underpost 2.7.81 → 2.7.91

package/bin/deploy.js

@@ -25,6 +25,7 @@ import {
   Cmd,
   restoreMacroDb,
   fixDependencies,
+  setUpProxyMaintenanceServer,
 } from '../src/server/conf.js';
 import { buildClient } from '../src/server/client-build.js';
 import { range, setPad, timer, uniqueArray } from '../src/client/components/core/CommonJs.js';
@@ -32,6 +33,8 @@ import toJsonSchema from 'to-json-schema';
 import simpleGit from 'simple-git';
 import { MongooseDB } from '../src/db/mongo/MongooseDB.js';
 import { Lampp } from '../src/runtime/lampp/Lampp.js';
+import { DefaultConf } from '../conf.js';
+import { JSONweb } from '../src/server/client-formatted.js';
 
 const logger = loggerFactory(import.meta);
 
@@ -152,10 +155,15 @@ try {
           await deployRun(dataDeploy);
         } else {
           loadConf(process.argv[3]);
-          shellExec(`npm start ${process.argv[3]}`);
+          shellExec(`npm start ${process.argv.includes('maintenance') ? 'maintenance' : ''}`);
         }
       }
       break;
+
+    case 'remove-await-deploy': {
+      if (fs.existsSync(`./tmp/await-deploy`)) fs.remove(`./tmp/await-deploy`);
+      break;
+    }
     case 'new-nodejs-app':
       {
         const deployId = process.argv[3];
@@ -222,21 +230,18 @@ try {
       break;
     case 'build-full-client':
       {
+        if (!process.argv[3]) process.argv[3] = 'default';
         const { deployId, folder } = loadConf(process.argv[3]);
 
-        let argHost = process.argv[4] ? process.argv[4].split(',') : undefined;
-        let argPath = process.argv[5] ? process.argv[5].split(',') : undefined;
+        let argHost = process.argv[4] ? process.argv[4].split(',') : [];
+        let argPath = process.argv[5] ? process.argv[5].split(',') : [];
         let deployIdSingleReplicas = [];
         const serverConf = deployId
           ? JSON.parse(fs.readFileSync(`./conf/conf.server.json`, 'utf8'))
           : Config.default.server;
-        if (!deployId) {
-          argHost = 'default.net';
-          argPath = '/';
-        }
         for (const host of Object.keys(serverConf)) {
           for (const path of Object.keys(serverConf[host])) {
-            if (argHost && argPath && (!argHost.includes(host) || !argPath.includes(path))) {
+            if (argHost.length && argPath.length && (!argHost.includes(host) || !argPath.includes(path))) {
               delete serverConf[host][path];
             } else {
               serverConf[host][path].liteBuild = process.argv.includes('l') ? true : false;
@@ -278,6 +283,154 @@ try {
       }
       break;
 
