harry/keystone
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

provision script updated, callback

Browse Source
This commit is contained in:
Harry (hjbdev)
2025-03-30 14:10:27 +00:00
parent 3471cf1819
commit bd8115a557
2 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
provision.sh
View File

@@ -3,6 +3,7 @@
# [!sudo_password!] - the sudo password to set
# [!server_id!] - the servers id
# [!keystonepublickey!] - keystone's public key
# [!callback!] - callback url
apt_wait() {
while fuser /var/lib/dpkg/lock >/dev/null 2>&1; do
@@ -126,4 +127,4 @@ EOF
# Callback that the server is installed
curl --insecure --data "server_id=[!server_id!]&sudo_password=[!sudo_password!] https://keystone.test/provisioning/callback/app
curl --insecure --data "server_id=[!server_id!] [!callback!]

25
routes/web.php
View File

@@ -1,9 +1,11 @@
<?php
use App\Enums\ServerStatus;
use App\Http\Controllers\ApplicationController;
use App\Http\Controllers\EnvironmentController;
use App\Http\Controllers\OrganisationController;
use App\Http\Controllers\ServerController;
use App\Models\Server;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use Inertia\Inertia;
@@ -52,10 +54,33 @@ Route::get('/provision-script', function (Request $request) {
$script = str_replace('[!sudo_password!]', $validated['sudo_password'], $script);
$script = str_replace('[!server_id!]', $validated['server_id'], $script);
$script = str_replace('[!keystonepublickey!]', $keystonePublicKey, $script);
$script = str_replace('[!callback!]', route('provision.callback'), $script);
return response($script)
->header('Content-Type', 'text/plain');
})->name('provision-script');
Route::get('/provision-callback', function (Request $request) {
$validated = $request->validate([
'server_id' => ['required', 'integer', 'exists:servers,id'],
'sudo_password' => ['required', 'string'],
]);
$server = Server::find($validated['server_id']);
if (! in_array($request->ip(), [$server->ipv4, $server->ipv6])) {
logger('someone tried to callback from an invalid IP');
logger(' server ip: ' . $server->ipv4);
logger(' server ipv6: ' . $server->ipv6);
logger(' callback ip: ' . $request->ip());
logger(' server id: ' . $server->id);
return response('Unauthorized', 401);
}
$server->update([
'status' => ServerStatus::ACTIVE,
]);
})->name('provision.callback');
require __DIR__ . '/settings.php';
require __DIR__ . '/auth.php';