@abtnode/core 1.6.18 → 1.6.22

package/lib/api/node.js

@@ -93,7 +93,7 @@ class NodeAPI {
   async updateNodeInfo(entity = {}, context) {
     await validateNodeInfo(entity, context);
 
-    if (entity.autoUpgrade) {
+    if (entity.autoUpgrade && process.env.NODE_ENV !== 'development') {
       try {
         canPackageReadWrite(process.env.ABT_NODE_BINARY_NAME, process.env.ABT_NODE_PACKAGE_NAME);
       } catch (err) {

package/lib/blocklet/manager/disk.js

@@ -20,11 +20,12 @@ const logger = require('@abtnode/logger')('@abtnode/core:blocklet:manager');
 const downloadFile = require('@abtnode/util/lib/download-file');
 const Lock = require('@abtnode/util/lib/lock');
 const { getVcFromPresentation } = require('@abtnode/util/lib/vc');
-const { BLOCKLET_PURCHASE_NFT_TYPE } = require('@abtnode/constant');
+const { VC_TYPE_BLOCKLET_PURCHASE } = require('@abtnode/constant');
 
 const getBlockletEngine = require('@blocklet/meta/lib/engine');
 const {
   isFreeBlocklet,
+  isComponentBlocklet,
   isDeletableBlocklet,
   getRequiredMissingConfigs,
   hasRunnableComponent,
@@ -88,6 +89,8 @@ const {
   checkDuplicateComponents,
   getDiffFiles,
   getBundleDir,
+  needBlockletDownload,
+  verifyPurchase,
 } = require('../../util/blocklet');
 const states = require('../../states');
 const BlockletRegistry = require('../registry');
@@ -195,6 +198,20 @@ class BlockletManager extends BaseBlockletManager {
     throw new Error('Unknown source');
   }
 
+  /**
+   * @param {String} rootDid
+   * @param {String} mountPoint
+   * @param {Boolean} context.blockletPurchaseVerified
+   *
+   * installFromUrl
+   * @param {String} url
+   *
+   * InstallFromUpload
+   * @param {Object} file
+   * @param {String} did for diff upload
+   * @param {String} diffVersion for diff upload
+   * @param {Array} deleteSet for diff upload
+   */
   async installComponent({ rootDid, mountPoint, url, file, did, diffVersion, deleteSet }, context = {}) {
     logger.debug('start install component', { rootDid, mountPoint, url });
 
@@ -242,8 +259,8 @@ class BlockletManager extends BaseBlockletManager {
     // FIXME: 这里的 trustedIssuers 相当于相信任何 VC，需要想更安全的方法
     verifyPresentation({ presentation: vcPresentation, trustedIssuers: [get(vc, 'issuer.id')], challenge });
 
-    if (!vc.type.includes(BLOCKLET_PURCHASE_NFT_TYPE)) {
-      throw new Error(`Expect ${BLOCKLET_PURCHASE_NFT_TYPE} VC type`);
+    if (!vc.type.includes(VC_TYPE_BLOCKLET_PURCHASE)) {
+      throw new Error(`Expect ${VC_TYPE_BLOCKLET_PURCHASE} VC type`);
     }
 
     const blockletUrl = get(vc, 'credentialSubject.purchased.blocklet.url');
@@ -819,21 +836,23 @@ class BlockletManager extends BaseBlockletManager {
     };
   }
 
-  async updateChildren({ updateId, did: inputDid, children: inputChildren }, context) {
+  async updateChildren({ updateId, did: inputDid, children: inputChildren, oldBlocklet: inputOldBlocklet }, context) {
     let did;
     let children;
+    let oldBlocklet;
     if (!updateId && inputDid && inputChildren) {
       did = inputDid;
       children = inputChildren;
+      oldBlocklet = inputOldBlocklet;
     } else {
       const sessionData = await states.session.end(updateId);
       did = sessionData.did;
       const { staticChildren = [], dynamicChildren = [] } = sessionData;
       children = [...staticChildren, ...dynamicChildren.map((x) => ({ ...x, dynamic: true }))];
+      oldBlocklet = await states.blocklet.getBlocklet(did);
     }
 
     // get old blocklet
-    const oldBlocklet = await states.blocklet.getBlocklet(did);
     const { meta } = oldBlocklet;
     const { name, version } = meta;
 
@@ -1179,9 +1198,6 @@ class BlockletManager extends BaseBlockletManager {
         return;
       }
 
-      const blocklet1 = await states.blocklet.setBlockletStatus(did, BlockletStatus.downloading);
-      this.emit(BlockletEvents.statusChange, blocklet1);
-
       preDownloadLock.release();
 
       const { isCancelled } = await this._downloadBlocklet(blocklet, oldBlocklet);
@@ -1327,14 +1343,15 @@ class BlockletManager extends BaseBlockletManager {
     const blocklet = await states.blocklet.getBlocklet(did);
     const nodeInfo = await states.node.read();
 
-    const rootSystemEnvironments = getRootSystemEnvironments(blockletWithEnv, nodeInfo);
-    const overwrittenEnvironments = getOverwrittenEnvironments(blockletWithEnv, nodeInfo);
+    const rootSystemEnvironments = {
+      ...getRootSystemEnvironments(blockletWithEnv, nodeInfo),
+      ...getOverwrittenEnvironments(blockletWithEnv, nodeInfo),
+    };
 
