190 lines
6.1 KiB
PHP
190 lines
6.1 KiB
PHP
<?php
|
||
|
||
namespace App\Controllers;
|
||
|
||
use App\Managers\LXDProxyManager;
|
||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||
use Psr\Http\Message\ResponseInterface as Response;
|
||
use GuzzleHttp\Client;
|
||
use App\Utils\SubdomainHelper;
|
||
use App\Services\LxdService;
|
||
use App\lib\PCaptcha;
|
||
|
||
class ProxyController
|
||
{
|
||
/**
|
||
* Handles forwarding requests to the appropriate container.
|
||
*/
|
||
public function forward(Request $request, Response $response): Response
|
||
{
|
||
$mainDomain = $_ENV['MAIN_DOMAIN'] ?? 'lxdapp.local';
|
||
|
||
$origin = $request->getHeaderLine('Origin');
|
||
$domain = parse_url($origin, PHP_URL_HOST); // e.g. mitul.lxdapp.local
|
||
$params = (array)$request->getParsedBody();
|
||
|
||
$configPath = __DIR__ . '/../../config.json';
|
||
$config = file_exists($configPath) ? json_decode(file_get_contents($configPath), true) : [];
|
||
$name = $config[$domain] ?? null;
|
||
|
||
$lxd = new LxdService();
|
||
// print_r($params);
|
||
// CASE 1: From Login Page – Create if not mapped
|
||
if (isset($params['source']) && $params['source'] === 'login') {
|
||
|
||
$captcha = new PCaptcha();
|
||
|
||
if (!$captcha->validate_captcha($params['panswer'])) {
|
||
return $this->json($response, ['status' => 'error', 'error' => 'invalid_captcha']);
|
||
}
|
||
|
||
if (!$name) {
|
||
$subdomain = SubdomainHelper::getSubdomain($domain, $mainDomain);
|
||
$name = $this->generateContainerName($subdomain); // or just use subdomain
|
||
$config[$domain] = $name;
|
||
file_put_contents($configPath, json_encode($config, JSON_PRETTY_PRINT));
|
||
}
|
||
|
||
if (!$lxd->containerExists($name)) {
|
||
$lxd->createContainerAndWait($name);
|
||
sleep(5);
|
||
//$lxd->startContainer($name);
|
||
$lxd->installPackages($name);
|
||
sleep(5);
|
||
}
|
||
|
||
$ip = $lxd->getContainerIP($name);
|
||
|
||
if (!$ip) {
|
||
return $this->json($response, [
|
||
'status' => 'error',
|
||
'message' => "Failed to get container IP for '$name'"
|
||
], 500);
|
||
}
|
||
|
||
// if (!$lxd->waitForPort($ip, 80, 30)) {
|
||
// return $this->json($response, ['status' => 'error', 'message' => 'Container not ready'], 500);
|
||
// }
|
||
|
||
return $this->json($response, ['status' => 'success', 'ip' => $ip]);
|
||
}
|
||
|
||
// CASE 2: Not from login and no mapping
|
||
if (!$name) {
|
||
return $this->json($response, ['status' => 'not-found']);
|
||
}
|
||
|
||
// CASE 3: Check if container exists in LXD
|
||
$containerInfo = $lxd->getContainerState($name);
|
||
if (!$containerInfo) {
|
||
return $this->json($response, ['status' => 'not-found']);
|
||
}
|
||
|
||
if ($containerInfo['metadata']['status'] !== 'Running') {
|
||
$lxd->startContainer($name);
|
||
sleep(5);
|
||
}
|
||
|
||
|
||
$ip = $lxd->getContainerIP($name);
|
||
// if (!$ip) {
|
||
// $ip = $lxd->getContainerIP($name);
|
||
// }
|
||
|
||
if (!$lxd->waitForPort($ip, 80, 30)) {
|
||
return $this->json($response, ['status' => 'error', 'message' => 'Service not available'], 500);
|
||
}
|
||
|
||
return $this->proxyToContainer($request, $response, $ip, $name);
|
||
}
|
||
|
||
/**
|
||
* Maps a domain to a container name.
|
||
*/
|
||
private function mapDomainToContainer(string $domain): ?string
|
||
{
|
||
$configPath = __DIR__ . '/../../config.json';
|
||
|
||
if (!file_exists($configPath)) {
|
||
return null;
|
||
}
|
||
|
||
$config = json_decode(file_get_contents($configPath), true);
|
||
|
||
return $config[$domain] ?? null;
|
||
}
|
||
|
||
/**
|
||
* Sends a JSON response.
|
||
*/
|
||
protected function json($response, array $data, int $status = 200)
|
||
{
|
||
$payload = json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
|
||
|
||
$response->getBody()->write($payload);
|
||
|
||
return $response
|
||
->withHeader('Content-Type', 'application/json')
|
||
->withHeader('Access-Control-Allow-Origin', '*')
|
||
->withStatus($status);
|
||
}
|
||
|
||
/**
|
||
* Generates a sanitized container name based on a subdomain.
|
||
*/
|
||
public function generateContainerName(string $subdomain): string
|
||
{
|
||
// Convert to lowercase, remove unsafe characters
|
||
$sanitized = preg_replace('/[^a-z0-9\-]/', '-', strtolower($subdomain));
|
||
|
||
// Optionally, ensure it's prefixed/suffixed for uniqueness
|
||
return "container-{$sanitized}";
|
||
}
|
||
|
||
/**
|
||
* Proxies the request to the container.
|
||
*/
|
||
private function proxyToContainer(Request $request, Response $response, string $ip, string $name): Response
|
||
{
|
||
$target = $ip ? "http://$ip:80" : "http://127.0.0.1:3000";
|
||
|
||
$client = new Client([
|
||
'http_errors' => false,
|
||
'timeout' => 5,
|
||
]);
|
||
|
||
// Just make a GET request to the base URL
|
||
$forwarded = $client->request('GET', $target);
|
||
|
||
$this->writeLastAccessLog($name, $target);
|
||
|
||
// Return the body and status
|
||
$response->getBody()->write((string) $forwarded->getBody());
|
||
return $response
|
||
->withHeader('Content-Type', 'text/html') // or json if API
|
||
->withHeader('Access-Control-Allow-Origin', '*')
|
||
->withStatus($forwarded->getStatusCode());
|
||
|
||
}
|
||
|
||
/**
|
||
* Logs the last access to a container.
|
||
*/
|
||
protected function writeLastAccessLog(string $name, string $uri): void {
|
||
// Dynamically resolve the log directory relative to the current file
|
||
$logDir = realpath(__DIR__ . '/../../public/last-access-logs');
|
||
|
||
// If the resolved path doesn't exist (e.g., public dir was missing), create it
|
||
if (!$logDir) {
|
||
$logDir = __DIR__ . '/../../public/last-access-logs';
|
||
if (!file_exists($logDir)) {
|
||
mkdir($logDir, 0777, true);
|
||
}
|
||
}
|
||
|
||
$logLine = date("Y-m-d H:i:s") . " : " . $uri . "\n";
|
||
file_put_contents($logDir . '/' . $name . '.txt', $logLine, FILE_APPEND);
|
||
}
|
||
|
||
|
||
} |