Update logic for server transfer controller

This commit is contained in:
Dane Everitt 2020-12-24 10:10:40 -08:00
parent 6c61577699
commit 2ee08a1a3d
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
6 changed files with 178 additions and 131 deletions

View file

@ -3,20 +3,19 @@
namespace Pterodactyl\Http\Controllers\Api\Remote\Servers; namespace Pterodactyl\Http\Controllers\Api\Remote\Servers;
use Cake\Chronos\Chronos; use Cake\Chronos\Chronos;
use Lcobucci\JWT\Builder; use Illuminate\Support\Arr;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Lcobucci\JWT\Signer\Key;
use Psr\Log\LoggerInterface;
use Illuminate\Http\Response; use Illuminate\Http\Response;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Lcobucci\JWT\Signer\Hmac\Sha256; use Pterodactyl\Models\Allocation;
use Illuminate\Support\Facades\Log;
use Pterodactyl\Models\ServerTransfer;
use Illuminate\Database\ConnectionInterface; use Illuminate\Database\ConnectionInterface;
use Pterodactyl\Http\Controllers\Controller; use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Repositories\Eloquent\NodeRepository; use Pterodactyl\Services\Nodes\NodeJWTService;
use Pterodactyl\Repositories\Eloquent\ServerRepository; use Pterodactyl\Repositories\Eloquent\ServerRepository;
use Pterodactyl\Repositories\Wings\DaemonServerRepository; use Pterodactyl\Repositories\Wings\DaemonServerRepository;
use Pterodactyl\Repositories\Wings\DaemonTransferRepository; use Pterodactyl\Repositories\Wings\DaemonTransferRepository;
use Pterodactyl\Contracts\Repository\AllocationRepositoryInterface;
use Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException; use Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException;
use Pterodactyl\Services\Servers\ServerConfigurationStructureService; use Pterodactyl\Services\Servers\ServerConfigurationStructureService;
@ -32,16 +31,6 @@ class ServerTransferController extends Controller
*/ */
private $repository; private $repository;
/**
* @var \Pterodactyl\Contracts\Repository\AllocationRepositoryInterface
*/
private $allocationRepository;
/**
* @var \Pterodactyl\Repositories\Eloquent\NodeRepository
*/
private $nodeRepository;
/** /**
* @var \Pterodactyl\Repositories\Wings\DaemonServerRepository * @var \Pterodactyl\Repositories\Wings\DaemonServerRepository
*/ */
@ -58,40 +47,34 @@ class ServerTransferController extends Controller
private $configurationStructureService; private $configurationStructureService;
/** /**
* @var \Psr\Log\LoggerInterface * @var \Pterodactyl\Services\Nodes\NodeJWTService
*/ */
private $writer; private $jwtService;
/** /**
* ServerTransferController constructor. * ServerTransferController constructor.
* *
* @param \Illuminate\Database\ConnectionInterface $connection * @param \Illuminate\Database\ConnectionInterface $connection
* @param \Pterodactyl\Repositories\Eloquent\ServerRepository $repository * @param \Pterodactyl\Repositories\Eloquent\ServerRepository $repository
* @param \Pterodactyl\Contracts\Repository\AllocationRepositoryInterface $allocationRepository
* @param \Pterodactyl\Repositories\Eloquent\NodeRepository $nodeRepository
* @param \Pterodactyl\Repositories\Wings\DaemonServerRepository $daemonServerRepository * @param \Pterodactyl\Repositories\Wings\DaemonServerRepository $daemonServerRepository
* @param \Pterodactyl\Repositories\Wings\DaemonTransferRepository $daemonTransferRepository * @param \Pterodactyl\Repositories\Wings\DaemonTransferRepository $daemonTransferRepository
* @param \Pterodactyl\Services\Servers\ServerConfigurationStructureService $configurationStructureService * @param \Pterodactyl\Services\Servers\ServerConfigurationStructureService $configurationStructureService
* @param \Psr\Log\LoggerInterface $writer * @param \Pterodactyl\Services\Nodes\NodeJWTService $jwtService
*/ */
public function __construct( public function __construct(
ConnectionInterface $connection, ConnectionInterface $connection,
ServerRepository $repository, ServerRepository $repository,
AllocationRepositoryInterface $allocationRepository,
NodeRepository $nodeRepository,
DaemonServerRepository $daemonServerRepository, DaemonServerRepository $daemonServerRepository,
DaemonTransferRepository $daemonTransferRepository, DaemonTransferRepository $daemonTransferRepository,
ServerConfigurationStructureService $configurationStructureService, ServerConfigurationStructureService $configurationStructureService,
