underpost 2.8.799 → 2.8.812

package/docker-compose.yml

@@ -58,7 +58,7 @@ services:
           cpus: '0.25'
           memory: 20M
     labels: # labels in Compose file instead of Dockerfile
-      engine.version: '2.8.799'
+      engine.version: '2.8.812'
     networks:
       - load-balancer
 

package/manifests/deployment/dd-template-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-template-development-blue
-          image: localhost/debian-underpost:v2.8.799
+          image: localhost/rockylinux9-underpost:v2.8.812
           #          resources:
           #            requests:
           #              memory: "124Ki"
@@ -45,38 +45,38 @@ spec:
   selector:
     app: dd-template-development-blue
   ports:
-    - name: "tcp-4001"
+    - name: 'tcp-4001'
       protocol: TCP
       port: 4001
       targetPort: 4001
-    - name: "udp-4001"
+    - name: 'udp-4001'
       protocol: UDP
       port: 4001
       targetPort: 4001
 
-    - name: "tcp-4002"
+    - name: 'tcp-4002'
       protocol: TCP
       port: 4002
       targetPort: 4002
-    - name: "udp-4002"
+    - name: 'udp-4002'
       protocol: UDP
       port: 4002
       targetPort: 4002
 
-    - name: "tcp-4003"
+    - name: 'tcp-4003'
       protocol: TCP
       port: 4003
       targetPort: 4003
-    - name: "udp-4003"
+    - name: 'udp-4003'
       protocol: UDP
       port: 4003
       targetPort: 4003
 
-    - name: "tcp-4004"
+    - name: 'tcp-4004'
       protocol: TCP
       port: 4004
       targetPort: 4004
-    - name: "udp-4004"
+    - name: 'udp-4004'
       protocol: UDP
       port: 4004
       targetPort: 4004
@@ -100,7 +100,7 @@ spec:
     spec:
       containers:
         - name: dd-template-development-green
-          image: localhost/debian-underpost:v2.8.799
+          image: localhost/rockylinux9-underpost:v2.8.812
           #          resources:
           #            requests:
           #              memory: "124Ki"
@@ -129,38 +129,38 @@ spec:
   selector:
     app: dd-template-development-green
   ports:
-    - name: "tcp-4001"
+    - name: 'tcp-4001'
       protocol: TCP
       port: 4001
       targetPort: 4001
-    - name: "udp-4001"
+    - name: 'udp-4001'
       protocol: UDP
       port: 4001
       targetPort: 4001
 
-    - name: "tcp-4002"
+    - name: 'tcp-4002'
       protocol: TCP
       port: 4002
       targetPort: 4002
-    - name: "udp-4002"
+    - name: 'udp-4002'
       protocol: UDP
       port: 4002
       targetPort: 4002
 
-    - name: "tcp-4003"
+    - name: 'tcp-4003'
       protocol: TCP
       port: 4003
       targetPort: 4003
-    - name: "udp-4003"
+    - name: 'udp-4003'
       protocol: UDP
       port: 4003
       targetPort: 4003
 
-    - name: "tcp-4004"
+    - name: 'tcp-4004'
       protocol: TCP
       port: 4004
       targetPort: 4004
-    - name: "udp-4004"
+    - name: 'udp-4004'
       protocol: UDP
       port: 4004
       targetPort: 4004

package/manifests/lxd/underpost-setup.sh

@@ -53,7 +53,7 @@ echo "
 ██╗░░░██╗███╗░░██╗██████╗░███████╗██████╗░██████╗░░█████╗░░██████╗████████╗
 ██║░░░██║████╗░██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔══██╗██╔════╝╚══██╔══╝
 ██║░░░██║██╔██╗██║██║░░██║█████╗░░██████╔╝██████╔╝██║░░██║╚█████╗░░░░██║░░░
-██║░░░██║██║╚████║██║░░██║██╔══╝░░██╔══██╗██╔═╝░░░██║░░██║░╚═══██╗░░░██║░░░
+██║░░░██║██║╚████║██║░░██║██╔══╝░░██╔══██╗██╔═══╝░██║░░██║░╚═══██╗░░░██║░░░
 ╚██████╔╝██║░╚███║██████╔╝███████╗██║░░██║██║░░░░░╚█████╔╝██████╔╝░░░██║░░░
 ░╚═════╝░╚═╝░░╚══╝╚═════╝░╚══════╝╚═╝░░╚═╝╚═╝░░░░░░╚════╝░╚═════╝░░░░╚═╝░░░
 

