mirror of
https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git
synced 2025-10-31 02:37:56 +00:00
Compare commits
6 Commits
v2.4.0-RC4
...
v2.4.0
| Author | SHA1 | Date | |
|---|---|---|---|
|
24b022fa60 | ||
|
|
88922786ff | ||
|
|
4510cd034f | ||
|
|
af5774ce36 | ||
|
|
2573b8cd4f | ||
|
|
9c5b18a536 |
@@ -53,10 +53,12 @@ RUN cmake ..
|
|||||||
RUN make
|
RUN make
|
||||||
RUN make install
|
RUN make install
|
||||||
|
|
||||||
|
|
||||||
ADD CMakeLists.txt build /owsec/
|
ADD CMakeLists.txt build /owsec/
|
||||||
ADD cmake /owsec/cmake
|
ADD cmake /owsec/cmake
|
||||||
ADD src /owsec/src
|
ADD src /owsec/src
|
||||||
ADD .git /owgw/.git
|
ADD .git /owsec/.git
|
||||||
|
|
||||||
|
|
||||||
WORKDIR /owsec
|
WORKDIR /owsec
|
||||||
RUN mkdir cmake-build
|
RUN mkdir cmake-build
|
||||||
@@ -76,7 +78,7 @@ RUN addgroup -S "$OWSEC_USER" && \
|
|||||||
RUN mkdir /openwifi
|
RUN mkdir /openwifi
|
||||||
RUN mkdir -p "$OWSEC_ROOT" "$OWSEC_CONFIG" && \
|
RUN mkdir -p "$OWSEC_ROOT" "$OWSEC_CONFIG" && \
|
||||||
chown "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG"
|
chown "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG"
|
||||||
RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates libcurl curl-dev bash jq curl
|
RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates libcurl curl-dev bash jq curl postgresql-client
|
||||||
COPY --from=builder /owsec/cmake-build/owsec /openwifi/owsec
|
COPY --from=builder /owsec/cmake-build/owsec /openwifi/owsec
|
||||||
COPY --from=builder /cppkafka/cmake-build/src/lib/* /lib/
|
COPY --from=builder /cppkafka/cmake-build/src/lib/* /lib/
|
||||||
COPY --from=builder /poco/cmake-build/lib/* /lib/
|
COPY --from=builder /poco/cmake-build/lib/* /lib/
|
||||||
@@ -88,6 +90,7 @@ COPY owsec.properties.tmpl /
|
|||||||
COPY wwwassets /dist/wwwassets
|
COPY wwwassets /dist/wwwassets
|
||||||
COPY templates /dist/templates
|
COPY templates /dist/templates
|
||||||
COPY docker-entrypoint.sh /
|
COPY docker-entrypoint.sh /
|
||||||
|
COPY wait-for-postgres.sh /
|
||||||
RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \
|
RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \
|
||||||
-O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem
|
-O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem
|
||||||
|
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ fullnameOverride: ""
|
|||||||
images:
|
images:
|
||||||
owsec:
|
owsec:
|
||||||
repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owsec
|
repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owsec
|
||||||
tag: v2.4.0-RC4
|
tag: v2.4.0
|
||||||
pullPolicy: Always
|
pullPolicy: Always
|
||||||
# regcred:
|
# regcred:
|
||||||
# registry: tip-tip-wlan-cloud-ucentral.jfrog.io
|
# registry: tip-tip-wlan-cloud-ucentral.jfrog.io
|
||||||
|
|||||||
@@ -2395,10 +2395,10 @@ namespace OpenWifi {
|
|||||||
Poco::Logger & L, RESTAPI_GenericServer & S);
|
Poco::Logger & L, RESTAPI_GenericServer & S);
|
||||||
|
|
||||||
|
|
||||||
class RESTAPI_server : public SubSystemServer {
|
class RESTAPI_ExtServer : public SubSystemServer {
|
||||||
public:
|
public:
|
||||||
static RESTAPI_server *instance() {
|
static RESTAPI_ExtServer *instance() {
|
||||||
static RESTAPI_server *instance_ = new RESTAPI_server;
|
static RESTAPI_ExtServer *instance_ = new RESTAPI_ExtServer;
|
||||||
return instance_;
|
return instance_;
|
||||||
}
|
}
|
||||||
int Start() override;
|
int Start() override;
|
||||||
@@ -2412,7 +2412,7 @@ namespace OpenWifi {
|
|||||||
|
|
||||||
inline void reinitialize(Poco::Util::Application &self) override;
|
inline void reinitialize(Poco::Util::Application &self) override;
|
||||||
|
|
||||||
inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path) {
|
inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path, uint64_t Id) {