     // fill environments to blocklet and blocklet.children
     blocklet.environments = formatEnvironments({
       ...getSystemEnvironments(blockletWithEnv),
       ...rootSystemEnvironments,
-      ...overwrittenEnvironments,
     });
 
     for (const child of blocklet.children) {
@@ -1343,11 +1360,13 @@ class BlockletManager extends BaseBlockletManager {
         child.environments = formatEnvironments({
           ...getSystemEnvironments(childWithEnv), // system env of child blocklet
           ...rootSystemEnvironments, // system env of root blocklet
-          ...overwrittenEnvironments,
         });
       }
     }
 
+    // put BLOCKLET_APP_ID at root level for indexing
+    blocklet.appDid = rootSystemEnvironments.BLOCKLET_APP_ID;
+
     // update state to db
     return states.blocklet.updateBlocklet(did, blocklet);
   }
@@ -1368,23 +1387,21 @@ class BlockletManager extends BaseBlockletManager {
 
     const registryUrl = registry || (await states.node.getBlockletRegistry());
     const info = await BlockletRegistry.getRegistryMeta(registryUrl);
-    const blocklet = await this.registry.getBlocklet(did, registryUrl);
-    if (!blocklet) {
+    const meta = await this.registry.getBlocklet(did, registryUrl);
+    if (!meta) {
       throw new Error('Can not install blocklet that not found in registry');
     }
 
-    const state = await states.blocklet.getBlocklet(blocklet.did);
+    const state = await states.blocklet.getBlocklet(meta.did);
     if (state) {
       throw new Error('Can not install an already installed blocklet');
     }
 
-    if (isFreeBlocklet(blocklet) === false && !context.blockletPurchaseVerified) {
-      throw new Error('Can not install a non-free blocklet directly');
-    }
+    verifyPurchase(meta, context);
 
     // install
     return this._install({
-      meta: blocklet,
+      meta,
       source: BlockletSource.registry,
       deployedFrom: info.cdnUrl || registryUrl,
       context,
@@ -1434,6 +1451,12 @@ class BlockletManager extends BaseBlockletManager {
       throw new Error('Cannot add self as a component');
     }
 
+    if (!isComponentBlocklet(meta)) {
+      throw new Error('The blocklet cannot be a component');
+    }
+
+    verifyPurchase(meta, context);
+
     const newChildren = await parseChildren(blocklet.meta, {
       children: [
         {
@@ -1447,10 +1470,14 @@ class BlockletManager extends BaseBlockletManager {
 
     checkDuplicateComponents(blocklet.children, newChildren);
 
+    // add component to db
+    await states.blocklet.addChildren(rootDid, newChildren);
+
     return this.updateChildren(
       {
         did: rootDid,
         children: [...blocklet.children, ...newChildren],
+        oldBlocklet: blocklet,
       },
       context
     );
@@ -2272,7 +2299,7 @@ class BlockletManager extends BaseBlockletManager {
       } else {
         const status =
           oldBlocklet.status === BlockletStatus.installed ? BlockletStatus.installed : BlockletStatus.stopped;
-        await states.blocklet.setBlockletStatus(did, status);
+        await states.blocklet.setBlockletStatus(did, status, { children: 'all' });
       }
 
       blocklet = await this.ensureBlocklet(did, context);
@@ -2496,10 +2523,7 @@ class BlockletManager extends BaseBlockletManager {
     } = blocklet;
 
     const metas = [];
-    if (
-      ![BlockletSource.upload, BlockletSource.local].includes(blocklet.source) &&
-      get(oldBlocklet, 'meta.dist.integrity') !== get(blocklet, 'meta.dist.integrity')
-    ) {
+    if (needBlockletDownload(blocklet)) {
       metas.push(blocklet.meta);
     }
 
@@ -2510,16 +2534,17 @@ class BlockletManager extends BaseBlockletManager {
 
     for (const child of blocklet.children) {
       const oldChild = oldChildren[child.meta.did];
-      if (
-        !oldChild ||
-        (![BlockletSource.upload, BlockletSource.local].includes(child.source) &&
-          child.sourceUrl &&
-          get(oldChild, 'meta.dist.integrity') !== get(child, 'meta.dist.integrity'))
-      ) {
+      if (needBlockletDownload(child, oldChild)) {
         metas.push(child.meta);
       }
     }
 
+    // update children status
+    const blocklet1 = await states.blocklet.setBlockletStatus(did, BlockletStatus.downloading, {
+      children: metas.map((x) => ({ did: x.did })),
+    });
+    this.emit(BlockletEvents.statusChange, blocklet1);
+
     try {
       logger.info('Download Blocklet', { name, did, bundles: metas.map((x) => get(x, 'dist.tarball')) });
       const tasks = [];

package/lib/event.js

@@ -132,7 +132,7 @@ module.exports = ({
     onEvent(name, blocklet);
   };
 
