Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-03-30 12:11:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'next/minor' of github.com:Start9Labs/start-os into integration/new-container-runtime

Browse Source
This commit is contained in:
Aiden McClelland
2023-11-20 14:13:57 -07:00
parent 11a2e96d06 4c8a92bb0c
commit 65009e2f69
8 changed files with 37 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
core/startos/src/context/rpc.rs
View File

@@ -4,6 +4,7 @@ use std::ops::Deref;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use std::sync::atomic::{AtomicBool, Ordering}; use std::sync::atomic::{AtomicBool, Ordering};
use std::sync::Arc; use std::sync::Arc;
use std::time::Duration;
use helpers::to_tmp_path; use helpers::to_tmp_path;
use josekit::jwk::Jwk; use josekit::jwk::Jwk;
@@ -25,7 +26,7 @@ use crate::db::model::{CurrentDependents, Database, PackageDataEntryMatchModelRe
use crate::db::prelude::PatchDbExt; use crate::db::prelude::PatchDbExt;
use crate::dependencies::compute_dependency_config_errs; use crate::dependencies::compute_dependency_config_errs;
use crate::disk::OsPartitionInfo; use crate::disk::OsPartitionInfo;
use crate::init::init_postgres; use crate::init::{check_time_is_synchronized, init_postgres};
use crate::install::cleanup::{cleanup_failed, uninstall}; use crate::install::cleanup::{cleanup_failed, uninstall};
use crate::manager::ManagerMap; use crate::manager::ManagerMap;
use crate::middleware::auth::HashSessionToken; use crate::middleware::auth::HashSessionToken;
@@ -174,6 +175,19 @@ impl RpcContext {
let tor_proxy_url = format!("socks5h://{tor_proxy}"); let tor_proxy_url = format!("socks5h://{tor_proxy}");
let devices = lshw().await?; let devices = lshw().await?;
let ram = get_mem_info().await?.total.0 as u64 * 1024 * 1024; let ram = get_mem_info().await?.total.0 as u64 * 1024 * 1024;
if !db.peek().await.as_server_info().as_ntp_synced().de()? {
let db = db.clone();
tokio::spawn(async move {
while !check_time_is_synchronized().await.unwrap() {
tokio::time::sleep(Duration::from_secs(30)).await;
}
db.mutate(|v| v.as_server_info_mut().as_ntp_synced_mut().ser(&true))
.await
.unwrap()
});
}
let seed = Arc::new(RpcContextSeed { let seed = Arc::new(RpcContextSeed {
is_closed: AtomicBool::new(false), is_closed: AtomicBool::new(false),
datadir: base.datadir().to_path_buf(), datadir: base.datadir().to_path_buf(),

2
core/startos/src/db/model.rs
View File

@@ -22,7 +22,7 @@ use crate::net::utils::{get_iface_ipv4_addr, get_iface_ipv6_addr};
use crate::prelude::*; use crate::prelude::*;
use crate::s9pk::manifest::{Manifest, PackageId}; use crate::s9pk::manifest::{Manifest, PackageId};
use crate::status::Status; use crate::status::Status;
use crate::util::cpupower::{get_preferred_governor, Governor}; use crate::util::cpupower::{Governor};
use crate::util::Version; use crate::util::Version;
use crate::version::{Current, VersionT}; use crate::version::{Current, VersionT};
use crate::{ARCH, PLATFORM}; use crate::{ARCH, PLATFORM};

