beenull
/
Cosmos-Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[release] v0.10.0-unstable17

This commit is contained in:
Yann Stepienik 2023-10-04 18:26:47 +01:00
parent 9b033696e3
commit c7dda3db6c
27 changed files with 355 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
LICENCE
View File

@ -1,31 +1,57 @@
“Commons Clause” License Condition v1.0
The Software is provided to you by the Licensor under the
License, as defined below, subject to the following condition.
Without limiting other conditions in the License, the grant
of rights under the License will not include, and the License
does not grant to you, the right to Sell the Software.
For purposes of the foregoing, “Sell” means practicing any or
all of the rights granted to you under the License to provide
to third parties, for a fee or other consideration (including
without limitation fees for hosting or consulting/ support
services related to the Software), a product or service whose
value derives, entirely or substantially, from the functionality
of the Software. Any license notice or attribution required by
the License must also include this Commons Clause License
Condition notice.
Software: Cosmos-Server
License: Apache 2.0 with Commons Clause
License: Apache 2.0 with Commons Clause and Anti Tampering Clause
Licensor: Yann Stepienik
---------------------------------------------------------------------
“Commons Clause” License Condition v1.0
The Software is provided to you by the Licensor under the
License, as defined below, subject to the following condition.
Without limiting other conditions in the License, the grant
of rights under the License will not include, and the License
does not grant to you, the right to Sell the Software.
For purposes of the foregoing, “Sell” means practicing any or
all of the rights granted to you under the License to provide
to third parties, for a fee or other consideration (including
without limitation fees for hosting or consulting/ support
services related to the Software), a product or service whose
value derives, entirely or substantially, from the functionality
of the Software. Any license notice or attribution required by
the License must also include this Commons Clause License
Condition notice.
---------------------------------------------------------------------
"Anti Tampering Clause” License Condition v1.0
Notwithstanding any provision of the Apache License 2.0, if the User
(or any party receiving or distributing derivative works, services,
or anything of value from the User related to the Software), directly
or indirectly, seeks to tamper with, alter, circumvent, or avoid
compliance with any subscription, paywall, feature restriction, or any
other licensing mechanism built into the Software or its usage, the
License granted under the Apache License 2.0 shall automatically and
immediately terminate, and access to the Software shall be withdrawn
with immediate effect. Upon such termination, any and all rights
established under the Apache License 2.0 shall be null and void.
Tampering includes but is not limited to: (a) removing, disabling,
or circumventing any license key or other copy protection mechanism,
(b) redistributing parts or all of a feature that was intended
to be a paid feature, without keeping the restrictions, limitations,
or other licensing mechanisms with it(c) disabling, circumventing, or
avoiding any feature of the Software that is intended to enforce usage or
copy restrictions, or (d) providing or distributing any information
or code that enables disabling, circumvention, or avoidance of any
feature of the Software that is intended to enforce usage or copy
restrictions.
---------------------------------------------------------------------
Apache License
Version 2.0, January 2004

2
changelog.md
View File

@ -7,6 +7,8 @@
- Added Constellation
- DNS Challenge is now used for all certificates when enabled
- Rework headers for better compatibility
- Improve experience for non-admin users
- Fix bug with redirect on logout
## Version 0.9.20 - 0.9.21
- Add option to disable CORS hardening (with empty value)

2
cla.md
View File

@ -2,7 +2,7 @@ Cosmos Software Grant and Contributor License Agreement (“Agreement”)
This agreement is based on the Apache Software Foundation Contributor License Agreement. (v r190612)
Thank you for your interest in software projects stewarded by Raintank, Inc. dba Cosmos (“Cosmos”). In order to clarify the intellectual property license granted with Contributions from any person or entity, Cosmos must have a Contributor License Agreement (CLA) on file that has been agreed to by each Contributor, indicating agreement to the license terms below. This license is for your protection as a Contributor as well as the protection of Cosmos and its users; it does not change your rights to use your own Contributions for any other purpose. This Agreement allows an individual to contribute to Cosmos on that individuals own behalf, or an entity (the “Corporation”) to submit Contributions to Cosmos, to authorize Contributions submitted by its designated employees to Cosmos, and to grant copyright and patent licenses thereto.
Thank you for your interest in dba Cosmos (“Cosmos”). In order to clarify the intellectual property license granted with Contributions from any person or entity, Cosmos must have a Contributor License Agreement (CLA) on file that has been agreed to by each Contributor, indicating agreement to the license terms below. This license is for your protection as a Contributor as well as the protection of Cosmos and its users; it does not change your rights to use your own Contributions for any other purpose. This Agreement allows an individual to contribute to Cosmos on that individuals own behalf, or an entity (the “Corporation”) to submit Contributions to Cosmos, to authorize Contributions submitted by its designated employees to Cosmos, and to grant copyright and patent licenses thereto.
You accept and agree to the following terms and conditions for Your present and future Contributions submitted to Cosmos. Except for the license granted herein to Cosmos and recipients of software distributed by Cosmos, You reserve all right, title, and interest in and to Your Contributions.