+    case 'adminer': {
+      const directory = '/dd/engine/public/adminer';
+      // const host = '127.0.0.1';
+      const host = 'localhost';
+      const port = 80;
+      if (!process.argv.includes('server')) {
+        if (fs.existsSync(directory)) fs.removeSync(directory);
+        fs.mkdirSync(directory, { recursive: true });
+        shellExec(`cd ${directory} && wget https://www.adminer.org/latest.php -O adminer.php`);
+      }
+      Lampp.removeRouter();
+      Lampp.appendRouter(`  Listen ${port} 
+         <VirtualHost *:${port}>
+          DocumentRoot "${directory}"
+          ServerName ${host}:${port}
+
+          <Directory "${directory}">
+            Options Indexes FollowSymLinks MultiViews
+            AllowOverride All
+            Require all granted
+          </Directory>
+
+        </VirtualHost>
+        `);
+      if (Lampp.enabled() && Lampp.router) Lampp.initService({ daemon: true });
+      shellExec(`open /opt/lampp/apache2/conf/httpd.conf`);
+      break;
+    }
+
+    case 'pma':
+      {
+        const directory = '/dd/engine/public/phpmyadmin';
+        // const host = '127.0.0.1';
+        const host = 'localhost';
+        const port = 80;
+        // data config path: /etc/phpmyadmin
+
+        // The config.inc.php file is not required, and only needed for custom configurations
+
+        // phpmyadmin will first refer to ./libraries/config.default.php to retrieve the default values.
+
+        // If for some reason you need to modify the default values, and the ./config.inc.php
+        // file doesn't exist, you will need to create one as per the Installation documentation.
+
+        // You will also need to configure pmadb for some of phpmyadmin's special features such as bookmarks.
+
+        // CREATE USER 'pma'@'localhost' IDENTIFIED VIA mysql_native_password USING 'pmapass';
+        // GRANT SELECT, INSERT, UPDATE, DELETE ON `<pma_db>`.* TO 'pma'@'localhost';
+
+        if (!process.argv.includes('server')) {
+          // if (fs.existsSync(directory)) fs.removeSync(directory);
+          shellExec(`sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl`);
+          shellExec(`sudo phpenmod mbstring`);
+          shellExec(
+            `cd /usr/share/phpmyadmin && git init && git add . && git commit -m "Base phpMyAdmin implementation"`,
+          );
+        }
+
+        // if (!fs.existsSync(directory)) fs.mkdirSync(directory, { recursive: true });
+        // if (!fs.existsSync('./public/phpmyadmin/phpmyadmin'))
+        //   fs.copySync('/usr/share/phpmyadmin', './public/phpmyadmin/phpmyadmin');
+
+        Lampp.removeRouter();
+        Lampp.appendRouter(`  Listen ${port} `);
+        if (Lampp.enabled() && Lampp.router) Lampp.initService({ daemon: true });
+        // shellExec(`open /opt/lampp/apache2/conf/httpd.conf`);
+
+        // Create a link in /var/www like this:
+
+        // sudo ln -s /usr/share/phpmyadmin /var/www/
+
+        // Note: since 14.04 you may want to use /var/www/html/ instead of /var/www/
+
+        // If that's not working for you, you need to include PHPMyAdmin inside apache configuration.
+
+        // Open apache.conf using your favorite editor, mine is vim :)
+
+        // sudo vim /etc/apache2/apache2.conf
+
+        // Then add the following line:
+
+        // Include /etc/phpmyadmin/apache.conf
+
+        // For Ubuntu 15.04 and 16.04
+
+        // sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf
+        // sudo a2enconf phpmyadmin.conf
+        // sudo service apache2 reload
+        break;
+        Lampp.appendRouter(`   Listen ${port}
+
+        <VirtualHost *:${port}>
+            DocumentRoot "${directory}"
+            ServerName ${host}:${port}
+
+            <Directory "${directory}">
+              Options Indexes FollowSymLinks MultiViews
+              AllowOverride All
+              Require all granted
+            </Directory>
+
+          </VirtualHost>`);
+        // phpMyAdmin default Apache configuration:
+        Lampp.appendRouter(`
+
+          Listen ${port}
+
+          Alias /phpmyadmin /usr/share/phpmyadmin
+
+<Directory /usr/share/phpmyadmin>
+    Options Indexes FollowSymLinks
+    DirectoryIndex index.php
+
+    <IfModule mod_php5.c>
+        AddType application/x-httpd-php .php
+
+        php_flag magic_quotes_gpc Off
+        php_flag track_vars On
+        php_flag register_globals Off
+        php_value include_path .
+    </IfModule>
+
+</Directory>
+
+# Authorize for setup
+<Directory /usr/share/phpmyadmin/setup>
+    <IfModule mod_authn_file.c>
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    </IfModule>
+    Require valid-user
+</Directory>
+
+# Disallow web access to directories that don't need it
+<Directory /usr/share/phpmyadmin/libraries>
+    Order Deny,Allow
+    Deny from All
+</Directory>
+<Directory /usr/share/phpmyadmin/setup/lib>
+    Order Deny,Allow
+    Deny from All
+</Directory>
+
+          `);
+      }
+      break;
+
     case 'update-package':
       const files = await fs.readdir(`./engine-private/conf`, { recursive: true });
       const originPackage = JSON.parse(fs.readFileSync(`./package.json`, 'utf8'));
@@ -294,21 +447,37 @@ try {
       {
         if (fs.existsSync(`./tmp/await-deploy`)) fs.remove(`./tmp/await-deploy`);
         const dataDeploy = getDataDeploy({ deployGroupId: process.argv[3], buildSingleReplica: true });
-        await deployRun(dataDeploy, true);
+        if (!process.argv[4]) await setUpProxyMaintenanceServer({ deployGroupId: process.argv[3] });
+        await deployRun(
+          process.argv[4] ? dataDeploy.filter((d) => d.deployId.match(process.argv[4])) : dataDeploy,
+          true,
+        );
       }
       break;
 