|
||||||
RESTAPIHandler::BindingMap Bindings;
|
RESTAPIHandler::BindingMap Bindings;
|
||||||
return RESTAPI_external_server(Path, Bindings, Logger_, Server_);
|
return RESTAPI_external_server(Path, Bindings, Logger_, Server_);
|
||||||
}
|
}
|
||||||
@@ -2422,19 +2422,19 @@ namespace OpenWifi {
|
|||||||
Poco::ThreadPool Pool_;
|
Poco::ThreadPool Pool_;
|
||||||
RESTAPI_GenericServer Server_;
|
RESTAPI_GenericServer Server_;
|
||||||
|
|
||||||
RESTAPI_server() noexcept:
|
RESTAPI_ExtServer() noexcept:
|
||||||
SubSystemServer("RESTAPIServer", "RESTAPIServer", "openwifi.restapi")
|
SubSystemServer("RESTAPIServer", "RESTAPIServer", "openwifi.restapi")
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
inline RESTAPI_server * RESTAPI_server() { return RESTAPI_server::instance(); };
|
inline RESTAPI_ExtServer * RESTAPI_ExtServer() { return RESTAPI_ExtServer::instance(); };
|
||||||
|
|
||||||
class RequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
|
class ExtRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
|
||||||
public:
|
public:
|
||||||
RequestHandlerFactory(RESTAPI_GenericServer & Server) :
|
explicit ExtRequestHandlerFactory(RESTAPI_GenericServer & Server) :
|
||||||
Logger_(RESTAPI_server::instance()->Logger()),
|
Logger_(RESTAPI_ExtServer::instance()->Logger()),
|
||||||
Server_(Server)
|
Server_(Server)
|
||||||
{
|
{
|
||||||
|
|
||||||
}
|
}
|
||||||
@@ -2442,15 +2442,16 @@ namespace OpenWifi {
|
|||||||
inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
|
inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
|
||||||
Poco::URI uri(Request.getURI());
|
Poco::URI uri(Request.getURI());
|
||||||
auto *Path = uri.getPath().c_str();
|
auto *Path = uri.getPath().c_str();
|
||||||
return RESTAPI_server()->CallServer(Path);
|
return RESTAPI_ExtServer()->CallServer(Path, TransactionId_++);
|
||||||
}
|
}
|
||||||
|
|
||||||
private:
|
private:
|
||||||
Poco::Logger &Logger_;
|
static inline std::atomic_uint64_t TransactionId_ = 1;
|
||||||
RESTAPI_GenericServer &Server_;
|
Poco::Logger &Logger_;
|
||||||
|
RESTAPI_GenericServer &Server_;
|
||||||
};
|
};
|
||||||
|
|
||||||
inline int RESTAPI_server::Start() {
|
inline int RESTAPI_ExtServer::Start() {
|
||||||
Logger_.information("Starting.");
|
Logger_.information("Starting.");
|
||||||
Server_.InitLogging();
|
Server_.InitLogging();
|
||||||
|
|
||||||
@@ -2469,7 +2470,7 @@ namespace OpenWifi {
|
|||||||
Params->setMaxQueued(200);
|
Params->setMaxQueued(200);
|
||||||
Params->setKeepAlive(true);
|
Params->setKeepAlive(true);
|
||||||
|
|
||||||
auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new RequestHandlerFactory(Server_), Pool_, Sock, Params);
|
auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new ExtRequestHandlerFactory(Server_), Pool_, Sock, Params);
|
||||||
NewServer->start();
|
NewServer->start();
|
||||||
RESTServers_.push_back(std::move(NewServer));
|
RESTServers_.push_back(std::move(NewServer));
|
||||||
}
|
}
|
||||||
@@ -2477,11 +2478,11 @@ namespace OpenWifi {
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
class RESTAPI_InternalServer : public SubSystemServer {
|
class RESTAPI_IntServer : public SubSystemServer {
|
||||||
|
|
||||||
public:
|
public:
|
||||||
static RESTAPI_InternalServer *instance() {
|
static RESTAPI_IntServer *instance() {
|
||||||
static RESTAPI_InternalServer *instance_ = new RESTAPI_InternalServer;
|
static RESTAPI_IntServer *instance_ = new RESTAPI_IntServer;
|
||||||
return instance_;
|
return instance_;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2490,12 +2491,13 @@ namespace OpenWifi {
|
|||||||
Logger_.information("Stopping ");
|
Logger_.information("Stopping ");
|
||||||
for( const auto & svr : RESTServers_ )
|
for( const auto & svr : RESTServers_ )
