cloudron 6.0.0 → 7.0.1

package/src/config.js

@@ -1,74 +1,41 @@
-/* jshint node:true */
+import fs from 'fs';
+import path from 'path';
+import safe from '@cloudron/safetydance';
 
-'use strict';
+const HOME = process.env.HOME || process.env.HOMEPATH || process.env.USERPROFILE;
 
-var fs = require('fs'),
-    path = require('path'),
-    safe = require('safetydance');
+const _configFilePath = path.join(HOME, '.cloudron.json');
 
-var HOME = process.env.HOME || process.env.HOMEPATH || process.env.USERPROFILE;
-
-exports = module.exports = {
-    setActive: setActive,
-
-    set: set,
-    get: get,
-
-    cloudronGet: cloudronGet,
-    cloudronSet: cloudronSet,
-
-    // appstore
-    appStoreToken,
-    setAppStoreToken,
-    appStoreOrigin,
-
-    // per app
-    getAppConfig: (path) => get(['apps', path]) || {},
-    setAppConfig: (path, c) => set(['apps', path], c),
-
-    // build service
-    getBuildServiceConfig: () => get('buildService') || {},
-    setBuildServiceConfig: (c) => set('buildService', c),
-
-    // current cloudron
-    token: cloudronGet.bind(null, 'token'),
-    setToken: cloudronSet.bind(null, 'token'),
-
-    cloudron: cloudronGet.bind(null, 'cloudron'),
-    setCloudron: cloudronSet.bind(null, 'cloudron'),
-
-    apiEndpoint: cloudronGet.bind(null, 'apiEndpoint'),
-    setApiEndpoint: cloudronSet.bind(null, 'apiEndpoint'),
-
-    allowSelfsigned: cloudronGet.bind(null, 'allowSelfsigned'),
-    setAllowSelfsigned: cloudronSet.bind(null, 'allowSelfsigned'),
-
-    // for testing
-    _configFilePath: path.join(HOME, '.cloudron.json')
-};
-
-var gConfig = safe.JSON.parse(safe.fs.readFileSync(exports._configFilePath)) || {};
+var gConfig = safe.JSON.parse(safe.fs.readFileSync(_configFilePath)) || {};
 
 // per default we fetch the last cloudron which a user performed an explicit login
 var gCurrent = safe.query(gConfig, 'cloudrons.default') || null;
 
 // This is mostly called from helper.detectCloudronApiEndpoint() which will select the correct config section then
-function setActive(apiEndpoint) {
-    gCurrent = apiEndpoint;
+function setActive(endpoint) {
+    gCurrent = endpoint;
 }
 
 function save() {
-    fs.writeFileSync(exports._configFilePath, JSON.stringify(gConfig, null, 4));
+    fs.writeFileSync(_configFilePath, JSON.stringify(gConfig, null, 4));
 }
 
 function set(key, value) {
     // reload config from disk and set. A parallel cli process could have adjusted values
-    gConfig = safe.JSON.parse(safe.fs.readFileSync(exports._configFilePath)) || {};
+    gConfig = safe.JSON.parse(safe.fs.readFileSync(_configFilePath)) || {};
 
     safe.set(gConfig, key, value);
     save();
 }
 
+function unset(key) {
+    // reload config from disk and set. A parallel cli process could have adjusted values
+    gConfig = safe.JSON.parse(safe.fs.readFileSync(_configFilePath)) || {};
+
+    safe.unset(gConfig, key);
+    save();
+}
+
 function get(key) {
     return safe.query(gConfig, key);
 }
@@ -89,7 +56,65 @@ function appStoreToken() {
     return get(['appStore', appStoreOrigin().replace('https://', ''), 'token']);
 }
 
-function setAppStoreToken(token) {
-    set(['appStore', appStoreOrigin().replace('https://', ''), 'token'], token);
+function setAppStoreToken(value) {
+    set(['appStore', appStoreOrigin().replace('https://', ''), 'token'], value);
 }
 