-    case 'run-macro-build':
+    case 'build-macro':
       {
-        if (fs.existsSync(`./tmp/await-deploy`)) fs.remove(`./tmp/await-deploy`);
         const dataDeploy = getDataDeploy({ deployGroupId: process.argv[3], buildSingleReplica: true });
         for (const deploy of dataDeploy) {
-          shellExec(Cmd.conf(deploy.deployId));
-          shellExec(Cmd.build(deploy.deployId));
+          if (!process.argv[4] || (process.argv[4] && process.argv[4] === deploy.deployId)) {
+            shellExec(Cmd.conf(deploy.deployId));
+            shellExec(Cmd.build(deploy.deployId));
+          }
         }
-        await deployRun(dataDeploy, true);
       }
       break;
+    case 'macro': {
+      shellExec(`git checkout .`);
+      shellExec(`node bin/deploy build-macro ${process.argv.slice(3).join(' ')}`);
+      shellExec(`git checkout .`);
+      shellExec(`node bin/deploy run-macro ${process.argv.slice(3).join(' ')}`);
+      break;
+    }
+
+    case 'keep-server': {
+      await setUpProxyMaintenanceServer({ deployGroupId: process.argv[3] });
+      break;
+    }
     case 'prometheus':
     case 'prom':
       {
@@ -452,7 +621,7 @@ try {
               `./engine-private/replica/${replicaDeployId}/package.json`,
               fs
                 .readFileSync(`./engine-private/replica/${replicaDeployId}/package.json`, 'utf8')
-                .replaceAll(`--name ${deployId}`, `--name ${replicaDeployId}`),
+                .replaceAll(`${deployId}`, `${replicaDeployId}`),
               'utf8',
             );
           }
@@ -666,6 +835,167 @@ ${uniqueArray(logs.all.map((log) => `- ${log.author_name} ([${log.author_email}]
       break;
     }
 