28
core/startos/src/init.rs
View File

@@ -4,7 +4,7 @@ use std::path::Path;
use std::time::{Duration, SystemTime}; use std::time::{Duration, SystemTime};
use color_eyre::eyre::eyre; use color_eyre::eyre::eyre;
use helpers::NonDetachingJoinHandle;
use models::ResultExt; use models::ResultExt;
use rand::random; use rand::random;
use sqlx::{Pool, Postgres}; use sqlx::{Pool, Postgres};
@@ -18,9 +18,9 @@ use crate::disk::mount::util::unmount;
use crate::install::PKG_ARCHIVE_DIR; use crate::install::PKG_ARCHIVE_DIR;
use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH; use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH;
use crate::prelude::*; use crate::prelude::*;
use crate::sound::BEP;
use crate::util::cpupower::{ use crate::util::cpupower::{
current_governor, get_available_governors, get_preferred_governor, set_governor, get_available_governors, get_preferred_governor, set_governor,
}; };
use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL}; use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL};
use crate::util::Invoke; use crate::util::Invoke;
@@ -342,6 +342,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
.arg("run") .arg("run")
.arg("-d") .arg("-d")
.arg("--rm") .arg("--rm")
.arg("--init")
.arg("--network=start9") .arg("--network=start9")
.arg("--name=netdummy") .arg("--name=netdummy")
.arg("start9/x_system/utils:latest") .arg("start9/x_system/utils:latest")
@@ -379,11 +380,11 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
tracing::info!("Set CPU Governor"); tracing::info!("Set CPU Governor");
} }
let mut time_not_synced = true; server_info.ntp_synced = false;
let mut not_made_progress = 0u32; let mut not_made_progress = 0u32;
for _ in 0..1800 { for _ in 0..1800 {
if check_time_is_synchronized().await? { if check_time_is_synchronized().await? {
time_not_synced = false; server_info.ntp_synced = true;
break; break;
} }
let t = SystemTime::now(); let t = SystemTime::now();
@@ -400,7 +401,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
break; break;
} }
} }
if time_not_synced { if !server_info.ntp_synced {
tracing::warn!("Timed out waiting for system time to synchronize"); tracing::warn!("Timed out waiting for system time to synchronize");
} else { } else {
tracing::info!("Syncronized system clock"); tracing::info!("Syncronized system clock");
@@ -418,21 +419,6 @@ pub async fn init(cfg: &RpcContextConfig) -> Result<InitResult, Error> {
restarting: false, restarting: false,
}; };
server_info.ntp_synced = if time_not_synced {
let db = db.clone();
tokio::spawn(async move {
while !check_time_is_synchronized().await.unwrap() {
tokio::time::sleep(Duration::from_secs(30)).await;
}
db.mutate(|v| v.as_server_info_mut().as_ntp_synced_mut().ser(&true))
.await
.unwrap()
});
false
} else {
true
};
db.mutate(|v| { db.mutate(|v| {
v.as_server_info_mut().ser(&server_info)?; v.as_server_info_mut().ser(&server_info)?;
Ok(()) Ok(())

2
core/startos/src/net/keys.rs
View File

@@ -280,7 +280,7 @@ pub fn test_keygen() {
key.openssl_key_nistp256(); key.openssl_key_nistp256();
} }
fn display_requires_reboot(arg: RequiresReboot, matches: &ArgMatches) { fn display_requires_reboot(arg: RequiresReboot, _matches: &ArgMatches) {
if arg.0 { if arg.0 {
println!("Server must be restarted for changes to take effect"); println!("Server must be restarted for changes to take effect");
} }