2
client/src/layout/MainLayout/Drawer/DrawerContent/Navigation/NavGroup.jsx
View File

@ -47,7 +47,7 @@ const NavGroup = ({ item }) => {
}
sx={{ mb: drawerOpen ? 1.5 : 0, py: 0, zIndex: 0 }}
>
{navCollapse}
{navCollapse}
</List>
);
};

7
client/src/layout/MainLayout/Drawer/DrawerContent/Navigation/NavItem.jsx
View File

@ -9,6 +9,7 @@ import { Avatar, Chip, ListItemButton, ListItemIcon, ListItemText, Typography }
// project import
import { activeItem } from '../../../../../store/reducers/menu';
import { useClientInfos } from '../../../../../utils/hooks';
// ==============================|| NAVIGATION - LIST ITEM ||============================== //
@ -17,6 +18,12 @@ const NavItem = ({ item, level }) => {
const dispatch = useDispatch();
const menu = useSelector((state) => state.menu);
const { drawerOpen, openItem } = menu;
const {role} = useClientInfos();
const isAdmin = role === 1;
if (item.adminOnly && !isAdmin) {
return null;
}
let itemTarget = '_self';
if (item.target) {

5
client/src/menu-items/pages.jsx
View File

@ -20,7 +20,8 @@ const pages = {
title: 'ServApps',
type: 'item',
url: '/cosmos-ui/servapps',
icon: AppstoreOutlined
icon: AppstoreOutlined,
adminOnly: true
},
{
id: 'url',
@ -43,6 +44,7 @@ const pages = {
type: 'item',
url: '/cosmos-ui/config-users',
icon: icons.ProfileOutlined,
adminOnly: true
},
{
id: 'openid',
@ -50,6 +52,7 @@ const pages = {
type: 'item',
url: '/cosmos-ui/openid-manage',
icon: PicLeftOutlined,
adminOnly: true
},
{
id: 'config',

2
client/src/pages/authentication/Logoff.jsx
View File

@ -9,7 +9,7 @@ import AuthWrapper from './AuthWrapper';
import { useEffect } from 'react';
import * as API from '../../api';
import { redirectTo } from '../../utils/indexs';
import { redirectTo, redirectToLocal } from '../../utils/indexs';
// ================================|| REGISTER ||================================ //

67
client/src/pages/config/users/configman.jsx
View File

@ -31,6 +31,7 @@ import { TwitterPicker
// TODO: Remove circular deps
import {SetPrimaryColor, SetSecondaryColor} from '../../../App';
import { useClientInfos } from '../../../utils/hooks';
const ConfigManagement = () => {
const [config, setConfig] = React.useState(null);
@ -38,6 +39,8 @@ const ConfigManagement = () => {
const [openResartModal, setOpenRestartModal] = React.useState(false);
const [uploadingBackground, setUploadingBackground] = React.useState(false);
const [saveLabel, setSaveLabel] = React.useState("Save");
const {role} = useClientInfos();
const isAdmin = role === 1;
function refresh() {
API.config.get().then((res) => {
@ -62,9 +65,9 @@ const ConfigManagement = () => {
refresh();
}}>Refresh</Button>
<Button variant="outlined" color="primary" startIcon={<SyncOutlined />} onClick={() => {
{isAdmin && <Button variant="outlined" color="primary" startIcon={<SyncOutlined />} onClick={() => {
setOpenRestartModal(true);
}}>Restart Server</Button>
}}>Restart Server</Button>}
</Stack>
{config && <>
@ -186,7 +189,7 @@ const ConfigManagement = () => {
{(formik) => (
<form noValidate onSubmit={formik.handleSubmit}>
<Stack spacing={3}>
<MainCard>
{isAdmin && <MainCard>
{formik.errors.submit && (
<Grid item xs={12}>
<FormHelperText error>{formik.errors.submit}</FormHelperText>
@ -205,7 +208,13 @@ const ConfigManagement = () => {
{saveLabel}
</LoadingButton>
</Grid>
</MainCard>
</MainCard>}
{!isAdmin && <div>
<Alert severity="warning">As you are not an admin, you can't edit the configuration.
This page is only here for visibility.
</Alert>
</div>}
<MainCard title="General">
<Grid container spacing={3}>
@ -331,6 +340,29 @@ const ConfigManagement = () => {
formik.setFieldValue('PrimaryColor', colorRGB);
SetPrimaryColor(colorRGB);
}}
colors={[
'#ab47bc',
'#4527a0',
'#FF6900',
'#FCB900',
'#7BDCB5',
'#00D084',
'#8ED1FC',
'#0693E3',
'#ABB8C3',
'#EB144C',
'#F78DA7',
'#9900EF',
'#FF0000',
'#FFC0CB',
'#20B2AA',
'#FFFF00',
'#8A2BE2',
'#A52A2A',
'#5F9EA0',
'#7FFF00',
'#D2691E'
]}
/>
</Stack>
</Grid>
@ -346,6 +378,29 @@ const ConfigManagement = () => {
formik.setFieldValue('SecondaryColor', colorRGB);
SetSecondaryColor(colorRGB);
}}
colors={[
'#ab47bc',
'#4527a0',
'#FF6900',
'#FCB900',
'#7BDCB5',
'#00D084',
'#8ED1FC',
'#0693E3',
'#ABB8C3',
'#EB144C',
'#F78DA7',
'#9900EF',
'#FF0000',
'#FFC0CB',
'#20B2AA',
'#FFFF00',
'#8A2BE2',
'#A52A2A',
'#5F9EA0',
'#7FFF00',
'#D2691E'
]}
/>
</Stack>
</Grid>
@ -627,7 +682,7 @@ const ConfigManagement = () => {
</Grid>
</MainCard>
<MainCard>
{isAdmin && <MainCard>
{formik.errors.submit && (
<Grid item xs={12}>
<FormHelperText error>{formik.errors.submit}</FormHelperText>
@ -646,7 +701,7 @@ const ConfigManagement = () => {
{saveLabel}
</LoadingButton>
</Grid>
</MainCard>
</MainCard>}
</Stack>
</form>
)}

