2023-04-21 06:31:51 +00:00
|
|
|
# pylint: disable=too-many-lines
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""Page rendering functions.
|
|
|
|
|
|
|
|
|
|
TODO: Move some parts to Jinja templates.
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
import asyncio
|
|
|
|
|
import datetime
|
|
|
|
|
|
|
|
|
|
from flask import current_app, render_template
|
|
|
|
|
from flask_oidc import OpenIDConnect # type: ignore
|
|
|
|
|
from headscale_api.schema.headscale import v1 as schema
|
|
|
|
|
from markupsafe import Markup
|
|
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
import helper
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
from config import Config
|
|
|
|
|
from headscale import HeadscaleApi
|
|
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
2023-04-21 06:31:51 +00:00
|
|
|
async def render_overview(headscale: HeadscaleApi): # pylint: disable=too-many-locals
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""Render the overview page."""
|
|
|
|
|
current_app.logger.info("Rendering the Overview page")
|
|
|
|
|
|
|
|
|
|
local_time = datetime.datetime.now(headscale.app_config.timezone)
|
|
|
|
|
|
|
|
|
|
# Get and display overview of the following information:
|
|
|
|
|
# server's machines, users, preauth keys, API key expiration, server version
|
|
|
|
|
|
|
|
|
|
async with headscale.session:
|
|
|
|
|
machines, routes, users = await asyncio.gather(
|
|
|
|
|
headscale.list_machines(schema.ListMachinesRequest("")),
|
|
|
|
|
headscale.get_routes(schema.GetRoutesRequest()),
|
|
|
|
|
headscale.list_users(schema.ListUsersRequest()),
|
|
|
|
|
)
|
|
|
|
|
user_preauth_keys: list[schema.ListPreAuthKeysResponse] = await asyncio.gather(
|
|
|
|
|
*[
|
|
|
|
|
headscale.list_pre_auth_keys(schema.ListPreAuthKeysRequest(user.name))
|
|
|
|
|
for user in users.users
|
|
|
|
|
]
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-03-03 13:05:15 +09:00
|
|
|
# Need to check if routes are attached to an active machine:
|
2023-04-03 12:11:45 +00:00
|
|
|
# ISSUE: https://github.com/iFargle/headscale-webui/issues/36
|
|
|
|
|
# ISSUE: https://github.com/juanfont/headscale/issues/1228
|
2023-03-03 13:05:15 +09:00
|
|
|
|
2023-02-06 04:58:09 +00:00
|
|
|
# Get all routes:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
total_routes = sum(route.machine.id != 0 for route in routes.routes)
|
|
|
|
|
enabled_routes = sum(
|
|
|
|
|
route.enabled and route.advertised and route.machine.id != 0
|
|
|
|
|
for route in routes.routes
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# Get a count of all enabled exit routes
|
|
|
|
|
exits_count = 0
|
|
|
|
|
exits_enabled_count = 0
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route in routes.routes:
|
|
|
|
|
if route.advertised and route.machine.id != 0:
|
|
|
|
|
if route.prefix in ("0.0.0.0/0", "::/0"):
|
2023-04-03 12:11:45 +00:00
|
|
|
exits_count += 1
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route.enabled:
|
2023-02-06 04:58:09 +00:00
|
|
|
exits_enabled_count += 1
|
|
|
|
|
|
|
|
|
|
# Get User and PreAuth Key counts
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
usable_keys_count = sum(
|
|
|
|
|
sum(
|
|
|
|
|
(key.reusable or (not key.reusable and not key.used))
|
|
|
|
|
and not key.expiration < local_time
|
|
|
|
|
for key in preauth_keys.pre_auth_keys
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for preauth_keys in user_preauth_keys
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-02-23 14:29:35 +09:00
|
|
|
|
|
|
|
|
# Start putting the content together
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
overview_content = f"""
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
<div class="col s10">
|
|
|
|
|
<ul class="collection with-header z-depth-1">
|
|
|
|
|
<li class="collection-header"><h4>Server Statistics</h4></li>
|
|
|
|
|
<li class="collection-item"><div>Machines Added
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{len(machines.machines)}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Users Added
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{len(users.users)}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Usable Preauth Keys
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{usable_keys_count}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Enabled/Total Routes
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{enabled_routes}/{total_routes}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Enabled/Total Exits
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{exits_enabled_count}/{exits_count}</div></div></li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="col s1"></div>
|
2023-02-23 14:56:57 +09:00
|
|
|
</div>
|
2023-04-03 12:11:45 +00:00
|
|
|
"""
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
|
|
|
|
|
# Overview page will just read static information from the config file and display
|
|
|
|
|
# it Open the config.yaml and parse it.
|
|
|
|
|
config_yaml = headscale.hs_config
|
|
|
|
|
|
|
|
|
|
if config_yaml is None:
|
|
|
|
|
return Markup(
|
|
|
|
|
f"""<br>{overview_content}
|
|
|
|
|
<div class='row'>
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
<div class="col s10">
|
|
|
|
|
<ul class="collection with-header z-depth-1">
|
|
|
|
|
<li class="collection-header"><h4>General</h4></li>
|
|
|
|
|
<li class="collection-item">
|
|
|
|
|
Headscale configuration is invalid or unavailable.
|
|
|
|
|
Please check logs.</li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
</div>
|
|
|
|
|
"""
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
general_content = f"""
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
<div class="col s10">
|
|
|
|
|
<ul class="collection with-header z-depth-1">
|
|
|
|
|
<li class="collection-header"><h4>General</h4></li>
|
|
|
|
|
<li class="collection-item"><div>IP Prefixes
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{config_yaml.ip_prefixes or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Server URL
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{config_yaml.server_url}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Updates Disabled
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{config_yaml.disable_check_updates or 'N/A'}
|
|
|
|
|
</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Ephemeral Node Inactivity Timeout
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{config_yaml.ephemeral_node_inactivity_timeout or 'N/A'}
|
|
|
|
|
</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Node Update Check Interval
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{config_yaml.node_update_check_interval or 'N/A'}
|
|
|
|
|
</div></div></li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="col s1"></div>
|
2023-02-23 14:56:57 +09:00
|
|
|
</div>
|
2023-04-03 12:11:45 +00:00
|
|
|
"""
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
|
|
|
|
|
# OIDC Content:
|
|
|
|
|
oidc = config_yaml.oidc
|
|
|
|
|
oidc_content = (
|
|
|
|
|
(
|
|
|
|
|
f"""
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
<div class="col s10">
|
|
|
|
|
<ul class="collection with-header z-depth-1">
|
|
|
|
|
<li class="collection-header"><h4>Headscale OIDC</h4></li>
|
|
|
|
|
<li class="collection-item"><div>Issuer
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{oidc.issuer or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Client ID
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{oidc.client_id or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Scope
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{oidc.scope or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Use OIDC Token Expiry
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{oidc.use_expiry_from_token or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Expiry
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{oidc.expiry or 'N/A'}</div></div></li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
</div>
|
|
|
|
|
"""
|
|
|
|
|
)
|
|
|
|
|
if oidc is not None
|
|
|
|
|
else ""
