From 4b1dc52c59572afc553c83203460f0780c9d22b8 Mon Sep 17 00:00:00 2001 From: Marcos Lilljedahl Date: Tue, 23 Apr 2019 01:47:06 -0300 Subject: [PATCH] Move DindVolumeSize to playground opts --- api.go | 6 +++--- config/config.go | 5 +---- docker/docker.go | 25 +++++++++++++------------ handlers/bootstrap.go | 6 ++---- handlers/cookie_id.go | 3 ++- handlers/login.go | 26 ++++++++++++++++++++++---- handlers/new_instance.go | 6 +++++- handlers/playground.go | 6 ++++-- provisioner/dind.go | 21 +++++++++++---------- pwd/types/instance.go | 1 + pwd/types/playground.go | 1 + 11 files changed, 65 insertions(+), 41 deletions(-) diff --git a/api.go b/api.go index fc10bb3..61cd73c 100644 --- a/api.go +++ b/api.go @@ -47,12 +47,12 @@ func main() { sch.Start() - d, err := time.ParseDuration(config.DefaultSessionDuration) + d, err := time.ParseDuration("4h") if err != nil { - log.Fatalf("Cannot parse duration %s. Got: %v", config.DefaultSessionDuration, err) + log.Fatalf("Cannot parse duration Got: %v", err) } - playground := types.Playground{Domain: config.PlaygroundDomain, DefaultDinDInstanceImage: config.DefaultDinDImage, AllowWindowsInstances: config.NoWindows, DefaultSessionDuration: d, AvailableDinDInstanceImages: []string{config.DefaultDinDImage}, Tasks: []string{".*"}} + playground := types.Playground{Domain: config.PlaygroundDomain, DefaultDinDInstanceImage: "franela/dind", AllowWindowsInstances: config.NoWindows, DefaultSessionDuration: d, Tasks: []string{".*"}, DockerClientID: "cec293c0-f9dd-4f0b-8c3e-e29df7b956b7", DockerClientSecret: "fdf6f091-3766-44ef-b0be-ab3946e45ec3", DockerHost: "id-stage.docker.com", Extras: map[string]interface{}{"LoginRedirect": "http://localhost:3000"}} if _, err := core.PlaygroundNew(playground); err != nil { log.Fatalf("Cannot create default playground. Got: %v", err) } diff --git a/config/config.go b/config/config.go index 457f619..30e30c4 100644 --- a/config/config.go +++ b/config/config.go @@ -22,7 +22,7 @@ const ( var NameFilter = regexp.MustCompile(PWDHostPortGroupRegex) var AliasFilter = regexp.MustCompile(AliasPortGroupRegex) -var PortNumber, SessionsFile, PWDContainerName, L2ContainerName, L2Subdomain, HashKey, SSHKeyPath, L2RouterIP, DindVolumeSize, CookieHashKey, CookieBlockKey, DefaultDinDImage, DefaultSessionDuration string +var PortNumber, SessionsFile, PWDContainerName, L2ContainerName, L2Subdomain, HashKey, SSHKeyPath, L2RouterIP, CookieHashKey, CookieBlockKey string var UseLetsEncrypt, ExternalDindVolume, NoWindows bool var LetsEncryptCertsDir string var MaxLoadAvg float64 @@ -48,15 +48,12 @@ func ParseFlags() { flag.StringVar(&L2RouterIP, "l2-ip", "", "Host IP address for L2 router ping response") flag.StringVar(&L2Subdomain, "l2-subdomain", "direct", "Subdomain to the L2 Router") flag.StringVar(&HashKey, "hash_key", "salmonrosado", "Hash key to use for cookies") - flag.StringVar(&DindVolumeSize, "dind-volume-size", "5G", "Dind volume folder size") flag.BoolVar(&NoWindows, "win-disable", false, "Disable windows instances") flag.BoolVar(&ExternalDindVolume, "dind-external-volume", false, "Use external dind volume though XFS volume driver") flag.Float64Var(&MaxLoadAvg, "maxload", 100, "Maximum allowed load average before failing ping requests") flag.StringVar(&SSHKeyPath, "ssh_key_path", "", "SSH Private Key to use") flag.StringVar(&CookieHashKey, "cookie-hash-key", "", "Hash key to use to validate cookies") flag.StringVar(&CookieBlockKey, "cookie-block-key", "", "Block key to use to encrypt cookies") - flag.StringVar(&DefaultDinDImage, "default-dind-image", "franela/dind", "Default DinD image to use if not specified otherwise") - flag.StringVar(&DefaultSessionDuration, "default-session-duration", "4h", "Default session duration if not specified