23
client/src/pages/constellation/addDevice.jsx
View File

@ -1,5 +1,5 @@
// material-ui
import { Alert, Button, Stack, TextField } from '@mui/material';
import { Alert, Button, InputLabel, OutlinedInput, Stack, TextField } from '@mui/material';
import Dialog from '@mui/material/Dialog';
import DialogActions from '@mui/material/DialogActions';
import DialogContent from '@mui/material/DialogContent';
@ -15,6 +15,7 @@ import * as API from '../../api';
import { CosmosCheckbox, CosmosFormDivider, CosmosInputText, CosmosSelect } from '../config/users/formShortcuts';
import { DownloadFile } from '../../api/downloadButton';
import QRCode from 'qrcode';
import { useClientInfos } from '../../utils/hooks';
const getDocker = (data, isCompose) => {
let lighthouses = '';
@ -73,10 +74,12 @@ docker run -d \\
}
const AddDeviceModal = ({ users, config, isAdmin, refreshConfig, devices }) => {
const AddDeviceModal = ({ users, config, refreshConfig, devices }) => {
const [openModal, setOpenModal] = useState(false);
const [isDone, setIsDone] = useState(null);
const canvasRef = React.useRef(null);
const {role, nickname} = useClientInfos();
const isAdmin = role === 1;
let firstIP = "192.168.201.2/24";
if (devices && devices.length > 0) {
@ -116,7 +119,7 @@ const AddDeviceModal = ({ users, config, isAdmin, refreshConfig, devices }) => {
<Dialog open={openModal} onClose={() => setOpenModal(false)}>
<Formik
initialValues={{
nickname: users[0].nickname,
nickname: nickname,
deviceName: '',
ip: firstIP,
publicKey: '',
@ -197,7 +200,7 @@ const AddDeviceModal = ({ users, config, isAdmin, refreshConfig, devices }) => {
formik={formik}
/>
{!formik.values.isLighthouse &&
<CosmosSelect
(isAdmin ? <CosmosSelect
name="nickname"
label="Owner"
formik={formik}
@ -207,7 +210,17 @@ const AddDeviceModal = ({ users, config, isAdmin, refreshConfig, devices }) => {
return [u.nickname, u.nickname]
})
}
/>}
/> : <>
<InputLabel>Owner</InputLabel>
<OutlinedInput
fullWidth
multiline
value={nickname}
variant="outlined"
size="small"
disabled
/>
</>)}
<CosmosInputText
name="deviceName"

14
client/src/pages/constellation/dns.jsx
View File

@ -31,7 +31,6 @@ export const ConstellationDNS = () => {
}, []);
return <>
<IsLoggedIn />
{(config) ? <>
<Stack spacing={2} style={{maxWidth: "1000px"}}>
<div>
@ -40,8 +39,6 @@ export const ConstellationDNS = () => {
<Formik
initialValues={{
Enabled: config.ConstellationConfig.DNS,
Port: config.ConstellationConfig.DNSPort,
Fallback: config.ConstellationConfig.DNSFallback,
DNSBlockBlacklist: config.ConstellationConfig.DNSBlockBlacklist,
DNSAdditionalBlocklists: config.ConstellationConfig.DNSAdditionalBlocklists,
@ -49,8 +46,6 @@ export const ConstellationDNS = () => {
}}
onSubmit={(values) => {
let newConfig = { ...config };
newConfig.ConstellationConfig.DNS = values.Enabled;
newConfig.ConstellationConfig.DNSPort = values.Port;
newConfig.ConstellationConfig.DNSFallback = values.Fallback;
newConfig.ConstellationConfig.DNSBlockBlacklist = values.DNSBlockBlacklist;
newConfig.ConstellationConfig.DNSAdditionalBlocklists = values.DNSAdditionalBlocklists;
@ -62,14 +57,19 @@ export const ConstellationDNS = () => {
{(formik) => (
<form onSubmit={formik.handleSubmit}>
<Stack spacing={2}>
<CosmosCheckbox formik={formik} name="Enabled" label="Constellation DNS Server Enabled" />
<CosmosInputText formik={formik} name="Port" label="DNS Port" />
<Alert severity="info">This is a DNS that runs inside your Constellation network. It automatically
rewrites your domains DNS entries to be local to your network, and also allows you to do things like block ads
and trackers on all devices connected to your network. You can also add custom DNS entries to resolve to specific
IP addresses. This DNS server is only accessible from inside your network.</Alert>
<CosmosInputText formik={formik} name="Fallback" label="DNS Fallback" placeholder={'8.8.8.8:53'} />
<CosmosFormDivider title={"DNS Blocklists"} />
<CosmosCheckbox formik={formik} name="DNSBlockBlacklist" label="Use Blacklists to block domains" />
<Alert severity="warning">When changing your DNS records, always use private mode on your browser and allow some times for various caches to expire.</Alert>
<InputLabel>DNS Blocklist URLs</InputLabel>
{formik.values.DNSAdditionalBlocklists.map((item, index) => (
<Stack direction={"row"} spacing={2} key={`DNSAdditionalBlocklists${item}`} width={"100%"}>

