2019-04-06 05:20:26 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2019-04-07 00:32:35 +00:00
|
|
|
"bufio"
|
2019-04-06 05:20:26 +00:00
|
|
|
"encoding/json"
|
|
|
|
"fmt"
|
2019-04-07 23:28:01 +00:00
|
|
|
"github.com/googollee/go-socket.io"
|
2019-04-06 05:20:26 +00:00
|
|
|
"github.com/julienschmidt/httprouter"
|
|
|
|
"github.com/pterodactyl/wings/server"
|
2019-04-06 05:55:48 +00:00
|
|
|
"go.uber.org/zap"
|
|
|
|
"io"
|
2019-04-06 05:20:26 +00:00
|
|
|
"net/http"
|
2019-04-06 05:55:48 +00:00
|
|
|
"os"
|
2019-04-06 19:27:44 +00:00
|
|
|
"strconv"
|
2019-04-06 17:49:31 +00:00
|
|
|
"strings"
|
2019-04-06 05:20:26 +00:00
|
|
|
)
|
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
type ServerCollection []*server.Server
|
|
|
|
|
|
|
|
// Retrieves a server out of the collection by UUID.
|
|
|
|
func (sc *ServerCollection) Get(uuid string) *server.Server {
|
|
|
|
for _, s := range *sc {
|
|
|
|
if s.Uuid == uuid {
|
|
|
|
return s
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-04-06 05:20:26 +00:00
|
|
|
type Router struct {
|
2019-04-06 05:34:53 +00:00
|
|
|
Servers ServerCollection
|
2019-04-06 17:49:31 +00:00
|
|
|
|
2019-04-07 23:28:01 +00:00
|
|
|
Socketio *socketio.Server
|
|
|
|
|
2019-04-06 17:49:31 +00:00
|
|
|
// The authentication token defined in the config.yml file that allows
|
|
|
|
// a request to perform any action aganist the daemon.
|
|
|
|
token string
|
2019-04-06 05:20:26 +00:00
|
|
|
}
|
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
// Middleware to protect server specific routes. This will ensure that the server exists and
|
|
|
|
// is in a state that allows it to be exposed to the API.
|
|
|
|
func (rt *Router) AuthenticateServer(h httprouter.Handle) httprouter.Handle {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
if rt.Servers.Get(ps.ByName("server")) != nil {
|
|
|
|
h(w, r, ps)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
http.NotFound(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-06 17:49:31 +00:00
|
|
|
// Authenticates the request token aganist the given permission string, ensuring that
|
|
|
|
// if it is a server permission, the token has control over that server. If it is a global
|
|
|
|
// token, this will ensure that the request is using a properly signed global token.
|
|
|
|
func (rt *Router) AuthenticateToken(permission string, h httprouter.Handle) httprouter.Handle {
|
|
|
|
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
t := strings.Split(permission, ":")[0]
|
|
|
|
|
|
|
|
auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2)
|
|
|
|
if len(auth) != 2 || auth[0] != "Bearer" {
|
|
|
|
w.Header().Set("WWW-Authenticate", "Bearer")
|
|
|
|
http.Error(w, "authorization failed", http.StatusUnauthorized)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if t != "i" && t != "s" {
|
|
|
|
zap.S().Warnw("could not match a permission string", zap.String("permission", permission), zap.String("route", r.URL.String()))
|
|
|
|
|
|
|
|
// If for whatever reason we didn't match a permission string just
|
|
|
|
// return a 404. This should only ever happen because of developer error.
|
|
|
|
http.NotFound(w, r)
|
|
|
|
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Try to match the request aganist the global token for the Daemon, regardless
|
|
|
|
// of the permission type. If nothing is matched we will fall through to the Panel
|
|
|
|
// API to try and validate permissions for a server.
|
|
|
|
if t == "s" || t == "i" {
|
|
|
|
if auth[1] == rt.token {
|
|
|
|
h(w, r, ps)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
http.Error(w, "not implemented", http.StatusNotImplemented)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
// Returns the basic Wings index page without anything else.
|
|
|
|
func (rt *Router) routeIndex(w http.ResponseWriter, _ *http.Request, _ httprouter.Params) {
|
2019-04-06 05:20:26 +00:00
|
|
|
fmt.Fprint(w, "Welcome!\n")
|
|
|
|
}
|
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
// Returns all of the servers that exist on the Daemon. This route is only accessible to
|
|
|
|
// requests that include an administrative control key, otherwise a 404 is returned. This
|
|
|
|
// authentication is handled by a middleware.
