caas: remove box plan change routes

it can contain sensitive information

.eslintrc.json

@@ -23,6 +23,7 @@
         "semi": [
             "error",
             "always"
-        ]
+        ],
+        "no-console": "off"
     }
 }

CHANGES

@@ -1425,3 +1425,52 @@
 * Add UI to toggle dynamic DNS
 * Add support for hyphenated subdomains
 
+[3.3.2]
+* Use new addons with REST APIs
+* Ubuntu 18.04 LTS support
+* Custom env vars can be set per application
+* Add a button to renew certs
+* Add better support for private builds
+* cloudflare: Fix crash when using bad email
+* cloudflare: HTTP proxying works now
+* add new exoscale-sos regions
+* Add UI to toggle dynamic DNS
+* Add support for hyphenated subdomains
+* Add domain, mail events to eventlog
+
+[3.3.3]
+* Use new addons with REST APIs
+* Ubuntu 18.04 LTS support
+* Custom env vars can be set per application
+* Add a button to renew certs
+* Add better support for private builds
+* cloudflare: Fix crash when using bad email
+* cloudflare: HTTP proxying works now
+* add new exoscale-sos regions
+* Add UI to toggle dynamic DNS
+* Add support for hyphenated subdomains
+* Add domain, mail events to eventlog
+
+[3.3.4]
+* Use new addons with REST APIs
+* Ubuntu 18.04 LTS support
+* Custom env vars can be set per application
+* Add a button to renew certs
+* Add better support for private builds
+* cloudflare: Fix crash when using bad email
+* cloudflare: HTTP proxying works now
+* add new exoscale-sos regions
+* Add UI to toggle dynamic DNS
+* Add support for hyphenated subdomains
+* Add domain, mail events to eventlog
+
+[3.4.0]
+* Improve error page
+* Add system view to manage addons and view their status
+* Fix iconset regression for account and Cloudron name edits
+* Add server reboot button and warn if reboot is required for security updates
+* Backup and update tasks are now cancelable
+* Move graphite away from port 3000 (reserved by ESXi)
+* Flexible mailbox management
+* Automatic updates can be toggled per app
+

box.js

@@ -2,12 +2,16 @@
 
 'use strict';
 
-require('supererror')({ splatchError: true });
+// prefix all output with a timestamp
+// debug() already prefixes and uses process.stderr NOT console.*
+['log', 'info', 'warn', 'debug', 'error'].forEach(function (log) {
+    var orig = console[log];
+    console[log] = function () {
+        orig.apply(console, [new Date().toISOString()].concat(Array.prototype.slice.call(arguments)));
+    };
+});
 
-// remove timestamp from debug() based output
-require('debug').formatArgs = function formatArgs(args) {
-    args[0] = this.namespace + ' ' + args[0];
-};
+require('supererror')({ splatchError: true });
 
 let async = require('async'),
     config = require('./src/config.js'),

migrations/20160208031241-groups-add-table.js

@@ -1,7 +1,7 @@
 'use strict';
 
 exports.up = function(db, callback) {
-    var cmd = "CREATE TABLE groups(" +
+    var cmd = "CREATE TABLE userGroups(" +
                 "id VARCHAR(128) NOT NULL UNIQUE," +
                 "name VARCHAR(128) NOT NULL UNIQUE," +
                 "PRIMARY KEY(id))";
@@ -13,7 +13,7 @@ exports.up = function(db, callback) {
 };
 
 exports.down = function(db, callback) {
-    db.runSql('DROP TABLE groups', function (error) {
+    db.runSql('DROP TABLE userGroups', function (error) {
         if (error) console.error(error);
         callback(error);
     });

migrations/20160208100000-groupMembers-add-table.js

@@ -4,7 +4,7 @@ exports.up = function(db, callback) {
 	var cmd = "CREATE TABLE IF NOT EXISTS groupMembers(" +
     			"groupId VARCHAR(128) NOT NULL," +
     			"userId VARCHAR(128) NOT NULL," +
-    			"FOREIGN KEY(groupId) REFERENCES groups(id)," +
+    			"FOREIGN KEY(groupId) REFERENCES userGroups(id)," +
     			"FOREIGN KEY(userId) REFERENCES users(id));";
 
     db.runSql(cmd, function (error) {

migrations/20160208164735-groups-add-admin.js

@@ -7,7 +7,7 @@ var ADMIN_GROUP_ID = 'admin'; // see constants.js
 exports.up = function(db, callback) {
 	async.series([
 		db.runSql.bind(db, 'START TRANSACTION;'),
-		db.runSql.bind(db, 'INSERT INTO groups (id, name) VALUES (?, ?)', [ ADMIN_GROUP_ID, 'admin' ]),
+		db.runSql.bind(db, 'INSERT INTO userGroups (id, name) VALUES (?, ?)', [ ADMIN_GROUP_ID, 'admin' ]),
 		function migrateAdminFlag(done) {
 			db.all('SELECT * FROM users WHERE admin=1', function (error, results) {
 				if (error) return done(error);

migrations/20160921205726-mailboxes-add-ownerId.js

@@ -10,7 +10,7 @@ exports.up = function(db, callback) {
         function addGroupMailboxes(done) {
             console.log('Importing group mailboxes');
 
-            db.all('SELECT id, name FROM groups', function (error, results) {
+            db.all('SELECT id, name FROM userGroups', function (error, results) {
                 if (error) return done(error);
 
                 async.eachSeries(results, function (g, next) {

migrations/20171118000000-ensure-collation-utf8_bin.js

@@ -16,7 +16,7 @@ exports.up = function(db, callback) {
         db.runSql.bind(db, 'ALTER TABLE clients CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
         db.runSql.bind(db, 'ALTER TABLE eventlog CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
         db.runSql.bind(db, 'ALTER TABLE groupMembers CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
-        db.runSql.bind(db, 'ALTER TABLE groups CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
+        db.runSql.bind(db, 'ALTER TABLE userGroups CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
         db.runSql.bind(db, 'ALTER TABLE mailboxes CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
         db.runSql.bind(db, 'ALTER TABLE migrations CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),
         db.runSql.bind(db, 'ALTER TABLE settings CONVERT TO CHARACTER SET utf8 COLLATE utf8_bin'),

migrations/20171118000001-apps-add-domain.js

@@ -29,7 +29,7 @@ exports.up = function(db, callback) {
 
                 // this will be finally created once we have a domain when we create the owner in user.js
                 const ADMIN_GROUP_ID = 'admin'; // see constants.js
-                db.runSql('DELETE FROM groups WHERE id = ?', [ ADMIN_GROUP_ID ], function (error) {
+                db.runSql('DELETE FROM userGroups WHERE id = ?', [ ADMIN_GROUP_ID ], function (error) {
                     if (error) return done(error);
 
                     db.runSql('DELETE FROM mailboxes WHERE ownerId = ?', [ ADMIN_GROUP_ID ], done);

migrations/20180405222626-mailboxes-add-members.js

@@ -19,8 +19,8 @@ exports.up = function(db, callback) {
         },
         function getGroups(done) {
             db.all('SELECT id, name, GROUP_CONCAT(groupMembers.userId) AS userIds ' +
-                ' FROM groups LEFT OUTER JOIN groupMembers ON groups.id = groupMembers.groupId ' +
-                ' GROUP BY groups.id', [ ], function (error, results) {
+                ' FROM userGroups LEFT OUTER JOIN groupMembers ON userGroups.id = groupMembers.groupId ' +
+                ' GROUP BY userGroups.id', [ ], function (error, results) {
                 if (error) return done(error);
 
                 results.forEach(function (result) {

migrations/20180726213634-users-add-admin.js

@@ -18,7 +18,7 @@ exports.up = function(db, callback) {
 
                 async.series([
                     db.runSql.bind(db, 'DELETE FROM groupMembers WHERE groupId=?', [ 'admin' ]),
-                    db.runSql.bind(db, 'DELETE FROM groups WHERE id=?', [ 'admin' ])
+                    db.runSql.bind(db, 'DELETE FROM userGroups WHERE id=?', [ 'admin' ])
                 ], callback);
             });
         });

migrations/20181116191032-tasks-add-table.js

@@ -0,0 +1,27 @@
+'use strict';
+
+exports.up = function(db, callback) {
+    var cmd = 'CREATE TABLE tasks(' +
+            'id int NOT NULL AUTO_INCREMENT,' +
+            'type VARCHAR(32) NOT NULL,' +
+            'argsJson TEXT,' +
+            'percent INTEGER DEFAULT 0,' +
+            'message TEXT,' +
+            'errorMessage TEXT,' +
+            'result TEXT,' +
+            'creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,' +
+            'ts TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,' +
+            'PRIMARY KEY (id))';
+
+    db.runSql(cmd, function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};
+
+exports.down = function(db, callback) {
+    db.runSql('DROP TABLE tasks', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};

migrations/20181203111504-rename-groups-to-userGroups.js

@@ -0,0 +1,17 @@
+'use strict';
+
+exports.up = function(db, callback) {
+    db.runSql('SELECT 1 FROM groups LIMIT 1', function (error) {
+        if (error) return callback(); // groups table does not exist
+
+        db.runSql('RENAME TABLE groups TO userGroups', function (error) {
+            if (error) console.error(error);
+            callback(error);
+        });
+    });
+};
+
+exports.down = function(db, callback) {
+    // this is a one way renaming since the previous migration steps have been already updated to match the new name
+    callback();
+};

migrations/20181203122115-ensure-default-timestamps.js

@@ -0,0 +1,17 @@
+'use strict';
+
+var async = require('async');
+
+exports.up = function(db, callback) {
+    async.series([
+        db.runSql.bind(db, 'ALTER TABLE apps MODIFY creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP'),
+        db.runSql.bind(db, 'ALTER TABLE apps MODIFY updateTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP'),
+        db.runSql.bind(db, 'ALTER TABLE eventlog MODIFY creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP'),
+        db.runSql.bind(db, 'ALTER TABLE backups MODIFY creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP'),
+        db.runSql.bind(db, 'ALTER TABLE mailboxes MODIFY creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP'),
+    ], callback);
+};
+
+exports.down = function(db, callback) {
+    callback();
+};

migrations/20181207042802-apps-add-mailboxName.js

@@ -0,0 +1,28 @@
+'use strict';
+
+var async = require('async');
+
+exports.up = function(db, callback) {
+    async.series([
+        db.runSql.bind(db, 'ALTER TABLE apps ADD COLUMN mailboxName VARCHAR(128)'),
+        db.runSql.bind(db, 'START TRANSACTION;'),
+
+        function migrateMailboxNames(done) {
+            db.all('SELECT * FROM mailboxes', function (error, mailboxes) {
+                if (error) return done(error);
+
+                async.eachSeries(mailboxes, function (mailbox, iteratorDone) {
+                    if (mailbox.ownerType !== 'app') return iteratorDone();
+
+                    db.runSql('UPDATE apps SET mailboxName = ? WHERE id = ?', [ mailbox.name, mailbox.ownerId ], iteratorDone);
+                }, done);
+            });
+        },
+
+        db.runSql.bind(db, 'COMMIT')
+    ], callback);
+};
+
+exports.down = function(db, callback) {
+    callback();
+};

migrations/20181207042803-mailboxes-remove-ownerType.js

@@ -0,0 +1,28 @@
+'use strict';
+
+var async = require('async');
+
+exports.up = function(db, callback) {
+    async.series([
+        db.runSql.bind(db, 'START TRANSACTION;'),
+
+        function migrateMailboxNames(done) {
+            db.all('SELECT * FROM mailboxes', function (error, mailboxes) {
+                if (error) return done(error);
+
+                async.eachSeries(mailboxes, function (mailbox, iteratorDone) {
+                    if (mailbox.ownerType !== 'app') return iteratorDone();
+
+                    db.runSql('DELETE FROM mailboxes WHERE name = ?', [ mailbox.name ], iteratorDone);
+                }, done);
+            });
+        },
+
+        db.runSql.bind(db, 'COMMIT'),
+        db.runSql.bind(db, 'ALTER TABLE mailboxes DROP COLUMN ownerType')
+    ], callback);
+};
+
+exports.down = function(db, callback) {
+    callback();
+};

migrations/20181207165827-apps-add-enableAutomaticUpdate.js

@@ -0,0 +1,16 @@
+'use strict';
+
+exports.up = function(db, callback) {
+    db.runSql('ALTER TABLE apps ADD COLUMN enableAutomaticUpdate BOOLEAN DEFAULT 1', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};
+
+exports.down = function(db, callback) {
+    db.runSql('ALTER TABLE apps DROP COLUMN enableAutomaticUpdate', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};
+

migrations/schema.sql

@@ -29,7 +29,7 @@ CREATE TABLE IF NOT EXISTS users(
 
     PRIMARY KEY(id));
 
-CREATE TABLE IF NOT EXISTS groups(
+CREATE TABLE IF NOT EXISTS userGroups(
     id VARCHAR(128) NOT NULL UNIQUE,
     name VARCHAR(254) NOT NULL UNIQUE,
     PRIMARY KEY(id));
@@ -37,7 +37,7 @@ CREATE TABLE IF NOT EXISTS groups(
 CREATE TABLE IF NOT EXISTS groupMembers(
     groupId VARCHAR(128) NOT NULL,
     userId VARCHAR(128) NOT NULL,
-    FOREIGN KEY(groupId) REFERENCES groups(id),
+    FOREIGN KEY(groupId) REFERENCES userGroups(id),
     FOREIGN KEY(userId) REFERENCES users(id));
 
 CREATE TABLE IF NOT EXISTS tokens(
@@ -71,8 +71,8 @@ CREATE TABLE IF NOT EXISTS apps(
     location VARCHAR(128) NOT NULL,
     domain VARCHAR(128) NOT NULL,
     accessRestrictionJson TEXT, // { users: [ ], groups: [ ] }
-    creationTime TIMESTAMP(2) NOT NULL DEFAULT CURRENT_TIMESTAMP, // when the app was installed
-    updateTime TIMESTAMP(2) NOT NULL DEFAULT CURRENT_TIMESTAMP,   // when the last app update was done
+    creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, // when the app was installed
+    updateTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,   // when the last app update was done
     ts TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, // when this db record was updated (useful for UI caching)
     memoryLimit BIGINT DEFAULT 0,
     xFrameOptions VARCHAR(512),
@@ -80,6 +80,8 @@ CREATE TABLE IF NOT EXISTS apps(
     debugModeJson TEXT, // options for development mode
     robotsTxt TEXT,
     enableBackup BOOLEAN DEFAULT 1, // misnomer: controls automatic daily backups
+    enableAutomaticUpdate BOOLEAN DEFAULT 1,
+    mailboxName VARCHAR(128), // mailbox of this app
 
     // the following fields do not belong here, they can be removed when we use a queue for apptask
     restoreConfigJson VARCHAR(256), // used to pass backupId to restore from to apptask
@@ -126,7 +128,7 @@ CREATE TABLE IF NOT EXISTS appEnvVars(
 
 CREATE TABLE IF NOT EXISTS backups(
     id VARCHAR(128) NOT NULL,
-    creationTime TIMESTAMP,
+    creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
     version VARCHAR(128) NOT NULL, /* app version or box version */
     type VARCHAR(16) NOT NULL, /* 'box' or 'app' */
     dependsOn TEXT, /* comma separate list of objects this backup depends on */
@@ -141,7 +143,7 @@ CREATE TABLE IF NOT EXISTS eventlog(
     action VARCHAR(128) NOT NULL,
     source TEXT, /* { userId, username, ip }. userId can be null for cron,sysadmin */
     data TEXT, /* free flowing json based on action */
-    createdAt TIMESTAMP(2) NOT NULL,
+    creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
 
     PRIMARY KEY (id));
 
@@ -173,15 +175,17 @@ CREATE TABLE IF NOT EXISTS mail(
 /* Future fields:
    * accessRestriction - to determine who can access it. So this has foreign keys
    * quota - per mailbox quota
+
+   NOTE: this table exists only real mailboxes. And has unique constraint to handle
+   conflict with aliases and mailbox names
 */
 CREATE TABLE IF NOT EXISTS mailboxes(
     name VARCHAR(128) NOT NULL,
     type VARCHAR(16) NOT NULL, /* 'mailbox', 'alias', 'list' */
-    ownerId VARCHAR(128) NOT NULL, /* app id or user id or group id */
-    ownerType VARCHAR(16) NOT NULL, /* 'app' or 'user' or 'group' */
+    ownerId VARCHAR(128) NOT NULL, /* user id */
     aliasTarget VARCHAR(128), /* the target name type is an alias */
     membersJson TEXT, /* members of a group */
-    creationTime TIMESTAMP,
+    creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
     domain VARCHAR(128),
 
     FOREIGN KEY(domain) REFERENCES mail(domain),
@@ -195,6 +199,18 @@ CREATE TABLE IF NOT EXISTS subdomains(
 
     FOREIGN KEY(domain) REFERENCES domains(domain),
     FOREIGN KEY(appId) REFERENCES apps(id),
-    UNIQUE (subdomain, domain))
+    UNIQUE (subdomain, domain));
+
+CREATE TABLE IF NOT EXISTS tasks(
+    id int NOT NULL AUTO_INCREMENT,
+    type VARCHAR(32) NOT NULL,
+    percent INTEGER DEFAULT 0,
+    message TEXT,
+    errorMessage TEXT,
+    result TEXT,
+    creationTime TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    ts TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+    PRIMARY KEY (id));
 
     CHARACTER SET utf8 COLLATE utf8_bin;
+

package.json

@@ -27,7 +27,7 @@
     "connect-timeout": "^1.9.0",
     "cookie-parser": "^1.3.5",
     "cookie-session": "^1.3.2",
-    "cron": "^1.3.0",
+    "cron": "^1.5.1",
     "csurf": "^1.6.6",
     "db-migrate": "^0.11.1",
     "db-migrate-mysql": "^1.1.10",
@@ -92,7 +92,7 @@
   "scripts": {
     "migrate_local": "DATABASE_URL=mysql://root:@localhost/box node_modules/.bin/db-migrate up",
     "migrate_test": "BOX_ENV=test DATABASE_URL=mysql://root:@localhost/boxtest node_modules/.bin/db-migrate up",
-    "test": "npm run migrate_test && src/test/setupTest && BOX_ENV=test ./node_modules/istanbul/lib/cli.js test $1 ./node_modules/mocha/bin/_mocha -- --exit -R spec ./src/test ./src/routes/test",
+    "test": "npm run migrate_test && src/test/setupTest && BOX_ENV=test ./node_modules/istanbul/lib/cli.js test $1 ./node_modules/mocha/bin/_mocha -- --no-timeouts --exit -R spec ./src/test ./src/routes/test",
     "postmerge": "/bin/true",
     "precommit": "/bin/true",
     "prepush": "npm test",

scripts/cloudron-provision

@@ -2,37 +2,47 @@
 
 set -eu -o pipefail
 
-readonly curl="curl --fail --connect-timeout 20 --retry 10 --retry-delay 2 --max-time 2400"
+readonly curl="curl --fail --connect-timeout 20 --retry 10 --retry-delay 2 --max-time 2400 --http1.1"
 
 ip=""
-zone=""
-subdomain=""
-cloudflare_token=""
-cloudflare_email=""
+dns_config=""
 tls_cert_file=""
 tls_key_file=""
-appstore_id=""
-appstore_token=""
+license_file=""
+backup_config=""
 
-args=$(getopt -o "" -l "subdomain:,zone:,ip:,cloudflare-token:,cloudflare-email:,tls-cert:,tls-key:,appstore-id:,appstore-token:" -n "$0" -- "$@")
+args=$(getopt -o "" -l "ip:,backup-config:,license:,dns-config:,tls-cert:,tls-key:" -n "$0" -- "$@")
 eval set -- "${args}"
 
 while true; do
     case "$1" in
     --ip) ip="$2"; shift 2;;
-    --subdomain) subdomain="$2"; shift 2;;
-    --zone) zone="$2"; shift 2;;
-    --cloudflare-token) cloudflare_token="$2"; shift 2;;
-    --cloudflare-email) cloudflare_email="$2"; shift 2;;
+    --dns-config) dns_config="$2"; shift 2;;
     --tls-cert) tls_cert_file="$2"; shift 2;;
     --tls-key) tls_key_file="$2"; shift 2;;
-    --appstore-id) appstore_id="$2"; shift 2;;
-    --appstore-token) appstore_token="$2"; shift 2;;
+    --license) license_file="$2"; shift 2;;
+    --backup-config) backup_config="$2"; shift 2;;
     --) break;;
     *) echo "Unknown option $1"; exit 1;;
     esac
 done
 
+# validate arguments in the absence of data
+if [[ -z "${ip}" ]]; then
+    echo "--ip is required"
+    exit 1
+fi
+
+if [[ -z "${dns_config}" ]]; then
+    echo "--dns-config is required"
+    exit 1
+fi
+
+if [[ ! -f "${license_file}" ]]; then
+    echo "--license must be a valid license file"
+    exit 1
+fi
+
 function get_status() {
     key="$1"
     if status=$($curl -q -f -k "https://${ip}/api/v1/cloudron/status" 2>/dev/null); then
@@ -63,23 +73,34 @@ function wait_for_status() {
 echo "=> Waiting for cloudron to be ready"
 wait_for_status "version" '*'
 
-echo "Provisioning Cloudron ${subdomain}.${zone}"
+domain=$(echo "${dns_config}" | python3 -c 'import json,sys;obj=json.load(sys.stdin);print(obj["domain"])')
+
+echo "Provisioning Cloudron ${domain}"
 if [[ -n "${tls_cert_file}" && -n "${tls_key_file}" ]]; then
     tls_cert=$(cat "${tls_cert_file}" | awk '{printf "%s\\n", $0}')
     tls_key=$(cat "${tls_key_file}" | awk '{printf "%s\\n", $0}')
     fallback_cert=$(printf '{ "cert": "%s", "key": "%s", "provider": "fallback", "restricted": true }' "${tls_cert}" "${tls_key}")
 else
-    fallback_cert=null
+    fallback_cert=None
 fi
 
-setupData=$(printf '{ "dnsConfig": { "domain": "%s", "provider": "cloudflare", "config": { "token": "%s", "email": "%s", "hyphenatedSubdomains": true }, "tlsConfig": { "provider": "fallback" }, "fallbackCertificate": %s }, "autoconf": { "appstoreConfig": { "userId": "%s", "token": "%s" } } }' "${subdomain}.${zone}" "${cloudflare_token}" "${cloudflare_email}" "${fallback_cert}" "${appstore_id}" "${appstore_token}")
+tls_config='{ "provider": "fallback" }'
+dns_config=$(echo "${dns_config}" | python3 -c "import json,sys;obj=json.load(sys.stdin);obj.update(tlsConfig=${tls_config});obj.update(fallbackCertficate=${fallback_cert});print(json.dumps(obj))")
+
+license=$(cat "${license_file}")
+
+if [[ -z "${backup_config:-}" ]]; then
+    backup_config='{ "provider": "filesystem", "backupFolder": "/var/backups", "format": "tgz" }'
+fi
+
+setupData=$(printf '{ "dnsConfig": %s, "autoconf": { "appstoreConfig": %s, "backupConfig": %s } }' "${dns_config}" "${license}" "${backup_config}")
 
 if ! setupResult=$($curl -kq -X POST -H "Content-Type: application/json" -d "${setupData}" https://${ip}/api/v1/cloudron/setup); then
-    echo "Failed to setup with ${setupData}: ${setupResult}"
+    echo "Failed to setup with ${setupData} ${setupResult}"
     exit 1
 fi
 
 wait_for_status "webadminStatus" '*"tls": true*'
 
-echo "Cloudron is ready at https://my-${subdomain}.${zone}"
+echo "Cloudron is ready at https://my-${domain}"
 

scripts/cloudron-setup

@@ -94,7 +94,7 @@ echo "Running cloudron-setup with args : $@" > "${LOG_FILE}"
 
 # validate arguments in the absence of data
 if [[ -z "${provider}" ]]; then
-    echo "--provider is required (azure, digitalocean, ec2, exoscale, gce, hetzner, lightsail, linode, ovh, rosehosting, scaleway, vultr or generic)"
+    echo "--provider is required (azure, digitalocean, ec2, exoscale, gce, hetzner, lightsail, linode, netcup, ovh, rosehosting, scaleway, vultr or generic)"
     exit 1
 elif [[  \
             "${provider}" != "ami" && \
@@ -110,13 +110,14 @@ elif [[  \
             "${provider}" != "hetzner" && \
             "${provider}" != "lightsail" && \
             "${provider}" != "linode" && \
+            "${provider}" != "netcup" && \
             "${provider}" != "ovh" && \
             "${provider}" != "rosehosting" && \
             "${provider}" != "scaleway" && \
             "${provider}" != "vultr" && \
             "${provider}" != "generic" \
         ]]; then
-    echo "--provider must be one of: azure, cloudscale.ch, digitalocean, ec2, exoscale, galaxygate, gce, hetzner, lightsail, linode, ovh, rosehosting, scaleway, vultr or generic"
+    echo "--provider must be one of: azure, cloudscale.ch, digitalocean, ec2, exoscale, galaxygate, gce, hetzner, lightsail, linode, netcup, ovh, rosehosting, scaleway, vultr or generic"
     exit 1
 fi
 
@@ -137,6 +138,12 @@ echo " Join us at https://forum.cloudron.io for any questions."
 echo ""
 
 if [[ "${initBaseImage}" == "true" ]]; then
+    echo "=> Ensure required apt sources"
+    if ! add-apt-repository universe &>> "${LOG_FILE}"; then
+        echo "Could not add required apt sources (for nginx-full). See ${LOG_FILE}"
+        exit 1
+    fi
+
     echo "=> Updating apt and installing script dependencies"
     if ! apt-get update &>> "${LOG_FILE}"; then
         echo "Could not update package repositories. See ${LOG_FILE}"
@@ -231,10 +238,15 @@ while true; do
     sleep 10
 done
 
-echo -e "\n\n${GREEN}Visit https://<IP> and accept the self-signed certificate to finish setup.${DONE}"
+echo -e "\n\n${GREEN}Visit https://<IP> and accept the self-signed certificate to finish setup.${DONE}\n"
 
 if [[ "${rebootServer}" == "true" ]]; then
-    echo -e "\n${RED}Rebooting this server now to let changes take effect.${DONE}\n"
-    systemctl stop mysql # sometimes mysql ends up having corrupt privilege tables
-    systemctl reboot
+    systemctl stop box mysql # sometimes mysql ends up having corrupt privilege tables
+
+    read -p "This server has to rebooted to apply all the settings. Reboot now ? [Y/n] " yn
+    yn=${yn:-y}
+    case $yn in
+        [Yy]* ) systemctl reboot;;
+        * ) exit;;
+    esac
 fi

scripts/cloudron-support

@@ -1,9 +1,19 @@
 #!/bin/bash
 
+# This script collects diagnostic information to help debug server related issues
+# It also enables SSH access for the cloudron support team
+
 PASTEBIN="https://paste.cloudron.io"
 OUT="/tmp/cloudron-support.log"
 LINE="\n========================================================\n"
 CLOUDRON_SUPPORT_PUBLIC_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQVilclYAIu+ioDp/sgzzFz6YU0hPcRYY7ze/LiF/lC7uQqK062O54BFXTvQ3ehtFZCx3bNckjlT2e6gB8Qq07OM66De4/S/g+HJW4TReY2ppSPMVNag0TNGxDzVH8pPHOysAm33LqT2b6L/wEXwC6zWFXhOhHjcMqXvi8Ejaj20H1HVVcf/j8qs5Thkp9nAaFTgQTPu8pgwD8wDeYX1hc9d0PYGesTADvo6HF4hLEoEnefLw7PaStEbzk2fD3j7/g5r5HcgQQXBe74xYZ/1gWOX2pFNuRYOBSEIrNfJEjFJsqk3NR1+ZoMGK7j+AZBR4k0xbrmncQLcQzl6MMDzkp support@cloudron.io"
+HELP_MESSAGE="
+This script collects diagnostic information to help debug server related issues
+
+ Options:
+   --enable-ssh    Enable SSH access for the Cloudron support team
+   --help          Show this message
+"
 
 # We require root
 if [[ ${EUID} -ne 0 ]]; then
@@ -11,13 +21,45 @@ if [[ ${EUID} -ne 0 ]]; then
     exit 1
 fi
 
+enableSSH="false"
+
+args=$(getopt -o "" -l "help,enable-ssh" -n "$0" -- "$@")
+eval set -- "${args}"
+
+while true; do
+    case "$1" in
+    --help) echo -e "${HELP_MESSAGE}"; exit 0;;
+    --enable-ssh) enableSSH="true"; shift;;
+    --) break;;
+    *) echo "Unknown option $1"; exit 1;;
+    esac
+done
+
+# check if at least 10mb root partition space is available
+if [[ "`df --output="avail" / | sed -n 2p`" -lt "10240" ]]; then
+    echo "No more space left on /"
+    echo "This is likely the root case of the issue. Free up some space and also check other partitions below:"
+    echo ""
+    df -h
+    echo ""
+    echo "To recover from a full disk, follow the guide at https://cloudron.io/documentation/server/#recovery-after-disk-full"
+    exit 1
+fi
+
+# check for at least 5mb free /tmp space for the log file
+if [[ "`df --output="avail" /tmp | sed -n 2p`" -lt "5120" ]]; then
+    echo "Not enough space left on /tmp"
+    echo "Free up some space first by deleting files from /tmp"
+    exit 1
+fi
+
 echo -n "Generating Cloudron Support stats..."
 