28
client/src/pages/constellation/index.jsx
View File

@ -1,6 +1,6 @@
import * as React from 'react';
import MainCard from '../../components/MainCard';
import { Chip, Divider, Stack, useMediaQuery } from '@mui/material';
import { Alert, Chip, Divider, Stack, useMediaQuery } from '@mui/material';
import HostChip from '../../components/hostChip';
import { RouteMode, RouteSecurity } from '../../components/routeComponents';
import { getFaviconURL } from '../../utils/routes';
@ -8,12 +8,16 @@ import * as API from '../../api';
import { CheckOutlined, ClockCircleOutlined, DashboardOutlined, DeleteOutlined, DownOutlined, LockOutlined, UpOutlined } from "@ant-design/icons";
import IsLoggedIn from '../../isLoggedIn';
import PrettyTabbedView from '../../components/tabbedView/tabbedView';
import { useClientInfos } from '../../utils/hooks';
import { ConstellationVPN } from './vpn';
import { ConstellationDNS } from './dns';
const ConstellationIndex = () => {
return <div>
const {role} = useClientInfos();
const isAdmin = role === 1;
return isAdmin ? <div>
<IsLoggedIn />
<PrettyTabbedView path="/cosmos-ui/constellation/:tab" tabs={[
@ -27,9 +31,27 @@ const ConstellationIndex = () => {
children: <ConstellationDNS />,
path: 'dns'
},
{
title: 'Firewall',
children: <div>
<Alert severity="info">
Coming soon. This feature will allow you to open and close ports individually
on each device and decide who can access them.
</Alert>
</div>,
},
{
title: 'Unsafe Routes',
children: <div>
<Alert severity="info">
Coming soon. This feature will allow you to tunnel your traffic through
your devices to things outside of your constellation.
</Alert>
</div>,
}
]}/>
</div>;
</div> : <ConstellationVPN />;
}
export default ConstellationIndex;

13
client/src/pages/constellation/vpn.jsx
View File

@ -15,6 +15,7 @@ import ApiModal from "../../components/apiModal";
import { isDomain } from "../../utils/indexs";
import ConfirmModal from "../../components/confirmModal";
import UploadButtons from "../../components/fileUpload";
import { useClientInfos } from "../../utils/hooks";
const getDefaultConstellationHostname = (config) => {
// if domain is set, use it
@ -26,17 +27,20 @@ const getDefaultConstellationHostname = (config) => {
}
export const ConstellationVPN = () => {
const [isAdmin, setIsAdmin] = useState(false);
const [config, setConfig] = useState(null);
const [users, setUsers] = useState(null);
const [devices, setDevices] = useState(null);
const {role} = useClientInfos();
const isAdmin = role === 1;
const refreshConfig = async () => {
let configAsync = await API.config.get();
setConfig(configAsync.data);
setIsAdmin(configAsync.isAdmin);
setDevices((await API.constellation.list()).data || []);
setUsers((await API.users.list()).data || []);
if(isAdmin)
setUsers((await API.users.list()).data || []);
else
setUsers([]);
};
useEffect(() => {
@ -61,7 +65,6 @@ export const ConstellationVPN = () => {
}
return <>
<IsLoggedIn />
{(devices && config && users) ? <>
<Stack spacing={2} style={{maxWidth: "1000px"}}>
<div>
@ -160,7 +163,7 @@ export const ConstellationVPN = () => {
data={devices.filter((d) => !d.blocked)}
getKey={(r) => r.deviceName}
buttons={[
<AddDeviceModal isAdmin={isAdmin} users={users} config={config} refreshConfig={refreshConfig} devices={devices} />,
<AddDeviceModal users={users} config={config} refreshConfig={refreshConfig} devices={devices}/>,
]}
columns={[
{