package/manifests/maas/lxd-preseed.yaml

@@ -0,0 +1,32 @@
+config:
+  core.https_address: "[::]:8443"
+  # core.trust_password: password
+networks:
+  - config:
+      ipv4.address: 10.10.10.1/24
+      ipv6.address: none
+    description: ""
+    name: lxdbr0
+    type: ""
+    project: default
+storage_pools:
+  - config:
+      size: 500GB
+    description: ""
+    name: default
+    driver: zfs
+profiles:
+  - config: {}
+    description: ""
+    devices:
+      eth0:
+        name: eth0
+        network: lxdbr0
+        type: nic
+      root:
+        path: /
+        pool: default
+        type: disk
+    name: default
+projects: []
+cluster: null

package/manifests/maas/maas-setup.sh

@@ -0,0 +1,64 @@
+#!/bin/bash
+set -euo pipefail
+
+sudo snap install jq
+sudo snap install maas
+
+# Get default interface and IP address
+INTERFACE=$(ip route | grep default | awk '{print $5}')
+IP_ADDRESS=$(ip -4 addr show dev "$INTERFACE" | grep -oP '(?<=inet\s)\d+(\.\d+){3}')
+
+# Disable firewalld
+sudo systemctl disable --now iptables
+sudo systemctl disable --now ufw
+sudo systemctl disable --now firewalld
+
+# Enable IP forwarding and configure NAT
+echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
+echo "net.ipv6.conf.all.forwarding = 1" | sudo tee -a /etc/sysctl.conf
+sudo sysctl -p
+
+# Accept all traffic
+sudo iptables -P INPUT ACCEPT
+sudo iptables -P FORWARD ACCEPT
+sudo iptables -P OUTPUT ACCEPT
+
+# List iptables rules
+sudo iptables -L -n
+sysctl net.ipv4.ip_forward
+
+cd /home/dd/engine
+
+# Load secrets
+underpost secret underpost --create-from-file /home/dd/engine/engine-private/conf/dd-cron/.env.production
+
+# Extract config values
+DB_PG_MAAS_USER=$(node bin config get --plain DB_PG_MAAS_USER)
+DB_PG_MAAS_PASS=$(node bin config get --plain DB_PG_MAAS_PASS)
+DB_PG_MAAS_HOST=$(node bin config get --plain DB_PG_MAAS_HOST)
+DB_PG_MAAS_NAME=$(node bin config get --plain DB_PG_MAAS_NAME)
+
+MAAS_ADMIN_USERNAME=$(node bin config get --plain MAAS_ADMIN_USERNAME)
+MAAS_ADMIN_EMAIL=$(node bin config get --plain MAAS_ADMIN_EMAIL)
+MAAS_ADMIN_PASS=$(node bin config get --plain MAAS_ADMIN_PASS)
+
+# Initialize MAAS
+maas init region+rack \
+    --database-uri "postgres://${DB_PG_MAAS_USER}:${DB_PG_MAAS_PASS}@${DB_PG_MAAS_HOST}/${DB_PG_MAAS_NAME}" \
+    --maas-url http://${IP_ADDRESS}:5240/MAAS
+
+# Let MAAS initialize
+sleep 30
+
+# Create admin and get API key
+maas createadmin \
+    --username "$MAAS_ADMIN_USERNAME" \
+    --password "$MAAS_ADMIN_PASS" \
+    --email "$MAAS_ADMIN_EMAIL"
+
+APIKEY=$(maas apikey --username "$MAAS_ADMIN_USERNAME")
+
+# Login to MAAS
+maas login "$MAAS_ADMIN_USERNAME" "http://localhost:5240/MAAS/" "$APIKEY"
+
+maas "$MAAS_ADMIN_USERNAME" maas set-config name=upstream_dns value=8.8.8.8

package/manifests/mariadb/statefulset.yaml

@@ -49,7 +49,8 @@ spec:
     - metadata:
         name: mariadb-storage
       spec:
-        accessModes: ['ReadWriteOnce']
+        accessModes: ["ReadWriteOnce"]
+        storageClassName: mariadb-storage-class
         resources:
           requests:
             storage: 1Gi

package/manifests/mariadb/storage-class.yaml

@@ -0,0 +1,10 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: mariadb-storage-class # Renamed for clarity
+  annotations:
+    # Set this to "true" if you want this to be the default StorageClass
+    # storageclass.kubernetes.io/is-default-class: "true"
+provisioner: rancher.io/local-path # Ensure this provisioner is installed in your cluster
+reclaimPolicy: Retain # Or Delete, depending on your data retention policy
+volumeBindingMode: WaitForFirstConsumer

