provision script updated, callback
This commit is contained in:
@@ -3,6 +3,7 @@
|
|||||||
# [!sudo_password!] - the sudo password to set
|
# [!sudo_password!] - the sudo password to set
|
||||||
# [!server_id!] - the servers id
|
# [!server_id!] - the servers id
|
||||||
# [!keystonepublickey!] - keystone's public key
|
# [!keystonepublickey!] - keystone's public key
|
||||||
|
# [!callback!] - callback url
|
||||||
|
|
||||||
apt_wait() {
|
apt_wait() {
|
||||||
while fuser /var/lib/dpkg/lock >/dev/null 2>&1; do
|
while fuser /var/lib/dpkg/lock >/dev/null 2>&1; do
|
||||||
@@ -126,4 +127,4 @@ EOF
|
|||||||
|
|
||||||
|
|
||||||
# Callback that the server is installed
|
# Callback that the server is installed
|
||||||
curl --insecure --data "server_id=[!server_id!]&sudo_password=[!sudo_password!] https://keystone.test/provisioning/callback/app
|
curl --insecure --data "server_id=[!server_id!] [!callback!]
|
||||||
@@ -1,9 +1,11 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use App\Enums\ServerStatus;
|
||||||
use App\Http\Controllers\ApplicationController;
|
use App\Http\Controllers\ApplicationController;
|
||||||
use App\Http\Controllers\EnvironmentController;
|
use App\Http\Controllers\EnvironmentController;
|
||||||
use App\Http\Controllers\OrganisationController;
|
use App\Http\Controllers\OrganisationController;
|
||||||
use App\Http\Controllers\ServerController;
|
use App\Http\Controllers\ServerController;
|
||||||
|
use App\Models\Server;
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
use Illuminate\Support\Facades\Route;
|
use Illuminate\Support\Facades\Route;
|
||||||
use Inertia\Inertia;
|
use Inertia\Inertia;
|
||||||
@@ -52,10 +54,33 @@ Route::get('/provision-script', function (Request $request) {
|
|||||||
$script = str_replace('[!sudo_password!]', $validated['sudo_password'], $script);
|
$script = str_replace('[!sudo_password!]', $validated['sudo_password'], $script);
|
||||||
$script = str_replace('[!server_id!]', $validated['server_id'], $script);
|
$script = str_replace('[!server_id!]', $validated['server_id'], $script);
|
||||||
$script = str_replace('[!keystonepublickey!]', $keystonePublicKey, $script);
|
$script = str_replace('[!keystonepublickey!]', $keystonePublicKey, $script);
|
||||||
|
$script = str_replace('[!callback!]', route('provision.callback'), $script);
|
||||||
|
|
||||||
return response($script)
|
return response($script)
|
||||||
->header('Content-Type', 'text/plain');
|
->header('Content-Type', 'text/plain');
|
||||||
})->name('provision-script');
|
})->name('provision-script');
|
||||||
|
|
||||||
|
Route::get('/provision-callback', function (Request $request) {
|
||||||
|
$validated = $request->validate([
|
||||||
|
'server_id' => ['required', 'integer', 'exists:servers,id'],
|
||||||
|
'sudo_password' => ['required', 'string'],
|
||||||
|
]);
|
||||||
|
|
||||||
|
$server = Server::find($validated['server_id']);
|
||||||
|
|
||||||
|
if (! in_array($request->ip(), [$server->ipv4, $server->ipv6])) {
|
||||||
|
logger('someone tried to callback from an invalid IP');
|
||||||
|
logger(' server ip: ' . $server->ipv4);
|
||||||
|
logger(' server ipv6: ' . $server->ipv6);
|
||||||
|
logger(' callback ip: ' . $request->ip());
|
||||||
|
logger(' server id: ' . $server->id);
|
||||||
|
return response('Unauthorized', 401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$server->update([
|
||||||
|
'status' => ServerStatus::ACTIVE,
|
||||||
|
]);
|
||||||
|
})->name('provision.callback');
|
||||||
|
|
||||||
require __DIR__ . '/settings.php';
|
require __DIR__ . '/settings.php';
|
||||||
require __DIR__ . '/auth.php';
|
require __DIR__ . '/auth.php';
|
||||||
|
|||||||
Reference in New Issue
Block a user