 # clear file
 rm -rf $OUT
 
 ssh_port=$(cat /etc/ssh/sshd_config | grep "Port " | sed -e "s/.*Port //")
-if [[ $SUDO_USER === "" ]]; then
+if [[ $SUDO_USER == "" ]]; then
     ssh_user="root"
     ssh_folder="/root/.ssh/"
     authorized_key_file="${ssh_folder}/authorized_keys"
@@ -35,7 +77,9 @@ echo -e $LINE"cloudron.conf"$LINE >> $OUT
 cat /etc/cloudron/cloudron.conf &>> $OUT
 
 echo -e $LINE"Docker container"$LINE >> $OUT
-docker ps -a &>> $OUT
+if ! timeout --kill-after 10s 15s docker ps -a &>> $OUT 2>&1; then
+    echo -e "Docker is not responding" >> $OUT
+fi
 
 echo -e $LINE"Filesystem stats"$LINE >> $OUT
 df -h &>> $OUT
@@ -43,6 +87,9 @@ df -h &>> $OUT
 echo -e $LINE"System daemon status"$LINE >> $OUT
 systemctl status --lines=100 cloudron.target box mysql unbound cloudron-syslog nginx collectd docker &>> $OUT
 
+echo -e $LINE"Box logs"$LINE >> $OUT
+tail -n 100 /home/yellowtent/platformdata/logs/box.log &>> $OUT
+
 echo -e $LINE"Firewall chains"$LINE >> $OUT
 iptables -L &>> $OUT
 
@@ -53,14 +100,16 @@ echo -n "Uploading information..."
 paste_key=$(curl -X POST ${PASTEBIN}/documents --silent -d "$(cat $OUT)" | python3 -c "import sys, json; print(json.load(sys.stdin)['key'])")
 echo "Done"
 
-echo -n "Enabling ssh access for the Cloudron support team..."
-mkdir -p "${ssh_folder}"
-echo "${CLOUDRON_SUPPORT_PUBLIC_KEY}" >> ${authorized_key_file}
-chown -R ${ssh_user} "${ssh_folder}"
-chmod 600 "${authorized_key_file}"
-echo "Done"
+if [[ "${enableSSH}" == "true" ]]; then
+    echo -n "Enabling ssh access for the Cloudron support team..."
+    mkdir -p "${ssh_folder}"
+    echo "${CLOUDRON_SUPPORT_PUBLIC_KEY}" >> ${authorized_key_file}
+    chown -R ${ssh_user} "${ssh_folder}"
+    chmod 600 "${authorized_key_file}"
+    echo "Done"
+fi
 
 echo ""
-echo "Please send the following link to support@cloudron.io"
+echo "Please email the following link to support@cloudron.io"
 echo ""
 echo "${PASTEBIN}/${paste_key}"

scripts/installer.sh

@@ -86,8 +86,14 @@ images=$(node -e "var i = require('${box_src_tmp_dir}/src/infra_version.js'); co
 
 echo -e "\tPulling docker images: ${images}"
 for image in ${images}; do
-    docker pull "${image}"           # this pulls the image using the sha256
-    docker pull "${image%@sha256:*}" # this will tag the image for readability
+    if ! docker pull "${image}"; then           # this pulls the image using the sha256
+        echo "==> installer: Could not pull ${image}"
+        exit 5
+    fi
+    if ! docker pull "${image%@sha256:*}"; then  # this will tag the image for readability
+        echo "==> installer: Could not pull ${image%@sha256:*}"
+        exit 6
+   fi
 done
 
 echo "==> installer: update cloudron-syslog"

setup/start.sh

@@ -16,7 +16,7 @@ readonly BOX_DATA_DIR="${HOME_DIR}/boxdata" # box data
 readonly CONFIG_DIR="${HOME_DIR}/configs"
 
 readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-readonly get_config="$(realpath ${script_dir}/../node_modules/.bin/json) -f /etc/cloudron/cloudron.conf"
+readonly json="$(realpath ${script_dir}/../node_modules/.bin/json)"
 
 echo "==> Configuring docker"
 cp "${script_dir}/start/docker-cloudron-app.apparmor" /etc/apparmor.d/docker-cloudron-app
@@ -58,7 +58,7 @@ mkdir -p "${PLATFORM_DATA_DIR}/collectd/collectd.conf.d"
 mkdir -p "${PLATFORM_DATA_DIR}/logrotate.d"
 mkdir -p "${PLATFORM_DATA_DIR}/acme"
 mkdir -p "${PLATFORM_DATA_DIR}/backup"
-mkdir -p "${PLATFORM_DATA_DIR}/logs/backup"
+mkdir -p "${PLATFORM_DATA_DIR}/logs/backup" "${PLATFORM_DATA_DIR}/logs/updater" "${PLATFORM_DATA_DIR}/logs/tasks"
 mkdir -p "${PLATFORM_DATA_DIR}/update"
 
 mkdir -p "${BOX_DATA_DIR}/appicons"
@@ -91,12 +91,9 @@ setfacl -n -m u:${USER}:r /var/log/journal/*/system.journal
 echo "==> Creating config directory"
 mkdir -p "${CONFIG_DIR}"
 
-# migration for cloudron.conf file. Can be removed after 3.3
-if [[ ! -d /etc/cloudron ]]; then
-    echo "==> Migrating existing cloudron.conf to new location"
-    mkdir -p /etc/cloudron
-    cp "${CONFIG_DIR}/cloudron.conf" /etc/cloudron/cloudron.conf
-fi
+# remove old cloudron.conf. Can be removed after 3.4
+rm -f "${CONFIG_DIR}/cloudron.conf"
+$json -f /etc/cloudron/cloudron.conf -I -e "delete this.version" # remove the version field
 chown -R "${USER}" /etc/cloudron
 
 echo "==> Setting up unbound"
@@ -142,8 +139,8 @@ echo "==> Configuring logrotate"
 if ! grep -q "^include ${PLATFORM_DATA_DIR}/logrotate.d" /etc/logrotate.conf; then
     echo -e "\ninclude ${PLATFORM_DATA_DIR}/logrotate.d\n" >> /etc/logrotate.conf
 fi
-cp "${script_dir}/start/app-logrotate" "${PLATFORM_DATA_DIR}/logrotate.d/app-logrotate"
-chown root:root "${PLATFORM_DATA_DIR}/logrotate.d/app-logrotate"
+cp "${script_dir}/start/box-logrotate" "${script_dir}/start/app-logrotate" "${PLATFORM_DATA_DIR}/logrotate.d/"
+chown root:root "${PLATFORM_DATA_DIR}/logrotate.d/box-logrotate" "${PLATFORM_DATA_DIR}/logrotate.d/app-logrotate"
 
 echo "==> Adding motd message for admins"
 cp "${script_dir}/start/cloudron-motd" /etc/update-motd.d/92-cloudron

setup/start/box-logrotate

@@ -0,0 +1,9 @@
+# logrotate config for box logs
+
+/home/yellowtent/platformdata/logs/box.log {
+    rotate 10
+    size 10M
+    # we never compress so we can simply tail the files
+    nocompress
+    copytruncate
+}

setup/start/nginx/appconfig.ejs

@@ -162,7 +162,7 @@ server {
         # graphite paths (uncomment block below and visit /graphite/index.html)
         # remember to comment out the CSP policy as well to access the graphite dashboard
         # location ~ ^/(graphite|content|metrics|dashboard|render|browser|composer)/ {
-        #     proxy_pass   http://127.0.0.1:8000;
+        #     proxy_pass   http://127.0.0.1:8417;
         #     client_max_body_size 1m;
         # }
 

setup/start/sudoers

@@ -4,8 +4,8 @@ Defaults !syslog
 Defaults!/home/yellowtent/box/src/scripts/rmvolume.sh env_keep="HOME BOX_ENV"
 yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/rmvolume.sh
 
-Defaults!/home/yellowtent/box/src/scripts/rmaddon.sh env_keep="HOME BOX_ENV"
-yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/rmaddon.sh
+Defaults!/home/yellowtent/box/src/scripts/rmaddondir.sh env_keep="HOME BOX_ENV"
+yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/rmaddondir.sh
 
 Defaults!/home/yellowtent/box/src/scripts/reloadnginx.sh env_keep="HOME BOX_ENV"
 yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/reloadnginx.sh
@@ -31,9 +31,15 @@ yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/authorized_keys
 Defaults!/home/yellowtent/box/src/scripts/configurelogrotate.sh env_keep="HOME BOX_ENV"
 yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/configurelogrotate.sh
 
-Defaults!/home/yellowtent/box/src/backuptask.js env_keep="HOME BOX_ENV"
-yellowtent ALL=(root) NOPASSWD:SETENV: /home/yellowtent/box/src/backuptask.js
+Defaults!/home/yellowtent/box/src/scripts/backupupload.js env_keep="HOME BOX_ENV"
+Defaults!/home/yellowtent/box/src/scripts/backupupload.js closefrom_override
+yellowtent ALL=(root) NOPASSWD:SETENV: /home/yellowtent/box/src/scripts/backupupload.js
 
 Defaults!/home/yellowtent/box/src/scripts/restart.sh env_keep="HOME BOX_ENV"
 yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/restart.sh
 
+Defaults!/home/yellowtent/box/src/scripts/restartdocker.sh env_keep="HOME BOX_ENV"
+yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/restartdocker.sh
+
+Defaults!/home/yellowtent/box/src/scripts/restartunbound.sh env_keep="HOME BOX_ENV"
+yellowtent ALL=(root) NOPASSWD: /home/yellowtent/box/src/scripts/restartunbound.sh

setup/start/systemd/box.service

@@ -12,7 +12,8 @@ Wants=cloudron-resize-fs.service
 Type=idle
 WorkingDirectory=/home/yellowtent/box
 Restart=always
-ExecStart=/usr/bin/node --max_old_space_size=150 /home/yellowtent/box/box.js
+; Systemd does not append logs when logging to files, we spawn a shell first and exec to replace it after setting up the pipes
+ExecStart=/bin/sh -c 'echo "Logging to /home/yellowtent/platformdata/logs/box.log"; exec /usr/bin/node --max_old_space_size=150 /home/yellowtent/box/box.js >> /home/yellowtent/platformdata/logs/box.log 2>&1'
 Environment="HOME=/home/yellowtent" "USER=yellowtent" "DEBUG=box*,connect-lastmile" "BOX_ENV=cloudron" "NODE_ENV=production"
 ; kill apptask processes as well
 KillMode=control-group

src/appdb.js

@@ -18,6 +18,7 @@ exports = module.exports = {
     getAddonConfigByName: getAddonConfigByName,
     unsetAddonConfig: unsetAddonConfig,
     unsetAddonConfigByAppId: unsetAddonConfigByAppId,
+    getAppIdByAddonConfigValue: getAppIdByAddonConfigValue,
 
     setHealth: setHealth,
     setInstallationCommand: setInstallationCommand,
@@ -61,7 +62,6 @@ var assert = require('assert'),
     async = require('async'),
     database = require('./database.js'),
     DatabaseError = require('./databaseerror'),
-    mailboxdb = require('./mailboxdb.js'),
     safe = require('safetydance'),
     util = require('util');
 
@@ -69,7 +69,7 @@ var APPS_FIELDS_PREFIXED = [ 'apps.id', 'apps.appStoreId', 'apps.installationSta
     'apps.health', 'apps.containerId', 'apps.manifestJson', 'apps.httpPort', 'subdomains.subdomain AS location', 'subdomains.domain',
     'apps.accessRestrictionJson', 'apps.restoreConfigJson', 'apps.oldConfigJson', 'apps.updateConfigJson', 'apps.memoryLimit',
     'apps.xFrameOptions', 'apps.sso', 'apps.debugModeJson', 'apps.robotsTxt', 'apps.enableBackup',
-    'apps.creationTime', 'apps.updateTime', 'apps.ownerId', 'apps.ts' ].join(',');
+    'apps.creationTime', 'apps.updateTime', 'apps.ownerId', 'apps.mailboxName', 'apps.enableAutomaticUpdate', 'apps.ts' ].join(',');
 
 var PORT_BINDINGS_FIELDS = [ 'hostPort', 'type', 'environmentVariable', 'appId' ].join(',');
 
@@ -120,6 +120,7 @@ function postProcess(result) {
 
     result.sso = !!result.sso; // make it bool
     result.enableBackup = !!result.enableBackup; // make it bool
+    result.enableAutomaticUpdate = !!result.enableAutomaticUpdate; // make it bool
 
     assert(result.debugModeJson === null || typeof result.debugModeJson === 'string');
     result.debugMode = safe.JSON.parse(result.debugModeJson);
@@ -276,13 +277,14 @@ function add(id, appStoreId, manifest, location, domain, ownerId, portBindings,
     var robotsTxt = 'robotsTxt' in data ? data.robotsTxt : null;
     var debugModeJson = data.debugMode ? JSON.stringify(data.debugMode) : null;
     var env = data.env || {};
+    const mailboxName = data.mailboxName || null;
 
     var queries = [];
 
     queries.push({
-        query: 'INSERT INTO apps (id, appStoreId, manifestJson, installationState, accessRestrictionJson, memoryLimit, xFrameOptions, restoreConfigJson, sso, debugModeJson, robotsTxt, ownerId) ' +
-            ' VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',
-        args: [ id, appStoreId, manifestJson, installationState, accessRestrictionJson, memoryLimit, xFrameOptions, restoreConfigJson, sso, debugModeJson, robotsTxt, ownerId ]
+        query: 'INSERT INTO apps (id, appStoreId, manifestJson, installationState, accessRestrictionJson, memoryLimit, xFrameOptions, restoreConfigJson, sso, debugModeJson, robotsTxt, ownerId, mailboxName) ' +
+            ' VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',
+        args: [ id, appStoreId, manifestJson, installationState, accessRestrictionJson, memoryLimit, xFrameOptions, restoreConfigJson, sso, debugModeJson, robotsTxt, ownerId, mailboxName ]
     });
 
     queries.push({
@@ -304,14 +306,6 @@ function add(id, appStoreId, manifest, location, domain, ownerId, portBindings,
         });
     });
 
-    // only allocate a mailbox if mailboxName is set
-    if (data.mailboxName) {
-        queries.push({
-            query: 'INSERT INTO mailboxes (name, type, domain, ownerId, ownerType) VALUES (?, ?, ?, ?, ?)',
-            args: [ data.mailboxName, mailboxdb.TYPE_MAILBOX, domain, id, mailboxdb.OWNER_TYPE_APP ]
-        });
-    }
-
     if (data.alternateDomains) {
         data.alternateDomains.forEach(function (d) {
             queries.push({
@@ -376,7 +370,6 @@ function del(id, callback) {
 
     var queries = [
         { query: 'DELETE FROM subdomains WHERE appId = ?', args: [ id ] },
-        { query: 'DELETE FROM mailboxes WHERE ownerId=?', args: [ id ] },
         { query: 'DELETE FROM appPortBindings WHERE appId = ?', args: [ id ] },
         { query: 'DELETE FROM appEnvVars WHERE appId = ?', args: [ id ] },
         { query: 'DELETE FROM apps WHERE id = ?', args: [ id ] }
@@ -384,7 +377,7 @@ function del(id, callback) {
 
     database.transaction(queries, function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
-        if (results[4].affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+        if (results[3].affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
         callback(null);
     });
@@ -442,12 +435,8 @@ function updateWithConstraints(id, app, constraints, callback) {
         });
     }
 
-    if ('location' in app) {
-        queries.push({ query: 'UPDATE subdomains SET subdomain = ? WHERE appId = ? AND type = ?', args: [ app.location, id, exports.SUBDOMAIN_TYPE_PRIMARY ]});
-    }
-
-    if ('domain' in app) {
-        queries.push({ query: 'UPDATE subdomains SET domain = ? WHERE appId = ? AND type = ?', args: [ app.domain, id, exports.SUBDOMAIN_TYPE_PRIMARY ]});
+    if ('location' in app && 'domain' in app) { // must be updated together as they are unique together
+        queries.push({ query: 'UPDATE subdomains SET subdomain = ?, domain = ? WHERE appId = ? AND type = ?', args: [ app.location, app.domain, id, exports.SUBDOMAIN_TYPE_PRIMARY ]});
     }
 
     if ('alternateDomains' in app) {
@@ -621,6 +610,20 @@ function getAddonConfigByAppId(appId, callback) {
     });
 }
 
+function getAppIdByAddonConfigValue(addonId, name, value, callback) {
+    assert.strictEqual(typeof addonId, 'string');
+    assert.strictEqual(typeof name, 'string');
+    assert.strictEqual(typeof value, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT appId FROM appAddonConfigs WHERE addonId = ? AND name = ? AND value = ?', [ addonId, name, value ], function (error, results) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (results.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        callback(null, results[0].appId);
+    });
+}
+
 function getAddonConfigByName(appId, addonId, name, callback) {
     assert.strictEqual(typeof appId, 'string');
     assert.strictEqual(typeof addonId, 'string');

src/apps.js

@@ -72,7 +72,6 @@ var appdb = require('./appdb.js'),
     eventlog = require('./eventlog.js'),
     fs = require('fs'),
     mail = require('./mail.js'),
-    mailboxdb = require('./mailboxdb.js'),
     manifestFormat = require('cloudron-manifestformat'),
     os = require('os'),
     path = require('path'),
@@ -154,7 +153,8 @@ function validatePortBindings(portBindings, manifest) {
         config.get('ldapPort'), /* ldap server (lo) */
         3306, /* mysql (lo) */
         4190, /* managesieve */
-        8000, /* graphite (lo) */
+        8000, /* ESXi monitoring */
+        8417, /* graphite (lo) */
     ];
 
     if (!portBindings) return null;
@@ -346,7 +346,7 @@ function removeInternalFields(app) {
         'location', 'domain', 'fqdn', 'mailboxName',
         'accessRestriction', 'manifest', 'portBindings', 'iconUrl', 'memoryLimit', 'xFrameOptions',
         'sso', 'debugMode', 'robotsTxt', 'enableBackup', 'creationTime', 'updateTime', 'ts',
-        'alternateDomains', 'ownerId', 'env');
+        'alternateDomains', 'ownerId', 'env', 'enableAutomaticUpdate');
 }
 
 function removeRestrictedFields(app) {
@@ -399,13 +399,7 @@ function get(appId, callback) {
             app.fqdn = domains.fqdn(app.location, domainObjectMap[app.domain]);
             app.alternateDomains.forEach(function (ad) { ad.fqdn = domains.fqdn(ad.subdomain, domainObjectMap[ad.domain]); });
 
-            mailboxdb.getByOwnerId(app.id, function (error, mailboxes) {
-                if (error && error.reason !== DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
-
-                if (!error) app.mailboxName = mailboxes[0].name;
-
-                callback(null, app);
-            });
+            callback(null, app);
         });
     });
 }
@@ -439,13 +433,7 @@ function getByIpAddress(ip, callback) {
                     app.fqdn = domains.fqdn(app.location, domainObjectMap[app.domain]);
                     app.alternateDomains.forEach(function (ad) { ad.fqdn = domains.fqdn(ad.subdomain, domainObjectMap[ad.domain]); });
 
-                    mailboxdb.getByOwnerId(app.id, function (error, mailboxes) {
-                        if (error && error.reason !== DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
-
-                        if (!error) app.mailboxName = mailboxes[0].name;
-
-                        callback(null, app);
-                    });
+                    callback(null, app);
                 });
             });
         });
@@ -471,13 +459,7 @@ function getAll(callback) {
                 app.fqdn = domains.fqdn(app.location, domainObjectMap[app.domain]);
                 app.alternateDomains.forEach(function (ad) { ad.fqdn = domains.fqdn(ad.subdomain, domainObjectMap[ad.domain]); });
 
-                mailboxdb.getByOwnerId(app.id, function (error, mailboxes) {
-                    if (error && error.reason !== DatabaseError.NOT_FOUND) return iteratorDone(new AppsError(AppsError.INTERNAL_ERROR, error));
-
-                    if (!error) app.mailboxName = mailboxes[0].name;
-
-                    iteratorDone(null, app);
-                });
+                iteratorDone(null, app);
             }, function (error) {
                 if (error) return callback(error);
 
@@ -543,11 +525,13 @@ function install(data, user, auditSource, callback) {
         debugMode = data.debugMode || null,
         robotsTxt = data.robotsTxt || null,
         enableBackup = 'enableBackup' in data ? data.enableBackup : true,
+        enableAutomaticUpdate = 'enableAutomaticUpdate' in data ? data.enableAutomaticUpdate : true,
         backupId = data.backupId || null,
         backupFormat = data.backupFormat || 'tgz',
         ownerId = data.ownerId,
         alternateDomains = data.alternateDomains || [],
-        env = data.env || {};
+        env = data.env || {},
+        mailboxName = data.mailboxName || '';
 
     assert(data.appStoreId || data.manifest); // atleast one of them is required
 
@@ -588,6 +572,13 @@ function install(data, user, auditSource, callback) {
         error = validateEnv(env);
         if (error) return callback(error);
 
+        if (mailboxName) {
+            error = mail.validateName(mailboxName);
+            if (error) return callback(error);
+        } else {
+            mailboxName = mailboxNameForLocation(location, manifest);
+        }
+
         var appId = uuid.v4();
 
         if (icon) {
@@ -621,9 +612,10 @@ function install(data, user, auditSource, callback) {
                 xFrameOptions: xFrameOptions,
                 sso: sso,
                 debugMode: debugMode,
-                mailboxName: mailboxNameForLocation(location, manifest),
+                mailboxName: mailboxName,
                 restoreConfig: backupId ? { backupId: backupId, backupFormat: backupFormat } : null,
                 enableBackup: enableBackup,
+                enableAutomaticUpdate: enableAutomaticUpdate,
                 robotsTxt: robotsTxt,
                 alternateDomains: alternateDomains,
                 env: env
@@ -682,12 +674,14 @@ function configure(appId, data, user, auditSource, callback) {
     get(appId, function (error, app) {
         if (error) return callback(error);
 
-        let domain, location, portBindings, values = { }, mailboxName;
-        if ('location' in data) location = values.location = data.location.toLowerCase();
-        else location = app.location;
-
-        if ('domain' in data) domain = values.domain = data.domain.toLowerCase();
-        else domain = app.domain;
+        let domain, location, portBindings, values = { };
+        if ('location' in data && 'domain' in data) {
+            location = values.location = data.location.toLowerCase();
+            domain = values.domain = data.domain.toLowerCase();
+        } else {
+            location = app.location;
+            domain = app.domain;
+        }
 
         if ('accessRestriction' in data) {
             values.accessRestriction = data.accessRestriction;
@@ -729,15 +723,15 @@ function configure(appId, data, user, auditSource, callback) {
         }
 
         if ('mailboxName' in data) {
-            if (data.mailboxName === '') { // special case to reset back to .app
-                mailboxName = mailboxNameForLocation(location, app.manifest);
-            } else {
+            if (data.mailboxName) {
                 error = mail.validateName(data.mailboxName);
                 if (error) return callback(error);
-                mailboxName = data.mailboxName;
+                values.mailboxName = data.mailboxName;
+            } else {
+                values.mailboxName = mailboxNameForLocation(location, app.manifest);
             }
         } else { // keep existing name or follow the new location
-            mailboxName = app.mailboxName.endsWith('.app') ? mailboxNameForLocation(location, app.manifest) : app.mailboxName;
+            values.mailboxName = app.mailboxName.endsWith('.app') ? mailboxNameForLocation(location, app.manifest) : app.mailboxName;
         }
 
         if ('alternateDomains' in data) {
@@ -773,34 +767,26 @@ function configure(appId, data, user, auditSource, callback) {
             }
 
             if ('enableBackup' in data) values.enableBackup = data.enableBackup;
+            if ('enableAutomaticUpdate' in data) values.enableAutomaticUpdate = data.enableAutomaticUpdate;
 
             values.oldConfig = getAppConfig(app);
 
             debug('Will configure app with id:%s values:%j', appId, values);
 
-            // make the mailbox name follow the apps new location, if the user did not set it explicitly
-            mailboxdb.updateName(app.mailboxName /* old */, values.oldConfig.domain, mailboxName, domain, function (error) {
-                if (mailboxName.endsWith('.app')) error = null; // ignore internal mailbox conflict errors since we want to show location conflict errors in the UI
-
-                if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new AppsError(AppsError.ALREADY_EXISTS, 'This mailbox is already taken'));
+            appdb.setInstallationCommand(appId, appdb.ISTATE_PENDING_CONFIGURE, values, function (error) {
+                if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(getDuplicateErrorDetails(location, portBindings, error));
                 if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.BAD_STATE));
                 if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
 
-                appdb.setInstallationCommand(appId, appdb.ISTATE_PENDING_CONFIGURE, values, function (error) {
-                    if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(getDuplicateErrorDetails(location, portBindings, error));
-                    if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.BAD_STATE));
+                taskmanager.restartAppTask(appId);
+
+                // fetch fresh app object for eventlog
+                get(appId, function (error, result) {
                     if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
 
-                    taskmanager.restartAppTask(appId);
+                    eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, { appId: appId, app: result });
 
-                    // fetch fresh app object for eventlog
-                    get(appId, function (error, result) {
-                        if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
-
-                        eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, { appId: appId, app: result });
-
-                        callback(null);
-                    });
+                    callback(null);
                 });
             });
         });
@@ -987,7 +973,8 @@ function clone(appId, data, user, auditSource, callback) {
         domain = data.domain.toLowerCase(),
         portBindings = data.portBindings || null,
         backupId = data.backupId,
-        ownerId = data.ownerId;
+        ownerId = data.ownerId,
+        mailboxName = data.mailboxName || '';
 
     assert.strictEqual(typeof backupId, 'string');
     assert.strictEqual(typeof location, 'string');
@@ -1005,13 +992,22 @@ function clone(appId, data, user, auditSource, callback) {
 
             if (!backupInfo.manifest) callback(new AppsError(AppsError.EXTERNAL_ERROR, 'Could not get restore config'));
 
+            const manifest = backupInfo.manifest;
+
             // re-validate because this new box version may not accept old configs
-            error = checkManifestConstraints(backupInfo.manifest);
+            error = checkManifestConstraints(manifest);
             if (error) return callback(error);
 
-            error = validatePortBindings(portBindings, backupInfo.manifest);
+            error = validatePortBindings(portBindings, manifest);
             if (error) return callback(error);
 
+            if (mailboxName) {
+                error = mail.validateName(mailboxName);
+                if (error) return callback(error);
+            } else {
+                mailboxName = mailboxNameForLocation(location, manifest);
+            }
+
             domains.get(domain, function (error, domainObject) {
                 if (error && error.reason === DomainsError.NOT_FOUND) return callback(new AppsError(AppsError.EXTERNAL_ERROR, 'No such domain'));
                 if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, 'Could not get domain info:' + error.message));
@@ -1020,7 +1016,7 @@ function clone(appId, data, user, auditSource, callback) {
                 error = domains.validateHostname(location, domainObject);
                 if (error) return callback(new AppsError(AppsError.BAD_FIELD, 'Bad location: ' + error.message));
 
-                var newAppId = uuid.v4(), manifest = backupInfo.manifest;
+                var newAppId = uuid.v4();
 
                 var data = {
                     installationState: appdb.ISTATE_PENDING_CLONE,
@@ -1029,7 +1025,7 @@ function clone(appId, data, user, auditSource, callback) {
                     xFrameOptions: app.xFrameOptions,
                     restoreConfig: { backupId: backupId, backupFormat: backupInfo.format },
                     sso: !!app.sso,
-                    mailboxName: (location ? location : manifest.title.toLowerCase().replace(/[^a-zA-Z0-9]/g, '')) + '.app',
+                    mailboxName: mailboxName,
                     enableBackup: app.enableBackup,
                     robotsTxt: app.robotsTxt,
                     env: app.env
@@ -1220,6 +1216,7 @@ function autoupdateApps(updateInfo, auditSource, callback) { // updateInfo is {
     assert.strictEqual(typeof callback, 'function');
 
     function canAutoupdateApp(app, newManifest) {
+        if (!app.enableAutomaticUpdate) return new Error('Automatic update disabled');
         if ((semver.major(app.manifest.version) !== 0) && (semver.major(app.manifest.version) !== semver.major(newManifest.version))) return new Error('Major version change'); // major changes are blocking
 
         const newTcpPorts = newManifest.tcpPorts || { };

src/apptask.js

@@ -55,6 +55,8 @@ var COLLECTD_CONFIG_EJS = fs.readFileSync(__dirname + '/collectd.config.ejs', {
     LOGROTATE_CONFIG_EJS = fs.readFileSync(__dirname + '/logrotate.ejs', { encoding: 'utf8' }),
     CONFIGURE_LOGROTATE_CMD = path.join(__dirname, 'scripts/configurelogrotate.sh');
 
+var NOOP_CALLBACK = function (error) { if (error) debug(error); };
+
 function initialize(callback) {
     assert.strictEqual(typeof callback, 'function');
 
@@ -210,7 +212,7 @@ function addCollectdProfile(app, callback) {
     var collectdConf = ejs.render(COLLECTD_CONFIG_EJS, { appId: app.id, containerId: app.containerId });
     fs.writeFile(path.join(paths.COLLECTD_APPCONFIG_DIR, app.id + '.conf'), collectdConf, function (error) {
         if (error) return callback(error);
-        shell.sudo('addCollectdProfile', [ CONFIGURE_COLLECTD_CMD, 'add', app.id ], callback);
+        shell.sudo('addCollectdProfile', [ CONFIGURE_COLLECTD_CMD, 'add', app.id ], {}, callback);
     });
 }
 
@@ -220,7 +222,7 @@ function removeCollectdProfile(app, callback) {
 
     fs.unlink(path.join(paths.COLLECTD_APPCONFIG_DIR, app.id + '.conf'), function (error) {
         if (error && error.code !== 'ENOENT') debugApp(app, 'Error removing collectd profile', error);
-        shell.sudo('removeCollectdProfile', [ CONFIGURE_COLLECTD_CMD, 'remove', app.id ], callback);
+        shell.sudo('removeCollectdProfile', [ CONFIGURE_COLLECTD_CMD, 'remove', app.id ], {}, callback);
     });
 }
 
@@ -239,7 +241,7 @@ function addLogrotateConfig(app, callback) {
         var tmpFilePath = path.join(os.tmpdir(), app.id + '.logrotate');
         fs.writeFile(tmpFilePath, logrotateConf, function (error) {
             if (error) return callback(error);
-            shell.sudo('addLogrotateConfig', [ CONFIGURE_LOGROTATE_CMD, 'add', app.id, tmpFilePath ], callback);
+            shell.sudo('addLogrotateConfig', [ CONFIGURE_LOGROTATE_CMD, 'add', app.id, tmpFilePath ], {}, callback);
         });
     });
 }
@@ -248,7 +250,7 @@ function removeLogrotateConfig(app, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    shell.sudo('removeLogrotateConfig', [ CONFIGURE_LOGROTATE_CMD, 'remove', app.id ], callback);
+    shell.sudo('removeLogrotateConfig', [ CONFIGURE_LOGROTATE_CMD, 'remove', app.id ], {}, callback);
 }
 
 function verifyManifest(manifest, callback) {
@@ -539,7 +541,7 @@ function install(app, callback) {
                     updateApp.bind(null, app, { installationProgress: '60, Download backup and restoring addons' }),
                     addons.setupAddons.bind(null, app, app.manifest.addons),
                     addons.clearAddons.bind(null, app, app.manifest.addons),
-                    backups.restoreApp.bind(null, app, app.manifest.addons, restoreConfig),
+                    backups.restoreApp.bind(null, app, app.manifest.addons, restoreConfig, (progress) => updateApp(app, { installationProgress: progress.message }, NOOP_CALLBACK))
                 ], next);
             }
         },
@@ -581,7 +583,7 @@ function backup(app, callback) {
 
     async.series([
         updateApp.bind(null, app, { installationProgress: '10, Backing up' }),
-        backups.backupApp.bind(null, app),
+        backups.backupApp.bind(null, app, (progress) => updateApp(app, { installationProgress: progress.message }, NOOP_CALLBACK)),
 
         // done!
         function (callback) {
@@ -694,7 +696,7 @@ function update(app, callback) {
 
             async.series([
                 updateApp.bind(null, app, { installationProgress: '15, Backing up app' }),
-                backups.backupApp.bind(null, app)
+                backups.backupApp.bind(null, app, (progress) => updateApp(app, { installationProgress: progress.message }, NOOP_CALLBACK))
             ], function (error) {
                 if (error) error.backupError = true;
                 next(error);

src/backups.js

@@ -10,9 +10,9 @@ exports = module.exports = {
 
     get: get,
 
+    startBackupTask: startBackupTask,
     ensureBackup: ensureBackup,
 
-    backup: backup,
     restore: restore,
 
     backupApp: backupApp,
@@ -53,7 +53,6 @@ var addons = require('./addons.js'),
     once = require('once'),
     path = require('path'),
     paths = require('./paths.js'),
-    progress = require('./progress.js'),
     progressStream = require('progress-stream'),
     safe = require('safetydance'),
     shell = require('./shell.js'),
@@ -61,12 +60,12 @@ var addons = require('./addons.js'),
     superagent = require('superagent'),
     syncer = require('./syncer.js'),
     tar = require('tar-fs'),
+    tasks = require('./tasks.js'),
     util = require('util'),
     zlib = require('zlib');
 
-var NOOP_CALLBACK = function (error) { if (error) debug(error); };
-
-var BACKUPTASK_CMD = path.join(__dirname, 'backuptask.js');
+const NOOP_CALLBACK = function (error) { if (error) debug(error); };
+const BACKUP_UPLOAD_CMD = path.join(__dirname, 'scripts/backupupload.js');
 
 function debugApp(app) {
     assert(typeof app === 'object');
@@ -181,11 +180,6 @@ function getBackupFilePath(backupConfig, backupId, format) {
     }
 }
 
-function log(detail) {
-    safe.fs.appendFileSync(paths.BACKUP_LOG_FILE, detail + '\n', 'utf8');
-    progress.setDetail(progress.BACKUP, detail);
-}
-
 function encryptFilePath(filePath, key) {
     assert.strictEqual(typeof filePath, 'string');
     assert.strictEqual(typeof key, 'string');
@@ -238,10 +232,6 @@ function createReadStream(sourceFile, key) {
         ps.emit('error', new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
     });
 
-    ps.on('progress', function(progress) {
-        debug('createReadStream: %s@%s (%s)', Math.round(progress.transferred/1024/1024) + 'M', Math.round(progress.speed/1024/1024) + 'Mbps', sourceFile);
-    });
-
     if (key !== null) {
         var encrypt = crypto.createCipher('aes-256-cbc', key);
         encrypt.on('error', function (error) {
@@ -287,7 +277,7 @@ function createTarPackStream(sourceDir, key) {
     });
 
     var gzip = zlib.createGzip({});
-    var ps = progressStream({ time: 10000 }); // display a progress every 10 seconds
+    var ps = progressStream({ time: 10000 }); // emit 'pgoress' every 10 seconds
 
     pack.on('error', function (error) {
         debug('createTarPackStream: tar stream error.', error);
@@ -299,10 +289,6 @@ function createTarPackStream(sourceDir, key) {
         ps.emit('error', new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
     });
 
-    ps.on('progress', function(progress) {
-        debug('createTarPackStream: %s@%s', Math.round(progress.transferred/1024/1024) + 'M', Math.round(progress.speed/1024/1024) + 'Mbps');
-    });
-
     if (key !== null) {
         var encrypt = crypto.createCipher('aes-256-cbc', key);
         encrypt.on('error', function (error) {
@@ -315,17 +301,13 @@ function createTarPackStream(sourceDir, key) {
     }
 }
 
