From f54d80537122970940408aa0ea1247199f27c6e5 Mon Sep 17 00:00:00 2001 From: Nathan Woodburn Date: Fri, 25 Aug 2023 12:25:23 +1000 Subject: [PATCH 1/3] main: Initial private ip for api --- README.md | 7 ++++++- master/main.py | 41 ++++++++++++++++++++++++++++++----------- 2 files changed, 36 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index cc06834..cefe375 100644 --- a/README.md +++ b/README.md @@ -90,9 +90,14 @@ screen -dmS hnshosting-worker python3 main.py ``` Add worker to master server pool: +The master server will need to be able to access port 5000 on the worker server over the PRIVATE ip. This is not secured by the api key so make sure you don't allow anyone else to access it. ```sh -curl -X POST http://master-server-ip:5000/add-worker?worker=worker-name&ip=worker-server-ip -H "key: api-key" +curl -X POST http://master-server-ip:5000/add-worker?worker=worker-name&ip=worker-server-ip&priv=worker-server-private-ip -H "key: api-key" +``` +Alternatively you can use the discord bot to add the worker to the master server pool. +``` +/addworker ``` ## Discord bot install diff --git a/master/main.py b/master/main.py index 36cd397..dd5037d 100644 --- a/master/main.py +++ b/master/main.py @@ -107,9 +107,10 @@ def new_site(): def add_worker(): worker=request.args.get('worker') worker_IP=request.args.get('ip') + worker_PRIV=request.args.get('priv') # Get API header api_key = request.headers.get('key') - if api_key == None or worker == None or worker_IP == None: + if api_key == None or worker == None or worker_IP == None or worker_PRIV == None: return jsonify({'error': 'Invalid API key or worker info', 'success': 'false'}) if api_key != os.getenv('WORKER_KEY'): return jsonify({'error': 'Invalid API key', 'success': 'false'}) @@ -130,11 +131,11 @@ def add_worker(): # Add worker to file workers_file = open('/data/workers.txt', 'a') - workers_file.write(worker + ":" + worker_IP + '\n') + workers_file.write(worker + ":" + worker_PRIV + ":"+ worker_IP + '\n') workers_file.close() online=True - resp=requests.get("http://"+worker_IP + ":5000/ping",timeout=2) + resp=requests.get("http://"+worker_PRIV + ":5000/ping",timeout=2) if (resp.status_code != 200): online=False @@ -174,14 +175,14 @@ def list_workers(): resp=requests.get("http://"+worker.split(':')[1].strip('\n') + ":5000/status",timeout=2) if (resp.status_code != 200): online=False - worker_list.append({'worker': worker.split(':')[0],'ip': worker.split(':')[1].strip('\n'), 'online': online, 'sites': 0, 'status': 'offline'}) + worker_list.append({'worker': worker.split(':')[0],'ip': worker.split(':')[2].strip('\n'), 'online': online, 'sites': 0, 'status': 'offline'}) continue sites = resp.json()['num_sites'] availability = resp.json()['availability'] if availability == True: - worker_list.append({'worker': worker.split(':')[0],'ip': worker.split(':')[1].strip('\n'), 'online': online, 'sites': sites, 'status': 'ready'}) + worker_list.append({'worker': worker.split(':')[0],'ip': worker.split(':')[2].strip('\n'), 'online': online, 'sites': sites, 'status': 'ready'}) else: - worker_list.append({'worker': worker.split(':')[0],'ip': worker.split(':')[1].strip('\n'), 'online': online, 'sites': sites, 'status': 'full'}) + worker_list.append({'worker': worker.split(':')[0],'ip': worker.split(':')[2].strip('\n'), 'online': online, 'sites': sites, 'status': 'full'}) if len(worker_list) == 0: return jsonify({'error': 'No workers available', 'success': 'false'}) @@ -203,17 +204,18 @@ def site_status(): return jsonify({'error': 'Domain does not