.createImage({
name: 'my_new_image',
description: 'A test image'
});
console.log(`Created image:`, newImage);
// Uploading an image version
const imageStream = fetchYourImageStreamHere(); // Provide the source image stream
await newImage.pushImageVersion('1.0.0', imageStream);
console.log('Image version uploaded successfully.');
}
await manageImages(cloudlyClient, identity);
// Helper function for obtaining image stream (implement accordingly)
function fetchYourImageStreamHere() {
// Logic to fetch and return a readable stream for your image
return new ReadableStream<Uint8Array>();
}
```
In this example, the `manageImages` function underscores the typical workflow of creating an image entry within Cloudly and then proceeding to upload a specific version using the `pushImageVersion` method.
#### Cluster Configuration
Another powerful capability is managing clusters, which allows for orchestrating and configuring Docker Swarm clusters:
```typescript
async function configureCluster(client: CloudlyApiClient, identity) {
// Fetching cluster configuration
const clusterConfig = await client.getClusterConfigFromCloudlyByIdentity(identity);
console.log(`Cluster configuration retrieved:`, clusterConfig);
}
await configureCluster(cloudlyClient, identity);
```
The `getClusterConfigFromCloudlyByIdentity` method retrieved the configuration needed to set up and manage your clusters within the multi-cloud environment.
### Advanced Communication via Typed Sockets
The API client leverages `TypedRequest` and `TypedSocket` from the `@api.global` family, enabling statically-typed, real-time communication. Here's an example demonstrating socket integration:
```typescript
async function configureSocketCommunication(client: CloudlyApiClient) {
client.configUpdateSubject.subscribe({
next: (configData) => {
console.log('Received configuration update:', configData);
}
});
client.serverActionSubject.subscribe({
next: (actionRequest) => {
console.log('Server action requested:', actionRequest);
}
});
}
configureSocketCommunication(cloudlyClient);
```
The client utilizes RxJS `Subject` to enable simple yet powerful handling of incoming socket requests, whereby one can act upon updates and actions as they occur.
### Integrating Certificates
Certificate operations, such as obtaining SSL certificates for your domains, are also streamlined using this API client:
```typescript
async function retrieveCertificate(client: CloudlyApiClient, domainName: string, identity) {
const certificate = await client.getCertificateForDomain({
domainName: domainName,
type: 'ssl',
identity: identity
});
console.log('Retrieved SSL Certificate:', certificate);
}
const yourDomain = 'example.com';
await retrieveCertificate(cloudlyClient, yourDomain, identity);
```
This example demonstrates fetching SSL certificates using given domain credentials and an authenticated identity.
### API Client Cleanup
When operations are complete and the application is shutting down, it's crucial to gracefully terminate the API client connection:
```typescript
async function cleanup(client: CloudlyApiClient) {
await client.stop();
console.log('Cloudly API client disconnected gracefully.');
}
await cleanup(cloudlyClient);
```
By invoking the `stop` method, the API client securely terminates its connection to ensure no resources are left hanging, preventing potential memory leaks.
### Miscellaneous Features
This section would be remiss without mentioning various utility functionalities such as secret management, server actions, DNS configurator options, and more, all underpinned by an intelligently designed API, enriching cloud resource interactivity.
In conclusion, by employing `@serve.zone/api`, developers gain unparalleled access to a multitude of modular functions pertinent to multi-cloud administration, significantly amplifying productivity and management effectiveness across diverse computing environments.
## License and Legal Information
This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository.
**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
### Trademarks
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.