12
core/startos/src/net/static_server.rs
View File

@@ -23,6 +23,7 @@ use tokio_util::io::ReaderStream;
use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext}; use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext};
use crate::core::rpc_continuations::RequestGuid; use crate::core::rpc_continuations::RequestGuid;
use crate::db::subscribe; use crate::db::subscribe;
use crate::hostname::Hostname;
use crate::install::PKG_PUBLIC_DIR; use crate::install::PKG_PUBLIC_DIR;
use crate::middleware::auth::{auth as auth_middleware, HasValidSession}; use crate::middleware::auth::{auth as auth_middleware, HasValidSession};
use crate::middleware::cors::cors; use crate::middleware::cors::cors;
@@ -339,7 +340,8 @@ async fn main_embassy_ui(req: Request<Body>, ctx: RpcContext) -> Result<Response
.await .await
} }
(&Method::GET, Some(("eos", "local.crt"))) => { (&Method::GET, Some(("eos", "local.crt"))) => {
cert_send(&ctx.account.read().await.root_ca_cert) let account = ctx.account.read().await;
cert_send(&account.root_ca_cert, &account.hostname)
} }
(&Method::GET, _) => { (&Method::GET, _) => {
let uri_path = UiMode::Main.path( let uri_path = UiMode::Main.path(
@@ -405,7 +407,7 @@ fn bad_request() -> Response<Body> {
.unwrap() .unwrap()
} }
fn cert_send(cert: &X509) -> Result<Response<Body>, Error> { fn cert_send(cert: &X509, hostname: &Hostname) -> Result<Response<Body>, Error> {
let pem = cert.to_pem()?; let pem = cert.to_pem()?;
Response::builder() Response::builder()
.status(StatusCode::OK) .status(StatusCode::OK)
@@ -417,8 +419,12 @@ fn cert_send(cert: &X509) -> Result<Response<Body>, Error> {
) )
.to_lowercase(), .to_lowercase(),
) )
.header(http::header::CONTENT_TYPE, "application/x-pem-file") .header(http::header::CONTENT_TYPE, "application/x-x509-ca-cert")
.header(http::header::CONTENT_LENGTH, pem.len()) .header(http::header::CONTENT_LENGTH, pem.len())
.header(
http::header::CONTENT_DISPOSITION,
format!("attachment; filename={}.crt", &hostname.0),
)
.body(Body::from(pem)) .body(Body::from(pem))
.with_kind(ErrorKind::Network) .with_kind(ErrorKind::Network)
} }

5
web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html
View File

@@ -44,7 +44,7 @@
size="small" size="small"
shape="round" shape="round"
color="primary" color="primary"
href="https://docs.start9.com/0.3.5.x/user-manual/trust-ca#establishing-trust" href="https://docs.start9.com/0.3.5.x/user-manual/trust-ca"
target="_blank" target="_blank"
noreferrer noreferrer
> >
@@ -100,7 +100,4 @@
<a <a
id="install-cert" id="install-cert"
href="/eos/local.crt" href="/eos/local.crt"
[download]="
config.isLocal() ? document.location.hostname + '.crt' : 'startos.crt'
"
></a> ></a>

6
web/projects/ui/src/app/pages/server-routes/lan/lan.page.html
View File

@@ -15,7 +15,7 @@
<h2> <h2>
For a secure local connection and faster Tor experience, For a secure local connection and faster Tor experience,
<a <a
href="https://docs.start9.com/0.3.5.x/user-manual/connecting-lan" href="https://docs.start9.com/0.3.5.x/user-manual/trust-ca"
target="_blank" target="_blank"
rel="noreferrer" rel="noreferrer"
> >
@@ -26,7 +26,7 @@
</ion-label> </ion-label>
</ion-item> </ion-item>
<ion-item button (click)="installCert()" [disabled]="!(crtName$ | async)"> <ion-item button (click)="installCert()">
<ion-icon slot="start" name="download-outline" size="large"></ion-icon> <ion-icon slot="start" name="download-outline" size="large"></ion-icon>
<ion-label> <ion-label>
<h1>Download Root CA</h1> <h1>Download Root CA</h1>
@@ -35,5 +35,5 @@
</ion-item-group> </ion-item-group>
<!-- hidden element for downloading cert --> <!-- hidden element for downloading cert -->
<a id="install-cert" href="/eos/local.crt" [download]="crtName$ | async"></a> <a id="install-cert" href="/eos/local.crt"></a>
</ion-content> </ion-content>

4
web/projects/ui/src/app/pages/server-routes/lan/lan.page.ts
View File

@@ -10,10 +10,6 @@ import { DataModel } from 'src/app/services/patch-db/data-model'
changeDetection: ChangeDetectionStrategy.OnPush, changeDetection: ChangeDetectionStrategy.OnPush,
}) })
export class LANPage { export class LANPage {
readonly crtName$ = this.patch
.watch$('server-info', 'lan-address')
.pipe(map(addr => `${new URL(addr).hostname}.crt`))
constructor(private readonly patch: PatchDB<DataModel>) {} constructor(private readonly patch: PatchDB<DataModel>) {}
installCert(): void { installCert(): void {