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.8.799",
+    "version": "2.8.812",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",

package/src/cli/baremetal.js

@@ -0,0 +1,99 @@
+import { getNpmRootPath, getUnderpostRootPath } from '../server/conf.js';
+import { shellExec } from '../server/process.js';
+import dotenv from 'dotenv';
+import { loggerFactory } from '../server/logger.js';
+import { getLocalIPv4Address } from '../server/dns.js';
+
+const logger = loggerFactory(import.meta);
+
+class UnderpostBaremetal {
+  static API = {
+    callback(
+      options = {
+        dev: false,
+        controlServerInstall: false,
+        controlServerDbInit: false,
+        controlServerDbUninstall: false,
+        controlServerInit: false,
+        controlServerUninstall: false,
+        controlServerStop: false,
+        controlServerStart: false,
+        controlServerLogin: false,
+        getUsers: false,
+        newApiKey: false,
+      },
+    ) {
+      dotenv.config({ path: `${getUnderpostRootPath()}/.env`, override: true });
+      const npmRoot = getNpmRootPath();
+      const underpostRoot = options?.dev === true ? '.' : `${npmRoot}/underpost`;
+      const dbProviderId = 'postgresql-17';
+      if (options.controlServerLogin === true) {
+        shellExec(`MAAS_ADMIN_USERNAME=$(underpost config get --plain MAAS_ADMIN_USERNAME)
+APIKEY=$(maas apikey --username "$MAAS_ADMIN_USERNAME")
+maas login "$MAAS_ADMIN_USERNAME" "http://localhost:5240/MAAS/" "$APIKEY"`);
+      }
+      if (options.controlServerUninstall === true) {
+        // Stop MAAS services
+        shellExec(`sudo snap stop maas.pebble || true`);
+        shellExec(`sudo snap stop maas`);
+        shellExec(`sudo snap remove maas --purge || true`);
+
+        // Remove Snap residual data
+        shellExec(`sudo rm -rf /var/snap/maas`);
+        shellExec(`sudo rm -rf ~/snap/maas`);
+
+        // Remove MAAS config and data directories
+        shellExec(`sudo rm -rf /etc/maas`);
+        shellExec(`sudo rm -rf /var/lib/maas`);
+        shellExec(`sudo rm -rf /var/log/maas`);
+      }
+      if (options.controlServerStart === true) {
+        shellExec(`sudo snap restart maas`);
+      }
+      if (options.controlServerStop === true) {
+        shellExec(`sudo snap stop maas`);
+      }
+      if (options.controlServerDbInit === true) {
+        shellExec(`node ${underpostRoot}/bin/deploy ${dbProviderId} install`);
+        shellExec(
+          `node ${underpostRoot}/bin/deploy pg-drop-db ${process.env.DB_PG_MAAS_NAME} ${process.env.DB_PG_MAAS_USER}`,
+        );
+        shellExec(`node ${underpostRoot}/bin/deploy maas db`);
+      }
+      if (options.controlServerDbUninstall === true) {
+        shellExec(`node ${underpostRoot}/bin/deploy ${dbProviderId} uninstall`);
+      }
+      if (options.controlServerInstall === true) {
+        shellExec(`chmod +x ${underpostRoot}/manifests/maas/maas-setup.sh`);
+        shellExec(`${underpostRoot}/manifests/maas/maas-setup.sh`);
+      }
+      if (options.controlServerInit === true) {
+        shellExec(`node ${underpostRoot}/bin/deploy maas reset`);
+      }
+      if (options.getUsers === true) {
+        // <consumer_key>:<consumer_token>:<secret>
+        const MAAS_API_TOKEN = shellExec(`maas apikey --username ${process.env.MAAS_ADMIN_USERNAME}`, {
+          stdout: true,
+        }).trim();
+        const IP_ADDRESS = getLocalIPv4Address();
+        const [consumer_key, consumer_token, secret] = MAAS_API_TOKEN.split(`\n`)[0].split(':');
+        const users = shellExec(
+          `curl --header "Authorization: OAuth oauth_version=1.0, oauth_signature_method=PLAINTEXT, oauth_consumer_key=${consumer_key}, oauth_token=${consumer_token}, oauth_signature=&${secret}, oauth_nonce=$(uuidgen), oauth_timestamp=$(date +%s)" http://${IP_ADDRESS}:5240/MAAS/api/2.0/users/`,
+          {
+            silent: true,
+          },
+        );
+        logger.info('Users', JSON.parse(users));
+      }
+      if (options.newApiKey === true) {
+        shellExec(`maas apikey --generate --username ${process.env.MAAS_ADMIN_USERNAME}`);
+        // Delete api key
+        // maas apikey --delete 'consumer_key:consumer_token:secret' --username ${process.env.MAAS_ADMIN_USERNAME}
+        // List api keys
+        // maas apikey --with-names --username ${process.env.MAAS_ADMIN_USERNAME}
+      }
+    },
+  };
+}
+
+export default UnderpostBaremetal;

