admin
db83db383c
Critical: watchdog mutex panic safety, SetGeoAppOverride nil guard, SSD-only app DB restore fallback. High: double deploy race (atomic Deploying flag), delete/remove during deploy guard, ScanStacks overwrite protection, FileBrowser mount mutex, PushEvent history, PushOnce error handling, DB dump sync+close before rename, restic retry fresh context, encrypt failure logging, cross-backup path traversal validation, deepCopyStack completeness. Security: constant-time API key comparison, login rate limiting (5/min), git credential masking in logs, storage path prefix traversal fix. Concurrency: MigrateEncryption lock ordering, SubdomainInUse I/O outside lock, scheduler late-registered jobs, SQLite WAL verification, metrics shutdown context, telemetry scan error logging, asset sync lock scope. Optimization: streaming file copy for DB dumps, restic stats dedup, atomic infra config copy. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
226 lines
5.4 KiB
Go
226 lines
5.4 KiB
Go
package report
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"strings"
|
|
"sync"
|
|
"time"
|
|
|
|
"gitea.dooplex.hu/admin/felhom-controller/internal/config"
|
|
)
|
|
|
|
// PushStatus tracks the last hub push attempt and result.
|
|
type PushStatus struct {
|
|
LastAttempt time.Time
|
|
LastSuccess time.Time
|
|
LastError string
|
|
Consecutive int // consecutive failures
|
|
}
|
|
|
|
// PushResponse is the parsed response from the Hub after a report push.
|
|
type PushResponse struct {
|
|
Status string `json:"status"`
|
|
CustomerBlocked bool `json:"customer_blocked"`
|
|
}
|
|
|
|
// Pusher sends reports to the central hub.
|
|
type Pusher struct {
|
|
hubURL string
|
|
apiKey string
|
|
httpClient *http.Client
|
|
logger *log.Logger
|
|
enabled bool
|
|
debug bool
|
|
|
|
statusMu sync.RWMutex
|
|
status PushStatus
|
|
|
|
// OnPushResponse is called after each successful report push with the parsed response.
|
|
// Set by main.go to update hub verification state.
|
|
OnPushResponse func(resp *PushResponse)
|
|
}
|
|
|
|
// NewPusher creates a new report pusher from hub configuration.
|
|
func NewPusher(cfg *config.HubConfig, logger *log.Logger, debug bool) *Pusher {
|
|
return &Pusher{
|
|
hubURL: strings.TrimRight(cfg.URL, "/"),
|
|
apiKey: cfg.APIKey,
|
|
httpClient: &http.Client{
|
|
Timeout: 30 * time.Second,
|
|
},
|
|
logger: logger,
|
|
enabled: cfg.Enabled,
|
|
debug: debug,
|
|
}
|
|
}
|
|
|
|
// Push sends a report to the hub. Retries 3 times with 5s backoff.
|
|
func (p *Pusher) Push(report *Report) error {
|
|
if !p.enabled {
|
|
return nil
|
|
}
|
|
|
|
data, err := json.Marshal(report)
|
|
if err != nil {
|
|
return fmt.Errorf("marshal report: %w", err)
|
|
}
|
|
|
|
url := p.hubURL + "/api/v1/report"
|
|
if p.debug {
|
|
p.logger.Printf("[DEBUG] Push: url=%s payload=%d bytes", url, len(data))
|
|
}
|
|
|
|
p.statusMu.Lock()
|
|
p.status.LastAttempt = time.Now()
|
|
p.statusMu.Unlock()
|
|
|
|
var lastErr error
|
|
for attempt := 0; attempt < 3; attempt++ {
|
|
if attempt > 0 {
|
|
time.Sleep(5 * time.Second)
|
|
}
|
|
|
|
req, err := http.NewRequest(http.MethodPost, url, bytes.NewReader(data))
|
|
if err != nil {
|
|
lastErr = err
|
|
continue
|
|
}
|
|
req.Header.Set("Content-Type", "application/json")
|
|
if p.apiKey != "" {
|
|
req.Header.Set("Authorization", "Bearer "+p.apiKey)
|
|
}
|
|
|
|
resp, err := p.httpClient.Do(req)
|
|
if err != nil {
|
|
lastErr = err
|
|
continue
|
|
}
|
|
|
|
// Read response body to parse customer_blocked field
|
|
respBody, _ := io.ReadAll(io.LimitReader(resp.Body, 4096))
|
|
resp.Body.Close()
|
|
|
|
if resp.StatusCode >= 200 && resp.StatusCode < 300 {
|
|
p.logger.Printf("[INFO] Hub report pushed successfully (%d bytes)", len(data))
|
|
p.statusMu.Lock()
|
|
p.status.LastSuccess = time.Now()
|
|
p.status.LastError = ""
|
|
p.status.Consecutive = 0
|
|
p.statusMu.Unlock()
|
|
|
|
// Parse response for customer_blocked field
|
|
if p.OnPushResponse != nil && len(respBody) > 0 {
|
|
var pr PushResponse
|
|
if json.Unmarshal(respBody, &pr) == nil {
|
|
p.OnPushResponse(&pr)
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
lastErr = fmt.Errorf("HTTP %d", resp.StatusCode)
|
|
}
|
|
|
|
p.statusMu.Lock()
|
|
p.status.LastError = lastErr.Error()
|
|
p.status.Consecutive++
|
|
p.statusMu.Unlock()
|
|
|
|
return fmt.Errorf("hub push failed after 3 attempts: %w", lastErr)
|
|
}
|
|
|
|
// GetStatus returns a snapshot of the current push status.