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
|
|
|
|
|
# Embedded DERP server information.
|
|
|
|
|
derp = config_yaml.derp
|
2023-04-03 12:11:45 +00:00
|
|
|
derp_content = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
(
|
|
|
|
|
f"""
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
<div class="col s10">
|
|
|
|
|
<ul class="collection with-header z-depth-1">
|
|
|
|
|
<li class="collection-header"><h4>Embedded DERP</h4></li>
|
|
|
|
|
<li class="collection-item"><div>Enabled
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{derp.server.enabled}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Region ID
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{derp.server.region_id or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Region Code
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{derp.server.region_code or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Region Name
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{derp.server.region_name or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>STUN Address
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{derp.server.stun_listen_addr or 'N/A'}</div></div></li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
</div>
|
|
|
|
|
"""
|
|
|
|
|
)
|
|
|
|
|
if derp is not None and derp.server is not None and derp.server.enabled
|
|
|
|
|
else ""
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
|
|
|
|
|
dns_config = config_yaml.dns_config
|
2023-04-03 12:11:45 +00:00
|
|
|
dns_content = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
(
|
|
|
|
|
f"""
|
|
|
|
|
<div class="row">
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
<div class="col s10">
|
|
|
|
|
<ul class="collection with-header z-depth-1">
|
|
|
|
|
<li class="collection-header"><h4>DNS</h4></li>
|
|
|
|
|
<li class="collection-item"><div>DNS Nameservers
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{dns_config.nameservers or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>MagicDNS
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{dns_config.magic_dns or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Search Domains
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{dns_config.domains or 'N/A'}</div></div></li>
|
|
|
|
|
<li class="collection-item"><div>Base Domain
|
|
|
|
|
<div class="secondary-content overview-page">
|
|
|
|
|
{dns_config.base_domain or 'N/A'}</div></div></li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="col s1"></div>
|
|
|
|
|
</div>
|
|
|
|
|
"""
|
|
|
|
|
)
|
|
|
|
|
if dns_config is not None
|
|
|
|
|
else ""
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
# TODO:
|
2023-02-06 04:58:09 +00:00
|
|
|
# Whether there are custom DERP servers
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# If there are custom DERP servers, get the file location from the config
|
|
|
|
|
# file. Assume mapping is the same.
|
2023-04-03 12:11:45 +00:00
|
|
|
# Whether the built-in DERP server is enabled
|
2023-02-06 04:58:09 +00:00
|
|
|
# The IP prefixes
|
|
|
|
|
# The DNS config
|
2023-02-23 15:20:43 +09:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# if derp is not None and derp.paths is not None:
|
|
|
|
|
# pass
|
2023-02-06 04:58:09 +00:00
|
|
|
# # open the path:
|
2023-04-03 12:11:45 +00:00
|
|
|
# derp_file =
|
2023-02-06 04:58:09 +00:00
|
|
|
# config_file = open("/etc/headscale/config.yaml", "r")
|
|
|
|
|
# config_yaml = yaml.safe_load(config_file)
|
|
|
|
|
# The ACME config, if not empty
|
|
|
|
|
# Whether updates are running
|
|
|
|
|
# Whether metrics are enabled (and their listen addr)
|
|
|
|
|
# The log level
|
|
|
|
|
# What kind of Database is being used to drive headscale
|
|
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
return Markup(
|
2023-04-03 12:11:45 +00:00
|
|
|
"<br>"
|
|
|
|
|
+ overview_content
|
|
|
|
|
+ general_content
|
|
|
|
|
+ derp_content
|
|
|
|
|
+ oidc_content
|
|
|
|
|
+ dns_content
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
2023-04-21 06:31:51 +00:00
|
|
|
async def thread_machine_content( # pylint: disable=all
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
headscale: HeadscaleApi,
|
|
|
|
|
machine: schema.Machine,
|
|
|
|
|
idx: int,
|
|
|
|
|
all_routes: schema.GetRoutesResponse,
|
|
|
|
|
) -> str:
|
|
|
|
|
"""Render a single machine."""
|
2023-02-06 04:58:09 +00:00
|
|
|
# machine = passed in machine information
|
|
|
|
|
# content = place to write the content
|
|
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
failover_pair_prefixes: list[str] = []
|
|
|
|
|
current_app.logger.debug("Machine Information =================")
|
|
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Name: %s, ID: %i, User: %s, givenName: %s",
|
|
|
|
|
machine.name,
|
|
|
|
|
machine.id,
|
|
|
|
|
machine.user.name,
|
|
|
|
|
machine.given_name,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-17 20:38:04 +09:00
|
|
|
|
2023-02-06 04:58:09 +00:00
|
|
|
# Set the current timezone and local time
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
timezone = headscale.app_config.timezone
|
|
|
|
|
local_time = datetime.datetime.now(timezone)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# Get the machines routes
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
pulled_routes = await headscale.get_machine_routes(
|
|
|
|
|
schema.GetMachineRoutesRequest(machine.id)
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
routes = ""
|
|
|
|
|
|
|
|
|
|
# Test if the machine is an exit node:
|
2023-03-22 19:17:53 +09:00
|
|
|
exit_route_found = False
|
2023-03-22 20:56:30 +09:00
|
|
|
exit_route_enabled = False
|
2023-03-22 21:32:34 +09:00
|
|
|
# If the device has enabled Failover routes (High Availability routes)
|
2023-03-22 21:49:22 +09:00
|
|
|
ha_enabled = False
|
2023-03-22 21:32:34 +09:00
|
|
|
|
2023-03-22 18:57:56 +09:00
|
|
|
# If the length of "routes" is NULL/0, there are no routes, enabled or disabled:
|
2023-04-21 06:31:51 +00:00
|
|
|
if len(pulled_routes.routes) > 0: # pylint: disable=too-many-nested-blocks
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# First, check if there are any routes that are both enabled and advertised If
|
|
|
|
|
# that is true, we will output the collection-item for routes. Otherwise, it
|
|
|
|
|
# will not be displayed.
|
|
|
|
|
advertised_routes = any(route.advertised for route in pulled_routes.routes)
|
|
|
|
|
|
2023-03-22 19:17:53 +09:00
|
|
|
if advertised_routes:
|
2023-02-06 04:58:09 +00:00
|
|
|
routes = """
|
|
|
|
|
<li class="collection-item avatar">
|
|
|
|
|
<i class="material-icons circle">directions</i>
|
|
|
|
|
<span class="title">Routes</span>
|
2023-03-22 19:57:03 +09:00
|
|
|
<p>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""
|
|
|
|
|
# current_app.logger.debug("Pulled Routes Dump: "+str(pulled_routes))
|
|
|
|
|
# current_app.logger.debug("All Routes Dump: "+str(all_routes))
|
2023-03-22 14:07:03 +09:00
|
|
|
|
|
|
|
|
# Find all exits and put their ID's into the exit_routes array
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
exit_routes: list[int] = []
|
2023-03-22 14:37:58 +09:00
|
|
|
exit_enabled_color = "red"
|
2023-03-22 14:54:45 +09:00
|
|
|
exit_tooltip = "enable"
|
2023-03-22 19:42:18 +09:00
|
|
|
exit_route_enabled = False
|
2023-04-03 12:11:45 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route in pulled_routes.routes:
|
|
|
|
|
if route.prefix in ("0.0.0.0/0", "::/0"):
|
|
|
|
|
exit_routes.append(route.id)
|
2023-03-22 19:17:53 +09:00
|
|
|
exit_route_found = True
|
2023-03-22 14:31:30 +09:00
|
|
|
# Test if it is enabled:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route.enabled:
|
2023-03-22 14:31:30 +09:00
|
|
|
exit_enabled_color = "green"
|
2023-04-03 12:11:45 +00:00
|
|
|
exit_tooltip = "disable"
|
2023-03-22 19:42:18 +09:00
|
|
|
exit_route_enabled = True
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.debug("Found exit route ID's: %s", exit_routes)
|
|
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Exit Route Information: ID: %i | Enabled: %r | "
|
|
|
|
|
"exit_route_enabled: %r / Found: %r",
|
|
|
|
|
route.id,
|
|
|
|
|
route.enabled,
|
|
|
|
|
exit_route_enabled,
|
|
|
|
|
exit_route_found,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-22 14:31:30 +09:00
|
|
|
|
|
|
|
|
# Print the button for the Exit routes:
|
2023-03-22 19:17:53 +09:00
|
|
|
if exit_route_found:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
routes += (
|
|
|
|
|
f"<p class='waves-effect waves-light btn-small "
|
|
|
|
|
f"{exit_enabled_color} lighten-2 tooltipped' data-position='top' "
|
|
|
|
|
f"data-tooltip='Click to {exit_tooltip}' id='{machine.id}-exit' "
|
|
|
|
|
f'onclick="toggle_exit({exit_routes[0]}, {exit_routes[1]}, '
|
|
|
|
|
f"{machine.id}-exit', '{exit_route_enabled}', 'machines')\">"
|
|
|
|
|
"Exit Route</p>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-22 14:07:03 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