-  const handleCLIEvent = (eventName) => {
+  const handleServerEvent = (eventName) => {
     const [, status] = eventName.split('.');
     onEvent(eventName, {
       title: `Blocklet Server ${status}`,
@@ -209,7 +209,8 @@ module.exports = ({
 
   events.handleBlockletAdd = handleBlockletAdd;
   events.handleBlockletRemove = handleBlockletRemove;
-  events.handleCLIEvent = handleCLIEvent;
+  events.handleServerEvent = handleServerEvent;
+  events.onEvent = onEvent;
 
   return events;
 };

package/lib/index.js

@@ -147,7 +147,7 @@ function ABTNode(options) {
     getCertificates,
     getSitesFromSnapshot,
     getRoutingCrons,
-    ensureDashboardCertificate,
+    ensureWildcardCerts,
   } = getRouterHelpers({ dataDirs, routingSnapshot, routerManager, blockletManager, certManager });
 
   const teamManager = new TeamManager({ nodeDid: options.nodeDid, dataDirs, states });
@@ -318,7 +318,7 @@ function ABTNode(options) {
     takeRoutingSnapshot,
     getSitesFromSnapshot,
     ensureDashboardRouting,
-    ensureDashboardCertificate,
+    ensureWildcardCerts,
 
     addDomainAlias: routerManager.addDomainAlias.bind(routerManager),
     deleteDomainAlias: routerManager.deleteDomainAlias.bind(routerManager),

package/lib/migrations/1.6.21-rename-ip-echo-domain.js

@@ -0,0 +1,35 @@
+const yaml = require('js-yaml');
+const fs = require('fs');
+const set = require('lodash/set');
+const omit = require('lodash/omit');
+const {
+  DEFAULT_WILDCARD_CERT_HOST,
+  DEFAULT_DID_DOMAIN,
+  DEFAULT_DID_REGISTRY,
+  DEFAULT_IP_DOMAIN,
+} = require('@abtnode/constant');
+
+module.exports = async ({ states, printInfo, configFile }) => {
+  printInfo('Try to rename dashboardDomain to ipWildcardDomain in db...');
+
+  let info = await states.node.read();
+  set(info, 'routing.ipWildcardDomain', info.routing.dashboardDomain || DEFAULT_IP_DOMAIN);
+  set(info, 'routing.wildcardCertHost', DEFAULT_WILDCARD_CERT_HOST);
+  set(info, 'didDomain', DEFAULT_DID_DOMAIN);
+  set(info, 'didRegistry', DEFAULT_DID_REGISTRY);
+  info = omit(info, 'routing.dashboardDomain');
+
+  await states.node.updateNodeInfo(info);
+
+  if (process.env.NODE_ENV !== 'development') {
+    let rawConfig = yaml.safeLoad(fs.readFileSync(configFile).toString());
+    set(rawConfig, 'node.routing.ipWildcardDomain', info.routing.ipWildcardDomain);
+    set(rawConfig, 'node.routing.wildcardCertHost', DEFAULT_WILDCARD_CERT_HOST);
+    set(rawConfig, 'node.didDomain', DEFAULT_DID_DOMAIN);
+    set(rawConfig, 'node.didRegistry', DEFAULT_DID_REGISTRY);
+    rawConfig = omit(rawConfig, 'node.routing.dashboardDomain');
+    fs.writeFileSync(configFile, yaml.dump(rawConfig));
+  }
+
+  printInfo(`> Persist new config to file: ${configFile}`);
+};

package/lib/migrations/index.js

@@ -132,9 +132,13 @@ const runMigrationScripts = async ({
   for (let i = 0; i < scripts.length; i++) {
     const { script, version } = scripts[i];
     try {
-      const executed = await node.isMigrationExecuted({ script, version });
-      if (executed === false) {
+      if (process.env.NODE_ENV === 'development') {
         pending.push(scripts[i]);
+      } else {
+        const executed = await node.isMigrationExecuted({ script, version });
+        if (executed === false) {
+          pending.push(scripts[i]);
+        }
       }
     } catch (err) {
       printError(`Failed to detect migration script execution status: ${script}, error: ${err.message}`);

package/lib/router/helper.js

@@ -223,6 +223,19 @@ const ensureServiceRule = async (sites) => {
     return site;
   });
 };
+const ensureRootRule = async (sites) => {
+  return sites.map((site) => {
+    if (!isBasicSite(site.domain) && !site.rules.some((x) => x.from.pathPrefix === '/')) {
+      site.rules.push({
+        from: { pathPrefix: '/' },
+        to: {
+          type: ROUTING_RULE_TYPES.NONE,
+        },
+      });
+    }
+    return site;
+  });
+};
 
 const ensureLatestNodeInfo = async (sites = [], { withDefaultCors = true } = {}) => {
   const info = await states.node.read();
@@ -419,6 +432,13 @@ const decompressCertificates = async (source, dest) => {
   return dest;
 };
 
+const joinCertDownUrl = (baseUrl, name) => joinUrl(baseUrl, '/certs', name);
+
+const getIpEchoCertDownloadUrl = (baseUrl) => joinCertDownUrl(baseUrl, 'ip-abtnet-io.tar.gz');
+const getDidDomainCertDownloadUrl = (baseUrl) => joinCertDownUrl(baseUrl, 'did-abtnet-io.tar.gz');
+const getDownloadCertBaseUrl = (info) =>
+  process.env.ABT_NODE_WILDCARD_CERT_HOST || get(info, 'routing.wildcardCertHost', '');
+
 module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerManager, blockletManager, certManager }) {
   const nodeState = states.node;
   const blockletState = states.blocklet;
@@ -428,46 +448,13 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
   // site level duplication detection
   const hasRuleByPrefix = (site, value) => site.rules.find((x) => x.isProtected && get(x, 'from.pathPrefix') === value);
 
