toArray(); $row['state'] = DockerEnvironment::states($row['state']); $row['client'] = $dockerEnvironment->join('client')->toArray(); $response['rows'][] = $row; } /* Mode export */ if($_['export'] == 'true'){ $stream = Excel::exportArray($response['rows'],null,'Export'); File::downloadStream($stream,'export-demandes-'.date('d-m-Y').'.xlsx'); exit(); } }); //Affichage d'un tab Action::register('docker_environment_tab',function(&$response){ User::check_access('docker','read'); global $myUser,$_; global $conf; User::check_access('docker','read'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); $environment = DockerEnvironment::provide(); $machine = new DockerMachine(); if($environment->id == 0){ $environment->memory = '256'; $environment->cpu = '0.5'; $environment->port = DockerEnvironment::lastPort()+2; }else{ $machine = DockerMachine::getById($environment->machine); } $_['tab'] = str_replace('.', '', $_['tab']); $tab = __DIR__.SLASH.'tab.environment.'.$_['tab'].'.php'; if(!file_exists($tab)) throw new Exception("$tab n'existe pas"); require_once($tab); exit(); }); //Ajout ou modification d'élément DockerEnvironment Action::register('docker_environment_save',function(&$response){ global $myUser,$_; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); $item = DockerEnvironment::provide(); //if(empty($_['domain'])) throw new Exception("Domaine obligatoire"); if(empty($_['machine'])) throw new Exception("Machine obligatoire"); //if(empty($_['memory'])) throw new Exception("Mémoire obligatoire"); //if(!is_numeric($_['memory'])) throw new Exception("La mémoire doit être numérique"); $item->client = $_['client']; if($item->id==0) $item->state = DockerEnvironment::ACTIVE; $item->machine = $_['machine']; if(!empty($_['memory'])) $item->memory = $_['memory']; if(!empty($_['ssl'])){ $item->ssl = $_['ssl']; $item->certificate = $_['certificate']; } $item->comment = $_['comment']; //déduction automatique du port interne, on laisse un interval de deux (port web + port phpmyadmin) if($item->id==0){ $item->port = DockerEnvironment::lastPort()+2; //génération des mots de passes mysql $item->mysqlPassword = sha1('mysql'.mt_rand(0,10000).'hash'); $item->mysqlRootPassword = sha1('root'.time().$item->mysqlPassword.'hash'); if(strlen($item->mysqlPassword)>10) $item->mysqlPassword = substr($item->mysqlPassword, 0,9); if(strlen($item->mysqlRootPassword)>10) $item->mysqlRootPassword = substr($item->mysqlRootPassword, 0,9); }else{ if(!empty($_['port'])) $item->port = $_['port']; if(!empty($_['mysqlRootPassword'])) $item->mysqlRootPassword = $_['mysqlRootPassword']; if(!empty($_['mysqlPassword'])) $item->mysqlPassword = $_['mysqlPassword']; } $item->mysqlRootPassword = encrypt($item->mysqlRootPassword); $item->mysqlPassword = encrypt($item->mysqlPassword); if(!empty($_['domain'])){ $item->domain = $_['domain']; //suppression du http ou https si existant $item->domain = trim(mb_strtolower(preg_replace('/http[s]?:\/\//iU', '', $item->domain))); ///suppression du www. si existant $item->domain = preg_replace('/www\./iU', '', $item->domain); } $item->save(); $response = $item->toArray(); }); //Suppression d'élement DockerEnvironment Action::register('docker_environment_delete',function(&$response){ global $_; User::check_access('docker','delete'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); if(empty($_['id']) || !is_numeric($_['id'])) throw new Exception("Identifiant incorrect"); DockerEnvironment::deleteById($_['id']); }); //Recherche des certificats installés sur l'utm Action::register('docker_environment_certificate_search',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','read'); require_once(__DIR__.SLASH.'SophosUtm.class.php'); $utm = new SophosUtm(); $utm->host = $conf->get('docker_sophos_host'); $utm->port = $conf->get('docker_sophos_port'); $utm->login = $conf->get('docker_sophos_login'); $utm->password = $conf->get('docker_sophos_password'); foreach ($utm->getCertificates() as $line) { $response['rows'][] = array( 'ref' => $line['_ref'], 'label' => $line['name'] ); }; }); //Ajout ou modification d'élément DockerEnvironment Action::register('docker_environment_docker_create',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'SshClient.class.php'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide(); if(!