+    case 'update-default-conf': {
+      const host = process.argv[3] ? process.argv[3] : 'underpostnet.github.io';
+      const path = process.argv[4] ? process.argv[4] : '/pwa-microservices-template-ghpkg';
+      DefaultConf.server = {
+        [host]: { [path]: DefaultConf.server['default.net']['/'] },
+      };
+      DefaultConf.server[host][path].apiBaseProxyPath = '/';
+      DefaultConf.server[host][path].apiBaseHost = 'www.nexodev.org';
+      fs.writeFileSync(
+        './conf.js',
+        `
+        const DefaultConf = ${JSONweb(DefaultConf)};
+        
+        export { DefaultConf }
+
+        `,
+        'utf8',
+      );
+
+      break;
+    }
+    case 'ssh-export-server-keys': {
+      fs.copyFile('/etc/ssh/ssh_host_rsa_key', './engine-private/deploy/ssh_host_rsa_key');
+      fs.copyFile('/etc/ssh/ssh_host_rsa_key.pub', './engine-private/deploy/ssh_host_rsa_key.pub');
+      break;
+    }
+    case 'ssh-import-server-keys': {
+      fs.copyFile('./engine-private/deploy/ssh_host_rsa_key', '/etc/ssh/ssh_host_rsa_key');
+      fs.copyFile('./engine-private/deploy/ssh_host_rsa_key.pub', '/etc/ssh/ssh_host_rsa_key.pub');
+      break;
+    }
+    case 'ssh-import-client-keys': {
+      const host = process.argv[3];
+      shellExec(`node bin/deploy set-ssh-keys ./engine-private/deploy/ssh_host_rsa_key${host ? ` ${host}` : ``} clean`);
+      break;
+    }
+    case 'ssh-keys': {
+      // create ssh keys
+      const sshAccount = process.argv[3]; // [sudo username]@[host/ip]
+      const destPath = process.argv[4];
+      // shellExec(`ssh-keygen -t ed25519 -C "${sshAccount}" -f ${destPath}`);
+      if (fs.existsSync(destPath)) {
+        fs.removeSync(destPath);
+        fs.removeSync(destPath + '.pub');
+      }
+      shellExec(`ssh-keygen -t rsa -b 4096 -C "${sshAccount}" -f ${destPath}`);
+      // add host to keyscan
+      // shellExec(`ssh-keyscan -t rsa ${sshAccount.split(`@`)[1]} >> ~/.ssh/known_hosts`);
+      break;
+    }
+
+    case 'set-ssh-keys': {
+      const files = ['authorized_keys', 'id_rsa', 'id_rsa.pub', 'known_hosts ', 'known_hosts.old'];
+
+      // > write
+      // >> append
+
+      // /root/.ssh/id_rsa
+      // /root/.ssh/id_rsa.pub
+      if (process.argv.includes('clean')) {
+        for (const file of files) {
+          if (fs.existsSync(`/root/.ssh/${file}`)) {
+            logger.info('remove', `/root/.ssh/${file}`);
+            fs.removeSync(`/root/.ssh/${file}`);
+          }
+          fs.writeFileSync(`/root/.ssh/${file}`, '', 'utf8');
+        }
+        shellExec('eval `ssh-agent -s`' + ` && ssh-add -D`);
+      }
+
+      const destPath = process.argv[3];
+      const sshAuthKeyTarget = '/root/.ssh/authorized_keys';
+      if (!fs.existsSync(sshAuthKeyTarget)) shellExec(`touch ${sshAuthKeyTarget}`);
+      shellExec(`cat ${destPath}.pub > ${sshAuthKeyTarget}`);
+      shellExec(`cat ${destPath} >> ${sshAuthKeyTarget}`);
+
+      if (!fs.existsSync('/root/.ssh/id_rsa')) shellExec(`touch ${'/root/.ssh/id_rsa'}`);
+      shellExec(`cat ${destPath} > ${'/root/.ssh/id_rsa'}`);
+
+      if (!fs.existsSync('/root/.ssh/id_rsa.pub')) shellExec(`touch ${'/root/.ssh/id_rsa.pub'}`);
+      shellExec(`cat ${destPath}.pub > ${'/root/.ssh/id_rsa.pub'}`);
+
+      shellExec(`chmod 700 /root/.ssh/`);
+      for (const file of files) {
+        shellExec(`chmod 600 /root/.ssh/${file}`);
+      }
+      const host = process.argv[4];
+      // add key
+      shellExec('eval `ssh-agent -s`' + ' && ssh-add /root/.ssh/id_rsa' + ' && ssh-add -l');
+      if (host) shellExec(`ssh-keyscan -H ${host} >> ~/.ssh/known_hosts`);
+      shellExec(`sudo systemctl enable ssh`);
+      shellExec(`sudo systemctl restart ssh`);
+      shellExec(`sudo systemctl status ssh`);
+
+      break;
+    }
+
+    case 'ssh': {
+      if (!process.argv.includes('server')) {
+        shellExec(`sudo apt update`);
+        shellExec(`sudo apt install openssh-server -y`);
+        shellExec(`sudo apt install ssh-askpass`);
+      }
+      shellExec(`sudo systemctl enable ssh`);
+      shellExec(`sudo systemctl restart ssh`);
+      shellExec(`sudo systemctl status ssh`);
+      // sudo service ssh restart
+      shellExec(`ip a`);
+
+      // adduser newuser
+      // usermod -aG sudo newuser
+
+      // ssh -i '/path/to/keyfile' username@server
+
+      // ssh-keygen -t ed25519 -C "your_email@example.com" -f $HOME/.ssh/id_rsa
+
+      // legacy: ssh-keygen -t rsa -b 4096 -C "your_email@example.com" -f $HOME/.ssh/id_rsa
+
+      // vi .ssh/authorized_keys
+      // chmod 700 .ssh
+      // chmod 600 authorized_keys
+
+      // cat id_rsa.pub > .ssh/authorized_keys
+
+      // add public key to authorized keys
+      // cat .ssh/id_ed25519.pub | ssh [sudo username]@[host/ip] 'cat >> .ssh/authorized_keys'
+
+      // 2. Open /etc/ssh/sshd_config file
+      // nano /etc/ssh/sshd_config
+
+      // 3. add example code to last line of file
+      // Match User newuser
+      //   PasswordAuthentication yes
+
+      // ssh [sudo username]@[host/ip]
+      // open port 22
+
+      // init ssh agent service
+      // eval `ssh-agent -s`
+
+      // list keys
+      // ssh-add -l
+
+      // add key
+      // ssh-add /root/.ssh/id_rsa
+
+      // remove
+      // ssh-add -d /path/to/private/key
+
+      // remove all
+      // ssh-add -D
+
+      // sshpass -p ${{ secrets.PSWD }} ssh -o StrictHostKeyChecking=no -p 22 ${{ secrets.USER}}@${{ secrets.VPS_IP }} 'cd /home/adam && ./deploy.sh'
+
+      // copies the public key of your default identity (use -i identity_file for other identities) to the remote host.
+      // ssh-copy-id user@hostname.example.com
+      // ssh-copy-id "user@hostname.example.com -p <port-number>"
+
+      break;
+    }
+
     default:
       break;
   }