otherwise") flag.StringVar(&PlaygroundDomain, "playground-domain", "localhost", "Domain to use for the playground") flag.StringVar(&AdminToken, "admin-token", "", "Token to validate admin user for admin endpoints") diff --git a/docker/docker.go b/docker/docker.go index e99286a..466a228 100644 --- a/docker/docker.go +++ b/docker/docker.go @@ -250,17 +250,18 @@ func (d *docker) ContainerDelete(name string) error { } type CreateContainerOpts struct { - Image string - SessionId string - ContainerName string - Hostname string - ServerCert []byte - ServerKey []byte - CACert []byte - Privileged bool - HostFQDN string - Labels map[string]string - Networks []string + Image string + SessionId string + ContainerName string + Hostname string + ServerCert []byte + ServerKey []byte + CACert []byte + Privileged bool + HostFQDN string + Labels map[string]string + Networks []string + DindVolumeSize string } func (d *docker) ContainerCreate(opts CreateContainerOpts) (err error) { @@ -342,7 +343,7 @@ func (d *docker) ContainerCreate(opts CreateContainerOpts) (err error) { _, err = d.c.VolumeCreate(context.Background(), volume.VolumesCreateBody{ Driver: "xfsvol", DriverOpts: map[string]string{ - "size": config.DindVolumeSize, + "size": opts.DindVolumeSize, }, Name: opts.ContainerName, }) diff --git a/handlers/bootstrap.go b/handlers/bootstrap.go index 3c7e3f0..039dc3c 100644 --- a/handlers/bootstrap.go +++ b/handlers/bootstrap.go @@ -240,10 +240,8 @@ func initOauthProviders(p *types.Playground) { config.Providers[p.Id]["facebook"] = conf } if p.DockerClientID != "" && p.DockerClientSecret != "" { - endpoint := "id.docker.com" - if len(p.DockerHost) > 0 { - endpoint = p.DockerHost - } + + endpoint := getDockerEndpoint(p) oauth2.RegisterBrokenAuthHeaderProvider(fmt.Sprintf(".%s", endpoint)) conf := &oauth2.Config{ ClientID: p.DockerClientID, diff --git a/handlers/cookie_id.go b/handlers/cookie_id.go index e18023f..1648ca2 100644 --- a/handlers/cookie_id.go +++ b/handlers/cookie_id.go @@ -12,11 +12,12 @@ type CookieID struct { UserAvatar string `json:"user_avatar"` } -func (c *CookieID) SetCookie(rw http.ResponseWriter) error { +func (c *CookieID) SetCookie(rw http.ResponseWriter, host string) error { if encoded, err := config.SecureCookie.Encode("id", c); err == nil { cookie := &http.Cookie{ Name: "id", Value: encoded, + Domain: host, Path: "/", Secure: config.UseLetsEncrypt, HttpOnly: true, diff --git a/handlers/login.go b/handlers/login.go index 1123367..b068e88 100644 --- a/handlers/login.go +++ b/handlers/login.go @@ -166,7 +166,9 @@ func LoginCallback(rw http.ResponseWriter, req *http.Request) { &oauth2.Token{AccessToken: tok.AccessToken}, ) tc := oauth2.NewClient(ctx, ts) - resp, err := tc.Get("https://id.docker.com/api/id/v1/openid/userinfo") + + endpoint := getDockerEndpoint(playground) + resp, err := tc.Get(fmt.Sprintf("https://%s/api/id/v1/openid/userinfo", endpoint)) if err != nil { log.Printf("Could not get user from docker. Got: %v\n", err) rw.WriteHeader(http.StatusInternalServerError) @@ -197,26 +199,42 @@ func LoginCallback(rw http.ResponseWriter, req *http.Request) { cookieData := CookieID{Id: user.Id, UserName: user.Name, UserAvatar: user.Avatar} - if err := cookieData.SetCookie(rw); err != nil { + host := "localhost" + if req.Host != "" { + host = req.Host + } + + if err := cookieData.SetCookie(rw, host); err != nil { log.Printf("Could not encode cookie. Got: %v\n", err) rw.WriteHeader(http.StatusInternalServerError) return } + r, _ := playground.Extras.GetString("LoginRedirect") + fmt.Fprintf(rw, ` -`) +`, r) +} + +func getDockerEndpoint(p *types.Playground) string { + if len(p.DockerHost) > 0 { + return p.DockerHost + } + return "id.docker.com" } diff --git a/handlers/new_instance.go b/handlers/new_instance.go index 