-function sync(backupConfig, backupId, dataDir, callback) {
+function sync(backupConfig, backupId, dataDir, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof backupId, 'string');
     assert.strictEqual(typeof dataDir, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    function setBackupProgress(message) {
-        debug('%s', message);
-        safe.fs.writeFileSync(paths.BACKUP_RESULT_FILE, message);
-    }
-
     syncer.sync(dataDir, function processTask(task, iteratorCallback) {
         debug('sync: processing task: %j', task);
         // the empty task.path is special to signify the directory
@@ -333,12 +315,12 @@ function sync(backupConfig, backupId, dataDir, callback) {
         const backupFilePath = path.join(getBackupFilePath(backupConfig, backupId, backupConfig.format), destPath);
 
         if (task.operation === 'removedir') {
-            setBackupProgress(`Removing directory ${backupFilePath}`);
+            debug(`Removing directory ${backupFilePath}`);
             return api(backupConfig.provider).removeDir(backupConfig, backupFilePath)
-                .on('progress', setBackupProgress)
+                .on('progress', (message) => progressCallback({ message }))
                 .on('done', iteratorCallback);
         } else if (task.operation === 'remove') {
-            setBackupProgress(`Removing ${backupFilePath}`);
+            debug(`Removing ${backupFilePath}`);
             return api(backupConfig.provider).remove(backupConfig, backupFilePath, iteratorCallback);
         }
 
@@ -347,16 +329,19 @@ function sync(backupConfig, backupId, dataDir, callback) {
             retryCallback = once(retryCallback); // protect again upload() erroring much later after read stream error
 
             ++retryCount;
-            debug(`${task.operation} ${task.path} try ${retryCount}`);
+            progressCallback({ message: `${task.operation} ${task.path} try ${retryCount}` });
             if (task.operation === 'add') {
-                setBackupProgress(`Adding ${task.path} position ${task.position} try ${retryCount}`);
+                debug(`Adding ${task.path} position ${task.position} try ${retryCount}`);
                 var stream = createReadStream(path.join(dataDir, task.path), backupConfig.key || null);
                 stream.on('error', function (error) {
-                    setBackupProgress(`read stream error for ${task.path}: ${error.message}`);
+                    debug(`read stream error for ${task.path}: ${error.message}`);
                     retryCallback();
                 }); // ignore error if file disappears
+                stream.on('progress', function(progress) {
+                    progressCallback({ message: `Uploading ${task.path}: ${Math.round(progress.transferred/1024/1024)}M@${Math.round(progress.speed/1024/1024)}` });
+                });
                 api(backupConfig.provider).upload(backupConfig, backupFilePath, stream, function (error) {
-                    setBackupProgress(error ? `Error uploading ${task.path} try ${retryCount}: ${error.message}` : `Uploaded ${task.path}`);
+                    debug(error ? `Error uploading ${task.path} try ${retryCount}: ${error.message}` : `Uploaded ${task.path}`);
                     retryCallback(error);
                 });
             }
@@ -388,14 +373,15 @@ function saveFsMetadata(appDataDir, callback) {
     callback();
 }
 
-// this function is called via backuptask (since it needs root to traverse app's directory)
-function upload(backupId, format, dataDir, callback) {
+// this function is called via backupupload (since it needs root to traverse app's directory)
+function upload(backupId, format, dataDir, progressCallback, callback) {
     assert.strictEqual(typeof backupId, 'string');
     assert.strictEqual(typeof format, 'string');
     assert.strictEqual(typeof dataDir, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    debug('upload: id %s format %s dataDir %s', backupId, format, dataDir);
+    debug(`upload: id ${backupId} format ${format} dataDir ${dataDir}`);
 
     settings.getBackupConfig(function (error, backupConfig) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
@@ -405,6 +391,9 @@ function upload(backupId, format, dataDir, callback) {
                 retryCallback = once(retryCallback); // protect again upload() erroring much later after tar stream error
 
                 var tarStream = createTarPackStream(dataDir, backupConfig.key || null);
+                tarStream.on('progress', function(progress) {
+                    progressCallback({ message: `Uploading ${Math.round(progress.transferred/1024/1024)}M@${Math.round(progress.speed/1024/1024)}Mbps` });
+                });
                 tarStream.on('error', retryCallback); // already returns BackupsError
 
                 api(backupConfig.provider).upload(backupConfig, getBackupFilePath(backupConfig, backupId, format), tarStream, retryCallback);
@@ -412,7 +401,7 @@ function upload(backupId, format, dataDir, callback) {
         } else {
             async.series([
                 saveFsMetadata.bind(null, dataDir),
-                sync.bind(null, backupConfig, backupId, dataDir)
+                sync.bind(null, backupConfig, backupId, dataDir, progressCallback)
             ], callback);
         }
     });
@@ -435,10 +424,6 @@ function tarExtract(inStream, destination, key, callback) {
         callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
     });
 
-    ps.on('progress', function(progress) {
-        debug('tarExtract: %s@%s', Math.round(progress.transferred/1024/1024) + 'M', Math.round(progress.speed/1024/1024) + 'Mbps');
-    });
-
     gunzip.on('error', function (error) {
         debug('tarExtract: gunzip stream error.', error);
         callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
@@ -464,13 +449,15 @@ function tarExtract(inStream, destination, key, callback) {
     } else {
         inStream.pipe(ps).pipe(gunzip).pipe(extract);
     }
+
+    return ps;
 }
 
 function restoreFsMetadata(appDataDir, callback) {
     assert.strictEqual(typeof appDataDir, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    log('Recreating empty directories');
+    debug(`Recreating empty directories in ${appDataDir}`);
 
     var metadataJson = safe.fs.readFileSync(path.join(appDataDir, 'fsmetadata.json'), 'utf8');
     if (metadataJson === null) return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, 'Error loading fsmetadata.txt:' + safe.error.message));
@@ -492,10 +479,11 @@ function restoreFsMetadata(appDataDir, callback) {
     });
 }
 
-function downloadDir(backupConfig, backupFilePath, destDir, callback) {
+function downloadDir(backupConfig, backupFilePath, destDir, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof backupFilePath, 'string');
     assert.strictEqual(typeof destDir, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     debug(`downloadDir: ${backupFilePath} to ${destDir}`);
@@ -519,7 +507,7 @@ function downloadDir(backupConfig, backupFilePath, destDir, callback) {
                 let destStream = createWriteStream(destFilePath, backupConfig.key || null);
                 destStream.on('error', callback);
 
-                debug(`downloadDir: Copying ${entry.fullPath} to ${destFilePath}`);
+                progressCallback({ message: `Downloading ${entry.fullPath} to ${destFilePath}` });
 
                 sourceStream.pipe(destStream, { end: true }).on('finish', callback);
             });
@@ -531,25 +519,27 @@ function downloadDir(backupConfig, backupFilePath, destDir, callback) {
     }, callback);
 }
 
-function download(backupConfig, backupId, format, dataDir, callback) {
+function download(backupConfig, backupId, format, dataDir, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof backupId, 'string');
     assert.strictEqual(typeof format, 'string');
     assert.strictEqual(typeof dataDir, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    safe.fs.unlinkSync(paths.BACKUP_LOG_FILE); // start fresh log file
-
-    log(`Downloading ${backupId} of format ${format} to ${dataDir}`);
+    debug(`download - Downloading ${backupId} of format ${format} to ${dataDir}`);
 
     if (format === 'tgz') {
         api(backupConfig.provider).download(backupConfig, getBackupFilePath(backupConfig, backupId, format), function (error, sourceStream) {
             if (error) return callback(error);
 
-            tarExtract(sourceStream, dataDir, backupConfig.key || null, callback);
+            let ps = tarExtract(sourceStream, dataDir, backupConfig.key || null, callback);
+            ps.on('progress', function (progress) {
+                progressCallback({ message: `Downloading ${Math.round(progress.transferred/1024/1024)}M@${Math.round(progress.speed/1024/1024)}Mbps` });
+            });
         });
     } else {
-        downloadDir(backupConfig, getBackupFilePath(backupConfig, backupId, format), dataDir, function (error) {
+        downloadDir(backupConfig, getBackupFilePath(backupConfig, backupId, format), dataDir, progressCallback, function (error) {
             if (error) return callback(error);
 
             restoreFsMetadata(dataDir, callback);
@@ -557,12 +547,13 @@ function download(backupConfig, backupId, format, dataDir, callback) {
     }
 }
 
-function restore(backupConfig, backupId, callback) {
+function restore(backupConfig, backupId, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof backupId, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    download(backupConfig, backupId, backupConfig.format, paths.BOX_DATA_DIR, function (error) {
+    download(backupConfig, backupId, backupConfig.format, paths.BOX_DATA_DIR, progressCallback, function (error) {
         if (error) return callback(error);
 
         debug('restore: download completed, importing database');
@@ -577,10 +568,11 @@ function restore(backupConfig, backupId, callback) {
     });
 }
 
-function restoreApp(app, addonsToRestore, restoreConfig, callback) {
+function restoreApp(app, addonsToRestore, restoreConfig, progressCallback, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof addonsToRestore, 'object');
     assert.strictEqual(typeof restoreConfig, 'object');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     var appDataDir = safe.fs.realpathSync(path.join(paths.APPS_DATA_DIR, app.id));
@@ -591,7 +583,7 @@ function restoreApp(app, addonsToRestore, restoreConfig, callback) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
         async.series([
-            download.bind(null, backupConfig, restoreConfig.backupId, restoreConfig.backupFormat, appDataDir),
+            download.bind(null, backupConfig, restoreConfig.backupId, restoreConfig.backupFormat, appDataDir, progressCallback),
             addons.restoreAddons.bind(null, app, addonsToRestore)
         ], function (error) {
             debug('restoreApp: time: %s', (new Date() - startTime)/1000);
@@ -601,44 +593,27 @@ function restoreApp(app, addonsToRestore, restoreConfig, callback) {
     });
 }
 
-function runBackupTask(backupId, format, dataDir, callback) {
+function runBackupUpload(backupId, format, dataDir, progressCallback, callback) {
     assert.strictEqual(typeof backupId, 'string');
     assert.strictEqual(typeof format, 'string');
     assert.strictEqual(typeof dataDir, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    var killTimerId = null, progressTimerId = null;
-
-    var logStream = fs.createWriteStream(paths.BACKUP_LOG_FILE, { flags: 'a' });
-    var cp = shell.sudo(`backup-${backupId}`, [ BACKUPTASK_CMD, backupId, format, dataDir ], { env: process.env, logStream: logStream }, function (error) {
-        clearTimeout(killTimerId);
-        clearInterval(progressTimerId);
-
-        cp = null;
+    let result = '';
 
+    shell.sudo(`backup-${backupId}`, [ BACKUP_UPLOAD_CMD, backupId, format, dataDir ], { preserveEnv: true, ipc: true }, function (error) {
         if (error && (error.code === null /* signal */ || (error.code !== 0 && error.code !== 50))) { // backuptask crashed
             return callback(new BackupsError(BackupsError.INTERNAL_ERROR, 'Backuptask crashed'));
         } else if (error && error.code === 50) { // exited with error
-            var result = safe.fs.readFileSync(paths.BACKUP_RESULT_FILE, 'utf8') || safe.error.message;
             return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, result));
         }
 
         callback();
-    });
-
-    progressTimerId = setInterval(function () {
-        var result = safe.fs.readFileSync(paths.BACKUP_RESULT_FILE, 'utf8');
-        if (result) progress.setDetail(progress.BACKUP, result);
-    }, 1000); // every second
-
-    killTimerId = setTimeout(function () {
-        debug('runBackupTask: backup task taking too long. killing');
-        cp.kill();
-    }, 4 * 60 * 60 * 1000); // 4 hours
-
-    logStream.on('error', function (error) {
-        debug('runBackupTask: error in logging stream', error);
-        cp.kill();
+    }).on('message', function (message) {
+        if (!message.result) return progressCallback(message);
+        debug(`runBackupUpload: result - ${message}`);
+        result = message.result;
     });
 }
 
@@ -664,10 +639,11 @@ function setSnapshotInfo(id, info, callback) {
     callback();
 }
 
-function snapshotBox(callback) {
+function snapshotBox(progressCallback, callback) {
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    log('Snapshotting box');
+    progressCallback({ message: 'Snapshotting box' });
 
     database.exportToFile(`${paths.BOX_DATA_DIR}/box.mysqldump`, function (error) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
@@ -676,16 +652,17 @@ function snapshotBox(callback) {
     });
 }
 
-function uploadBoxSnapshot(backupConfig, callback) {
+function uploadBoxSnapshot(backupConfig, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     var startTime = new Date();
 
-    snapshotBox(function (error) {
+    snapshotBox(progressCallback, function (error) {
         if (error) return callback(error);
 
-        runBackupTask('snapshot/box', backupConfig.format, paths.BOX_DATA_DIR, function (error) {
+        runBackupUpload('snapshot/box', backupConfig.format, paths.BOX_DATA_DIR, progressCallback, function (error) {
             if (error) return callback(error);
 
             debug('uploadBoxSnapshot: time: %s secs', (new Date() - startTime)/1000);
@@ -723,10 +700,11 @@ function backupDone(apiConfig, backupId, appBackupIds, callback) {
     });
 }
 
-function rotateBoxBackup(backupConfig, timestamp, appBackupIds, callback) {
+function rotateBoxBackup(backupConfig, timestamp, appBackupIds, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof timestamp, 'string');
     assert(Array.isArray(appBackupIds));
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     var snapshotInfo = getSnapshotInfo('box');
@@ -736,13 +714,13 @@ function rotateBoxBackup(backupConfig, timestamp, appBackupIds, callback) {
     var backupId = util.format('%s/box_%s_v%s', timestamp, snapshotTime, config.version());
     const format = backupConfig.format;
 
-    log(`Rotating box backup to id ${backupId}`);
+    debug(`Rotating box backup to id ${backupId}`);
 
     backupdb.add({ id: backupId, version: config.version(), type: backupdb.BACKUP_TYPE_BOX, dependsOn: appBackupIds, manifest: null, format: format }, function (error) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
         var copy = api(backupConfig.provider).copy(backupConfig, getBackupFilePath(backupConfig, 'snapshot/box', format), getBackupFilePath(backupConfig, backupId, format));
-        copy.on('progress', log);
+        copy.on('progress', (message) => progressCallback({ message }));
         copy.on('done', function (copyBackupError) {
             const state = copyBackupError ? backupdb.BACKUP_STATE_ERROR : backupdb.BACKUP_STATE_NORMAL;
 
@@ -750,7 +728,7 @@ function rotateBoxBackup(backupConfig, timestamp, appBackupIds, callback) {
                 if (copyBackupError) return callback(copyBackupError);
                 if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
-                log(`Rotated box backup successfully as id ${backupId}`);
+                debug(`Rotated box backup successfully as id ${backupId}`);
 
                 backupDone(backupConfig, backupId, appBackupIds, function (error) {
                     if (error) return callback(error);
@@ -762,18 +740,19 @@ function rotateBoxBackup(backupConfig, timestamp, appBackupIds, callback) {
     });
 }
 
-function backupBoxWithAppBackupIds(appBackupIds, timestamp, callback) {
+function backupBoxWithAppBackupIds(appBackupIds, timestamp, progressCallback, callback) {
     assert(Array.isArray(appBackupIds));
     assert.strictEqual(typeof timestamp, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     settings.getBackupConfig(function (error, backupConfig) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
-        uploadBoxSnapshot(backupConfig, function (error) {
+        uploadBoxSnapshot(backupConfig, progressCallback, function (error) {
             if (error) return callback(error);
 
-            rotateBoxBackup(backupConfig, timestamp, appBackupIds, callback);
+            rotateBoxBackup(backupConfig, timestamp, appBackupIds, progressCallback, callback);
         });
     });
 }
@@ -787,11 +766,12 @@ function canBackupApp(app) {
             app.installationState === appdb.ISTATE_PENDING_UPDATE; // called from apptask
 }
 
-function snapshotApp(app, callback) {
+function snapshotApp(app, progressCallback, callback) {
     assert.strictEqual(typeof app, 'object');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
-    log(`Snapshotting app ${app.id}`);
+    progressCallback({ message: `Snapshotting app ${app.id}` });
 
     if (!safe.fs.writeFileSync(path.join(paths.APPS_DATA_DIR, app.id + '/config.json'), JSON.stringify(apps.getAppConfig(app)))) {
         return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, 'Error creating config.json: ' + safe.error.message));
@@ -804,10 +784,11 @@ function snapshotApp(app, callback) {
     });
 }
 
-function rotateAppBackup(backupConfig, app, timestamp, callback) {
+function rotateAppBackup(backupConfig, app, timestamp, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof timestamp, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     var snapshotInfo = getSnapshotInfo(app.id);
@@ -818,13 +799,13 @@ function rotateAppBackup(backupConfig, app, timestamp, callback) {
     var backupId = util.format('%s/app_%s_%s_v%s', timestamp, app.id, snapshotTime, manifest.version);
     const format = backupConfig.format;
 
-    log(`Rotating app backup of ${app.id} to id ${backupId}`);
+    debug(`Rotating app backup of ${app.id} to id ${backupId}`);
 
     backupdb.add({ id: backupId, version: manifest.version, type: backupdb.BACKUP_TYPE_APP, dependsOn: [ ], manifest: manifest, format: format }, function (error) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
         var copy = api(backupConfig.provider).copy(backupConfig, getBackupFilePath(backupConfig, `snapshot/app_${app.id}`, format), getBackupFilePath(backupConfig, backupId, format));
-        copy.on('progress', log);
+        copy.on('progress', (message) => progressCallback({ message }));
         copy.on('done', function (copyBackupError) {
             const state = copyBackupError ? backupdb.BACKUP_STATE_ERROR : backupdb.BACKUP_STATE_NORMAL;
 
@@ -832,7 +813,7 @@ function rotateAppBackup(backupConfig, app, timestamp, callback) {
                 if (copyBackupError) return callback(copyBackupError);
                 if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
-                log(`Rotated app backup of ${app.id} successfully to id ${backupId}`);
+                debug(`Rotated app backup of ${app.id} successfully to id ${backupId}`);
 
                 callback(null, backupId);
             });
@@ -840,21 +821,22 @@ function rotateAppBackup(backupConfig, app, timestamp, callback) {
     });
 }
 
-function uploadAppSnapshot(backupConfig, app, callback) {
+function uploadAppSnapshot(backupConfig, app, progressCallback, callback) {
     assert.strictEqual(typeof backupConfig, 'object');
     assert.strictEqual(typeof app, 'object');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     if (!canBackupApp(app)) return callback(); // nothing to do
 
     var startTime = new Date();
 
-    snapshotApp(app, function (error) {
+    snapshotApp(app, progressCallback, function (error) {
         if (error) return callback(error);
 
         var backupId = util.format('snapshot/app_%s', app.id);
         var appDataDir = safe.fs.realpathSync(path.join(paths.APPS_DATA_DIR, app.id));
-        runBackupTask(backupId, backupConfig.format, appDataDir, function (error) {
+        runBackupUpload(backupId, backupConfig.format, appDataDir, progressCallback, function (error) {
             if (error) return callback(error);
 
             debugApp(app, 'uploadAppSnapshot: %s done time: %s secs', backupId, (new Date() - startTime)/1000);
@@ -864,9 +846,10 @@ function uploadAppSnapshot(backupConfig, app, callback) {
     });
 }
 
-function backupAppWithTimestamp(app, timestamp, callback) {
+function backupAppWithTimestamp(app, timestamp, progressCallback, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof timestamp, 'string');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     if (!canBackupApp(app)) return callback(); // nothing to do
@@ -874,110 +857,88 @@ function backupAppWithTimestamp(app, timestamp, callback) {
     settings.getBackupConfig(function (error, backupConfig) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
-        uploadAppSnapshot(backupConfig, app, function (error) {
+        uploadAppSnapshot(backupConfig, app, progressCallback, function (error) {
             if (error) return callback(error);
 
-            rotateAppBackup(backupConfig, app, timestamp, callback);
+            rotateAppBackup(backupConfig, app, timestamp, progressCallback, callback);
         });
     });
 }
 
-function backupApp(app, callback) {
+function backupApp(app, progressCallback, callback) {
     assert.strictEqual(typeof app, 'object');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     const timestamp = (new Date()).toISOString().replace(/[T.]/g, '-').replace(/[:Z]/g,'');
-    safe.fs.unlinkSync(paths.BACKUP_LOG_FILE); // start fresh log file
 
-    progress.set(progress.BACKUP, 10,  'Backing up ' + app.fqdn);
+    debug(`backupApp - Backing up ${app.fqdn} with timestamp ${timestamp}`);
 
-    backupAppWithTimestamp(app, timestamp, function (error) {
-        progress.set(progress.BACKUP, 100, error ? error.message : '');
-
-        callback(error);
-    });
+    backupAppWithTimestamp(app, timestamp, progressCallback, callback);
 }
 
-// this function expects you to have a lock
-function backupBoxAndApps(auditSource, callback) {
-    assert.strictEqual(typeof auditSource, 'object');
-
-    callback = callback || NOOP_CALLBACK;
+// this function expects you to have a lock. Unlike other progressCallback this also has a progress field
+function backupBoxAndApps(progressCallback, callback) {
+    assert.strictEqual(typeof progressCallback, 'function');
+    assert.strictEqual(typeof callback, 'function');
 
     var timestamp = (new Date()).toISOString().replace(/[T.]/g, '-').replace(/[:Z]/g,'');
-    safe.fs.unlinkSync(paths.BACKUP_LOG_FILE); // start fresh log file
-
-    eventlog.add(eventlog.ACTION_BACKUP_START, auditSource, { });
 
     apps.getAll(function (error, allApps) {
         if (error) return callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
 
-        var processed = 1;
-        var step = 100/(allApps.length+2);
+        let percent = 1;
+        let step = 100/(allApps.length+2);
 
         async.mapSeries(allApps, function iterator(app, iteratorCallback) {
-            progress.set(progress.BACKUP, step * processed,  'Backing up ' + app.fqdn);
-
-            ++processed;
+            progressCallback({ percent: percent, message: `Backing up ${app.fqdn}` });
+            percent += step;
 
             if (!app.enableBackup) {
-                progress.set(progress.BACKUP, step * processed, 'Skipped backup ' + app.fqdn);
+                debug(`Skipped backup ${app.fqdn}`);
                 return iteratorCallback(null, null); // nothing to backup
             }
 
-            backupAppWithTimestamp(app, timestamp, function (error, backupId) {
+            backupAppWithTimestamp(app, timestamp, (progress) => progressCallback({ percent: percent, message: progress.message }), function (error, backupId) {
                 if (error && error.reason !== BackupsError.BAD_STATE) {
                     debugApp(app, 'Unable to backup', error);
                     return iteratorCallback(error);
                 }
 
-                progress.set(progress.BACKUP, step * processed, 'Backed up ' + app.fqdn);
+                debugApp(app, 'Backed up');
 
                 iteratorCallback(null, backupId || null); // clear backupId if is in BAD_STATE and never backed up
             });
         }, function appsBackedUp(error, backupIds) {
-            if (error) {
-                progress.set(progress.BACKUP, 100, error.message);
-                return callback(error);
-            }
+            if (error) return callback(error);
 
             backupIds = backupIds.filter(function (id) { return id !== null; }); // remove apps in bad state that were never backed up
 
-            progress.set(progress.BACKUP, step * processed, 'Backing up system data');
+            progressCallback({ percent: percent, message: 'Backing up system data' });
+            percent += step;
 
-            backupBoxWithAppBackupIds(backupIds, timestamp, function (error, backupId) {
-                progress.set(progress.BACKUP, 100, error ? error.message : '');
-
-                eventlog.add(eventlog.ACTION_BACKUP_FINISH, auditSource, { errorMessage: error ? error.message : null, backupId: backupId, timestamp: timestamp });
-
-                callback(error, backupId);
-            });
+            backupBoxWithAppBackupIds(backupIds, timestamp, (progress) => progressCallback({ percent: percent, message: progress.message }), callback);
         });
     });
 }
 
-function backup(auditSource, callback) {
-    assert.strictEqual(typeof auditSource, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    var error = locker.lock(locker.OP_FULL_BACKUP);
-    if (error) return callback(new BackupsError(BackupsError.BAD_STATE, error.message));
-
-    var startTime = new Date();
-    progress.set(progress.BACKUP, 0, 'Starting'); // ensure tools can 'wait' on progress
-
-    backupBoxAndApps(auditSource, function (error) { // start the backup operation in the background
-        if (error) {
-            debug('backup failed.', error);
-            mailer.backupFailed(error);
-        }
+function startBackupTask(auditSource, callback) {
+    let error = locker.lock(locker.OP_FULL_BACKUP);
+    if (error) return callback(error);
 
+    let task = tasks.startTask(tasks.TASK_BACKUP, [], auditSource);
+    task.on('error', (error) => callback(new BackupsError(BackupsError.INTERNAL_ERROR, error)));
+    task.on('start', (taskId) => {
+        eventlog.add(eventlog.ACTION_BACKUP_START, auditSource, { taskId });
+        callback(null, taskId);
+    });
+    task.on('finish', (error, result) => {
         locker.unlock(locker.OP_FULL_BACKUP);
 
-        debug('backup took %s seconds', (new Date() - startTime)/1000);
-    });
+        if (error) mailer.backupFailed(error);
 
-    callback(null);
+        eventlog.add(eventlog.ACTION_BACKUP_FINISH, auditSource, { errorMessage: error ? error.message : null, backupId: result });
+    });
 }
 
 function ensureBackup(auditSource, callback) {
@@ -999,7 +960,7 @@ function ensureBackup(auditSource, callback) {
                 return callback(null);
             }
 
-            backup(auditSource, callback);
+            startBackupTask(auditSource, callback);
         });
     });
 }

src/caas.js

@@ -4,29 +4,18 @@ exports = module.exports = {
     verifySetupToken: verifySetupToken,
     setupDone: setupDone,
 
-    changePlan: changePlan,
-    upgrade: upgrade,
     sendHeartbeat: sendHeartbeat,
-    getBoxAndUserDetails: getBoxAndUserDetails,
     setPtrRecord: setPtrRecord,
 
     CaasError: CaasError
 };
 
 var assert = require('assert'),
-    backups = require('./backups.js'),
     config = require('./config.js'),
     debug = require('debug')('box:caas'),
-    locker = require('./locker.js'),
-    path = require('path'),
-    progress = require('./progress.js'),
     settings = require('./settings.js'),
-    shell = require('./shell.js'),
     superagent = require('superagent'),
-    util = require('util'),
-    _ = require('underscore');
-
-const RETIRE_CMD = path.join(__dirname, 'scripts/retire.sh');
+    util = require('util');
 
 function CaasError(reason, errorOrMessage) {
     assert.strictEqual(typeof reason, 'string');
@@ -53,20 +42,6 @@ CaasError.INVALID_TOKEN = 'Invalid Token';
 CaasError.INTERNAL_ERROR = 'Internal Error';
 CaasError.EXTERNAL_ERROR = 'External Error';
 
-var NOOP_CALLBACK = function (error) { if (error) debug(error); };
-
-function retire(reason, info, callback) {
-    assert(reason === 'migrate' || reason === 'upgrade');
-    info = info || { };
-    callback = callback || NOOP_CALLBACK;
-
-    var data = {
-        apiServerOrigin: config.apiServerOrigin(),
-        adminFqdn: config.adminFqdn()
-    };
-    shell.sudo('retire', [ RETIRE_CMD, reason, JSON.stringify(info), JSON.stringify(data) ], callback);
-}
-
 function getCaasConfig(callback) {
     assert.strictEqual(typeof callback, 'function');
 
@@ -117,96 +92,6 @@ function setupDone(setupToken, callback) {
             });
     });
 }
-function doMigrate(options, caasConfig, callback) {
-    assert.strictEqual(typeof options, 'object');
-    assert.strictEqual(typeof caasConfig, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    var error = locker.lock(locker.OP_MIGRATE);
-    if (error) return callback(new CaasError(CaasError.BAD_STATE, error.message));
-
-    function unlock(error) {
-        debug('Failed to migrate', error);
-        locker.unlock(locker.OP_MIGRATE);
-        progress.set(progress.MIGRATE, -1, 'Backup failed: ' + error.message);
-    }
-
-    progress.set(progress.MIGRATE, 10, 'Backing up for migration');
-
-    // initiate the migration in the background
-    backups.backupBoxAndApps({ userId: null, username: 'migrator' }, function (error) {
-        if (error) return unlock(error);
-
-        debug('migrate: domain: %s size %s region %s', options.domain, options.size, options.region);
-
-        superagent
-            .post(config.apiServerOrigin() + '/api/v1/boxes/' + caasConfig.boxId + '/migrate')
-            .query({ token: caasConfig.token })
-            .send(options)
-            .timeout(30 * 1000)
-            .end(function (error, result) {
-                if (error && !error.response) return unlock(error); // network error
-                if (result.statusCode === 409) return unlock(new CaasError(CaasError.BAD_STATE));
-                if (result.statusCode === 404) return unlock(new CaasError(CaasError.NOT_FOUND));
-                if (result.statusCode !== 202) return unlock(new CaasError(CaasError.EXTERNAL_ERROR, util.format('%s %j', result.status, result.body)));
-
-                progress.set(progress.MIGRATE, 10, 'Migrating');
-
-                retire('migrate', _.pick(options, 'domain', 'size', 'region'));
-            });
-    });
-
-    callback(null);
-}
-
-function changePlan(options, callback) {
-    assert.strictEqual(typeof options, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    if (config.isDemo()) return callback(new CaasError(CaasError.BAD_FIELD, 'Not allowed in demo mode'));
-
-    getCaasConfig(function (error, result) {
-        if (error) return callback(error);
-
-        doMigrate(options, result, callback);
-    });
-}
-
-// this function expects a lock
-function upgrade(boxUpdateInfo, callback) {
-    assert(boxUpdateInfo !== null && typeof boxUpdateInfo === 'object');
-
-    function upgradeError(e) {
-        progress.set(progress.UPDATE, -1, e.message);
-        callback(e);
-    }
-
-    progress.set(progress.UPDATE, 5, 'Backing up for upgrade');
-
-    backups.backupBoxAndApps({ userId: null, username: 'upgrader' }, function (error) {
-        if (error) return upgradeError(error);
-
-        getCaasConfig(function (error, result) {
-            if (error) return upgradeError(error);
-
-            superagent.post(config.apiServerOrigin() + '/api/v1/boxes/' + result.boxId + '/upgrade')
-                .query({ token: result.token })
-                .send({ version: boxUpdateInfo.version })
-                .timeout(30 * 1000)
-                .end(function (error, result) {
-                    if (error && !error.response) return upgradeError(new Error('Network error making upgrade request: ' + error));
-                    if (result.statusCode !== 202) return upgradeError(new Error(util.format('Server not ready to upgrade. statusCode: %s body: %j', result.status, result.body)));
-
-                    progress.set(progress.UPDATE, 10, 'Updating base system');
-
-                    // no need to unlock since this is the last thing we ever do on this box
-                    callback();
-
-                    retire('upgrade');
-                });
-        });
-    });
-}
 
 function sendHeartbeat() {
     assert(config.provider() === 'caas', 'Heartbeat is only sent for managed cloudrons');
@@ -223,27 +108,6 @@ function sendHeartbeat() {
     });
 }
 
