agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-24 01:29:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
8024fe2c583e9ca2a2d6a5ef901973f059a85bc6
overleaf-cep/server-ce/test/host-admin.js
Jakob Ackermann e03ca5a3a8 [server-ce] tests: migrate host-admin to ESM, zod and npm-workspaces (#28838) 
* [server-ce] tests: migrate host-admin to ESM, zod and npm-workspaces

* [server-ce] test: use import.meta.dirname

Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>

* [server-ce] test: fix zod schema for docker compose endpoint

---------

Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
GitOrigin-RevId: d490948693f341210c0ab5c2947db7c9a17775ef
2025-10-07 08:07:06 +00:00

450 lines
12 KiB
JavaScript
Raw Blame History

import fs from 'node:fs'
import Path from 'node:path'
import { execFile } from 'node:child_process'
import bodyParser from 'body-parser'
import express from 'express'
import YAML from 'js-yaml'
import { isZodErrorLike } from 'zod-validation-error'
import { ParamsError, validateReq, z } from '@overleaf/validation-tools'
const DATA_DIR = Path.join(
import.meta.dirname,
'data',
// Give each shard their own data dir.
process.env.CYPRESS_SHARD || 'default'
)
const PATHS = {
DOCKER_COMPOSE_FILE: 'docker-compose.yml',
// Give each shard their own override file.
DOCKER_COMPOSE_OVERRIDE: `docker-compose.${process.env.CYPRESS_SHARD || 'override'}.yml`,
DOCKER_COMPOSE_NATIVE: 'docker-compose.native.yml',
DATA_DIR,
SANDBOXED_COMPILES_HOST_DIR: Path.join(DATA_DIR, 'compiles'),
}
const IMAGES = {
CE: process.env.IMAGE_TAG_CE.replace(/:.+/, ''),
PRO: process.env.IMAGE_TAG_PRO.replace(/:.+/, ''),
}
const LATEST = {
CE: process.env.IMAGE_TAG_CE.replace(/.+:/, '') || 'latest',
PRO: process.env.IMAGE_TAG_PRO.replace(/.+:/, '') || 'latest',
GIT_BRIDGE: 'latest', // TODO, build in CI?
}
function defaultDockerComposeOverride() {
return {
services: {
sharelatex: {
environment: {},
},
'git-bridge': {},
},
}
}
let previousConfig = ''
function readDockerComposeOverride() {
try {
return YAML.load(fs.readFileSync(PATHS.DOCKER_COMPOSE_OVERRIDE, 'utf-8'))
} catch (error) {
if (error.code !== 'ENOENT') {
throw error
}
return defaultDockerComposeOverride
}
}
function writeDockerComposeOverride(cfg) {
fs.writeFileSync(PATHS.DOCKER_COMPOSE_OVERRIDE, YAML.dump(cfg))
}
function runDockerCompose(command, args, callback) {
const files = ['-f', PATHS.DOCKER_COMPOSE_FILE]
if (process.env.NATIVE_CYPRESS) {
files.push('-f', PATHS.DOCKER_COMPOSE_NATIVE)
}
if (fs.existsSync(PATHS.DOCKER_COMPOSE_OVERRIDE)) {
files.push('-f', PATHS.DOCKER_COMPOSE_OVERRIDE)
}
execFile('docker', ['compose', ...files, command, ...args], callback)
}
function purgeDataDir() {
fs.rmSync(PATHS.DATA_DIR, { recursive: true, force: true })
}
const app = express()
app.get('/status', (req, res) => {
res.send('host-admin is up')
})
app.use(bodyParser.json())
app.use((req, res, next) => {
// Basic access logs
if (process.env.CI !== 'true') {
console.log(req.method, req.url, req.body)
}
const json = res.json
res.json = body => {
if (process.env.CI !== 'true' || body.error) {
console.log(req.method, req.url, req.body, '->', body)
}
json.call(res, body)
}
next()
})
app.use((req, res, next) => {
// Add CORS headers
const accessControlAllowOrigin =
process.env.ACCESS_CONTROL_ALLOW_ORIGIN || 'http://sharelatex'
res.setHeader('Access-Control-Allow-Origin', accessControlAllowOrigin)
res.setHeader('Access-Control-Allow-Headers', 'Content-Type')
res.setHeader('Access-Control-Max-Age', '3600')
res.setHeader('Access-Control-Allow-Methods', 'DELETE, GET, HEAD, POST, PUT')
next()
})
app.post('/run/script', (req, res) => {
const {
body: { cwd, script, args, user, hasOverleafEnv },
} = validateReq(
