diff --git a/src/nassella.scm b/src/nassella.scm index 20b698b..ab83c74 100644 --- a/src/nassella.scm +++ b/src/nassella.scm @@ -312,9 +312,10 @@ h1, h2, h3, h4, h5, h6 { (username . ,remote-user)) (current-params))) (next)) - (if (string-prefix-ci? "/unsecured/" path) + (if (and (cdr path) (cadr path) (string=? "unsecured" (cadr path))) (next) - '(unauthorized "no valid auth header"))))))) + (begin (log-to (debug-log) "no valid auth header | ~S | ~A" path headers) + '(unauthorized "no valid auth header")))))))) (with-schematra-app app (lambda () @@ -706,7 +707,11 @@ h1, h2, h3, h4, h5, h6 { (create-directory dir) (process-wait (process-run (string-append "tar -xf nassella-latest.tar -C " dir))) (create-directory (string-append dir "/config")) - (copy-file "../config/ssh-keys" (string-append dir "/config/ssh-keys")) ;; TODO remove + (cond-expand + (dev + ;; in dev copy personal ssh key + (copy-file "../config/ssh-keys" (string-append dir "/config/ssh-keys"))) + (else '())) (with-output-to-file (string-append dir "/terraform.tfstate") (lambda () (write-string state))) (with-output-to-file (string-append dir "/terraform.tfstate.backup") (lambda () (write-string state-backup)))) @@ -772,12 +777,17 @@ h1, h2, h3, h4, h5, h6 { ;; and uses that to store the generated ssh keys. ;; Later on this directory gets deleted after we read the keys into ;; strings to return from this function. - (process* "docker" `("run" "--rm" "--volume" - ,(conc (current-directory) "/" key-path ":/opt/keys") - "debian:12-slim" "bash" "-c" "apt update + (cond-expand + (dev + (create-directory key-path) + (process* "docker" `("run" "--rm" "--volume" + ,(conc (current-directory) "/" key-path ":/opt/keys") + "debian:12-slim" "bash" "-c" "apt update apt install -y openssh-client ssh-keygen -t ed25519 -f /opt/keys/key -N \"\" -chmod -R 777 /opt/keys")) +chmod -R 777 /opt/keys"))) + (else + (process* "ssh-keygen" `("-t" "ed25519" "-f" ,(conc (current-directory) "/" key-path "/key") "-N" "\"\"")))) (let ((thread (thread-start! (lambda () @@ -791,12 +801,14 @@ chmod -R 777 /opt/keys")) (if exit-normal (begin (with-input-from-port in-port read-string) ;; left here for debugging and to clear ports - (with-input-from-port err-port read-string) ;; left here for debugging and to clear ports + (with-input-from-port err-port read-string) + ;; left here for debugging and to clear ports (let ((priv-key (with-input-from-file (conc key-path "/key") read-string)) (pub-key (with-input-from-file (conc key-path "/key.pub") read-string))) (delete-directory key-path #t) (list priv-key pub-key))) - (error "Generating ssh key docker command had abnormal exit"))))))))) + (begin (log-to (debug-log) "generate-ssh-key: docker command error") + (error "Generating ssh key docker command had abnormal exit")))))))))) (thread-join! thread))))) (define (generate-restic-password) @@ -854,12 +866,12 @@ chmod -R 777 /opt/keys")) ;;; REQUIRES AUTHED USER (post "/config/wizard/create-instance" - (let* ((ssh-keys (generate-ssh-key (session-user-id))) - (instance-id (with-db/transaction - (lambda (db) - (create-instance db (session-user-id) (first ssh-keys) (second ssh-keys) - (generate-restic-password)))))) - (redirect (conc "/config/wizard/services/" instance-id)))) + (let* ((ssh-keys (generate-ssh-key (session-user-id))) + (instance-id (with-db/transaction + (lambda (db) + (create-instance db (session-user-id) (first ssh-keys) (second ssh-keys) + (generate-restic-password)))))) + (redirect (conc "/config/wizard/services/" instance-id)))) ;; TODO should all these key related form fields be of type password ;; so the browser doesn't save them??? @@ -996,7 +1008,11 @@ chmod -R 777 /opt/keys")) (Field (@ (name "wg-easy") (type "checkbox") (label ("WG Easy")) (checked ,(member 'wg-easy (alist-ref 'selected-apps results))))) (Field (@ (name "nextcloud") (type "checkbox") (label ("NextCloud")) (checked ,(member 'nextcloud (alist-ref 'selected-apps results))))) (Field (@ (name "ghost") (type "checkbox") (label ("Ghost")) (checked ,(member 'ghost (alist-ref 'selected-apps results))))) - (Field (@ (name "nassella") (type "checkbox") (label ("Nassella")) (checked ,(member 'nassella (alist-ref 'selected-apps results))))) + ,@(cond-expand + (dev + `((Field (@ (name "nassella") (type "checkbox") (label ("Nassella")) (checked ,(member 'nassella (alist-ref 'selected-apps results))))))) + (else + '())) (Field (@ (name "log-viewer") (type "checkbox") (label ("Log Viewer")) (checked #t) (disabled "disabled")))) ;; TODO add config for when automatic upgrades are scheduled for? ;; TODO add config for server timezone? @@ -1270,9 +1286,10 @@ chmod -R 777 /opt/keys")) (post "/config/wizard/review-submit/:id" (let* ((instance-id (alist-ref "id" (current-params) equal?)) (status (string->symbol - (with-db/transaction - (lambda (db) - (get-most-recent-deployment-status db (session-user-id) instance-id)))))) + (->string + (with-db/transaction + (lambda (db) + (get-most-recent-deployment-status db (session-user-id) instance-id))))))) (when (not (or (eq? status 'queued) (eq? status 'in-progress))) (let* ((instance-id (alist-ref "id" (current-params) equal?)) (results