underpost 2.8.52 → 2.8.56

package/src/db/mongo/MongooseDB.js

@@ -79,7 +79,19 @@ const MongooseDB = {
               if (process.argv.includes('rocky')) {
                 // https://github.com/mongodb/mongodb-selinux
                 // https://www.mongodb.com/docs/v7.0/tutorial/install-mongodb-enterprise-on-red-hat/
-                shellExec(`sudo chown -R mongod:mongod /var/lib/mongo`);
+                // https://www.mongodb.com/docs/v6.0/tutorial/install-mongodb-on-red-hat/
+                // https://www.mongodb.com/docs/v4.4/tutorial/install-mongodb-on-red-hat/
+                // dnf install selinux-policy-devel
+                // git clone https://github.com/mongodb/mongodb-selinux
+                // cd mongodb-selinux
+                // make
+                // sudo make install
+                // yum list installed | grep mongo
+                // sudo yum erase $(rpm -qa | grep mongodb)
+                // remove service
+                // sudo systemctl reset-failed
+                // MongoDB 5.0+ requires a CPU with AVX support
+                // check: grep avx /proc/cpuinfo
               }
               logger.info('install legacy 4.4');
               shellExec(`wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -`);
@@ -112,9 +124,13 @@ const MongooseDB = {
           shellExec(`sudo systemctl unmask mongod`);
           shellExec(`sudo pkill -f mongod`);
           shellExec(`sudo systemctl enable mongod.service`);
+
           shellExec(`sudo chown -R mongodb:mongodb /var/lib/mongodb`);
           shellExec(`sudo chown mongodb:mongodb /tmp/mongodb-27017.sock`);
 
+          shellExec(`sudo chown -R mongod:mongod /var/lib/mongodb`);
+          shellExec(`sudo chown mongod:mongod /tmp/mongodb-27017.sock`);
+
           logger.info('run server');
           shellExec(`sudo service mongod restart`);
 

package/src/index.js

@@ -9,6 +9,7 @@ import UnderpostCron from './cli/cron.js';
 import UnderpostDB from './cli/db.js';
 import UnderpostDeploy from './cli/deploy.js';
 import UnderpostRootEnv from './cli/env.js';
+import UnderpostFileStorage from './cli/fs.js';
 import UnderpostImage from './cli/image.js';
 import UnderpostRepository from './cli/repository.js';
 import UnderpostScript from './cli/script.js';
@@ -27,7 +28,7 @@ class Underpost {
    * @type {String}
    * @memberof Underpost
    */
-  static version = 'v2.8.52';
+  static version = 'v2.8.56';
   /**
    * Repository cli API
    * @static
@@ -98,6 +99,13 @@ class Underpost {
    * @memberof Underpost
    */
   static cron = UnderpostCron.API;
+  /**
+   * File Storage cli API
+   * @static
+   * @type {UnderpostFileStorage.API}
+   * @memberof UnderpostFileStorage
+   */
+  static fs = UnderpostFileStorage.API;
 }
 
 const up = Underpost;

package/src/server/backup.js

@@ -9,7 +9,7 @@ dotenv.config();
 const logger = loggerFactory(import.meta);
 
 class BackUp {
-  static callback = async function (deployList, options = { disableKindCluster: false }) {
+  static callback = async function (deployList, options = { itc: false }) {
     if ((!deployList || deployList === 'dd') && fs.existsSync(`./engine-private/deploy/dd.router`))
       deployList = fs.readFileSync(`./engine-private/deploy/dd.router`, 'utf8');
 
@@ -25,7 +25,7 @@ class BackUp {
       const deployId = _deployId.trim();
       if (!deployId) continue;
 
-      if (options.disableKindCluster !== true) {
+      if (!(options.itc === true)) {
         shellExec(`underpost db --export ${deployId}`);
         continue;
       }

package/src/server/client-formatted.js

@@ -2,6 +2,7 @@
 
 import fs from 'fs-extra';
 import vm from 'node:vm';
+import Underpost from '../index.js';
 
 const srcFormatted = (src) =>
   src
@@ -49,7 +50,7 @@ const viewFormatted = (src, dists, proxyPath, baseHost = '') => {
 };
 
 const ssrFactory = async (componentPath = `./src/client/ssr/Render.js`) => {
-  const context = { SrrComponent: () => {}, npm_package_version: process.env.npm_package_version };
+  const context = { SrrComponent: () => {}, npm_package_version: Underpost.version };
   vm.createContext(context);
   vm.runInContext(await srcFormatted(fs.readFileSync(componentPath, 'utf8')), context);
   return context.SrrComponent;

package/src/server/conf.js

@@ -19,17 +19,8 @@ import { DefaultConf } from '../../conf.js';
 import read from 'read';
 import splitFile from 'split-file';
 import axios from 'axios';
-import https from 'https';
 import { ssrFactory } from './client-formatted.js';
 