+const getAppBuildConfig = (p) => get(['apps', p]) || {};
+const setAppBuildConfig = (p, c) => set(['apps', p], c);
+const unsetAppBuildConfig = (p) => unset(['apps', p]);
+
+const getBuildServiceConfig = () => get('buildService') || {};
+const setBuildServiceConfig = (c) => set('buildService', c);
+
+const token = cloudronGet.bind(null, 'token');
+const setToken = cloudronSet.bind(null, 'token');
+
+const cloudron = cloudronGet.bind(null, 'cloudron');
+const setCloudron = cloudronSet.bind(null, 'cloudron');
+
+const apiEndpoint = cloudronGet.bind(null, 'apiEndpoint');
+const setApiEndpoint = cloudronSet.bind(null, 'apiEndpoint');
+
+const allowSelfsigned = cloudronGet.bind(null, 'allowSelfsigned');
+const setAllowSelfsigned = cloudronSet.bind(null, 'allowSelfsigned');
+
+export {
+    setActive,
+
+    set,
+    get,
+
+    cloudronGet,
+    cloudronSet,
+
+    // appstore
+    appStoreToken,
+    setAppStoreToken,
+    appStoreOrigin,
+
+    // per app
+    getAppBuildConfig,
+    setAppBuildConfig,
+    unsetAppBuildConfig,
+
+    // build service
+    getBuildServiceConfig,
+    setBuildServiceConfig,
+
+    // current cloudron
+    token,
+    setToken,
+
+    cloudron,
+    setCloudron,
+
+    apiEndpoint,
+    setApiEndpoint,
+
+    allowSelfsigned,
+    setAllowSelfsigned,
+
+    // for testing
+    _configFilePath
+};

package/src/helper.js

@@ -1,16 +1,11 @@
-/* jshint node:true */
-
-'use strict';
-
-const fs = require('fs'),
-    path = require('path'),
-    util = require('util');
-
-exports = module.exports = {
-    exit,
-
-    locateManifest,
-};
+import crypto from 'crypto';
+import fs from 'fs';
+import http from 'http';
+import open from 'open';
+import path from 'path';
+import safe from '@cloudron/safetydance';
+import superagent from '@cloudron/superagent';
+import util from 'util';
 
 function exit(error) {
     if (error instanceof Error) console.log(error.message);
@@ -34,3 +29,150 @@ function locateManifest() {
 
     return null;
 }
+
+async function locateVersions() {
+    let curdir = process.cwd();
+    do {
+        const candidate = path.join(curdir, 'CloudronVersions.json');
+        if (fs.existsSync(candidate)) return candidate;
+
+        // check if we can't go further up (the previous check for '/' breaks on windows)
+        if (curdir === path.resolve(curdir, '..')) break;
+
+        curdir = path.resolve(curdir, '..');
+    // eslint-disable-next-line no-constant-condition
+    } while (true);
+
+    return null;
+}
+
+function parseChangelog(file, version) {
+    let changelog = '';
+    const data = safe.fs.readFileSync(file, 'utf8');
+    if (!data) return null;
+    const lines = data.split('\n');
+
+    version = version.replace(/-.*/, ''); // remove any prerelease
+
+    let i;
+    for (i = 0; i < lines.length; i++) {
+        if (lines[i] === '[' + version + ']') break;
+    }
+
+    for (i = i + 1; i < lines.length; i++) {
+        if (lines[i] === '') continue;
+        if (lines[i][0] === '[') break;
+
+        changelog += lines[i] + '\n';
+    }
+
+    return changelog;
+}
+
+async function performOidcLogin(adminFqdn, { rejectUnauthorized = true } = {}) {
+    const OIDC_CLIENT_ID = 'cid-cli';
+    const OIDC_CLIENT_SECRET = 'notused';
+    const OIDC_PROVIDER = `https://${adminFqdn}`;
+    const OIDC_CALLBACK_URL = 'http://localhost:1312/callback';
+
+    // Discover OIDC endpoints
+    const discoveryRequest = superagent.get(`${OIDC_PROVIDER}/.well-known/openid-configuration`).timeout(60000);
+    if (!rejectUnauthorized) discoveryRequest.disableTLSCerts();
+    const discoveryResponse = await discoveryRequest;
+    const { authorization_endpoint, token_endpoint } = discoveryResponse.body;
+
+    // Generate PKCE code_verifier and code_challenge (S256)
+    const codeVerifier = crypto.randomBytes(32).toString('base64url');
+    const codeChallenge = crypto.createHash('sha256').update(codeVerifier).digest('base64url');
+
+    // Generate state for CSRF protection
+    const state = crypto.randomBytes(16).toString('hex');
+
+    // Build authorization URL
+    const authUrl = new URL(authorization_endpoint);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set('client_id', OIDC_CLIENT_ID);
+    authUrl.searchParams.set('redirect_uri', OIDC_CALLBACK_URL);
+    authUrl.searchParams.set('state', state);
+    authUrl.searchParams.set('scope', 'openid');
+    authUrl.searchParams.set('code_challenge', codeChallenge);
+    authUrl.searchParams.set('code_challenge_method', 'S256');
+
+    // Start local HTTP server and wait for the OIDC callback
+    const code = await new Promise((resolve, reject) => {
+        const server = http.createServer((req, res) => {
+            const url = new URL(req.url, 'http://localhost:1312');
+            if (url.pathname !== '/callback') {
+                res.writeHead(404);
+                res.end('Not found');
+                return;
+            }
+
+            const error = url.searchParams.get('error');
+            if (error) {
+                const description = url.searchParams.get('error_description') || error;
+                res.writeHead(200, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h1>Login failed</h1><p>' + description + '</p><p>You can close this window.</p></body></html>');
+                server.close();
+                reject(new Error(`OIDC login failed: ${description}`));
+                return;
+            }
+
+            const receivedState = url.searchParams.get('state');
+            if (receivedState !== state) {
+                res.writeHead(400, { 'Content-Type': 'text/html' });
+                res.end('<html><body><h1>Login failed</h1><p>State mismatch.</p></body></html>');
+                server.close();
+                reject(new Error('OIDC state mismatch'));
+                return;
+            }
+
+            const receivedCode = url.searchParams.get('code');
+            res.writeHead(200, { 'Content-Type': 'text/html' });
+            res.end('<html><body><h1>Login successful!</h1><p>You can close this window and return to the terminal.</p></body></html>');
+            server.close();
+            resolve(receivedCode);
+        });
+
+        server.listen(1312, () => {
+            console.log('Opening browser for authentication...');
+            open(authUrl.toString());
+        });
+
+        server.on('error', (err) => {
+            reject(new Error(`Failed to start local server: ${err.message}`));
+        });
+
+        // Timeout after 2 minutes so the CLI doesn't hang indefinitely
+        setTimeout(() => {
+            server.close();
+            reject(new Error('Login timed out after 2 minutes'));
+        }, 120000);
+    });
+
+    // Exchange authorization code for access token
+    const tokenBody = new URLSearchParams({
+        grant_type: 'authorization_code',
+        code,
+        redirect_uri: OIDC_CALLBACK_URL,
+        client_id: OIDC_CLIENT_ID,
+        client_secret: OIDC_CLIENT_SECRET,
+        code_verifier: codeVerifier,
+    }).toString();
+    const tokenRequest = superagent.post(token_endpoint)
+        .timeout(60000)
+        .set('Content-Type', 'application/x-www-form-urlencoded')
+        .send(tokenBody);
+    if (!rejectUnauthorized) tokenRequest.disableTLSCerts();
+    const tokenResponse = await tokenRequest;
+
+    return tokenResponse.body.access_token;
+}
+
+export {
+    exit,
+    locateManifest,
+    parseChangelog,
+    locateVersions,
+    performOidcLogin,
+};

