diff --git a/flake.lock b/flake.lock index e59a420..3a68e9b 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1726560853, - "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -23,11 +23,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1721727458, - "narHash": "sha256-r/xppY958gmZ4oTfLiHN0ZGuQ+RSTijDblVgVLFi1mw=", + "lastModified": 1736429655, + "narHash": "sha256-BwMekRuVlSB9C0QgwKMICiJ5EVbLGjfe4qyueyNQyGI=", "owner": "nix-community", "repo": "naersk", - "rev": "3fb418eaf352498f6b6c30592e3beb63df42ef11", + "rev": "0621e47bd95542b8e1ce2ee2d65d6a1f887a13ce", "type": "github" }, "original": { @@ -39,8 +39,8 @@ "nixpkgs": { "locked": { "lastModified": 0, - "narHash": "sha256-o8VBeCWHBxGd4kVMceIayf5GApqTavJbTa44Xcg5Rrk=", - "path": "/nix/store/p2hby44a0qzrnd1vxcpcgfav6160rmcv-source", + "narHash": "sha256-Pj39hSoUA86ZePPF/UXiYHHM7hMIkios8TYG29kQT4g=", + "path": "/nix/store/rhn4fkh7hqjlqs9j6naaq623qpl62yz0-source", "type": "path" }, "original": { @@ -50,11 +50,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1727335715, - "narHash": "sha256-1uw3y94dA4l22LkqHRIsb7qr3rV5XdxQFqctINfx8Cc=", + "lastModified": 1736910646, + "narHash": "sha256-Jzq/EKtSxOCA9hFuovQGlzOuRA8p9cB4mMYWUeCW4FA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "28b5b8af91ffd2623e995e20aee56510db49001a", + "rev": "0bd024d34eb07cef235f94258423f40a41182088", "type": "github" }, "original": { @@ -66,11 +66,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1718428119, - "narHash": "sha256-WdWDpNaq6u1IPtxtYHHWpl5BmabtpmLnMAx0RdJ/vo8=", + "lastModified": 1736320768, + "narHash": "sha256-nIYdTAiKIGnFNugbomgBJR+Xv5F1ZQU+HfaBqJKroC0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e6cea36f83499eb4e9cd184c8a8e823296b50ad5", + "rev": "4bc9c909d9ac828a039f288cf872d16d38185db8", "type": "github" }, "original": { @@ -93,11 +93,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1727404165, - "narHash": "sha256-kZCiYpQJBZ3kL9QymS88mCxpQwqo8KqvZeHk6LATuY8=", + "lastModified": 1736907983, + "narHash": "sha256-fw55wVwpJW36Md2HZBKuxX3YHGeqsGsspPLtCMVr1Y8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "76f0a61e733259e1034dd6523e039d04932ffefc", + "rev": "eaa365c911441e07e387ff6acc596619fc50b156", "type": "github" }, "original": { diff --git a/src/main.rs b/src/main.rs index f5d66f0..b9b287a 100644 --- a/src/main.rs +++ b/src/main.rs @@ -7,7 +7,6 @@ use std::{ collections::{HashMap, HashSet}, sync::Arc, - time::Duration, }; use axum::{ @@ -26,7 +25,6 @@ use base64::Engine; use color_eyre::eyre::Context; use reqwest::tls::Version; use serde::{Deserialize, Serialize}; -use serde_json::json; use tokio::sync::Mutex; use tracing::{error, info}; @@ -42,7 +40,7 @@ mod oauth2; struct AppState { _http: reqwest::Client, oauth: Arc, - tutors: Arc>>, + allowed: Arc>>, key: Key, } @@ -62,37 +60,7 @@ struct GroupsUsers { id: u64, } -async fn tutors(config: AppState) { - loop { - { - let mut lock = config.tutors.lock().await; - lock.clear(); - let mut page_nb = 0; - loop { - info!("tutor request (page {page_nb})"); - let res = config - .oauth - .do_request::>( - "https://api.intra.42.fr/v2/groups/166/users", - json! ({ - "page[number]": page_nb, - "page[size]": 100, - }), - Option::<&oauth2::Token>::None, - ) - .await - .unwrap(); - let do_next = res.len() == 100; - lock.extend(res.into_iter().map(|s| s.id)); - if !do_next { - break; - } - page_nb += 1; - } - } - tokio::time::sleep(Duration::new(3600 * 24 /*tout les jours*/, 0)).await; - } -} +const ALLOWED_USERS: &[u64] = &[/*maiboyer*/ 159559, /*nfelsemb*/ 95340]; #[tokio::main] async fn main() { @@ -104,7 +72,7 @@ async fn main() { let http = reqwest::ClientBuilder::new() // Following redirects opens the client up to SSRF vulnerabilities. .redirect(reqwest::redirect::Policy::none()) - .user_agent("AlertePoste/1.0") + .user_agent("FftManager/1.0") .tls_info(true) .min_tls_version(Version::TLS_1_0) .max_tls_version(Version::TLS_1_2) @@ -120,7 +88,7 @@ async fn main() { http.clone(), unwrap_env!("CLIENT_ID"), unwrap_env!("CLIENT_SECRET"), - "http://local.maix.me:9911/auth/callback", + "https://fft.maix.me/manager/auth/callback", ) .await .unwrap(); @@ -129,15 +97,15 @@ async fn main() { _http: http, key, oauth: Arc::new(oauth), - tutors: Default::default(), + allowed: Arc::new(Mutex::new(ALLOWED_USERS.iter().copied().collect())), }; - tokio::task::spawn_local(tutors(state.clone())); // build our application with a route let app = Router::new() // `GET /` goes to `root` .route("/", get(root)) .route("/status", get(status)) + .route("/status_container", get(status_container)) .route("/stop", get(stop)) .route("/start", get(start)) .route("/restart", get(restart)) @@ -153,7 +121,7 @@ async fn main() { std::env::args() .nth(1) .and_then(|s| s.parse::().ok()) - .unwrap_or(9911) + .unwrap_or(9912) )) .await .unwrap(); @@ -242,7 +210,7 @@ impl FromRequestParts for UserLoggedIn { return Err(( StatusCode::TEMPORARY_REDIRECT, jar, - Redirect::to("/auth/login"), + Redirect::to("/manager/auth/login"), )); }; @@ -251,18 +219,18 @@ impl FromRequestParts for UserLoggedIn { return Err(( StatusCode::TEMPORARY_REDIRECT, jar, - Redirect::to("/auth/login"), + Redirect::to("/manager/auth/login"), )); }; - if state.tutors.lock().await.contains(&user_id) { + if state.allowed.lock().await.contains(&user_id) { Ok(UserLoggedIn) } else { let jar = jar.remove("token"); Err(( StatusCode::TEMPORARY_REDIRECT, jar, - Redirect::to("/auth/error"), + Redirect::to("/manager/auth/error"), )) } } @@ -272,7 +240,7 @@ async fn auth_error() -> Html<&'static str> { info!("Request auth_error page"); Html( r#" -