LoggerInterface $writer NodeJWTService $jwtService
) { ) {
$this->connection = $connection; $this->connection = $connection;
$this->repository = $repository; $this->repository = $repository;
$this->allocationRepository = $allocationRepository;
$this->nodeRepository = $nodeRepository;
$this->daemonServerRepository = $daemonServerRepository; $this->daemonServerRepository = $daemonServerRepository;
$this->daemonTransferRepository = $daemonTransferRepository; $this->daemonTransferRepository = $daemonTransferRepository;
$this->configurationStructureService = $configurationStructureService; $this->configurationStructureService = $configurationStructureService;
$this->writer = $writer; $this->jwtService = $jwtService;
} }
/** /**
@ -101,7 +84,6 @@ class ServerTransferController extends Controller
* @param string $uuid * @param string $uuid
* @return \Illuminate\Http\JsonResponse * @return \Illuminate\Http\JsonResponse
* *
* @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
* @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException * @throws \Pterodactyl\Exceptions\Repository\RecordNotFoundException
* @throws \Throwable * @throws \Throwable
*/ */
@ -111,62 +93,43 @@ class ServerTransferController extends Controller
// Unsuspend the server and don't continue the transfer. // Unsuspend the server and don't continue the transfer.
if (! $request->input('successful')) { if (! $request->input('successful')) {
$transfer = $server->transfer; return $this->processFailedTransfer($server->transfer);
$transfer->successful = false;
$transfer->saveOrFail();
$allocationIds = json_decode($transfer->new_additional_allocations);
array_push($allocationIds, $transfer->new_allocation);
// Release the reserved allocations.
$this->allocationRepository->updateWhereIn('id', $allocationIds, ['server_id' => null]);
return new JsonResponse([], Response::HTTP_NO_CONTENT);
} }
$server->node_id = $server->transfer->new_node; // We want to generate a new configuration using the new node_id value from the
// transfer, and not the old node value.
$data = $this->configurationStructureService->handle($server); $data = $this->configurationStructureService->handle($server, [
$data['suspended'] = false; 'node_id' => $server->transfer->new_node,
$data['service']['skip_scripts'] = true; ]);
$allocations = $server->getAllocationMappings(); $allocations = $server->getAllocationMappings();
$data['allocations']['default']['ip'] = array_key_first($allocations); $primary = array_key_first($allocations);
$data['allocations']['default']['port'] = $allocations[$data['allocations']['default']['ip']][0]; Arr::set($data, 'allocations.default.ip', $primary);
Arr::set($data, 'allocations.default.port', $allocations[$primary][0]);
Arr::set($data, 'service.skip_scripts', true);
Arr::set($data, 'suspended', false);
$now = Chronos::now(); $this->connection->transaction(function () use ($data, $server) {
$signer = new Sha256; // This token is used by the new node the server is being transfered to. It allows
// that node to communicate with the old node during the process to initiate the
$token = (new Builder)->issuedBy(config('app.url')) // actual file transfer.
->permittedFor($server->node->getConnectionAddress()) $token = $this->jwtService
->identifiedBy(hash('sha256', $server->uuid), true) ->setExpiresAt(Chronos::now()->addMinutes(15))
->issuedAt($now->getTimestamp()) ->setSubject($server->uuid)
->canOnlyBeUsedAfter($now->getTimestamp()) ->handle($server->node, $server->uuid, 'sha256');
->expiresAt($now->addMinutes(15)->getTimestamp())
->relatedTo($server->uuid, true)
->getToken($signer, new Key($server->node->getDecryptedKey()));
// Update the archived field on the transfer to make clients connect to the websocket // Update the archived field on the transfer to make clients connect to the websocket
// on the new node to be able to receive transfer logs. // on the new node to be able to receive transfer logs.
$server->transfer->forceFill([ $server->transfer->forceFill(['archived' => true])->saveOrFail();
'archived' => true,
])->saveOrFail();
// On the daemon transfer repository, make sure to set the node after the server // On the daemon transfer repository, make sure to set the node after the server
// because setServer() tells the repository to use the server's node and not the one // because setServer() tells the repository to use the server's node and not the one
// we want to specify. // we want to specify.