package/bin/file.js

@@ -2,7 +2,7 @@ import fs from 'fs-extra';
 
 import { loggerFactory } from '../src/server/logger.js';
 import { cap, getCapVariableName, getDirname } from '../src/client/components/core/CommonJs.js';
-import { shellExec } from '../src/server/process.js';
+import { shellCd, shellExec } from '../src/server/process.js';
 import walk from 'ignore-walk';
 import { validateTemplatePath } from '../src/server/conf.js';
 
@@ -76,6 +76,22 @@ try {
         fs.copySync(`./.vscode`, `../pwa-microservices-template/.vscode`);
         fs.copySync(`./.github`, `../pwa-microservices-template/.github`);
         fs.copySync(`./src/client/public/default`, `../pwa-microservices-template/src/client/public/default`);
+
+        shellCd('../pwa-microservices-template');
+        for (const deletePath of ['CHANGELOG.md', 'README.md', 'package-lock.json', 'package.json']) {
+          shellExec(`git checkout ${deletePath}`);
+        }
+        for (const deletePath of [
+          '.github/workflows/coverall.yml',
+          '.github/workflows/docker-image.yml',
+          '.github/workflows/deploy.ssh.yml',
+          '.github/workflows/deploy.api-rest.yml',
+          'bin/web3.js',
+          'src/ipfs.js',
+          'src/k8s.js',
+        ]) {
+          fs.removeSync('../pwa-microservices-template/' + deletePath);
+        }
       }
 
       break;

package/bin/index.js

@@ -19,7 +19,7 @@ const globalBinFolder = `${shellExec(`npm root -g`, {
 
 const program = new Command();
 
