From e8f10b049ebd63262e827f94a61556a393255fd2 Mon Sep 17 00:00:00 2001 From: Owen Date: Sun, 7 Dec 2025 20:04:30 -0500 Subject: [PATCH] Generate resources for remote subnets --- server/setup/migrationsPg.ts | 4 +- server/setup/scriptsPg/1.13.0.ts | 41 +++++++++++++++++++ server/setup/scriptsSqlite/1.13.0.ts | 60 ++++++++++++++++++++++++++-- 3 files changed, 100 insertions(+), 5 deletions(-) diff --git a/server/setup/migrationsPg.ts b/server/setup/migrationsPg.ts index f3b07bec..c778cca3 100644 --- a/server/setup/migrationsPg.ts +++ b/server/setup/migrationsPg.ts @@ -14,6 +14,7 @@ import m6 from "./scriptsPg/1.10.2"; import m7 from "./scriptsPg/1.11.0"; import m8 from "./scriptsPg/1.11.1"; import m9 from "./scriptsPg/1.12.0"; +import m10 from "./scriptsPg/1.13.0"; // THIS CANNOT IMPORT ANYTHING FROM THE SERVER // EXCEPT FOR THE DATABASE AND THE SCHEMA @@ -28,7 +29,8 @@ const migrations = [ { version: "1.10.2", run: m6 }, { version: "1.11.0", run: m7 }, { version: "1.11.1", run: m8 }, - { version: "1.12.0", run: m9 } + { version: "1.12.0", run: m9 }, + { version: "1.13.0", run: m10 }, // Add new migrations here as they are created ] as { version: string; diff --git a/server/setup/scriptsPg/1.13.0.ts b/server/setup/scriptsPg/1.13.0.ts index 31492765..777e3718 100644 --- a/server/setup/scriptsPg/1.13.0.ts +++ b/server/setup/scriptsPg/1.13.0.ts @@ -152,8 +152,49 @@ export default async function migration() { await db.execute(sql`ALTER TABLE "userClients" ADD CONSTRAINT "userClients_clientId_clients_clientId_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("clientId") ON DELETE cascade ON UPDATE no action;`); + // set 100.96.128.0/24 as the utility subnet on all of the orgs + await db.execute(sql`UPDATE "orgs" SET "utilitySubnet" = '100.96.128.0/24'`); + + // Query all of the sites to get their remoteSubnets + + const sitesRemoteSubnetsData = await db.execute(sql`SELECT "siteId", "remoteSubnets" FROM "sites" WHERE "remoteSubnets" IS NOT NULL + `); + const sitesRemoteSubnets = sitesRemoteSubnetsData.rows as { + siteId: number; + remoteSubnets: string | null; + }[]; + await db.execute(sql`ALTER TABLE "sites" DROP COLUMN "remoteSubnets";`); + + // get all of the siteResources and set the the aliasAddress to 100.96.128.x starting at .8 + const siteResourcesData = await db.execute(sql`SELECT "siteResourceId" FROM "siteResources" ORDER BY "siteResourceId" ASC`); + const siteResources = siteResourcesData.rows as { + siteResourceId: number; + }[]; + + let aliasIpOctet = 8; + for (const siteResource of siteResources) { + const aliasAddress = `100.96.128.${aliasIpOctet}`; + await db.execute(sql` + UPDATE "siteResources" SET "aliasAddress" = ${aliasAddress} WHERE "siteResourceId" = ${siteResource.siteResourceId} + `); + aliasIpOctet++; + } + + // For each site with remote subnets we need to create a site resource of type cidr for each remote subnet + for (const site of sitesRemoteSubnets) { + if (site.remoteSubnets) { + const subnets = site.remoteSubnets.split(","); + for (const subnet of subnets) { + await db.execute(sql` + INSERT INTO "siteResources" ("siteId", "destination", "mode", "name") + VALUES (${site.siteId}, ${subnet.trim()}, 'cidr', 'Remote Subnet'); + `); + } + } + } + // Associate clients with site resources based on their previous site access // Get all client-site associations from the renamed clientSitesAssociationsCache table const clientSiteAssociationsQuery = await db.execute(sql` diff --git a/server/setup/scriptsSqlite/1.13.0.ts b/server/setup/scriptsSqlite/1.13.0.ts index aa599f0f..d74e3ea4 100644 --- a/server/setup/scriptsSqlite/1.13.0.ts +++ b/server/setup/scriptsSqlite/1.13.0.ts @@ -252,14 +252,68 @@ export default async function migration() { `ALTER TABLE 'targetHealthCheck' ADD 'hcTlsServerName' text;` ).run(); + // set 100.96.128.0/24 as the utility subnet on all of the orgs + db.prepare( + `UPDATE 'orgs' SET 'utilitySubnet' = '100.96.128.0/24'` + ).run(); + + // Query all of the sites to get their remoteSubnets before dropping the column + const sitesRemoteSubnets = db + .prepare( + `SELECT siteId, remoteSubnets FROM 'sites' WHERE remoteSubnets IS NOT NULL` + ) + .all() as { + siteId: number; + remoteSubnets: string | null; + }[]; + db.prepare( `ALTER TABLE 'sites' DROP COLUMN 'remoteSubnets';` ).run(); + // get all of the siteResources and set the aliasAddress to 100.96.128.x starting at .8 + const siteResourcesForAlias = db + .prepare( + `SELECT siteResourceId FROM 'siteResources' ORDER BY siteResourceId ASC` + ) + .all() as { + siteResourceId: number; + }[]; + + const updateAliasAddress = db.prepare( + `UPDATE 'siteResources' SET aliasAddress = ? WHERE siteResourceId = ?` + ); + + let aliasIpOctet = 8; + for (const siteResource of siteResourcesForAlias) { + const aliasAddress = `100.96.128.${aliasIpOctet}`; + updateAliasAddress.run(aliasAddress, siteResource.siteResourceId); + aliasIpOctet++; + } + + // For each site with remote subnets we need to create a site resource of type cidr for each remote subnet + const insertCidrResource = db.prepare( + `INSERT INTO 'siteResources' ('siteId', 'destination', 'mode', 'name', 'orgId', 'niceId') + SELECT ?, ?, 'cidr', 'Remote Subnet', orgId, ? FROM 'sites' WHERE siteId = ?` + ); + + for (const site of sitesRemoteSubnets) { + if (site.remoteSubnets) { + const subnets = site.remoteSubnets.split(","); + for (const subnet of subnets) { + // Generate a unique niceId for each new site resource + let niceId = generateName(); + insertCidrResource.run(site.siteId, subnet.trim(), niceId, site.siteId); + } + } + } + // Associate clients with site resources based on their previous site access // Get all client-site associations from the renamed clientSitesAssociationsCache table const clientSiteAssociations = db - .prepare(`SELECT clientId, siteId FROM 'clientSitesAssociationsCache'`) + .prepare( + `SELECT clientId, siteId FROM 'clientSitesAssociationsCache'` + ) .all() as { clientId: number; siteId: number; @@ -292,9 +346,7 @@ export default async function migration() { // Associate existing site resources with their org's admin role const siteResourcesWithOrg = db - .prepare( - `SELECT siteResourceId, orgId FROM 'siteResources'` - ) + .prepare(`SELECT siteResourceId, orgId FROM 'siteResources'`) .all() as { siteResourceId: number; orgId: string;