|
|
|
|
func (rt *Router) routeAllServers(w http.ResponseWriter, _ *http.Request, _ httprouter.Params) {
|
|
|
|
json.NewEncoder(w).Encode(rt.Servers)
|
2019-04-06 05:20:26 +00:00
|
|
|
}
|
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
// Returns basic information about a single server found on the Daemon.
|
|
|
|
func (rt *Router) routeServer(w http.ResponseWriter, _ *http.Request, ps httprouter.Params) {
|
|
|
|
s := rt.Servers.Get(ps.ByName("server"))
|
2019-04-06 05:20:26 +00:00
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
json.NewEncoder(w).Encode(s)
|
|
|
|
}
|
|
|
|
|
2019-04-06 05:55:48 +00:00
|
|
|
type PowerActionRequest struct {
|
|
|
|
Action string `json:"action"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func (pr *PowerActionRequest) IsValid() bool {
|
|
|
|
return pr.Action == "start" || pr.Action == "stop" || pr.Action == "kill" || pr.Action == "restart"
|
|
|
|
}
|
|
|
|
|
|
|
|
// Handles a request to control the power state of a server. If the action being passed
|
|
|
|
// through is invalid a 404 is returned. Otherwise, a HTTP/202 Accepted response is returned
|
|
|
|
// and the actual power action is run asynchronously so that we don't have to block the
|
|
|
|
// request until a potentially slow operation completes.
|
|
|
|
//
|
|
|
|
// This is done because for the most part the Panel is using websockets to determine when
|
|
|
|
// things are happening, so theres no reason to sit and wait for a request to finish. We'll
|
|
|
|
// just see over the socket if something isn't working correctly.
|
|
|
|
func (rt *Router) routeServerPower(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
s := rt.Servers.Get(ps.ByName("server"))
|
|
|
|
defer r.Body.Close()
|
|
|
|
|
|
|
|
dec := json.NewDecoder(r.Body)
|
|
|
|
var action PowerActionRequest
|
|
|
|
|
|
|
|
if err := dec.Decode(&action); err != nil {
|
|
|
|
// Don't flood the logs with error messages if someone sends through bad
|
|
|
|
// JSON data. We don't really care.
|
2019-04-06 05:57:39 +00:00
|
|
|
if err != io.EOF && err != io.ErrUnexpectedEOF {
|
2019-04-06 05:55:48 +00:00
|
|
|
zap.S().Errorw("failed to decode power action", zap.Error(err))
|
|
|
|
}
|
|
|
|
|
|
|
|
http.Error(w, "could not parse power action from request", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if !action.IsValid() {
|
|
|
|
http.NotFound(w, r)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Pass the actual heavy processing off to a seperate thread to handle so that
|
|
|
|
// we can immediately return a response from the server.
|
|
|
|
go func(a string, s *server.Server) {
|
|
|
|
switch a {
|
|
|
|
case "start":
|
|
|
|
if err := s.Environment().Start(); err != nil {
|
|
|
|
zap.S().Error(err, zap.String("server", s.Uuid), zap.String("action", "start"))
|
|
|
|
}
|
|
|
|
break
|
|
|
|
case "stop":
|
|
|
|
if err := s.Environment().Stop(); err != nil {
|
|
|
|
zap.S().Error(err, zap.String("server", s.Uuid), zap.String("action", "stop"))
|
|
|
|
}
|
|
|
|
break
|
|
|
|
case "restart":
|
|
|
|
break
|
|
|
|
case "kill":
|
|
|
|
if err := s.Environment().Terminate(os.Kill); err != nil {
|
|
|
|
zap.S().Error(err, zap.String("server", s.Uuid), zap.String("action", "kill"))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}(action.Action, s)
|
|
|
|
|
|
|
|
w.WriteHeader(http.StatusAccepted)
|
|
|
|
}
|
|
|
|
|
2019-04-06 19:27:44 +00:00
|
|
|
// Return the last 1Kb of the server log file.
|
|
|
|
func (rt *Router) routeServerLogs(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
s := rt.Servers.Get(ps.ByName("server"))
|
|
|
|
|
|
|
|
l, _ := strconv.ParseInt(r.URL.Query().Get("size"), 10, 64)
|
|
|
|
if l <= 0 {
|
|
|
|
l = 2048
|
|
|
|
}
|
|
|
|
|
|
|
|
out, err := s.ReadLogfile(l)
|
|
|
|
if err != nil {
|
|
|
|
zap.S().Errorw("failed to read server log file", zap.Error(err))
|
|
|
|
http.Error(w, "failed to read log", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
json.NewEncoder(w).Encode(struct{Data []string `json:"data"`}{Data: out })
|
|
|
|
}
|
|
|
|
|
2019-04-07 00:32:35 +00:00
|
|
|
// Handle a request to get the contents of a file on the server.