# Check if the route has another enabled identical route.
|
2023-03-23 10:54:12 +09:00
|
|
|
# Check all routes from the current machine...
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route in pulled_routes.routes:
|
2023-03-23 10:54:12 +09:00
|
|
|
# ... against all routes from all machines ....
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route_info in all_routes.routes:
|
|
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Comparing routes %s and %s", route.prefix, route_info.prefix
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
# ... If the route prefixes match and are not exit nodes ...
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route_info.prefix == route.prefix and (
|
|
|
|
|
route.prefix not in ("0.0.0.0/0", "::/0")
|
2023-04-03 12:11:45 +00:00
|
|
|
):
|
|
|
|
|
# Check if the route ID's match. If they don't ...
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Found a match: %s and %s", route.prefix, route_info.prefix
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route_info.id != route.id:
|
|
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Route ID's don't match. They're on different nodes."
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-23 10:54:12 +09:00
|
|
|
# ... Check if the routes prefix is already in the array...
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route.prefix not in failover_pair_prefixes:
|
2023-03-23 10:54:12 +09:00
|
|
|
# IF it isn't, add it.
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.info(
|
|
|
|
|
"New HA pair found: %s", route.prefix
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
failover_pair_prefixes.append(route.prefix)
|
|
|
|
|
if route.enabled and route_info.enabled:
|
2023-03-23 10:54:12 +09:00
|
|
|
# If it is already in the array. . .
|
|
|
|
|
# Show as HA only if both routes are enabled:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Both routes are enabled. Setting as HA [%s] (%s) ",
|
|
|
|
|
machine.name,
|
|
|
|
|
route.prefix,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-23 17:46:47 +09:00
|
|
|
ha_enabled = True
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# If the route is an exit node and already counted as a failover route,
|
|
|
|
|
# it IS a failover route, so display it.
|
2023-04-03 12:11:45 +00:00
|
|
|
if (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
route.prefix not in ("0.0.0.0/0", "::/0")
|
|
|
|
|
and route.prefix in failover_pair_prefixes
|
2023-04-03 12:11:45 +00:00
|
|
|
):
|
2023-03-22 20:35:11 +09:00
|
|
|
route_enabled = "red"
|
2023-04-03 12:11:45 +00:00
|
|
|
route_tooltip = "enable"
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
color_index = failover_pair_prefixes.index(route.prefix)
|
2023-03-23 07:44:13 +09:00
|
|
|
route_enabled_color = helper.get_color(color_index, "failover")
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route.enabled:
|
|
|
|
|
color_index = failover_pair_prefixes.index(route.prefix)
|
2023-03-22 21:07:22 +09:00
|
|
|
route_enabled = helper.get_color(color_index, "failover")
|
2023-04-03 12:11:45 +00:00
|
|
|
route_tooltip = "disable"
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
routes += (
|
|
|
|
|
f"<p class='waves-effect waves-light btn-small {route_enabled} "
|
|
|
|
|
"lighten-2 tooltipped' data-position='top' "
|
|
|
|
|
f"data-tooltip='Click to {route_tooltip} (Failover Pair)' "
|
|
|
|
|
f"id='{route.id}' onclick=\"toggle_failover_route({route.id}, "
|
|
|
|
|
f"'{route.enabled}', '{route_enabled_color}')\">"
|
|
|
|
|
f"{route.prefix}</p>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
|
2023-03-22 20:35:11 +09:00
|
|
|
# Get the remaining routes:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route in pulled_routes.routes:
|
2023-03-22 20:35:11 +09:00
|
|
|
# Get the remaining routes - No exits or failover pairs
|
2023-04-03 12:11:45 +00:00
|
|
|
if (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
route.prefix not in ("0.0.0.0/0", "::/0")
|
|
|
|
|
and route.prefix not in failover_pair_prefixes
|
2023-04-03 12:11:45 +00:00
|
|
|
):
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Route: [%s] id: %i / prefix: %s enabled?: %r",
|
|
|
|
|
route.machine.name,
|
|
|
|
|
route.id,
|
|
|
|
|
route.prefix,
|
|
|
|
|
route.enabled,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-22 18:52:48 +09:00
|
|
|
route_enabled = "red"
|
2023-04-03 12:11:45 +00:00
|
|
|
route_tooltip = "enable"
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if route.enabled:
|
2023-03-22 18:52:48 +09:00
|
|
|
route_enabled = "green"
|
2023-04-03 12:11:45 +00:00
|
|
|
route_tooltip = "disable"
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
routes += (
|
|
|
|
|
f"<p class='waves-effect waves-light btn-small {route_enabled} "
|
|
|
|
|
"lighten-2 tooltipped' data-position='top' data-tooltip='Click "
|
|
|
|
|
f"to {route_tooltip}' id='{route.id}' "
|
|
|
|
|
f"onclick=\"toggle_route({route.id}, '{route.enabled}', "
|
|
|
|
|
f"'machines')\">{route.prefix}</p>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
routes += "</p></li>"
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# Get machine tags
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
tag_array = ", ".join(f"{{tag: '{tag[4:]}'}}" for tag in machine.forced_tags)
|
|
|
|
|
tags = f"""
|
2023-02-06 04:58:09 +00:00
|
|
|
<li class="collection-item avatar">
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
<i class="material-icons circle tooltipped" data-position="right"
|
|
|
|
|
data-tooltip="Spaces will be replaced with a dash (-)
|
|
|
|
|
upon page refresh">label</i>
|
2023-02-06 04:58:09 +00:00
|
|
|
<span class="title">Tags</span>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
<p><div style='margin: 0px' class='chips' id='{machine.id}-tags'></div></p>
|
2023-02-06 04:58:09 +00:00
|
|
|
</li>
|
|
|
|
|
<script>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
window.addEventListener('load', function() {{
|
|
|
|
|
var instances = M.Chips.init (
|
|
|
|
|
document.getElementById('{machine.id}-tags'), ({{
|
|
|
|
|
data:[{tag_array}],
|
|
|
|
|
onChipDelete() {{ delete_chip({machine.id}, this.chipsData) }},
|
|
|
|
|
onChipAdd() {{ add_chip({machine.id}, this.chipsData) }}
|
|
|
|
|
}})
|
|
|
|
|
);
|
|
|
|
|
}}, false
|
2023-02-17 22:41:41 +09:00
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
</script>
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
# Get the machine IP's
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
machine_ips = (
|
|
|
|
|
"<ul>"
|
|
|
|
|
+ "".join(f"<li>{ip_address}</li>" for ip_address in machine.ip_addresses)
|
|
|
|
|
+ "</ul>"
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# Format the dates for easy readability
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
last_seen_local = machine.last_seen.astimezone(timezone)
|
2023-04-03 12:11:45 +00:00
|
|
|
last_seen_delta = local_time - last_seen_local
|
|
|
|
|
last_seen_print = helper.pretty_print_duration(last_seen_delta)
|
|
|
|
|
last_seen_time = (
|
|
|
|
|
str(last_seen_local.strftime("%A %m/%d/%Y, %H:%M:%S"))
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
+ f" {timezone} ({last_seen_print})"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if machine.last_successful_update is not None:
|
|
|
|
|
last_update_local = machine.last_successful_update.astimezone(timezone)
|
|
|
|
|
last_update_delta = local_time - last_update_local
|
|
|
|
|
last_update_print = helper.pretty_print_duration(last_update_delta)
|
|
|
|
|
last_update_time = (
|
|
|
|
|
str(last_update_local.strftime("%A %m/%d/%Y, %H:%M:%S"))
|
|
|
|
|
+ f" {timezone} ({last_update_print})"
|
|
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
last_update_print = None
|
|
|
|
|
last_update_time = None
|
2023-04-03 12:11:45 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
created_local = machine.created_at.astimezone(timezone)
|
2023-04-03 12:11:45 +00:00
|
|
|
created_delta = local_time - created_local
|
|
|
|
|
created_print = helper.pretty_print_duration(created_delta)
|
|
|
|
|
created_time = (
|
|
|
|
|
str(created_local.strftime("%A %m/%d/%Y, %H:%M:%S"))
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
+ f" {timezone} ({created_print})"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-03-17 20:56:03 +09:00
|
|
|
# If there is no expiration date, we don't need to do any calculations:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if machine.expiry != datetime.datetime(1, 1, 1, 0, 0, tzinfo=datetime.timezone.utc):
|
|
|
|
|
expiry_local = machine.expiry.astimezone(timezone)
|
2023-04-03 12:11:45 +00:00
|
|
|
expiry_delta = expiry_local - local_time
|
|
|
|
|
expiry_print = helper.pretty_print_duration(expiry_delta, "expiry")
|
|
|
|
|
if str(expiry_local.strftime("%Y")) in ("0001", "9999", "0000"):
|
|
|
|
|
expiry_time = "No expiration date."