27
client/src/pages/home/index.jsx
View File

@ -12,6 +12,7 @@ import { getFullOrigin } from "../../utils/routes";
import IsLoggedIn from "../../isLoggedIn";
import { ServAppIcon } from "../../utils/servapp-icon";
import Chart from 'react-apexcharts';
import { useClientInfos } from "../../utils/hooks";
export const HomeBackground = () => {
@ -87,6 +88,8 @@ const HomePage = () => {
const theme = useTheme();
const isDark = theme.palette.mode === 'dark';
const isMd = useMediaQuery(theme.breakpoints.up('md'));
const {role} = useClientInfos();
const isAdmin = role === 1;
const blockStyle = {
margin: 0,
@ -112,9 +115,13 @@ const HomePage = () => {
}
const refreshConfig = () => {
API.docker.list().then((res) => {
setServApps(res.data);
});
if(isAdmin) {
API.docker.list().then((res) => {
setServApps(res.data);
});
} else {
setServApps([]);
}
API.config.get().then((res) => {
setConfig(res.data);
});
@ -213,20 +220,20 @@ const HomePage = () => {
<HomeBackground status={coStatus} />
<TransparentHeader />
<Stack style={{ zIndex: 2 }} spacing={1}>
{coStatus && !coStatus.database && (
{isAdmin && coStatus && !coStatus.database && (
<Alert severity="error">
No Database is setup for Cosmos! User Management and Authentication will not work.<br />
You can either setup the database, or disable user management in the configuration panel.<br />
</Alert>
)}
{coStatus && coStatus.letsencrypt && (
{isAdmin && coStatus && coStatus.letsencrypt && (
<Alert severity="error">
You have enabled Let's Encrypt for automatic HTTPS Certificate. You need to provide the configuration with an email address to use for Let's Encrypt in the configs.
</Alert>
)}
{coStatus && coStatus.LetsEncryptErrors && coStatus.LetsEncryptErrors.length > 0 && (
{isAdmin && coStatus && coStatus.LetsEncryptErrors && coStatus.LetsEncryptErrors.length > 0 && (
<Alert severity="error">
There are errors with your Let's Encrypt configuration or one of your routes, please fix them as soon as possible:
{coStatus.LetsEncryptErrors.map((err) => {
@ -235,25 +242,25 @@ const HomePage = () => {
</Alert>
)}
{coStatus && coStatus.newVersionAvailable && (
{isAdmin && coStatus && coStatus.newVersionAvailable && (
<Alert severity="warning">
A new version of Cosmos is available! Please update to the latest version to get the latest features and bug fixes.
</Alert>
)}
{coStatus && coStatus.needsRestart && (
{isAdmin && coStatus && coStatus.needsRestart && (
<Alert severity="warning">
You have made changes to the configuration that require a restart to take effect. Please restart Cosmos to apply the changes.
</Alert>
)}
{coStatus && coStatus.domain && (
{isAdmin && coStatus && coStatus.domain && (
<Alert severity="error">
You are using localhost or 0.0.0.0 as a hostname in the configuration. It is recommended that you use a domain name or an IP instead.
</Alert>
)}
{coStatus && !coStatus.docker && (
{isAdmin && coStatus && !coStatus.docker && (
<Alert severity="error">
Docker is not connected! Please check your docker connection.<br />
Did you forget to add <pre>-v /var/run/docker.sock:/var/run/docker.sock</pre> to your docker run command?<br />

