From e340ad01ea25ca2036a1afa440886ba544cc529a Mon Sep 17 00:00:00 2001 From: despiegk Date: Thu, 28 Aug 2025 17:19:32 +0200 Subject: [PATCH] ... --- examples/virt/hetzner/hetzner_example.vsh | 2 +- lib/clients/livekit/play.v | 56 +++++++++---------- lib/osal/core/net.v | 17 +++--- .../hetznermanager/hetznermanager_model.v | 1 + lib/virt/hetznermanager/protection.v | 19 +++++++ lib/virt/hetznermanager/rescue.v | 27 +++++++-- lib/virt/hetznermanager/reset.v | 4 +- 7 files changed, 83 insertions(+), 43 deletions(-) create mode 100644 lib/virt/hetznermanager/protection.v diff --git a/examples/virt/hetzner/hetzner_example.vsh b/examples/virt/hetzner/hetzner_example.vsh index f0a554ed..7228bd74 100755 --- a/examples/virt/hetzner/hetzner_example.vsh +++ b/examples/virt/hetzner/hetzner_example.vsh @@ -58,5 +58,5 @@ mut cl := hetznermanager.get(name: 'main')! // n.shell("")! -cl.ubuntu_install(name: 'kristof2', wait: true, hero_install: true, sshkey_name: 'kristof')! +// cl.ubuntu_install(name: 'kristof2', wait: true, hero_install: true, sshkey_name: 'kristof')! cl.ubuntu_install(name: 'kristof20', wait: true, hero_install: true, sshkey_name: 'kristof')! diff --git a/lib/clients/livekit/play.v b/lib/clients/livekit/play.v index 6e24fad9..0b99117a 100644 --- a/lib/clients/livekit/play.v +++ b/lib/clients/livekit/play.v @@ -131,37 +131,37 @@ pub fn play(mut plbook PlayBook) ! { // Handle access token generation mut token_create_actions := plbook.find(filter: 'livekit.token_create')! - for mut action in token_create_actions { - mut p := action.params + // for mut action in token_create_actions { + // mut p := action.params - client_name := texttools.name_fix(p.get_default('client', 'default')!) - identity := p.get('identity')! - name := p.get_default('name', identity)! - room := p.get_default('room', '')! - ttl := p.get_int_default('ttl', 21600)! - can_publish := p.get_default_false('can_publish') - can_subscribe := p.get_default_true('can_subscribe') - can_publish_data := p.get_default_false('can_publish_data') + // client_name := texttools.name_fix(p.get_default('client', 'default')!) + // identity := p.get('identity')! + // name := p.get_default('name', identity)! + // room := p.get_default('room', '')! + // ttl := p.get_int_default('ttl', 21600)! + // can_publish := p.get_default_false('can_publish') + // can_subscribe := p.get_default_true('can_subscribe') + // can_publish_data := p.get_default_false('can_publish_data') - mut client := get(name: client_name)! + // mut client := get(name: client_name)! - mut token := client.new_access_token( - identity: identity - name: name - ttl: ttl - )! + // mut token := client.new_access_token( + // identity: identity + // name: name + // ttl: ttl + // )! - token.add_video_grant(VideoGrant{ - room: room - room_join: true - can_publish: can_publish - can_subscribe: can_subscribe - can_publish_data: can_publish_data - }) + // token.add_video_grant(VideoGrant{ + // room: room + // room_join: true + // can_publish: can_publish + // can_subscribe: can_subscribe + // can_publish_data: can_publish_data + // }) - jwt := token.to_jwt()! - console.print_header('Access token generated for "${identity}"') - console.print_debug('Token: ${jwt}') - action.done = true - } + // jwt := token.to_jwt()! + // console.print_header('Access token generated for "${identity}"') + // console.print_debug('Token: ${jwt}') + // action.done = true + // } } diff --git a/lib/osal/core/net.v b/lib/osal/core/net.v index 038ea330..0509b538 100644 --- a/lib/osal/core/net.v +++ b/lib/osal/core/net.v @@ -26,10 +26,10 @@ pub fn ping(args PingArgs) !bool { // if platform_ == .windows { // cmd += ' -n 1 -w 1000' if platform_ == .osx { - cmd += ' -c 1 -t 2' + cmd += ' -c1 -t2' } else { // linux - cmd += ' -c 1 -w 2' + cmd += ' -c1 -w2' } cmd += ' ${args.address}' if args.nr_ok > args.nr_ping { @@ -38,12 +38,11 @@ pub fn ping(args PingArgs) !bool { for _ in 0 .. math.max(1, args.retry) { mut nrerrors := 0 for _ in 0 .. args.nr_ping { - // console.print_debug(cmd) res := os.execute(cmd) if res.exit_code > 0 { nrerrors += 1 } - // println(res) + console.print_debug("${cmd} ${res.exit_code} ${nrerrors}") } successes := args.nr_ping - nrerrors if successes >= args.nr_ok { @@ -197,7 +196,7 @@ pub fn ssh_wait(args TcpPortTestArgs) ! { run_time = time.now().unix_milli() errmsg, res := ssh_testrun_internal(args)! - console.print_debug(errmsg) + // console.print_debug(errmsg) if run_time > start_time + args.timeout { return error(errmsg) @@ -211,7 +210,8 @@ pub fn ssh_wait(args TcpPortTestArgs) ! { fn ssh_testrun_internal(args TcpPortTestArgs) !(string, SSHResult) { cmd := ' - ssh -o BatchMode=yes -o ConnectTimeout=3 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -q "${args.address}" exit + set -ex + ssh -o BatchMode=yes -o ConnectTimeout=3 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -q root@${args.address} exit if [ $? -eq 0 ]; then echo "OK: SSH works" exit 0 @@ -233,10 +233,11 @@ fn ssh_testrun_internal(args TcpPortTestArgs) !(string, SSHResult) { fi echo "ERROR: Host unreachable, over ping and ssh" exit 3 - ' // console.print_debug('ssh test cmd: ${cmd}') + ' res := exec(cmd: cmd, ignore_error: true, stdout: false, debug: false)! - // console.print_debug('ssh test result: ${res}') + // console.print_debug('ssh test ${res.exit_code}: ===== cmd:\n${cmd}\n=====\n${res.output}') + if res.exit_code == 0 { return res.output, SSHResult.ok } else if res.exit_code == 1 { diff --git a/lib/virt/hetznermanager/hetznermanager_model.v b/lib/virt/hetznermanager/hetznermanager_model.v index 654c5ee9..06c5f988 100644 --- a/lib/virt/hetznermanager/hetznermanager_model.v +++ b/lib/virt/hetznermanager/hetznermanager_model.v @@ -31,6 +31,7 @@ pub fn (mut h HetznerManager) connection() !&httpconnection.HTTPConnection { fn obj_init(mycfg_ HetznerManager) !HetznerManager { mut mycfg := mycfg_ + mycfg.whitelist = mycfg.whitelist.map(it.trim_space()) return mycfg } diff --git a/lib/virt/hetznermanager/protection.v b/lib/virt/hetznermanager/protection.v new file mode 100644 index 00000000..5bbe99fc --- /dev/null +++ b/lib/virt/hetznermanager/protection.v @@ -0,0 +1,19 @@ +module hetznermanager + +import freeflowuniverse.herolib.core.texttools +import time +import freeflowuniverse.herolib.ui.console +import freeflowuniverse.herolib.osal.core as osal +import freeflowuniverse.herolib.builder + + +pub fn (mut h HetznerManager) check_whitelist(name string)! { + + if whitelist.len == 0 { + return + } + if !whitelist.contains(name) { + return error('Server ${name} is not whitelisted') + } + +} diff --git a/lib/virt/hetznermanager/rescue.v b/lib/virt/hetznermanager/rescue.v index 10001f30..a3bc8371 100644 --- a/lib/virt/hetznermanager/rescue.v +++ b/lib/virt/hetznermanager/rescue.v @@ -38,6 +38,7 @@ pub fn (mut h HetznerManager) server_rescue(args_ ServerRescueArgs) !ServerInfoD for _ in 0 .. args_.retry - 1 { return h.server_rescue_internal(args_) or { continue } } + console.print_header('server ${args_.name} failed to rescue we retry: now ${args_.retry} attempts') } return