exist', 'success': 'false'}) # Get worker ip - ip = workerIP(worker) + ip = workerIP_PRIV(worker) # Get TLSA record resp=requests.get("http://"+ip + ":5000/tlsa?domain=" + domain,timeout=2) json = resp.json() + publicIP = workerIP(worker) if "tlsa" in json: tlsa = json['tlsa'] - return jsonify({'success': 'true', 'domain': domain, 'ip': ip, 'tlsa': tlsa}) + return jsonify({'success': 'true', 'domain': domain, 'ip': publicIP, 'tlsa': tlsa}) else: - return jsonify({'success': 'false', 'domain': domain, 'ip': ip, 'tlsa': 'none','error': 'No TLSA record found'}) + return jsonify({'success': 'false', 'domain': domain, 'ip': publicIP, 'tlsa': 'none','error': 'No TLSA record found'}) @app.route('/tlsa', methods=['GET']) @@ -232,7 +234,7 @@ def tlsa(): return jsonify({'error': 'Domain does not exist', 'success': 'false'}) # Get worker ip - ip = workerIP(worker) + ip = workerIP_PRIV(worker) # Get TLSA record resp=requests.get("http://"+ip + ":5000/tlsa?domain=" + domain,timeout=2) @@ -343,6 +345,24 @@ def site_worker(domain): sites_file.close() return worker +def workerIP_PRIV(worker): + # If file doesn't exist, create it + try: + workers_file = open('/data/workers.txt', 'r') + except FileNotFoundError: + workers_file = open('/data/workers.txt', 'w') + workers_file.close() + workers_file = open('/data/workers.txt', 'r') + + ip = None + for line in workers_file.readlines(): + if worker == line.split(':')[0]: + ip = line.split(':')[2].strip('\n') + break + + workers_file.close() + return ip + def workerIP(worker): # If file doesn't exist, create it try: @@ -360,7 +380,6 @@ def workerIP(worker): workers_file.close() return ip - # Start the server From dbbb60cab87ac4faf82a4d0575cd8f11a8be872c Mon Sep 17 00:00:00 2001 From: Nathan Woodburn Date: Fri, 25 Aug 2023 12:26:26 +1000 Subject: [PATCH 2/3] bot: Add private ip to new worker command --- discord-bot/bot.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/discord-bot/bot.py b/discord-bot/bot.py index a9694b0..b7969a9 100644 --- a/discord-bot/bot.py +++ b/discord-bot/bot.py @@ -21,9 +21,9 @@ client = discord.Client(intents=intents) tree = app_commands.CommandTree(client) @tree.command(name="addworker", description="Adds a worker to the master server") -async def addworker(ctx, ip: str, name: str): +async def addworker(ctx, ip: str,privateip: str, name: str): if ctx.user.id == ADMINID: - r = requests.post(f"http://{Master_IP}:{Master_Port}/add-worker?worker={name}&ip={ip}",headers={"key":os.getenv('WORKER_KEY')}) + r = requests.post(f"http://{Master_IP}:{Master_Port}/add-worker?worker={name}&ip={ip}&priv={privateip}",headers={"key":os.getenv('WORKER_KEY')}) if r.status_code == 200: await ctx.response.send_message(f"Worker {name} added to the master server",ephemeral=True) else: From d7c6e1cf70501ad9ac80be1c28a081f15c9e8dd5 Mon Sep 17 00:00:00 2001 From: Nathan Woodburn Date: Fri, 25 Aug 2023 12:36:23 +1000 Subject: [PATCH 3/3] docs: Cleared up some info --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index cefe375..3245bc4 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ The bot will be used to provide an easier way to manage the master server. After installing the master and discord bot you can use the following commands (as bot owner). ``` -/addworker | add a worker to the master server pool (Make sure the master can access port 5000 on the worker, and don't allow anyone else to access it) +/addworker | add a worker to the master server pool /listworkers | list all workers /licence | Creates a licence key (valid for 1 wp site) ```