9ae905d..608a5b7 100644 --- a/handlers/new_instance.go +++ b/handlers/new_instance.go @@ -15,7 +15,7 @@ func NewInstance(rw http.ResponseWriter, req *http.Request) { vars := mux.Vars(req) sessionId := vars["sessionId"] - body := types.InstanceConfig{PlaygroundFQDN: req.Host} + body := types.InstanceConfig{PlaygroundFQDN: req.Host, DindVolumeSize: "5G"} json.NewDecoder(req.Body).Decode(&body) @@ -51,6 +51,10 @@ func NewInstance(rw http.ResponseWriter, req *http.Request) { return } + if len(playground.DindVolumeSize) > 0 { + body.DindVolumeSize = playground.DindVolumeSize + } + i, err := core.InstanceNew(s, body) if err != nil { if provisioner.OutOfCapacity(err) { diff --git a/handlers/playground.go b/handlers/playground.go index c19bf75..2f58923 100644 --- a/handlers/playground.go +++ b/handlers/playground.go @@ -59,6 +59,7 @@ type PlaygroundConfigurationResponse struct { AvailableDinDInstanceImages []string `json:"available_dind_instance_images"` AllowWindowsInstances bool `json:"allow_windows_instances"` DefaultSessionDuration time.Duration `json:"default_session_duration"` + DindVolumeSize string `json:"dind_volume_size"` } func GetCurrentPlayground(rw http.ResponseWriter, req *http.Request) { @@ -69,12 +70,13 @@ func GetCurrentPlayground(rw http.ResponseWriter, req *http.Request) { return } json.NewEncoder(rw).Encode(PlaygroundConfigurationResponse{ - Id: playground.Id, - Domain: playground.Domain, + Id: playground.Id, + Domain: playground.Domain, DefaultDinDInstanceImage: playground.DefaultDinDInstanceImage, AvailableDinDInstanceImages: playground.AvailableDinDInstanceImages, AllowWindowsInstances: playground.AllowWindowsInstances, DefaultSessionDuration: playground.DefaultSessionDuration, + DindVolumeSize: playground.DindVolumeSize, }) } diff --git a/provisioner/dind.go b/provisioner/dind.go index 1714d9a..9c5468b 100644 --- a/provisioner/dind.go +++ b/provisioner/dind.go @@ -67,16 +67,17 @@ func (d *DinD) InstanceNew(session *types.Session, conf types.InstanceConfig) (* } containerName := fmt.Sprintf("%s_%s", session.Id[:8], d.generator.NewId()) opts := docker.CreateContainerOpts{ - Image: conf.ImageName, - SessionId: session.Id, - ContainerName: containerName, - Hostname: conf.Hostname, - ServerCert: conf.ServerCert, - ServerKey: conf.ServerKey, - CACert: conf.CACert, - HostFQDN: conf.PlaygroundFQDN, - Privileged: true, - Networks: []string{session.Id}, + Image: conf.ImageName, + SessionId: session.Id, + ContainerName: containerName, + Hostname: conf.Hostname, + ServerCert: conf.ServerCert, + ServerKey: conf.ServerKey, + CACert: conf.CACert, + HostFQDN: conf.PlaygroundFQDN, + Privileged: true, + Networks: []string{session.Id}, + DindVolumeSize: conf.DindVolumeSize, } dockerClient, err := d.factory.GetForSession(session) diff --git a/pwd/types/instance.go b/pwd/types/instance.go index 616ccae..033ab0e 100644 --- a/pwd/types/instance.go +++ b/pwd/types/instance.go @@ -38,4 +38,5 @@ type InstanceConfig struct { Tls bool PlaygroundFQDN string Type string + DindVolumeSize string } diff --git a/pwd/types/playground.go b/pwd/types/playground.go index 93ddd4a..16cc83e 100644 --- a/pwd/types/playground.go +++ b/pwd/types/playground.go @@ -78,6 +78,7 @@ type Playground struct { AvailableDinDInstanceImages []string `json:"available_dind_instance_images" bson:"available_dind_instance_images"` AllowWindowsInstances bool `json:"allow_windows_instances" bson:"allow_windows_instances"` DefaultSessionDuration time.Duration `json:"default_session_duration" bson:"default_session_duration"` + DindVolumeSize string `json:"dind_volume_size" bson:"dind_volume_size"` Extras PlaygroundExtras `json:"extras" bson:"extras"` AssetsDir string `json:"assets_dir" bson:"assets_dir"` Tasks []string `json:"tasks" bson:"tasks"`