allow store upload, + upload UIs for store and config
This commit is contained in:
parent
b6fa941fcc
commit
c338522b33
@ -5,10 +5,13 @@ import (
|
|||||||
"bytes"
|
"bytes"
|
||||||
"io"
|
"io"
|
||||||
"io/fs"
|
"io/fs"
|
||||||
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
|
"path/filepath"
|
||||||
|
|
||||||
restful "github.com/emicklei/go-restful"
|
restful "github.com/emicklei/go-restful"
|
||||||
|
"m.cluseau.fr/go/httperr"
|
||||||
)
|
)
|
||||||
|
|
||||||
func wsUnlockStore(req *restful.Request, resp *restful.Response) {
|
func wsUnlockStore(req *restful.Request, resp *restful.Response) {
|
||||||
@ -96,3 +99,68 @@ func wsStoreDownload(req *restful.Request, resp *restful.Response) {
|
|||||||
|
|
||||||
buf.WriteTo(resp)
|
buf.WriteTo(resp)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func wsStoreUpload(req *restful.Request, resp *restful.Response) {
|
||||||
|
if !secStore.IsNew() {
|
||||||
|
wsError(resp, httperr.BadRequest("store is not new"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
buf := new(bytes.Buffer)
|
||||||
|
|
||||||
|
_, err := io.Copy(buf, req.Request.Body)
|
||||||
|
if err != nil {
|
||||||
|
wsError(resp, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
arch := tar.NewReader(buf)
|
||||||
|
|
||||||
|
root := secStoreRoot()
|
||||||
|
|
||||||
|
for {
|
||||||
|
hdr, err := arch.Next()
|
||||||
|
if err == io.EOF {
|
||||||
|
err = nil
|
||||||
|
break
|
||||||
|
} else if err != nil {
|
||||||
|
wsError(resp, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Print(hdr.Name)
|
||||||
|
|
||||||
|
fullPath := filepath.Join(root, hdr.Name)
|
||||||
|
|
||||||
|
switch {
|
||||||
|
case hdr.FileInfo().IsDir():
|
||||||
|
err = os.MkdirAll(fullPath, 0700)
|
||||||
|
if err != nil {
|
||||||
|
wsError(resp, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
default:
|
||||||
|
content, err := io.ReadAll(io.LimitReader(arch, hdr.Size))
|
||||||
|
if err != nil {
|
||||||
|
wsError(resp, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
err = os.WriteFile(fullPath, content, 0600)
|
||||||
|
if err != nil {
|
||||||
|
wsError(resp, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
wsError(resp, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
openSecretStore()
|
||||||
|
|
||||||
|
resp.WriteEntity(map[string]any{"ok": true})
|
||||||
|
}
|
||||||
|
@ -34,6 +34,9 @@ func registerWS(rest *restful.Container) {
|
|||||||
Produces(mime.TAR).
|
Produces(mime.TAR).
|
||||||
Param(ws.QueryParameter("token", "the download token")).
|
Param(ws.QueryParameter("token", "the download token")).
|
||||||
Doc("Fetch the encrypted store")).
|
Doc("Fetch the encrypted store")).
|
||||||
|
Route(ws.POST("/store.tar").To(wsStoreUpload).
|
||||||
|
Consumes(mime.TAR).
|
||||||
|
Doc("Upload an existing store")).
|
||||||
Route(ws.GET("/downloads/{token}/{asset}").To(wsDownload).
|
Route(ws.GET("/downloads/{token}/{asset}").To(wsDownload).
|
||||||
Param(ws.PathParameter("token", "the download token")).
|
Param(ws.PathParameter("token", "the download token")).
|
||||||
Param(ws.PathParameter("asset", "the requested asset")).
|
Param(ws.PathParameter("asset", "the requested asset")).