$environment) throw new Exception("Environnement introuvable"); if(empty($environment->domain)) throw new Exception("Veuillez spécifier un nom de domaine dans l'onglet domaine et enregistrer avant de génerer un environnement"); $ssh = new SshClient(); $logs = array(); $machine = DockerMachine::getById($environment->machine); $logs[]= $ssh->connect( $machine->ip, $machine->port, File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub', File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa', !empty($machine->password)? decrypt($machine->password) : '' ); $logs[]= $environment->createContainer($ssh); $logs[]= $environment->execute($ssh); $ssh->disconnect(); $response['logs'] = implode('
',$logs); }); //Suppression de l'environnement docker Action::register('docker_environment_docker_remove',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'SshClient.class.php'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide(); if(!$environment) throw new Exception("Environnement introuvable"); $ssh = new SshClient(); $logs = array(); $machine = DockerMachine::getById($environment->machine); $logs[]= $ssh->connect( $machine->ip, $machine->port, File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub', File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa', !empty($machine->password)? decrypt($machine->password) : '' ); $logs[]= $environment->removeContainer($ssh); $ssh->disconnect(); $response['logs'] = implode('
',$logs); }); //Ajout ou modification d'élément DockerEnvironment Action::register('docker_environment_pma_create',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'SshClient.class.php'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide(); if(!$environment) throw new Exception("Environnement introuvable"); $ssh = new SshClient(); $logs = array(); $machine = DockerMachine::getById($environment->machine); $logs[]= $ssh->connect( $machine->ip, $machine->port, File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub', File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa', !empty($machine->password)? decrypt($machine->password) : '' ); $logs[]= $environment->createPma($ssh); $ssh->disconnect(); $response['logs'] = implode('
',$logs); }); //Ajout ou modification d'élément DockerEnvironment Action::register('docker_environment_pma_remove',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'SshClient.class.php'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide(); if(!$environment) throw new Exception("Environnement introuvable"); $ssh = new SshClient(); $logs = array(); $machine = DockerMachine::getById($environment->machine); $logs[]= $ssh->connect( $machine->ip, $machine->port, File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub', File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa', !empty($machine->password)? decrypt($machine->password) : '' ); $logs[]= $environment->removePma($ssh); $ssh->disconnect(); $response['logs'] = implode('
',$logs); }); //Ajout ou modification d'élément DockerEnvironment Action::register('docker_environment_utm_create',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'SophosUtm.class.php'); Plugin::need('client/Client'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide('id',1); if(!$environment) throw new Exception("Environnement introuvable"); $machine = $environment->join('machine'); $utm = new SophosUtm(); $utm->host = $conf->get('docker_sophos_host'); $utm->port = $conf->get('docker_sophos_port'); $utm->login = $conf->get('docker_sophos_login'); $utm->password = $conf->get('docker_sophos_password'); $hostReference = $machine->sophosReference; // ex : REF_RevFroDockeWordpMulti if(empty($hostReference)) throw new Exception("Référence du vhost ciblé non renseignée, merci de templir dans réglages ce parametre", 1); $domains = array($environment->domain,'www.'.$environment->domain); $response = $utm->createVHost($environment->domain.' ('.($environment->ssl?'443':'80').') ',$domains,$environment->ssl?443:80,$hostReference, $environment->certificate); $logs = array('
'.json_encode($response,JSON_PRETTY_PRINT).'