### Company Information
Task Venture Capital GmbH
Registered at District court Bremen HRB 35230 HB, Germany
For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
ts_apiclient/tspublish.json
-17
View File
@@ -1,17 +0,0 @@
{
"order": 1,
"name": "@serve.zone/api",
"dependencies": [
"@serve.zone/interfaces",
"@push.rocks/smartpromise",
"@push.rocks/smartrx",
"@push.rocks/smartstream",
"@api.global/typedrequest",
"@api.global/typedsocket",
"@tsclass/tsclass"
],
"registries": [
"registry.npmjs.org:public",
"verdaccio.lossless.digital:public"
]
}
ts_cliclient/classes.cliclient.ts
+15
View File
@@ -0,0 +1,15 @@
import * as plugins from './plugins.js';
import { CloudlyApiClient } from '@serve.zone/api';
export class CliClient {
public cloudlyApiClient: CloudlyApiClient;
constructor(cloudlyApiClientArg: CloudlyApiClient) {
this.cloudlyApiClient = cloudlyApiClientArg;
}
public async getClusters() {
const clusters = await this.cloudlyApiClient.cluster.getClusters();
console.log(clusters);
}
}
ts_cliclient/index.ts
+28 -1
View File
@@ -1 +1,28 @@
console.log('this is the cli client.');
import * as plugins from './plugins.js';
import { CliClient } from './classes.cliclient.js';
export const runCli = async () => {
const cliQenv = new plugins.qenv.Qenv();
const cloudlyUrl = await cliQenv.getEnvVarOnDemand('CLOUDLY_URL');
const token = process.env.CLOUDLY_TOKEN;
const username = process.env.CLOUDLY_USERNAME;
const password = process.env.CLOUDLY_PASSWORD;
const apiClient = new plugins.servezoneApi.CloudlyApiClient({
registerAs: 'cli',
cloudlyUrl,
});
await apiClient.start();
if (token) {
await apiClient.getIdentityByToken(token, { tagConnection: true, statefullIdentity: true });
} else if (username && password) {
await apiClient.loginWithUsernameAndPassword(username, password);
} else {
console.log('No credentials provided. Set CLOUDLY_TOKEN or CLOUDLY_USERNAME/CLOUDLY_PASSWORD.');
}
const cliClient = new CliClient(apiClient);
// Default action example: list clusters when invoked without subcommands
await cliClient.getClusters();
};
ts_cliclient/plugins.ts
+17
View File
@@ -0,0 +1,17 @@
// @serve.zone scope
import * as servezoneApi from '@serve.zone/api';
import * as servezoneInterfaces from '@serve.zone/interfaces';
export {
servezoneApi,
servezoneInterfaces
}
// @push.rocks scope
import * as projectinfo from '@push.rocks/projectinfo';
import * as qenv from '@push.rocks/qenv';
export {
projectinfo,
qenv,
}
ts_cliclient/readme.md
+65 -222
View File
@@ -1,262 +1,105 @@
# @serve.zone/cli
A comprehensive command-line interface (CLI) tool for managing multi-cloud environments, leveraging the features of the @serve.zone/cloudly platform. This CLI is crafted to facilitate seamless interactions with complex cloud configurations and deployments, utilizing Docker Swarmkit orchestration.
`@serve.zone/cli` is the published Cloudly CLI submodule. It provides the `servezone` binary and currently acts as a thin environment-driven client for connecting to a Cloudly control plane and listing clusters through `@serve.zone/api`.
## Install
## Issue Reporting and Security
To begin using the `@serve.zone/cli` in your projects, install it via npm by running:
For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly.
```bash
npm install @serve.zone/cli --save
## Current Scope
This submodule is intentionally small in the current codebase:
- Reads `CLOUDLY_URL` through `@push.rocks/qenv`.
- Authenticates with either `CLOUDLY_TOKEN` or `CLOUDLY_USERNAME` plus `CLOUDLY_PASSWORD`.
- Starts a `CloudlyApiClient` registered as `cli`.
- Creates a `CliClient` wrapper around the API client.
- Calls `CliClient.getClusters()` and prints the result.
It is not currently a full command tree for services, secrets, deployments, logs, profiles, or shell completion. Those flows should be implemented against `@serve.zone/api` before documenting them as CLI commands.
## Installation
The package is published from `cloudly/ts_cliclient` via `tspublish.json` under the name `@serve.zone/cli` with the `servezone` binary.
```sh
pnpm add --global @serve.zone/cli
```
This command will download the package and integrate it into your project's `node_modules` directory, reflecting the dependency in your `package.json`.