-// axios.defaults.baseURL = BASE_URL;
-
-// const httpsAgent = new https.Agent({
-//   rejectUnauthorized: false,
-// });
-
-// axios.defaults.httpsAgent = httpsAgent;
-
 colors.enable();
 
 dotenv.config();
@@ -1004,7 +995,7 @@ const Cmd = {
   syncPorts: (deployGroupId) => `node bin/deploy sync-env-port ${deployGroupId}`,
   cron: (deployList, jobList, name, expression, options) =>
     `pm2 start ./bin/index.js --no-autorestart --instances 1 --cron "${expression}" --name ${name} -- cron ${
-      options?.disableKindCluster ? `--disable-kind-cluster ` : ''
+      options?.itc ? `--itc ` : ''
     }${deployList} ${jobList}`,
 };
 
@@ -1082,6 +1073,8 @@ const getNpmRootPath = () =>
     silent: true,
   }).trim();
 
+const getUnderpostRootPath = () => `${getNpmRootPath()}/underpost`;
+
 const writeEnv = (envPath, envObj) =>
   fs.writeFileSync(
     envPath,
@@ -1127,5 +1120,6 @@ export {
   buildPortProxyRouter,
   splitFileFactory,
   getNpmRootPath,
+  getUnderpostRootPath,
   writeEnv,
 };

package/src/server/dns.js

@@ -1,17 +1,10 @@
 import axios from 'axios';
 import dotenv from 'dotenv';
 import fs from 'fs';
-import https from 'https';
 import validator from 'validator';
 import { ip } from './network.js';
 import { loggerFactory } from './logger.js';
-import { shellExec } from './process.js';
-
-const httpsAgent = new https.Agent({
-  rejectUnauthorized: false,
-});
-
-axios.defaults.httpsAgent = httpsAgent;
+import UnderpostRootEnv from '../cli/env.js';
 
 dotenv.config();
 
@@ -19,8 +12,8 @@ const logger = loggerFactory(import.meta);
 
 class Dns {
   static callback = async function (deployList) {
-    // NAT-VPS modem/router device configuration:
-    // LAN --> [NAT-VPS] --> WAN
+    // Network topology configuration:
+    // LAN -> [NAT-VPS](modem/router device) -> WAN
     // enabled DMZ Host to proxy IP 80-443 (79-444) sometimes router block first port
     // disabled local red DHCP
     // verify inet ip proxy server address
@@ -30,47 +23,47 @@ class Dns {
     // Forward the router's TCP/UDP ports to the LAN device's IP address
     for (const _deployId of deployList.split(',')) {
       const deployId = _deployId.trim();
-    const privateCronConfPath = `./engine-private/conf/${deployId}/conf.cron.json`;
-    const confCronPath = fs.existsSync(privateCronConfPath) ? privateCronConfPath : './conf/conf.cron.json';
-    const confCronData = JSON.parse(fs.readFileSync(confCronPath, 'utf8'));
+      const privateCronConfPath = `./engine-private/conf/${deployId}/conf.cron.json`;
+      const confCronPath = fs.existsSync(privateCronConfPath) ? privateCronConfPath : './conf/conf.cron.json';
+      const confCronData = JSON.parse(fs.readFileSync(confCronPath, 'utf8'));
 
-    let testIp;
+      let testIp;
 
-    try {
-      testIp = await ip.public.ipv4();
-    } catch (error) {
-      logger.error(error, { testIp, stack: error.stack });
-    }
-      const ipFileName = `${deployId}.ip`;
-      const currentIp = fs.existsSync(`./engine-private/deploy/${ipFileName}`)
-        ? fs.readFileSync(`./engine-private/deploy/${ipFileName}`, 'utf8')
-      : undefined;
+      try {
+        testIp = await ip.public.ipv4();
+      } catch (error) {
+        logger.error(error, { testIp, stack: error.stack });
+      }
+
+      const currentIp = UnderpostRootEnv.API.get('ip');
 
-    if (testIp && typeof testIp === 'string' && validator.isIP(testIp) && currentIp !== testIp) {
-      logger.info(`new ip`, testIp);
-      for (const recordType of Object.keys(confCronData.records)) {
-        switch (recordType) {
-          case 'A':
-            for (const dnsProvider of confCronData.records[recordType]) {
-              if (typeof Dns.services.updateIp[dnsProvider.dns] === 'function')
-                await Dns.services.updateIp[dnsProvider.dns]({ ...dnsProvider, ip: testIp });
-            }
-            break;
+      if (testIp && typeof testIp === 'string' && validator.isIP(testIp) && currentIp !== testIp) {
+        logger.info(`new ip`, testIp);
+        for (const recordType of Object.keys(confCronData.records)) {
+          switch (recordType) {
+            case 'A':
+              for (const dnsProvider of confCronData.records[recordType]) {
+                if (typeof Dns.services.updateIp[dnsProvider.dns] === 'function')
+                  await Dns.services.updateIp[dnsProvider.dns]({ ...dnsProvider, ip: testIp });
+              }
+              break;
 