|
||||||
svr->stop();
|
svr->stop();
|
||||||
Pool_.stopAll();
|
Pool_.joinAll();
|
||||||
|
RESTServers_.clear();
|
||||||
}
|
}
|
||||||
|
|
||||||
inline void reinitialize(Poco::Util::Application &self) override;
|
inline void reinitialize(Poco::Util::Application &self) override;
|
||||||
|
|
||||||
inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path) {
|
inline Poco::Net::HTTPRequestHandler *CallServer(const char *Path, uint64_t Id) {
|
||||||
RESTAPIHandler::BindingMap Bindings;
|
RESTAPIHandler::BindingMap Bindings;
|
||||||
return RESTAPI_internal_server(Path, Bindings, Logger_, Server_);
|
return RESTAPI_internal_server(Path, Bindings, Logger_, Server_);
|
||||||
}
|
}
|
||||||
@@ -2504,30 +2506,31 @@ namespace OpenWifi {
|
|||||||
Poco::ThreadPool Pool_;
|
Poco::ThreadPool Pool_;
|
||||||
RESTAPI_GenericServer Server_;
|
RESTAPI_GenericServer Server_;
|
||||||
|
|
||||||
RESTAPI_InternalServer() noexcept: SubSystemServer("RESTAPIInternalServer", "REST-ISRV", "openwifi.internal.restapi")
|
RESTAPI_IntServer() noexcept: SubSystemServer("RESTAPIInternalServer", "REST-ISRV", "openwifi.internal.restapi")
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
inline RESTAPI_InternalServer * RESTAPI_InternalServer() { return RESTAPI_InternalServer::instance(); };
|
inline RESTAPI_IntServer * RESTAPI_IntServer() { return RESTAPI_IntServer::instance(); };
|
||||||
|
|
||||||
class InternalRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
|
class IntRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
|
||||||
public:
|
public:
|
||||||
InternalRequestHandlerFactory(RESTAPI_GenericServer & Server) :
|
explicit IntRequestHandlerFactory(RESTAPI_GenericServer & Server) :
|
||||||
Logger_(RESTAPI_InternalServer()->Logger()),
|
Logger_(RESTAPI_IntServer()->Logger()),
|
||||||
Server_(Server){}
|
Server_(Server){}
|
||||||
|
|
||||||
inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
|
inline Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &Request) override {
|
||||||
Poco::URI uri(Request.getURI());
|
Poco::URI uri(Request.getURI());
|
||||||
auto *Path = uri.getPath().c_str();
|
auto *Path = uri.getPath().c_str();
|
||||||
return RESTAPI_InternalServer()->CallServer(Path);
|
return RESTAPI_IntServer()->CallServer(Path, TransactionId_++);
|
||||||
}
|
}
|
||||||
private:
|
private:
|
||||||
|
static inline std::atomic_uint64_t TransactionId_ = 1;
|
||||||
Poco::Logger & Logger_;
|
Poco::Logger & Logger_;
|
||||||
RESTAPI_GenericServer & Server_;
|
RESTAPI_GenericServer & Server_;
|
||||||
};
|
};
|
||||||
|
|
||||||
inline int RESTAPI_InternalServer::Start() {
|
inline int RESTAPI_IntServer::Start() {
|
||||||
Logger_.information("Starting.");
|
Logger_.information("Starting.");
|
||||||
Server_.InitLogging();
|
Server_.InitLogging();
|
||||||
|
|
||||||
@@ -2545,7 +2548,7 @@ namespace OpenWifi {
|
|||||||
Params->setMaxQueued(200);
|
Params->setMaxQueued(200);
|
||||||
Params->setKeepAlive(true);
|
Params->setKeepAlive(true);
|
||||||
|
|
||||||
auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new InternalRequestHandlerFactory(Server_), Pool_, Sock, Params);
|
auto NewServer = std::make_unique<Poco::Net::HTTPServer>(new IntRequestHandlerFactory(Server_), Pool_, Sock, Params);
|
||||||
NewServer->start();
|
NewServer->start();
|
||||||
RESTServers_.push_back(std::move(NewServer));
|
RESTServers_.push_back(std::move(NewServer));
|
||||||
}
|
}
|
||||||
@@ -2826,8 +2829,8 @@ namespace OpenWifi {
|
|||||||
// add the default services
|
// add the default services
|
||||||
SubSystems_.push_back(KafkaManager());
|
SubSystems_.push_back(KafkaManager());
|
||||||
SubSystems_.push_back(ALBHealthCheckServer());
|
SubSystems_.push_back(ALBHealthCheckServer());
|
||||||
SubSystems_.push_back(RESTAPI_server());