try {
/** @var \Pterodactyl\Models\Node $newNode */
$newNode = $this->nodeRepository->find($server->transfer->new_node);
$this->daemonTransferRepository $this->daemonTransferRepository
->setServer($server) ->setServer($server)
->setNode($newNode) ->setNode($server->transfer->newNode)
->notify($server, $data, $server->node, $token->__toString()); ->notify($server, $data, $server->node, $token->__toString());
} catch (DaemonConnectionException $exception) { });
throw $exception;
}
return new JsonResponse([], Response::HTTP_NO_CONTENT); return new JsonResponse([], Response::HTTP_NO_CONTENT);
} }
@ -182,25 +145,8 @@ class ServerTransferController extends Controller
public function failure(string $uuid) public function failure(string $uuid)
{ {
$server = $this->repository->getByUuid($uuid); $server = $this->repository->getByUuid($uuid);
$transfer = $server->transfer;
$allocationIds = json_decode($transfer->new_additional_allocations); return $this->processFailedTransfer($server->transfer);
array_push($allocationIds, $transfer->new_allocation);
// Begin a transaction.
$this->connection->beginTransaction();
// Mark the transfer as unsuccessful.
$transfer->successful = false;
$transfer->saveOrFail();
// Remove the new allocations.
$this->allocationRepository->updateWhereIn('id', $allocationIds, ['server_id' => null]);
// Commit the transaction.
$this->connection->commit();
return new JsonResponse([], Response::HTTP_NO_CONTENT);
} }
/** /**
@ -216,34 +162,63 @@ class ServerTransferController extends Controller
$server = $this->repository->getByUuid($uuid); $server = $this->repository->getByUuid($uuid);
$transfer = $server->transfer; $transfer = $server->transfer;
$allocationIds = json_decode($transfer->old_additional_allocations); /** @var \Pterodactyl\Models\Server $server */
array_push($allocationIds, $transfer->old_allocation); $server = $this->connection->transaction(function () use ($server, $transfer) {
$allocations = [$transfer->old_allocation];
if (! empty($transfer->old_additional_allocations)) {
array_push($allocations, $transfer->old_additional_allocations);
}
// Begin a transaction. // Remove the old allocations for the server and re-assign the server to the new
$this->connection->beginTransaction(); // primary allocation and node.
Allocation::query()->whereIn('id', $allocations)->update(['server_id' => null]);
$server->update([
'allocation_id' => $transfer->new_allocation,
'node_id' => $transfer->new_node,
]);
// Remove the old allocations. $server = $server->fresh();
$this->allocationRepository->updateWhereIn('id', $allocationIds, ['server_id' => null]); $server->transfer->update(['successful' => true]);
// Update the server's allocation_id and node_id. return $server;
$server->allocation_id = $transfer->new_allocation; });
$server->node_id = $transfer->new_node;
$server->saveOrFail();
// Mark the transfer as successful. // Delete the server from the old node making sure to point it to the old node so
$transfer->successful = true; // that we do not delete it from the new node the server was transfered to.
$transfer->saveOrFail();
// Commit the transaction.
$this->connection->commit();
// Delete the server from the old node
try { try {
$this->daemonServerRepository->setServer($server)->delete(); $this->daemonServerRepository
->setServer($server)
->setNode($transfer->oldNode)
->delete();
} catch (DaemonConnectionException $exception) { } catch (DaemonConnectionException $exception) {
$this->writer->warning($exception); Log::warning($exception, ['transfer_id' => $server->transfer->id]);
} }
return new JsonResponse([], Response::HTTP_NO_CONTENT); return new JsonResponse([], Response::HTTP_NO_CONTENT);
} }
/**
* Release all of the reserved allocations for this transfer and mark it as failed in
* the database.
*
* @param \Pterodactyl\Models\ServerTransfer $transfer
* @return \Illuminate\Http\JsonResponse
*
* @throws \Throwable
*/
protected function processFailedTransfer(ServerTransfer $transfer)
{
$this->connection->transaction(function () use (&$transfer) {
$transfer->forceFill(['successful' => false])->saveOrFail();
$allocations = [$transfer->new_allocation];
if (! empty($transfer->new_additional_allocations)) {
array_push($allocations, $transfer->new_additional_allocations);
}
Allocation::query()->whereIn('id', $allocations)->update(['server_id' => null]);
});
return new JsonResponse([], Response::HTTP_NO_CONTENT);
}
} }

