urvishpatelce/lxd-app
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update logic and refactor code

Browse Source
This commit is contained in:
Urvish Patel
2025-07-16 12:15:55 +02:00
parent ed6443347a
commit 6d055f4fad
28 changed files with 435 additions and 727 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
backend/app/src/Bootstrap/routes.php
View File

@ -1,11 +0,0 @@
<?php
use Slim\App;
return function (App $app) {
// Web routes
(require __DIR__ . '/../Routes/web.php')($app);
// API routes
(require __DIR__ . '/../Routes/v1/proxy.php')($app);
};

2
backend/app/src/Controllers/CaptchaController.php
View File

@ -2,7 +2,7 @@
namespace App\Controllers;
use App\lib\PCaptcha;
use App\Lib\PCaptcha;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

70
backend/app/src/Controllers/LoginController.php Normal file
View File

@ -0,0 +1,70 @@
<?php
namespace App\Controllers;
use App\Lib\PCaptcha;
use App\Services\LxdService;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use App\Utils\LogWriterHelper;
class LoginController
{
/**
* Login with captcha
*/
public function index(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
{
$mainDomain = $_ENV['MAIN_DOMAIN'] ?? 'lxdapp.local';
$origin = $request->getHeaderLine('Origin');
if (!empty($origin)) {
$domain = parse_url($origin, PHP_URL_HOST);
} else {
$domain = $request->getHeaderLine('Host');
}
$configPath = __DIR__ . '/../../config.json';
$config = file_exists($configPath) ? json_decode(file_get_contents($configPath), true) : [];
$name = $config[$domain] ?? null;
$params = (array)$request->getParsedBody();
$captcha = new PCaptcha();
if (!$captcha->validate_captcha($params['panswer'])) {
return $this->json($response, ['status' => 'error', 'message' => 'Invalid CAPTCHA'], 200);
}
$lxd = new LxdService();
$status = $lxd->getContainerState($name)['metadata']['status'] ?? 'Stopped';
if ($status !== 'Running') {
$lxd->startContainer($name);
sleep(10);
}
// Write log
LogWriterHelper::write($name, $request->getUri());
// Login success
return $this->json($response, ['status' => 'success', 'message' => 'Container started!']);
}
/**
* Sends a JSON response.
*/
protected function json($response, array $data, int $status = 200)
{
$payload = json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
$response->getBody()->write($payload);
return $response
->withHeader('Content-Type', 'application/json')
->withHeader('Access-Control-Allow-Origin', '*')
->withStatus($status);
}
}