-  const updateDashboardCertificate = async ({ checkExpire = true }) => {
-    const info = await nodeState.read();
-    const provider = getProviderFromNodeInfo(info);
-    if (provider === ROUTER_PROVIDER_NONE) {
-      return;
-    }
-
-    const https = get(info, 'routing.https', true);
-    const dashboardDomain = get(info, 'routing.dashboardDomain', '');
-    const certDownloadAddress =
-      process.env.ABT_NODE_DASHBOARD_CERT_DOWN_URL || get(info, 'routing.dashboardCertDownloadAddress', '');
-    if (!https || !dashboardDomain || !certDownloadAddress) {
-      return;
-    }
-
-    if (checkExpire) {
-      try {
-        const cert = await routerManager.findCertificateByDomain(dashboardDomain);
-        if (!cert) {
-          return;
-        }
-
-        const now = Date.now();
-        const certInfo = getHttpsCertInfo(cert.certificate);
-        if (certInfo.validTo - now >= CERTIFICATE_EXPIRES_OFFSET) {
-          logger.info('skip dashboard certificate update before not expired');
-          return;
-        }
-      } catch (err) {
-        logger.error('failed to check dashboard certificate expiration', { error: err });
-        return;
-      }
-    }
-
+  const downloadCert = async ({ domain, url }) => {
     const destFolder = getTmpDirectory(path.join(`certificate-${Date.now()}`));
     try {
       const filename = path.join(destFolder, 'certificate.tar.gz');
       fs.ensureDirSync(destFolder);
 
-      await downloadFile(certDownloadAddress, filename);
+      await downloadFile(url, filename);
       await decompressCertificates(filename, destFolder);
 
       const certificateFilePath = path.join(destFolder, 'cert.pem');
@@ -485,7 +472,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
       const privateKey = fs.readFileSync(privateKeyFilePath).toString();
 
       await certManager.upsertByDomain({
-        domain: dashboardDomain,
+        domain,
         privateKey,
         certificate,
         isProtected: true,
@@ -499,23 +486,68 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
     }
   };
 
-  const ensureDashboardCertificate = async () => {
+  const updateCert = async (domain, url) => {
+    try {
+      const cert = await routerManager.findCertificateByDomain(domain);
+      if (!cert) {
+        return;
+      }
+
+      const now = Date.now();
+      const certInfo = getHttpsCertInfo(cert.certificate);
+      if (certInfo.validTo - now >= CERTIFICATE_EXPIRES_OFFSET) {
+        logger.info('skip dashboard certificate update before not expired', { domain, url });
+        return;
+      }
+
+      await downloadCert({
+        domain,
+        url,
+      });
+    } catch (err) {
+      logger.error('failed to check dashboard certificate expiration', { error: err, domain, url });
+    }
+  };
+
+  const updateDashboardCertificates = async () => {
     const info = await nodeState.read();
-    const downloadUrl = get(info, 'routing.dashboardCertDownloadAddress', '');
-    const dashboardDomain = get(info, 'routing.dashboardDomain', '');
-    if (!dashboardDomain || !downloadUrl) {
-      throw new Error('dashboardCertDownloadAddress and dashboardDomain are not found in the routing configs');
+    const provider = getProviderFromNodeInfo(info);
+    if (provider === ROUTER_PROVIDER_NONE) {
+      return;
     }
 
-    const cert = await certManager.getByDomain(dashboardDomain);
-    if (cert) {
-      return { status: 'existed' };
+    const https = get(info, 'routing.https', true);
+    const ipWildcardDomain = get(info, 'routing.ipWildcardDomain', '');
+    const didDomain = info.didDomain;
+    const certDownloadAddress = getDownloadCertBaseUrl(info);
+    if (!https || !certDownloadAddress) {
+      return;
     }
 
-    logger.debug('downloading dashboard ip-domain certificate', { url: downloadUrl, dashboardDomain });
-    await updateDashboardCertificate({ checkExpire: false });
-    logger.debug('downloaded dashboard ip-domain certificate', { url: downloadUrl, dashboardDomain });
-    return { status: 'downloaded' };
+    await updateCert(ipWildcardDomain, getIpEchoCertDownloadUrl(certDownloadAddress));
+    await updateCert(`*.${didDomain}`, getDidDomainCertDownloadUrl(certDownloadAddress));
+  };
+
+  const ensureWildcardCerts = async () => {
+    const info = await nodeState.read();
+    const didDomain = info.didDomain;
+    const ipWildcardDomain = get(info, 'routing.ipWildcardDomain', '');
+
+    const ensureDomainCert = async (domain, url) => {
+      const cert = await certManager.getByDomain(domain);
+      if (!cert) {
+        await downloadCert({
+          domain,
+          url,
+        });
+      }
+    };
+
+    const certBaseUrl = getDownloadCertBaseUrl(info);
+    await Promise.all([
+      ensureDomainCert(ipWildcardDomain, getIpEchoCertDownloadUrl(certBaseUrl)),
+      ensureDomainCert(`*.${didDomain}`, getDidDomainCertDownloadUrl(certBaseUrl)),
+    ]);
   };
 
   const upsertSiteRule = async ({ site, rule }, context) => {
@@ -658,9 +690,9 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
         return domainAlias === item;
       });
 
-    const dashboardDomain = get(info, 'routing.dashboardDomain', '');
+    const ipWildcardDomain = get(info, 'routing.ipWildcardDomain', '');
     const didDomain = `${info.did.toLowerCase()}.${info.didDomain}`;
-    let dashboardAliasDomains = [dashboardDomain, didDomain];
+    let dashboardAliasDomains = [ipWildcardDomain, didDomain];
 
     dashboardAliasDomains = dashboardAliasDomains
       .filter((item) => item && !isExistsInAlias(item))
@@ -748,8 +780,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
 
     const existSite = await states.site.findOne({ domain: domainGroup });
     if (!existSite) {
-      const ipEchoDnsDomain = getIpDnsDomainForBlocklet(blocklet, webInterface, nodeInfo.did);
-      const domainAliases = [{ value: ipEchoDnsDomain, isProtected: true }];
+      const domainAliases = [];
 
       const didDomain = getDidDomainForBlocklet({
         name: blocklet.meta.name,
@@ -757,7 +788,10 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
         didDomain: nodeInfo.didDomain,
       });
 