-          default:
-            break;
+            default:
+              break;
+          }
         }
-      }
-      try {
-        const ipUrlTest = `https://${process.env.DEFAULT_DEPLOY_HOST}`;
-        const response = await axios.get(ipUrlTest);
-        const verifyIp = response.request.socket.remoteAddress;
-        logger.info(ipUrlTest + ' IP', verifyIp);
-        if (verifyIp === testIp) {
-            fs.writeFileSync(`./engine-private/deploy/${ipFileName}`, testIp, 'utf8');
-        } else logger.error('ip not updated');
-      } catch (error) {
-        logger.error(error), 'ip not updated';
+        try {
+          const ipUrlTest = `https://${process.env.DEFAULT_DEPLOY_HOST}`;
+          const response = await axios.get(ipUrlTest);
+          const verifyIp = response.request.socket.remoteAddress;
+          logger.info(ipUrlTest + ' verify ip', verifyIp);
+          if (verifyIp === testIp) {
+            logger.info('ip updated successfully', testIp);
+            UnderpostRootEnv.API.set('ip', testIp);
+          } else logger.error('ip not updated', testIp);
+        } catch (error) {
+          logger.error(error, error.stack);
+          logger.error('ip not updated', testIp);
         }
       }
     }

package/src/server/downloader.js

@@ -2,16 +2,8 @@ import axios from 'axios';
 import fs from 'fs';
 import { loggerFactory } from './logger.js';
 import dotenv from 'dotenv';
-import https from 'https';
-
 dotenv.config();
 
-const httpsAgent = new https.Agent({
-  rejectUnauthorized: false,
-});
-
-axios.defaults.httpsAgent = httpsAgent;
-
 const logger = loggerFactory(import.meta);
 
 const Downloader = (url, fullPath, options = { method: 'get', responseType: 'stream' }) =>

package/test/api.test.js

@@ -2,7 +2,6 @@
 
 import axios from 'axios';
 import dotenv from 'dotenv';
-import https from 'https';
 
 import { expect } from 'chai';
 import { loggerFactory } from '../src/server/logger.js';
@@ -20,13 +19,6 @@ const BASE_URL =
     ? `http://localhost:${PORT}/${process.env.BASE_API}`
     : `https://www.nexodev.org/api`;
 
-axios.defaults.baseURL = BASE_URL;
-
-const httpsAgent = new https.Agent({
-  rejectUnauthorized: false,
-});
-axios.defaults.httpsAgent = httpsAgent;
-
 describe(`GET 'Test' API Request `, async () => {
   {
     const url = `${BASE_URL}/test/youtube-id/?url=https://www.youtube.com/watch?v=o4f42SbyDMk`;

package/manifests/core/kustomization.yaml

@@ -1,11 +0,0 @@
----
-# kubectl apply -k core/.
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - underpost-engine-pv-pvc.yaml
-  - underpost-engine-headless-service.yaml
-  - underpost-engine-statefulset.yaml
-  - underpost-engine-backup-pv-pvc.yaml
-  - underpost-engine-mongodb-backup-cronjob.yaml
-  - underpost-engine-backup-access.yaml

package/manifests/core/underpost-engine-backup-access.yaml

@@ -1,16 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
-  name: backup-access
-spec:
-  containers:
-    - name: busybox
-      image: busybox
-      command: ['sh', '-c', 'sleep 3600']
-      volumeMounts:
-        - name: backup-storage
-          mountPath: /backup
-  volumes:
-    - name: backup-storage
-      persistentVolumeClaim:
-        claimName: backup-pvc

package/manifests/core/underpost-engine-backup-pv-pvc.yaml

@@ -1,22 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: backup-pv
-spec:
-  capacity:
-    storage: 5Gi
-  accessModes:
-    - ReadWriteOnce
-  hostPath:
-    path: /mnt/backup
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: backup-pvc
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 5Gi

package/manifests/core/underpost-engine-headless-service.yaml

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: mongodb-service
-spec:
-  clusterIP: None
-  selector:
-    app: mongodb
-  ports:
-    - port: 27017