|
|
|
|
|
elif int(expiry_local.strftime("%Y")) > int(expiry_local.strftime("%Y")) + 2:
|
|
|
|
|
expiry_time = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
str(expiry_local.strftime("%m/%Y")) + f" {timezone} ({expiry_print})"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
expiry_time = (
|
|
|
|
|
str(expiry_local.strftime("%A %m/%d/%Y, %H:%M:%S"))
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
+ f" {timezone} ({expiry_print})"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
expiring_soon = int(expiry_delta.days) < 14 and int(expiry_delta.days) > 0
|
|
|
|
|
current_app.logger.debug(
|
|
|
|
|
"Machine: %s expires: %s / %i",
|
|
|
|
|
machine.name,
|
|
|
|
|
expiry_local.strftime("%Y"),
|
|
|
|
|
expiry_delta.days,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-17 20:56:03 +09:00
|
|
|
else:
|
2023-04-03 12:11:45 +00:00
|
|
|
expiry_time = "No expiration date."
|
2023-03-17 21:10:16 +09:00
|
|
|
expiring_soon = False
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.debug("Machine: %s has no expiration date", machine.name)
|
2023-02-22 22:30:32 +09:00
|
|
|
|
2023-02-06 04:58:09 +00:00
|
|
|
# Get the first 10 characters of the PreAuth Key:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if machine.pre_auth_key is not None:
|
|
|
|
|
preauth_key = machine.pre_auth_key.key[0:10]
|
2023-04-03 12:11:45 +00:00
|
|
|
else:
|
|
|
|
|
preauth_key = "None"
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-03-22 18:52:48 +09:00
|
|
|
# Set the status and user badge color:
|
2023-02-06 04:58:09 +00:00
|
|
|
text_color = helper.text_color_duration(last_seen_delta)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
user_color = helper.get_color(int(machine.user.id))
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# Generate the various badges:
|
2023-04-03 12:11:45 +00:00
|
|
|
status_badge = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i class='material-icons left tooltipped {text_color}' data-position='top' "
|
|
|
|
|
f"data-tooltip='Last Seen: {last_seen_print}' id='{machine.id}-status'>"
|
|
|
|
|
"fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
user_badge = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<span class='badge ipinfo {user_color} white-text hide-on-small-only' "
|
|
|
|
|
f"id='{machine.id}-ns-badge'>{machine.user.name}</span>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
exit_node_badge = (
|
|
|
|
|
""
|
|
|
|
|
if not exit_route_enabled
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
else (
|
|
|
|
|
"<span class='badge grey white-text text-lighten-4 tooltipped' "
|
|
|
|
|
"data-position='left' data-tooltip='This machine has an enabled exit "
|
|
|
|
|
"route.'>Exit</span>"
|
|
|
|
|
)
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
ha_route_badge = (
|
|
|
|
|
""
|
|
|
|
|
if not ha_enabled
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
else (
|
|
|
|
|
"<span class='badge blue-grey white-text text-lighten-4 tooltipped' "
|
|
|
|
|
"data-position='left' data-tooltip='This machine has an enabled High "
|
|
|
|
|
"Availability (Failover) route.'>HA</span>"
|
|
|
|
|
)
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
expiration_badge = (
|
|
|
|
|
""
|
|
|
|
|
if not expiring_soon
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
else (
|
|
|
|
|
"<span class='badge red white-text text-lighten-4 tooltipped' "
|
|
|
|
|
"data-position='left' data-tooltip='This machine expires soon.'>"
|
|
|
|
|
"Expiring!</span>"
|
|
|
|
|
)
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.info(
|
|
|
|
|
"Finished thread for machine %s index %i", machine.given_name, idx
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
return render_template(
|
|
|
|
|
"machines_card.html",
|
|
|
|
|
given_name=machine.given_name,
|
|
|
|
|
machine_id=machine.id,
|
|
|
|
|
hostname=machine.name,
|
|
|
|
|
ns_name=machine.user.name,
|
|
|
|
|
ns_id=machine.user.id,
|
|
|
|
|
ns_created=machine.user.created_at,
|
|
|
|
|
last_seen=str(last_seen_print),
|
|
|
|
|
last_update=str(last_update_print),
|
|
|
|
|
machine_ips=Markup(machine_ips),
|
|
|
|
|
advertised_routes=Markup(routes),
|
|
|
|
|
exit_node_badge=Markup(exit_node_badge),
|
|
|
|
|
ha_route_badge=Markup(ha_route_badge),
|
|
|
|
|
status_badge=Markup(status_badge),
|
|
|
|
|
user_badge=Markup(user_badge),
|
|
|
|
|
last_update_time=str(last_update_time),
|
|
|
|
|
last_seen_time=str(last_seen_time),
|
|
|
|
|
created_time=str(created_time),
|
|
|
|
|
expiry_time=str(expiry_time),
|
|
|
|
|
preauth_key=str(preauth_key),
|
|
|
|
|
expiration_badge=Markup(expiration_badge),
|
|
|
|
|
machine_tags=Markup(tags),
|
|
|
|
|
taglist=machine.forced_tags,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
async def render_machines_cards(headscale: HeadscaleApi):
|
|
|
|
|
"""Render machine cards."""
|
|
|
|
|
current_app.logger.info("Rendering machine cards")
|
|
|
|
|
|
|
|
|
|
async with headscale.session:
|
|
|
|
|
# Execute concurrent machine info requests and sort them by machine_id.
|
|
|
|
|
routes = await headscale.get_routes(schema.GetRoutesRequest())
|
|
|
|
|
content = await asyncio.gather(
|
|
|
|
|
*[
|
|
|
|
|
thread_machine_content(headscale, machine, idx, routes)
|
|
|
|
|
for idx, machine in enumerate(
|
|
|
|
|
(
|
|
|
|
|
await headscale.list_machines(schema.ListMachinesRequest(""))
|
|
|
|
|
).machines
|
|
|
|
|
)
|
|
|
|
|
]
|
|
|
|
|
)
|
|
|
|
|
return Markup("<ul class='collapsible expandable'>" + "".join(content) + "</ul>")
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
async def render_users_cards(headscale: HeadscaleApi):
|
|
|
|
|
"""Render users cards."""
|
|
|
|
|
current_app.logger.info("Rendering Users cards")
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
async with headscale.session:
|
|
|
|
|
content = await asyncio.gather(
|
|
|
|
|
*[
|
|
|
|
|
build_user_card(headscale, user)
|
|
|
|
|
for user in (
|
|
|
|
|
await headscale.list_users(schema.ListUsersRequest())
|
|
|
|
|
).users
|
|
|
|
|
]
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
return Markup("<ul class='collapsible expandable'>" + "".join(content) + "</ul>")
|
2023-04-03 12:11:45 +00:00
|
|
|
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
async def build_user_card(headscale: HeadscaleApi, user: schema.User):
|
|
|
|
|
"""Build a user card."""