243
backend/app/src/Controllers/ProxyController.php
View File

@ -4,10 +4,10 @@ namespace App\Controllers;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Message\ResponseInterface as Response;
use GuzzleHttp\Client;
use App\Utils\SubdomainHelper;
use App\Services\LxdService;
use App\lib\PCaptcha;
use App\Lib\PCaptcha;
use Zounar\PHPProxy\Proxy;
use App\Utils\LogWriterHelper;
class ProxyController
{
@ -16,102 +16,62 @@ class ProxyController
*/
public function forward(Request $request, Response $response): Response
{
$mainDomain = $_ENV['MAIN_DOMAIN'] ?? 'lxdapp.local';
try {
$mainDomain = $_ENV['MAIN_DOMAIN'] ?? 'lxdapp.local';
$origin = $request->getHeaderLine('Origin');
$domain = parse_url($origin, PHP_URL_HOST); // e.g. customer.lxdapp.local
$params = (array)$request->getParsedBody();
$origin = $request->getHeaderLine('Origin');
if (!empty($origin)) {
$domain = parse_url($origin, PHP_URL_HOST);
} else {
$domain = $request->getHeaderLine('Host');
}
$configPath = __DIR__ . '/../../config.json';
$config = file_exists($configPath) ? json_decode(file_get_contents($configPath), true) : [];
$name = $config[$domain] ?? null;
$lxd = new LxdService();
// print_r($params);
// CASE 1: From Login Page Create if not mapped
if (isset($params['source']) && $params['source'] === 'login') {
$configPath = __DIR__ . '/../../config.json';
$config = file_exists($configPath) ? json_decode(file_get_contents($configPath), true) : [];
$name = $config[$domain] ?? null;
$captcha = new PCaptcha();
if (!$captcha->validate_captcha($params['panswer'])) {
return $this->json($response, ['status' => 'error', 'error' => 'invalid_captcha']);
}
$lxd = new LxdService();
// STEP 1: If container mapping not found
if (!$name) {
$subdomain = SubdomainHelper::getSubdomain($domain, $mainDomain);
$name = $this->generateContainerName($subdomain); // or just use subdomain
$config[$domain] = $name;
file_put_contents($configPath, json_encode($config, JSON_PRETTY_PRINT));
return $this->json($response, ['status' => 'error', 'message' => 'Container does not exist.'], 404);
}
// STEP 2: Check if container exists in LXD
if (!$lxd->containerExists($name)) {
$lxd->createContainerAndWait($name);
sleep(5);
//$lxd->startContainer($name);
$lxd->installPackages($name);
sleep(5);
return $this->json($response, ['status' => 'error', 'message' => 'Container does not exist.'], 404);
}
// STEP 4: Check container status
$containerInfo = $lxd->getContainerState($name);
$status = $containerInfo['metadata']['status'] ?? 'Stopped';
if ($status !== 'Running') {
// Container not running → redirect to login page
$scheme = $request->getUri()->getScheme(); // "http" or "https"
$redirectUrl = $request->getUri();
return $response
->withHeader('Location', 'app/?auth=ok&redirect=' . urlencode($redirectUrl))
->withStatus(302);
}
// STEP 5: Container is running → proxy request
$ip = $lxd->getContainerIP($name);
if (!$ip) {
return $this->json($response, [
'status' => 'error',
'message' => "Failed to get container IP for '$name'"
], 500);
return $this->json($response, ['status' => 'error', 'message' => 'Could not fetch container IP'], 500);
}
// if (!$lxd->waitForPort($ip, 80, 30)) {
// return $this->json($response, ['status' => 'error', 'message' => 'Container not ready'], 500);
// }
return $this->json($response, ['status' => 'success', 'ip' => $ip]);
return $this->proxyToContainer($request, $response, $ip, $name);
} catch (\Throwable $e) {
// Global fallback for any exception
return $this->json($response, [
'status' => 'error',
'message' => 'Internal Server Error: ' . $e->getMessage()
], 500);
}
// CASE 2: Not from login and no mapping
if (!$name) {
return $this->json($response, ['status' => 'not-found']);
}
// CASE 3: Check if container exists in LXD
$containerInfo = $lxd->getContainerState($name);
if (!$containerInfo) {
return $this->json($response, ['status' => 'not-found']);
}
if ($containerInfo['metadata']['status'] !== 'Running') {
$lxd->startContainer($name);
sleep(5);
}
$ip = $lxd->getContainerIP($name);
// if (!$ip) {
// $ip = $lxd->getContainerIP($name);
// }
if (!$lxd->waitForPort($ip, 80, 30)) {
return $this->json($response, ['status' => 'error', 'message' => 'Service not available'], 500);
}
