toArray();
$row['state'] = DockerEnvironment::states($row['state']);
$row['client'] = $dockerEnvironment->join('client')->toArray();
$response['rows'][] = $row;
}
/* Mode export */
if($_['export'] == 'true'){
$stream = Excel::exportArray($response['rows'],null,'Export');
File::downloadStream($stream,'export-demandes-'.date('d-m-Y').'.xlsx');
exit();
}
});
//Affichage d'un tab
Action::register('docker_environment_tab',function(&$response){
User::check_access('docker','read');
global $myUser,$_;
global $conf;
User::check_access('docker','read');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
$environment = DockerEnvironment::provide();
$machine = new DockerMachine();
if($environment->id == 0){
$environment->memory = '256';
$environment->cpu = '0.5';
$environment->port = DockerEnvironment::lastPort()+2;
}else{
$machine = DockerMachine::getById($environment->machine);
}
$_['tab'] = str_replace('.', '', $_['tab']);
$tab = __DIR__.SLASH.'tab.environment.'.$_['tab'].'.php';
if(!file_exists($tab)) throw new Exception("$tab n'existe pas");
require_once($tab);
exit();
});
//Ajout ou modification d'élément DockerEnvironment
Action::register('docker_environment_save',function(&$response){
global $myUser,$_;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
$item = DockerEnvironment::provide();
//if(empty($_['domain'])) throw new Exception("Domaine obligatoire");
if(empty($_['machine'])) throw new Exception("Machine obligatoire");
//if(empty($_['memory'])) throw new Exception("Mémoire obligatoire");
//if(!is_numeric($_['memory'])) throw new Exception("La mémoire doit être numérique");
$item->client = $_['client'];
if($item->id==0) $item->state = DockerEnvironment::ACTIVE;
$item->machine = $_['machine'];
if(!empty($_['memory'])) $item->memory = $_['memory'];
if(!empty($_['ssl'])){
$item->ssl = $_['ssl'];
$item->certificate = $_['certificate'];
}
$item->comment = $_['comment'];
//déduction automatique du port interne, on laisse un interval de deux (port web + port phpmyadmin)
if($item->id==0){
$item->port = DockerEnvironment::lastPort()+2;
//génération des mots de passes mysql
$item->mysqlPassword = sha1('mysql'.mt_rand(0,10000).'hash');
$item->mysqlRootPassword = sha1('root'.time().$item->mysqlPassword.'hash');
if(strlen($item->mysqlPassword)>10) $item->mysqlPassword = substr($item->mysqlPassword, 0,9);
if(strlen($item->mysqlRootPassword)>10) $item->mysqlRootPassword = substr($item->mysqlRootPassword, 0,9);
}else{
if(!empty($_['port'])) $item->port = $_['port'];
if(!empty($_['mysqlRootPassword'])) $item->mysqlRootPassword = $_['mysqlRootPassword'];
if(!empty($_['mysqlPassword'])) $item->mysqlPassword = $_['mysqlPassword'];
}
$item->mysqlRootPassword = encrypt($item->mysqlRootPassword);
$item->mysqlPassword = encrypt($item->mysqlPassword);
if(!empty($_['domain'])){
$item->domain = $_['domain'];
//suppression du http ou https si existant
$item->domain = trim(mb_strtolower(preg_replace('/http[s]?:\/\//iU', '', $item->domain)));
///suppression du www. si existant
$item->domain = preg_replace('/www\./iU', '', $item->domain);
}
$item->save();
$response = $item->toArray();
});
//Suppression d'élement DockerEnvironment
Action::register('docker_environment_delete',function(&$response){
global $_;
User::check_access('docker','delete');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
if(empty($_['id']) || !is_numeric($_['id'])) throw new Exception("Identifiant incorrect");
DockerEnvironment::deleteById($_['id']);
});
//Recherche des certificats installés sur l'utm
Action::register('docker_environment_certificate_search',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','read');
require_once(__DIR__.SLASH.'SophosUtm.class.php');
$utm = new SophosUtm();
$utm->host = $conf->get('docker_sophos_host');
$utm->port = $conf->get('docker_sophos_port');
$utm->login = $conf->get('docker_sophos_login');
$utm->password = $conf->get('docker_sophos_password');
foreach ($utm->getCertificates() as $line) {
$response['rows'][] = array(
'ref' => $line['_ref'],
'label' => $line['name']
);
};
});
//Ajout ou modification d'élément DockerEnvironment
