rename to management
This commit is contained in:
parent
26401c130a
commit
106d56f17f
@ -6,7 +6,7 @@ import { AppService } from './app.service';
|
||||
import { ObjectsModule } from './modules/objects/objects.module';
|
||||
import { ZoneModule } from './modules/zone/zone.module';
|
||||
import configuration from './config/configuration';
|
||||
import { IcynetModule } from './modules/icynet/icynet.module';
|
||||
import { ManagementModule } from './modules/management/management.module';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
@ -18,7 +18,7 @@ import { IcynetModule } from './modules/icynet/icynet.module';
|
||||
}),
|
||||
ObjectsModule,
|
||||
ZoneModule,
|
||||
IcynetModule,
|
||||
ManagementModule,
|
||||
],
|
||||
controllers: [AppController],
|
||||
providers: [AppService],
|
||||
|
@ -11,10 +11,13 @@ export default () => ({
|
||||
},
|
||||
cacheTTL: parseInt(process.env.ZONE_CACHE_TTL, 10) || 1600,
|
||||
zoneDir: '.',
|
||||
icynetKey: process.env.ICYNET_KEY || 'ch4ng3 m3!',
|
||||
managementKey: process.env.MANAGEMENT_KEY || 'ch4ng3 m3!',
|
||||
rndc: {
|
||||
host: process.env.RNDC_SERVER || '127.0.0.1',
|
||||
port: parseInt(process.env.RNDC_PORT, 10) || 953,
|
||||
keyFile: process.env.RNDC_KEYFILE || 'rndc.key',
|
||||
},
|
||||
managementIPs: process.env.MANAGEMENT_IP
|
||||
? JSON.parse(process.env.MANAGEMENT_IP)
|
||||
: ['127.0.0.1'],
|
||||
});
|
||||
|
@ -4,19 +4,22 @@ import { Request } from 'express';
|
||||
import { timingSafeEqual } from 'crypto';
|
||||
|
||||
@Injectable()
|
||||
export class IcynetGuard implements CanActivate {
|
||||
export class ManagementGuard implements CanActivate {
|
||||
constructor(private config: ConfigService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const request = context.switchToHttp().getRequest<Request>();
|
||||
const authHeader = request.headers.authorization;
|
||||
|
||||
const ips = this.config.get<string[]>('managementIPs');
|
||||
if (ips.length && !ips.includes(request.ip)) return;
|
||||
|
||||
const authHeader = request.headers.authorization;
|
||||
if (!authHeader) return false;
|
||||
|
||||
const [base, token] = authHeader.split(' ');
|
||||
if (!base || base.toLowerCase() !== 'bearer' || !token) return false;
|
||||
|
||||
const configured = this.config.get<string>('icynetKey');
|
||||
const configured = this.config.get<string>('managementKey');
|
||||
|
||||
return timingSafeEqual(Buffer.from(token), Buffer.from(configured));
|
||||
}
|
@ -1,10 +1,10 @@
|
||||
import { Injectable, CanActivate, ExecutionContext } from '@nestjs/common';
|
||||
import { Request, Response } from 'express';
|
||||
import { ManagerService } from 'src/modules/objects/manager/manager.service';
|
||||
import { DatabaseService } from 'src/modules/objects/database/database.service';
|
||||
|
||||
@Injectable()
|
||||
export class ZoneAccessGuard implements CanActivate {
|
||||
constructor(private service: ManagerService) {}
|
||||
constructor(private service: DatabaseService) {}
|
||||
|
||||
async canActivate(context: ExecutionContext): Promise<boolean> {
|
||||
const request = context.switchToHttp().getRequest<Request>();
|
||||
|
@ -11,14 +11,14 @@ import { resolve } from 'path';
|
||||
import { from, Observable, of } from 'rxjs';
|
||||
import { switchMap } from 'rxjs/operators';
|
||||
import { DNSCacheService } from 'src/modules/objects/dns/dns-cache.service';
|
||||
import { ManagerService } from 'src/modules/objects/manager/manager.service';
|
||||
import { DatabaseService } from 'src/modules/objects/database/database.service';
|
||||
import { CachedZone } from 'src/types/dns.interfaces';
|
||||
|
||||
@Injectable()
|
||||
export class DomainInterceptor implements NestInterceptor {