return $this->proxyToContainer($request, $response, $ip, $name);
}
/**
* Maps a domain to a container name.
*/
private function mapDomainToContainer(string $domain): ?string
{
$configPath = __DIR__ . '/../../config.json';
if (!file_exists($configPath)) {
return null;
}
$config = json_decode(file_get_contents($configPath), true);
return $config[$domain] ?? null;
}
/**
* Sends a JSON response.
@ -128,130 +88,43 @@ class ProxyController
->withStatus($status);
}
/**
* Generates a sanitized container name based on a subdomain.
*/
public function generateContainerName(string $subdomain): string
{
// Convert to lowercase, remove unsafe characters
$sanitized = preg_replace('/[^a-z0-9\-]/', '-', strtolower($subdomain));
// Optionally, ensure it's prefixed/suffixed for uniqueness
return "container-{$sanitized}";
}
/**
* Proxies the request to the container.
*/
private function proxyToContainer(Request $request, Response $response, string $ip, string $name): Response
{
$client = new Client([
'http_errors' => false,
'timeout' => 10,
]);
$method = $request->getMethod();
$baseUrl = $ip ? "http://$ip" : "http://127.0.0.1:3000";
$baseUrl = $ip ? "http://$ip/" : "http://127.0.0.1:3000";
$uri = $request->getUri();
$path = $uri->getPath();
// Remove /api/v1 prefix from path
$prefix = '/api/v1';
$prefix = '/api/';
if (strpos($path, $prefix) === 0) {
$path = substr($path, strlen($prefix));
if ($path === '') {
$path = '/';
}
}
// Add .php extension if not present
if (!str_ends_with($path, '.php')) {
$path .= '.php';
}
$query = $uri->getQuery();
$targetUrl = $baseUrl . $path . ($query ? '?' . $query : '');
$options = [
'headers' => [],
'http_errors' => false,
'debug' => false,
];
foreach ($request->getHeaders() as $headerName => $values) {
if (strtolower($headerName) !== 'host') {
$options['headers'][$headerName] = implode(', ', $values);
}
}
Proxy::$AUTH_KEY = $_ENV['AUTH_KEY'] ?? 'Bj5pnZEX6DkcG6Nz6AjDUT1bvcGRVhRaXDuKDX9CjsEs2';
Proxy::$ENABLE_AUTH = true; // Enable auth
Proxy::$HEADER_HTTP_PROXY_AUTH = 'HTTP_PROXY_AUTH'; // Ensure it matches the key
$options['headers'] = [
'Host' => (string) $ip,
'Accept-Encoding' => 'gzip, deflate',
'Accept' => '*/*',
'User-Agent' => 'SlimProxy/1.0',
];
$_SERVER['HTTP_PROXY_AUTH'] = $_ENV['AUTH_KEY'] ?? 'Bj5pnZEX6DkcG6Nz6AjDUT1bvcGRVhRaXDuKDX9CjsEs2';
$_SERVER['HTTP_PROXY_TARGET_URL'] = $targetUrl;
// Do your custom logic before running proxy
$responseCode = Proxy::run();
if (in_array($method, ['POST', 'PUT', 'PATCH', 'DELETE'])) {
$body = (string) $request->getBody();
if ($body) {
$options['body'] = $body;
}
}
$forwarded = $client->request($method, $targetUrl, $options);
// Write log
LogWriterHelper::write($name, $targetUrl);
$this->writeLastAccessLog($name, $targetUrl);
foreach ($forwarded->getHeaders() as $headerName => $headerValues) {
$response = $response->withHeader($headerName, implode(', ', $headerValues));
}
$response->getBody()->write((string) $forwarded->getBody());
return $response->withStatus($forwarded->getStatusCode());
return $response;
}
private function proxyToContainerOLD(Request $request, Response $response, string $ip, string $name): Response
{
$target = $ip ? "http://$ip:80" : "http://127.0.0.1:3000";
$client = new Client([
'http_errors' => false,
'timeout' => 5,
]);
// Just make a GET request to the base URL
$forwarded = $client->request('GET', $target);
$this->writeLastAccessLog($name, $target);
// Return the body and status
$response->getBody()->write((string) $forwarded->getBody());
return $response
->withHeader('Content-Type', 'text/html') // or json if API
->withHeader('Access-Control-Allow-Origin', '*')
->withStatus($forwarded->getStatusCode());
}
/**
* Logs the last access to a container.
*/
protected function writeLastAccessLog(string $name, string $uri): void {
// Dynamically resolve the log directory relative to the current file
$logDir = realpath(__DIR__ . '/../../public/last-access-logs');
// If the resolved path doesn't exist (e.g., public dir was missing), create it
if (!$logDir) {
$logDir = __DIR__ . '/../../public/last-access-logs';
if (!file_exists($logDir)) {
mkdir($logDir, 0777, true);
}
}
$logLine = date("Y-m-d H:i:s") . " : " . $uri . "\n";
file_put_contents($logDir . '/' . $name . '.txt', $logLine, FILE_APPEND);
}
}