package/manifests/core/underpost-engine-mongodb-backup-cronjob.yaml

@@ -1,40 +0,0 @@
-apiVersion: batch/v1
-kind: CronJob
-metadata:
-  name: mongodb-backup
-spec:
-  schedule: '*/5 * * * *' # Runs backup every five minutes
-  jobTemplate:
-    spec:
-      template:
-        spec:
-          containers:
-            - name: mongodump
-              image: docker.io/library/mongo:latest
-              command:
-                - sh
-                - -c
-                - |
-                  # Perform backup
-                  mongodump -u $MONGO_INITDB_ROOT_USERNAME -p $MONGO_INITDB_ROOT_PASSWORD --host=mongodb-service --port=27017 --out=/backup/$(date +\%Y-\%m-\%dT\%H-\%M-\%S)
-                  # Remove backups older than 7 days
-                  find /backup -type d -mtime +7 -exec rm -rf {} +
-              volumeMounts:
-                - name: backup-storage
-                  mountPath: /backup
-              env:
-                - name: MONGO_INITDB_ROOT_USERNAME
-                  valueFrom:
-                    secretKeyRef:
-                      name: mongodb-secret
-                      key: username
-                - name: MONGO_INITDB_ROOT_PASSWORD
-                  valueFrom:
-                    secretKeyRef:
-                      name: mongodb-secret
-                      key: password
-          restartPolicy: Never
-          volumes:
-            - name: backup-storage
-              persistentVolumeClaim:
-                claimName: backup-pvc

package/manifests/core/underpost-engine-mongodb-configmap.yaml

@@ -1,26 +0,0 @@
-# origin conf: /etc/mongod.conf
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: mongodb-config-file
-  namespace: default
-data:
-  mongod.conf: |
-    storage:
-      dbPath: /data/db
-    systemLog:
-      destination: file
-      logAppend: true
-      path: /var/log/mongodb/mongod.log
-    replication:
-      replSetName: rs0
-    net:
-      bindIp: 127.0.0.1
-      port: 27017
-    processManagement:
-      fork: true
-    setParameter:
-      enableLocalhostAuthBypass: false
-    security:
-      authorization: enabled
-      keyFile: /etc/mongodb-keyfile

package/manifests/core/underpost-engine-statefulset.yaml

@@ -1,91 +0,0 @@
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: mongodb # Specifies the name of the statefulset
-spec:
-  serviceName: 'mongodb-service' # Specifies the service to use
-  replicas: 2
-  selector:
-    matchLabels:
-      app: mongodb
-  template:
-    metadata:
-      labels:
-        app: mongodb
-    spec:
-      containers:
-        - name: mongodb
-          image: docker.io/library/mongo:latest
-          command:
-            - mongod
-            - '--replSet'
-            - 'rs0'
-            # - '--config'
-            # - '-f'
-            # - '/etc/mongod.conf'
-            # - '--auth'
-            # - '--clusterAuthMode'
-            # - 'keyFile'
-            # - '--keyFile'
-            # - '/etc/mongodb-keyfile'
-            # - '--interleave'
-            # - 'all'
-            # - '--wiredTigerCacheSizeGB'
-            # - '0.25'
-            # - '--setParameter'
-            # - 'authenticationMechanisms=SCRAM-SHA-1'
-            # - '--fork'
-            - '--logpath'
-            - '/var/log/mongodb/mongod.log'
-            - '--bind_ip_all'
-          ports:
-            - containerPort: 27017
-          volumeMounts:
-            - name: mongodb-storage
-              mountPath: /data/db
-            - name: keyfile
-              mountPath: /etc/mongodb-keyfile
-              readOnly: true
-            # - name: mongodb-configuration-file
-            #   mountPath: /etc/mongod.conf
-            #   subPath: mongod.conf
-            #   readOnly: true
-            # - name: mongodb-config
-            #   mountPath: /config
-          env:
-            - name: MONGO_INITDB_ROOT_USERNAME
-              valueFrom:
-                secretKeyRef:
-                  name: mongodb-secret
-                  key: username
-            - name: MONGO_INITDB_ROOT_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: mongodb-secret
-                  key: password
-          resources:
-            requests:
-              cpu: '100m'
-              memory: '256Mi'
-            limits:
-              cpu: '500m'
-              memory: '512Mi'
-      volumes:
-        - name: keyfile
-          secret:
-            secretName: mongodb-keyfile
-            defaultMode: 0400
-        # - name: mongodb-configuration-file
-        #   configMap:
-        #     name: mongodb-config-file
-        # - name: mongodb-config
-        #   configMap:
-        #     name: mongodb-config
-  volumeClaimTemplates:
-    - metadata:
-        name: mongodb-storage
-      spec:
-        accessModes: ['ReadWriteOnce']
-        resources:
-          requests:
-            storage: 5Gi