View file

@ -9,8 +9,8 @@ namespace Pterodactyl\Models;
* @property int $new_node * @property int $new_node
* @property int $old_allocation * @property int $old_allocation
* @property int $new_allocation * @property int $new_allocation
* @property string $old_additional_allocations * @property array|null $old_additional_allocations
* @property string $new_additional_allocations * @property array|null $new_additional_allocations
* @property bool|null $successful * @property bool|null $successful
* @property bool $archived * @property bool $archived
* @property \Carbon\Carbon $created_at * @property \Carbon\Carbon $created_at
@ -53,8 +53,8 @@ class ServerTransfer extends Model
'new_node' => 'int', 'new_node' => 'int',
'old_allocation' => 'int', 'old_allocation' => 'int',
'new_allocation' => 'int', 'new_allocation' => 'int',
'old_additional_allocations' => 'string', 'old_additional_allocations' => 'array',
'new_additional_allocations' => 'string', 'new_additional_allocations' => 'array',
'successful' => 'bool', 'successful' => 'bool',
'archived' => 'bool', 'archived' => 'bool',
]; ];
@ -68,8 +68,10 @@ class ServerTransfer extends Model
'new_node' => 'required|numeric', 'new_node' => 'required|numeric',
'old_allocation' => 'required|numeric', 'old_allocation' => 'required|numeric',
'new_allocation' => 'required|numeric', 'new_allocation' => 'required|numeric',
'old_additional_allocations' => 'nullable', 'old_additional_allocations' => 'nullable|array',
'new_additional_allocations' => 'nullable', 'old_additional_allocations.*' => 'numeric',
'new_additional_allocations' => 'nullable|array',
'new_additional_allocations.*' => 'numeric',
'successful' => 'sometimes|nullable|boolean', 'successful' => 'sometimes|nullable|boolean',
]; ];

View file

@ -102,7 +102,7 @@ class EggConfigurationService
{ {
// Get the legacy configuration structure for the server so that we // Get the legacy configuration structure for the server so that we
// can property map the egg placeholders to values. // can property map the egg placeholders to values.
$structure = $this->configurationStructureService->handle($server, true); $structure = $this->configurationStructureService->handle($server, [], true);
$response = []; $response = [];
// Normalize the output of the configuration for the new Wings Daemon to more // Normalize the output of the configuration for the new Wings Daemon to more