Action::register('docker_environment_docker_create',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'SshClient.class.php');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide();
if(!$environment) throw new Exception("Environnement introuvable");
if(empty($environment->domain)) throw new Exception("Veuillez spécifier un nom de domaine dans l'onglet domaine et enregistrer avant de génerer un environnement");
$ssh = new SshClient();
$logs = array();
$machine = DockerMachine::getById($environment->machine);
$logs[]= $ssh->connect(
$machine->ip,
$machine->port,
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub',
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa',
!empty($machine->password)? decrypt($machine->password) : ''
);
$logs[]= $environment->createContainer($ssh);
$logs[]= $environment->execute($ssh);
$ssh->disconnect();
$response['logs'] = implode('
',$logs);
});
//Suppression de l'environnement docker
Action::register('docker_environment_docker_remove',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'SshClient.class.php');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide();
if(!$environment) throw new Exception("Environnement introuvable");
$ssh = new SshClient();
$logs = array();
$machine = DockerMachine::getById($environment->machine);
$logs[]= $ssh->connect(
$machine->ip,
$machine->port,
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub',
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa',
!empty($machine->password)? decrypt($machine->password) : ''
);
$logs[]= $environment->removeContainer($ssh);
$ssh->disconnect();
$response['logs'] = implode('
',$logs);
});
//Ajout ou modification d'élément DockerEnvironment
Action::register('docker_environment_pma_create',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'SshClient.class.php');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide();
if(!$environment) throw new Exception("Environnement introuvable");
$ssh = new SshClient();
$logs = array();
$machine = DockerMachine::getById($environment->machine);
$logs[]= $ssh->connect(
$machine->ip,
$machine->port,
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub',
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa',
!empty($machine->password)? decrypt($machine->password) : ''
);
$logs[]= $environment->createPma($ssh);
$ssh->disconnect();
$response['logs'] = implode('
',$logs);
});
//Ajout ou modification d'élément DockerEnvironment
Action::register('docker_environment_pma_remove',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'SshClient.class.php');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide();
if(!$environment) throw new Exception("Environnement introuvable");
$ssh = new SshClient();
$logs = array();
$machine = DockerMachine::getById($environment->machine);
$logs[]= $ssh->connect(
$machine->ip,
$machine->port,
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa.pub',
File::dir().'docker'.SLASH.'machine'.SLASH.$machine->id.SLASH.'id_rsa',
!empty($machine->password)? decrypt($machine->password) : ''
);
$logs[]= $environment->removePma($ssh);
$ssh->disconnect();
$response['logs'] = implode('
',$logs);
});
//Ajout ou modification d'élément DockerEnvironment
Action::register('docker_environment_utm_create',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'SophosUtm.class.php');
Plugin::need('client/Client');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide('id',1);
if(!$environment) throw new Exception("Environnement introuvable");
$machine = $environment->join('machine');
$utm = new SophosUtm();
$utm->host = $conf->get('docker_sophos_host');
$utm->port = $conf->get('docker_sophos_port');
$utm->login = $conf->get('docker_sophos_login');
$utm->password = $conf->get('docker_sophos_password');
$hostReference = $machine->sophosReference; // ex : REF_RevFroDockeWordpMulti
if(empty($hostReference)) throw new Exception("Référence du vhost ciblé non renseignée, merci de templir dans réglages ce parametre", 1);
$domains = array($environment->domain,'www.'.$environment->domain);
$response = $utm->createVHost($environment->domain.' ('.($environment->ssl?'443':'80').') ',$domains,$environment->ssl?443:80,$hostReference, $environment->certificate);
$logs = array(''.json_encode($response,JSON_PRETTY_PRINT).'