package/src/readline.js

@@ -1,21 +1,19 @@
-'use strict';
-
-exports = module.exports = {
-    question
-};
-
-const readline = require('node:readline/promises'),
-    { Writable } = require('node:stream');
+import readline from 'node:readline/promises';
+import safe from '@cloudron/safetydance';
+import { Writable } from 'node:stream';
 
 async function question(query, options) {
     const output = options.noEchoBack
         ? new Writable({ write: function (chunk, encoding, callback) { callback(); } })
         : process.stdout;
-    process.stdin.setRawMode(options.noEchoBack); // raw mode gives each keypress as opposd to line based cooked mode
+    process.stdin.setRawMode(options.noEchoBack); // raw mode gives each keypress as opposed to line based cooked mode
     const rl = readline.createInterface({ input: process.stdin, output });
     if (options.noEchoBack) process.stdout.write(query);
-    const answer = await rl.question(query, options);
+    const [error, answer] = await safe(rl.question(query, options));
+    if (error) return process.exit(1); // like AbortError for ^C
     rl.close();
     if (options.noEchoBack) process.stdout.write('\n');
     return answer;
 }
+
+export { question };

package/src/templates/CloudronManifest.appstore.json.ejs

@@ -2,14 +2,14 @@
   "id": "",
   "version": "<%- version %>",
   "upstreamVersion": "",
-  "minBoxVersion": "7.1.0",
+  "minBoxVersion": "9.0.0",
   "title": "",
   "author": "",
   "description": "file://DESCRIPTION.md",
   "tagline": "",
   "website": "",
   "contactEmail": "",
-  "icon": "file://logo.png",
+  "iconUrl": "https-logo.png",
   "healthCheckPath": "/",
   "mediaLinks": [],
   "httpPort": <%- httpPort %>,