req,
z.object({
body: z.object({
cwd: z.string(),
script: z.string(),
args: z.array(z.string()),
user: z.string(),
hasOverleafEnv: z.boolean(),
}),
})
)
const env = hasOverleafEnv
? 'source /etc/overleaf/env.sh || source /etc/sharelatex/env.sh'
: 'true'
runDockerCompose(
'exec',
[
'--workdir',
`/overleaf/${cwd}`,
'sharelatex',
'bash',
'-c',
`source /etc/container_environment.sh && ${env} && /sbin/setuser ${user} node ${script} ${args.map(a => JSON.stringify(a)).join(' ')}`,
],
(error, stdout, stderr) => {
res.json({
error,
stdout,
stderr,
})
}
)
})
app.post('/run/gruntTask', (req, res) => {
const {
body: { task, args },
} = validateReq(
req,
z.object({
body: z.object({
task: z.string(),
args: z.array(z.string()),
}),
})
)
runDockerCompose(
'exec',
[
'--workdir',
'/var/www/sharelatex',
'sharelatex',
'bash',
'-c',
`source /etc/container_environment.sh && /sbin/setuser www-data grunt ${JSON.stringify(task)} ${args.map(a => JSON.stringify(a)).join(' ')}`,
],
(error, stdout, stderr) => {
res.json({
error,
stdout,
stderr,
})
}
)
})
const allowedVars = z.object(
Object.fromEntries(
[
'OVERLEAF_APP_NAME',
'OVERLEAF_LEFT_FOOTER',
'OVERLEAF_RIGHT_FOOTER',
'OVERLEAF_PROXY_LEARN',
'GIT_BRIDGE_ENABLED',
'GIT_BRIDGE_HOST',
'GIT_BRIDGE_PORT',
'V1_HISTORY_URL',
'SANDBOXED_COMPILES',
'ALL_TEX_LIVE_DOCKER_IMAGE_NAMES',
'OVERLEAF_FILESTORE_MIGRATION_LEVEL',
'OVERLEAF_TEMPLATES_USER_ID',
'OVERLEAF_NEW_PROJECT_TEMPLATE_LINKS',
'OVERLEAF_ALLOW_PUBLIC_ACCESS',
'OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING',
'OVERLEAF_DISABLE_LINK_SHARING',
'EXTERNAL_AUTH',
'OVERLEAF_SAML_ENTRYPOINT',
'OVERLEAF_SAML_CALLBACK_URL',
'OVERLEAF_SAML_ISSUER',
'OVERLEAF_SAML_IDENTITY_SERVICE_NAME',
'OVERLEAF_SAML_EMAIL_FIELD',
'OVERLEAF_SAML_FIRST_NAME_FIELD',
'OVERLEAF_SAML_LAST_NAME_FIELD',
'OVERLEAF_SAML_UPDATE_USER_DETAILS_ON_LOGIN',
'OVERLEAF_SAML_CERT',
'OVERLEAF_LDAP_URL',
'OVERLEAF_LDAP_SEARCH_BASE',
'OVERLEAF_LDAP_SEARCH_FILTER',
'OVERLEAF_LDAP_BIND_DN',
'OVERLEAF_LDAP_BIND_CREDENTIALS',
'OVERLEAF_LDAP_EMAIL_ATT',
'OVERLEAF_LDAP_NAME_ATT',
'OVERLEAF_LDAP_LAST_NAME_ATT',
'OVERLEAF_LDAP_UPDATE_USER_DETAILS_ON_LOGIN',
// Old branding, used for upgrade tests
'SHARELATEX_SITE_URL',
'SHARELATEX_MONGO_URL',
'SHARELATEX_REDIS_HOST',
].map(name => [name, z.string().optional()])
)
)
function setVarsDockerCompose({
pro,
vars,
version,
withDataDir,
mongoVersion,
}) {
const cfg = readDockerComposeOverride()
cfg.services.sharelatex.image = `${pro ? IMAGES.PRO : IMAGES.CE}:${version === 'latest' ? (pro ? LATEST.PRO : LATEST.CE) : version}`
cfg.services['git-bridge'].image =
`quay.io/sharelatex/git-bridge:${version === 'latest' ? LATEST.GIT_BRIDGE : version}`
cfg.services.sharelatex.environment = vars
if (cfg.services.sharelatex.environment.GIT_BRIDGE_ENABLED === 'true') {
cfg.services.sharelatex.depends_on = ['git-bridge']
} else {
cfg.services.sharelatex.depends_on = []
}
if (['ldap', 'saml'].includes(vars.EXTERNAL_AUTH)) {
cfg.services.sharelatex.depends_on.push(vars.EXTERNAL_AUTH)
}
const dataDirInContainer =
version === 'latest' || version >= '5.0'
? '/var/lib/overleaf'
: '/var/lib/sharelatex'
cfg.services.sharelatex.volumes = []
if (withDataDir) {
cfg.services.sharelatex.volumes.push(
`${PATHS.DATA_DIR}:${dataDirInContainer}`
)
}
if (cfg.services.sharelatex.environment.SANDBOXED_COMPILES === 'true') {
cfg.services.sharelatex.environment.SANDBOXED_COMPILES_HOST_DIR =
PATHS.SANDBOXED_COMPILES_HOST_DIR
cfg.services.sharelatex.environment.TEX_LIVE_DOCKER_IMAGE =
process.env.TEX_LIVE_DOCKER_IMAGE
cfg.services.sharelatex.environment.ALL_TEX_LIVE_DOCKER_IMAGES =
process.env.ALL_TEX_LIVE_DOCKER_IMAGES
cfg.services.sharelatex.volumes.push(
'/var/run/docker.sock:/var/run/docker.sock'