-function getBoxAndUserDetails(callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    if (config.provider() !== 'caas') return callback(null, {});
-
-    getCaasConfig(function (error, caasConfig) {
-        if (error) return callback(error);
-
-        superagent
-            .get(config.apiServerOrigin() + '/api/v1/boxes/' + caasConfig.boxId)
-            .query({ token: caasConfig.token })
-            .timeout(30 * 1000)
-            .end(function (error, result) {
-                if (error && !error.response) return callback(new CaasError(CaasError.EXTERNAL_ERROR, 'Cannot reach appstore'));
-                if (result.statusCode !== 200) return callback(new CaasError(CaasError.EXTERNAL_ERROR, util.format('%s %j', result.statusCode, result.body)));
-
-                return callback(null, result.body);
-            });
-    });
-}
-
 function setPtrRecord(domain, callback) {
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof callback, 'function');

src/cert/acme1.js

@@ -1,481 +0,0 @@
-'use strict';
-
-var assert = require('assert'),
-    async = require('async'),
-    crypto = require('crypto'),
-    debug = require('debug')('box:cert/acme1'),
-    execSync = require('safetydance').child_process.execSync,
-    fs = require('fs'),
-    parseLinks = require('parse-links'),
-    path = require('path'),
-    paths = require('../paths.js'),
-    safe = require('safetydance'),
-    superagent = require('superagent'),
-    util = require('util'),
-    _ = require('underscore');
-
-var CA_PROD = 'https://acme-v01.api.letsencrypt.org',
-    CA_STAGING = 'https://acme-staging.api.letsencrypt.org',
-    LE_AGREEMENT = 'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf';
-
-exports = module.exports = {
-    getCertificate: getCertificate,
-
-    // testing
-    _name: 'acme'
-};
-
-function Acme1Error(reason, errorOrMessage) {
-    assert.strictEqual(typeof reason, 'string');
-    assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
-
-    Error.call(this);
-    Error.captureStackTrace(this, this.constructor);
-
-    this.name = this.constructor.name;
-    this.reason = reason;
-    if (typeof errorOrMessage === 'undefined') {
-        this.message = reason;
-    } else if (typeof errorOrMessage === 'string') {
-        this.message = errorOrMessage;
-    } else {
-        this.message = 'Internal error';
-        this.nestedError = errorOrMessage;
-    }
-}
-util.inherits(Acme1Error, Error);
-Acme1Error.INTERNAL_ERROR = 'Internal Error';
-Acme1Error.EXTERNAL_ERROR = 'External Error';
-Acme1Error.ALREADY_EXISTS = 'Already Exists';
-Acme1Error.NOT_COMPLETED = 'Not Completed';
-Acme1Error.FORBIDDEN = 'Forbidden';
-
-// http://jose.readthedocs.org/en/latest/
-// https://www.ietf.org/proceedings/92/slides/slides-92-acme-1.pdf
-// https://community.letsencrypt.org/t/list-of-client-implementations/2103
-
-function Acme1(options) {
-    assert.strictEqual(typeof options, 'object');
-
-    this.caOrigin = options.prod ? CA_PROD : CA_STAGING;
-    this.accountKeyPem = null; // Buffer
-    this.email = options.email;
-}
-
-Acme1.prototype.getNonce = function (callback) {
-    superagent.get(this.caOrigin + '/directory').timeout(30 * 1000).end(function (error, response) {
-        if (error && !error.response) return callback(error);
-        if (response.statusCode !== 200) return callback(new Error('Invalid response code when fetching nonce : ' + response.statusCode));
-
-        return callback(null, response.headers['Replay-Nonce'.toLowerCase()]);
-    });
-};
-
-// urlsafe base64 encoding (jose)
-function urlBase64Encode(string) {
-    return string.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
-}
-
-function b64(str) {
-    var buf = util.isBuffer(str) ? str : new Buffer(str);
-   return urlBase64Encode(buf.toString('base64'));
-}
-
-function getModulus(pem) {
-    assert(util.isBuffer(pem));
-
-    var stdout = execSync('openssl rsa -modulus -noout', { input: pem, encoding: 'utf8' });
-    if (!stdout) return null;
-    var match = stdout.match(/Modulus=([0-9a-fA-F]+)$/m);
-    if (!match) return null;
-    return Buffer.from(match[1], 'hex');
-}
-
-Acme1.prototype.sendSignedRequest = function (url, payload, callback) {
-    assert.strictEqual(typeof url, 'string');
-    assert.strictEqual(typeof payload, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    assert(util.isBuffer(this.accountKeyPem));
-
-    var that = this;
-    var header = {
-        alg: 'RS256',
-        jwk: {
-            e: b64(Buffer.from([0x01, 0x00, 0x01])), // exponent - 65537
-            kty: 'RSA',
-            n: b64(getModulus(this.accountKeyPem))
-        }
-    };
-
-    var payload64 = b64(payload);
-
-    this.getNonce(function (error, nonce) {
-        if (error) return callback(error);
-
-        debug('sendSignedRequest: using nonce %s for url %s', nonce, url);
-
-        var protected64 = b64(JSON.stringify(_.extend({ }, header, { nonce: nonce })));
-
-        var signer = crypto.createSign('RSA-SHA256');
-        signer.update(protected64 + '.' + payload64, 'utf8');
-        var signature64 = urlBase64Encode(signer.sign(that.accountKeyPem, 'base64'));
-
-        var data = {
-            header: header,
-            protected: protected64,
-            payload: payload64,
-            signature: signature64
-        };
-
-        superagent.post(url).set('Content-Type', 'application/x-www-form-urlencoded').send(JSON.stringify(data)).timeout(30 * 1000).end(function (error, res) {
-            if (error && !error.response) return callback(error); // network errors
-
-            callback(null, res);
-        });
-    });
-};
-
-Acme1.prototype.updateContact = function (registrationUri, callback) {
-    assert.strictEqual(typeof registrationUri, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('updateContact: %s %s', registrationUri, this.email);
-
-    // https://github.com/ietf-wg-acme/acme/issues/30
-    var payload = {
-        resource: 'reg',
-        contact: [ 'mailto:' + this.email ],
-        agreement: LE_AGREEMENT
-    };
-
-    var that = this;
-    this.sendSignedRequest(registrationUri, JSON.stringify(payload), function (error, result) {
-        if (error) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when registering user: ' + error.message));
-        if (result.statusCode !== 202) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to update contact. Expecting 202, got %s %s', result.statusCode, result.text)));
-
-        debug('updateContact: contact of user updated to %s', that.email);
-
-        callback();
-    });
-};
-
-Acme1.prototype.registerUser = function (callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    var payload = {
-        resource: 'new-reg',
-        contact: [ 'mailto:' + this.email ],
-        agreement: LE_AGREEMENT
-    };
-
-    debug('registerUser: %s', this.email);
-
-    var that = this;
-    this.sendSignedRequest(this.caOrigin + '/acme/new-reg', JSON.stringify(payload), function (error, result) {
-        if (error) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when registering user: ' + error.message));
-        if (result.statusCode === 409) return that.updateContact(result.headers.location, callback); // already exists
-        if (result.statusCode !== 201) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to register user. Expecting 201, got %s %s', result.statusCode, result.text)));
-
-        debug('registerUser: registered user %s', that.email);
-
-        callback(null);
-    });
-};
-
-Acme1.prototype.registerDomain = function (domain, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    var payload = {
-        resource: 'new-authz',
-        identifier: {
-            type: 'dns',
-            value: domain
-        }
-    };
-
-    debug('registerDomain: %s', domain);
-
-    this.sendSignedRequest(this.caOrigin + '/acme/new-authz', JSON.stringify(payload), function (error, result) {
-        if (error) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when registering domain: ' + error.message));
-        if (result.statusCode === 403) return callback(new Acme1Error(Acme1Error.FORBIDDEN, result.body.detail));
-        if (result.statusCode !== 201) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to register user. Expecting 201, got %s %s', result.statusCode, result.text)));
-
-        debug('registerDomain: registered %s', domain);
-
-        callback(null, result.body);
-    });
-};
-
-Acme1.prototype.prepareHttpChallenge = function (challenge, callback) {
-    assert.strictEqual(typeof challenge, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('prepareHttpChallenge: preparing for challenge %j', challenge);
-
-    var token = challenge.token;
-
-    assert(util.isBuffer(this.accountKeyPem));
-
-    var jwk = {
-        e: b64(Buffer.from([0x01, 0x00, 0x01])), // Exponent - 65537
-        kty: 'RSA',
-        n: b64(getModulus(this.accountKeyPem))
-    };
-
-    var shasum = crypto.createHash('sha256');
-    shasum.update(JSON.stringify(jwk));
-    var thumbprint = urlBase64Encode(shasum.digest('base64'));
-    var keyAuthorization = token + '.' + thumbprint;
-
-    debug('prepareHttpChallenge: writing %s to %s', keyAuthorization, path.join(paths.ACME_CHALLENGES_DIR, token));
-
-    fs.writeFile(path.join(paths.ACME_CHALLENGES_DIR, token), token + '.' + thumbprint, function (error) {
-        if (error) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, error));
-
-        callback();
-    });
-};
-
-Acme1.prototype.notifyChallengeReady = function (challenge, callback) {
-    assert.strictEqual(typeof challenge, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('notifyChallengeReady: %s was met', challenge.uri);
-
-    var keyAuthorization = fs.readFileSync(path.join(paths.ACME_CHALLENGES_DIR, challenge.token), 'utf8');
-
-    var payload = {
-        resource: 'challenge',
-        keyAuthorization: keyAuthorization
-    };
-
-    this.sendSignedRequest(challenge.uri, JSON.stringify(payload), function (error, result) {
-        if (error) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when notifying challenge: ' + error.message));
-        if (result.statusCode !== 202) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to notify challenge. Expecting 202, got %s %s', result.statusCode, result.text)));
-
-        callback();
-    });
-};
-
-Acme1.prototype.waitForChallenge = function (challenge, callback) {
-    assert.strictEqual(typeof challenge, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('waitingForChallenge: %j', challenge);
-
-    async.retry({ times: 10, interval: 5000 }, function (retryCallback) {
-        debug('waitingForChallenge: getting status');
-
-        superagent.get(challenge.uri).timeout(30 * 1000).end(function (error, result) {
-            if (error && !error.response) {
-                debug('waitForChallenge: network error getting uri %s', challenge.uri);
-                return retryCallback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, error.message)); // network error
-            }
-            if (result.statusCode !== 202) {
-                debug('waitForChallenge: invalid response code getting uri %s', result.statusCode);
-                return retryCallback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Bad response code:' + result.statusCode));
-            }
-
-            debug('waitForChallenge: status is "%s %j', result.body.status, result.body);
-
-            if (result.body.status === 'pending') return retryCallback(new Acme1Error(Acme1Error.NOT_COMPLETED));
-            else if (result.body.status === 'valid') return retryCallback();
-            else return retryCallback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Unexpected status: ' + result.body.status));
-        });
-    }, function retryFinished(error) {
-        // async.retry will pass 'undefined' as second arg making it unusable with async.waterfall()
-        callback(error);
-    });
-};
-
-// https://community.letsencrypt.org/t/public-beta-rate-limits/4772 for rate limits
-Acme1.prototype.signCertificate = function (domain, csrDer, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert(util.isBuffer(csrDer));
-    assert.strictEqual(typeof callback, 'function');
-
-    var outdir = paths.APP_CERTS_DIR;
-
-    var payload = {
-        resource: 'new-cert',
-        csr: b64(csrDer)
-    };
-
-    debug('signCertificate: sending new-cert request');
-
-    this.sendSignedRequest(this.caOrigin + '/acme/new-cert', JSON.stringify(payload), function (error, result) {
-        if (error) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when signing certificate: ' + error.message));
-        // 429 means we reached the cert limit for this domain
-        if (result.statusCode !== 201) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to sign certificate. Expecting 201, got %s %s', result.statusCode, result.text)));
-
-        var certUrl = result.headers.location;
-
-        if (!certUrl) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Missing location in downloadCertificate'));
-
-        safe.fs.writeFileSync(path.join(outdir, domain + '.url'), certUrl, 'utf8'); // maybe use for renewal
-
-        return callback(null, result.headers.location);
-    });
-};
-
-Acme1.prototype.createKeyAndCsr = function (domain, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    var outdir = paths.APP_CERTS_DIR;
-    var csrFile = path.join(outdir, domain + '.csr');
-    var privateKeyFile = path.join(outdir, domain + '.key');
-
-    if (safe.fs.existsSync(privateKeyFile)) {
-        // in some old releases, csr file was corrupt. so always regenerate it
-        debug('createKeyAndCsr: reuse the key for renewal at %s', privateKeyFile);
-    } else {
-        var key = execSync('openssl genrsa 4096');
-        if (!key) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-        if (!safe.fs.writeFileSync(privateKeyFile, key)) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-
-        debug('createKeyAndCsr: key file saved at %s', privateKeyFile);
-    }
-
-    var csrDer = execSync(util.format('openssl req -new -key %s -outform DER -subj /CN=%s', privateKeyFile, domain));
-    if (!csrDer) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-    if (!safe.fs.writeFileSync(csrFile, csrDer)) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error)); // bookkeeping
-
-    debug('createKeyAndCsr: csr file (DER) saved at %s', csrFile);
-
-    callback(null, csrDer);
-};
-
-// TODO: download the chain in a loop following 'up' header
-Acme1.prototype.downloadChain = function (linkHeader, callback) {
-    if (!linkHeader) return new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Empty link header when downloading certificate chain');
-
-    debug('downloadChain: linkHeader %s', linkHeader);
-
-    var linkInfo = parseLinks(linkHeader);
-    if (!linkInfo || !linkInfo.up) return new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Failed to parse link header when downloading certificate chain');
-
-    var intermediateCertUrl = linkInfo.up.startsWith('https://') ? linkInfo.up : (this.caOrigin + linkInfo.up);
-
-    debug('downloadChain: downloading from %s', intermediateCertUrl);
-
-    superagent.get(intermediateCertUrl).buffer().parse(function (res, done) {
-        var data = [ ];
-        res.on('data', function(chunk) { data.push(chunk); });
-        res.on('end', function () { res.text = Buffer.concat(data); done(); });
-    }).timeout(30 * 1000).end(function (error, result) {
-        if (error && !error.response) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when downloading certificate'));
-        if (result.statusCode !== 200) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to get cert. Expecting 200, got %s %s', result.statusCode, result.text)));
-
-        var chainDer = result.text;
-        var chainPem = execSync('openssl x509 -inform DER -outform PEM', { input: chainDer }); // this is really just base64 encoding with header
-        if (!chainPem) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-
-        callback(null, chainPem);
-    });
-};
-
-Acme1.prototype.downloadCertificate = function (domain, certUrl, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof certUrl, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    var outdir = paths.APP_CERTS_DIR;
-    var that = this;
-
-    superagent.get(certUrl).buffer().parse(function (res, done) {
-        var data = [ ];
-        res.on('data', function(chunk) { data.push(chunk); });
-        res.on('end', function () { res.text = Buffer.concat(data); done(); });
-    }).timeout(30 * 1000).end(function (error, result) {
-        if (error && !error.response) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'Network error when downloading certificate'));
-        if (result.statusCode === 202) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, 'Retry not implemented yet'));
-        if (result.statusCode !== 200) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, util.format('Failed to get cert. Expecting 200, got %s %s', result.statusCode, result.text)));
-
-        var certificateDer = result.text;
-
-        safe.fs.writeFileSync(path.join(outdir, domain + '.der'), certificateDer);
-        debug('downloadCertificate: cert der file for %s saved', domain);
-
-        var certificatePem = execSync('openssl x509 -inform DER -outform PEM', { input: certificateDer }); // this is really just base64 encoding with header
-        if (!certificatePem) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-
-        that.downloadChain(result.header['link'], function (error, chainPem) {
-            if (error) return callback(error);
-
-            var certificateFile = path.join(outdir, domain + '.cert');
-            var fullChainPem = Buffer.concat([certificatePem, chainPem]);
-            if (!safe.fs.writeFileSync(certificateFile, fullChainPem)) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-
-            debug('downloadCertificate: cert file for %s saved at %s', domain, certificateFile);
-
-            callback();
-        });
-    });
-};
-
-Acme1.prototype.acmeFlow = function (domain, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    if (!fs.existsSync(paths.ACME_ACCOUNT_KEY_FILE)) {
-        debug('getCertificate: generating acme account key on first run');
-        this.accountKeyPem = safe.child_process.execSync('openssl genrsa 4096');
-        if (!this.accountKeyPem) return callback(new Acme1Error(Acme1Error.INTERNAL_ERROR, safe.error));
-
-        safe.fs.writeFileSync(paths.ACME_ACCOUNT_KEY_FILE, this.accountKeyPem);
-    } else {
-        debug('getCertificate: using existing acme account key');
-        this.accountKeyPem = fs.readFileSync(paths.ACME_ACCOUNT_KEY_FILE);
-    }
-
-    var that = this;
-    this.registerUser(function (error) {
-        if (error) return callback(error);
-
-        that.registerDomain(domain, function (error, result) {
-            if (error) return callback(error);
-
-            debug('acmeFlow: challenges: %j', result);
-
-            var httpChallenges = result.challenges.filter(function(x) { return x.type === 'http-01'; });
-            if (httpChallenges.length === 0) return callback(new Acme1Error(Acme1Error.EXTERNAL_ERROR, 'no http challenges'));
-            var challenge = httpChallenges[0];
-
-            async.waterfall([
-                that.prepareHttpChallenge.bind(that, challenge),
-                that.notifyChallengeReady.bind(that, challenge),
-                that.waitForChallenge.bind(that, challenge),
-                that.createKeyAndCsr.bind(that, domain),
-                that.signCertificate.bind(that, domain),
-                that.downloadCertificate.bind(that, domain)
-            ], callback);
-        });
-    });
-};
-
-Acme1.prototype.getCertificate = function (hostname, domain, callback) {
-    assert.strictEqual(typeof hostname, 'string');
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('getCertificate: start acme flow for %s from %s', hostname, this.caOrigin);
-    this.acmeFlow(hostname, function (error) {
-        if (error) return callback(error);
-
-        var outdir = paths.APP_CERTS_DIR;
-        callback(null, path.join(outdir, hostname + '.cert'), path.join(outdir, hostname + '.key'));
-    });
-};
-
-function getCertificate(hostname, domain, options, callback) {
-    assert.strictEqual(typeof hostname, 'string');
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof options, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    var acme = new Acme1(options || { });
-    acme.getCertificate(hostname, domain, callback);
-}

src/cert/acme2.js

@@ -5,7 +5,6 @@ var assert = require('assert'),
     crypto = require('crypto'),
     debug = require('debug')('box:cert/acme2'),
     domains = require('../domains.js'),
-    execSync = require('safetydance').child_process.execSync,
     fs = require('fs'),
     path = require('path'),
     paths = require('../paths.js'),
@@ -88,7 +87,7 @@ function b64(str) {
 function getModulus(pem) {
     assert(util.isBuffer(pem));
 
-    var stdout = execSync('openssl rsa -modulus -noout', { input: pem, encoding: 'utf8' });
+    var stdout = safe.child_process.execSync('openssl rsa -modulus -noout', { input: pem, encoding: 'utf8' });
     if (!stdout) return null;
     var match = stdout.match(/Modulus=([0-9a-fA-F]+)$/m);
     if (!match) return null;
@@ -351,14 +350,14 @@ Acme2.prototype.createKeyAndCsr = function (hostname, callback) {
         // in some old releases, csr file was corrupt. so always regenerate it
         debug('createKeyAndCsr: reuse the key for renewal at %s', privateKeyFile);
     } else {
-        var key = execSync('openssl genrsa 4096');
+        var key = safe.child_process.execSync('openssl genrsa 4096');
         if (!key) return callback(new Acme2Error(Acme2Error.INTERNAL_ERROR, safe.error));
         if (!safe.fs.writeFileSync(privateKeyFile, key)) return callback(new Acme2Error(Acme2Error.INTERNAL_ERROR, safe.error));
 
         debug('createKeyAndCsr: key file saved at %s', privateKeyFile);
     }
 
-    var csrDer = execSync(`openssl req -new -key ${privateKeyFile} -outform DER -subj /CN=${hostname}`);
+    var csrDer = safe.child_process.execSync(`openssl req -new -key ${privateKeyFile} -outform DER -subj /CN=${hostname}`);
     if (!csrDer) return callback(new Acme2Error(Acme2Error.INTERNAL_ERROR, safe.error));
     if (!safe.fs.writeFileSync(csrFile, csrDer)) return callback(new Acme2Error(Acme2Error.INTERNAL_ERROR, safe.error)); // bookkeeping
 

src/cloudron.js

@@ -8,32 +8,44 @@ exports = module.exports = {
     getConfig: getConfig,
     getDisks: getDisks,
     getLogs: getLogs,
+    getStatus: getStatus,
 
     reboot: reboot,
+    isRebootRequired: isRebootRequired,
 
     onActivated: onActivated,
 
-    checkDiskSpace: checkDiskSpace
+    setDashboardDomain: setDashboardDomain,
+    renewCerts: renewCerts,
+
+    checkDiskSpace: checkDiskSpace,
+
+    configureWebadmin: configureWebadmin,
+    getWebadminStatus: getWebadminStatus
 };
 
 var assert = require('assert'),
     async = require('async'),
+    clients = require('./clients.js'),
     config = require('./config.js'),
     cron = require('./cron.js'),
     debug = require('debug')('box:cloudron'),
+    domains = require('./domains.js'),
+    DomainsError = require('./domains.js').DomainsError,
     df = require('@sindresorhus/df'),
+    fs = require('fs'),
     mailer = require('./mailer.js'),
     os = require('os'),
     path = require('path'),
     paths = require('./paths.js'),
     platform = require('./platform.js'),
-    progress = require('./progress.js'),
     reverseProxy = require('./reverseproxy.js'),
-    safe = require('safetydance'),
     settings = require('./settings.js'),
     shell = require('./shell.js'),
     spawn = require('child_process').spawn,
     split = require('split'),
+    sysinfo = require('./sysinfo.js'),
+    tasks = require('./tasks.js'),
     users = require('./users.js'),
     util = require('util');
 
@@ -41,6 +53,16 @@ var REBOOT_CMD = path.join(__dirname, 'scripts/reboot.sh');
 
 var NOOP_CALLBACK = function (error) { if (error) debug(error); };
 
+let gWebadminStatus = {
+    dns: false,
+    tls: false,
+    configuring: false,
+    restore: {
+        active: false,
+        error: null
+    }
+};
+
 function CloudronError(reason, errorOrMessage) {
     assert.strictEqual(typeof reason, 'string');
     assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
@@ -65,18 +87,13 @@ CloudronError.INTERNAL_ERROR = 'Internal Error';
 CloudronError.EXTERNAL_ERROR = 'External Error';
 CloudronError.BAD_STATE = 'Bad state';
 CloudronError.ALREADY_UPTODATE = 'No Update Available';
-CloudronError.NOT_FOUND = 'Not found';
-CloudronError.SELF_UPGRADE_NOT_SUPPORTED = 'Self upgrade not supported';
 
 function initialize(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    async.series([
-        settings.initialize,
-        reverseProxy.configureDefaultServer,
-        cron.startPreActivationJobs,
-        onActivated
-    ], callback);
+    cron.startPreActivationJobs(callback);
+
+    runStartupTasks();
 }
 
 function uninitialize(callback) {
@@ -84,25 +101,36 @@ function uninitialize(callback) {
 
     async.series([
         cron.stopJobs,
-        platform.stop,
-        settings.uninitialize
+        platform.stop
     ], callback);
 }
 
 function onActivated(callback) {
-    callback = callback || NOOP_CALLBACK;
+    assert.strictEqual(typeof callback, 'function');
 
     // Starting the platform after a user is available means:
     // 1. mail bounces can now be sent to the cloudron owner
     // 2. the restore code path can run without sudo (since mail/ is non-root)
-    users.count(function (error, count) {
-        if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error));
-        if (!count) return callback(); // not activated
+    async.series([
+        platform.start,
+        cron.startPostActivationJobs
+    ], callback);
+}
 
-        async.series([
-            platform.start,
-            cron.startPostActivationJobs
-        ], callback);
+// each of these tasks can fail. we will add some routes to fix/re-run them
+function runStartupTasks() {
+    // configure nginx to be reachable by IP
+    reverseProxy.configureDefaultServer(NOOP_CALLBACK);
+
+    // always generate webadmin config since we have no versioning mechanism for the ejs
+    configureWebadmin(NOOP_CALLBACK);
+
+    // check activation state and start the platform
+    users.isActivated(function (error, activated) {
+        if (error) return debug(error);
+        if (!activated) return debug('initialize: not activated yet'); // not activated
+
+        onActivated(NOOP_CALLBACK);
     });
 }
 
@@ -146,7 +174,6 @@ function getConfig(callback) {
             adminFqdn: config.adminFqdn(),
             mailFqdn: config.mailFqdn(),
             version: config.version(),
-            progress: progress.getAll(),
             isDemo: config.isDemo(),
             edition: config.edition(),
             memory: os.totalmem(),
@@ -157,7 +184,14 @@ function getConfig(callback) {
 }
 
 function reboot(callback) {
-    shell.sudo('reboot', [ REBOOT_CMD ], callback);
+    shell.sudo('reboot', [ REBOOT_CMD ], {}, callback);
+}
+
+function isRebootRequired(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    // https://serverfault.com/questions/92932/how-does-ubuntu-keep-track-of-the-system-restart-required-flag-in-motd
+    callback(null, fs.existsSync('/var/run/reboot-required'));
 }
 
 function checkDiskSpace(callback) {
@@ -219,49 +253,28 @@ function getLogs(unit, options, callback) {
 
     debug('Getting logs for %s as %s', unit, format);
 
-    var cp, transformStream;
-    if (unit === 'box') {
-        let args = [ '--no-pager', `--lines=${lines}` ];
-        if (format === 'short') args.push('--output=short', '-a'); else args.push('--output=json');
-        if (follow) args.push('--follow');
-        args.push('--unit=box');
-        args.push('--unit=cloudron-updater');
-        cp = spawn('/bin/journalctl', args);
+    let args = [ '--lines=' + lines ];
+    if (follow) args.push('--follow');
 
-        transformStream = split(function mapper(line) {
-            if (format !== 'json') return line + '\n';
+    // need to handle box.log without subdir
+    if (unit === 'box') args.push(path.join(paths.LOG_DIR, 'box.log'));
+    else args.push(path.join(paths.LOG_DIR, unit, 'app.log'));
 
-            var obj = safe.JSON.parse(line);
-            if (!obj) return undefined;
+    var cp = spawn('/usr/bin/tail', args);
 
-            return JSON.stringify({
-                realtimeTimestamp: obj.__REALTIME_TIMESTAMP,
-                monotonicTimestamp: obj.__MONOTONIC_TIMESTAMP,
-                message: obj.MESSAGE,
-                source: obj.SYSLOG_IDENTIFIER || ''
-            }) + '\n';
-        });
-    } else { // mail, mongodb, mysql, postgresql, backup
-        let args = [ '--lines=' + lines ];
-        if (follow) args.push('--follow');
-        args.push(path.join(paths.LOG_DIR, unit, 'app.log'));
+    var transformStream = split(function mapper(line) {
+        if (format !== 'json') return line + '\n';
 
-        cp = spawn('/usr/bin/tail', args);
+        var data = line.split(' '); // logs are <ISOtimestamp> <msg>
+        var timestamp = (new Date(data[0])).getTime();
+        if (isNaN(timestamp)) timestamp = 0;
 
-        transformStream = split(function mapper(line) {
-            if (format !== 'json') return line + '\n';
-
-            var data = line.split(' '); // logs are <ISOtimestamp> <msg>
-            var timestamp = (new Date(data[0])).getTime();
-            if (isNaN(timestamp)) timestamp = 0;
-
-            return JSON.stringify({
-                realtimeTimestamp: timestamp * 1000,
-                message: line.slice(data[0].length+1),
-                source: unit
-            }) + '\n';
-        });
-    }
+        return JSON.stringify({
+            realtimeTimestamp: timestamp * 1000,
+            message: line.slice(data[0].length+1),
+            source: unit
+        }) + '\n';
+    });
 
     transformStream.close = cp.kill.bind(cp, 'SIGKILL'); // closing stream kills the child process
 
@@ -269,3 +282,108 @@ function getLogs(unit, options, callback) {
 
     return callback(null, transformStream);
 }
+
+function configureWebadmin(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    debug('configureWebadmin: adminDomain:%s status:%j', config.adminDomain(), gWebadminStatus);
+
+    if (process.env.BOX_ENV === 'test' || !config.adminDomain() || gWebadminStatus.configuring) return callback();
+
+    gWebadminStatus.configuring = true; // re-entracy guard
+
+    function configureReverseProxy(error) {
+        debug('configureReverseProxy: error %j', error || null);
+
+        reverseProxy.configureAdmin({ userId: null, username: 'setup' }, function (error) {
+            debug('configureWebadmin: done error: %j', error || {});
+            gWebadminStatus.configuring = false;
+
+            if (error) return callback(error);
+
+            gWebadminStatus.tls = true;
+
+            callback();
+        });
+    }
+
+    // update the DNS. configure nginx regardless of whether it succeeded so that
+    // box is accessible even if dns creds are invalid
+    sysinfo.getPublicIp(function (error, ip) {
+        if (error) return configureReverseProxy(error);
+
+        domains.upsertDnsRecords(config.adminLocation(), config.adminDomain(), 'A', [ ip ], function (error) {
+            debug('addWebadminDnsRecord: updated records with error:', error);
+            if (error) return configureReverseProxy(error);
+
+            domains.waitForDnsRecord(config.adminLocation(), config.adminDomain(), 'A', ip, { interval: 30000, times: 50000 }, function (error) {
+                if (error) return configureReverseProxy(error);
+
+                gWebadminStatus.dns = true;
+
+                configureReverseProxy();
+            });
+        });
+    });
+}
+
+function getWebadminStatus() {
+    return gWebadminStatus;
+}
+
+function getStatus(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    users.isActivated(function (error, activated) {
+        if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error));
+
+        settings.getCloudronName(function (error, cloudronName) {
+            if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error));
+
+            callback(null, {
+                version: config.version(),
+                apiServerOrigin: config.apiServerOrigin(), // used by CaaS tool
+                provider: config.provider(),
+                cloudronName: cloudronName,
+                adminFqdn: config.adminDomain() ? config.adminFqdn() : null,
+                activated: activated,
+                edition: config.edition(),
+                webadminStatus: gWebadminStatus // only valid when !activated
+            });
+        });
+    });
+}
+
+function setDashboardDomain(domain, callback) {
+    assert.strictEqual(typeof domain, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    debug(`setDashboardDomain: ${domain}`);
+
+    domains.get(domain, function (error, result) {
+        if (error && error.reason === DomainsError.NOT_FOUND) return callback(new CloudronError(CloudronError.BAD_FIELD, 'No such domain'));
+        if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error));
+
+        config.setAdminDomain(result.domain);
+        config.setAdminLocation('my');
+        config.setAdminFqdn('my' + (result.config.hyphenatedSubdomains ? '-' : '.') + result.domain);
+
+        clients.addDefaultClients(config.adminOrigin(), function (error) {
+            if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error));
+
+            callback(null);
+
+            configureWebadmin(NOOP_CALLBACK); // ## trigger as task
+        });
+    });
+}
+
+function renewCerts(options, auditSource, callback) {
+    assert.strictEqual(typeof options, 'object');
+    assert.strictEqual(typeof auditSource, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    let task = tasks.startTask(tasks.TASK_RENEW_CERTS, [ options, auditSource ]);
+    task.on('error', (error) => callback(new CloudronError(CloudronError.INTERNAL_ERROR, error)));
+    task.on('start', (taskId) => callback(null, taskId));
+}

src/constants.js

@@ -20,6 +20,7 @@ exports = module.exports = {
     ADMIN_NAME: 'Settings',
 
     NGINX_ADMIN_CONFIG_FILE_NAME: 'admin.conf',
+    NGINX_DEFAULT_CONFIG_FILE_NAME: 'default.conf',
 
     GHOST_USER_FILE: '/tmp/cloudron_ghost.json',
 

src/cron.js

@@ -43,7 +43,7 @@ var gJobs = {
     cleanupTokens: null,
     digestEmail: null,
     dockerVolumeCleaner: null,
-    dynamicDNS: null,
+    dynamicDns: null,
     schedulerSync: null,
     appHealthMonitor: null
 };
@@ -86,10 +86,10 @@ function startPostActivationJobs(callback) {
         start: true
     });
 