package/src/versions-actions.js

@@ -0,0 +1,184 @@
+import { exit, locateManifest, locateVersions, parseChangelog } from './helper.js';
+import * as config from './config.js';
+import fs from 'fs';
+import fsPromises from 'fs/promises';
+import manifestFormat from '@cloudron/manifest-format';
+import path from 'path';
+import safe from '@cloudron/safetydance';
+import Table from 'easy-table';
+
+const NO_MANIFEST_FOUND_ERROR_STRING = 'No CloudronManifest.json found';
+const NO_VERSIONS_FOUND_ERROR_STRING = 'No CloudronVersions.json found. Use "cloudron versions init" to create one.';
+
+const PUBLISH_STATE_TESTING = 'testing';
+const PUBLISH_STATE_PUBLISHED = 'published';
+const PUBLISH_STATE_REVOKED = 'revoked';
+
+async function readVersions(versionsFilePath) {
+    if (!fs.existsSync(versionsFilePath)) exit('No CloudronVersions.json found, create it first with "cloudron versions init"');
+
+    const data = fs.readFileSync(versionsFilePath, 'utf8');
+    const versionsRoot = safe.JSON.parse(data);
+
+    const error = manifestFormat.parseVersions(versionsRoot);
+    if (error) throw new Error(`${path.relative(process.cwd(), versionsFilePath)} is corrupt: ${error.message}`);
+
+    return versionsRoot;
+}
+
+async function writeVersions(versionsFilePath, versionsRoot) {
+    const [error] = await safe(fsPromises.writeFile(versionsFilePath, JSON.stringify(versionsRoot, null, 4), 'utf8'));
+    if (error) return exit(`Unable to write to ${path.relative(process.cwd(), versionsFilePath)}: ${error.message}`);
+}
+
+async function init(/*localOptions, cmd*/) {
+    const manifestFilePath = locateManifest();
+    if (!manifestFilePath) return exit(`${NO_MANIFEST_FOUND_ERROR_STRING}. You must run this command in the package dir.`);
+
+    const baseDir = path.dirname(manifestFilePath);
+    const versionsFilePath = `${baseDir}/CloudronVersions.json`;
+
+    if (fs.existsSync(versionsFilePath)) return exit(`${path.relative(process.cwd(), versionsFilePath)} already exists.`);
+
+    await writeVersions(versionsFilePath, { stable: true, versions: {} });
+    console.log(`Created ${path.relative(process.cwd(), versionsFilePath)}. Use "cloudron versions add" to add a version.`);
+}
+
+async function resolveManifest(manifest, baseDir) {
+    if (manifest.description.slice(0, 7) === 'file://') {
+        let descriptionFilePath = manifest.description.slice(7);
+        descriptionFilePath = path.isAbsolute(descriptionFilePath) ? descriptionFilePath : path.join(baseDir, descriptionFilePath);
+        manifest.description = safe.fs.readFileSync(descriptionFilePath, 'utf8');
+        if (!manifest.description && safe.error) throw(new Error('Could not read/parse description ' + safe.error.message));
+        if (!manifest.description) throw new Error('Description cannot be empty');
+    }
+
+    if (manifest.postInstallMessage && manifest.postInstallMessage.slice(0, 7) === 'file://') {
+        let postInstallFilePath = manifest.postInstallMessage.slice(7);
+        postInstallFilePath = path.isAbsolute(postInstallFilePath) ? postInstallFilePath : path.join(baseDir, postInstallFilePath);
+        manifest.postInstallMessage = safe.fs.readFileSync(postInstallFilePath, 'utf8');
+        if (!manifest.postInstallMessage && safe.error) throw(new Error('Could not read/parse postInstall ' + safe.error.message));
+        if (!manifest.postInstallMessage) throw new Error('PostInstall file specified but it is empty');
+    }
+
+    if (manifest.changelog.slice(0, 7) === 'file://') {
+        let changelogPath = manifest.changelog.slice(7);
+        changelogPath = path.isAbsolute(changelogPath) ? changelogPath : path.join(baseDir, changelogPath);
+        manifest.changelog = parseChangelog(changelogPath, manifest.version);
+        if (!manifest.changelog) throw new Error('Bad changelog format or missing changelog for this version');
+    }
+}
+
+async function addOrUpdate(localOptions, cmd) {
+    const isUpdate = cmd.parent.args[0] === 'update';
+    const versionsFilePath = await locateVersions();
+    if (!versionsFilePath) return exit(NO_VERSIONS_FOUND_ERROR_STRING);
+
+    const options = cmd.optsWithGlobals();
+    // try to find the manifest of this project