21
client/src/pages/market/listing.jsx
View File

@ -12,6 +12,7 @@ import { Link as LinkMUI } from '@mui/material'
import DockerComposeImport from '../servapps/containers/docker-compose';
import { AppstoreAddOutlined, SearchOutlined } from "@ant-design/icons";
import ResponsiveButton from "../../components/responseiveButton";
import { useClientInfos } from "../../utils/hooks";
function Screenshots({ screenshots }) {
return screenshots.length > 1 ? (
@ -23,17 +24,17 @@ function Screenshots({ screenshots }) {
: <img src={screenshots[0]} style={{ maxHeight: '300px', height: '100%', maxWidth: '100%' }} />
}
function Showcases({ showcase, isDark }) {
function Showcases({ showcase, isDark, isAdmin }) {
return (
<Carousel animation="slide" navButtonsAlwaysVisible={false} fullHeightHover="true" swipe={false}>
{
showcase.map((item, i) => <ShowcasesItem isDark={isDark} key={i} item={item} />)
showcase.map((item, i) => <ShowcasesItem isDark={isDark} key={i} item={item} isAdmin={isAdmin} />)
}
</Carousel>
)
}
function ShowcasesItem({ isDark, item }) {
function ShowcasesItem({ isDark, item, isAdmin }) {
return (
<Paper style={{
position: 'relative',
@ -68,9 +69,9 @@ function ShowcasesItem({ isDark, item }) {
overflow: 'hidden',
}}></p>
<Stack direction="row" spacing={2} justifyContent="flex-start">
<div>
{isAdmin && <div>
<DockerComposeImport installerInit defaultName={item.name} dockerComposeInit={item.compose} />
</div>
</div>}
<Link to={"/cosmos-ui/market-listing/cosmos-cloud/" + item.name} style={{
textDecoration: 'none',
}}>
@ -110,6 +111,8 @@ const MarketPage = () => {
const isDark = theme.palette.mode === 'dark';
const { appName, appStore } = useParams();
const [search, setSearch] = useState("");
const {role} = useClientInfos();
const isAdmin = role === 1;
const backgroundStyle = isDark ? {
backgroundColor: 'rgb(0,0,0)',
@ -178,7 +181,7 @@ const MarketPage = () => {
</Link>
<div style={{ textAlign: 'center' }}>
<Screenshots screenshots={openedApp.screenshots} />
<Screenshots screenshots={openedApp.screenshots} isAdmin={isAdmin}/>
</div>
<Stack direction="row" spacing={2}>
@ -202,9 +205,9 @@ const MarketPage = () => {
<div dangerouslySetInnerHTML={{ __html: openedApp.longDescription }}></div>
<div>
{isAdmin && <div>
<DockerComposeImport installerInit defaultName={openedApp.name} dockerComposeInit={openedApp.compose} />
</div>
</div>}
</Stack>
</Stack>
</Box>}
@ -223,7 +226,7 @@ const MarketPage = () => {
size={100}
/>
</Box>}
{showcase && showcase.length > 0 && <Showcases showcase={showcase} isDark={isDark} />}
{showcase && showcase.length > 0 && <Showcases showcase={showcase} isDark={isDark} isAdmin={isAdmin} />}
</Stack>
<Stack spacing={1} style={{

26
client/src/utils/hooks.js Normal file
View File

@ -0,0 +1,26 @@
import React from 'react';
import { useCookies } from 'react-cookie';
import { logout } from '../api/authentication';
function useClientInfos() {
const [cookies] = useCookies(['client-infos']);
let clientInfos = null;
try {
// Try to parse the cookie into a JavaScript object
clientInfos = cookies['client-infos'].split(',');
} catch (error) {
console.error('Error parsing client-infos cookie:', error);
logout();
}
return {
nickname: clientInfos[0],
role: clientInfos[1]
};
}
export {
useClientInfos
};

32
package-lock.json generated
View File

@ -1,12 +1,12 @@
{
"name": "cosmos-server",
"version": "0.8.3",
"version": "0.10.0-unstable16",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "cosmos-server",
"version": "0.8.3",
"version": "0.10.0-unstable16",
"dependencies": {
"@ant-design/colors": "^6.0.0",
"@ant-design/icons": "^4.7.0",
@ -36,6 +36,7 @@
"react": "^18.2.0",
"react-apexcharts": "^1.4.0",
"react-color": "^2.19.3",
"react-cookie": "^6.1.1",
"react-copy-to-clipboard": "^5.1.0",
"react-device-detect": "^2.2.2",
"react-dom": "^18.2.0",
@ -3708,6 +3709,11 @@
"resolved": "https://registry.npmjs.org/@types/aria-query/-/aria-query-5.0.1.tgz",
"integrity": "sha512-XTIieEY+gvJ39ChLcB4If5zHtPxt3Syj5rgZR+e1ctpmK8NjPf0zFqsz4JpLJT0xla9GFDKjy8Cpu331nrmE1Q=="
},
"node_modules/@types/cookie": {
"version": "0.5.2",
"resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.5.2.tgz",
"integrity": "sha512-DBpRoJGKJZn7RY92dPrgoMew8xCWc2P71beqsjyhEI/Ds9mOyVmBwtekyfhpwFIVt1WrxTonFifiOZ62V8CnNA=="
},
"node_modules/@types/hast": {
"version": "2.3.4",
"resolved": "https://registry.npmjs.org/@types/hast/-/hast-2.3.4.tgz",
@ -8900,6 +8906,19 @@
"react": "*"
}
},
"node_modules/react-cookie": {
"version": "6.1.1",
"resolved": "https://registry.npmjs.org/react-cookie/-/react-cookie-6.1.1.tgz",
"integrity": "sha512-fuFRpf8LH6SfmVMowDUIRywJF5jAUDUWrm0EI5VdXfTl5bPcJ7B0zWbuYpT0Tvikx7Gs18MlvAT+P+744dUz2g==",
"dependencies": {
"@types/hoist-non-react-statics": "^3.3.1",
"hoist-non-react-statics": "^3.3.2",
"universal-cookie": "^6.0.0"
},
"peerDependencies": {
"react": ">= 16.3.0"
}
},
"node_modules/react-copy-to-clipboard": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/react-copy-to-clipboard/-/react-copy-to-clipboard-5.1.0.tgz",
@ -10368,6 +10387,15 @@
"node": ">=4"
}
},
"node_modules/universal-cookie": {
"version": "6.1.1",
"resolved": "https://registry.npmjs.org/universal-cookie/-/universal-cookie-6.1.1.tgz",
"integrity": "sha512-33S9x3CpdUnnjwTNs2Fgc41WGve2tdLtvaK2kPSbZRc5pGpz2vQFbRWMxlATsxNNe/Cy8SzmnmbuBM85jpZPtA==",
"dependencies": {
"@types/cookie": "^0.5.1",
"cookie": "^0.5.0"
}
},
"node_modules/unpipe": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",

