calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-01-28 22:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

revert changes around sites assigned to exit nodes

Browse Source
This commit is contained in:
Owen
2025-10-21 11:11:31 -07:00
parent e77909d498
commit e447549de1
7 changed files with 24 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/db/pg/schema/schema.ts
View File

@@ -126,7 +126,7 @@ export const targets = pgTable("targets", {
pathMatchType: text("pathMatchType"), // exact, prefix, regex pathMatchType: text("pathMatchType"), // exact, prefix, regex
rewritePath: text("rewritePath"), // if set, rewrites the path to this value before sending to the target rewritePath: text("rewritePath"), // if set, rewrites the path to this value before sending to the target
rewritePathType: text("rewritePathType"), // exact, prefix, regex, stripPrefix rewritePathType: text("rewritePathType"), // exact, prefix, regex, stripPrefix
priority: integer("priority").default(100) priority: integer("priority").notNull().default(100)
}); });
export const targetHealthCheck = pgTable("targetHealthCheck", { export const targetHealthCheck = pgTable("targetHealthCheck", {

2
server/db/sqlite/schema/schema.ts
View File

@@ -138,7 +138,7 @@ export const targets = sqliteTable("targets", {
pathMatchType: text("pathMatchType"), // exact, prefix, regex pathMatchType: text("pathMatchType"), // exact, prefix, regex
rewritePath: text("rewritePath"), // if set, rewrites the path to this value before sending to the target rewritePath: text("rewritePath"), // if set, rewrites the path to this value before sending to the target
rewritePathType: text("rewritePathType"), // exact, prefix, regex, stripPrefix rewritePathType: text("rewritePathType"), // exact, prefix, regex, stripPrefix
priority: integer("priority").default(100) priority: integer("priority").notNull().default(100)
}); });
export const targetHealthCheck = sqliteTable("targetHealthCheck", { export const targetHealthCheck = sqliteTable("targetHealthCheck", {

5
server/lib/traefik/getTraefikConfig.ts
View File

@@ -88,7 +88,10 @@ export async function getTraefikConfig(
and( and(
eq(targets.enabled, true), eq(targets.enabled, true),
eq(resources.enabled, true), eq(resources.enabled, true),
eq(sites.exitNodeId, exitNodeId), or(
eq(sites.exitNodeId, exitNodeId),
and(isNull(sites.exitNodeId), eq(sites.type, "local"))
),
or( or(
ne(targetHealthCheck.hcHealth, "unhealthy"), // Exclude unhealthy targets ne(targetHealthCheck.hcHealth, "unhealthy"), // Exclude unhealthy targets
isNull(targetHealthCheck.hcHealth) // Include targets with no health check record isNull(targetHealthCheck.hcHealth) // Include targets with no health check record

11
server/private/lib/traefik/getTraefikConfig.ts
View File

@@ -40,6 +40,7 @@ import {
CertificateResult, CertificateResult,
getValidCertificatesForDomains getValidCertificatesForDomains
} from "#private/lib/certificates"; } from "#private/lib/certificates";
import { build } from "@server/build";
const redirectHttpsMiddlewareName = "redirect-to-https"; const redirectHttpsMiddlewareName = "redirect-to-https";
const redirectToRootMiddlewareName = "redirect-to-root"; const redirectToRootMiddlewareName = "redirect-to-root";
@@ -120,7 +121,15 @@ export async function getTraefikConfig(
and( and(
eq(targets.enabled, true), eq(targets.enabled, true),
eq(resources.enabled, true), eq(resources.enabled, true),
eq(sites.exitNodeId, exitNodeId), or(
eq(sites.exitNodeId, exitNodeId),
and(
build != "saas" // so it runs in enterprise
? isNull(sites.exitNodeId)
: sql`0 = 1`,
eq(sites.type, "local")
)
),
or( or(
ne(targetHealthCheck.hcHealth, "unhealthy"), // Exclude unhealthy targets ne(targetHealthCheck.hcHealth, "unhealthy"), // Exclude unhealthy targets
isNull(targetHealthCheck.hcHealth) // Include targets with no health check record isNull(targetHealthCheck.hcHealth) // Include targets with no health check record