' );
$history = new History();
$history->scope = 'docker';
$history->uid = $environment->id;
$history->comment = 'Création du host utm : '.$environment->domain;
$history->type = 'utm-save';
$history->save();
$response['logs'] = implode('
',$logs);
});
Action::register('docker_ovh_consumerKey_generate',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'Ovh.class.php');
$ovh = new Ovh();
$ovh->host = $conf->get('docker_ovh_host');
$ovh->applicationKey = $conf->get('docker_ovh_application_key');
$ovh->applicationSecret = $conf->get('docker_ovh_application_secret');
$consumerKey= $ovh->consumerKey();
//pour genrer cette clé, executer la méthode $ovh->consumerKey() puis aller manuellement sur l'url retournée et valider en mode illimité
$conf->put('docker_ovh_consumer_key',$consumerKey['consumerKey']);
header('location: '.$consumerKey['validationUrl']);
});
Action::register('docker_environment_domain_create',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'Ovh.class.php');
Plugin::need('client/Client');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide('id',1);
if(!$environment) throw new Exception("Environnement introuvable");
$machine = $environment->join('machine');
$ovh = new Ovh();
$ovh->host = $conf->get('docker_ovh_host');
//generée grace à https://eu.api.ovh.com/createApp/
$ovh->applicationKey = $conf->get('docker_ovh_application_key');
$ovh->applicationSecret = $conf->get('docker_ovh_application_secret');
//pour genrer cette clé, executer la méthode $ovh->consumerKey() puis aller manuellement sur l'url retournée et valider en mode illimité
$ovh->consumerKey= $conf->get('docker_ovh_consumer_key');
$subdomain = '';
$domain = $environment->domain;
$infos = explode('.',$domain);
if(count($infos)>2){
$subdomain = array_shift($infos);
$domain = implode('.',$infos);
}
$existingDomains = $ovh->getDomain($domain);
if(isset($existingDomains['message'])) throw new Exception("Erreur de creation : ".$existingDomains['message']);
//ex pour test.kiss.biz CNAME vers docker-wordpress.kiss.fr => 'kiss.byz','test','docker-wordpress.kiss.fr'
$response = $ovh->setDomain($domain,$subdomain,$machine->domain);
//$response = $ovh->domain();
$logs = array(''.json_encode($response,JSON_PRETTY_PRINT).'
' );
$history = new History();
$history->scope = 'docker';
$history->uid = $environment->id;
$history->comment = 'Création du host ovh : '.$environment->domain;
$history->type = 'ovh-save';
$history->save();
$response['logs'] = implode('
',$logs);
});
Action::register('docker_environment_git_create',function(&$response){
global $myUser,$_,$conf;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerEnvironment.class.php');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
require_once(__DIR__.SLASH.'GitLab.class.php');
Plugin::need('client/Client');
if(empty($_['id'])) throw new Exception("Environnement obligatoire");
$environment = DockerEnvironment::provide();
if(!$environment) throw new Exception("Environnement introuvable");
if(empty($environment->client)) throw new Exception("Vous devez spécifier un client pour créer un dépot");
$client = Client::getById($environment->client);
if(!$client) throw new Exception("Client introuvable");
$git = new Gitlab();
$git->host = $conf->get('docker_git_host');
$git->token = $conf->get('docker_git_token');
$groupName = mb_strtolower($client->getSlug());
$groups = $git->groups();
$clientGroup = null;
foreach ($groups as $group) {
if($group['path'] == $groupName){
$clientGroup = $group;
break;
}
}
if(!isset($clientGroup)){
$clientGroup = $git->groupe_save($client->label,$groupName);
}
$projects = $git->projects();
foreach ($projects as $project) {
if($project['name'] == $environment->domain && $project['namespace']['id'] == $clientGroup['id']) throw new Exception("Ce dépot existe déja");
}
$project = $git->project_save($clientGroup['id'],$environment->domain,$environment->domain);
$environment->git = $project['ssh_url_to_repo'];
$environment->save();
$logs = array(''.json_encode($response,JSON_PRETTY_PRINT).'