' ); $history = new History(); $history->scope = 'docker'; $history->uid = $environment->id; $history->comment = 'Création du host utm : '.$environment->domain; $history->type = 'utm-save'; $history->save(); $response['logs'] = implode('
',$logs); }); Action::register('docker_ovh_consumerKey_generate',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'Ovh.class.php'); $ovh = new Ovh(); $ovh->host = $conf->get('docker_ovh_host'); $ovh->applicationKey = $conf->get('docker_ovh_application_key'); $ovh->applicationSecret = $conf->get('docker_ovh_application_secret'); $consumerKey= $ovh->consumerKey(); //pour genrer cette clé, executer la méthode $ovh->consumerKey() puis aller manuellement sur l'url retournée et valider en mode illimité $conf->put('docker_ovh_consumer_key',$consumerKey['consumerKey']); header('location: '.$consumerKey['validationUrl']); }); Action::register('docker_environment_domain_create',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'Ovh.class.php'); Plugin::need('client/Client'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide('id',1); if(!$environment) throw new Exception("Environnement introuvable"); $machine = $environment->join('machine'); $ovh = new Ovh(); $ovh->host = $conf->get('docker_ovh_host'); //generée grace à https://eu.api.ovh.com/createApp/ $ovh->applicationKey = $conf->get('docker_ovh_application_key'); $ovh->applicationSecret = $conf->get('docker_ovh_application_secret'); //pour genrer cette clé, executer la méthode $ovh->consumerKey() puis aller manuellement sur l'url retournée et valider en mode illimité $ovh->consumerKey= $conf->get('docker_ovh_consumer_key'); $subdomain = ''; $domain = $environment->domain; $infos = explode('.',$domain); if(count($infos)>2){ $subdomain = array_shift($infos); $domain = implode('.',$infos); } $existingDomains = $ovh->getDomain($domain); if(isset($existingDomains['message'])) throw new Exception("Erreur de creation : ".$existingDomains['message']); //ex pour test.kiss.biz CNAME vers docker-wordpress.kiss.fr => 'kiss.byz','test','docker-wordpress.kiss.fr' $response = $ovh->setDomain($domain,$subdomain,$machine->domain); //$response = $ovh->domain(); $logs = array('
'.json_encode($response,JSON_PRETTY_PRINT).'
' ); $history = new History(); $history->scope = 'docker'; $history->uid = $environment->id; $history->comment = 'Création du host ovh : '.$environment->domain; $history->type = 'ovh-save'; $history->save(); $response['logs'] = implode('
',$logs); }); Action::register('docker_environment_git_create',function(&$response){ global $myUser,$_,$conf; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerEnvironment.class.php'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); require_once(__DIR__.SLASH.'GitLab.class.php'); Plugin::need('client/Client'); if(empty($_['id'])) throw new Exception("Environnement obligatoire"); $environment = DockerEnvironment::provide(); if(!$environment) throw new Exception("Environnement introuvable"); if(empty($environment->client)) throw new Exception("Vous devez spécifier un client pour créer un dépot"); $client = Client::getById($environment->client); if(!$client) throw new Exception("Client introuvable"); $git = new Gitlab(); $git->host = $conf->get('docker_git_host'); $git->token = $conf->get('docker_git_token'); $groupName = mb_strtolower($client->getSlug()); $groups = $git->groups(); $clientGroup = null; foreach ($groups as $group) { if($group['path'] == $groupName){ $clientGroup = $group; break; } } if(!isset($clientGroup)){ $clientGroup = $git->groupe_save($client->label,$groupName); } $projects = $git->projects(); foreach ($projects as $project) { if($project['name'] == $environment->domain && $project['namespace']['id'] == $clientGroup['id']) throw new Exception("Ce dépot existe déja"); } $project = $git->project_save($clientGroup['id'],$environment->domain,$environment->domain); $environment->git = $project['ssh_url_to_repo']; $environment->save(); $logs = array('
'.json_encode($response,JSON_PRETTY_PRINT).'