|
|
|
|
|
# Get all preAuth Keys in the user, only display if one exists:
|
|
|
|
|
preauth_keys_collection = await build_preauth_key_table(
|
|
|
|
|
headscale, schema.ListPreAuthKeysRequest(user.name)
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# Set the user badge color:
|
|
|
|
|
user_color = helper.get_color(int(user.id), "text")
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# Generate the various badges:
|
|
|
|
|
status_badge = (
|
|
|
|
|
f"<i class='material-icons left {user_color}' id='{user.id}-status'>"
|
|
|
|
|
"fiber_manual_record</i>"
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
return render_template(
|
|
|
|
|
"users_card.html",
|
|
|
|
|
status_badge=Markup(status_badge),
|
|
|
|
|
user_name=user.name,
|
|
|
|
|
user_id=user.id,
|
|
|
|
|
preauth_keys_collection=Markup(preauth_keys_collection),
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
async def build_preauth_key_table(
|
|
|
|
|
headscale: HeadscaleApi, request: schema.ListPreAuthKeysRequest
|
2023-04-21 06:31:51 +00:00
|
|
|
): # pylint: disable=too-many-locals
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""Build PreAuth key table for a user."""
|
|
|
|
|
current_app.logger.info(
|
|
|
|
|
"Building the PreAuth key table for User: %s", request.user
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
preauth_keys = await headscale.list_pre_auth_keys(request)
|
|
|
|
|
preauth_keys_collection = f"""
|
|
|
|
|
<li class="collection-item avatar">
|
2023-02-06 04:58:09 +00:00
|
|
|
<span
|
2023-04-03 12:11:45 +00:00
|
|
|
class='badge grey lighten-2 btn-small'
|
2023-02-06 04:58:09 +00:00
|
|
|
onclick='toggle_expired()'
|
|
|
|
|
>Toggle Expired</span>
|
2023-04-03 12:11:45 +00:00
|
|
|
<span
|
|
|
|
|
href="#card_modal"
|
|
|
|
|
class='badge grey lighten-2 btn-small modal-trigger'
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
onclick="load_modal_add_preauth_key('{request.user}')"
|
2023-02-06 04:58:09 +00:00
|
|
|
>Add PreAuth Key</span>
|
|
|
|
|
<i class="material-icons circle">vpn_key</i>
|
|
|
|
|
<span class="title">PreAuth Keys</span>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""
|
|
|
|
|
if len(preauth_keys.pre_auth_keys) == 0:
|
2023-04-03 12:11:45 +00:00
|
|
|
preauth_keys_collection += "<p>No keys defined for this user</p>"
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
else:
|
|
|
|
|
preauth_keys_collection += f"""
|
|
|
|
|
<table class="responsive-table striped"
|
|
|
|
|
id='{request.user}-preauthkey-table'>
|
|
|
|
|
<thead><tr>
|
|
|
|
|
<td>ID</td>
|
|
|
|
|
<td class='tooltipped' data-tooltip='Click an Auth Key Prefix to
|
|
|
|
|
copy it to the clipboard'>Key Prefix</td>
|
|
|
|
|
<td><center>Reusable</center></td>
|
|
|
|
|
<td><center>Used</center></td>
|
|
|
|
|
<td><center>Ephemeral</center></td>
|
|
|
|
|
<td><center>Usable</center></td>
|
|
|
|
|
<td><center>Actions</center></td>
|
|
|
|
|
</tr></thead>
|
2023-04-03 12:11:45 +00:00
|
|
|
"""
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for key in preauth_keys.pre_auth_keys:
|
2023-02-06 04:58:09 +00:00
|
|
|
# Get the key expiration date and compare it to now to check if it's expired:
|
|
|
|
|
# Set the current timezone and local time
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
timezone = headscale.app_config.timezone
|
|
|
|
|
local_time = datetime.datetime.now(timezone)
|
|
|
|
|
key_expired = key.expiration < local_time
|
2023-04-03 12:11:45 +00:00
|
|
|
expiration_time = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
key.expiration.strftime("%A %m/%d/%Y, %H:%M:%S") + f" {timezone}"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
key_usable = (key.reusable and not key_expired) or (
|
|
|
|
|
not key.reusable and not key.used and not key_expired
|
|
|
|
|
)
|
2023-04-03 12:11:45 +00:00
|
|
|
|
2023-02-10 12:20:50 +09:00
|
|
|
# Class for the javascript function to look for to toggle the hide function
|
|
|
|
|
hide_expired = "expired-row" if not key_usable else ""
|
2023-02-06 04:58:09 +00:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
btn_reusable = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"<i class='pulse material-icons tiny blue-text text-darken-1'>"
|
|
|
|
|
"::"
|
|
|
|
|
"fiber_manual_record</i>"
|
|
|
|
|
if key.reusable
|
2023-04-03 12:11:45 +00:00
|
|
|
else ""
|
|
|
|
|
)
|
|
|
|
|
btn_ephemeral = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"<i class='pulse material-icons tiny red-text text-darken-1'>"
|
|
|
|
|
"fiber_manual_record</i>"
|
|
|
|
|
if key.ephemeral
|
2023-04-03 12:11:45 +00:00
|
|
|
else ""
|
|
|
|
|
)
|
|
|
|
|
btn_used = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"<i class='pulse material-icons tiny yellow-text text-darken-1'>"
|
|
|
|
|
"fiber_manual_record</i>"
|
|
|
|
|
if key.used
|
2023-04-03 12:11:45 +00:00
|
|
|
else ""
|
|
|
|
|
)
|
|
|
|
|
btn_usable = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"<i class='pulse material-icons tiny green-text text-darken-1'>"
|
|
|
|
|
"fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
if key_usable
|
|
|
|
|
else ""
|
|
|
|
|
)
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# Other buttons:
|
2023-04-03 12:11:45 +00:00
|
|
|
btn_delete = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"<span href='#card_modal' data-tooltip='Expire this PreAuth Key' "
|
|
|
|
|
"class='btn-small modal-trigger badge tooltipped white-text red' onclick='"
|
|
|
|
|
f'load_modal_expire_preauth_key("{request.user}", "{key.key}")\'>'
|
|
|
|
|
"Expire</span>"
|
2023-04-03 12:11:45 +00:00
|
|
|
if key_usable
|
|
|
|
|
else ""
|
|
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
tooltip_data = f"Expiration: {expiration_time}"
|
2023-02-06 04:58:09 +00:00
|
|
|
|
|
|
|
|
# TR ID will look like "1-albert-tr"
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
preauth_keys_collection += f"""
|
|
|
|
|
<tr id='{key.id}-{request.user}-tr' class='{hide_expired}'>
|
|
|
|
|
<td>{key.id}</td>
|
|
|
|
|
<td onclick=copy_preauth_key('{key.key}') class='tooltipped'
|
|
|
|
|
data-tooltip='{tooltip_data}'>{key.key[0:10]}</td>
|
|
|
|
|
<td><center>{btn_reusable}</center></td>
|
|
|
|
|
<td><center>{btn_used}</center></td>
|
|
|
|
|
<td><center>{btn_ephemeral}</center></td>
|
|
|
|
|
<td><center>{btn_usable}</center></td>
|
|
|
|
|
<td><center>{btn_delete}</center></td>
|
2023-02-06 04:58:09 +00:00
|
|
|
</tr>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""
|
2023-02-06 04:58:09 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
return preauth_keys_collection + "</table></li>"
|
2023-02-17 20:58:58 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
def oidc_nav_dropdown(user_name: str, email_address: str, name: str) -> Markup:
|
|
|
|
|
"""Render desktop navigation for OIDC."""