+    const manifestFilePath = locateManifest();
+    if (!manifestFilePath) return exit(NO_MANIFEST_FOUND_ERROR_STRING);
+
+    const result = manifestFormat.parseFile(manifestFilePath);
+    if (result.error) return exit(result.error.message);
+
+    const manifest = result.manifest;
+
+    const sourceDir = path.dirname(manifestFilePath);
+    const appConfig = config.getAppBuildConfig(sourceDir);
+
+    if (options.image) {
+        manifest.dockerImage = options.image;
+    } else {
+        manifest.dockerImage = appConfig.dockerImage;
+    }
+
+    if (!manifest.dockerImage) exit('No docker image found, run `cloudron build` first');
+
+    const error = manifestFormat.checkVersionsRequirements(manifest);
+    if (error) return exit(error);
+
+    const versionsRoot = await readVersions(versionsFilePath);
+    const versions = versionsRoot.versions;
+
+    await resolveManifest(manifest, path.dirname(manifestFilePath));
+
+    if (options.state && options.state !== PUBLISH_STATE_PUBLISHED && options.state !== PUBLISH_STATE_TESTING) {
+        return exit(`Invalid state "${options.state}". Must be "published" or "testing".`);
+    }
+
+    if (isUpdate) {
+        const targetVersion = options.version || manifest.version;
+        if (!(targetVersion in versions)) exit(`${targetVersion} does not exist in ${path.relative(process.cwd(), versionsFilePath)}.`);
+
+        versions[targetVersion].manifest = manifest;
+        versions[targetVersion].ts = (new Date()).toUTCString();
+        if (options.state) versions[targetVersion].publishState = options.state;
+    } else {
+        if (manifest.version in versions) exit(`${manifest.version} already exists in ${path.relative(process.cwd(), versionsFilePath)}.`);
+        versions[manifest.version] = {
+            manifest,
+            creationDate: (new Date()).toUTCString(),
+            ts: (new Date()).toUTCString(),
+            publishState: options.state || PUBLISH_STATE_PUBLISHED
+        };
+    }
+
+    await writeVersions(versionsFilePath, versionsRoot);
+
+    if (isUpdate) {
+        const targetVersion = options.version || manifest.version;
+        console.log(`Updated ${targetVersion} in ${path.relative(process.cwd(), versionsFilePath)}`);
+    } else {
+        console.log(`Added ${manifest.version} in ${path.relative(process.cwd(), versionsFilePath)}`);
+    }
+}
+
+async function list(/*localOptions, cmd*/) {
+    const versionsFilePath = await locateVersions();
+    if (!versionsFilePath) return exit(NO_VERSIONS_FOUND_ERROR_STRING);
+
+    const versionsRoot = await readVersions(versionsFilePath);
+    const versions = versionsRoot.versions;
+    const sortedVersions = Object.keys(versions).sort(manifestFormat.packageVersionCompare);
+    if (sortedVersions.length === 0) {
+        console.log('No versions');
+        return;
+    }
+
+    const t = new Table();
+
+    for (const version of sortedVersions) {
+        t.cell('Version', versions[version].manifest.version);
+        t.cell('Creation Date', versions[version].creationDate);
+        t.cell('Image', versions[version].manifest.dockerImage);
+        t.cell('Publish state', versions[version].publishState);
+        t.newRow();
+    }
+
+    console.log(t.toString());
+}
+
+async function revoke() {
+    const versionsFilePath = await locateVersions();
+    if (!versionsFilePath) return exit(NO_VERSIONS_FOUND_ERROR_STRING);
+
+    const versionsRoot = await readVersions(versionsFilePath);
+    const versions = versionsRoot.versions;
+    const sortedVersions = Object.keys(versions).sort(manifestFormat.packageVersionCompare);
+    const latestVersion = sortedVersions.at(-1);
+    if (versions[latestVersion].publishState !== PUBLISH_STATE_PUBLISHED) {
+        return exit(`Only versions in "${PUBLISH_STATE_PUBLISHED}" can be revoked. ${latestVersion} is currently marked as "${versions[latestVersion].publishState}"`);
+    }
+
+    versions[latestVersion].publishState = PUBLISH_STATE_REVOKED;
+    await writeVersions(versionsFilePath, versionsRoot);
+    console.log(`Marked ${latestVersion} as revoked in ${path.relative(process.cwd(), versionsFilePath)}`);
+}
+
+export default {
+    init,
+    addOrUpdate,
+    list,
+    revoke,
+};