28
backend/app/src/Middleware/CorsMiddleware.php Normal file
View File

@ -0,0 +1,28 @@
<?php
namespace App\Middleware;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
use Psr\Http\Message\ResponseInterface;
use Slim\Psr7\Response;
class CorsMiddleware implements MiddlewareInterface
{
public function process(Request $request, RequestHandler $handler): ResponseInterface
{
$origin = $_SERVER['HTTP_ORIGIN'] ?? '*';
if ($request->getMethod() === 'OPTIONS') {
$response = new Response(204);
} else {
$response = $handler->handle($request);
}
return $response
->withHeader('Access-Control-Allow-Origin', $origin)
->withHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS')
->withHeader('Access-Control-Allow-Credentials', 'true');
}
}

11
backend/app/src/Routes/v1/proxy.php
View File

@ -1,11 +0,0 @@
<?php
use Slim\App;
use App\Controllers\ProxyController;
return function (App $app) {
// Proxy route
$app->group('/api/v1', function ($group) {
$group->any('/{routes:.*}', [ProxyController::class, 'forward']);
});
};

19
backend/app/src/Routes/web.php
View File

@ -1,19 +0,0 @@
<?php
use Slim\App;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use App\Controllers\CaptchaController;
return function (App $app) {
// Home route
$app->get('/', function (ServerRequestInterface $request, ResponseInterface $response) {
$response->getBody()->write('Welcome to the LXD App!');
return $response;
});
// Captcha route
$app->get('/api/captcha', [CaptchaController::class, 'get']);
};