-const version = '2.7.81';
+const version = '2.7.91';
 
 program.name('underpost').description(`underpost.net ci/cd cli ${version}`).version(version);
 

package/bin/util.js

@@ -3,6 +3,8 @@ import merge from 'deepmerge';
 import si from 'systeminformation';
 import * as dir from 'path';
 import { svg } from 'font-awesome-assets';
+import axios from 'axios';
+import https from 'https';
 
 import { loggerFactory } from '../src/server/logger.js';
 import { shellCd, shellExec } from '../src/server/process.js';
@@ -12,6 +14,11 @@ import { Config } from '../src/server/conf.js';
 import { FileFactory } from '../src/api/file/file.service.js';
 import { buildTextImg, faBase64Png, getBufferPngText } from '../src/server/client-icons.js';
 
+const httpsAgent = new https.Agent({
+  rejectUnauthorized: false,
+});
+axios.defaults.httpsAgent = httpsAgent;
+
 const logger = loggerFactory(import.meta);
 
 logger.info('argv', process.argv);
@@ -118,6 +125,10 @@ try {
       break;
     case 'delete-empty-folder':
       function cleanEmptyFoldersRecursively(folder) {
+        if (!fs.existsSync(folder)) {
+          logger.warn('Does not exist', folder);
+          return;
+        }
         const isDir = fs.statSync(folder).isDirectory();
         if (!isDir) return;
 
@@ -135,7 +146,11 @@ try {
 
         if (files.length === 0) {
           console.log('removing: ', folder);
-          fs.rmdirSync(folder);
+          try {
+            fs.rmdirSync(folder);
+          } catch (error) {
+            logger.error(error);
+          }
           return;
         }
       }
@@ -174,6 +189,21 @@ try {
       fs.writeFileSync('b64-image', `data:image/jpg;base64,${fs.readFileSync(process.argv[3]).toString('base64')}`);
       break;
 
+    case 'get-ip': {
+      const response = await axios.get(process.argv[3]);
+      logger.info(process.argv[3] + ' IP', response.request.socket.remoteAddress);
+      break;
+    }
+
+    case 'clean-env': {
+      shellExec(`git checkout package.json`);
+      shellExec(`git checkout .env.production`);
+      shellExec(`git checkout .env.development`);
+      shellExec(`git checkout .env.test`);
+      shellExec(`git checkout jsdoc.json`);
+      break;
+    }
+
     default:
       break;
   }

package/conf.js

@@ -2,8 +2,14 @@ const DefaultConf = {
   client: {
     default: {
       metadata: {
-        title: 'Default',
+        title: 'Demo App',
         backgroundImage: './src/client/public/default/assets/background/white0-min.jpg',
+        description: 'Web application',
+        keywords: ['web', 'app', 'spa', 'demo', 'github-pages'],
+        author: 'https://github.com/underpostnet',
+        thumbnail: 'android-chrome-384x384.png',
+        themeColor: '#ececec',
+        pwaAssetsPath: '',
       },
       components: {
         core: [
@@ -168,7 +174,7 @@ const DefaultConf = {
   },
   ssr: {
     Default: {
-      head: ['PwaDefault', 'Css', 'DefaultScripts'],
+      head: ['Seo', 'Pwa', 'Css', 'DefaultScripts', 'Production'],
       body: ['CacheControl', 'DefaultSplashScreen'],
     },
   },
@@ -227,8 +233,6 @@ const DefaultConf = {
   cron: {
     ipDaemon: {
       ip: null,
-      minutesTimeInterval: 3,
-      disabled: false,
     },
     records: {
       A: [
@@ -245,6 +249,16 @@ const DefaultConf = {
         deployGroupId: 'default-group',
       },
     ],
+    jobs: {
+      dns: {
+        expression: '* * * * *',
+        enabled: true,
+      },
+      backups: {
+        expression: '0 1 * * *',
+        enabled: true,
+      },
+    },
   },
 };
 