-    settings.events.on(settings.TIME_ZONE_KEY, recreateJobs);
-    settings.events.on(settings.APP_AUTOUPDATE_PATTERN_KEY, appAutoupdatePatternChanged);
-    settings.events.on(settings.BOX_AUTOUPDATE_PATTERN_KEY, boxAutoupdatePatternChanged);
-    settings.events.on(settings.DYNAMIC_DNS_KEY, dynamicDnsChanged);
+    settings.on(settings.TIME_ZONE_KEY, recreateJobs);
+    settings.on(settings.APP_AUTOUPDATE_PATTERN_KEY, appAutoupdatePatternChanged);
+    settings.on(settings.BOX_AUTOUPDATE_PATTERN_KEY, boxAutoupdatePatternChanged);
+    settings.on(settings.DYNAMIC_DNS_KEY, dynamicDnsChanged);
 
     settings.getAll(function (error, allSettings) {
         if (error) return callback(error);
@@ -186,7 +186,7 @@ function recreateJobs(tz) {
     if (gJobs.certificateRenew) gJobs.certificateRenew.stop();
     gJobs.certificateRenew = new CronJob({
         cronTime: '00 00 */12 * * *', // every 12 hours
-        onTick: reverseProxy.renewAll.bind(null, AUDIT_SOURCE, NOOP_CALLBACK),
+        onTick: cloudron.renewCerts.bind(null, {}, AUDIT_SOURCE, NOOP_CALLBACK),
         start: true,
         timeZone: tz
     });
@@ -267,25 +267,25 @@ function dynamicDnsChanged(enabled) {
     debug('Dynamic DNS setting changed to %s', enabled);
 
     if (enabled) {
-        gJobs.dynamicDNS = new CronJob({
+        gJobs.dynamicDns = new CronJob({
             cronTime: '00 */10 * * * *',
             onTick: dyndns.sync,
             start: true,
             timeZone: gJobs.boxUpdateCheckerJob.cronTime.zone // hack
         });
     } else {
-        if (gJobs.dynamicDNS) gJobs.dynamicDNS.stop();
-        gJobs.dynamicDNS = null;
+        if (gJobs.dynamicDns) gJobs.dynamicDns.stop();
+        gJobs.dynamicDns = null;
     }
 }
 
 function stopJobs(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    settings.events.removeListener(settings.TIME_ZONE_KEY, recreateJobs);
-    settings.events.removeListener(settings.APP_AUTOUPDATE_PATTERN_KEY, appAutoupdatePatternChanged);
-    settings.events.removeListener(settings.BOX_AUTOUPDATE_PATTERN_KEY, boxAutoupdatePatternChanged);
-    settings.events.removeListener(settings.DYNAMIC_DNS_KEY, dynamicDnsChanged);
+    settings.removeListener(settings.TIME_ZONE_KEY, recreateJobs);
+    settings.removeListener(settings.APP_AUTOUPDATE_PATTERN_KEY, appAutoupdatePatternChanged);
+    settings.removeListener(settings.BOX_AUTOUPDATE_PATTERN_KEY, boxAutoupdatePatternChanged);
+    settings.removeListener(settings.DYNAMIC_DNS_KEY, dynamicDnsChanged);
 
     for (var job in gJobs) {
         if (!gJobs[job]) continue;

src/docker.js

@@ -1,9 +1,13 @@
 'use strict';
 
 exports = module.exports = {
+    DockerError: DockerError,
+
     connection: connectionInstance(),
     setRegistryConfig: setRegistryConfig,
 
+    ping: ping,
+
     downloadImage: downloadImage,
     createContainer: createContainer,
     startContainer: startContainer,
@@ -18,24 +22,26 @@ exports = module.exports = {
     getContainerIdByIp: getContainerIdByIp,
     inspect: inspect,
     inspectByName: inspect,
+    memoryUsage: memoryUsage,
     execContainer: execContainer,
     createVolume: createVolume,
     removeVolume: removeVolume,
     clearVolume: clearVolume
 };
 
-function connectionInstance() {
+// timeout is optional
+function connectionInstance(timeout) {
     var Docker = require('dockerode');
     var docker;
 
     if (process.env.BOX_ENV === 'test') {
         // test code runs a docker proxy on this port
-        docker = new Docker({ host: 'http://localhost', port: 5687 });
+        docker = new Docker({ host: 'http://localhost', port: 5687, timeout: timeout });
 
         // proxy code uses this to route to the real docker
         docker.options = { socketPath: '/var/run/docker.sock' };
     } else {
-        docker = new Docker({ socketPath: '/var/run/docker.sock' });
+        docker = new Docker({ socketPath: '/var/run/docker.sock', timeout: timeout });
     }
 
     return docker;
@@ -80,6 +86,7 @@ function DockerError(reason, errorOrMessage) {
 }
 util.inherits(DockerError, Error);
 DockerError.INTERNAL_ERROR = 'Internal Error';
+DockerError.NOT_FOUND = 'Not found';
 DockerError.BAD_FIELD = 'Bad field';
 
 function debugApp(app, args) {
@@ -104,12 +111,26 @@ function setRegistryConfig(auth, callback) {
     });
 }
 
+function ping(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    // do not let the request linger
+    var docker = connectionInstance(1000);
+
+    docker.ping(function (error, result) {
+        if (error) return callback(new DockerError(DockerError.INTERNAL_ERROR, error));
+        if (result !== 'OK') return callback(new DockerError(DockerError.INTERNAL_ERROR, 'Unable to ping the docker daemon'));
+
+        callback(null);
+    });
+}
+
 function pullImage(manifest, callback) {
     var docker = exports.connection;
 
     // Use docker CLI here to support downloading of private repos. for dockerode, we have to use
     // https://github.com/apocas/dockerode#pull-from-private-repos
-    shell.exec('pullImage', '/usr/bin/docker', [ 'pull', manifest.dockerImage ], { }, function (error) {
+    shell.spawn('pullImage', '/usr/bin/docker', [ 'pull', manifest.dockerImage ], {}, function (error) {
         if (error) {
             debug(`pullImage: Error pulling image ${manifest.dockerImage} of ${manifest.id}: ${error.message}`);
             return callback(new Error('Failed to pull image'));
@@ -161,8 +182,10 @@ function createSubcontainer(app, name, cmd, options, callback) {
     var manifest = app.manifest;
     var exposedPorts = {}, dockerPortBindings = { };
     var domain = app.fqdn;
+    // TODO: these should all have the CLOUDRON_ prefix
     var stdEnv = [
         'CLOUDRON=1',
+        'CLOUDRON_PROXY_IP=172.18.0.1',
         'WEBADMIN_ORIGIN=' + config.adminOrigin(),
         'API_ORIGIN=' + config.adminOrigin(),
         'APP_ORIGIN=https://' + domain,
@@ -204,9 +227,6 @@ function createSubcontainer(app, name, cmd, options, callback) {
     // if required, we can make this a manifest and runtime argument later
     if (!isAppContainer) memoryLimit *= 2;
 
-    // apparmor is disabled on few servers
-    var enableSecurityOpt = config.CLOUDRON && safe(function () { return child_process.spawnSync('aa-enabled').status === 0; }, false);
-
     addons.getEnvironment(app, function (error, addonEnv) {
         if (error) return callback(new Error('Error getting addon environment : ' + error));
 
@@ -230,7 +250,8 @@ function createSubcontainer(app, name, cmd, options, callback) {
             Labels: {
                 'fqdn': app.fqdn,
                 'appId': app.id,
-                'isSubcontainer': String(!isAppContainer)
+                'isSubcontainer': String(!isAppContainer),
+                'isCloudronManaged': String(true)
             },
             HostConfig: {
                 Mounts: addons.getMountsSync(app, app.manifest.addons),
@@ -256,7 +277,7 @@ function createSubcontainer(app, name, cmd, options, callback) {
                 NetworkMode: 'cloudron',
                 Dns: ['172.18.0.1'], // use internal dns
                 DnsSearch: ['.'], // use internal dns
-                SecurityOpt: enableSecurityOpt ? [ 'apparmor=docker-cloudron-app' ] : null // profile available only on cloudron
+                SecurityOpt: [ 'apparmor=docker-cloudron-app' ]
             }
         };
 
@@ -444,7 +465,23 @@ function inspect(containerId, callback) {
     var container = exports.connection.getContainer(containerId);
 
     container.inspect(function (error, result) {
-        if (error) return callback(error);
+        if (error && error.statusCode === 404) return callback(new DockerError(DockerError.NOT_FOUND));
+        if (error) return callback(new DockerError(DockerError.INTERNAL_ERROR, error));
+
+        callback(null, result);
+    });
+}
+
+function memoryUsage(containerId, callback) {
+    assert.strictEqual(typeof containerId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    var container = exports.connection.getContainer(containerId);
+
+    container.stats({ stream: false }, function (error, result) {
+        if (error && error.statusCode === 404) return callback(new DockerError(DockerError.NOT_FOUND));
+        if (error) return callback(new DockerError(DockerError.INTERNAL_ERROR, error));
+
         callback(null, result);
     });
 }
@@ -521,7 +558,7 @@ function clearVolume(app, name, subdir, callback) {
     assert.strictEqual(typeof subdir, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    shell.sudo('removeVolume', [ RMVOLUME_CMD, app.id, subdir ], callback);
+    shell.sudo('removeVolume', [ RMVOLUME_CMD, app.id, subdir ], {}, callback);
 }
 
 function removeVolume(app, name, subdir, callback) {
@@ -539,6 +576,6 @@ function removeVolume(app, name, subdir, callback) {
             callback(error);
         }
 
-        shell.sudo('removeVolume', [ RMVOLUME_CMD, app.id, subdir ], callback);
+        shell.sudo('removeVolume', [ RMVOLUME_CMD, app.id, subdir ], {}, callback);
     });
 }

src/domaindb.js

@@ -8,8 +8,7 @@ exports = module.exports = {
     getAll: getAll,
     update: update,
     del: del,
-
-    _clear: clear
+    clear: clear
 };
 
 var assert = require('assert'),

src/domains.js

@@ -6,12 +6,10 @@ module.exports = exports = {
     getAll: getAll,
     update: update,
     del: del,
+    clear: clear,
     isLocked: isLocked,
 
-    renewCerts: renewCerts,
-
     fqdn: fqdn,
-    setAdmin: setAdmin,
 
     getDnsRecords: getDnsRecords,
     upsertDnsRecords: upsertDnsRecords,
@@ -35,25 +33,20 @@ module.exports = exports = {
 };
 
 var assert = require('assert'),
-    caas = require('./caas.js'),
     config = require('./config.js'),
     constants = require('./constants.js'),
     DatabaseError = require('./databaseerror.js'),
     debug = require('debug')('box:domains'),
     domaindb = require('./domaindb.js'),
-    path = require('path'),
+    eventlog = require('./eventlog.js'),
     reverseProxy = require('./reverseproxy.js'),
     ReverseProxyError = reverseProxy.ReverseProxyError,
     safe = require('safetydance'),
-    shell = require('./shell.js'),
     sysinfo = require('./sysinfo.js'),
     tld = require('tldjs'),
     util = require('util'),
     _ = require('underscore');
 
-var RESTART_CMD = path.join(__dirname, 'scripts/restart.sh');
-var NOOP_CALLBACK = function (error) { if (error) debug(error); };
-
 function DomainsError(reason, errorOrMessage) {
     assert.strictEqual(typeof reason, 'string');
     assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
@@ -199,15 +192,17 @@ function validateTlsConfig(tlsConfig, dnsProvider) {
     return null;
 }
 
-function add(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsConfig, callback) {
+function add(domain, data, auditSource, callback) {
     assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof zoneName, 'string');
-    assert.strictEqual(typeof provider, 'string');
-    assert.strictEqual(typeof dnsConfig, 'object');
-    assert.strictEqual(typeof fallbackCertificate, 'object');
-    assert.strictEqual(typeof tlsConfig, 'object');
+    assert.strictEqual(typeof data.zoneName, 'string');
+    assert.strictEqual(typeof data.provider, 'string');
+    assert.strictEqual(typeof data.config, 'object');
+    assert.strictEqual(typeof data.fallbackCertificate, 'object');
+    assert.strictEqual(typeof data.tlsConfig, 'object');
     assert.strictEqual(typeof callback, 'function');
 
+    let { zoneName, provider, config, fallbackCertificate, tlsConfig } = data;
+
     if (!tld.isValid(domain)) return callback(new DomainsError(DomainsError.BAD_FIELD, 'Invalid domain'));
     if (domain.endsWith('.')) return callback(new DomainsError(DomainsError.BAD_FIELD, 'Invalid domain'));
 
@@ -219,10 +214,10 @@ function add(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsConf
     }
 
     if (fallbackCertificate) {
-        let error = reverseProxy.validateCertificate('test', { domain: domain, config: dnsConfig }, fallbackCertificate);
+        let error = reverseProxy.validateCertificate('test', { domain, config }, fallbackCertificate);
         if (error) return callback(new DomainsError(DomainsError.BAD_FIELD, error.message));
     } else {
-        fallbackCertificate = reverseProxy.generateFallbackCertificateSync({ domain: domain, config: dnsConfig });
+        fallbackCertificate = reverseProxy.generateFallbackCertificateSync({ domain, config });
         if (fallbackCertificate.error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, fallbackCertificate.error));
     }
 
@@ -232,16 +227,18 @@ function add(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsConf
     sysinfo.getPublicIp(function (error, ip) {
         if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, 'Error getting IP:' + error.message));
 
-        verifyDnsConfig(dnsConfig, domain, zoneName, provider, ip, function (error, result) {
+        verifyDnsConfig(config, domain, zoneName, provider, ip, function (error, sanitizedConfig) {
             if (error) return callback(error);
 
-            domaindb.add(domain, { zoneName: zoneName, provider: provider, config: result, tlsConfig: tlsConfig }, function (error) {
+            domaindb.add(domain, { zoneName: zoneName, provider: provider, config: sanitizedConfig, tlsConfig: tlsConfig }, function (error) {
                 if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new DomainsError(DomainsError.ALREADY_EXISTS));
                 if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
 
                 reverseProxy.setFallbackCertificate(domain, fallbackCertificate, function (error) {
                     if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
 
+                    eventlog.add(eventlog.ACTION_DOMAIN_ADD, auditSource, { domain, zoneName, provider });
+
                     callback();
                 });
             });
@@ -291,15 +288,18 @@ function getAll(callback) {
     });
 }
 
-function update(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsConfig, callback) {
+function update(domain, data, auditSource, callback) {
     assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof zoneName, 'string');
-    assert.strictEqual(typeof provider, 'string');
-    assert.strictEqual(typeof dnsConfig, 'object');
-    assert.strictEqual(typeof fallbackCertificate, 'object');
-    assert.strictEqual(typeof tlsConfig, 'object');
+    assert.strictEqual(typeof data.zoneName, 'string');
+    assert.strictEqual(typeof data.provider, 'string');
+    assert.strictEqual(typeof data.config, 'object');
+    assert.strictEqual(typeof data.fallbackCertificate, 'object');
+    assert.strictEqual(typeof data.tlsConfig, 'object');
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
+    let { zoneName, provider, config, fallbackCertificate, tlsConfig } = data;
+
     domaindb.get(domain, function (error, domainObject) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new DomainsError(DomainsError.NOT_FOUND));
         if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
@@ -321,10 +321,10 @@ function update(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsC
         sysinfo.getPublicIp(function (error, ip) {
             if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, 'Error getting IP:' + error.message));
 
-            verifyDnsConfig(dnsConfig, domain, zoneName, provider, ip, function (error, result) {
+            verifyDnsConfig(config, domain, zoneName, provider, ip, function (error, sanitizedConfig) {
                 if (error) return callback(error);
 
-                domaindb.update(domain, { zoneName: zoneName, provider: provider, config: result, tlsConfig: tlsConfig }, function (error) {
+                domaindb.update(domain, { zoneName: zoneName, provider: provider, config: sanitizedConfig, tlsConfig: tlsConfig }, function (error) {
                     if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new DomainsError(DomainsError.NOT_FOUND));
                     if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
 
@@ -333,6 +333,8 @@ function update(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsC
                     reverseProxy.setFallbackCertificate(domain, fallbackCertificate, function (error) {
                         if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
 
+                        eventlog.add(eventlog.ACTION_DOMAIN_UPDATE, auditSource, { domain, zoneName, provider });
+
                         callback();
                     });
                 });
@@ -341,8 +343,9 @@ function update(domain, zoneName, provider, dnsConfig, fallbackCertificate, tlsC
     });
 }
 
-function del(domain, callback) {
+function del(domain, auditSource, callback) {
     assert.strictEqual(typeof domain, 'string');
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
     if (domain === config.adminDomain()) return callback(new DomainsError(DomainsError.IN_USE));
@@ -352,6 +355,18 @@ function del(domain, callback) {
         if (error && error.reason === DatabaseError.IN_USE) return callback(new DomainsError(DomainsError.IN_USE));
         if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
 
+        eventlog.add(eventlog.ACTION_DOMAIN_REMOVE, auditSource, { domain });
+
+        return callback(null);
+    });
+}
+
+function clear(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    domaindb.clear(function (error) {
+        if (error) return callback(new DomainsError(DomainsError.INTERNAL_ERROR, error));
+
         return callback(null);
     });
 }
@@ -455,31 +470,6 @@ function waitForDnsRecord(subdomain, domain, type, value, options, callback) {
     });
 }
 
-function setAdmin(domain, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('setAdmin domain:%s', domain);
-
-    get(domain, function (error, result) {
-        if (error) return callback(error);
-
-        var setPtrRecord = config.provider() === 'caas' ? caas.setPtrRecord : function (d, next) { next(); };
-
-        setPtrRecord(domain, function (error) {
-            if (error) return callback(new DomainsError(DomainsError.EXTERNAL_ERROR, 'Error setting PTR record:' + error.message));
-
-            config.setAdminDomain(result.domain);
-            config.setAdminLocation('my');
-            config.setAdminFqdn('my' + (result.config.hyphenatedSubdomains ? '-' : '.') + result.domain);
-
-            callback();
-
-            shell.sudo('restart', [ RESTART_CMD ], NOOP_CALLBACK);
-        });
-    });
-}
-
 // removes all fields that are strictly private and should never be returned by API calls
 function removePrivateFields(domain) {
     var result = _.pick(domain, 'domain', 'zoneName', 'provider', 'config', 'tlsConfig', 'fallbackCertificate', 'locked');
@@ -504,16 +494,3 @@ function makeWildcard(hostname) {
     parts[0] = '*';
     return parts.join('.');
 }
-
-function renewCerts(domain, auditSource, callback) {
-    assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof auditSource, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    // trigger renewal in the background
-    reverseProxy.renewCerts({ domain: domain }, auditSource, function (error) {
-        debug('renewCerts', error);
-    });
-
-    callback();
-}

src/eventlog.js

@@ -18,12 +18,30 @@ exports = module.exports = {
     ACTION_APP_UNINSTALL: 'app.uninstall',
     ACTION_APP_UPDATE: 'app.update',
     ACTION_APP_LOGIN: 'app.login',
+
     ACTION_BACKUP_FINISH: 'backup.finish',
     ACTION_BACKUP_START: 'backup.start',
     ACTION_BACKUP_CLEANUP: 'backup.cleanup',
+
+    ACTION_CERTIFICATE_NEW: 'certificate.new',
     ACTION_CERTIFICATE_RENEWAL: 'certificate.renew',
+
+    ACTION_DOMAIN_ADD: 'domain.add',
+    ACTION_DOMAIN_UPDATE: 'domain.update',
+    ACTION_DOMAIN_REMOVE: 'domain.remove',
+
+    ACTION_MAIL_ENABLED: 'mail.enabled',
+    ACTION_MAIL_DISABLED: 'mail.disabled',
+    ACTION_MAIL_MAILBOX_ADD: 'mail.box.add',
+    ACTION_MAIL_MAILBOX_REMOVE: 'mail.box.remove',
+    ACTION_MAIL_LIST_ADD: 'mail.list.add',
+    ACTION_MAIL_LIST_REMOVE: 'mail.list.remove',
+
+    ACTION_PROVISION: 'cloudron.provision',
+    ACTION_RESTORE: 'cloudron.restore', // unused
     ACTION_START: 'cloudron.start',
     ACTION_UPDATE: 'cloudron.update',
+
     ACTION_USER_ADD: 'user.add',
     ACTION_USER_LOGIN: 'user.login',
     ACTION_USER_REMOVE: 'user.remove',

src/graphs.js

@@ -31,11 +31,10 @@ function startGraphite(existingInfra, callback) {
                 --dns-search=. \
                 -p 127.0.0.1:2003:2003 \
                 -p 127.0.0.1:2004:2004 \
-                -p 127.0.0.1:8000:8000 \
+                -p 127.0.0.1:8417:8000 \
                 -v "${dataDir}/graphite:/var/lib/graphite" \
+                --label isCloudronManaged=true \
                 --read-only -v /tmp -v /run "${tag}"`;
 
-    shell.execSync('startGraphite', cmd);
-
-    callback();
+    shell.exec('startGraphite', cmd, callback);
 }

src/groupdb.js

@@ -34,7 +34,7 @@ function get(groupId, callback) {
     assert.strictEqual(typeof groupId, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('SELECT ' + GROUPS_FIELDS + ' FROM groups WHERE id = ? ORDER BY name', [ groupId ], function (error, result) {
+    database.query('SELECT ' + GROUPS_FIELDS + ' FROM userGroups WHERE id = ? ORDER BY name', [ groupId ], function (error, result) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
@@ -47,9 +47,9 @@ function getWithMembers(groupId, callback) {
     assert.strictEqual(typeof callback, 'function');
 
     database.query('SELECT ' + GROUPS_FIELDS + ',GROUP_CONCAT(groupMembers.userId) AS userIds ' +
-                    ' FROM groups LEFT OUTER JOIN groupMembers ON groups.id = groupMembers.groupId ' +
-                    ' WHERE groups.id = ? ' +
-                    ' GROUP BY groups.id', [ groupId ], function (error, results) {
+                    ' FROM userGroups LEFT OUTER JOIN groupMembers ON userGroups.id = groupMembers.groupId ' +
+                    ' WHERE userGroups.id = ? ' +
+                    ' GROUP BY userGroups.id', [ groupId ], function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         if (results.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
@@ -63,7 +63,7 @@ function getWithMembers(groupId, callback) {
 function getAll(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('SELECT ' + GROUPS_FIELDS + ' FROM groups', function (error, results) {
+    database.query('SELECT ' + GROUPS_FIELDS + ' FROM userGroups', function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
         callback(null, results);
@@ -72,8 +72,8 @@ function getAll(callback) {
 
 function getAllWithMembers(callback) {
     database.query('SELECT ' + GROUPS_FIELDS + ',GROUP_CONCAT(groupMembers.userId) AS userIds ' +
-                    ' FROM groups LEFT OUTER JOIN groupMembers ON groups.id = groupMembers.groupId ' +
-                    ' GROUP BY groups.id', function (error, results) {
+                    ' FROM userGroups LEFT OUTER JOIN groupMembers ON userGroups.id = groupMembers.groupId ' +
+                    ' GROUP BY userGroups.id', function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         if (results.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
@@ -88,7 +88,7 @@ function add(id, name, callback) {
     assert.strictEqual(typeof name, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('INSERT INTO groups (id, name) VALUES (?, ?)', [ id, name ], function (error, result) {
+    database.query('INSERT INTO userGroups (id, name) VALUES (?, ?)', [ id, name ], function (error, result) {
         if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
         if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
@@ -112,8 +112,8 @@ function update(id, data, callback) {
     }
     args.push(id);
 
-    database.query('UPDATE groups SET ' + fields.join(', ') + ' WHERE id = ?', args, function (error, result) {
-        if (error && error.code === 'ER_DUP_ENTRY' && error.sqlMessage.indexOf('groups_name') !== -1) return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, 'name already exists'));
+    database.query('UPDATE userGroups SET ' + fields.join(', ') + ' WHERE id = ?', args, function (error, result) {
+        if (error && error.code === 'ER_DUP_ENTRY' && error.sqlMessage.indexOf('userGroups_name') !== -1) return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, 'name already exists'));
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         if (result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
@@ -128,7 +128,7 @@ function del(id, callback) {
     // also cleanup the groupMembers table
     var queries = [];
     queries.push({ query: 'DELETE FROM groupMembers WHERE groupId = ?', args: [ id ] });
-    queries.push({ query: 'DELETE FROM groups WHERE id = ?', args: [ id ] });
+    queries.push({ query: 'DELETE FROM userGroups WHERE id = ?', args: [ id ] });
 
     database.transaction(queries, function (error, result) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
@@ -141,7 +141,7 @@ function del(id, callback) {
 function count(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('SELECT COUNT(*) AS total FROM groups', function (error, result) {
+    database.query('SELECT COUNT(*) AS total FROM userGroups', function (error, result) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
         return callback(null, result[0].total);
@@ -152,7 +152,7 @@ function clear(callback) {
     database.query('DELETE FROM groupMembers', function (error) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
-        database.query('DELETE FROM groups', function (error) {
+        database.query('DELETE FROM userGroups', function (error) {
             if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
             callback(error);
@@ -266,7 +266,7 @@ function getGroups(userId, callback) {
     assert.strictEqual(typeof callback, 'function');
 
     database.query('SELECT ' + GROUPS_FIELDS + ' ' +
-        ' FROM groups INNER JOIN groupMembers ON groups.id = groupMembers.groupId AND groupMembers.userId = ?', [ userId ], function (error, results) {
+        ' FROM userGroups INNER JOIN groupMembers ON userGroups.id = groupMembers.groupId AND groupMembers.userId = ?', [ userId ], function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
         callback(null, results);

src/infra_version.js

@@ -6,7 +6,7 @@
 
 exports = module.exports = {
     // a version change recreates all containers with latest docker config
-    'version': '48.12.0',
+    'version': '48.12.1',
 
     'baseImages': [
         { repo: 'cloudron/base', tag: 'cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617' }
@@ -17,9 +17,9 @@ exports = module.exports = {
     'images': {
         'mysql': { repo: 'cloudron/mysql', tag: 'cloudron/mysql:2.0.1@sha256:5a13360da4a2085c7d474bea6b1090c5eb24732d4f73459942af7612d4993d7f' },
         'postgresql': { repo: 'cloudron/postgresql', tag: 'cloudron/postgresql:2.0.2@sha256:6dcee0731dfb9b013ed94d56205eee219040ee806c7e251db3b3886eaa4947ff' },
-        'mongodb': { repo: 'cloudron/mongodb', tag: 'cloudron/mongodb:2.0.1@sha256:0f320ba40080943840fadb3e66b98066fc4f3dc98b96638e3067a8a5ab84bcee' },
+        'mongodb': { repo: 'cloudron/mongodb', tag: 'cloudron/mongodb:2.0.2@sha256:95e006390ddce7db637e1672eb6f3c257d3c2652747424f529b1dee3cbe6728c' },
         'redis': { repo: 'cloudron/redis', tag: 'cloudron/redis:2.0.0@sha256:8a88dd334b62b578530a014ca1a2425a54cb9df1e475f5d3a36806e5cfa22121' },
-        'mail': { repo: 'cloudron/mail', tag: 'cloudron/mail:2.0.0@sha256:3c0fbb2a042ac471940ac3e9f6ffa900c8a294941fb7de509b2e3309b09fbffd' },
-        'graphite': { repo: 'cloudron/graphite', tag: 'cloudron/graphite:2.0.0@sha256:454f035d60b768153d4f31210380271b5ba1c09367c9d95c7fa37f9e39d2f59c' }
+        'mail': { repo: 'cloudron/mail', tag: 'cloudron/mail:2.0.1@sha256:deee3739011670d45abd8997a8a0b8d3c4cd577a93f235417614dea58338e0f9' },
+        'graphite': { repo: 'cloudron/graphite', tag: 'cloudron/graphite:2.0.2@sha256:454f035d60b768153d4f31210380271b5ba1c09367c9d95c7fa37f9e39d2f59c' }
     }
 };

src/ldap.js

@@ -271,7 +271,6 @@ function mailboxSearch(req, res, next) {
                     cn: `${mailbox.name}@${mailbox.domain}`,
                     uid: `${mailbox.name}@${mailbox.domain}`,
                     mail: `${mailbox.name}@${mailbox.domain}`,
-                    ownerType: mailbox.ownerType,
                     displayname: 'Max Mustermann',
                     givenName: 'Max',
                     username: 'mmustermann',
@@ -297,9 +296,6 @@ function mailboxSearch(req, res, next) {
 
             var results = [];
 
-            // only send user mailboxes
-            result = result.filter(function (m) { return m.ownerType === mailboxdb.OWNER_TYPE_USER; });
-
             // send mailbox objects
             result.forEach(function (mailbox) {
                 var dn = ldap.parseDN(`cn=${mailbox.name}@${domain},domain=${domain},ou=mailboxes,dc=cloudron`);
@@ -311,8 +307,7 @@ function mailboxSearch(req, res, next) {
                         objectcategory: 'mailbox',
                         cn: `${mailbox.name}@${domain}`,
                         uid: `${mailbox.name}@${domain}`,
-                        mail: `${mailbox.name}@${domain}`,
-                        ownerType: mailbox.ownerType
+                        mail: `${mailbox.name}@${domain}`
                     }
                 };
 
@@ -464,30 +459,30 @@ function authenticateMailbox(req, res, next) {
     var parts = email.split('@');
     if (parts.length !== 2) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
-    mailboxdb.getMailbox(parts[0], parts[1], function (error, mailbox) {
-        if (error && error.reason === DatabaseError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
+    const addonId = req.dn.rdns[1].attrs.ou.value.toLowerCase(); // 'sendmail' or 'recvmail'
+
+    mail.getDomain(parts[1], function (error, domain) {
+        if (error && error.reason === MailError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
         if (error) return next(new ldap.OperationsError(error.message));
 
-        mail.getDomain(parts[1], function (error, domain) {
-            if (error && error.reason === MailError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
-            if (error) return next(new ldap.OperationsError(error.message));
+        if (addonId === 'recvmail' && !domain.enabled) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
-            if (mailbox.ownerType === mailboxdb.OWNER_TYPE_APP) {
-                var addonId = req.dn.rdns[1].attrs.ou.value.toLowerCase(); // 'sendmail' or 'recvmail'
-                var name;
-                if (addonId === 'sendmail') name = 'MAIL_SMTP_PASSWORD';
-                else if (addonId === 'recvmail') name = 'MAIL_IMAP_PASSWORD';
-                else return next(new ldap.OperationsError('Invalid DN'));
+        let name;
+        if (addonId === 'sendmail') name = 'MAIL_SMTP_PASSWORD';
+        else if (addonId === 'recvmail') name = 'MAIL_IMAP_PASSWORD';
+        else return next(new ldap.OperationsError('Invalid DN'));
 
-                appdb.getAddonConfigByName(mailbox.ownerId, addonId, name, function (error, value) {
-                    if (error) return next(new ldap.OperationsError(error.message));
-                    if (req.credentials !== value) return next(new ldap.InvalidCredentialsError(req.dn.toString()));
+        // note: with sendmail addon, apps can send mail without a mailbox (unlike users)
+        appdb.getAppIdByAddonConfigValue(addonId, name, req.credentials || '', function (error, appId) {
+            if (error && error.reason !== DatabaseError.NOT_FOUND) return next(new ldap.OperationsError(error.message));
+            if (appId) { // matched app password
+                eventlog.add(eventlog.ACTION_APP_LOGIN, { authType: 'ldap', mailboxId: email }, { appId: appId, addonId: addonId });
+                return res.end();
+            }
 
-                    eventlog.add(eventlog.ACTION_APP_LOGIN, { authType: 'ldap', mailboxId: name }, { appId: mailbox.ownerId, addonId: addonId });
-                    return res.end();
-                });
-            } else if (mailbox.ownerType === mailboxdb.OWNER_TYPE_USER) {
-                if (!domain.enabled) return next(new ldap.NoSuchObjectError(req.dn.toString()));
+            mailboxdb.getMailbox(parts[0], parts[1], function (error, mailbox) {
+                if (error && error.reason === DatabaseError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
+                if (error) return next(new ldap.OperationsError(error.message));
 
                 users.verify(mailbox.ownerId, req.credentials || '', function (error, result) {
                     if (error && error.reason === UsersError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
@@ -497,9 +492,7 @@ function authenticateMailbox(req, res, next) {
                     eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', mailboxId: email }, { userId: result.id, user: users.removePrivateFields(result) });
                     res.end();
                 });
-            } else {
-                return next(new ldap.OperationsError('Unknown ownerType for mailbox'));
-            }
+            });
         });
     });
 }
@@ -527,9 +520,8 @@ function start(callback) {
     gServer.search('ou=mailaliases,dc=cloudron', mailAliasSearch);
     gServer.search('ou=mailinglists,dc=cloudron', mailingListSearch);
 
-    gServer.bind('ou=mailboxes,dc=cloudron', authenticateMailbox);
-    gServer.bind('ou=recvmail,dc=cloudron', authenticateMailbox);
-    gServer.bind('ou=sendmail,dc=cloudron', authenticateMailbox);
+    gServer.bind('ou=recvmail,dc=cloudron', authenticateMailbox); // dovecot
+    gServer.bind('ou=sendmail,dc=cloudron', authenticateMailbox); // haraka
 
     gServer.compare('cn=users,ou=groups,dc=cloudron', authenticateApp, groupUsersCompare);
     gServer.compare('cn=admins,ou=groups,dc=cloudron', authenticateApp, groupAdminsCompare);

src/locker.js

@@ -18,7 +18,6 @@ Locker.prototype.OP_BOX_UPDATE = 'box_update';
 Locker.prototype.OP_PLATFORM_START = 'platform_start';
 Locker.prototype.OP_FULL_BACKUP = 'full_backup';
 Locker.prototype.OP_APPTASK = 'apptask';
-Locker.prototype.OP_MIGRATE = 'migrate';
 