-      domainAliases.push({ value: didDomain, isProtected: true });
+      const ipEchoDnsDomain = getIpDnsDomainForBlocklet(blocklet, webInterface, nodeInfo.did);
+
+      // let didDomain in front of ipEchoDnsDomain
+      domainAliases.push({ value: didDomain, isProtected: true }, { value: ipEchoDnsDomain, isProtected: true });
 
       await routerManager.addRoutingSite(
         {
@@ -1157,6 +1191,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
             sites = await ensureLatestInfo(sites);
             sites = await ensureAuthService(sites, blockletManager);
             sites = await ensureServiceRule(sites);
+            sites = await ensureRootRule(sites);
 
             const certificates = httpsEnabled ? await certManager.getAllNormal() : [];
 
@@ -1386,7 +1421,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
     getSitesFromSnapshot,
     getCertificates,
     checkDomain,
-    ensureDashboardCertificate,
+    ensureWildcardCerts,
     addWellknownSite,
     upsertSiteRule,
 
@@ -1394,7 +1429,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
       {
         name: 'update-dashboard-certificate',
         time: '0 1 */6 * * *', // refetch on 0:00, 6:00, etc.
-        fn: () => updateDashboardCertificate({ checkExpire: true }),
+        fn: () => updateDashboardCertificates(),
         options: { runOnInit: true },
       },
       {

package/lib/router/index.js

@@ -5,7 +5,7 @@ const {
   DOMAIN_FOR_DEFAULT_SITE,
   DOMAIN_FOR_IP_SITE_REGEXP,
   ROUTING_RULE_TYPES,
-  DEFAULT_DASHBOARD_DOMAIN,
+  DEFAULT_IP_DOMAIN,
   BLOCKLET_PROXY_PATH_PREFIX,
   BLOCKLET_SITE_GROUP_SUFFIX,
 } = require('@abtnode/constant');
@@ -60,12 +60,12 @@ const getRoutingTable = ({ sites, nodeInfo }) => {
   let routingTable = Router.formatSites(sites);
   routingTable = expandSites(routingTable);
 
-  // put dashboardDomain to last, to let blockletDomain match first
+  // put ipWildcardDomain to last, to let blockletDomain match first
   // e.g.
-  //  dashboardDomain: 192-168-3-2.ip.abtnet.io
+  //  ipWildcardDomain: 192-168-3-2.ip.abtnet.io
   //  blockletDomain: static-demo-xxx-192-168-3-2.ip.abtnet.io
-  const dashboardDomain = get(nodeInfo, 'routing.dashboardDomain', '');
-  const index = routingTable.findIndex((x) => x.domain === dashboardDomain);
+  const ipWildcardDomain = get(nodeInfo, 'routing.ipWildcardDomain', '');
+  const index = routingTable.findIndex((x) => x.domain === ipWildcardDomain);
   if (index > -1) {
     routingTable.push(...routingTable.splice(index, 1));
   }
@@ -219,11 +219,11 @@ Router.formatSites = (sites = []) => {
 
 Router.flattenSitesToRules = (sites = [], info = {}) => {
   const result = [];
-  const dashboardDomain = get(info, 'routing.dashboardDomain', DEFAULT_DASHBOARD_DOMAIN);
+  const ipWildcardDomain = get(info, 'routing.ipWildcardDomain', DEFAULT_IP_DOMAIN);
   sites.forEach((site) => {
     const aliases = (site.domainAliases || [])
       .map((x) => (typeof x === 'string' ? x : x.value))
-      .filter((x) => x !== dashboardDomain)
+      .filter((x) => x !== ipWildcardDomain)
       .filter(Boolean);
 
     if (Array.isArray(site.rules) && site.rules.length > 0) {

package/lib/router/manager.js

@@ -221,10 +221,10 @@ class RouterManager extends EventEmitter {
       }
     }
 
-    const updateResult = await states.site.update(
-      { _id: id },
-      { $push: { domainAliases: { value: domainAlias, isProtected: false } } }
-    );
+    // let custom domain in front of protected domain
+    const domainAliases = [{ value: domainAlias, isProtected: false }, ...dbSite.domainAliases];
+
+    const updateResult = await states.site.update({ _id: id }, { $set: { domainAliases } });
     logger.debug('add domain alias update result', { id, updateResult, domainAlias });
 
     const newSite = await states.site.findOne({ _id: id });

package/lib/states/blocklet.js

@@ -20,7 +20,7 @@ const {
 const logger = require('@abtnode/logger')('state-blocklet');
 
 const BaseState = require('./base');
-const { forEachBlocklet } = require('../util/blocklet');
+const { forEachBlocklet, checkDuplicateComponents } = require('../util/blocklet');
 const { validateBlockletMeta } = require('../util');
 
 const lock = new Lock('blocklet-port-assign-lock');
@@ -80,7 +80,11 @@ class BlockletState extends BaseState {
 
   getBlocklet(did) {
     return new Promise((resolve, reject) => {
-      this.db.findOne({ 'meta.did': did }, (err, doc) => {
+      if (!did) {
+        resolve(null);
+      }
+
+      this.db.findOne({ $or: [{ 'meta.did': did }, { appDid: did }] }, (err, doc) => {
         if (err) {
           return reject(err);
         }
@@ -160,6 +164,7 @@ class BlockletState extends BaseState {
             // add to db
             this.db.insert(
               {
+                appDid: null, // will updated later when updating blocklet environments
                 mode,
                 meta: omit(sanitized, ['htmlAst']),
                 status,
@@ -391,13 +396,20 @@ class BlockletState extends BaseState {
     return result;
   }
 