|
|
func (p *Pusher) GetStatus() PushStatus {
|
|
p.statusMu.RLock()
|
|
defer p.statusMu.RUnlock()
|
|
return p.status
|
|
}
|
|
|
|
// PushInfraBackup sends the infrastructure backup payload to the Hub.
|
|
// Uses the same retry logic as Push.
|
|
func (p *Pusher) PushInfraBackup(data []byte) error {
|
|
if !p.enabled {
|
|
return nil
|
|
}
|
|
|
|
url := p.hubURL + "/api/v1/infra-backup"
|
|
if p.debug {
|
|
p.logger.Printf("[DEBUG] PushInfraBackup: url=%s payload=%d bytes", url, len(data))
|
|
}
|
|
|
|
var lastErr error
|
|
for attempt := 0; attempt < 3; attempt++ {
|
|
if attempt > 0 {
|
|
time.Sleep(5 * time.Second)
|
|
}
|
|
|
|
req, err := http.NewRequest(http.MethodPost, url, bytes.NewReader(data))
|
|
if err != nil {
|
|
lastErr = err
|
|
continue
|
|
}
|
|
req.Header.Set("Content-Type", "application/json")
|
|
if p.apiKey != "" {
|
|
req.Header.Set("Authorization", "Bearer "+p.apiKey)
|
|
}
|
|
|
|
resp, err := p.httpClient.Do(req)
|
|
if err != nil {
|
|
lastErr = err
|
|
continue
|
|
}
|
|
io.Copy(io.Discard, resp.Body)
|
|
resp.Body.Close()
|
|
|
|
if resp.StatusCode >= 200 && resp.StatusCode < 300 {
|
|
p.logger.Printf("[INFO] Infra backup pushed to Hub (%d bytes)", len(data))
|
|
return nil
|
|
}
|
|
lastErr = fmt.Errorf("HTTP %d", resp.StatusCode)
|
|
if p.debug {
|
|
p.logger.Printf("[DEBUG] PushInfraBackup: attempt %d failed — HTTP %d", attempt+1, resp.StatusCode)
|
|
}
|
|
}
|
|
|
|
return fmt.Errorf("infra backup push failed after 3 attempts: %w", lastErr)
|
|
}
|
|
|
|
// PushOnce sends a single report regardless of the enabled flag.
|
|
// Used for one-time notifications (e.g., reporting-disabled on startup).
|
|
func (p *Pusher) PushOnce(report *Report) error {
|
|
if p.hubURL == "" || p.apiKey == "" {
|
|
return nil
|
|
}
|
|
|
|
data, err := json.Marshal(report)
|
|
if err != nil {
|
|
return fmt.Errorf("marshal report: %w", err)
|
|
}
|
|
|
|
url := p.hubURL + "/api/v1/report"
|
|
|
|
req, err := http.NewRequest(http.MethodPost, url, bytes.NewReader(data))
|
|
if err != nil {
|
|
return fmt.Errorf("create request: %w", err)
|
|
}
|
|
req.Header.Set("Content-Type", "application/json")
|
|
req.Header.Set("Authorization", "Bearer "+p.apiKey)
|
|
|
|
resp, err := p.httpClient.Do(req)
|
|
if err != nil {
|
|
return fmt.Errorf("hub push-once: %w", err)
|
|
}
|
|
io.Copy(io.Discard, resp.Body)
|
|
resp.Body.Close()
|
|
|
|
if resp.StatusCode >= 200 && resp.StatusCode < 300 {
|
|
p.logger.Printf("[INFO] Hub push-once sent (%d bytes)", len(data))
|
|
return nil
|
|
}
|
|
return fmt.Errorf("hub push-once: HTTP %d", resp.StatusCode)
|
|
}
|