For local development inside the Cloudly repository, build the parent package:
```sh
pnpm install
pnpm build
```
## Usage
The `@serve.zone/cli` is a powerful command-line tool aimed at developers and system administrators who are managing containerized applications across various cloud platforms. Through this CLI, users can interact with their cloud infrastructure efficiently, enabling and extending `Cloudlys` capabilities directly from the terminal.
Authenticate with a machine token:
### Prerequisites
Before proceeding to use the `@serve.zone/cli`, ensure your system meets the following prerequisites:
- Latest Node.js LTS version installed.
- Familiarity with basic command-line operations.
- Properly configured cloud service accounts (like Cloudflare, Hetzner), necessary for managing respective services.
### Setting Up the CLI
Begin setting up the `Cloudly` instance for CLI usage:
```typescript
// Import required modules
import { Cloudly } from '@serve.zone/cloudly';
import * as path from 'path';
// Define the configuration needed for cloud operations
const cloudlyConfig = {
cfToken: 'your-cloudflare-token',
hetznerToken: 'your-hetzner-token',
environment: 'production',
publicUrl: 'your-public-url',
};
// Instantiate and start the Cloudly instance
const cloudlyInstance = new Cloudly(cloudlyConfig);
await cloudlyInstance.start();
// Log the setup information to ensure its correct
console.log(`Cloudly is set up at ${cloudlyInstance.config.data.publicUrl}`);
```sh
CLOUDLY_URL=https://cloudly.example.com \
CLOUDLY_TOKEN=cluster-or-api-token \
servezone
```
This snippet initializes a Cloudly instance with necessary environment configuration, setting the groundwork for all subsequent CLI operations.
Authenticate with username and password:
### Core Operations with the CLI
Here's how you leverage various operational commands within the CLI feature:
#### Managing Clusters
To create, list, and delete clusters, youll require invoking the `Cloudly` class with its cluster management logic:
```typescript
// Module imports
import { Cloudly } from '@serve.zone/cloudly';
// Async function for cluster management
async function manageCluster() {
// Prepare configuration
const config = {
cfToken: 'YOUR_CLOUDFLARE_TOKEN',
hetznerToken: 'YOUR_HETZNER_TOKEN',
};
// Initialize Cloudly
const cloudlyInstance = new Cloudly(config);
await cloudlyInstance.start();
// Example: Creating a new cluster
const cluster = await cloudlyInstance.clusterManager.createCluster({
id: 'example_cluster_id',
data: {
name: 'example_cluster',
servers: [],
sshKeys: [],
}
});
// Log cluster details
console.log('Cluster created:', cluster);
}
```
With the above example, you can dynamically manage cluster configurations, ensuring your application components are effectively orchestrated across cloud environments.
#### Deploying Services
Deploying cloud-native services within your clusters can be achieved through the CLI:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
// Function to handle service deployment
async function deployService() {
const config = {
cfToken: 'YOUR_CLOUDFLARE_TOKEN',
hetznerToken: 'YOUR_HETZNER_TOKEN',
};
const cloudlyInstance = new Cloudly(config);
await cloudlyInstance.start();
// Deploy a new service to a specified cluster
const newService = {
id: 'example_service_id',
data: {
name: 'example_service',
imageId: 'example_image_id',
imageVersion: '1.0.0',
environment: {},
ports: { web: 80 }
}
};
// Store service into database and deploy
console.log('Deploying service:', newService)
await cloudlyInstance.serverManager.deployService(newService);
}
deployService();
```sh
CLOUDLY_URL=https://cloudly.example.com \
CLOUDLY_USERNAME=admin \
CLOUDLY_PASSWORD=change-me \
servezone
```
By streamlining your service deployments through CLI, you ensure reproducibility and clarity in development operations.
When `CLOUDLY_TOKEN` is present, the CLI requests a stateful identity and asks Cloudly to tag the WebSocket connection. When username/password are present instead, it uses Cloudly's admin login flow. If no credentials are provided, the CLI prints a warning before attempting the default cluster-list operation.