-  async setBlockletStatus(did, status) {
+  /**
+   * @param {String} did blocklet did
+   * @param {BlockletStatus} status blocklet status
+   *
+   * children status only different with parent before blocklet installation
+   * @param {Array<{did}>} children
+   */
+  async setBlockletStatus(did, status, { children } = {}) {
     if (typeof status === 'undefined') {
       throw new Error('Unsupported blocklet status');
     }
 
     const doc = await this.getBlocklet(did);
-    if (doc.status === status) {
+    if (doc.status === status && !children) {
       return formatBlocklet(doc, 'onRead', this.options.dek);
     }
 
@@ -412,6 +424,28 @@ class BlockletState extends BaseState {
       updates.stoppedAt = new Date();
     }
 
+    // update children status
+    updates.children = doc.children.map((child) => {
+      if (children === 'all') {
+        child.status = status;
+        return child;
+      }
+
+      if (!children) {
+        if (![BlockletStatus.waiting, BlockletStatus.upgrading, BlockletStatus.installing].includes(status)) {
+          child.status = status;
+        }
+
+        return child;
+      }
+
+      const inputChild = children.find((x) => x.did === child.meta.did);
+      if (inputChild) {
+        child.status = status;
+      }
+      return child;
+    });
+
     await this.update(doc._id, { $set: updates });
     return formatBlocklet({ ...doc, ...updates }, 'onRead', this.options.dek);
   }
@@ -463,6 +497,48 @@ class BlockletState extends BaseState {
 
     return children;
   }
+
+  async addChildren(did, children) {
+    const parent = await this.getBlocklet(did);
+    if (!parent) {
+      throw new Error('Blocklet does not exist');
+    }
+
+    const oldChildren = parent.children || [];
+
+    const newChildren = [...oldChildren];
+    for (const child of children) {
+      const { meta, mountPoint, sourceUrl = '', source = '', deployedFrom = '' } = child;
+
+      if (!mountPoint) {
+        throw new Error(`mountPoint is required when adding component ${meta.title || meta.name}`);
+      }
+
+      if (meta.did === parent.meta.did) {
+        throw new Error('Cannot add self as a component');
+      }
+
+      checkDuplicateComponents([child], newChildren);
+
+      newChildren.push({
+        mountPoint,
+        meta,
+        sourceUrl,
+        source,
+        deployedFrom,
+        dynamic: true,
+        status: BlockletStatus.added,
+      });
+    }
+
+    // use upgradeBlocklet to assign ports to children and write new data to db
+    return this.upgradeBlocklet({
+      meta: parent.meta,
+      source: parent.source,
+      deployedFrom: parent.deployedFrom,
+      children: newChildren,
+    });
+  }
 }
 
 BlockletState.BlockletStatus = BlockletStatus;

package/lib/states/node.js

@@ -92,7 +92,7 @@ class NodeState extends BaseState {
           mode,
           runtimeConfig,
           ownerNft,
-          launcherInfo,
+          launcher,
           didRegistry,
           didDomain,
           enablePassportIssuance = true,
@@ -128,7 +128,7 @@ class NodeState extends BaseState {
                 runtimeConfig,
                 ownerNft,
                 diskAlertThreshold: DISK_ALERT_THRESHOLD_PERCENT,
-                launcherInfo: launcherInfo || undefined,
+                launcher: launcher || undefined,
                 didRegistry,
                 didDomain,
                 enablePassportIssuance,
@@ -162,7 +162,8 @@ class NodeState extends BaseState {
   // FIXME: 这个接口比较危险，可能会修改一些本不应该修改的字段，后续需要考虑改进
   async updateNodeInfo(entity = {}) {
     const record = await this.read();
-    const updateResult = await this.update(record._id, { $set: omit(entity, ['ownerNft']) });
+
+    const updateResult = await this.update(record._id, { $set: omit(entity, ['ownerNft', 'sk']) });
     this.emit('node.updated', updateResult, record);
     return updateResult;
   }

package/lib/util/blocklet.js

@@ -42,7 +42,7 @@ const validateBlockletEntry = require('@blocklet/meta/lib/entry');
 const getBlockletEngine = require('@blocklet/meta/lib/engine');
 const getBlockletInfo = require('@blocklet/meta/lib/info');
 const { validateMeta, fixAndValidateService } = require('@blocklet/meta/lib/validate');
-const { forEachBlocklet } = require('@blocklet/meta/lib/util');
+const { forEachBlocklet, isFreeBlocklet } = require('@blocklet/meta/lib/util');
 
 const { validate: validateEngine, get: getEngine } = require('../blocklet/manager/engine');
 