|
|
|
|
func (rt *Router) routeServerFileRead(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
s := rt.Servers.Get(ps.ByName("server"))
|
|
|
|
|
|
|
|
cleaned, err := s.Filesystem().SafePath(ps.ByName("path"))
|
|
|
|
if err != nil {
|
|
|
|
http.Error(w, "could not determine path", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
st, err := os.Stat(cleaned)
|
|
|
|
if err != nil {
|
|
|
|
if !os.IsNotExist(err) {
|
|
|
|
zap.S().Errorw("failed to stat file for reading", zap.String("path", ps.ByName("path")), zap.String("server", s.Uuid), zap.Error(err))
|
|
|
|
}
|
|
|
|
|
|
|
|
http.Error(w, "failed to stat file", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
f, err := os.OpenFile(cleaned, os.O_RDONLY, 0)
|
|
|
|
if err != nil {
|
|
|
|
if !os.IsNotExist(err) {
|
|
|
|
zap.S().Errorw("failed to open file for reading", zap.String("path", ps.ByName("path")), zap.String("server", s.Uuid), zap.Error(err))
|
|
|
|
}
|
|
|
|
|
|
|
|
http.Error(w, "failed to open file", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
|
|
|
|
// If a download parameter is included in the URL go ahead and attach the necessary headers
|
|
|
|
// so that the file can be downloaded.
|
|
|
|
if r.URL.Query().Get("download") != "" {
|
|
|
|
w.Header().Set("Content-Disposition", "attachment; filename=" + st.Name())
|
|
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
w.Header().Set("Content-Length", strconv.Itoa(int(st.Size())))
|
|
|
|
}
|
|
|
|
|
|
|
|
bufio.NewReader(f).WriteTo(w)
|
|
|
|
}
|
|
|
|
|
2019-04-07 21:45:23 +00:00
|
|
|
// Lists the contents of a directory.
|
|
|
|
func (rt *Router) routeServerFileList(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
s := rt.Servers.Get(ps.ByName("server"))
|
|
|
|
|
|
|
|
stats, err := s.Filesystem().ListDirectory(ps.ByName("path"))
|
|
|
|
if os.IsNotExist(err) {
|
|
|
|
http.NotFound(w, r)
|
|
|
|
return
|
|
|
|
} else if err != nil {
|
|
|
|
zap.S().Errorw("failed to list contents of directory", zap.String("server", s.Uuid), zap.String("path", ps.ByName("path")), zap.Error(err))
|
|
|
|
|
|
|
|
http.Error(w, "failed to list directory", http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
json.NewEncoder(w).Encode(stats)
|
|
|
|
}
|
|
|
|
|
2019-04-06 17:49:31 +00:00
|
|
|
// Configures the router and all of the associated routes.
|
2019-04-06 05:34:53 +00:00
|
|
|
func (rt *Router) ConfigureRouter() *httprouter.Router {
|
|
|
|
router := httprouter.New()
|
2019-04-06 05:20:26 +00:00
|
|
|
|
2019-04-06 05:34:53 +00:00
|
|
|
router.GET("/", rt.routeIndex)
|
2019-04-06 17:49:31 +00:00
|
|
|
router.GET("/api/servers", rt.AuthenticateToken("i:servers", rt.routeAllServers))
|
|
|
|
router.GET("/api/servers/:server", rt.AuthenticateToken("s:view", rt.AuthenticateServer(rt.routeServer)))
|
2019-04-06 19:27:44 +00:00
|
|
|
router.GET("/api/servers/:server/logs", rt.AuthenticateToken("s:logs", rt.AuthenticateServer(rt.routeServerLogs)))
|
2019-04-07 21:45:23 +00:00
|
|
|
router.GET("/api/servers/:server/files/read/*path", rt.AuthenticateToken("s:files", rt.AuthenticateServer(rt.routeServerFileRead)))
|
|
|
|
router.GET("/api/servers/:server/files/list/*path", rt.AuthenticateToken("s:files", rt.AuthenticateServer(rt.routeServerFileList)))
|
2019-04-06 19:27:44 +00:00
|
|
|
|
2019-04-06 17:49:31 +00:00
|
|
|
router.POST("/api/servers/:server/power", rt.AuthenticateToken("s:power", rt.AuthenticateServer(rt.routeServerPower)))
|
2019-04-06 05:20:26 +00:00
|
|
|
|
2019-04-07 23:58:56 +00:00
|
|
|
router.Handler("GET", "/socket.io/", rt.Socketio)
|
2019-04-07 23:28:01 +00:00
|
|
|
|
2019-04-06 05:20:26 +00:00
|
|
|
return router
|
2019-04-06 05:55:48 +00:00
|
|
|
}
|