)
if (!withDataDir) {
cfg.services.sharelatex.volumes.push(
`${PATHS.SANDBOXED_COMPILES_HOST_DIR}:${dataDirInContainer}/data/compiles`
)
}
}
if (mongoVersion) {
cfg.services.mongo = {
image: `mongo:${mongoVersion}`,
}
} else {
delete cfg.services.mongo
}
writeDockerComposeOverride(cfg)
}
app.post('/docker/compose/:cmd', (req, res) => {
const {
params: { cmd },
body: { args },
} = validateReq(
req,
z.object({
params: z.object({
cmd: z.literal(['up', 'stop', 'down', 'ps', 'logs']),
}),
body: z.object({
args: z.array(
z.literal([
'--detach',
'--wait',
'--volumes',
'--timeout=60',
'sharelatex',
'git-bridge',
'mongo',
'redis',
])
),
}),
})
)
runDockerCompose(cmd, args, (error, stdout, stderr) => {
res.json({ error, stdout, stderr })
})
})
function maybeResetData(resetData, callback) {
if (!resetData) return callback()
previousConfig = ''
runDockerCompose(
'down',
['--timeout=0', '--volumes', 'mongo', 'redis', 'sharelatex'],
(error, stdout, stderr) => {
if (error) return callback(error, stdout, stderr)
try {
purgeDataDir()
} catch (error) {
return callback(error)
}
callback()
}
)
}
app.post('/reconfigure', (req, res) => {
const {
body: { pro, version, vars, withDataDir, resetData, mongoVersion },
} = validateReq(
req,
z.object({
body: z.object({
pro: z.boolean(),
version: z.string(),
vars: allowedVars,
withDataDir: z.boolean(),
resetData: z.boolean(),
mongoVersion: z.string(),
}),
})
)
maybeResetData(resetData, (error, stdout, stderr) => {
if (error) return res.json({ error, stdout, stderr })
const previousConfigServer = previousConfig
const newConfig = JSON.stringify(req.body)
if (previousConfig === newConfig) {
return res.json({ previousConfigServer })
}
try {
setVarsDockerCompose({ pro, version, vars, withDataDir, mongoVersion })
} catch (error) {
return res.json({ error })
}
if (error) return res.json({ error, stdout, stderr })
runDockerCompose(
'up',
['--detach', '--wait', 'sharelatex'],
(error, stdout, stderr) => {
previousConfig = newConfig
res.json({ error, stdout, stderr, previousConfigServer })
}
)
})
})
app.post('/mongo/setFeatureCompatibilityVersion', (req, res) => {
const {
body: { mongoVersion },
} = validateReq(
req,
z.object({
body: z.object({
mongoVersion: z.string(),
}),
})
)
const mongosh = mongoVersion > '5' ? 'mongosh' : 'mongo'
const params = {
setFeatureCompatibilityVersion: mongoVersion,
}
if (mongoVersion >= '7.0') {
// MongoServerError: Once you have upgraded to 7.0, you will not be able to downgrade FCV and binary version without support assistance. Please re-run this command with 'confirm: true' to acknowledge this and continue with the FCV upgrade.
// NOTE: 6.0 does not know about this flag. So conditionally add it.
// MongoServerError: BSON field 'setFeatureCompatibilityVersion.confirm' is an unknown field.
params.confirm = true
}
runDockerCompose(
'exec',
['mongo', mongosh, '--eval', `db.adminCommand(${JSON.stringify(params)})`],
(error, stdout, stderr) => {
res.json({ error, stdout, stderr })
}
)
})
app.get('/redis/keys', (req, res) => {
runDockerCompose(
'exec',
['redis', 'redis-cli', 'KEYS', '*'],
(error, stdout, stderr) => {
res.json({ error, stdout, stderr })
}
)
})
app.delete('/data/user_files', (req, res) => {
runDockerCompose(
'exec',
['sharelatex', 'rm', '-vrf', '/var/lib/overleaf/data/user_files'],
(error, stdout, stderr) => {
res.json({ error, stdout, stderr })
}
)
})
app.use((error, req, res, next) => {
if (error instanceof ParamsError) {
res.status(404).json({ error })
} else if (isZodErrorLike(error)) {
res.status(400).json({ error })
}
next(error)
})
purgeDataDir()
writeDockerComposeOverride(defaultDockerComposeOverride())
app.listen(80)
Reference in New Issue View Git Blame Copy Permalink