@@ -951,7 +951,7 @@ const getRuntimeInfo = async (appId) => {
 
 /**
  * merge services
- * from meta.children[].mountPoints[].services
+ * from meta.children[].mountPoints[].services, meta.children[].services
  * to childrenMeta[].interfaces[].services
  *
  * @param {array<child>|object{children:array}} source e.g. [<config>] or { children: [<config>] }
@@ -993,6 +993,23 @@ const mergeMeta = (source, childrenMeta = []) => {
         childInterface.services = services;
       }
     });
+
+    if (config.services) {
+      const childInterface = findWebInterface(childMeta);
+      if (childInterface) {
+        // merge
+        const services = childInterface.services || [];
+        config.services.forEach((x) => {
+          const index = services.findIndex((y) => y.name === x.name);
+          if (index >= 0) {
+            services.splice(index, 1, x);
+          } else {
+            services.push(x);
+          }
+        });
+        childInterface.services = services;
+      }
+    }
   });
 };
 
@@ -1101,6 +1118,34 @@ const getDiffFiles = async (inputFiles, sourceDir) => {
 
 const getBundleDir = (installDir, bundle) => path.join(installDir, bundle.name, bundle.version);
 
+const needBlockletDownload = (blocklet, oldBlocklet) => {
+  if ([BlockletSource.upload, BlockletSource.local, BlockletSource.custom].includes(blocklet.source)) {
+    return false;
+  }
+
+  if (!get(oldBlocklet, 'meta.dist.integrity')) {
+    return true;
+  }
+
+  if (get(oldBlocklet, 'meta.dist.integrity') === get(blocklet, 'meta.dist.integrity')) {
+    return false;
+  }
+
+  return true;
+};
+
+const verifyPurchase = (meta, opts = {}) => {
+  if (opts.blockletPurchaseVerified) {
+    return true;
+  }
+
+  if (isFreeBlocklet(meta)) {
+    return true;
+  }
+
+  throw new Error('Can not install a non-free blocklet directly');
+};
+
 module.exports = {
   forEachBlocklet,
   getBlockletMetaFromUrl,
@@ -1135,4 +1180,6 @@ module.exports = {
   checkDuplicateComponents,
   getDiffFiles,
   getBundleDir,
+  needBlockletDownload,
+  verifyPurchase,
 };

package/lib/util/get-accessible-external-node-ip.js

@@ -1,9 +1,9 @@
 const joinUrl = require('url-join');
 const axios = require('@abtnode/util/lib/axios');
-const { DEFAULT_DASHBOARD_DOMAIN, DEFAULT_ADMIN_PATH } = require('@abtnode/constant');
+const { DEFAULT_IP_DOMAIN, DEFAULT_ADMIN_PATH } = require('@abtnode/constant');
 const { get: getIp } = require('./ip');
 
-const getNodeDomain = (ip) => (ip ? DEFAULT_DASHBOARD_DOMAIN.replace(/^\*/, ip.replace(/\./g, '-')) : '');
+const getNodeDomain = (ip) => (ip ? DEFAULT_IP_DOMAIN.replace(/^\*/, ip.replace(/\./g, '-')) : '');
 
 let cache = null;
 

package/lib/util/index.js

@@ -373,7 +373,7 @@ const getBaseUrls = async (node, ips) => {
   if (info.routing.provider !== ROUTER_PROVIDER_NONE && info.routing.snapshotHash && info.routing.adminPath) {
     const sites = await node.getSitesFromSnapshot();
 
-    const { dashboardDomain } = info.routing;
+    const { ipWildcardDomain } = info.routing;
     const adminPath = normalizePathPrefix(info.routing.adminPath);
     const tmpHttpPort = getPort(httpPort, DEFAULT_HTTP_PORT);
 
@@ -383,12 +383,12 @@ const getBaseUrls = async (node, ips) => {
       };
     });
 
-    if (dashboardDomain) {
-      const site = sites.find((c) => (c.domainAliases || []).find((item) => item.value === dashboardDomain));
+    if (ipWildcardDomain) {
+      const site = sites.find((c) => (c.domainAliases || []).find((item) => item.value === ipWildcardDomain));
       if (site) {
-        const httpInfo = await getHttpInfo(dashboardDomain);
+        const httpInfo = await getHttpInfo(ipWildcardDomain);
         const httpsUrls = availableIps.map((ip) => ({
-          url: `${httpInfo.protocol}://${transformIPToDomain(ip)}.${dashboardDomain.substring(2)}${
+          url: `${httpInfo.protocol}://${transformIPToDomain(ip)}.${ipWildcardDomain.substring(2)}${
             httpInfo.port
           }${adminPath}`,
         }));

package/lib/util/upgrade.js

@@ -27,9 +27,6 @@ const waitUpdaterRpc = async (message) =>
 const checkNewVersion = async (params, context) => {
   try {
     const info = await states.node.read();
-    if (!info.autoUpgrade) {
-      return '';
-    }
 
     if (!process.env.ABT_NODE_PACKAGE_NAME) {
       logger.error('ABT_NODE_PACKAGE_NAME name was not found in environment');
@@ -176,7 +173,14 @@ const getCron = () => ({
   name: 'check-update',
   time: '0 0 8 * * *', // check every day
   // time: '0 */5 * * * *', // check every 5 minutes
-  fn: checkNewVersion,
+  fn: async () => {
+    const info = await states.node.read();
+    if (!info.autoUpgrade) {
+      return;
+    }
+
+    checkNewVersion();
+  },
   options: { runOnInit: false },
 });
 

package/lib/webhook/index.js

@@ -1,13 +1,13 @@
 const logger = require('@abtnode/logger')('@abtnode/core:webhook:index');
-const upperFirst = require('lodash/upperFirst');
 