Hello TUTORS ONLY :D

+

Hello you aren't allowed here :) :D

"#, ) } @@ -282,11 +250,23 @@ async fn root(_user: UserLoggedIn) -> Html<&'static str> { info!("Request link page"); Html( r#" - restart
- stop
- start
- status
- git pull (ask before!)
+ + + + + + restart
+ stop
+ start
+ status
+ status for whole container
+ git pull (ask before!)
+ + "#, ) } @@ -295,7 +275,7 @@ async fn restart(_user: UserLoggedIn) -> Redirect { info!("Requested to restart the bot"); tokio::spawn(async { tokio::process::Command::new("systemctl") - .args(["--user", "restart", "botloc.service"]) + .args(["restart", "container@fft.service"]) .spawn() .unwrap() }); @@ -306,7 +286,7 @@ async fn start(_user: UserLoggedIn) -> Redirect { info!("Requested to start the bot"); tokio::spawn(async { tokio::process::Command::new("systemctl") - .args(["--user", "start", "botloc.service"]) + .args(["restart", "container@fft.service"]) .spawn() .unwrap() }); @@ -317,7 +297,7 @@ async fn stop(_user: UserLoggedIn) -> Redirect { info!("Requested to stop the bot"); tokio::spawn(async { tokio::process::Command::new("systemctl") - .args(["--user", "stop", "botloc.service"]) + .args(["stop", "container@fft.service"]) .spawn() .unwrap() }); @@ -326,8 +306,8 @@ async fn stop(_user: UserLoggedIn) -> Redirect { async fn status() -> Result { info!("Requested status"); - let mut output = tokio::process::Command::new("journalctl") - .args(["--user", "-xeu", "botloc"]) + let mut output = tokio::process::Command::new("nixos-container") + .args(["run", "fft", "--", "journalctl", "-xeu", "fft-1"]) .output() .await // let mut output = child.wait_with_output().await @@ -338,22 +318,41 @@ async fn status() -> Result { output.stdout.push(b'\n'); output.stdout.append(&mut output.stderr); String::from_utf8(output.stdout).map_err(|e| { - error!("Error with systemctl status output {e}"); + error!("Error with systemctl status output {e}"); + StatusCode::INTERNAL_SERVER_ERROR + }) +} + +async fn status_container() -> Result { + info!("Requested status"); + let mut output = tokio::process::Command::new("nixos-container") + .args(["run", "fft", "--", "journalctl"]) + .output() + .await + // let mut output = child.wait_with_output().await + .map_err(|e| { + error!("Error with systemctl status {e}"); + StatusCode::INTERNAL_SERVER_ERROR + })?; + output.stdout.push(b'\n'); + output.stdout.append(&mut output.stderr); + String::from_utf8(output.stdout).map_err(|e| { + error!("Error with systemctl status output {e}"); StatusCode::INTERNAL_SERVER_ERROR }) } async fn git_pull() -> Result { info!("Requested to pull"); - let mut output = tokio::process::Command::new("/home/maix/.nix-profile/bin/git") - .current_dir(std::env::var("BOTLOC_DIR").map_err(|e| { + let mut output = tokio::process::Command::new("/run/wrappers/bin/sudo") + .current_dir(std::env::var("FFT_DIR").map_err(|e| { error!("Error with git pull command {e}"); ( StatusCode::INTERNAL_SERVER_ERROR, "Please set the BOTLOC_DIR variable", ) })?) - .args(["pull"]) + .args(["-u", "maix", "/home/maix/.nix-profile/bin/git", "pull"]) .output() .await // let mut output = child.wait_with_output().await