3
package.json
View File

@ -1,6 +1,6 @@
{
"name": "cosmos-server",
"version": "0.10.0-unstable16",
"version": "0.10.0-unstable17",
"description": "",
"main": "test-server.js",
"bugs": {
@ -36,6 +36,7 @@
"react": "^18.2.0",
"react-apexcharts": "^1.4.0",
"react-color": "^2.19.3",
"react-cookie": "^6.1.1",
"react-copy-to-clipboard": "^5.1.0",
"react-device-detect": "^2.2.2",
"react-dom": "^18.2.0",

2
src/constellation/DNS.go
View File

@ -176,7 +176,7 @@ func InitDNS() {
utils.Log("Loaded " + strconv.Itoa(len(DNSBlacklist)) + " domains")
}
if(config.ConstellationConfig.DNS) {
if(!config.ConstellationConfig.DNSDisabled) {
go (func() {
dns.HandleFunc(".", handleDNSRequest)
server := &dns.Server{Addr: ":" + DNSPort, Net: "udp"}

2
src/constellation/api_devices_block.go
View File

@ -39,6 +39,8 @@ func DeviceBlock(w http.ResponseWriter, req *http.Request) {
return
}
utils.Log("ConstellationDeviceBlocking: Blocking Device " + deviceName)
c, errCo := utils.GetCollection(utils.GetRootAppId(), "devices")
if errCo != nil {
utils.Error("Database Connect", errCo)

41
src/constellation/api_devices_config.go Normal file
View File

@ -0,0 +1,41 @@
package constellation
// import (
// "net/http"
// "encoding/json"
// "math/rand"
// "time"
// "net"
// "github.com/azukaar/cosmos-server/src/utils"
// )
// func DeviceConfig(w http.ResponseWriter, req *http.Request) {
// time.Sleep(time.Duration(rand.Float64()*2)*time.Second)
// if(req.Method == "GET") {
// ip, _, err := net.SplitHostPort(req.RemoteAddr)
// if err != nil {
// http.Error(w, "Invalid request", http.StatusBadRequest)
// return
// }
// // get authorization header
// auth := req.Header.Get("Authorization")
// if auth == "" {
// http.Error(w, "Unauthorized", http.StatusUnauthorized)
// return
// }
// // remove "Bearer " from auth header
// auth = strings.Replace(auth, "Bearer ", "", 1)
// } else {
// utils.Error("DeviceConfig: Method not allowed" + req.Method, nil)
// utils.HTTPError(w, "Method not allowed", http.StatusMethodNotAllowed, "HTTP001")
// return
// }
// }

8
src/constellation/api_devices_create.go
View File

@ -44,11 +44,14 @@ func DeviceCreate(w http.ResponseWriter, req *http.Request) {
nickname := utils.Sanitize(request.Nickname)
deviceName := utils.Sanitize(request.DeviceName)
APIKey := utils.GenerateRandomString(32)
if utils.AdminOrItselfOnly(w, req, nickname) != nil {
return
}
utils.Log("ConstellationDeviceCreation: Creating Device " + deviceName)
c, errCo := utils.GetCollection(utils.GetRootAppId(), "devices")
if errCo != nil {
utils.Error("Database Connect", errCo)
@ -100,6 +103,8 @@ func DeviceCreate(w http.ResponseWriter, req *http.Request) {
"PublicHostname": request.PublicHostname,
"Port": request.Port,
"Fingerprint": fingerprint,
"APIKey": APIKey,
"Blocked": false,
})
if err3 != nil {
@ -123,7 +128,7 @@ func DeviceCreate(w http.ResponseWriter, req *http.Request) {
}
// read configYml from config/nebula.yml
configYml, err := getYAMLClientConfig(deviceName, utils.CONFIGFOLDER + "nebula.yml", capki, cert, key, utils.ConstellationDevice{
configYml, err := getYAMLClientConfig(deviceName, utils.CONFIGFOLDER + "nebula.yml", capki, cert, key, APIKey, utils.ConstellationDevice{
Nickname: nickname,
DeviceName: deviceName,
PublicKey: key,
@ -132,6 +137,7 @@ func DeviceCreate(w http.ResponseWriter, req *http.Request) {
IsRelay: request.IsRelay,
PublicHostname: request.PublicHostname,
Port: request.Port,
APIKey: APIKey,
})
if err != nil {

2
src/constellation/api_nebula_connect.go
View File

@ -26,7 +26,7 @@ func API_ConnectToExisting(w http.ResponseWriter, req *http.Request) {
config := utils.ReadConfigFromFile()
config.ConstellationConfig.Enabled = true
config.ConstellationConfig.SlaveMode = true
config.ConstellationConfig.DNS = false
config.ConstellationConfig.DNSDisabled = false
// ConstellationHostname =
// output utils.CONFIGFOLDER + "nebula.yml"