 Locker.prototype.lock = function (operation) {
     assert.strictEqual(typeof operation, 'string');

src/logcollector.js

@@ -22,6 +22,8 @@ function collectLogs(unitName, callback) {
     assert.strictEqual(typeof callback, 'function');
 
     var logs = safe.child_process.execSync('sudo ' + COLLECT_LOGS_CMD + ' ' + unitName, { encoding: 'utf8' });
+    if (!logs) return callback(safe.error);
+
     logs = logs + '\n\n=====================================\n\n';
 
     callback(null, logs);

src/mail.js

@@ -8,6 +8,7 @@ exports = module.exports = {
     getDomain: getDomain,
     addDomain: addDomain,
     removeDomain: removeDomain,
+    clearDomains: clearDomains,
 
     setDnsRecords: setDnsRecords,
 
@@ -22,11 +23,11 @@ exports = module.exports = {
 
     sendTestMail: sendTestMail,
 
-    getMailboxes: getMailboxes,
+    listMailboxes: listMailboxes,
     removeMailboxes: removeMailboxes,
     getMailbox: getMailbox,
     addMailbox: addMailbox,
-    updateMailbox: updateMailbox,
+    updateMailboxOwner: updateMailboxOwner,
     removeMailbox: removeMailbox,
 
     listAliases: listAliases,
@@ -51,13 +52,14 @@ var assert = require('assert'),
     debug = require('debug')('box:mail'),
     dns = require('./native-dns.js'),
     domains = require('./domains.js'),
+    eventlog = require('./eventlog.js'),
+    hat = require('./hat.js'),
     infra = require('./infra_version.js'),
     mailboxdb = require('./mailboxdb.js'),
     maildb = require('./maildb.js'),
     mailer = require('./mailer.js'),
     net = require('net'),
     nodemailer = require('nodemailer'),
-    os = require('os'),
     path = require('path'),
     paths = require('./paths.js'),
     reverseProxy = require('./reverseproxy.js'),
@@ -108,9 +110,6 @@ function validateName(name) {
     // also need to consider valid LDAP characters here (e.g '+' is reserved)
     if (/[^a-zA-Z0-9.-]/.test(name)) return new MailError(MailError.BAD_FIELD, 'mailbox name can only contain alphanumerals and dot');
 
-    // app emails are sent using the .app suffix
-    if (name.indexOf('.app') !== -1) return new MailError(MailError.BAD_FIELD, 'mailbox name pattern is reserved for apps');
-
     return null;
 }
 
@@ -553,7 +552,8 @@ function restartMail(callback) {
     if (process.env.BOX_ENV === 'test' && !process.env.TEST_CREATE_INFRA) return callback();
 
     const tag = infra.images.mail.tag;
-    const memoryLimit = Math.max((1 + Math.round(os.totalmem()/(1024*1024*1024)/4)) * 128, 256);
+    const memoryLimit = 4 * 256;
+    const cloudronToken = hat(8 * 128);
 
     // admin and mail share the same certificate
     reverseProxy.getCertificate({ fqdn: config.adminFqdn(), domain: config.adminDomain() }, function (error, bundle) {
@@ -566,33 +566,35 @@ function restartMail(callback) {
         if (!safe.child_process.execSync(`cp ${bundle.certFilePath} ${mailCertFilePath}`)) return callback(new Error('Could not create cert file:' + safe.error.message));
         if (!safe.child_process.execSync(`cp ${bundle.keyFilePath} ${mailKeyFilePath}`)) return callback(new Error('Could not create key file:' + safe.error.message));
 
-        shell.execSync('startMail', 'docker rm -f mail || true');
-
-        createMailConfig(function (error, allowInbound) {
+        shell.exec('startMail', 'docker rm -f mail || true', function (error) {
             if (error) return callback(error);
 
-            var ports = allowInbound ? '-p 587:2525 -p 993:9993 -p 4190:4190 -p 25:2525' : '';
+            createMailConfig(function (error, allowInbound) {
+                if (error) return callback(error);
 
-            const cmd = `docker run --restart=always -d --name="mail" \
-                        --net cloudron \
-                        --net-alias mail \
-                        --log-driver syslog \
-                        --log-opt syslog-address=udp://127.0.0.1:2514 \
-                        --log-opt syslog-format=rfc5424 \
-                        --log-opt tag=mail \
-                        -m ${memoryLimit}m \
-                        --memory-swap ${memoryLimit * 2}m \
-                        --dns 172.18.0.1 \
-                        --dns-search=. \
-                        -v "${paths.MAIL_DATA_DIR}:/app/data" \
-                        -v "${paths.PLATFORM_DATA_DIR}/addons/mail:/etc/mail" \
-                        ${ports} \
-                        -p 127.0.0.1:2020:2020 \
-                        --read-only -v /run -v /tmp ${tag}`;
+                var ports = allowInbound ? '-p 587:2525 -p 993:9993 -p 4190:4190 -p 25:2525' : '';
 
-            shell.execSync('startMail', cmd);
+                const cmd = `docker run --restart=always -d --name="mail" \
+                            --net cloudron \
+                            --net-alias mail \
+                            --log-driver syslog \
+                            --log-opt syslog-address=udp://127.0.0.1:2514 \
+                            --log-opt syslog-format=rfc5424 \
+                            --log-opt tag=mail \
+                            -m ${memoryLimit}m \
+                            --memory-swap ${memoryLimit * 2}m \
+                            --dns 172.18.0.1 \
+                            --dns-search=. \
+                            -e CLOUDRON_MAIL_TOKEN="${cloudronToken}" \
+                            -v "${paths.MAIL_DATA_DIR}:/app/data" \
+                            -v "${paths.PLATFORM_DATA_DIR}/addons/mail:/etc/mail" \
+                            ${ports} \
+                            -p 127.0.0.1:2020:2020 \
+                            --label isCloudronManaged=true \
+                            --read-only -v /run -v /tmp ${tag}`;
 
-            callback();
+                shell.exec('startMail', cmd, callback);
+            });
         });
     });
 }
@@ -600,9 +602,9 @@ function restartMail(callback) {
 function restartMailIfActivated(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    users.count(function (error, count) {
+    users.isActivated(function (error, activated) {
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
-        if (!count) {
+        if (!activated) {
             debug('restartMailIfActivated: skipping restart of mail container since Cloudron is not activated yet');
             return callback(); // not provisioned yet, do not restart container after dns setup
         }
@@ -626,7 +628,7 @@ function getDomain(domain, callback) {
 function getDomains(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    maildb.getAll(function (error, results) {
+    maildb.list(function (error, results) {
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
 
         return callback(null, results);
@@ -803,6 +805,16 @@ function removeDomain(domain, callback) {
     });
 }
 
+function clearDomains(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    maildb.clear(function (error) {
+        if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
+
+        callback();
+    });
+}
+
 function setMailFromValidation(domain, enabled, callback) {
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof enabled, 'boolean');
@@ -852,9 +864,10 @@ function setMailRelay(domain, relay, callback) {
     });
 }
 
-function setMailEnabled(domain, enabled, callback) {
+function setMailEnabled(domain, enabled, auditSource, callback) {
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof enabled, 'boolean');
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
     maildb.update(domain, { enabled: enabled }, function (error) {
@@ -863,6 +876,8 @@ function setMailEnabled(domain, enabled, callback) {
 
         restartMail(NOOP_CALLBACK);
 
+        eventlog.add(enabled ? eventlog.ACTION_MAIL_ENABLED : eventlog.ACTION_MAIL_DISABLED, auditSource, { domain });
+
         callback(null);
     });
 }
@@ -881,7 +896,7 @@ function sendTestMail(domain, to, callback) {
     });
 }
 
-function getMailboxes(domain, callback) {
+function listMailboxes(domain, callback) {
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof callback, 'function');
 
@@ -916,10 +931,11 @@ function getMailbox(name, domain, callback) {
     });
 }
 
-function addMailbox(name, domain, userId, callback) {
+function addMailbox(name, domain, userId, auditSource, callback) {
     assert.strictEqual(typeof name, 'string');
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
     name = name.toLowerCase();
@@ -927,15 +943,17 @@ function addMailbox(name, domain, userId, callback) {
     var error = validateName(name);
     if (error) return callback(error);
 
-    mailboxdb.addMailbox(name, domain, userId, mailboxdb.OWNER_TYPE_USER, function (error) {
+    mailboxdb.addMailbox(name, domain, userId, function (error) {
         if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new MailError(MailError.ALREADY_EXISTS, `mailbox ${name} already exists`));
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
 
+        eventlog.add(eventlog.ACTION_MAIL_MAILBOX_ADD, auditSource, { name, domain, userId });
+
         callback(null);
     });
 }
 
-function updateMailbox(name, domain, userId, callback) {
+function updateMailboxOwner(name, domain, userId, callback) {
     assert.strictEqual(typeof name, 'string');
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof userId, 'string');
@@ -943,10 +961,7 @@ function updateMailbox(name, domain, userId, callback) {
 
     name = name.toLowerCase();
 
-    var error = validateName(name);
-    if (error) return callback(error);
-
-    mailboxdb.updateMailbox(name, domain, userId, mailboxdb.OWNER_TYPE_USER, function (error) {
+    mailboxdb.updateMailboxOwner(name, domain, userId, function (error) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new MailError(MailError.NOT_FOUND, 'no such mailbox'));
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
 
@@ -954,15 +969,18 @@ function updateMailbox(name, domain, userId, callback) {
     });
 }
 
-function removeMailbox(name, domain, callback) {
+function removeMailbox(name, domain, auditSource, callback) {
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof name, 'string');
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
     mailboxdb.del(name, domain, function (error) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new MailError(MailError.NOT_FOUND, 'no such mailbox'));
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
 
+        eventlog.add(eventlog.ACTION_MAIL_MAILBOX_REMOVE, auditSource, { name, domain });
+
         callback(null);
     });
 }
@@ -1047,10 +1065,11 @@ function getList(domain, listName, callback) {
     });
 }
 
-function addList(name, domain, members, callback) {
+function addList(name, domain, members, auditSource, callback) {
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof name, 'string');
     assert(Array.isArray(members));
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
     name = name.toLowerCase();
@@ -1069,6 +1088,8 @@ function addList(name, domain, members, callback) {
         if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new MailError(MailError.ALREADY_EXISTS, 'list already exits'));
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
 
+        eventlog.add(eventlog.ACTION_MAIL_LIST_ADD, auditSource, { name, domain });
+
         callback();
     });
 }
@@ -1099,15 +1120,18 @@ function updateList(name, domain, members, callback) {
     });
 }
 
-function removeList(domain, listName, callback) {
+function removeList(name, domain, auditSource, callback) {
+    assert.strictEqual(typeof name, 'string');
     assert.strictEqual(typeof domain, 'string');
-    assert.strictEqual(typeof listName, 'string');
+    assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    mailboxdb.del(listName, domain, function (error) {
+    mailboxdb.del(name, domain, function (error) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new MailError(MailError.NOT_FOUND, 'no such list'));
         if (error) return callback(new MailError(MailError.INTERNAL_ERROR, error));
 
+        eventlog.add(eventlog.ACTION_MAIL_LIST_ADD, auditSource, { name, domain });
+
         callback();
     });
 }

src/mailboxdb.js

@@ -4,7 +4,7 @@ exports = module.exports = {
     addMailbox: addMailbox,
     addGroup: addGroup,
 
-    updateMailbox: updateMailbox,
+    updateMailboxOwner: updateMailboxOwner,
     updateList: updateList,
     del: del,
 
@@ -29,11 +29,7 @@ exports = module.exports = {
 
     TYPE_MAILBOX: 'mailbox',
     TYPE_LIST: 'list',
-    TYPE_ALIAS: 'alias',
-
-    OWNER_TYPE_USER: 'user',
-    OWNER_TYPE_APP: 'app',
-    OWNER_TYPE_GROUP: 'group' // obsolete
+    TYPE_ALIAS: 'alias'
 };
 
 var assert = require('assert'),
@@ -42,7 +38,7 @@ var assert = require('assert'),
     safe = require('safetydance'),
     util = require('util');
 
-var MAILBOX_FIELDS = [ 'name', 'type', 'ownerId', 'ownerType', 'aliasTarget', 'creationTime', 'membersJson', 'domain' ].join(',');
+var MAILBOX_FIELDS = [ 'name', 'type', 'ownerId', 'aliasTarget', 'creationTime', 'membersJson', 'domain' ].join(',');
 
 function postProcess(data) {
     data.members = safe.JSON.parse(data.membersJson) || [ ];
@@ -51,14 +47,13 @@ function postProcess(data) {
     return data;
 }
 
-function addMailbox(name, domain, ownerId, ownerType, callback) {
+function addMailbox(name, domain, ownerId, callback) {
     assert.strictEqual(typeof name, 'string');
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof ownerId, 'string');
-    assert.strictEqual(typeof ownerType, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('INSERT INTO mailboxes (name, type, domain, ownerId, ownerType) VALUES (?, ?, ?, ?, ?)', [ name, exports.TYPE_MAILBOX, domain, ownerId, ownerType ], function (error) {
+    database.query('INSERT INTO mailboxes (name, type, domain, ownerId) VALUES (?, ?, ?, ?)', [ name, exports.TYPE_MAILBOX, domain, ownerId ], function (error) {
         if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, 'mailbox already exists'));
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
@@ -66,14 +61,13 @@ function addMailbox(name, domain, ownerId, ownerType, callback) {
     });
 }
 
-function updateMailbox(name, domain, ownerId, ownerType, callback) {
+function updateMailboxOwner(name, domain, ownerId, callback) {
     assert.strictEqual(typeof name, 'string');
     assert.strictEqual(typeof domain, 'string');
     assert.strictEqual(typeof ownerId, 'string');
-    assert.strictEqual(typeof ownerType, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('UPDATE mailboxes SET ownerId = ? WHERE name = ? AND domain = ? AND ownerType = ?', [ ownerId, name, domain, ownerType ], function (error, result) {
+    database.query('UPDATE mailboxes SET ownerId = ? WHERE name = ? AND domain = ?', [ ownerId, name, domain ], function (error, result) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         if (result.affectedRows === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
@@ -87,8 +81,8 @@ function addGroup(name, domain, members, callback) {
     assert(Array.isArray(members));
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('INSERT INTO mailboxes (name, type, domain, ownerId, ownerType, membersJson) VALUES (?, ?, ?, ?, ?, ?)',
-        [ name, exports.TYPE_LIST, domain, 'admin', exports.OWNER_TYPE_GROUP, JSON.stringify(members) ], function (error) {
+    database.query('INSERT INTO mailboxes (name, type, domain, ownerId, membersJson) VALUES (?, ?, ?, ?, ?)',
+        [ name, exports.TYPE_LIST, domain, 'admin', JSON.stringify(members) ], function (error) {
             if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, 'mailbox already exists'));
             if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
@@ -259,8 +253,8 @@ function setAliasesForName(name, domain, aliases, callback) {
         // clear existing aliases
         queries.push({ query: 'DELETE FROM mailboxes WHERE aliasTarget = ? AND domain = ? AND type = ?', args: [ name, domain, exports.TYPE_ALIAS ] });
         aliases.forEach(function (alias) {
-            queries.push({ query: 'INSERT INTO mailboxes (name, type, domain, aliasTarget, ownerId, ownerType) VALUES (?, ?, ?, ?, ?, ?)',
-                args: [ alias, exports.TYPE_ALIAS, domain, name, results[0].ownerId, results[0].ownerType ] });
+            queries.push({ query: 'INSERT INTO mailboxes (name, type, domain, aliasTarget, ownerId) VALUES (?, ?, ?, ?, ?)',
+                args: [ alias, exports.TYPE_ALIAS, domain, name, results[0].ownerId ] });
         });
 
         database.transaction(queries, function (error) {

src/maildb.js

@@ -4,10 +4,10 @@ exports = module.exports = {
     add: add,
     del: del,
     get: get,
-    getAll: getAll,
+    list: list,
     update: update,
 
-    _clear: clear,
+    clear: clear,
 
     TYPE_USER: 'user',
     TYPE_APP: 'app',
@@ -49,7 +49,8 @@ function add(domain, callback) {
 function clear(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('TRUNCATE TABLE mail', [], function (error) {
+    // using TRUNCATE makes it fail foreign key check
+    database.query('DELETE FROM mail', [], function (error) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         callback(null);
     });
@@ -81,7 +82,7 @@ function get(domain, callback) {
     });
 }
 
-function getAll(callback) {
+function list(callback) {
     assert.strictEqual(typeof callback, 'function');
 
     database.query('SELECT ' + MAILDB_FIELDS + ' FROM mail ORDER BY domain', function (error, results) {

src/paths.js

@@ -7,7 +7,6 @@ var config = require('./config.js'),
 exports = module.exports = {
     CLOUDRON_DEFAULT_AVATAR_FILE: path.join(__dirname + '/../assets/avatar.png'),
     INFRA_VERSION_FILE: path.join(config.baseDir(), 'platformdata/INFRA_VERSION'),
-    BACKUP_RESULT_FILE: path.join(config.baseDir(), 'platformdata/backup/result.txt'),
 
     OLD_DATA_DIR: path.join(config.baseDir(), 'data'),
     PLATFORM_DATA_DIR: path.join(config.baseDir(), 'platformdata'),
@@ -34,6 +33,9 @@ exports = module.exports = {
     UPDATE_CHECKER_FILE: path.join(config.baseDir(), 'boxdata/updatechecker.json'),
 
     LOG_DIR: path.join(config.baseDir(), 'platformdata/logs'),
+    TASKS_LOG_DIR: path.join(config.baseDir(), 'platformdata/logs/tasks'),
+
     // this pattern is for the cloudron logs API route to work
     BACKUP_LOG_FILE: path.join(config.baseDir(), 'platformdata/logs/backup/app.log'),
+    UPDATER_LOG_FILE: path.join(config.baseDir(), 'platformdata/logs/updater/app.log')
 };

src/platform.js

@@ -16,7 +16,6 @@ var addons = require('./addons.js'),
     async = require('async'),
     config = require('./config.js'),
     debug = require('debug')('box:platform'),
-    execSync = require('child_process').execSync,
     fs = require('fs'),
     graphs = require('./graphs.js'),
     infra = require('./infra_version.js'),
@@ -25,6 +24,7 @@ var addons = require('./addons.js'),
     paths = require('./paths.js'),
     reverseProxy = require('./reverseproxy.js'),
     safe = require('safetydance'),
+    settings = require('./settings.js'),
     shell = require('./shell.js'),
     taskmanager = require('./taskmanager.js'),
     _ = require('underscore');
@@ -60,10 +60,10 @@ function start(callback) {
 
     async.series([
         stopContainers.bind(null, existingInfra),
-        graphs.startGraphite.bind(null, existingInfra),
-        addons.startAddons.bind(null, existingInfra),
-        pruneInfraImages,
+        // mark app state before we start addons. this gives the db import logic a chance to mark an app as errored
         startApps.bind(null, existingInfra),
+        graphs.startGraphite.bind(null, existingInfra),
+        addons.startServices.bind(null, existingInfra),
         fs.writeFile.bind(fs, paths.INFRA_VERSION_FILE, JSON.stringify(infra, null, 4))
     ], function (error) {
         if (error) return callback(error);
@@ -77,43 +77,66 @@ function start(callback) {
 }
 
 function stop(callback) {
-    exports.events = null;
     taskmanager.pauseTasks(callback);
 }
 
 function onPlatformReady() {
-    debug('onPlatformReady: resuming task manager');
+    debug('onPlatformReady: platform is ready');
     exports._isReady = true;
     taskmanager.resumeTasks();
+
+    applyPlatformConfig(NOOP_CALLBACK);
+    pruneInfraImages(NOOP_CALLBACK);
+}
+
+function applyPlatformConfig(callback) {
+    // scale back db containers, if possible. this is retried because updating memory constraints can fail
+    // with failed to write to memory.memsw.limit_in_bytes: write /sys/fs/cgroup/memory/docker/xx/memory.memsw.limit_in_bytes: device or resource busy
+
+    async.retry({ times: 10, interval: 5 * 60 * 1000 }, function (retryCallback) {
+        settings.getPlatformConfig(function (error, platformConfig) {
+            if (error) return retryCallback(error);
+
+            addons.updateServiceConfig(platformConfig, function (error) {
+                if (error) debug('Error updating services. Will rety in 5 minutes', platformConfig, error);
+
+                retryCallback(error);
+            });
+        });
+    }, callback);
 }
 
 function pruneInfraImages(callback) {
     debug('pruneInfraImages: checking existing images');
 
     // cannot blindly remove all unused images since redis image may not be used
-    let images = infra.baseImages.concat(Object.keys(infra.images).map(function (addon) { return infra.images[addon]; }));
+    const images = infra.baseImages.concat(Object.keys(infra.images).map(function (addon) { return infra.images[addon]; }));
+
+    async.eachSeries(images, function (image, iteratorCallback) {
+        let output = safe.child_process.execSync(`docker images --digests ${image.repo} --format "{{.ID}} {{.Repository}}:{{.Tag}}@{{.Digest}}"`, { encoding: 'utf8' });
+        if (output === null) return iteratorCallback(safe.error);
 
-    for (let image of images) {
-        let output = execSync(`docker images --digests ${image.repo} --format "{{.ID}} {{.Repository}}:{{.Tag}}@{{.Digest}}"`, { encoding: 'utf8' });
         let lines = output.trim().split('\n');
         for (let line of lines) {
             if (!line) continue;
             let parts = line.split(' '); // [ ID, Repo:Tag@Digest ]
             if (image.tag === parts[1]) continue; // keep
             debug(`pruneInfraImages: removing unused image of ${image.repo}: ${line}`);
-            shell.execSync('pruneInfraImages', `docker rmi ${parts[0]}`);
-        }
-    }
 
-    callback();
+            shell.exec('pruneInfraImages', `docker rmi ${parts[0]}`, iteratorCallback);
+        }
+    }, callback);
 }
 
 function stopContainers(existingInfra, callback) {
     // always stop addons to restart them on any infra change, regardless of minor or major update
     if (existingInfra.version !== infra.version) {
+        // TODO: only nuke containers with isCloudronManaged=true
         debug('stopping all containers for infra upgrade');
-        shell.execSync('stopContainers', 'docker ps -qa | xargs --no-run-if-empty docker stop');
-        shell.execSync('stopContainers', 'docker ps -qa | xargs --no-run-if-empty docker rm -f');
+        async.series([
+            shell.exec.bind(null, 'stopContainers', 'docker ps -qa | xargs --no-run-if-empty docker stop'),
+            shell.exec.bind(null, 'stopContainers', 'docker ps -qa | xargs --no-run-if-empty docker rm -f')
+        ], callback);
     } else {
         assert(typeof infra.images, 'object');
         var changedAddons = [ ];
@@ -124,15 +147,15 @@ function stopContainers(existingInfra, callback) {
         debug('stopContainer: stopping addons for incremental infra update: %j', changedAddons);
         let filterArg = changedAddons.map(function (c) { return `--filter 'name=${c}'`; }).join(' '); // name=c matches *c*. required for redis-{appid}
         // ignore error if container not found (and fail later) so that this code works across restarts
-        shell.execSync('stopContainers', `docker ps -qa ${filterArg} | xargs --no-run-if-empty docker stop || true`);
-        shell.execSync('stopContainers', `docker ps -qa ${filterArg} | xargs --no-run-if-empty docker rm -f || true`);
+        async.series([
+            shell.exec.bind(null, 'stopContainers', `docker ps -qa ${filterArg} | xargs --no-run-if-empty docker stop || true`),
+            shell.exec.bind(null, 'stopContainers', `docker ps -qa ${filterArg} | xargs --no-run-if-empty docker rm -f || true`)
+        ], callback);
     }
-
-    callback();
 }
 
 function startApps(existingInfra, callback) {
-    if (existingInfra.version === 'none') {
+    if (existingInfra.version === 'none') { // cloudron is being restored from backup
         debug('startApps: restoring installed apps');
         apps.restoreInstalledApps(callback);
     } else if (existingInfra.version !== infra.version) {
@@ -145,12 +168,13 @@ function startApps(existingInfra, callback) {
     }
 }
 
-function handleCertChanged(cn) {
+function handleCertChanged(cn, callback) {
     assert.strictEqual(typeof cn, 'string');
+    assert.strictEqual(typeof callback, 'function');
 
     debug('handleCertChanged', cn);
 
-    if (cn === '*.' + config.adminDomain() || cn === config.adminFqdn()) {
-        mail.startMail(NOOP_CALLBACK);
-    }
+    if (cn === '*.' + config.adminDomain() || cn === config.adminFqdn()) return mail.startMail(callback);
+
+    callback();
 }

src/progress.js

@@ -1,59 +0,0 @@
-'use strict';
-
-exports = module.exports = {
-    set: set,
-    setDetail: setDetail,
-    clear: clear,
-    getAll: getAll,
-
-    UPDATE: 'update',
-    BACKUP: 'backup',
-    MIGRATE: 'migrate'
-};
-
-var assert = require('assert'),
-    debug = require('debug')('box:progress');
-
-// if progress.update or progress.backup are object, they will contain 'percent' and 'message' properties
-// otherwise no such operation is currently ongoing
-var progress = {
-    update: null,
-    backup: null,
-    migrate: null
-};
-
-// We use -1 for percentage to indicate errors
-function set(tag, percent, message) {
-    assert.strictEqual(typeof tag, 'string');
-    assert.strictEqual(typeof percent, 'number');
-    assert.strictEqual(typeof message, 'string');
-
-    progress[tag] = {
-        percent: percent,
-        message: message,
-        detail: ''
-    };
-
-    debug('%s: %s %s', tag, percent, message);
-}
-
-function setDetail(tag, detail) {
-    assert.strictEqual(typeof tag, 'string');
-    assert.strictEqual(typeof detail, 'string');
-
-    if (!progress[tag]) return debug('[%s] %s', tag, detail);
-
-    progress[tag].detail = detail;
-}
-
-function clear(tag) {
-    assert.strictEqual(typeof tag, 'string');
-
-    progress[tag] = null;
-
-    debug('clearing %s', tag);
-}
-
-function getAll() {
-    return progress;
-}

src/provision.js

@@ -0,0 +1,268 @@
+'use strict';
+
+exports = module.exports = {
+    setup: setup,
+    restore: restore,
+    activate: activate,
+
+    ProvisionError: ProvisionError
+};
+
+var assert = require('assert'),
+    async = require('async'),
+    backups = require('./backups.js'),
+    BackupsError = require('./backups.js').BackupsError,
+    config = require('./config.js'),
+    constants = require('./constants.js'),
+    clients = require('./clients.js'),
+    cloudron = require('./cloudron.js'),
+    debug = require('debug')('box:provision'),
+    domains = require('./domains.js'),
+    DomainsError = domains.DomainsError,
+    eventlog = require('./eventlog.js'),
+    mail = require('./mail.js'),
+    path = require('path'),
+    safe = require('safetydance'),
+    semver = require('semver'),
+    settingsdb = require('./settingsdb.js'),
+    settings = require('./settings.js'),
+    shell = require('./shell.js'),
+    superagent = require('superagent'),
+    users = require('./users.js'),
+    UsersError = users.UsersError,
+    tld = require('tldjs'),
+    util = require('util');
+
+var RESTART_CMD = path.join(__dirname, 'scripts/restart.sh');
+
+var NOOP_CALLBACK = function (error) { if (error) debug(error); };
+
+function ProvisionError(reason, errorOrMessage) {
+    assert.strictEqual(typeof reason, 'string');
+    assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
+
+    Error.call(this);
+    Error.captureStackTrace(this, this.constructor);
+
+    this.name = this.constructor.name;
+    this.reason = reason;
+    if (typeof errorOrMessage === 'undefined') {
+        this.message = reason;
+    } else if (typeof errorOrMessage === 'string') {
+        this.message = errorOrMessage;
+    } else {
+        this.message = 'Internal error';
+        this.nestedError = errorOrMessage;
+    }
+}
+util.inherits(ProvisionError, Error);
+ProvisionError.BAD_FIELD = 'Field error';
+ProvisionError.BAD_STATE = 'Bad State';
+ProvisionError.ALREADY_SETUP = 'Already Setup';
+ProvisionError.INTERNAL_ERROR = 'Internal Error';
+ProvisionError.EXTERNAL_ERROR = 'External Error';
+ProvisionError.ALREADY_PROVISIONED = 'Already Provisioned';
+
+function autoprovision(autoconf, callback) {
+    assert.strictEqual(typeof autoconf, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    async.eachSeries(Object.keys(autoconf), function (key, iteratorDone) {
+        debug(`autoprovision: ${key}`);
+
+        switch (key) {
+        case 'appstoreConfig':
+            if (config.provider() === 'caas') { // skip registration
+                settingsdb.set(settings.APPSTORE_CONFIG_KEY, JSON.stringify(autoconf[key]), iteratorDone);
+            } else { // register cloudron
+                settings.setAppstoreConfig(autoconf[key], iteratorDone);
+            }
+            break;
+        case 'caasConfig':
+            settingsdb.set(settings.CAAS_CONFIG_KEY, JSON.stringify(autoconf[key]), iteratorDone);
+            break;
+        case 'backupConfig':
+            settings.setBackupConfig(autoconf[key], iteratorDone);
+            break;
+        default:
+            debug(`autoprovision: ${key} ignored`);
+            return iteratorDone();
+        }
+    }, function (error) {
+        if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+
+        callback(null);
+    });
+}
+
+function unprovision(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    debug('unprovision');
+
+    config.setAdminDomain('');
+    config.setAdminFqdn('');
+    config.setAdminLocation('my');
+
+    // TODO: also cancel any existing configureWebadmin task
+    async.series([
+        mail.clearDomains,
+        domains.clear
+    ], callback);
+}
+
+function setup(dnsConfig, autoconf, auditSource, callback) {
+    assert.strictEqual(typeof dnsConfig, 'object');
+    assert.strictEqual(typeof autoconf, 'object');
+    assert.strictEqual(typeof auditSource, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    users.isActivated(function (error, activated) {
+        if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+        if (activated) return callback(new ProvisionError(ProvisionError.ALREADY_SETUP));
+
+        unprovision(function (error) {
+            if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+
+            let webadminStatus = cloudron.getWebadminStatus();
+
+            if (webadminStatus.configuring || webadminStatus.restore.active) return callback(new ProvisionError(ProvisionError.BAD_STATE, 'Already restoring or configuring'));
+
+            const domain = dnsConfig.domain.toLowerCase();
+            const zoneName = dnsConfig.zoneName ? dnsConfig.zoneName : (tld.getDomain(domain) || domain);
+
+            const adminFqdn = 'my' + (dnsConfig.config.hyphenatedSubdomains ? '-' : '.') + domain;
+
+            debug(`provision: Setting up Cloudron with domain ${domain} and zone ${zoneName} using admin fqdn ${adminFqdn}`);
+
+            let data = {
+                zoneName: zoneName,
+                provider: dnsConfig.provider,
+                config: dnsConfig.config,
+                fallbackCertificate: dnsConfig.fallbackCertificate || null,
+                tlsConfig: dnsConfig.tlsConfig || { provider: 'letsencrypt-prod' }
+            };
+
+            domains.add(domain, data, auditSource, function (error) {
+                if (error && error.reason === DomainsError.BAD_FIELD) return callback(new ProvisionError(ProvisionError.BAD_FIELD, error.message));
+                if (error && error.reason === DomainsError.ALREADY_EXISTS) return callback(new ProvisionError(ProvisionError.BAD_FIELD, error.message));
+                if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+
+                async.series([
+                    mail.addDomain.bind(null, domain),
+                    cloudron.setDashboardDomain.bind(null, domain), // triggers task to setup my. dns/cert/reverseproxy
+                    autoprovision.bind(null, autoconf),
+                    eventlog.add.bind(null, eventlog.ACTION_PROVISION, auditSource, { })
+                ], callback);
+            });
+        });
+    });
+}
+
+function setTimeZone(ip, callback) {
+    assert.strictEqual(typeof ip, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    debug('setTimeZone ip:%s', ip);
+
+    superagent.get('https://geolocation.cloudron.io/json').query({ ip: ip }).timeout(10 * 1000).end(function (error, result) {
+        if ((error && !error.response) || result.statusCode !== 200) {
+            debug('Failed to get geo location: %s', error.message);
+            return callback(null);
+        }
+
+        var timezone = safe.query(result.body, 'location.time_zone');
+
+        if (!timezone || typeof timezone !== 'string') {
+            debug('No timezone in geoip response : %j', result.body);
+            return callback(null);
+        }
+
+        debug('Setting timezone to ', timezone);
+
+        settings.setTimeZone(timezone, callback);
+    });
+}
+
+function activate(username, password, email, displayName, ip, auditSource, callback) {
+    assert.strictEqual(typeof username, 'string');
+    assert.strictEqual(typeof password, 'string');
+    assert.strictEqual(typeof email, 'string');
+    assert.strictEqual(typeof displayName, 'string');
+    assert.strictEqual(typeof ip, 'string');
+    assert.strictEqual(typeof auditSource, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    debug('activating user:%s email:%s', username, email);
+
+    setTimeZone(ip, function () { }); // TODO: get this from user. note that timezone is detected based on the browser location and not the cloudron region
+
+    users.createOwner(username, password, email, displayName, auditSource, function (error, userObject) {
+        if (error && error.reason === UsersError.ALREADY_EXISTS) return callback(new ProvisionError(ProvisionError.ALREADY_PROVISIONED, 'Already activated'));
+        if (error && error.reason === UsersError.BAD_FIELD) return callback(new ProvisionError(ProvisionError.BAD_FIELD, error.message));
+        if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+
+        clients.addTokenByUserId('cid-webadmin', userObject.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) {
+            if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+
+            eventlog.add(eventlog.ACTION_ACTIVATE, auditSource, { });
+
+            callback(null, {
+                userId: userObject.id,
+                token: result.accessToken,
+                expires: result.expires
+            });
+
+            setImmediate(cloudron.onActivated.bind(null, NOOP_CALLBACK)); // hack for now to not block the above http response
+        });
+    });
+}
+
+function restore(backupConfig, backupId, version, autoconf, auditSource, callback) {
+    assert.strictEqual(typeof backupConfig, 'object');
+    assert.strictEqual(typeof backupId, 'string');
+    assert.strictEqual(typeof version, 'string');
+    assert.strictEqual(typeof autoconf, 'object');
+    assert.strictEqual(typeof auditSource, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    if (!semver.valid(version)) return callback(new ProvisionError(ProvisionError.BAD_STATE, 'version is not a valid semver'));
+    if (semver.major(config.version()) !== semver.major(version) || semver.minor(config.version()) !== semver.minor(version)) return callback(new ProvisionError(ProvisionError.BAD_STATE, `Run cloudron-setup with --version ${version} to restore from this backup`));
+
+    let webadminStatus = cloudron.getWebadminStatus();
+
+    if (webadminStatus.configuring || webadminStatus.restore.active) return callback(new ProvisionError(ProvisionError.BAD_STATE, 'Already restoring or configuring'));
+
+    users.isActivated(function (error, activated) {
+        if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+        if (activated) return callback(new ProvisionError(ProvisionError.ALREADY_PROVISIONED, 'Already activated'));
+
+        backups.testConfig(backupConfig, function (error) {
+            if (error && error.reason === BackupsError.BAD_FIELD) return callback(new ProvisionError(ProvisionError.BAD_FIELD, error.message));
+            if (error && error.reason === BackupsError.EXTERNAL_ERROR) return callback(new ProvisionError(ProvisionError.EXTERNAL_ERROR, error.message));
+            if (error) return callback(new ProvisionError(ProvisionError.INTERNAL_ERROR, error));
+
+            debug(`restore: restoring from ${backupId} from provider ${backupConfig.provider} with format ${backupConfig.format}`);
+
+            webadminStatus.restore.active = true;
+            webadminStatus.restore.error = null;
+
+            callback(null); // do no block
+
+            async.series([
+                backups.restore.bind(null, backupConfig, backupId, (progress) => debug(`restore: ${progress}`)),
+                eventlog.add.bind(null, eventlog.ACTION_RESTORE, auditSource, { backupId }),
+                autoprovision.bind(null, autoconf),
+                // currently, our suggested restore flow is after a dnsSetup. The dnSetup creates DKIM keys and updates the DNS
+                // for this reason, we have to re-setup DNS after a restore so it has DKIm from the backup
+                // Once we have a 100% IP based restore, we can skip this
+                mail.setDnsRecords.bind(null, config.adminDomain()),
+                shell.sudo.bind(null, 'restart', [ RESTART_CMD ], {})
+            ], function (error) {
+                debug('restore:', error);
+                if (error) webadminStatus.restore.error = error.message;
+                webadminStatus.restore.active = false;
+            });
+        });
+    });
+}