#### Managing Certificates
## Programmatic Use
Ensuring secure connections by managing SSL certificates is essential. The CLI aids in this through Let's Encrypt integration:
The published submodule exports the `runCli()` entry point. For automation, most callers should use `@serve.zone/api` directly; the internal `CliClient` currently wraps `CloudlyApiClient` only to run the default cluster-list action:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
```ts
import { CloudlyApiClient } from '@serve.zone/api';
import { CliClient } from './classes.cliclient.js';
// Function to acquire a certificate
async function getCertificate() {
const config = {
cfToken: 'YOUR_CLOUDFLARE_TOKEN',
hetznerToken: 'YOUR_HETZNER_TOKEN',
};
const cloudlyInstance = new Cloudly(config);
await cloudlyInstance.start();
// Fetch certificate using Let's Encrypt
const domainName = 'example.com';
const cert = await cloudlyInstance.letsencryptConnector.getCertificateForDomain(domainName);
console.log(`Obtained certificate for domain ${domainName}:`, cert);
}
getCertificate();
```
This process facilitates the automation of SSL certificates provisioning, ensuring high security in your apps.
### Automating Tasks with the CLI
Task scheduling is a feature you can utilize to automate recurring processes. Heres an example of how `@serve.zone/cli` accomplishes task scheduling:
```typescript
import { TaskBuffer } from '@push.rocks/taskbuffer';
// Schedule a task to run every day
const dailyTask = new TaskBuffer({
schedule: '0 0 * * *', // Using cron schedule
taskFunction: async () => {
console.log('Performing daily backup check...');
// Include backup logic here
},
const apiClient = new CloudlyApiClient({
registerAs: 'cli',
cloudlyUrl: 'https://cloudly.example.com',
});
// Initiate task scheduling
dailyTask.start();
await apiClient.start();
await apiClient.loginWithUsernameAndPassword('admin', 'change-me');
const cli = new CliClient(apiClient);
await cli.getClusters();
```
Scheduled tasks like periodic maintenance, data synchronization, or backups ensure you keep your cloud environment robust and reliable.
## Files
### Integrating Third-Party APIs
Expand the scope of your applications with API integrations offered via `@serve.zone/cli`:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
// Function to send notifications
async function sendNotification() {
const cloudlyConfig = {
cfToken: 'your-cloudflare-token',
hetznerToken: 'your-hetzner-token',
};
const cloudly = new Cloudly(cloudlyConfig);
await cloudly.start();
// Configure and send push notification
await cloudly.externalApiManager.sendPushMessage({
deviceToken: 'some_device_token',
message: 'Hello from Cloudly!',
});
}
sendNotification();
```
API integrations via the CLI extend Cloudlys reach, enabling comprehensive service interconnections.
### Security and Access Management
Effective identity management is possible through `@serve.zone/cli`. Manage user roles, token validations, and more:
```typescript
import { Cloudly } from '@serve.zone/cloudly';
// Configuring and verifying identity
async function authenticateUser() {
const cloudlyConfig = {
cfToken: 'your-cloudflare-token',
hetznerToken: 'your-hetzner-token',
};
const cloudly = new Cloudly(cloudlyConfig);
await cloudly.start();
// Sample user credentials
const userIdentity = {
userId: 'unique_user_id',
jwt: 'user_jwt_token',
};
// Validate identity
const isValid = cloudly.authManager.validateIdentity(userIdentity);
console.log(`Is user identity valid? ${isValid}`);
}
authenticateUser();
```
The applications of identity validation streamline operational security and enforce access controls across your systems.
These examples offer a glimpse into the vast potential of @serve.zone/cli, which combines automation, security, and flexibility for state-of-the-art cloud management. You are encouraged to build upon this documentation to harness Cloudly's full capabilities in your infrastructure and process ecosystems. Let the CLI transform your cloud management experience with precision and adaptability.
| Path | Purpose |
| --- | --- |
| `index.ts` | Runtime entry point for the published CLI. |
| `classes.cliclient.ts` | Minimal client wrapper; currently exposes `getClusters()`. |
| `plugins.ts` | Centralized imports for the submodule. |
| `tspublish.json` | Published package name, dependencies, registry targets, and `servezone` bin metadata. |
## License and Legal Information
This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository.