|
||||||
|
@ -39,15 +39,21 @@
|
|||||||
</template>
|
</template>
|
||||||
<template v-else-if="publicState.Store.New">
|
<template v-else-if="publicState.Store.New">
|
||||||
<p>Store is new.</p>
|
<p>Store is new.</p>
|
||||||
<form @submit="unlockStore" action="/public/unlock-store">
|
<p>Option 1: initialize a new store</p>
|
||||||
|
<form @submit="unlockStore">
|
||||||
<input type="password" v-model="forms.store.pass1" name="passphrase" required />
|
<input type="password" v-model="forms.store.pass1" name="passphrase" required />
|
||||||
<input type="password" v-model="forms.store.pass2" required />
|
<input type="password" v-model="forms.store.pass2" required />
|
||||||
<input type="submit" value="initialize" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
|
<input type="submit" value="initialize" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
|
||||||
</form>
|
</form>
|
||||||
|
<p>Option 2: upload a previously downloaded store</p>
|
||||||
|
<form @submit="uploadStore">
|
||||||
|
<input type="file" ref="storeUpload" />
|
||||||
|
<input type="submit" value="upload" />
|
||||||
|
</form>
|
||||||
</template>
|
</template>
|
||||||
<template v-else-if="!publicState.Store.Open">
|
<template v-else-if="!publicState.Store.Open">
|
||||||
<p>Store is not open.</p>
|
<p>Store is not open.</p>
|
||||||
<form @submit="unlockStore" action="/public/unlock-store">
|
<form @submit="unlockStore">
|
||||||
<input type="password" name="passphrase" v-model="forms.store.pass1" required />
|
<input type="password" name="passphrase" v-model="forms.store.pass1" required />
|
||||||
<input type="submit" value="unlock" :disabled="!forms.store.pass1" />
|
<input type="submit" value="unlock" :disabled="!forms.store.pass1" />
|
||||||
</form>
|
</form>
|
||||||
@ -70,6 +76,10 @@
|
|||||||
<input type="password" v-model="forms.store.pass2" autocomplete="new-password" required />
|
<input type="password" v-model="forms.store.pass2" autocomplete="new-password" required />
|
||||||
<input type="submit" value="add unlock phrase" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
|
<input type="submit" value="add unlock phrase" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
|
||||||
</form>
|
</form>
|
||||||
|
<form @submit="uploadConfig">
|
||||||
|
<input type="file" ref="configUpload" required />
|
||||||
|
<input type="submit" value="upload config" />
|
||||||
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div v-if="state.Clusters" id="clusters">
|
<div v-if="state.Clusters" id="clusters">
|
||||||
|
@ -10,6 +10,7 @@ createApp({
|
|||||||
return {
|
return {
|
||||||
forms: {
|
forms: {
|
||||||
store: { },
|
store: { },
|
||||||
|
storeUpload: {},
|
||||||
},
|
},
|
||||||
session: {},
|
session: {},
|
||||||
error: null,
|
error: null,
|
||||||
@ -60,6 +61,12 @@ createApp({
|
|||||||
this.session.token = this.forms.setToken
|
this.session.token = this.forms.setToken
|
||||||
this.forms.setToken = null
|
this.forms.setToken = null
|
||||||
},
|
},
|
||||||
|
uploadStore() {
|
||||||
|
event.preventDefault()
|
||||||
|
this.apiPost('/public/store.tar', this.$refs.storeUpload.files[0], (v) => {
|
||||||
|
this.forms.store = {}
|
||||||
|
}, "application/tar")
|
||||||
|
},
|
||||||
storeAddKey() {
|
storeAddKey() {
|
||||||
this.apiPost('/store/add-key', this.forms.store.pass1, (v) => {
|
this.apiPost('/store/add-key', this.forms.store.pass1, (v) => {
|
||||||
this.forms.store = {}
|
this.forms.store = {}
|
||||||
@ -78,7 +85,11 @@ createApp({
|
|||||||
}
|
}
|
||||||
})
|
})
|
||||||
},
|
},
|
||||||
apiPost(action, data, onload) {
|
uploadConfig() {
|
||||||
|
event.preventDefault()
|
||||||
|
this.apiPost('/configs', this.$refs.configUpload.files[0], (v) => {}, "text/vnd.yaml")
|
||||||
|
},
|
||||||
|
apiPost(action, data, onload, contentType = 'application/json') {
|
||||||
event.preventDefault()
|
event.preventDefault()
|
||||||
|
|
||||||
if (data === undefined) {
|
if (data === undefined) {
|
||||||
@ -97,7 +108,7 @@ createApp({
|
|||||||
var xhr = new XMLHttpRequest()
|
var xhr = new XMLHttpRequest()
|
||||||
|
|
||||||
xhr.responseType = 'json'
|
xhr.responseType = 'json'
|
||||||
// TODO spinner, pending aciton notification, or something
|
// TODO spinner, pending action notification, or something
|
||||||
xhr.onerror = () => {
|
xhr.onerror = () => {
|
||||||
// this.actionResults.splice(idx, 1, {...item, done: true, failed: true })
|
// this.actionResults.splice(idx, 1, {...item, done: true, failed: true })
|
||||||
}
|
}
|
||||||
@ -115,11 +126,16 @@ createApp({
|
|||||||
|
|
||||||
xhr.open("POST", action)
|
xhr.open("POST", action)
|
||||||
xhr.setRequestHeader('Accept', 'application/json')
|
xhr.setRequestHeader('Accept', 'application/json')
|
||||||
xhr.setRequestHeader('Content-Type', 'application/json')
|
xhr.setRequestHeader('Content-Type', contentType)
|
||||||
if (this.session.token) {
|
if (this.session.token) {
|
||||||
xhr.setRequestHeader('Authorization', 'Bearer '+this.session.token)
|
xhr.setRequestHeader('Authorization', 'Bearer '+this.session.token)
|
||||||
}
|
}
|
||||||
xhr.send(JSON.stringify(data))
|
|
||||||
|
if (contentType == "application/json") {
|
||||||
|
xhr.send(JSON.stringify(data))
|
||||||
|
} else {
|
||||||
|
xhr.send(data)
|
||||||
|
}
|
||||||
},
|
},
|
||||||
download(url) {
|
download(url) {
|
||||||
event.target.target = '_blank'
|
event.target.target = '_blank'
|
||||||
|
Loading…
Reference in New Issue
Block a user