package/src/cli/cluster.js

@@ -270,6 +270,20 @@ class UnderpostCluster {
           `sudo kubectl create secret generic mariadb-secret --from-file=username=/home/dd/engine/engine-private/mariadb-username --from-file=password=/home/dd/engine/engine-private/mariadb-password --dry-run=client -o yaml | kubectl apply -f -`,
         );
         shellExec(`kubectl delete statefulset mariadb-statefulset --ignore-not-found`);
+
+        if (options.pullImage === true) {
+          shellExec(`docker pull mariadb:latest`);
+          shellExec(`sudo podman pull mariadb:latest`);
+          if (!options.kubeadm && !options.k3s)
+            // Only load if not kubeadm/k3s (Kind needs it)
+            shellExec(`sudo kind load docker-image mariadb:latest`);
+          else if (options.kubeadm || options.k3s)
+            // For kubeadm/k3s, ensure it's available for containerd
+            shellExec(`sudo crictl pull mariadb:latest`);
+        }
+        if (options.kubeadm === true)
+          // This storage class is specific to kubeadm setup
+          shellExec(`kubectl apply -f ${underpostRoot}/manifests/mariadb/storage-class.yaml`);
         shellExec(`kubectl apply -k ${underpostRoot}/manifests/mariadb`);
       }
       if (options.full === true || options.mysql === true) {

package/src/cli/deploy.js

@@ -81,7 +81,7 @@ spec:
     spec:
       containers:
         - name: ${deployId}-${env}-${suffix}
-          image: localhost/debian-underpost:${Underpost.version}
+          image: localhost/rockylinux9-underpost:${Underpost.version}
 #          resources:
 #            requests:
 #              memory: "${resources.requests.memory}"

package/src/cli/env.js

@@ -25,7 +25,7 @@ class UnderpostRootEnv {
       delete env[key];
       writeEnv(envPath, env);
     },
-    get(key) {
+    get(key, value, options = { plain: false }) {
       const exeRootPath = `${getNpmRootPath()}/underpost`;
       const envPath = `${exeRootPath}/.env`;
       if (!fs.existsSync(envPath)) {
@@ -33,7 +33,7 @@ class UnderpostRootEnv {
         return undefined;
       }
       const env = dotenv.parse(fs.readFileSync(envPath, 'utf8'));
-      logger.info(`${key}(${typeof env[key]})`, env[key]);
+      options?.plain === true ? console.log(env[key]) : logger.info(`${key}(${typeof env[key]})`, env[key]);
       return env[key];
     },
     list() {

package/src/cli/image.js

@@ -14,7 +14,7 @@ class UnderpostImage {
     dockerfile: {
       /**
        * @method pullBaseImages
-       * @description Pulls base images and builds a 'debian-underpost' image,
+       * @description Pulls base images and builds a 'rockylinux9-underpost' image,
        * then loads it into the specified Kubernetes cluster type (Kind, Kubeadm, or K3s).
        * @param {object} options - Options for pulling and loading images.
        * @param {boolean} [options.kindLoad=false] - If true, load image into Kind cluster.
@@ -32,8 +32,9 @@ class UnderpostImage {
           version: '',
         },
       ) {
-        shellExec(`sudo podman pull docker.io/library/debian:buster`);
-        const IMAGE_NAME = `debian-underpost`;
+        // shellExec(`sudo podman pull docker.io/library/debian:buster`);
+        shellExec(`sudo podman pull docker.io/library/rockylinux:9`);
+        const IMAGE_NAME = `rockylinux9-underpost`;
         const IMAGE_NAME_FULL = `${IMAGE_NAME}:${options.version ?? Underpost.version}`;
         let LOAD_TYPE = '';
         if (options.kindLoad === true) {