|
SubSystems_.push_back(RESTAPI_ExtServer());
|
||||||
SubSystems_.push_back(RESTAPI_InternalServer());
|
SubSystems_.push_back(RESTAPI_IntServer());
|
||||||
|
|
||||||
Poco::Net::initializeSSL();
|
Poco::Net::initializeSSL();
|
||||||
Poco::Net::HTTPStreamFactory::registerFactory();
|
Poco::Net::HTTPStreamFactory::registerFactory();
|
||||||
@@ -3397,14 +3400,14 @@ namespace OpenWifi {
|
|||||||
Consumer.unsubscribe();
|
Consumer.unsubscribe();
|
||||||
}
|
}
|
||||||
|
|
||||||
inline void RESTAPI_server::reinitialize(Poco::Util::Application &self) {
|
inline void RESTAPI_ExtServer::reinitialize(Poco::Util::Application &self) {
|
||||||
MicroService::instance().LoadConfigurationFile();
|
MicroService::instance().LoadConfigurationFile();
|
||||||
Logger_.information("Reinitializing.");
|
Logger_.information("Reinitializing.");
|
||||||
Stop();
|
Stop();
|
||||||
Start();
|
Start();
|
||||||
}
|
}
|
||||||
|
|
||||||
void RESTAPI_InternalServer::reinitialize(Poco::Util::Application &self) {
|
void RESTAPI_IntServer::reinitialize(Poco::Util::Application &self) {
|
||||||
MicroService::instance().LoadConfigurationFile();
|
MicroService::instance().LoadConfigurationFile();
|
||||||
Logger_.information("Reinitializing.");
|
Logger_.information("Reinitializing.");
|
||||||
Stop();
|
Stop();
|
||||||
@@ -3728,7 +3731,7 @@ namespace OpenWifi {
|
|||||||
if (AuthClient()->IsAuthorized( SessionToken_, UserInfo_, Expired)) {
|
if (AuthClient()->IsAuthorized( SessionToken_, UserInfo_, Expired)) {
|
||||||
#endif
|
#endif
|
||||||
if(Server_.LogIt(Request->getMethod(),true)) {
|
if(Server_.LogIt(Request->getMethod(),true)) {
|
||||||
Logger_.debug(Poco::format("X-REQ-ALLOWED(%s): User='%s@%s' Method='%s' Path='%s",
|
Logger_.debug(Poco::format("X-REQ-ALLOWED(%s): User='%s@%s' Method='%s' Path='%s'",
|
||||||
UserInfo_.userinfo.email,
|
UserInfo_.userinfo.email,
|
||||||
Utils::FormatIPv6(Request->clientAddress().toString()),
|
Utils::FormatIPv6(Request->clientAddress().toString()),
|
||||||
Request->clientAddress().toString(),
|
Request->clientAddress().toString(),
|
||||||
@@ -3738,7 +3741,7 @@ namespace OpenWifi {
|
|||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
if(Server_.LogBadTokens(true)) {
|
if(Server_.LogBadTokens(true)) {
|
||||||
Logger_.debug(Poco::format("X-REQ-DENIED(%s): Method='%s' Path='%s",
|
Logger_.debug(Poco::format("X-REQ-DENIED(%s): Method='%s' Path='%s'",
|
||||||
Utils::FormatIPv6(Request->clientAddress().toString()),
|
Utils::FormatIPv6(Request->clientAddress().toString()),
|
||||||
Request->getMethod(), Request->getURI()));
|
Request->getMethod(), Request->getURI()));
|
||||||
}
|
}
|
||||||
|
|||||||
26
wait-for-postgres.sh
Executable file
26
wait-for-postgres.sh
Executable file
@@ -0,0 +1,26 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
# wait-for-postgres.sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
host="$1"
|
||||||
|
shift
|
||||||
|
|
||||||
|
export PGUSER=$(grep 'storage.type.postgresql.username' $OWSEC_CONFIG/owsec.properties | awk -F '= ' '{print $2}')
|
||||||
|
export PGPASSWORD=$(grep 'storage.type.postgresql.password' $OWSEC_CONFIG/owsec.properties | awk -F '= ' '{print $2}')
|
||||||
|
|
||||||
|
until psql -h "$host" -c '\q'; do
|
||||||
|
>&2 echo "Postgres is unavailable - sleeping"
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
|
||||||
|
>&2 echo "Postgres is up - executing command"
|
||||||
|
|
||||||
|
if [ "$1" = '/openwifi/owsec' -a "$(id -u)" = '0' ]; then
|
||||||
|
if [ "$RUN_CHOWN" = 'true' ]; then
|
||||||
|
chown -R "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG"
|
||||||
|
fi
|
||||||
|
exec su-exec "$OWSEC_USER" "$@"
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
||||||
Reference in New Issue
Block a user