49
server/routers/site/createSite.ts
View File

@@ -267,50 +267,10 @@ export async function createSite(
}) })
.returning(); .returning();
} else if (type == "local") { } else if (type == "local") {
let exitNodeIdToCreate = exitNodeId;
if (!exitNodeIdToCreate) {
if (build == "saas") {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Exit node ID of a remote node is required for local sites"
)
);
}
// select the exit node for local sites
// TODO: THIS SHOULD BE CHOSEN IN THE FRONTEND OR SOMETHING BECAUSE
// YOU CAN HAVE MORE THAN ONE NODE IN THE SYSTEM AND YOU SHOULD SELECT
// WHICH GERBIL NODE TO PUT THE SITE ON BUT FOR NOW THIS WILL DO
const [localExitNode] = await trx
.select()
.from(exitNodes)
.where(eq(exitNodes.type, "gerbil"))
.limit(1);
if (!localExitNode) {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"No gerbil exit node found for organization. Please create a gerbil exit node first."
)
);
}
exitNodeIdToCreate = localExitNode.exitNodeId;
} else {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Site type not recognized"
)
);
}
[newSite] = await trx [newSite] = await trx
.insert(sites) .insert(sites)
.values({ .values({
exitNodeId: exitNodeIdToCreate, exitNodeId: exitNodeId || null,
orgId, orgId,
name, name,
niceId, niceId,
@@ -321,6 +281,13 @@ export async function createSite(
subnet: "0.0.0.0/32" subnet: "0.0.0.0/32"
}) })
.returning(); .returning();
} else {
return next(
createHttpError(
HttpCode.BAD_REQUEST,
"Site type not recognized"
)
);
} }
const adminRole = await trx const adminRole = await trx

25
server/setup/scriptsPg/1.11.1.ts
View File

@@ -9,31 +9,6 @@ export default async function migration() {
try { try {
await db.execute(sql`BEGIN`); await db.execute(sql`BEGIN`);
// Get the first exit node with type 'gerbil'
const exitNodesQuery = await db.execute(
sql`SELECT * FROM "exitNodes" WHERE "type" = 'gerbil' LIMIT 1`
);
const exitNodes = exitNodesQuery.rows as {
exitNodeId: number;
}[];
const exitNodeId = exitNodes.length > 0 ? exitNodes[0].exitNodeId : null;
// Get all sites with type 'local'
const sitesQuery = await db.execute(
sql`SELECT "siteId" FROM "sites" WHERE "type" = 'local'`
);
const sites = sitesQuery.rows as {
siteId: number;
}[];
// Update sites to use the exit node
for (const site of sites) {
await db.execute(sql`
UPDATE "sites" SET "exitNode" = ${exitNodeId} WHERE "siteId" = ${site.siteId}
`);
}
await db.execute(sql`UPDATE "exitNodes" SET "online" = true`); // Mark exit nodes as online await db.execute(sql`UPDATE "exitNodes" SET "online" = true`); // Mark exit nodes as online
await db.execute(sql`COMMIT`); await db.execute(sql`COMMIT`);

26
server/setup/scriptsSqlite/1.11.1.ts
View File

@@ -11,32 +11,6 @@ export default async function migration() {
const db = new Database(location); const db = new Database(location);
db.transaction(() => { db.transaction(() => {
const exitNodes = db
.prepare(`SELECT * FROM exitNodes WHERE type = 'gerbil' LIMIT 1`)
.all() as {
exitNodeId: number;
name: string;
}[];
const exitNodeId =
exitNodes.length > 0 ? exitNodes[0].exitNodeId : null;
// get all of the targets
const sites = db
.prepare(`SELECT * FROM sites WHERE type = 'local'`)
.all() as {
siteId: number;
exitNodeId: number | null;
}[];
const defineExitNodeOnSite = db.prepare(
`UPDATE sites SET exitNode = ? WHERE siteId = ?`
);
for (const site of sites) {
defineExitNodeOnSite.run(exitNodeId, site.siteId);
}
db.prepare(`UPDATE exitNodes SET online = 1`).run(); // mark exit nodes as online db.prepare(`UPDATE exitNodes SET online = 1`).run(); // mark exit nodes as online
})(); })();