allow store upload, + upload UIs for store and config
This commit is contained in:
parent
b6fa941fcc
commit
c338522b33
@ -5,10 +5,13 @@ import (
|
||||
"bytes"
|
||||
"io"
|
||||
"io/fs"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
"path/filepath"
|
||||
|
||||
restful "github.com/emicklei/go-restful"
|
||||
"m.cluseau.fr/go/httperr"
|
||||
)
|
||||
|
||||
func wsUnlockStore(req *restful.Request, resp *restful.Response) {
|
||||
@ -96,3 +99,68 @@ func wsStoreDownload(req *restful.Request, resp *restful.Response) {
|
||||
|
||||
buf.WriteTo(resp)
|
||||
}
|
||||
|
||||
func wsStoreUpload(req *restful.Request, resp *restful.Response) {
|
||||
if !secStore.IsNew() {
|
||||
wsError(resp, httperr.BadRequest("store is not new"))
|
||||
return
|
||||
}
|
||||
|
||||
buf := new(bytes.Buffer)
|
||||
|
||||
_, err := io.Copy(buf, req.Request.Body)
|
||||
if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
|
||||
arch := tar.NewReader(buf)
|
||||
|
||||
root := secStoreRoot()
|
||||
|
||||
for {
|
||||
hdr, err := arch.Next()
|
||||
if err == io.EOF {
|
||||
err = nil
|
||||
break
|
||||
} else if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
|
||||
log.Print(hdr.Name)
|
||||
|
||||
fullPath := filepath.Join(root, hdr.Name)
|
||||
|
||||
switch {
|
||||
case hdr.FileInfo().IsDir():
|
||||
err = os.MkdirAll(fullPath, 0700)
|
||||
if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
|
||||
default:
|
||||
content, err := io.ReadAll(io.LimitReader(arch, hdr.Size))
|
||||
if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
|
||||
err = os.WriteFile(fullPath, content, 0600)
|
||||
if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
|
||||
openSecretStore()
|
||||
|
||||
resp.WriteEntity(map[string]any{"ok": true})
|
||||
}
|
||||
|
@ -34,6 +34,9 @@ func registerWS(rest *restful.Container) {
|
||||
Produces(mime.TAR).
|
||||
Param(ws.QueryParameter("token", "the download token")).
|
||||
Doc("Fetch the encrypted store")).
|
||||
Route(ws.POST("/store.tar").To(wsStoreUpload).
|
||||
Consumes(mime.TAR).
|
||||
Doc("Upload an existing store")).
|
||||
Route(ws.GET("/downloads/{token}/{asset}").To(wsDownload).
|
||||
Param(ws.PathParameter("token", "the download token")).
|
||||
Param(ws.PathParameter("asset", "the requested asset")).
|
||||
|
@ -39,15 +39,21 @@
|
||||
</template>
|
||||
<template v-else-if="publicState.Store.New">
|
||||
<p>Store is new.</p>
|
||||
<form @submit="unlockStore" action="/public/unlock-store">
|
||||
<p>Option 1: initialize a new store</p>
|
||||
<form @submit="unlockStore">
|
||||
<input type="password" v-model="forms.store.pass1" name="passphrase" required />
|
||||
<input type="password" v-model="forms.store.pass2" required />
|
||||
<input type="submit" value="initialize" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
|
||||
</form>
|
||||
<p>Option 2: upload a previously downloaded store</p>
|
||||
<form @submit="uploadStore">
|
||||
<input type="file" ref="storeUpload" />
|
||||
<input type="submit" value="upload" />
|
||||
</form>
|
||||
</template>
|
||||
<template v-else-if="!publicState.Store.Open">
|
||||
<p>Store is not open.</p>
|
||||
<form @submit="unlockStore" action="/public/unlock-store">
|
||||
<form @submit="unlockStore">
|
||||
<input type="password" name="passphrase" v-model="forms.store.pass1" required />
|
||||
<input type="submit" value="unlock" :disabled="!forms.store.pass1" />
|
||||
</form>
|
||||
@ -70,6 +76,10 @@
|
||||
<input type="password" v-model="forms.store.pass2" autocomplete="new-password" required />
|
||||
<input type="submit" value="add unlock phrase" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
|
||||
</form>
|
||||
<form @submit="uploadConfig">
|
||||
<input type="file" ref="configUpload" required />
|
||||
<input type="submit" value="upload config" />
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<div v-if="state.Clusters" id="clusters">
|
||||
|
@ -10,6 +10,7 @@ createApp({
|
||||
return {
|
||||
forms: {
|
||||
store: { },
|
||||
storeUpload: {},
|
||||
},
|
||||
session: {},
|
||||
error: null,
|
||||
@ -60,6 +61,12 @@ createApp({
|
||||
this.session.token = this.forms.setToken
|
||||
this.forms.setToken = null
|
||||
},
|
||||
uploadStore() {
|
||||
event.preventDefault()
|
||||
this.apiPost('/public/store.tar', this.$refs.storeUpload.files[0], (v) => {
|
||||
this.forms.store = {}
|
||||
}, "application/tar")
|
||||
},
|
||||
storeAddKey() {
|
||||
this.apiPost('/store/add-key', this.forms.store.pass1, (v) => {
|
||||
this.forms.store = {}
|
||||
@ -78,7 +85,11 @@ createApp({
|
||||
}
|
||||
})
|
||||
},
|
||||
apiPost(action, data, onload) {
|
||||
uploadConfig() {
|
||||
event.preventDefault()
|
||||
this.apiPost('/configs', this.$refs.configUpload.files[0], (v) => {}, "text/vnd.yaml")
|
||||
},
|
||||
apiPost(action, data, onload, contentType = 'application/json') {
|
||||
event.preventDefault()
|
||||
|
||||
if (data === undefined) {
|
||||
@ -97,7 +108,7 @@ createApp({
|
||||
var xhr = new XMLHttpRequest()
|
||||
|
||||
xhr.responseType = 'json'
|
||||
// TODO spinner, pending aciton notification, or something
|
||||
// TODO spinner, pending action notification, or something
|
||||
xhr.onerror = () => {
|
||||
// this.actionResults.splice(idx, 1, {...item, done: true, failed: true })
|
||||
}
|
||||
@ -115,11 +126,16 @@ createApp({
|
||||
|
||||
xhr.open("POST", action)
|
||||
xhr.setRequestHeader('Accept', 'application/json')
|
||||
xhr.setRequestHeader('Content-Type', 'application/json')
|
||||
xhr.setRequestHeader('Content-Type', contentType)
|
||||
if (this.session.token) {
|
||||
xhr.setRequestHeader('Authorization', 'Bearer '+this.session.token)
|
||||
}
|
||||
|
||||
if (contentType == "application/json") {
|
||||
xhr.send(JSON.stringify(data))
|
||||
} else {
|
||||
xhr.send(data)
|
||||
}
|
||||
},
|
||||
download(url) {
|
||||
event.target.target = '_blank'
|
||||
|
Loading…
Reference in New Issue
Block a user