' ); $history = new History(); $history->scope = 'docker'; $history->uid = $environment->id; $history->comment = 'Création du dépot git : '.$environment->domain; $history->type = 'git-save'; $history->save(); $response['logs'] = implode('
',$logs); }); /** machine / MACHINE **/ //Récuperation d'une liste de machine Action::register('docker_machine_search',function(&$response){ global $_; User::check_access('docker','read'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); // OPTIONS DE RECHERCHE, A ACTIVER POUR UNE RECHERCHE AVANCEE $query = 'SELECT * FROM '.DockerMachine::tableName().' WHERE 1'; $data = array(); //Recherche simple if(!empty($_['filters']['keyword'])){ $query .= ' AND label LIKE ?'; $data[] = '%'.$_['filters']['keyword'].'%'; } //Recherche avancée if(isset($_['filters']['advanced'])) filter_secure_query($_['filters']['advanced'],array('label','ip','port','private_key','public_key','domain','sophosReference','description'),$query,$data); //Tri des colonnes if(isset($_['sort'])) sort_secure_query($_['sort'],array('label','ip','port','private_key','public_key','domain','sophosReference','description'),$query,$data); //Pagination $response['pagination'] = DockerMachine::paginate(20,(!empty($_['page'])?$_['page']:0),$query,$data); $machines = DockerMachine::staticQuery($query,$data,true,0); foreach($machines as $machine){ $row = $machine->toArray(); $publicKey = File::dir().'docker'.SLASH.'machine'.SLASH.$row['id'].SLASH.'id_rsa.pub'; $row['public_key'] = file_exists($publicKey)? file_get_contents($publicKey):''; $row['description'] = html_entity_decode($row['description']); $response['rows'][] = $row; } /* Mode export */ if($_['export'] == 'true'){ $stream = Excel::exportArray($response['rows'],null,'Export'); File::downloadStream($stream,'export-demandes-'.date('d-m-Y').'.xlsx'); exit(); } }); //Ajout ou modification d'élément machine Action::register('docker_machine_save',function(&$response){ global $_; User::check_access('docker','edit'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); $item = DockerMachine::provide(); $item->label = $_['label']; $item->ip = $_['ip']; $item->port = $_['port']; $item->domain = $_['domain']; $item->sophosReference = $_['sophosReference']; $item->description = $_['description']; $item->save(); //Ajout upload Clé privée if(!empty($_['private_key'])) File::save_component('private_key', 'docker/machine/'.$item->id.'/id_rsa'); //Ajout upload Clé publique if(!empty($_['public_key'])) File::save_component('public_key', 'docker/machine/'.$item->id.'/id_rsa.pub'); $response = $item->toArray(); }); //Suppression d'élement machine Action::register('docker_machine_delete',function(&$response){ global $_; User::check_access('docker','delete'); require_once(__DIR__.SLASH.'DockerMachine.class.php'); if(empty($_['id']) || !is_numeric($_['id'])) throw new Exception("Identifiant incorrect"); DockerMachine::deleteById($_['id']); }); //machine : Gestion upload Clé privée Action::register('docker_machine_private_key',function(&$response){ File::handle_component(array( 'namespace' => 'docker', //stockés dans file/docker/*.* 'access' => 'docker', // crud sur docker, 'size' => '1000000000', // taille max 'extension' => 'ppk,id_rsa', // extension 'storage' => 'docker/machine/{{data.id}}/id_rsa' //chemin complet vers le fichier stocké ),$response); }); //machine : Gestion upload Clé publique Action::register('docker_machine_public_key',function(&$response){ File::handle_component(array( 'namespace' => 'docker', //stockés dans file/docker/*.* 'access' => 'docker', // crud sur docker, 'size' => '1000000000', // taille max 'extension' => 'pub,id_rsa', // extension 'storage' => 'docker/machine/{{data.id}}/id_rsa.pub' //chemin complet vers le fichier stocké ),$response); }); //Sauvegarde des configurations de Docker Action::register('docker_setting_save',function(&$response){ global $_,$conf; User::check_access('docker','configure'); //Si input file "multiple", possibilité de normaliser le //tableau $_FILES récupéré avec la fonction => normalize_php_files(); foreach(Configuration::setting('docker') as $key=>$value){ if(!is_array($value)) continue; $allowed[] = $key; } foreach ($_['fields'] as $key => $value) { if(in_array($key, $allowed)) $conf->put($key,$value); } }); ?>