|
|
|
|
|
current_app.logger.debug("OIDC is enabled. Building the OIDC nav dropdown")
|
|
|
|
|
html_payload = f"""
|
2023-03-21 14:51:30 +09:00
|
|
|
<!-- OIDC Dropdown Structure -->
|
2023-02-23 10:41:53 +09:00
|
|
|
<ul id="dropdown1" class="dropdown-content dropdown-oidc">
|
2023-02-23 11:14:54 +09:00
|
|
|
<ul class="collection dropdown-oidc-collection">
|
2023-02-23 12:03:43 +09:00
|
|
|
<li class="collection-item dropdown-oidc-avatar avatar">
|
2023-02-23 10:41:53 +09:00
|
|
|
<i class="material-icons circle">email</i>
|
2023-02-23 12:03:43 +09:00
|
|
|
<span class="dropdown-oidc-title title">Email</span>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
<p>{email_address}</p>
|
2023-02-23 10:41:53 +09:00
|
|
|
</li>
|
2023-02-23 12:03:43 +09:00
|
|
|
<li class="collection-item dropdown-oidc-avatar avatar">
|
2023-02-23 10:41:53 +09:00
|
|
|
<i class="material-icons circle">person_outline</i>
|
2023-02-23 12:03:43 +09:00
|
|
|
<span class="dropdown-oidc-title title">Username</span>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
<p>{user_name}</p>
|
2023-02-23 10:41:53 +09:00
|
|
|
</li>
|
|
|
|
|
</ul>
|
|
|
|
|
<li class="divider"></li>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
<li><a href="logout">
|
|
|
|
|
<i class="material-icons left">exit_to_app</i> Logout</a></li>
|
2023-02-23 08:17:09 +09:00
|
|
|
</ul>
|
|
|
|
|
<li>
|
|
|
|
|
<a class="dropdown-trigger" href="#!" data-target="dropdown1">
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
{name} <i class="material-icons right">account_circle</i>
|
2023-02-23 08:17:09 +09:00
|
|
|
</a>
|
|
|
|
|
</li>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""
|
2023-02-20 17:23:05 +09:00
|
|
|
return Markup(html_payload)
|
2023-02-22 16:04:10 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
def oidc_nav_mobile():
|
|
|
|
|
"""Render mobile navigation for OIDC."""
|
|
|
|
|
return Markup(
|
|
|
|
|
'<li><hr><a href="logout"><i class="material-icons left">'
|
|
|
|
|
"exit_to_app</i>Logout</a></li>"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def render_defaults(
|
|
|
|
|
config: Config, oidc_handler: OpenIDConnect | None
|
|
|
|
|
) -> dict[str, Markup | str]:
|
|
|
|
|
"""Render the default elements.
|
|
|
|
|
|
|
|
|
|
TODO: Think about caching the results.
|
2023-02-22 16:04:10 +09:00
|
|
|
"""
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
colors = {
|
|
|
|
|
"color_nav": config.color_nav,
|
|
|
|
|
"color_btn": config.color_btn,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if oidc_handler is None:
|
|
|
|
|
return colors
|
|
|
|
|
|
|
|
|
|
# If OIDC is enabled, display the buttons:
|
|
|
|
|
email_address: str = oidc_handler.user_getfield("email") # type: ignore
|
|
|
|
|
assert isinstance(email_address, str)
|
|
|
|
|
user_name: str = oidc_handler.user_getfield("preferred_username") # type: ignore
|
|
|
|
|
assert isinstance(user_name, str)
|
|
|
|
|
name: str = oidc_handler.user_getfield("name") # type: ignore
|
|
|
|
|
assert isinstance(name, str)
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
"oidc_nav_dropdown": oidc_nav_dropdown(user_name, email_address, name),
|
|
|
|
|
"oidc_nav_mobile": oidc_nav_mobile(),
|
|
|
|
|
**colors,
|
|
|
|
|
}
|
2023-03-21 13:57:17 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
2023-03-21 14:38:09 +09:00
|
|
|
def render_search():
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""Render search bar."""
|
|
|
|
|
return Markup(
|
|
|
|
|
"""
|
|
|
|
|
<li role="menu-item" class="tooltipped" data-position="bottom"
|
|
|
|
|
data-tooltip="Search" onclick="show_search()">
|
|
|
|
|
<a href="#"><i class="material-icons">search</i></a>
|
|
|
|
|
</li>
|
|
|
|
|
"""
|
|
|
|
|
)
|
2023-03-23 19:10:22 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
|
2023-04-21 06:31:51 +00:00
|
|
|
async def render_routes(
|
|
|
|
|
headscale: HeadscaleApi,
|
|
|
|
|
): # pylint: disable=too-many-branches,too-many-statements,too-many-locals
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
"""Render routes page."""
|
|
|
|
|
current_app.logger.info("Rendering Routes page")
|
|
|
|
|
all_routes = await headscale.get_routes(schema.GetRoutesRequest())
|
2023-03-23 19:10:22 +09:00
|
|
|
|
2023-03-23 20:51:03 +09:00
|
|
|
# If there are no routes, just exit:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if len(all_routes.routes) == 0:
|
2023-04-03 12:11:45 +00:00
|
|
|
return Markup("<br><br><br><center>There are no routes to display!</center>")
|
2023-04-02 08:27:35 +09:00
|
|
|
# Get a list of all Route ID's to iterate through:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
all_routes_id_list: list[int] = []
|
|
|
|
|
for route in all_routes.routes:
|
|
|
|
|
all_routes_id_list.append(route.id)
|
|
|
|
|
if route.machine.name:
|
|
|
|
|
current_app.logger.info(
|
|
|
|
|
"Found route %i / machine: %s", route.id, route.machine.name
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
else:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.info("Route id %i has no machine associated.", route.id)
|
2023-04-02 08:27:35 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
route_content = ""
|
2023-03-23 20:51:03 +09:00
|
|
|
failover_content = ""
|
2023-04-03 12:11:45 +00:00
|
|
|
exit_content = ""
|
2023-03-23 20:51:03 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
route_title = '<span class="card-title">Routes</span>'
|
|
|
|
|
failover_title = '<span class="card-title">Failover Routes</span>'
|
|
|
|
|
exit_title = '<span class="card-title">Exit Routes</span>'
|
2023-03-23 20:51:03 +09:00
|
|
|
|
|
|
|
|
markup_pre = """
|
|
|
|
|
<div class="row">
|
2023-03-23 21:24:13 +09:00
|
|
|
<div class="col m1"></div>
|
|
|
|
|
<div class="col s12 m10">
|
2023-03-23 21:19:56 +09:00
|
|
|
<div class="card">
|
|
|
|
|
<div class="card-content">
|
2023-03-23 20:51:03 +09:00
|
|
|
"""
|
2023-04-03 12:11:45 +00:00
|
|
|
markup_post = """
|
2023-03-23 21:19:56 +09:00
|
|
|
</div>
|
|
|
|
|
</div>
|
2023-03-23 20:51:03 +09:00
|
|
|
</div>
|
2023-03-23 21:24:13 +09:00
|
|
|
<div class="col m1"></div>
|
2023-03-23 20:51:03 +09:00
|
|
|
</div>
|
|
|
|
|
"""
|
|
|
|
|
|
2023-03-28 14:01:43 +09:00
|
|
|
##############################################################################################
|
2023-03-23 20:51:03 +09:00
|
|
|
# Step 1: Get all non-exit and non-failover routes:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
route_content = (
|
|
|
|
|
markup_pre
|
|
|
|
|
+ route_title
|
|
|
|
|
+ """
|
|
|
|
|
<p><table>
|
|
|
|
|
<thead>
|
|
|
|
|
<tr>
|
|
|
|
|
<th>ID </th>
|
|
|
|
|
<th>Machine </th>
|
|
|
|
|
<th>Route </th>
|
|
|
|
|
<th width="60px">Enabled</th>
|
|
|
|
|
</tr>
|
|
|
|
|
</thead>
|
|
|
|
|
<tbody>
|
|
|
|
|
"""
|
|
|
|
|
)
|
|
|
|
|
for route in all_routes.routes:
|
2023-03-23 19:26:43 +09:00
|
|
|