src/reverseproxy.js

@@ -55,8 +55,7 @@ var acme2 = require('./cert/acme2.js'),
     util = require('util');
 
 var NGINX_APPCONFIG_EJS = fs.readFileSync(__dirname + '/../setup/start/nginx/appconfig.ejs', { encoding: 'utf8' }),
-    RELOAD_NGINX_CMD = path.join(__dirname, 'scripts/reloadnginx.sh'),
-    NOOP_CALLBACK = function (error) { if (error) debug(error); };
+    RELOAD_NGINX_CMD = path.join(__dirname, 'scripts/reloadnginx.sh');
 
 function ReverseProxyError(reason, errorOrMessage) {
     assert.strictEqual(typeof reason, 'string');
@@ -81,33 +80,29 @@ ReverseProxyError.INTERNAL_ERROR = 'Internal Error';
 ReverseProxyError.INVALID_CERT = 'Invalid certificate';
 ReverseProxyError.NOT_FOUND = 'Not Found';
 
-function getCertApi(domain, callback) {
-    assert.strictEqual(typeof domain, 'string');
+function getCertApi(domainObject, callback) {
+    assert.strictEqual(typeof domainObject, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    domains.get(domain, function (error, result) {
-        if (error) return callback(error);
+    if (domainObject.tlsConfig.provider === 'fallback') return callback(null, fallback, { fallback: true });
 
-        if (result.tlsConfig.provider === 'fallback') return callback(null, fallback, { fallback: true });
+    var api = domainObject.tlsConfig.provider === 'caas' ? caas : acme2;
 
-        var api = result.tlsConfig.provider === 'caas' ? caas : acme2;
+    var options = { prod: false, performHttpAuthorization: false, wildcard: false, email: '' };
+    if (domainObject.tlsConfig.provider !== 'caas') { // matches 'le-prod' or 'letsencrypt-prod'
+        options.prod = domainObject.tlsConfig.provider.match(/.*-prod/) !== null;
+        options.performHttpAuthorization = domainObject.provider.match(/noop|manual|wildcard/) !== null;
+        options.wildcard = !!domainObject.tlsConfig.wildcard;
+    }
 
-        var options = { prod: false, performHttpAuthorization: false, wildcard: false, email: '' };
-        if (result.tlsConfig.provider !== 'caas') { // matches 'le-prod' or 'letsencrypt-prod'
-            options.prod = result.tlsConfig.provider.match(/.*-prod/) !== null;
-            options.performHttpAuthorization = result.provider.match(/noop|manual|wildcard/) !== null;
-            options.wildcard = !!result.tlsConfig.wildcard;
-        }
+    // registering user with an email requires A or MX record (https://github.com/letsencrypt/boulder/issues/1197)
+    // we cannot use admin@fqdn because the user might not have set it up.
+    // we simply update the account with the latest email we have each time when getting letsencrypt certs
+    // https://github.com/ietf-wg-acme/acme/issues/30
+    users.getOwner(function (error, owner) {
+        options.email = error ? 'support@cloudron.io' : (owner.fallbackEmail || owner.email); // can error if not activated yet
 
-        // registering user with an email requires A or MX record (https://github.com/letsencrypt/boulder/issues/1197)
-        // we cannot use admin@fqdn because the user might not have set it up.
-        // we simply update the account with the latest email we have each time when getting letsencrypt certs
-        // https://github.com/ietf-wg-acme/acme/issues/30
-        users.getOwner(function (error, owner) {
-            options.email = error ? 'support@cloudron.io' : (owner.fallbackEmail || owner.email); // can error if not activated yet
-
-            callback(null, api, options);
-        });
+        callback(null, api, options);
     });
 }
 
@@ -119,32 +114,39 @@ function isExpiringSync(certFilePath, hours) {
 
     var result = safe.child_process.spawnSync('/usr/bin/openssl', [ 'x509', '-checkend', String(60 * 60 * hours), '-in', certFilePath ]);
 
+    if (!result) return 3; // some error
+
     debug('isExpiringSync: %s %s %s', certFilePath, result.stdout.toString('utf8').trim(), result.status);
 
     return result.status === 1; // 1 - expired 0 - not expired
 }
 
-function providerMatchesSync(certFilePath, apiOptions) {
+// checks if the certificate matches the options provided by user (like wildcard, le-staging etc)
+function providerMatchesSync(domainObject, certFilePath, apiOptions) {
+    assert.strictEqual(typeof domainObject, 'object');
     assert.strictEqual(typeof certFilePath, 'string');
     assert.strictEqual(typeof apiOptions, 'object');
 
     if (!fs.existsSync(certFilePath)) return false; // not found
 
-    if (apiOptions.fallback) {
-        return certFilePath.includes('.host.cert');
-    }
+    if (apiOptions.fallback) return certFilePath.includes('.host.cert');
 
     const subjectAndIssuer = safe.child_process.execSync(`/usr/bin/openssl x509 -noout -subject -issuer -in "${certFilePath}"`, { encoding: 'utf8' });
+    if (!subjectAndIssuer) return false; // something bad happenned
 
-    const isWildcardCert = subjectAndIssuer.match(/^subject=(.*)$/m)[1].includes('*');
-    const isLetsEncryptProd = subjectAndIssuer.match(/^issuer=(.*)$/m)[1].includes('Let\'s Encrypt Authority');
+    const subject = subjectAndIssuer.match(/^subject=(.*)$/m)[1];
+    const domain = subject.substr(subject.indexOf('=') + 1).trim(); // subject can be /CN=, CN=, CN = and other forms
+    const issuer = subjectAndIssuer.match(/^issuer=(.*)$/m)[1];
+    const isWildcardCert = domain.includes('*');
+    const isLetsEncryptProd = issuer.includes('Let\'s Encrypt Authority');
 
-    const mismatch = ((apiOptions.wildcard && !isWildcardCert)
-        || (!apiOptions.wildcard && isWildcardCert)
-        || (apiOptions.prod && !isLetsEncryptProd)
-        || (!apiOptions.prod && isLetsEncryptProd));
+    const issuerMismatch = (apiOptions.prod && !isLetsEncryptProd) || (!apiOptions.prod && isLetsEncryptProd);
+    // bare domain is not part of wildcard SAN
+    const wildcardMismatch = (domain !== domainObject.domain) && (apiOptions.wildcard && !isWildcardCert) || (!apiOptions.wildcard && isWildcardCert);
 
-    debug(`providerMatchesSync: ${certFilePath} ${subjectAndIssuer.trim().replace('\n', ' ')} wildcard=${isWildcardCert}/${apiOptions.wildcard} prod=${isLetsEncryptProd}/${apiOptions.prod} match=${!mismatch}`);
+    const mismatch = issuerMismatch || wildcardMismatch;
+
+    debug(`providerMatchesSync: ${certFilePath} subject=${subject} domain=${domain} issuer=${issuer} wildcard=${isWildcardCert}/${apiOptions.wildcard} prod=${isLetsEncryptProd}/${apiOptions.prod} match=${!mismatch}`);
 
     return !mismatch;
 }
@@ -166,13 +168,17 @@ function validateCertificate(location, domainObject, certificate) {
     const fqdn = domains.fqdn(location, domainObject);
 
     var result = safe.child_process.execSync(`openssl x509 -noout -checkhost "${fqdn}"`, { encoding: 'utf8', input: cert });
-    if (!result) return new ReverseProxyError(ReverseProxyError.INVALID_CERT, 'Unable to get certificate subject.');
+    if (result === null) return new ReverseProxyError(ReverseProxyError.INVALID_CERT, 'Unable to get certificate subject:' + safe.error.message);
 
     if (result.indexOf('does match certificate') === -1) return new ReverseProxyError(ReverseProxyError.INVALID_CERT, `Certificate is not valid for this domain. Expecting ${fqdn}`);
 
     // http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#verify
     var certModulus = safe.child_process.execSync('openssl x509 -noout -modulus', { encoding: 'utf8', input: cert });
+    if (certModulus === null) return new ReverseProxyError(ReverseProxyError.INVALID_CERT, `Unable to get cert modulus: ${safe.error.message}`);
+
     var keyModulus = safe.child_process.execSync('openssl rsa -noout -modulus', { encoding: 'utf8', input: key });
+    if (keyModulus === null) return new ReverseProxyError(ReverseProxyError.INVALID_CERT, `Unable to get key modulus: ${safe.error.message}`);
+
     if (certModulus !== keyModulus) return new ReverseProxyError(ReverseProxyError.INVALID_CERT, 'Key does not match the certificate.');
 
     // check expiration
@@ -185,7 +191,7 @@ function validateCertificate(location, domainObject, certificate) {
 function reload(callback) {
     if (process.env.BOX_ENV === 'test') return callback();
 
-    shell.sudo('reload', [ RELOAD_NGINX_CMD ], callback);
+    shell.sudo('reload', [ RELOAD_NGINX_CMD ], {}, callback);
 }
 
 function generateFallbackCertificateSync(domainObject) {
@@ -236,12 +242,14 @@ function setFallbackCertificate(domain, fallback, callback) {
         if (!safe.fs.writeFileSync(path.join(paths.APP_CERTS_DIR, `${domain}.host.key`), fallback.key)) return callback(new ReverseProxyError(ReverseProxyError.INTERNAL_ERROR, safe.error.message));
     }
 
-    platform.handleCertChanged('*.' + domain);
-
-    reload(function (error) {
+    platform.handleCertChanged('*.' + domain, function (error) {
         if (error) return callback(new ReverseProxyError(ReverseProxyError.INTERNAL_ERROR, error));
 
-        return callback(null);
+        reload(function (error) {
+            if (error) return callback(new ReverseProxyError(ReverseProxyError.INTERNAL_ERROR, error));
+
+            return callback(null);
+        });
     });
 }
 
@@ -279,9 +287,9 @@ function setAppCertificateSync(location, domainObject, certificate) {
     return null;
 }
 
-function getCertificateByHostname(hostname, domain, callback) {
+function getCertificateByHostname(hostname, domainObject, callback) {
     assert.strictEqual(typeof hostname, 'string');
-    assert.strictEqual(typeof domain, 'string');
+    assert.strictEqual(typeof domainObject, 'object');
     assert.strictEqual(typeof callback, 'function');
 
     let certFilePath = path.join(paths.APP_CERTS_DIR, `${hostname}.user.cert`);
@@ -289,34 +297,34 @@ function getCertificateByHostname(hostname, domain, callback) {
 
     if (fs.existsSync(certFilePath) && fs.existsSync(keyFilePath)) return callback(null, { certFilePath, keyFilePath });
 
-    domains.get(domain, function (error, domainObject) {
-        if (error) return callback(error);
+    if (hostname !== domainObject.domain && domainObject.tlsConfig.wildcard) { // bare domain is not part of wildcard SAN
+        let certName = domains.makeWildcard(hostname).replace('*.', '_.');
+        certFilePath = path.join(paths.APP_CERTS_DIR, `${certName}.cert`);
+        keyFilePath = path.join(paths.APP_CERTS_DIR, `${certName}.key`);
 
-        if (hostname !== domain && domainObject.tlsConfig.wildcard) { // bare domain is not part of wildcard SAN
-            let certName = domains.makeWildcard(hostname).replace('*.', '_.');
-            certFilePath = path.join(paths.APP_CERTS_DIR, `${certName}.cert`);
-            keyFilePath = path.join(paths.APP_CERTS_DIR, `${certName}.key`);
+        if (fs.existsSync(certFilePath) && fs.existsSync(keyFilePath)) return callback(null, { certFilePath, keyFilePath });
+    } else {
+        certFilePath = path.join(paths.APP_CERTS_DIR, `${hostname}.cert`);
+        keyFilePath = path.join(paths.APP_CERTS_DIR, `${hostname}.key`);
 
-            if (fs.existsSync(certFilePath) && fs.existsSync(keyFilePath)) return callback(null, { certFilePath, keyFilePath });
-        } else {
-            certFilePath = path.join(paths.APP_CERTS_DIR, `${hostname}.cert`);
-            keyFilePath = path.join(paths.APP_CERTS_DIR, `${hostname}.key`);
+        if (fs.existsSync(certFilePath) && fs.existsSync(keyFilePath)) return callback(null, { certFilePath, keyFilePath });
+    }
 
-            if (fs.existsSync(certFilePath) && fs.existsSync(keyFilePath)) return callback(null, { certFilePath, keyFilePath });
-        }
-
-        callback(null);
-    });
+    callback(null);
 }
 
 function getCertificate(app, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    getCertificateByHostname(app.fqdn, app.domain, function (error, result) {
-        if (error || result) return callback(error, result);
+    domains.get(app.domain, function (error, domainObject) {
+        if (error) return callback(error);
 
-        return getFallbackCertificate(app.domain, callback);
+        getCertificateByHostname(app.fqdn, domainObject, function (error, result) {
+            if (error || result) return callback(error, result);
+
+            return getFallbackCertificate(app.domain, callback);
+        });
     });
 }
 
@@ -326,36 +334,40 @@ function ensureCertificate(vhost, domain, auditSource, callback) {
     assert.strictEqual(typeof auditSource, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    getCertApi(domain, function (error, api, apiOptions) {
+    domains.get(domain, function (error, domainObject) {
         if (error) return callback(error);
 
-        getCertificateByHostname(vhost, domain, function (error, result) {
-            if (result) {
-                debug(`ensureCertificate: ${vhost} certificate already exists at ${result.keyFilePath}`);
+        getCertApi(domainObject, function (error, api, apiOptions) {
+            if (error) return callback(error);
 
-                if (result.certFilePath.endsWith('.user.cert')) return callback(null, result); // user certs cannot be renewed
-                if (!isExpiringSync(result.certFilePath, 24 * 30) && providerMatchesSync(result.certFilePath, apiOptions)) return callback(null, result);
-                debug(`ensureCertificate: ${vhost} cert require renewal`);
-            } else {
-                debug(`ensureCertificate: ${vhost} cert does not exist`);
-            }
+            getCertificateByHostname(vhost, domainObject, function (error, currentBundle) {
+                if (currentBundle) {
+                    debug(`ensureCertificate: ${vhost} certificate already exists at ${currentBundle.keyFilePath}`);
 
-            debug('ensureCertificate: getting certificate for %s with options %j', vhost, apiOptions);
-
-            api.getCertificate(vhost, domain, apiOptions, function (error, certFilePath, keyFilePath) {
-                var errorMessage = error ? error.message : '';
-
-                if (error) {
-                    debug('ensureCertificate: could not get certificate. using fallback certs', error);
-                    mailer.certificateRenewalError(vhost, errorMessage);
+                    if (currentBundle.certFilePath.endsWith('.user.cert')) return callback(null, currentBundle); // user certs cannot be renewed
+                    if (!isExpiringSync(currentBundle.certFilePath, 24 * 30) && providerMatchesSync(domainObject, currentBundle.certFilePath, apiOptions)) return callback(null, currentBundle);
+                    debug(`ensureCertificate: ${vhost} cert require renewal`);
+                } else {
+                    debug(`ensureCertificate: ${vhost} cert does not exist`);
                 }
 
-                eventlog.add(eventlog.ACTION_CERTIFICATE_RENEWAL, auditSource, { domain: vhost, errorMessage: errorMessage });
+                debug('ensureCertificate: getting certificate for %s with options %j', vhost, apiOptions);
 
-                // if no cert was returned use fallback. the fallback/caas provider will not provide any for example
-                if (!certFilePath || !keyFilePath) return getFallbackCertificate(domain, callback);
+                api.getCertificate(vhost, domain, apiOptions, function (error, certFilePath, keyFilePath) {
+                    var errorMessage = error ? error.message : '';
 
-                callback(null, { certFilePath, keyFilePath, type: 'new-le' });
+                    if (error) {
+                        debug('ensureCertificate: could not get certificate. using fallback certs', error);
+                        mailer.certificateRenewalError(vhost, errorMessage);
+                    }
+
+                    eventlog.add(currentBundle ? eventlog.ACTION_CERTIFICATE_RENEWAL : eventlog.ACTION_CERTIFICATE_NEW, auditSource, { domain: vhost, errorMessage: errorMessage });
+
+                    // if no cert was returned use fallback. the fallback/caas provider will not provide any for example
+                    if (!certFilePath || !keyFilePath) return getFallbackCertificate(domain, callback);
+
+                    callback(null, { certFilePath, keyFilePath, type: 'new-le' });
+                });
             });
         });
     });
@@ -495,9 +507,10 @@ function unconfigureApp(app, callback) {
     });
 }
 
-function renewCerts(options, auditSource, callback) {
+function renewCerts(options, auditSource, progressCallback, callback) {
     assert.strictEqual(typeof options, 'object');
     assert.strictEqual(typeof auditSource, 'object');
+    assert.strictEqual(typeof progressCallback, 'function');
     assert.strictEqual(typeof callback, 'function');
 
     apps.getAll(function (error, allApps) {
@@ -520,11 +533,15 @@ function renewCerts(options, auditSource, callback) {
 
         if (options.domain) appDomains = appDomains.filter(function (appDomain) { return appDomain.domain === options.domain; });
 
+        let progress = 1;
         async.eachSeries(appDomains, function (appDomain, iteratorCallback) {
+            progressCallback({ percent: progress, message: `Renewing certs of ${appDomain.fqdn}` });
+            progress += Math.round(100/appDomains.length);
+
             ensureCertificate(appDomain.fqdn, appDomain.domain, auditSource, function (error, bundle) {
                 if (error) return iteratorCallback(error); // this can happen if cloudron is not setup yet
 
-                // hack to check if the app's cert changed or not
+                // hack to check if the app's cert changed or not. this doesn't handle prod/staging le change since they use same file name
                 let currentNginxConfig = safe.fs.readFileSync(appDomain.nginxConfigFilename, 'utf8') || '';
                 if (currentNginxConfig.includes(bundle.certFilePath)) return iteratorCallback();
 
@@ -535,17 +552,15 @@ function renewCerts(options, auditSource, callback) {
                 if (appDomain.type === 'webadmin') configureFunc = writeAdminConfig.bind(null, bundle, constants.NGINX_ADMIN_CONFIG_FILE_NAME, config.adminFqdn());
                 else if (appDomain.type === 'main') configureFunc = writeAppConfig.bind(null, appDomain.app, bundle);
                 else if (appDomain.type === 'alternate') configureFunc = writeAppRedirectConfig.bind(null, appDomain.app, appDomain.fqdn, bundle);
-                else return callback(new Error(`Unknown domain type for ${appDomain.fqdn}. This should never happen`));
+                else return iteratorCallback(new Error(`Unknown domain type for ${appDomain.fqdn}. This should never happen`));
 
                 configureFunc(function (ignoredError) {
                     if (ignoredError) debug('renewAll: error reconfiguring app', ignoredError);
 
-                    platform.handleCertChanged(appDomain.fqdn);
-
-                    iteratorCallback(); // move to next domain
+                    platform.handleCertChanged(appDomain.fqdn, iteratorCallback);
                 });
             });
-        });
+        }, callback);
     });
 }
 
@@ -559,13 +574,15 @@ function renewAll(auditSource, callback) {
 }
 
 function removeAppConfigs() {
-    for (var appConfigFile of fs.readdirSync(paths.NGINX_APPCONFIG_DIR)) {
-        fs.unlinkSync(path.join(paths.NGINX_APPCONFIG_DIR, appConfigFile));
+    for (let appConfigFile of fs.readdirSync(paths.NGINX_APPCONFIG_DIR)) {
+        if (appConfigFile !== constants.NGINX_DEFAULT_CONFIG_FILE_NAME && appConfigFile !== constants.NGINX_ADMIN_CONFIG_FILE_NAME) {
+            fs.unlinkSync(path.join(paths.NGINX_APPCONFIG_DIR, appConfigFile));
+        }
     }
 }
 
 function configureDefaultServer(callback) {
-    callback = callback || NOOP_CALLBACK;
+    assert.strictEqual(typeof callback, 'function');
 
     var certFilePath = path.join(paths.NGINX_CERT_DIR,  'default.cert');
     var keyFilePath = path.join(paths.NGINX_CERT_DIR, 'default.key');
@@ -574,11 +591,13 @@ function configureDefaultServer(callback) {
         debug('configureDefaultServer: create new cert');
 
         var cn = 'cloudron-' + (new Date()).toISOString(); // randomize date a bit to keep firefox happy
-        var certCommand = util.format('openssl req -x509 -newkey rsa:2048 -keyout %s -out %s -days 3650 -subj /CN=%s -nodes', keyFilePath, certFilePath, cn);
-        safe.child_process.execSync(certCommand);
+        if (!safe.child_process.execSync(`openssl req -x509 -newkey rsa:2048 -keyout ${keyFilePath} -out ${certFilePath} -days 3650 -subj /CN=${cn} -nodes`)) {
+            debug(`configureDefaultServer: could not generate certificate: ${safe.error.message}`);
+            return callback(safe.error);
+        }
     }
 
-    writeAdminConfig({ certFilePath, keyFilePath }, 'default.conf', '', function (error) {
+    writeAdminConfig({ certFilePath, keyFilePath }, constants.NGINX_DEFAULT_CONFIG_FILE_NAME, '', function (error) {
         if (error) return callback(error);
 
         debug('configureDefaultServer: done');

src/routes/apps.js

@@ -134,6 +134,7 @@ function installApp(req, res, next) {
 
     if ('sso' in data && typeof data.sso !== 'boolean') return next(new HttpError(400, 'sso must be a boolean'));
     if ('enableBackup' in data && typeof data.enableBackup !== 'boolean') return next(new HttpError(400, 'enableBackup must be a boolean'));
+    if ('enableAutomaticUpdate' in data && typeof data.enableAutomaticUpdate !== 'boolean') return next(new HttpError(400, 'enableAutomaticUpdate must be a boolean'));
 
     if (('debugMode' in data) && typeof data.debugMode !== 'object') return next(new HttpError(400, 'debugMode must be an object'));
 
@@ -174,6 +175,10 @@ function configureApp(req, res, next) {
 
     if ('location' in data && typeof data.location !== 'string') return next(new HttpError(400, 'location must be string'));
     if ('domain' in data && typeof data.domain !== 'string') return next(new HttpError(400, 'domain must be string'));
+    // domain, location must both be provided since they are unique together
+    if ('location' in data && !('domain' in data)) return next(new HttpError(400, 'domain must be provided'));
+    if (!('location' in data) && 'domain' in data) return next(new HttpError(400, 'location must be provided'));
+
     if ('portBindings' in data && typeof data.portBindings !== 'object') return next(new HttpError(400, 'portBindings must be an object'));
     if ('accessRestriction' in data && typeof data.accessRestriction !== 'object') return next(new HttpError(400, 'accessRestriction must be an object'));
 
@@ -187,6 +192,7 @@ function configureApp(req, res, next) {
     if (data.xFrameOptions && typeof data.xFrameOptions !== 'string') return next(new HttpError(400, 'xFrameOptions must be a string'));
 
     if ('enableBackup' in data && typeof data.enableBackup !== 'boolean') return next(new HttpError(400, 'enableBackup must be a boolean'));
+    if ('enableAutomaticUpdate' in data && typeof data.enableAutomaticUpdate !== 'boolean') return next(new HttpError(400, 'enableAutomaticUpdate must be a boolean'));
 
     if (('debugMode' in data) && typeof data.debugMode !== 'object') return next(new HttpError(400, 'debugMode must be an object'));
 
@@ -513,7 +519,7 @@ function execWebSocket(req, res, next) {
         if (error && error.reason === AppsError.BAD_STATE) return next(new HttpError(409, error.message));
         if (error) return next(new HttpError(500, error));
 
-        console.log('Connected to terminal');
+        debug('Connected to terminal');
 
         req.clearTimeout();
 
@@ -521,7 +527,7 @@ function execWebSocket(req, res, next) {
             duplexStream.on('end', function () { ws.close(); });
             duplexStream.on('close', function () { ws.close(); });
             duplexStream.on('error', function (error) {
-                console.error('duplexStream error:', error);
+                debug('duplexStream error:', error);
             });
             duplexStream.on('data', function (data) {
                 if (ws.readyState !== WebSocket.OPEN) return;
@@ -529,7 +535,7 @@ function execWebSocket(req, res, next) {
             });
 
             ws.on('error', function (error) {
-                console.error('websocket error:', error);
+                debug('websocket error:', error);
             });
             ws.on('message', function (msg) {
                 duplexStream.write(msg);

src/routes/backups.js

@@ -1,8 +1,8 @@
 'use strict';
 
 exports = module.exports = {
-    get: get,
-    create: create
+    list: list,
+    startBackup: startBackup
 };
 
 var backupdb = require('../backupdb.js'),
@@ -16,7 +16,7 @@ function auditSource(req) {
     return { ip: ip, username: req.user ? req.user.username : null, userId: req.user ? req.user.id : null };
 }
 
-function get(req, res, next) {
+function list(req, res, next) {
     var page = typeof req.query.page !== 'undefined' ? parseInt(req.query.page) : 1;
     if (!page || page < 0) return next(new HttpError(400, 'page query param has to be a postive number'));
 
@@ -31,13 +31,11 @@ function get(req, res, next) {
     });
 }
 
-function create(req, res, next) {
-    // note that cloudron.backup only waits for backup initiation and not for backup to complete
-    // backup progress can be checked up ny polling the progress api call
-    backups.backup(auditSource(req), function (error) {
+function startBackup(req, res, next) {
+    backups.startBackupTask(auditSource(req), function (error, taskId) {
         if (error && error.reason === BackupsError.BAD_STATE) return next(new HttpError(409, error.message));
         if (error) return next(new HttpError(500, error));
 
-        next(new HttpSuccess(202, {}));
+        next(new HttpSuccess(202, { taskId }));
     });
 }

src/routes/caas.js

@@ -1,60 +0,0 @@
-'use strict';
-
-exports = module.exports = {
-    getConfig: getConfig,
-    changePlan: changePlan
-};
-
-var caas = require('../caas.js'),
-    CaasError = require('../caas.js').CaasError,
-    config = require('../config.js'),
-    debug = require('debug')('box:routes/cloudron'),
-    HttpError = require('connect-lastmile').HttpError,
-    HttpSuccess = require('connect-lastmile').HttpSuccess,
-    _ = require('underscore');
-
-function getConfig(req, res, next) {
-    if (config.provider() !== 'caas') return next(new HttpError(422, 'Cannot use this API with this provider'));
-
-    caas.getBoxAndUserDetails(function (error, result) {
-        if (error) return next(new HttpError(500, error));
-
-        // the result is { box: { region, size, plan }, user: { billing, currency } }
-        next(new HttpSuccess(200, {
-            region: result.box.region,
-            size: result.box.size,
-            billing: !!result.user.billing,
-            plan: result.box.plan,
-            currency: result.user.currency
-        }));
-    });
-}
-
-function changePlan(req, res, next) {
-    if (config.provider() !== 'caas') return next(new HttpError(422, 'Cannot use this API with this provider'));
-
-    if ('size' in req.body && typeof req.body.size !== 'string') return next(new HttpError(400, 'size must be string'));
-    if ('region' in req.body && typeof req.body.region !== 'string') return next(new HttpError(400, 'region must be string'));
-
-    if ('domain' in req.body) {
-        if (typeof req.body.domain !== 'string') return next(new HttpError(400, 'domain must be string'));
-        if (typeof req.body.provider !== 'string') return next(new HttpError(400, 'provider must be string'));
-    }
-
-    if ('zoneName' in req.body && typeof req.body.zoneName !== 'string') return next(new HttpError(400, 'zoneName must be string'));
-
-    debug('Migration requested domain:%s size:%s region:%s', req.body.domain, req.body.size, req.body.region);
-
-    var options = _.pick(req.body, 'domain', 'size', 'region');
-    if (Object.keys(options).length === 0) return next(new HttpError(400, 'no migrate option provided'));
-
-    if (options.domain) options.domain = options.domain.toLowerCase();
-
-    caas.changePlan(req.body, function (error) { // pass req.body because 'domain' can have arbitrary options
-        if (error && error.reason === CaasError.BAD_STATE) return next(new HttpError(409, error.message));
-        if (error && error.reason === CaasError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error) return next(new HttpError(500, error));
-
-        next(new HttpSuccess(202, {}));
-    });
-}

src/routes/cloudron.js

@@ -2,7 +2,7 @@
 
 exports = module.exports = {
     reboot: reboot,
-    getProgress: getProgress,
+    isRebootRequired: isRebootRequired,
     getConfig: getConfig,
     getDisks: getDisks,
     getUpdateInfo: getUpdateInfo,
@@ -10,7 +10,10 @@ exports = module.exports = {
     feedback: feedback,
     checkForUpdates: checkForUpdates,
     getLogs: getLogs,
-    getLogStream: getLogStream
+    getLogStream: getLogStream,
+    getStatus: getStatus,
+    setDashboardDomain: setDashboardDomain,
+    renewCerts: renewCerts
 };
 
 var appstore = require('../appstore.js'),
@@ -21,7 +24,6 @@ var appstore = require('../appstore.js'),
     CloudronError = cloudron.CloudronError,
     HttpError = require('connect-lastmile').HttpError,
     HttpSuccess = require('connect-lastmile').HttpSuccess,
-    progress = require('../progress.js'),
     updater = require('../updater.js'),
     updateChecker = require('../updatechecker.js'),
     UpdaterError = require('../updater.js').UpdaterError,
@@ -32,15 +34,19 @@ function auditSource(req) {
     return { ip: ip, username: req.user ? req.user.username : null, userId: req.user ? req.user.id : null };
 }
 