h.server_rescue_internal(args_)! } @@ -46,6 +47,8 @@ fn (mut h HetznerManager) server_rescue_internal(args_ ServerRescueArgs) !Server mut args := args_ mut serverinfo := h.server_info_get(id: args.id, name: args.name)! + os.execute_opt('ssh-keygen -R ${serverinfo.server_ip}')! + if serverinfo.rescue && !args.reset { if osal.ssh_test(address: serverinfo.server_ip, port: 22)! == .ok { console.print_debug('test server ${serverinfo.server_name} is in rescue mode?') @@ -84,7 +87,7 @@ fn (mut h HetznerManager) server_rescue_internal(args_ ServerRescueArgs) !Server dataformat: .urlencoded )! - // console.print_debug('hetzner rescue\n${rescue}') + console.print_debug('Request for hetzner rescue done.\n${rescue}') h.server_reset( id: args.id @@ -149,8 +152,9 @@ pub fn (mut h HetznerManager) ubuntu_install(args ServerInstallArgs) !&builder.N // n.file_write("/tmp/installconfig",installconfig)! // n.exec_interactive("installimage -a -c /tmp/installconfig")! - mut rstr := '' + mut rstr := '-r no ' if args.raid { + panic("should not use RAID for now") rstr = '-r yes -l 1 ' } @@ -158,8 +162,20 @@ pub fn (mut h HetznerManager) ubuntu_install(args ServerInstallArgs) !&builder.N cmd: ' set -ex echo "go into install mode, try to install ubuntu 24.04" - /root/.oldroot/nfs/install/installimage -a -n kristof2 ${rstr} -i /root/.oldroot/nfs/images/Ubuntu-2404-noble-amd64-base.tar.gz -f yes -t yes -p swap:swap:4G,/boot:ext3:1024M,/:btrfs:all - reboot' + + if [ -d /sys/firmware/efi ]; then + echo "UEFI system detected → need ESP" + PARTS="/boot/efi:esp:256M,swap:swap:4G,/boot:ext3:1024M,/:btrfs:all" + else + echo "BIOS/legacy system detected → no ESP" + PARTS="swap:swap:4G,/boot:ext3:1024M,/:btrfs:all" + fi + + # installimage invocation + /root/.oldroot/nfs/install/installimage -a -n "${args.name}" ${rstr} -i /root/.oldroot/nfs/images/Ubuntu-2404-noble-amd64-base.tar.gz -f yes -t yes -p "\$PARTS" + + reboot + ' )! os.execute_opt('ssh-keygen -R ${serverinfo.server_ip}')! @@ -172,6 +188,9 @@ pub fn (mut h HetznerManager) ubuntu_install(args ServerInstallArgs) !&builder.N timeout_up: 60 * 5 )! + //wait 20 sec to make sure ssh is there + osal.ssh_wait(address: serverinfo.server_ip, timeout: 20)! + if args.hero_install { n.exec_silent('apt update && apt install -y mc redis')! n.hero_install(compile: args.hero_install_compile)! diff --git a/lib/virt/hetznermanager/reset.v b/lib/virt/hetznermanager/reset.v index 3623e997..8f82b3c6 100644 --- a/lib/virt/hetznermanager/reset.v +++ b/lib/virt/hetznermanager/reset.v @@ -50,7 +50,7 @@ pub fn (mut h HetznerManager) server_reset(args ServerRebootArgs) !ResetInfo { // now need to wait till it goes off if serveractive { for { - console.print_debug('wait for server ${serverinfo.server_name} to go down.') + console.print_debug('wait for server ${serverinfo.server_name} on ${serverinfo.server_ip} to go down.') pingresult := osal.ping(address: serverinfo.server_ip)! if !pingresult { console.print_debug('server ${serverinfo.server_name} is now down, now waitig for reboot.') @@ -64,7 +64,7 @@ pub fn (mut h HetznerManager) server_reset(args ServerRebootArgs) !ResetInfo { if args.wait { for { time.sleep(1000 * time.millisecond) - console.print_debug('wait for ${serverinfo.server_name} ${args.msg}') + console.print_debug('wait for ${serverinfo.server_name} on ${serverinfo.server_ip} ${args.msg}') if osal.ssh_test(address: serverinfo.server_ip)! == .ok { console.print_debug('ssh test ok') console.print_header('server is rebooted: ${serverinfo.server_name}')