10
src/constellation/nebula.go
View File

@ -235,7 +235,7 @@ func ExportConfigToYAML(overwriteConfig utils.ConstellationConfig, outputPath st
return nil
}
func getYAMLClientConfig(name, configPath, capki, cert, key string, device utils.ConstellationDevice) (string, error) {
func getYAMLClientConfig(name, configPath, capki, cert, key, APIKey string, device utils.ConstellationDevice) (string, error) {
utils.Log("Exporting YAML config for " + name + " with file " + configPath)
// Read the YAML config file
@ -321,9 +321,11 @@ func getYAMLClientConfig(name, configPath, capki, cert, key string, device utils
return "", errors.New("listen not found in nebula.yml")
}
configMap["deviceName"] = name
configMap["local_dns_overwrite"] = "192.168.201.1"
configMap["public_hostname"] = device.PublicHostname
configMap["constellation_device_name"] = name
configMap["constellation_local_dns_overwrite"] = true
configMap["constellation_local_dns_overwrite_address"] = "192.168.201.1"
configMap["constellation_public_hostname"] = device.PublicHostname
configMap["constellation_api_key"] = APIKey
// export configMap as YML
yamlData, err = yaml.Marshal(configMap)

3
src/market/index.go
View File

@ -12,7 +12,7 @@ type marketGetResult struct {
}
func MarketGet(w http.ResponseWriter, req *http.Request) {
if utils.AdminOnly(w, req) != nil {
if utils.LoggedInOnly(w, req) != nil {
return
}
@ -22,7 +22,6 @@ func MarketGet(w http.ResponseWriter, req *http.Request) {
return
}
// return the first 10 results of each market
marketGetResult := marketGetResult{
All: make(map[string]interface{}),
Showcase: []appDefinition{},

25
src/user/token.go
View File

@ -5,6 +5,7 @@ import (
"github.com/azukaar/cosmos-server/src/utils"
"github.com/golang-jwt/jwt"
"errors"
"strconv"
"strings"
"time"
"encoding/json"
@ -189,13 +190,25 @@ func logOutUser(w http.ResponseWriter, req *http.Request) {
HttpOnly: true,
}
clientCookie := http.Cookie{
Name: "client-infos",
Value: "{}",
Expires: time.Now().Add(-time.Hour * 24 * 365),
Path: "/",
Secure: utils.IsHTTPS,
HttpOnly: false,
}
if reqHostNoPort == "localhost" || reqHostNoPort == "0.0.0.0" {
cookie.Domain = ""
clientCookie.Domain = ""
} else {
cookie.Domain = "." + reqHostNoPort
clientCookie.Domain = "." + reqHostNoPort
}
http.SetCookie(w, &cookie)
http.SetCookie(w, &clientCookie)
// TODO: logout every other device if asked by increasing passwordcycle
}
@ -254,13 +267,24 @@ func SendUserToken(w http.ResponseWriter, req *http.Request, user utils.User, mf
HttpOnly: true,
}
clientCookie := http.Cookie{
Name: "client-infos",
Value: user.Nickname + "," + strconv.Itoa(int(user.Role)),
Expires: expiration,
Path: "/",
Secure: utils.IsHTTPS,
HttpOnly: false,
}
utils.Log("UserLogin: Setting cookie for " + reqHostNoPort)
if reqHostNoPort == "localhost" || reqHostNoPort == "0.0.0.0" {
cookie.Domain = ""
clientCookie.Domain = ""
} else {
if utils.IsValidHostname(reqHostNoPort) {
cookie.Domain = "." + reqHostNoPort
clientCookie.Domain = "." + reqHostNoPort
} else {
utils.Error("UserLogin: Invalid hostname", nil)
utils.HTTPError(w, "User Logging Error", http.StatusInternalServerError, "UL001")
@ -269,4 +293,5 @@ func SendUserToken(w http.ResponseWriter, req *http.Request, user utils.User, mf
}
http.SetCookie(w, &cookie)
http.SetCookie(w, &clientCookie)
}

3
src/utils/types.go
View File

@ -213,7 +213,7 @@ type ConstellationConfig struct {
Enabled bool
SlaveMode bool
PrivateNode bool
DNS bool
DNSDisabled bool
DNSPort string
DNSFallback string
DNSBlockBlacklist bool
@ -239,6 +239,7 @@ type ConstellationDevice struct {
Port string `json:"port"`
Blocked bool `json:"blocked"`
Fingerprint string `json:"fingerprint"`
APIKey string `json:"-"`
}
type NebulaFirewallRule struct {

2
src/utils/utils.go
View File

@ -64,7 +64,7 @@ var DefaultConfig = Config{
},
ConstellationConfig: ConstellationConfig{
Enabled: false,
DNS: true,
DNSDisabled: false,
DNSFallback: "8.8.8.8:53",
DNSAdditionalBlocklists: []string{
"https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt",