2020-04-06 01:00:33 +00:00
|
|
|
package router
|
|
|
|
|
2020-04-06 20:39:33 +00:00
|
|
|
import (
|
2020-06-13 17:54:38 +00:00
|
|
|
"github.com/apex/log"
|
2020-04-06 20:39:33 +00:00
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
)
|
2020-04-06 01:00:33 +00:00
|
|
|
|
|
|
|
// Configures the routing infrastructure for this daemon instance.
|
|
|
|
func Configure() *gin.Engine {
|
2020-06-13 17:54:38 +00:00
|
|
|
gin.SetMode("release")
|
|
|
|
|
|
|
|
router := gin.New()
|
|
|
|
|
|
|
|
router.Use(gin.Recovery())
|
2020-04-06 01:00:33 +00:00
|
|
|
router.Use(SetAccessControlHeaders)
|
2020-06-13 17:54:38 +00:00
|
|
|
// @todo log this into a different file so you can setup IP blocking for abusive requests and such.
|
|
|
|
// This should still dump requests in debug mode since it does help with understanding the request
|
|
|
|
// lifecycle and quickly seeing what was called leading to the logs. However, it isn't feasible to mix
|
|
|
|
// this output in production and still get meaningful logs from it since they'll likely just be a huge
|
|
|
|
// spamfest.
|
|
|
|
router.Use(gin.LoggerWithFormatter(func(params gin.LogFormatterParams) string {
|
|
|
|
log.WithFields(log.Fields{
|
|
|
|
"client_ip": params.ClientIP,
|
|
|
|
"status": params.StatusCode,
|
|
|
|
"latency": params.Latency,
|
|
|
|
}).Debugf("%s %s", params.MethodColor()+params.Method+params.ResetColor(), params.Path)
|
|
|
|
|
|
|
|
return ""
|
|
|
|
}))
|
2020-04-06 01:00:33 +00:00
|
|
|
|
2020-04-06 20:39:33 +00:00
|
|
|
router.OPTIONS("/api/system", func(c *gin.Context) {
|
|
|
|
c.Status(200)
|
|
|
|
})
|
|
|
|
|
2020-04-06 01:56:54 +00:00
|
|
|
// These routes use signed URLs to validate access to the resource being requested.
|
|
|
|
router.GET("/download/backup", getDownloadBackup)
|
2020-04-07 03:27:57 +00:00
|
|
|
router.GET("/download/file", getDownloadFile)
|
2020-04-06 01:56:54 +00:00
|
|
|
|
2020-04-06 20:39:33 +00:00
|
|
|
// This route is special it sits above all of the other requests because we are
|
|
|
|
// using a JWT to authorize access to it, therefore it needs to be publicly
|
2020-04-06 01:00:33 +00:00
|
|
|
// accessible.
|
2020-05-04 04:30:07 +00:00
|
|
|
router.GET("/api/servers/:server/ws", ServerExists, getServerWebsocket)
|
2020-04-06 01:00:33 +00:00
|
|
|
|
2020-04-06 20:39:33 +00:00
|
|
|
// This request is called by another daemon when a server is going to be transferred out.
|
|
|
|
// This request does not need the AuthorizationMiddleware as the panel should never call it
|
|
|
|
// and requests are authenticated through a JWT the panel issues to the other daemon.
|
2020-05-04 04:30:07 +00:00
|
|
|
router.GET("/api/servers/:server/archive", ServerExists, getServerArchive)
|
2020-04-06 20:39:33 +00:00
|
|
|
|
2020-04-06 01:00:33 +00:00
|
|
|
// All of the routes beyond this mount will use an authorization middleware
|
|
|
|
// and will not be accessible without the correct Authorization header provided.
|
|
|
|
protected := router.Use(AuthorizationMiddleware)
|
2020-04-11 23:17:46 +00:00
|
|
|
protected.POST("/api/update", postUpdateConfiguration)
|
2020-04-06 01:00:33 +00:00
|
|
|
protected.GET("/api/system", getSystemInformation)
|
|
|
|
protected.GET("/api/servers", getAllServers)
|
|
|
|
protected.POST("/api/servers", postCreateServer)
|
2020-04-06 19:49:49 +00:00
|
|
|
protected.POST("/api/transfer", postTransfer)
|
2020-04-06 01:00:33 +00:00
|
|
|
|
|
|
|
// These are server specific routes, and require that the request be authorized, and
|
|
|
|
// that the server exist on the Daemon.
|
|
|
|
server := router.Group("/api/servers/:server")
|
|
|
|
server.Use(AuthorizationMiddleware, ServerExists)
|
|
|
|
{
|
|
|
|
server.GET("", getServer)
|
|
|
|
server.PATCH("", patchServer)
|
|
|
|
server.DELETE("", deleteServer)
|
|
|
|
|
|
|
|
server.GET("/logs", getServerLogs)
|
|
|
|
server.POST("/power", postServerPower)
|
|
|
|
server.POST("/commands", postServerCommands)
|
|
|
|
server.POST("/install", postServerInstall)
|
|
|
|
server.POST("/reinstall", postServerReinstall)
|
2020-04-06 02:07:16 +00:00
|
|
|
|
2020-04-06 20:39:33 +00:00
|
|
|
// This archive request causes the archive to start being created
|
|
|
|
// this should only be triggered by the panel.
|
2020-04-06 02:07:16 +00:00
|
|
|
server.POST("/archive", postServerArchive)
|
2020-04-06 01:00:33 +00:00
|
|
|
|
|
|
|
files := server.Group("/files")
|
|
|
|
{
|
|
|
|
files.GET("/contents", getServerFileContents)
|
|
|
|
files.GET("/list-directory", getServerListDirectory)
|
2020-07-11 23:00:39 +00:00
|
|
|
files.PUT("/rename", putServerRenameFiles)
|
2020-04-06 01:00:33 +00:00
|
|
|
files.POST("/copy", postServerCopyFile)
|
|
|
|
files.POST("/write", postServerWriteFile)
|
|
|
|
files.POST("/create-directory", postServerCreateDirectory)
|
2020-07-11 22:33:53 +00:00
|
|
|
files.POST("/delete", postServerDeleteFiles)
|
2020-07-11 20:13:49 +00:00
|
|
|
files.POST("/compress", postServerCompressFiles)
|
2020-04-06 01:00:33 +00:00
|
|
|
}
|
2020-04-10 05:07:48 +00:00
|
|
|
|
|
|
|
backup := server.Group("/backup")
|
|
|
|
{
|
|
|
|
backup.POST("", postServerBackup)
|
|
|
|
backup.DELETE("/:backup", deleteServerBackup)
|
|
|
|
}
|
2020-04-06 01:00:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return router
|
2020-04-06 19:49:49 +00:00
|
|
|
}
|