This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [license](../license) file.
**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
### Trademarks
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.
Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.
### Company Information
Task Venture Capital GmbH
Registered at District court Bremen HRB 35230 HB, Germany
Registered at District Court Bremen HRB 35230 HB, Germany
For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
For any legal inquiries or further information, please contact us via email at hello@task.vc.
By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
ts_cliclient/tspublish.json
+11 -3
View File
@@ -1,8 +1,16 @@
{
"name": "@serve.zone/cli",
"dependencies": [],
"dependencies": [
"@serve.zone/api",
"@serve.zone/interfaces",
"@push.rocks/projectinfo",
"@push.rocks/qenv",
"@push.rocks/smartcli"
],
"registries": [
"registry.npmjs.org:public",
"verdaccio.lossless.digital:public"
]
}
],
"bin": ["servezone"],
"order": 10
}
ts_interfaces/00_commitinfo_data.ts
-8
View File
@@ -1,8 +0,0 @@
/**
* autocreated commitinfo by @push.rocks/commitinfo
*/
export const commitinfo = {
name: '@serve.zone/interfaces',
version: '1.1.2',
description: 'interfaces for working with containers'
}
ts_interfaces/data/cloudlyconfig.ts
-16
View File
@@ -1,16 +0,0 @@
import * as plugins from '../plugins.js';
export interface ICloudlyConfig {
cfToken?: string;
hetznerToken?: string;
environment?: 'production' | 'integration';
letsEncryptEmail?: string;
letsEncryptPrivateKey?: string;
jwtKeypair?: plugins.tsclass.network.IJwtKeypair;
mongoDescriptor?: plugins.tsclass.database.IMongoDescriptor;
s3Descriptor?: plugins.tsclass.storage.IS3Descriptor;
publicUrl?: string;
publicPort?: string;
sslMode?: 'none' | 'letsencrypt' | 'external';
servezoneAdminaccount?: string;
}
ts_interfaces/data/cluster.ts
-36
View File
@@ -1,36 +0,0 @@
import * as plugins from '../plugins.js';
import { type IDockerRegistryInfo } from '../data/docker.js';
import type { IServer } from './server.js';
export interface ICluster {
id: string;
data: {
name: string;
/**
* a cluster has a machine user that governs access rights.
*/
userId: string;
/**
* how can the cluster reach cloudly
*/
cloudlyUrl?: string;
/**
* what servers are expected to be part of the cluster
*/
servers: IServer[];
/**
* ACME info. This is used to get SSL certificates.
*/
acmeInfo: {
serverAddress: string;
serverSecret: string;
};
sshKeys: plugins.tsclass.network.ISshKey[];
};
}
ts_interfaces/data/config.ts
-1
View File
@@ -1 +0,0 @@
export type TConfigType = 'server' | 'cluster' | 'coreflow' | 'service';
ts_interfaces/data/deployment.ts
-13
View File
@@ -1,13 +0,0 @@
import * as plugins from '../plugins.js';
/**
* a deployment happens when a service is deployed
* tracks the status of a deployment
*/
export interface IDeployment {
id: string;
affectedServiceIds: string[];
usedImageId: string;
deploymentLog: string[];
status: 'scheduled' | 'running' | 'deployed' | 'failed';
}
ts_interfaces/data/docker.ts
-15
View File
@@ -1,15 +0,0 @@
import * as plugins from '../plugins.js';
export interface IDockerRegistryInfo {
serveraddress: string;
username: string;
password: string;
}
export interface IServiceRessources {
cpuLimit?: number;
cpuReservation?: number;
memorySizeLimitMB?: number;
memorySizeReservationMB?: number;
volumeMounts?: plugins.tsclass.container.IVolumeMount[];
}
ts_interfaces/data/env.ts
-6
View File
@@ -1,6 +0,0 @@
export interface IEnvBundle {
environment: string;
timeSensitive: boolean;
configKeyValueObject: {[key: string]: string};
}

Some files were not shown because too many files have changed in this diff Show More