# Get relevant info:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
machine = route.machine.given_name
|
|
|
|
|
prefix = route.prefix
|
|
|
|
|
is_enabled = route.enabled
|
|
|
|
|
is_primary = route.is_primary
|
2023-03-23 20:20:55 +09:00
|
|
|
is_failover = False
|
2023-04-03 12:11:45 +00:00
|
|
|
is_exit = False
|
|
|
|
|
|
|
|
|
|
enabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route.id}' onclick='toggle_route({route.id}, \"True\", "
|
|
|
|
|
"\"routes\")' class='material-icons green-text text-lighten-2 tooltipped' "
|
|
|
|
|
"data-tooltip='Click to disable'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
disabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route.id}' onclick='toggle_route({route.id}, \"False\", "
|
|
|
|
|
"\"routes\")' class='material-icons red-text text-lighten-2 tooltipped' "
|
|
|
|
|
"data-tooltip='Click to enable' >fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-24 08:16:44 +09:00
|
|
|
|
2023-03-23 20:01:25 +09:00
|
|
|
# Set the displays:
|
2023-04-03 12:11:45 +00:00
|
|
|
enabled_display = disabled
|
2023-03-23 20:20:55 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
if is_enabled:
|
|
|
|
|
enabled_display = enabled
|
2023-03-23 20:20:55 +09:00
|
|
|
# Check if a prefix is an Exit route:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if prefix in ("0.0.0.0/0", "::/0"):
|
2023-04-03 12:11:45 +00:00
|
|
|
is_exit = True
|
2023-03-23 20:20:55 +09:00
|
|
|
# Check if a prefix is part of a failover pair:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route_check in all_routes.routes:
|
|
|
|
|
if (
|
|
|
|
|
not is_exit
|
|
|
|
|
and route.prefix == route_check.prefix
|
|
|
|
|
and route.id != route_check.id
|
|
|
|
|
):
|
|
|
|
|
is_failover = True
|
2023-03-23 20:01:25 +09:00
|
|
|
|
2023-04-02 08:50:36 +09:00
|
|
|
if not is_exit and not is_failover and machine != "":
|
2023-04-03 12:11:45 +00:00
|
|
|
# Build a simple table for all non-exit routes:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
route_content += f"""<tr>
|
|
|
|
|
<td>{route.id}</td>
|
|
|
|
|
<td>{machine}</td>
|
|
|
|
|
<td>{prefix}</td>
|
|
|
|
|
<td><center>{enabled_display}</center></td>
|
|
|
|
|
</tr>"""
|
2023-04-03 12:11:45 +00:00
|
|
|
route_content += "</tbody></table></p>" + markup_post
|
2023-03-23 20:51:03 +09:00
|
|
|
|
2023-03-28 14:01:43 +09:00
|
|
|
##############################################################################################
|
|
|
|
|
# Step 2: Get all failover routes only. Add a separate table per failover prefix
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
|
|
|
|
|
# Get a set of all prefixes for all routes:
|
|
|
|
|
# - that aren't exit routes
|
|
|
|
|
# - the current route matches any prefix of any other route
|
|
|
|
|
# - the route ID's are different
|
|
|
|
|
failover_route_prefix = set(
|
|
|
|
|
route.prefix
|
|
|
|
|
for route_check in all_routes.routes
|
|
|
|
|
for route in all_routes.routes
|
|
|
|
|
if (
|
|
|
|
|
route.prefix not in ("0.0.0.0/0", "::/0")
|
|
|
|
|
and route.prefix == route.prefix
|
|
|
|
|
and route.id != route_check.id
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if len(failover_route_prefix) > 0:
|
2023-03-28 22:16:25 +09:00
|
|
|
# Set up the display code:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
enabled = (
|
|
|
|
|
"<i class='material-icons green-text text-lighten-2'>"
|
|
|
|
|
"fiber_manual_record</i>"
|
|
|
|
|
)
|
2023-04-03 12:11:45 +00:00
|
|
|
disabled = (
|
|
|
|
|
"<i class='material-icons red-text text-lighten-2'>fiber_manual_record</i>"
|
|
|
|
|
)
|
2023-03-28 22:16:25 +09:00
|
|
|
|
2023-04-03 12:11:45 +00:00
|
|
|
failover_content = markup_pre + failover_title
|
2023-03-28 20:02:58 +09:00
|
|
|
# Build the display for failover routes:
|
|
|
|
|
for route_prefix in failover_route_prefix:
|
2023-03-28 22:16:25 +09:00
|
|
|
# Get all route ID's associated with the route_prefix:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
route_id_list = [
|
|
|
|
|
route.id for route in all_routes.routes if route.prefix == route_prefix
|
|
|
|
|
]
|
2023-03-28 22:16:25 +09:00
|
|
|
|
2023-03-28 22:20:19 +09:00
|
|
|
# Set up the display code:
|
2023-04-03 12:11:45 +00:00
|
|
|
failover_enabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route_prefix}' class='material-icons small left green-text "
|
|
|
|
|
"text-lighten-2'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
failover_disabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route_prefix}' class='material-icons small left red-text "
|
|
|
|
|
"text-lighten-2'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-28 22:20:19 +09:00
|
|
|
|
2023-03-29 09:53:24 +09:00
|
|
|
failover_display = failover_disabled
|
2023-03-28 22:16:25 +09:00
|
|
|
for route_id in route_id_list:
|
2023-04-02 08:27:35 +09:00
|
|
|
# Get the routes index:
|
2023-04-02 08:39:43 +09:00
|
|
|
current_route_index = all_routes_id_list.index(route_id)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
if all_routes.routes[current_route_index].enabled:
|
2023-04-03 12:11:45 +00:00
|
|
|
failover_display = failover_enabled
|
2023-03-28 22:16:25 +09:00
|
|
|
|
2023-03-28 20:02:58 +09:00
|
|
|
# Get all route_id's associated with the route prefix:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
failover_content += f"""<p>
|
|
|
|
|
<h5>{failover_display}</h5><h5>{route_prefix}</h5>
|
|
|
|
|
<table>
|
|
|
|
|
<thead>
|
|
|
|
|
<tr>
|
|
|
|
|
<th>Machine</th>
|
|
|
|
|
<th width="60px">Enabled</th>
|
|
|
|
|
<th width="60px">Primary</th>
|
|
|
|
|
</tr>
|
|
|
|
|
</thead>
|
|
|
|
|
<tbody>
|
|
|
|
|
"""
|
2023-03-28 20:02:58 +09:00
|
|
|
|
|
|
|
|
# Build the display:
|
|
|
|
|
for route_id in route_id_list:
|
2023-04-02 08:39:43 +09:00
|
|
|
idx = all_routes_id_list.index(route_id)
|
2023-04-02 08:35:13 +09:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
machine = all_routes.routes[idx].machine.given_name
|
|
|
|
|
machine_id = all_routes.routes[idx].machine.id
|
|
|
|
|
is_primary = all_routes.routes[idx].is_primary
|
|
|
|
|
is_enabled = all_routes.routes[idx].enabled
|
|
|
|
|
|
|
|
|
|
payload = route_id_list.copy()
|
|
|
|
|
|
|
|
|
|
current_app.logger.debug(
|
|
|
|
|
"[%i] Machine: [%i] %s : %r / %r",
|
|
|
|
|
route_id,
|
|
|
|
|
machine_id,
|
|
|
|
|
machine,
|
|
|
|
|
is_enabled,
|
|
|
|
|
is_primary,
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
current_app.logger.debug(str(all_routes.routes[idx]))
|
2023-03-28 20:02:58 +09:00
|
|
|
|
|
|
|
|
# Set up the display code:
|
2023-04-03 12:11:45 +00:00
|
|
|
enabled_display_enabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route_id}' onclick='toggle_failover_route_routespage("
|
|
|
|
|
f'{route_id}, "True", "{route_prefix}", {payload})\' '
|
|
|
|
|
"class='material-icons green-text text-lighten-2 tooltipped' "
|
|
|
|
|