View file

@ -22,6 +22,11 @@ class NodeJWTService
*/ */
private $expiresAt; private $expiresAt;
/**
* @var string|null
*/
private $subject;
/** /**
* Set the claims to include in this JWT. * Set the claims to include in this JWT.
* *
@ -35,6 +40,10 @@ class NodeJWTService
return $this; return $this;
} }
/**
* @param \DateTimeInterface $date
* @return $this
*/
public function setExpiresAt(DateTimeInterface $date) public function setExpiresAt(DateTimeInterface $date)
{ {
$this->expiresAt = $date->getTimestamp(); $this->expiresAt = $date->getTimestamp();
@ -42,20 +51,32 @@ class NodeJWTService
return $this; return $this;
} }
/**
* @param string $subject
* @return $this
*/
public function setSubject(string $subject)
{
$this->subject = $subject;
return $this;
}
/** /**
* Generate a new JWT for a given node. * Generate a new JWT for a given node.
* *
* @param \Pterodactyl\Models\Node $node * @param \Pterodactyl\Models\Node $node
* @param string|null $identifiedBy * @param string|null $identifiedBy
* @param string $algo
* @return \Lcobucci\JWT\Token * @return \Lcobucci\JWT\Token
*/ */
public function handle(Node $node, string $identifiedBy) public function handle(Node $node, string $identifiedBy, string $algo = 'md5')
{ {
$signer = new Sha256; $signer = new Sha256;
$builder = (new Builder)->issuedBy(config('app.url')) $builder = (new Builder)->issuedBy(config('app.url'))
->permittedFor($node->getConnectionAddress()) ->permittedFor($node->getConnectionAddress())
->identifiedBy(md5($identifiedBy), true) ->identifiedBy(hash($algo, $identifiedBy), true)
->issuedAt(CarbonImmutable::now()->getTimestamp()) ->issuedAt(CarbonImmutable::now()->getTimestamp())
->canOnlyBeUsedAfter(CarbonImmutable::now()->subMinutes(5)->getTimestamp()); ->canOnlyBeUsedAfter(CarbonImmutable::now()->subMinutes(5)->getTimestamp());
@ -63,6 +84,10 @@ class NodeJWTService
$builder = $builder->expiresAt($this->expiresAt); $builder = $builder->expiresAt($this->expiresAt);
} }
if (!empty($this->subject)) {
$builder = $builder->relatedTo($this->subject, true);
}
foreach ($this->claims as $key => $value) { foreach ($this->claims as $key => $value) {
$builder = $builder->withClaim($key, $value); $builder = $builder->withClaim($key, $value);
} }

View file

@ -29,14 +29,25 @@ class ServerConfigurationStructureService
* daemon, if you modify the structure eggs will break unexpectedly. * daemon, if you modify the structure eggs will break unexpectedly.
* *
* @param \Pterodactyl\Models\Server $server * @param \Pterodactyl\Models\Server $server
* @param array $override
* @param bool $legacy deprecated * @param bool $legacy deprecated
* @return array * @return array
*/ */
public function handle(Server $server, bool $legacy = false): array public function handle(Server $server, array $override = [], bool $legacy = false): array
{ {
return $legacy ? $clone = $server;
$this->returnLegacyFormat($server) // If any overrides have been set on this call make sure to update them on the
: $this->returnCurrentFormat($server); // cloned instance so that the configuration generated uses them.
if (!empty($override)) {
$clone = $server->fresh();
foreach ($override as $key => $value) {
$clone->setAttribute($key, $value);
}
}
return $legacy
? $this->returnLegacyFormat($clone)
: $this->returnCurrentFormat($clone);
} }
/** /**

View file

@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class MakeAllocationFieldsJson extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::table('server_transfers', function (Blueprint $table) {
$table->json('old_additional_allocations')->nullable()->change();
$table->json('new_additional_allocations')->nullable()->change();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::table('server_transfers', function (Blueprint $table) {
$table->string('old_additional_allocations')->nullable()->change();
$table->string('new_additional_allocations')->nullable()->change();
});
}
}