168
backend/app/src/Services/LxdService.php
View File

@ -6,11 +6,9 @@ use Exception;
class LxdService
{
private string $baseUrl;
private string $imageFingerprint;
public function __construct() {
$this->baseUrl = $_ENV['LXD_API_URL'] ?? 'https://localhost:8443';
$this->imageFingerprint = $_ENV['LXD_IMAGE_FINGERPRINT'] ?? '2edfd84b1396';
}
@ -70,20 +68,6 @@ class LxdService
return $json;
}
/**
* Retrieves a container.
*
* @param string $name Container name
* @return array|null Container or null if an error occurs
*/
public function getContainer(string $name) {
try {
return $this->request('GET', "/1.0/instances/$name");
} catch (\Throwable $e) {
return null;
}
}
/**
* Retrieves the status of a container.
*
@ -139,9 +123,7 @@ class LxdService
throw new \Exception("Failed to start container: " . json_encode($startOpResp));
}
// 6. Return final container info
$containerResponse = $this->getContainer($name);
return $containerResponse['metadata'] ?? [];
return $startResponse;
}
/**
@ -159,111 +141,6 @@ class LxdService
return $response;
}
/**
* Creates a new container.
*
* @param string $name Container name
* @param string $fingerprint Image fingerprint
* @return array Response from the API
*/
public function createContainer(string $name): array {
$response = $this->request('POST', "/1.0/instances", [
"name" => $name,
"source" => [
"type" => "image",
"fingerprint" => $this->imageFingerprint
]
]);
sleep(5);
return $response;
}
/**
* Installs packages inside a container.
*
* @param string $name Container name
* @throws Exception
*/
public function installPackages(string $name) {
$log = '';
$log .= "=== apt update ===\n";
$out1 = shell_exec("/snap/bin/lxc exec $name -- bash -c 'apt update 2>&1'");
$log .= $out1 . "\n\n";
$log .= "=== apt install ===\n";
$out2 = shell_exec("/snap/bin/lxc exec $name -- bash -c 'apt install -y nginx mysql-server 2>&1'");
$log .= $out2 . "\n\n";
file_put_contents('/tmp/lxd_install.log', $log);
// Wait for services to start
$this->waitForService($name, 'nginx');
$this->waitForService($name, 'mysql');
}
/**
* Waits for a service to become active inside a container.
*
* @param string $name Container name
* @param string $service Service name
* @throws Exception
*/
private function waitForService(string $name, string $service)
{
for ($i = 0; $i < 10; $i++) {
$status = shell_exec("/snap/bin/lxc exec $name -- systemctl is-active $service");
if (trim($status) === 'active') {
return;
}
sleep(2);
}
throw new Exception("Failed to start $service inside container $name");
}
/**
* Creates a new container and wait for start.
*
* @param string $name Container name
* @param string $fingerprint Image fingerprint
* @return array Response from the API
*/
public function createContainerAndWait(string $name, array $config = []): array {
$body = [
"name" => $name,
"source" => array_merge([
"type" => "image",
"fingerprint" => $this->imageFingerprint
]),
];
$body = array_merge($body, $config);
// 2. Send creation request
$response = $this->request('POST', '/1.0/instances', $body);
if (!isset($response['operation'])) {
throw new \Exception("No operation returned from create request");
}
$operationUrl = $response['operation'];
// 3. Wait for container creation to finish
do {
sleep(1);
$opResponse = $this->request('GET', $operationUrl);
$statusCode = $opResponse['metadata']['status_code'] ?? 0;
} while ($statusCode < 200);
if ($statusCode >= 400) {
throw new \Exception("Container creation failed: " . json_encode($opResponse));
}
// 4. Start the container
return $this->startContainer($name);
}
/**
@ -278,6 +155,27 @@ class LxdService
return $this->getIPv4FromMetadata($container['metadata']);
}
/**
* Extracts the IPv4 address from container metadata.
*
* @param array $metadata Container metadata
* @return string|null IPv4 address or null if not found
*/
public function getIPv4FromMetadata(array $metadata): ?string
{
if (
isset($metadata['network']['eth0']['addresses']) &&
is_array($metadata['network']['eth0']['addresses'])
) {
foreach ($metadata['network']['eth0']['addresses'] as $addr) {
if (isset($addr['family']) && $addr['family'] === 'inet' && isset($addr['address'])) {
return $addr['address'];
}
}
}
return null;
}
/**
* Waits for a specific port to become available.
*
@ -303,26 +201,4 @@ class LxdService
return false; // Timed out
}
/**
* Extracts the IPv4 address from container metadata.
*
* @param array $metadata Container metadata
* @return string|null IPv4 address or null if not found
*/
public function getIPv4FromMetadata(array $metadata): ?string
{
if (
isset($metadata['network']['eth0']['addresses']) &&
is_array($metadata['network']['eth0']['addresses'])
) {
foreach ($metadata['network']['eth0']['addresses'] as $addr) {
if (isset($addr['family']) && $addr['family'] === 'inet' && isset($addr['address'])) {
return $addr['address'];
}
}
}
return null;
}
}

21
backend/app/src/Utils/LogWriterHelper.php Normal file
View File

@ -0,0 +1,21 @@
<?php
namespace App\Utils;
class LogWriterHelper {
public static function write(string $name, string $uri): void {
// Dynamically resolve the log directory relative to the current file
$logDir = realpath(__DIR__ . '/../../public/last-access-logs');
// If the resolved path doesn't exist (e.g., public dir was missing), create it
if (!$logDir) {
$logDir = __DIR__ . '/../../public/last-access-logs';
if (!file_exists($logDir)) {
mkdir($logDir, 0777, true);
}
}
$logLine = date("Y-m-d H:i:s") . " : " . $uri . "\n";
file_put_contents($logDir . '/' . $name . '.txt', $logLine, FILE_APPEND);
}
}

14
backend/app/src/Utils/SubdomainHelper.php
View File

@ -1,14 +0,0 @@
<?php
namespace App\Utils;
class SubdomainHelper {
public static function getSubdomain(string $host, string $mainDomain): ?string {
if (!str_ends_with($host, $mainDomain)) {
return null;
}
$subPart = substr($host, 0, -strlen($mainDomain) - 1);
$parts = explode('.', $subPart);
return $parts[0] ?? null;
}
}

2
backend/app/src/lib/PCaptcha.php
View File

@ -1,5 +1,5 @@
<?php
namespace App\lib;
namespace App\Lib;
/**
* PCaptcha :
* A simple/lightweight class provides you with the necessary tools to generate a friendly/secure captcha and validate it