package/docker-compose.yml

@@ -58,7 +58,7 @@ services:
           cpus: '0.25'
           memory: 20M
     labels: # labels in Compose file instead of Dockerfile
-      engine.version: '2.7.81'
+      engine.version: '2.7.91'
     networks:
       - load-balancer
 

package/package.json

@@ -2,14 +2,15 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.7.81",
+    "version": "2.7.91",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",
         "pm2": "env-cmd -f .env.production pm2 start src/server.js --node-args=\"--max-old-space-size=8192\" --name engine && pm2 logs",
         "ssl": "env-cmd -f .env.production node bin/ssl",
         "pm2-delete": "pm2 delete engine",
-        "build": "node bin/deploy build-full-client --no-warnings",
+        "build": "node bin/deploy build-full-client",
+        "build-production": "env-cmd -f .env.production node bin/deploy build-full-client",
         "dev": "env-cmd -f .env.development node src/client.dev --no-warnings",
         "dev-api": "env-cmd -f .env.development nodemon --watch src --ignore src/client src/api",
         "docs": "jsdoc -c jsdoc.json",
@@ -95,7 +96,6 @@
         "marked": "^12.0.2",
         "mongoose": "^8.0.1",
         "morgan": "^1.10.0",
-        "node-cron": "^3.0.3",
         "nodemailer": "^6.9.9",
         "nodemon": "^3.0.1",
         "pathfinding": "^0.4.18",

package/src/api/core/core.router.js

@@ -1,4 +1,4 @@
-import { authMiddleware } from '../../server/auth.js';
+import { adminGuard, authMiddleware } from '../../server/auth.js';
 import { loggerFactory } from '../../server/logger.js';
 import { CoreController } from './core.controller.js';
 import express from 'express';
@@ -7,14 +7,14 @@ const logger = loggerFactory(import.meta);
 
 const CoreRouter = (options) => {
   const router = express.Router();
-  router.post(`/:id`, async (req, res) => await CoreController.post(req, res, options));
-  router.post(`/`, async (req, res) => await CoreController.post(req, res, options));
-  router.get(`/:id`, async (req, res) => await CoreController.get(req, res, options));
-  router.get(`/`, async (req, res) => await CoreController.get(req, res, options));
-  router.put(`/:id`, async (req, res) => await CoreController.put(req, res, options));
-  router.put(`/`, async (req, res) => await CoreController.put(req, res, options));
-  router.delete(`/:id`, async (req, res) => await CoreController.delete(req, res, options));
-  router.delete(`/`, async (req, res) => await CoreController.delete(req, res, options));
+  router.post(`/:id`, authMiddleware, adminGuard, async (req, res) => await CoreController.post(req, res, options));
+  router.post(`/`, authMiddleware, adminGuard, async (req, res) => await CoreController.post(req, res, options));
+  router.get(`/:id`, authMiddleware, adminGuard, async (req, res) => await CoreController.get(req, res, options));
+  router.get(`/`, authMiddleware, adminGuard, async (req, res) => await CoreController.get(req, res, options));
+  router.put(`/:id`, authMiddleware, adminGuard, async (req, res) => await CoreController.put(req, res, options));
+  router.put(`/`, authMiddleware, adminGuard, async (req, res) => await CoreController.put(req, res, options));
+  router.delete(`/:id`, authMiddleware, adminGuard, async (req, res) => await CoreController.delete(req, res, options));
+  router.delete(`/`, authMiddleware, adminGuard, async (req, res) => await CoreController.delete(req, res, options));
   return router;
 };