|
||||
constructor(
|
||||
private dns: DNSCacheService,
|
||||
private manage: ManagerService,
|
||||
private manage: DatabaseService,
|
||||
private config: ConfigService,
|
||||
) {}
|
||||
|
||||
|
@ -10,17 +10,17 @@ import {
|
||||
UseGuards,
|
||||
} from '@nestjs/common';
|
||||
import { ApiExcludeController } from '@nestjs/swagger';
|
||||
import { IcynetGuard } from 'src/guards/icynet.guard';
|
||||
import { ManagerService } from '../objects/manager/manager.service';
|
||||
import { ZoneEntity } from '../objects/manager/zone.entity';
|
||||
import { ManagementGuard } from 'src/guards/management.guard';
|
||||
import { DatabaseService } from '../objects/database/database.service';
|
||||
import { ZoneEntity } from '../objects/database/zone.entity';
|
||||
|
||||
@ApiExcludeController()
|
||||
@UseGuards(IcynetGuard)
|
||||
@UseGuards(ManagementGuard)
|
||||
@Controller({
|
||||
path: 'api/v1/icynet',
|
||||
path: 'api/v1/management',
|
||||
})
|
||||
export class IcynetController {
|
||||
constructor(private service: ManagerService) {}
|
||||
export class ManagementController {
|
||||
constructor(private service: DatabaseService) {}
|
||||
|
||||
@Get('zones')
|
||||
async getZoneList(@Query('uuid') uuid?: string) {
|
@ -1,9 +1,9 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { ObjectsModule } from '../objects/objects.module';
|
||||
import { IcynetController } from './icynet.controller';
|
||||
import { ManagementController } from './management.controller';
|
||||
|
||||
@Module({
|
||||
imports: [ObjectsModule],
|
||||
controllers: [IcynetController],
|
||||
controllers: [ManagementController],
|
||||
})
|
||||
export class IcynetModule {}
|
||||
export class ManagementModule {}
|
@ -19,6 +19,12 @@ export class AccessEntity {
|
||||
@ManyToOne(() => ZoneEntity, { onDelete: 'CASCADE' })
|
||||
zone: ZoneEntity;
|
||||
|
||||
@Column({ default: true })
|
||||
allow_soa: boolean;
|
||||
|
||||
@Column({ default: true })
|
||||
allow_zone: boolean;
|
||||
|
||||
@CreateDateColumn()
|
||||
public created_at: Date;
|
||||
|
@ -2,14 +2,14 @@ import { Module } from '@nestjs/common';
|
||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||
import { AccessEntity } from './access.entity';
|
||||
import { IcynetActorEntity } from './icynet.entity';
|
||||
import { ManagerService } from './manager.service';
|
||||
import { DatabaseService } from './database.service';
|
||||
import { ZoneEntity } from './zone.entity';
|
||||
|
||||
@Module({
|
||||
imports: [
|
||||
TypeOrmModule.forFeature([AccessEntity, ZoneEntity, IcynetActorEntity]),
|
||||
],
|
||||
providers: [ManagerService],
|
||||
exports: [ManagerService],
|
||||
providers: [DatabaseService],
|
||||
exports: [DatabaseService],
|
||||
})
|
||||
export class ManagerModule {}
|
||||
export class DatabaseModule {}
|
@ -7,7 +7,7 @@ import { IcynetActorEntity } from './icynet.entity';
|
||||
import { ZoneEntity } from './zone.entity';
|
||||
|
||||
@Injectable()
|
||||
export class ManagerService {
|
||||
export class DatabaseService {
|
||||
constructor(
|
||||
@InjectRepository(AccessEntity)
|
||||
private access: Repository<AccessEntity>,
|
@ -1,9 +1,9 @@
|
||||
import { Module } from '@nestjs/common';
|
||||
import { DNSModule } from './dns/dns.module';
|
||||
import { ManagerModule } from './manager/manager.module';
|
||||
import { DatabaseModule } from './database/database.module';
|
||||
|
||||
@Module({
|
||||
imports: [DNSModule, ManagerModule],
|
||||
exports: [DNSModule, ManagerModule],
|
||||
imports: [DNSModule, DatabaseModule],
|
||||
exports: [DNSModule, DatabaseModule],
|
||||
})
|
||||
export class ObjectsModule {}
|
||||
|
Loading…
Reference in New Issue
Block a user