+const sortPriorityUrl = require('@abtnode/util/lib/sort-priority-url');
 const WebHookSender = require('./sender');
 const createQueue = require('../queue');
 const IP = require('../util/ip');
 const states = require('../states');
 const { getBaseUrls } = require('../util');
 
-const getSlackUrlInfo = (actionPath = '/notifications', urls) => {
+const getSlackUrlInfo = async (actionPath = '/notifications', urls) => {
   const info = [];
 
   if (actionPath && actionPath.startsWith('/blocklet/')) {
@@ -28,29 +28,27 @@ const getSlackUrlInfo = (actionPath = '/notifications', urls) => {
     });
   }
 
-  const httpUrls = urls.filter((x) => x.url.startsWith('http://'));
-  const httpsUrls = urls.filter((x) => x.url.startsWith('https://'));
-
-  const showUrls = httpsUrls.length ? httpsUrls : httpUrls;
-  const elements = [];
-  showUrls.forEach((x) => {
-    const { protocol } = new URL(x.url);
-    const normalized = `${x.url}${actionPath}`.replace(`${protocol}//`, '').replace(/\/+/g, '/');
-    const url = `${protocol}//${normalized}`;
-    elements.push({
-      type: 'button',
-      text: {
-        type: 'plain_text',
-        text: `${upperFirst(x.type)} Address`,
-      },
-      style: 'primary',
-      value: `${upperFirst(x.type)} Address`,
-      url,
-    });
-  });
+  const prioritys = await sortPriorityUrl(urls);
+  const priorityUrl = prioritys[0].url;
+
+  const { protocol } = new URL(priorityUrl);
+  const normalized = `${priorityUrl}${actionPath}`.replace(`${protocol}//`, '').replace(/\/+/g, '/');
+  const url = `${protocol}//${normalized}`;
+
   info.push({
     type: 'actions',
-    elements,
+    elements: [
+      {
+        type: 'button',
+        text: {
+          type: 'plain_text',
+          text: 'Click Me',
+        },
+        style: 'primary',
+        value: 'Click Me',
+        url,
+      },
+    ],
   });
 
   return info;
@@ -79,7 +77,8 @@ module.exports = ({ events, dataDirs, instance }) => {
           const { name } = nodeInfo;
           const options = { ...message, nodeInfo: `*${name}*` };
           if (item.type === 'slack') {
-            options.urlInfo = getSlackUrlInfo(message.action, baseUrls);
+            // eslint-disable-next-line
+            options.urlInfo = await getSlackUrlInfo(message.action, baseUrls);
           }
           try {
             // eslint-disable-next-line

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.6.18",
+  "version": "1.6.22",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,30 +19,30 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/certificate-manager": "1.6.18",
-    "@abtnode/constant": "1.6.18",
-    "@abtnode/cron": "1.6.18",
-    "@abtnode/db": "1.6.18",
-    "@abtnode/logger": "1.6.18",
-    "@abtnode/queue": "1.6.18",
-    "@abtnode/rbac": "1.6.18",
-    "@abtnode/router-provider": "1.6.18",
-    "@abtnode/static-server": "1.6.18",
-    "@abtnode/timemachine": "1.6.18",
-    "@abtnode/util": "1.6.18",
-    "@arcblock/did": "^1.14.8",
-    "@arcblock/event-hub": "1.14.8",
+    "@abtnode/certificate-manager": "1.6.22",
+    "@abtnode/constant": "1.6.22",
+    "@abtnode/cron": "1.6.22",
+    "@abtnode/db": "1.6.22",
+    "@abtnode/logger": "1.6.22",
+    "@abtnode/queue": "1.6.22",
+    "@abtnode/rbac": "1.6.22",
+    "@abtnode/router-provider": "1.6.22",
+    "@abtnode/static-server": "1.6.22",
+    "@abtnode/timemachine": "1.6.22",
+    "@abtnode/util": "1.6.22",
+    "@arcblock/did": "^1.14.16",
+    "@arcblock/event-hub": "1.14.16",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/vc": "^1.14.8",
-    "@blocklet/meta": "1.6.18",
+    "@arcblock/vc": "^1.14.16",
+    "@blocklet/meta": "1.6.22",
     "@fidm/x509": "^1.2.1",
     "@nedb/core": "^1.2.2",
     "@nedb/multi": "^1.2.2",
-    "@ocap/mcrypto": "^1.14.8",
-    "@ocap/util": "^1.14.8",
-    "@ocap/wallet": "^1.14.8",
+    "@ocap/mcrypto": "^1.14.16",
+    "@ocap/util": "^1.14.16",
+    "@ocap/wallet": "^1.14.16",
     "@slack/webhook": "^5.0.3",
-    "axios": "^0.21.4",
+    "axios": "^0.25.0",
     "axon": "^2.0.3",
     "chalk": "^4.0.0",
     "deep-diff": "^1.0.2",
@@ -53,7 +53,7 @@
     "is-base64": "^1.1.0",
     "is-ip": "^3.1.0",
     "is-url": "^1.2.4",
-    "joi": "^17.5.0",
+    "joi": "^17.6.0",
     "js-yaml": "^3.14.0",
     "lodash": "^4.17.21",
     "lru-cache": "^6.0.0",
@@ -75,5 +75,5 @@
     "express": "^4.17.1",
     "jest": "^27.4.5"
   },
-  "gitHead": "2f02f166869d8ebedc0466068f6ed90ab3e07b87"
+  "gitHead": "18ac52a439dbd04e4ace98d796b6de517503fb14"
 }