' );
$history = new History();
$history->scope = 'docker';
$history->uid = $environment->id;
$history->comment = 'Création du dépot git : '.$environment->domain;
$history->type = 'git-save';
$history->save();
$response['logs'] = implode('
',$logs);
});
/** machine / MACHINE **/
//Récuperation d'une liste de machine
Action::register('docker_machine_search',function(&$response){
global $_;
User::check_access('docker','read');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
// OPTIONS DE RECHERCHE, A ACTIVER POUR UNE RECHERCHE AVANCEE
$query = 'SELECT * FROM '.DockerMachine::tableName().' WHERE 1';
$data = array();
//Recherche simple
if(!empty($_['filters']['keyword'])){
$query .= ' AND label LIKE ?';
$data[] = '%'.$_['filters']['keyword'].'%';
}
//Recherche avancée
if(isset($_['filters']['advanced'])) filter_secure_query($_['filters']['advanced'],array('label','ip','port','private_key','public_key','domain','sophosReference','description'),$query,$data);
//Tri des colonnes
if(isset($_['sort'])) sort_secure_query($_['sort'],array('label','ip','port','private_key','public_key','domain','sophosReference','description'),$query,$data);
//Pagination
$response['pagination'] = DockerMachine::paginate(20,(!empty($_['page'])?$_['page']:0),$query,$data);
$machines = DockerMachine::staticQuery($query,$data,true,0);
foreach($machines as $machine){
$row = $machine->toArray();
$publicKey = File::dir().'docker'.SLASH.'machine'.SLASH.$row['id'].SLASH.'id_rsa.pub';
$row['public_key'] = file_exists($publicKey)? file_get_contents($publicKey):'';
$row['description'] = html_entity_decode($row['description']);
$response['rows'][] = $row;
}
/* Mode export */
if($_['export'] == 'true'){
$stream = Excel::exportArray($response['rows'],null,'Export');
File::downloadStream($stream,'export-demandes-'.date('d-m-Y').'.xlsx');
exit();
}
});
//Ajout ou modification d'élément machine
Action::register('docker_machine_save',function(&$response){
global $_;
User::check_access('docker','edit');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
$item = DockerMachine::provide();
$item->label = $_['label'];
$item->ip = $_['ip'];
$item->port = $_['port'];
$item->domain = $_['domain'];
$item->sophosReference = $_['sophosReference'];
$item->description = $_['description'];
$item->save();
//Ajout upload Clé privée
if(!empty($_['private_key']))
File::save_component('private_key', 'docker/machine/'.$item->id.'/id_rsa');
//Ajout upload Clé publique
if(!empty($_['public_key']))
File::save_component('public_key', 'docker/machine/'.$item->id.'/id_rsa.pub');
$response = $item->toArray();
});
//Suppression d'élement machine
Action::register('docker_machine_delete',function(&$response){
global $_;
User::check_access('docker','delete');
require_once(__DIR__.SLASH.'DockerMachine.class.php');
if(empty($_['id']) || !is_numeric($_['id'])) throw new Exception("Identifiant incorrect");
DockerMachine::deleteById($_['id']);
});
//machine : Gestion upload Clé privée
Action::register('docker_machine_private_key',function(&$response){
File::handle_component(array(
'namespace' => 'docker', //stockés dans file/docker/*.*
'access' => 'docker', // crud sur docker,
'size' => '1000000000', // taille max
'extension' => 'ppk,id_rsa', // extension
'storage' => 'docker/machine/{{data.id}}/id_rsa' //chemin complet vers le fichier stocké
),$response);
});
//machine : Gestion upload Clé publique
Action::register('docker_machine_public_key',function(&$response){
File::handle_component(array(
'namespace' => 'docker', //stockés dans file/docker/*.*
'access' => 'docker', // crud sur docker,
'size' => '1000000000', // taille max
'extension' => 'pub,id_rsa', // extension
'storage' => 'docker/machine/{{data.id}}/id_rsa.pub' //chemin complet vers le fichier stocké
),$response);
});
//Sauvegarde des configurations de Docker
Action::register('docker_setting_save',function(&$response){
global $_,$conf;
User::check_access('docker','configure');
//Si input file "multiple", possibilité de normaliser le
//tableau $_FILES récupéré avec la fonction => normalize_php_files();
foreach(Configuration::setting('docker') as $key=>$value){
if(!is_array($value)) continue;
$allowed[] = $key;
}
foreach ($_['fields'] as $key => $value) {
if(in_array($key, $allowed))
$conf->put($key,$value);
}
});
?>