"data-tooltip='Click to disable'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
enabled_display_disabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route_id}' onclick='toggle_failover_route_routespage("
|
|
|
|
|
f'{route_id}, "False", "{route_prefix}", {payload})\' '
|
|
|
|
|
"class='material-icons red-text text-lighten-2 tooltipped' "
|
|
|
|
|
"data-tooltip='Click to enable'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
primary_display_enabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route_id}-primary' class='material-icons "
|
|
|
|
|
"green-text text-lighten-2'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
primary_display_disabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{route_id}-primary' class='material-icons "
|
|
|
|
|
"red-text text-lighten-2'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
|
2023-03-29 12:09:19 +09:00
|
|
|
# Set displays:
|
2023-04-03 12:11:45 +00:00
|
|
|
enabled_display = (
|
|
|
|
|
enabled_display_enabled if is_enabled else enabled_display_disabled
|
|
|
|
|
)
|
|
|
|
|
primary_display = (
|
|
|
|
|
primary_display_enabled if is_primary else primary_display_disabled
|
|
|
|
|
)
|
2023-03-28 20:02:58 +09:00
|
|
|
|
|
|
|
|
# Build a simple table for all non-exit routes:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
failover_content += f"""
|
2023-03-28 20:02:58 +09:00
|
|
|
<tr>
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
<td>{machine}</td>
|
|
|
|
|
<td><center>{enabled_display}</center></td>
|
|
|
|
|
<td><center>{primary_display}</center></td>
|
2023-03-28 20:02:58 +09:00
|
|
|
</tr>
|
|
|
|
|
"""
|
|
|
|
|
failover_content += "</tbody></table></p>"
|
|
|
|
|
failover_content += markup_post
|
2023-03-28 20:07:40 +09:00
|
|
|
|
2023-03-28 14:01:43 +09:00
|
|
|
##############################################################################################
|
2023-03-24 06:36:35 +09:00
|
|
|
# Step 3: Get exit nodes only:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
# Get a set of nodes with exit routes:
|
|
|
|
|
exit_node_list = set(
|
|
|
|
|
route.machine.given_name
|
|
|
|
|
for route in all_routes.routes
|
|
|
|
|
if route.prefix in ("0.0.0.0/0", "::/0")
|
|
|
|
|
)
|
2023-03-24 14:12:21 +09:00
|
|
|
|
|
|
|
|
# Exit node display building:
|
2023-03-24 06:36:35 +09:00
|
|
|
# Display by machine, not by route
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
exit_content = (
|
|
|
|
|
markup_pre
|
|
|
|
|
+ exit_title
|
|
|
|
|
+ """
|
|
|
|
|
<p><table>
|
|
|
|
|
<thead>
|
|
|
|
|
<tr>
|
|
|
|
|
<th>Machine</th>
|
|
|
|
|
<th>Enabled</th>
|
|
|
|
|
</tr>
|
|
|
|
|
</thead>
|
|
|
|
|
<tbody>
|
|
|
|
|
"""
|
|
|
|
|
)
|
2023-04-03 12:11:45 +00:00
|
|
|
# Get exit route ID's for each node in the list:
|
2023-03-24 14:12:21 +09:00
|
|
|
for node in exit_node_list:
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
node_exit_route_ids: list[int] = []
|
2023-03-24 14:12:21 +09:00
|
|
|
exit_enabled = False
|
2023-03-24 14:49:12 +09:00
|
|
|
exit_available = False
|
2023-03-24 14:30:17 +09:00
|
|
|
machine_id = 0
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
for route in all_routes.routes:
|
|
|
|
|
if (
|
|
|
|
|
route.prefix in ("0.0.0.0/0", "::/0")
|
|
|
|
|
and route.machine.given_name == node
|
|
|
|
|
):
|
|
|
|
|
node_exit_route_ids.append(route.id)
|
|
|
|
|
machine_id = route.machine.id
|
|
|
|
|
exit_available = True
|
|
|
|
|
if route.enabled:
|
|
|
|
|
exit_enabled = True
|
2023-03-23 21:03:33 +09:00
|
|
|
|
2023-03-24 14:49:12 +09:00
|
|
|
if exit_available:
|
|
|
|
|
# Set up the display code:
|
2023-04-03 12:11:45 +00:00
|
|
|
enabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{machine_id}-exit' onclick='toggle_exit("
|
|
|
|
|
f"{node_exit_route_ids[0]}, {node_exit_route_ids[1]}, "
|
|
|
|
|
'"{machine_id}-exit", "True", "routes")\' '
|
|
|
|
|
"class='material-icons green-text text-lighten-2 tooltipped' "
|
|
|
|
|
"data-tooltip='Click to disable'>fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
|
|
|
|
disabled = (
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
f"<i id='{machine_id}-exit' onclick='toggle_exit("
|
|
|
|
|
f"{node_exit_route_ids[0]}, {node_exit_route_ids[1]}, "
|
|
|
|
|
'"{machine_id}-exit", "False", "routes")\' '
|
|
|
|
|
"class='material-icons red-text text-lighten-2 tooltipped' "
|
|
|
|
|
"data-tooltip='Click to enable' >fiber_manual_record</i>"
|
2023-04-03 12:11:45 +00:00
|
|
|
)
|
2023-03-24 14:49:12 +09:00
|
|
|
# Set the displays:
|
|
|
|
|
enabled_display = enabled if exit_enabled else disabled
|
2023-03-24 08:29:24 +09:00
|
|
|
|
Complete the major refactor
Major part of #73
Unfortunately, it wasn't possible to split it to multiple smaller
commits, since the changes touched the entire application substantially.
Here is a short list of major changes:
1. Create a separate library (headscale-api), which is used as a
convenient abstraction layer providing Pythonic interface with
Pydantic. Headscale API is fully asynchronous library, benefitting
from improved concurrency for backend requests thus increasing page
load speed, e.g., on "Machines" page.
2. Create a common common, validated with flask-pydantic API passthrough
layer from GUI to the backend.
3. Move authentication to a separate (auth.py), consolidating the
functionality in a single place (with better place for expansion in
the future).
4. Move configuration management to a separate module (config.py). Use
Pydantic's BaseSettings for reading values from environment, with
extensive validation and error reporting.
5. Reduce the number of health checks.
- Now, most are performed during server initialization. If any test
fails, the server is started in tainted mode, with only the error
page exposed (thus reducing the surface of attack in invalid
state).
- Key checks are implicit in the requests to the backend and
guarded by `@headscale.key_check_guard` decorator.
- Key renewal is moved to server-side scheduler.
6. Introduce type hints to the level satisfactory for mypy static
analysis. Also, enable some other linters in CI and add optional
pre-commit hooks.
7. Properly handle some error states. Instead of returning success and
handling different responses, if something fails, there is HTTP error
code and standard response for it.
8. General formatting, small rewrites for clarity and more idiomatic
Python constructs.
Signed-off-by: Marek Pikuła <marek.pikula@embevity.com>
2023-04-21 05:26:11 +00:00
|
|
|
exit_content += f"""
|
|
|
|
|
<tr>
|
|
|
|
|
<td>{node}</td>
|
|
|
|
|
<td width="60px"><center>{enabled_display}</center></td>
|
|
|
|
|
</tr>
|
2023-04-03 12:11:45 +00:00
|
|
|
"""
|
|
|
|
|
exit_content += "</tbody></table></p>" + markup_post
|
2023-03-23 21:03:33 +09:00
|
|
|
|
|
|
|
|
content = route_content + failover_content + exit_content
|
2023-04-03 12:11:45 +00:00
|
|
|
return Markup(content)
|