-function getProgress(req, res, next) {
-    return next(new HttpSuccess(200, progress.getAll()));
-}
-
 function reboot(req, res, next) {
-    // Finish the request, to let the appstore know we triggered the restore it
+    // Finish the request, to let the appstore know we triggered the reboot
     next(new HttpSuccess(202, {}));
 
-    cloudron.reboot(function () { });
+    cloudron.reboot(function () {});
+}
+
+function isRebootRequired(req, res, next) {
+    cloudron.isRebootRequired(function (error, result) {
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, { rebootRequired: result }));
+    });
 }
 
 function getConfig(req, res, next) {
@@ -60,13 +66,12 @@ function getDisks(req, res, next) {
 
 function update(req, res, next) {
     // this only initiates the update, progress can be checked via the progress route
-    updater.updateToLatest(auditSource(req), function (error) {
+    updater.updateToLatest(auditSource(req), function (error, taskId) {
         if (error && error.reason === UpdaterError.ALREADY_UPTODATE) return next(new HttpError(422, error.message));
         if (error && error.reason === UpdaterError.BAD_STATE) return next(new HttpError(409, error.message));
-        if (error && error.reason === UpdaterError.SELF_UPGRADE_NOT_SUPPORTED) return next(new HttpError(412, error.message));
         if (error) return next(new HttpError(500, error));
 
-        next(new HttpSuccess(202, {}));
+        next(new HttpSuccess(202, { taskId }));
     });
 }
 
@@ -75,6 +80,9 @@ function getUpdateInfo(req, res, next) {
 }
 
 function checkForUpdates(req, res, next) {
+    // it can take a while sometimes to get all the app updates one by one
+    req.clearTimeout();
+
     async.series([
         updateChecker.checkAppUpdates,
         updateChecker.checkBoxUpdates
@@ -166,3 +174,31 @@ function getLogStream(req, res, next) {
         logStream.on('error', res.end.bind(res, null));
     });
 }
+
+function setDashboardDomain(req, res, next) {
+    if (!req.body.domain || typeof req.body.domain !== 'string') return next(new HttpError(400, 'domain must be a string'));
+
+    cloudron.setDashboardDomain(req.body.domain, function (error) {
+        if (error && error.reason === CloudronError.BAD_FIELD) return next(new HttpError(404, error.message));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(204, {}));
+    });
+}
+
+function getStatus(req, res, next) {
+    cloudron.getStatus(function (error, status) {
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, status));
+    });
+}
+
+function renewCerts(req, res, next) {
+    cloudron.renewCerts({ domain: req.body.domain || null }, auditSource(req), function (error, taskId) {
+        if (error && error.reason === CloudronError.NOT_FOUND) return next(new HttpError(404, error.message));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(202, { taskId }));
+    });
+}

src/routes/domains.js

@@ -7,8 +7,6 @@ exports = module.exports = {
     update: update,
     del: del,
 
-    renewCerts: renewCerts,
-
     verifyDomainLock: verifyDomainLock
 };
 
@@ -59,7 +57,15 @@ function add(req, res, next) {
     // some DNS providers like DigitalOcean take a really long time to verify credentials (https://github.com/expressjs/timeout/issues/26)
     req.clearTimeout();
 
-    domains.add(req.body.domain, req.body.zoneName || '', req.body.provider, req.body.config, req.body.fallbackCertificate || null, req.body.tlsConfig || { provider: 'letsencrypt-prod' }, function (error) {
+    let data = {
+        zoneName: req.body.zoneName || '',
+        provider: req.body.provider,
+        config: req.body.config,
+        fallbackCertificate: req.body.fallbackCertificate || null,
+        tlsConfig: req.body.tlsConfig || { provider: 'letsencrypt-prod' }
+    };
+
+    domains.add(req.body.domain, data, auditSource(req), function (error) {
         if (error && error.reason === DomainsError.ALREADY_EXISTS) return next(new HttpError(409, error.message));
         if (error && error.reason === DomainsError.BAD_FIELD) return next(new HttpError(400, error.message));
         if (error && error.reason === DomainsError.INVALID_PROVIDER) return next(new HttpError(400, error.message));
@@ -117,7 +123,15 @@ function update(req, res, next) {
     // some DNS providers like DigitalOcean take a really long time to verify credentials (https://github.com/expressjs/timeout/issues/26)
     req.clearTimeout();
 
-    domains.update(req.params.domain, req.body.zoneName || '', req.body.provider, req.body.config, req.body.fallbackCertificate || null, req.body.tlsConfig || { provider: 'letsencrypt-prod' }, function (error) {
+    let data = {
+        zoneName: req.body.zoneName || '',
+        provider: req.body.provider,
+        config: req.body.config,
+        fallbackCertificate: req.body.fallbackCertificate || null,
+        tlsConfig: req.body.tlsConfig || { provider: 'letsencrypt-prod' }
+    };
+
+    domains.update(req.params.domain, data, auditSource(req), function (error) {
         if (error && error.reason === DomainsError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === DomainsError.BAD_FIELD) return next(new HttpError(400, error.message));
         if (error && error.reason === DomainsError.INVALID_PROVIDER) return next(new HttpError(400, error.message));
@@ -130,7 +144,7 @@ function update(req, res, next) {
 function del(req, res, next) {
     assert.strictEqual(typeof req.params.domain, 'string');
 
-    domains.del(req.params.domain, function (error) {
+    domains.del(req.params.domain, auditSource(req), function (error) {
         if (error && error.reason === DomainsError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === DomainsError.IN_USE) return next(new HttpError(409, 'Domain is still in use. Remove all apps and mailboxes using this domain'));
         if (error) return next(new HttpError(500, error));
@@ -138,16 +152,3 @@ function del(req, res, next) {
         next(new HttpSuccess(204));
     });
 }
-
-function renewCerts(req, res, next) {
-    assert.strictEqual(typeof req.params.domain, 'string');
-
-    domains.renewCerts(req.params.domain, auditSource(req), function (error) {
-        if (error && error.reason === DomainsError.NOT_FOUND) return next(new HttpError(404, error.message));
-        if (error) return next(new HttpError(500, error));
-
-        next(new HttpSuccess(202, {}));
-    });
-
-    next(new HttpSuccess(202, {}));
-}

src/routes/graphs.js

@@ -7,7 +7,7 @@ exports = module.exports = {
 var middleware = require('../middleware/index.js'),
     url = require('url');
 
-var graphiteProxy = middleware.proxy(url.parse('http://127.0.0.1:8000'));
+var graphiteProxy = middleware.proxy(url.parse('http://127.0.0.1:8417'));
 
 function getGraphs(req, res, next) {
     var parsedUrl = url.parse(req.url, true /* parseQueryString */);

src/routes/index.js

@@ -4,7 +4,6 @@ exports = module.exports = {
     accesscontrol: require('./accesscontrol.js'),
     apps: require('./apps.js'),
     backups: require('./backups.js'),
-    caas: require('./caas.js'),
     clients: require('./clients.js'),
     cloudron: require('./cloudron.js'),
     developer: require('./developer.js'),
@@ -15,9 +14,11 @@ exports = module.exports = {
     oauth2: require('./oauth2.js'),
     mail: require('./mail.js'),
     profile: require('./profile.js'),
-    setup: require('./setup.js'),
-    sysadmin: require('./sysadmin.js'),
+    provision: require('./provision.js'),
+    services: require('./services.js'),
     settings: require('./settings.js'),
+    sysadmin: require('./sysadmin.js'),
     ssh: require('./ssh.js'),
+    tasks: require('./tasks.js'),
     users: require('./users.js')
 };

src/routes/mail.js

@@ -17,7 +17,7 @@ exports = module.exports = {
 
     sendTestMail: sendTestMail,
 
-    getMailboxes: getMailboxes,
+    listMailboxes: listMailboxes,
     getMailbox: getMailbox,
     addMailbox: addMailbox,
     updateMailbox: updateMailbox,
@@ -44,6 +44,11 @@ var assert = require('assert'),
 
 var mailProxy = middleware.proxy(url.parse('http://127.0.0.1:2020'));
 
+function auditSource(req) {
+    var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
+    return { ip: ip, username: req.user ? req.user.username : null, userId: req.user ? req.user.id : null };
+}
+
 function getDomain(req, res, next) {
     assert.strictEqual(typeof req.params.domain, 'string');
 
@@ -86,6 +91,10 @@ function setDnsRecords(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
     assert.strictEqual(typeof req.params.domain, 'string');
 
+    // can take a setup all the DNS entries. this is mostly because some backends try to list DNS entries (DO)
+    // for upsert and this takes a lot of time
+    req.clearTimeout();
+
     mail.setDnsRecords(req.params.domain, function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === MailError.EXTERNAL_ERROR) return next(new HttpError(424, error.message));
@@ -181,7 +190,7 @@ function setMailEnabled(req, res, next) {
 
     if (typeof req.body.enabled !== 'boolean') return next(new HttpError(400, 'enabled is required'));
 
-    mail.setMailEnabled(req.params.domain, !!req.body.enabled, function (error) {
+    mail.setMailEnabled(req.params.domain, !!req.body.enabled, auditSource(req), function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === MailError.BAD_FIELD) return next(new HttpError(400, error.message));
         if (error && error.reason === MailError.BILLING_REQUIRED) return next(new HttpError(402, error.message));
@@ -205,10 +214,10 @@ function sendTestMail(req, res, next) {
     });
 }
 
-function getMailboxes(req, res, next) {
+function listMailboxes(req, res, next) {
     assert.strictEqual(typeof req.params.domain, 'string');
 
-    mail.getMailboxes(req.params.domain, function (error, result) {
+    mail.listMailboxes(req.params.domain, function (error, result) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error) return next(new HttpError(500, error));
 
@@ -234,7 +243,7 @@ function addMailbox(req, res, next) {
     if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be a string'));
     if (typeof req.body.userId !== 'string') return next(new HttpError(400, 'userId must be a string'));
 
-    mail.addMailbox(req.body.name, req.params.domain, req.body.userId, function (error) {
+    mail.addMailbox(req.body.name, req.params.domain, req.body.userId, auditSource(req), function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === MailError.ALREADY_EXISTS) return next(new HttpError(409, error.message));
         if (error && error.reason === MailError.BAD_FIELD) return next(new HttpError(400, error.message));
@@ -250,7 +259,7 @@ function updateMailbox(req, res, next) {
 
     if (typeof req.body.userId !== 'string') return next(new HttpError(400, 'userId must be a string'));
 
-    mail.updateMailbox(req.params.name, req.params.domain, req.body.userId, function (error) {
+    mail.updateMailboxOwner(req.params.name, req.params.domain, req.body.userId, function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === MailError.BAD_FIELD) return next(new HttpError(400, error.message));
         if (error) return next(new HttpError(500, error));
@@ -263,7 +272,7 @@ function removeMailbox(req, res, next) {
     assert.strictEqual(typeof req.params.domain, 'string');
     assert.strictEqual(typeof req.params.name, 'string');
 
-    mail.removeMailbox(req.params.name, req.params.domain, function (error) {
+    mail.removeMailbox(req.params.name, req.params.domain, auditSource(req), function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error) return next(new HttpError(500, error));
 
@@ -349,7 +358,7 @@ function addList(req, res, next) {
         if (typeof req.body.members[i] !== 'string') return next(new HttpError(400, 'member must be a string'));
     }
 
-    mail.addList(req.body.name, req.params.domain, req.body.members, function (error) {
+    mail.addList(req.body.name, req.params.domain, req.body.members, auditSource(req), function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error && error.reason === MailError.ALREADY_EXISTS) return next(new HttpError(409, 'list already exists'));
         if (error && error.reason === MailError.BAD_FIELD) return next(new HttpError(400, error.message));
@@ -382,7 +391,7 @@ function removeList(req, res, next) {
     assert.strictEqual(typeof req.params.domain, 'string');
     assert.strictEqual(typeof req.params.name, 'string');
 
-    mail.removeList(req.params.domain, req.params.name, function (error) {
+    mail.removeList(req.params.name, req.params.domain, auditSource(req), function (error) {
         if (error && error.reason === MailError.NOT_FOUND) return next(new HttpError(404, error.message));
         if (error) return next(new HttpError(500, error));
 

src/routes/provision.js

@@ -3,10 +3,9 @@
 exports = module.exports = {
     providerTokenAuth: providerTokenAuth,
     setupTokenAuth: setupTokenAuth,
-    provision: provision,
+    setup: setup,
     activate: activate,
-    restore: restore,
-    getStatus: getStatus,
+    restore: restore
 };
 
 var assert = require('assert'),
@@ -16,10 +15,9 @@ var assert = require('assert'),
     debug = require('debug')('box:routes/setup'),
     HttpError = require('connect-lastmile').HttpError,
     HttpSuccess = require('connect-lastmile').HttpSuccess,
-    setup = require('../setup.js'),
-    SetupError = require('../setup.js').SetupError,
-    superagent = require('superagent'),
-    _ = require('underscore');
+    provision = require('../provision.js'),
+    ProvisionError = require('../provision.js').ProvisionError,
+    superagent = require('superagent');
 
 function auditSource(req) {
     var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
@@ -63,7 +61,7 @@ function setupTokenAuth(req, res, next) {
     });
 }
 
-function provision(req, res, next) {
+function setup(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
 
     if (!req.body.dnsConfig || typeof req.body.dnsConfig !== 'object') return next(new HttpError(400, 'dnsConfig is required'));
@@ -85,24 +83,16 @@ function provision(req, res, next) {
     // it can take sometime to setup DNS, register cloudron
     req.clearTimeout();
 
-    setup.provision(dnsConfig, req.body.autoconf || {}, function (error) {
-        if (error && error.reason === SetupError.ALREADY_SETUP) return next(new HttpError(409, error.message));
-        if (error && error.reason === SetupError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error && error.reason === SetupError.BAD_STATE) return next(new HttpError(409, error.message));
+    provision.setup(dnsConfig, req.body.autoconf || {}, auditSource(req), function (error) {
+        if (error && error.reason === ProvisionError.ALREADY_SETUP) return next(new HttpError(409, error.message));
+        if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));
+        if (error && error.reason === ProvisionError.BAD_STATE) return next(new HttpError(409, error.message));
         if (error) return next(new HttpError(500, error));
 
         next(new HttpSuccess(200));
     });
 }
 
-function getStatus(req, res, next) {
-    setup.getStatus(function (error, status) {
-        if (error) return next(new HttpError(500, error));
-
-        next(new HttpSuccess(200, status));
-    });
-}
-
 function activate(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
 
@@ -119,9 +109,9 @@ function activate(req, res, next) {
     var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
     debug('activate: username:%s ip:%s', username, ip);
 
-    setup.activate(username, password, email, displayName, ip, auditSource(req), function (error, info) {
-        if (error && error.reason === SetupError.ALREADY_PROVISIONED) return next(new HttpError(409, 'Already setup'));
-        if (error && error.reason === SetupError.BAD_FIELD) return next(new HttpError(400, error.message));
+    provision.activate(username, password, email, displayName, ip, auditSource(req), function (error, info) {
+        if (error && error.reason === ProvisionError.ALREADY_PROVISIONED) return next(new HttpError(409, 'Already setup'));
+        if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));
         if (error) return next(new HttpError(500, error));
 
         // only in caas case do we have to notify the api server about activation
@@ -156,11 +146,11 @@ function restore(req, res, next) {
     // TODO: validate subfields of these objects
     if (req.body.autoconf && typeof req.body.autoconf !== 'object') return next(new HttpError(400, 'autoconf must be an object'));
 
-    setup.restore(backupConfig, req.body.backupId, req.body.version, req.body.autoconf || {}, function (error) {
-        if (error && error.reason === SetupError.ALREADY_SETUP) return next(new HttpError(409, error.message));
-        if (error && error.reason === SetupError.BAD_FIELD) return next(new HttpError(400, error.message));
-        if (error && error.reason === SetupError.BAD_STATE) return next(new HttpError(409, error.message));
-        if (error && error.reason === SetupError.EXTERNAL_ERROR) return next(new HttpError(424, error.message));
+    provision.restore(backupConfig, req.body.backupId, req.body.version, req.body.autoconf || {}, auditSource(req), function (error) {
+        if (error && error.reason === ProvisionError.ALREADY_SETUP) return next(new HttpError(409, error.message));
+        if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));
+        if (error && error.reason === ProvisionError.BAD_STATE) return next(new HttpError(409, error.message));
+        if (error && error.reason === ProvisionError.EXTERNAL_ERROR) return next(new HttpError(424, error.message));
         if (error) return next(new HttpError(500, error));
 
         next(new HttpSuccess(200));

src/routes/services.js

@@ -0,0 +1,134 @@
+'use strict';
+
+exports = module.exports = {
+    getAll: getAll,
+    get: get,
+    configure: configure,
+    getLogs: getLogs,
+    getLogStream: getLogStream,
+    restart: restart
+};
+
+var addons = require('../addons.js'),
+    AddonsError = addons.AddonsError,
+    assert = require('assert'),
+    debug = require('debug')('box:routes/addons'),
+    HttpError = require('connect-lastmile').HttpError,
+    HttpSuccess = require('connect-lastmile').HttpSuccess;
+
+function getAll(req, res, next) {
+    addons.getServices(function (error, result) {
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, { services: result }));
+    });
+}
+
+function get(req, res, next) {
+    assert.strictEqual(typeof req.params.service, 'string');
+
+    addons.getService(req.params.service, function (error, result) {
+        if (error && error.reason === AddonsError.NOT_FOUND) return next(new HttpError(404, 'No such service'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, { service: result }));
+    });
+}
+
+function configure(req, res, next) {
+    assert.strictEqual(typeof req.params.service, 'string');
+
+    if (typeof req.body.memory !== 'number') return next(new HttpError(400, 'memory must be a number'));
+
+    const data = {
+        memory: req.body.memory,
+        memorySwap: req.body.memory * 2
+    };
+
+    addons.configureService(req.params.service, data, function (error) {
+        if (error && error.reason === AddonsError.NOT_FOUND) return next(new HttpError(404, 'No such service'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(202, {}));
+    });
+}
+
+function getLogs(req, res, next) {
+    assert.strictEqual(typeof req.params.service, 'string');
+
+    var lines = req.query.lines ? parseInt(req.query.lines, 10) : 100;
+    if (isNaN(lines)) return next(new HttpError(400, 'lines must be a number'));
+
+    debug(`Getting logs of service ${req.params.service}`);
+
+    var options = {
+        lines: lines,
+        follow: false,
+        format: req.query.format
+    };
+
+    addons.getServiceLogs(req.params.service, options, function (error, logStream) {
+        if (error && error.reason === AddonsError.NOT_FOUND) return next(new HttpError(404, 'No such service'));
+        if (error) return next(new HttpError(500, error));
+
+        res.writeHead(200, {
+            'Content-Type': 'application/x-logs',
+            'Content-Disposition': 'attachment; filename="log.txt"',
+            'Cache-Control': 'no-cache',
+            'X-Accel-Buffering': 'no' // disable nginx buffering
+        });
+        logStream.pipe(res);
+    });
+}
+
+// this route is for streaming logs
+function getLogStream(req, res, next) {
+    assert.strictEqual(typeof req.params.service, 'string');
+
+    debug(`Getting logstream of service ${req.params.service}`);
+
+    var lines = req.query.lines ? parseInt(req.query.lines, 10) : -10; // we ignore last-event-id
+    if (isNaN(lines)) return next(new HttpError(400, 'lines must be a valid number'));
+
+    function sse(id, data) { return 'id: ' + id + '\ndata: ' + data + '\n\n'; }
+
+    if (req.headers.accept !== 'text/event-stream') return next(new HttpError(400, 'This API call requires EventStream'));
+
+    var options = {
+        lines: lines,
+        follow: true
+    };
+
+    addons.getServiceLogs(req.params.service, options, function (error, logStream) {
+        if (error && error.reason === AddonsError.NOT_FOUND) return next(new HttpError(404, 'No such service'));
+        if (error) return next(new HttpError(500, error));
+
+        res.writeHead(200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            'Connection': 'keep-alive',
+            'X-Accel-Buffering': 'no', // disable nginx buffering
+            'Access-Control-Allow-Origin': '*'
+        });
+        res.write('retry: 3000\n');
+        res.on('close', logStream.close);
+        logStream.on('data', function (data) {
+            var obj = JSON.parse(data);
+            res.write(sse(obj.monotonicTimestamp, JSON.stringify(obj))); // send timestamp as id
+        });
+        logStream.on('end', res.end.bind(res));
+        logStream.on('error', res.end.bind(res, null));
+    });
+}
+
+function restart(req, res, next) {
+    assert.strictEqual(typeof req.params.service, 'string');
+
+    debug(`Restarting service ${req.params.service}`);
+
+    addons.restartService(req.params.service, function (error) {
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(202, {}));
+    });
+}

src/routes/sysadmin.js

@@ -3,10 +3,15 @@
 exports = module.exports = {
     backup: backup,
     update: update,
-    retire: retire
+    retire: retire,
+
+    importAppDatabase: importAppDatabase
 };
 
-var backups = require('../backups.js'),
+var apps = require('../apps.js'),
+    AppsError = apps.AppsError,
+    addons = require('../addons.js'),
+    backups = require('../backups.js'),
     BackupsError = require('../backups.js').BackupsError,
     cloudron = require('../cloudron.js'),
     debug = require('debug')('box:routes/sysadmin'),
@@ -21,11 +26,11 @@ function backup(req, res, next) {
     // note that cloudron.backup only waits for backup initiation and not for backup to complete
     // backup progress can be checked up ny polling the progress api call
     var auditSource = { userId: null, username: 'sysadmin' };
-    backups.backup(auditSource, function (error) {
+    backups.startBackupTask(auditSource, function (error, taskId) {
         if (error && error.reason === BackupsError.BAD_STATE) return next(new HttpError(409, error.message));
         if (error) return next(new HttpError(500, error));
 
-        next(new HttpSuccess(202, {}));
+        next(new HttpSuccess(202, { taskId }));
     });
 }
 
@@ -34,13 +39,12 @@ function update(req, res, next) {
 
     // this only initiates the update, progress can be checked via the progress route
     var auditSource = { userId: null, username: 'sysadmin' };
-    updater.updateToLatest(auditSource, function (error) {
+    updater.updateToLatest(auditSource, function (error, taskId) {
         if (error && error.reason === UpdaterError.ALREADY_UPTODATE) return next(new HttpError(422, error.message));
         if (error && error.reason === UpdaterError.BAD_STATE) return next(new HttpError(409, error.message));
-        if (error && error.reason === UpdaterError.SELF_UPGRADE_NOT_SUPPORTED) return next(new HttpError(412, error.message));
         if (error) return next(new HttpError(500, error));
 
-        next(new HttpSuccess(202, {}));
+        next(new HttpSuccess(202, { taskId }));
     });
 }
 
@@ -48,8 +52,21 @@ function retire(req, res, next) {
     debug('triggering retire');
 
     cloudron.retire('migrate', { }, function (error) {
-        if (error) console.error('Retire failed.', error);
+        if (error) debug('Retire failed.', error);
     });
 
     next(new HttpSuccess(202, {}));
 }
+
+function importAppDatabase(req, res, next) {
+    apps.get(req.params.id, function (error, app) {
+        if (error && error.reason === AppsError.NOT_FOUND) return next(new HttpError(404, 'No such app'));
+        if (error) return next(new HttpError(500, error));
+
+        addons.importAppDatabase(app, req.query.addon || '', function (error) {
+            if (error) return next(new HttpError(500, error));
+
+            next(new HttpSuccess(202, {}));
+        });
+    });
+}

src/routes/tasks.js

@@ -0,0 +1,121 @@
+'use strict';
+
+exports = module.exports = {
+    get: get,
+    stopTask: stopTask,
+    list: list,
+
+    getLogs: getLogs,
+    getLogStream: getLogStream
+};
+
+let assert = require('assert'),
+    HttpError = require('connect-lastmile').HttpError,
+    HttpSuccess = require('connect-lastmile').HttpSuccess,
+    TaskError = require('../tasks.js').TaskError,
+    tasks = require('../tasks.js');
+
+function stopTask(req, res, next) {
+    assert.strictEqual(typeof req.params.taskId, 'string');
+
+    tasks.stopTask(req.params.taskId, function (error) {
+        if (error && error.reason === TaskError.NOT_FOUND) return next(new HttpError(404, 'No such task'));
+        if (error && error.reason === TaskError.BAD_STATE) return next(new HttpError(409, error.message));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(204, {}));
+    });
+}
+
+function get(req, res, next) {
+    assert.strictEqual(typeof req.params.taskId, 'string');
+
+    tasks.get(req.params.taskId, function (error, task) {
+        if (error && error.reason === TaskError.NOT_FOUND) return next(new HttpError(404, 'No such task'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, tasks.removePrivateFields(task)));
+    });
+}
+
+function list(req, res, next) {
+    var page = typeof req.query.page !== 'undefined' ? parseInt(req.query.page) : 1;
+    if (!page || page < 0) return next(new HttpError(400, 'page query param has to be a postive number'));
+
+    var perPage = typeof req.query.per_page !== 'undefined'? parseInt(req.query.per_page) : 25;
+    if (!perPage || perPage < 0) return next(new HttpError(400, 'per_page query param has to be a postive number'));
+
+    if (req.query.type && typeof req.query.type !== 'string') return next(new HttpError(400, 'type must be a string'));
+
+    tasks.listByTypePaged(req.query.type || null, page, perPage, function (error, result) {
+        if (error) return next(new HttpError(500, error));
+
+        result = result.map(tasks.removePrivateFields);
+
+        next(new HttpSuccess(200, { tasks: result }));
+    });
+}
+
+function getLogs(req, res, next) {
+    assert.strictEqual(typeof req.params.taskId, 'string');
+
+    var lines = req.query.lines ? parseInt(req.query.lines, 10) : 100;
+    if (isNaN(lines)) return next(new HttpError(400, 'lines must be a number'));
+
+    var options = {
+        lines: lines,
+        follow: false,
+        format: req.query.format
+    };
+
+    tasks.getLogs(req.params.taskId, options, function (error, logStream) {
+        if (error && error.reason === TaskError.NOT_FOUND) return next(new HttpError(404, 'No such task'));
+        if (error) return next(new HttpError(500, error));
+
+        res.writeHead(200, {
+            'Content-Type': 'application/x-logs',
+            'Content-Disposition': 'attachment; filename="log.txt"',
+            'Cache-Control': 'no-cache',
+            'X-Accel-Buffering': 'no' // disable nginx buffering
+        });
+        logStream.pipe(res);
+    });
+}
+
+// this route is for streaming logs
+function getLogStream(req, res, next) {
+    assert.strictEqual(typeof req.params.taskId, 'string');
+
+    var lines = req.query.lines ? parseInt(req.query.lines, 10) : -10; // we ignore last-event-id
+    if (isNaN(lines)) return next(new HttpError(400, 'lines must be a valid number'));
+
+    function sse(id, data) { return 'id: ' + id + '\ndata: ' + data + '\n\n'; }
+
+    if (req.headers.accept !== 'text/event-stream') return next(new HttpError(400, 'This API call requires EventStream'));
+
+    var options = {
+        lines: lines,
+        follow: true
+    };
+
+    tasks.getLogs(req.params.taskId, options, function (error, logStream) {
+        if (error && error.reason === TaskError.NOT_FOUND) return next(new HttpError(404, 'No such task'));
+        if (error) return next(new HttpError(500, error));
+
+        res.writeHead(200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            'Connection': 'keep-alive',
+            'X-Accel-Buffering': 'no', // disable nginx buffering
+            'Access-Control-Allow-Origin': '*'
+        });
+        res.write('retry: 3000\n');
+        res.on('close', logStream.close);
+        logStream.on('data', function (data) {
+            var obj = JSON.parse(data);
+            res.write(sse(obj.monotonicTimestamp, JSON.stringify(obj))); // send timestamp as id
+        });
+        logStream.on('end', res.end.bind(res));
+        logStream.on('error', res.end.bind(res, null));
+    });
+}

src/routes/test/apps-test.js

@@ -264,8 +264,6 @@ function stopBox(done) {
 }
 
 describe('App API', function () {
-    this.timeout(100000);
-
     before(startBox);
     after(stopBox);
 
@@ -618,11 +616,7 @@ describe('App API', function () {
 });
 
 describe('App installation', function () {
-    this.timeout(100000);
-
     var apiHockInstance = hock.createHock({ throwOnUnmatched: false });
-    var apiHockServer;
-
     var validCert1, validKey1;
 
     before(function (done) {
@@ -820,7 +814,6 @@ describe('App installation', function () {
     });
 
     it('installation - app can check addons', function (done) {
-        this.timeout(120000);
         console.log('This test can take a while as it waits for scheduler addon to tick 3');
         checkAddons(appEntry, done);
     });
@@ -949,7 +942,6 @@ describe('App installation', function () {
     });
 
     it('installation - app can check addons', function (done) {
-        this.timeout(120000);
         console.log('This test can take a while as it waits for scheduler addon to tick 2');
         checkAddons(appEntry, done);
     });
@@ -1076,7 +1068,6 @@ describe('App installation', function () {
     });
 
     it('installation - app can check addons', function (done) {
-        this.timeout(120000);
         console.log('This test can take a while as it waits for scheduler addon to tick 4');
         checkAddons(appEntry, done);
     });

src/routes/test/backups-test.js

@@ -29,6 +29,8 @@ const DOMAIN_0 = {
     tlsConfig: { provider: 'fallback' }
 };
 
+let AUDIT_SOURCE = { ip: '1.2.3.4' };
+
 var token = null, ownerId = null;
 
 function setup(done) {
@@ -38,7 +40,7 @@ function setup(done) {
     async.series([
         server.start,
         database._clear,
-        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig),
+        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0, AUDIT_SOURCE),
 
         function createAdmin(callback) {
             superagent.post(SERVER_URL + '/api/v1/cloudron/activate')

src/routes/test/caas-test.js

@@ -14,7 +14,6 @@ var appdb = require('../../appdb.js'),
     expect = require('expect.js'),
     locker = require('../../locker.js'),
     nock = require('nock'),
-    os = require('os'),
     superagent = require('superagent'),
     server = require('../../server.js'),
     settings = require('../../settings.js'),
@@ -35,6 +34,8 @@ const DOMAIN_0 = {
     tlsConfig: { provider: 'fallback' }
 };
 
+let AUDIT_SOURCE = { ip: '1.2.3.4' };
+
 var token = null, ownerId = null;
 var gSudoOriginal = null;
 function injectShellMock() {
@@ -57,7 +58,7 @@ function setup(done) {
         database._clear,
 
         settingsdb.set.bind(null, settings.CAAS_CONFIG_KEY, JSON.stringify({ boxId: 'BOX_ID', token: 'ACCESS_TOKEN2' })),
-        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig),
+        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0, AUDIT_SOURCE),
 
         function createAdmin(callback) {
             var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/BOX_ID/setup/verify?setupToken=somesetuptoken').reply(200, {});
@@ -144,29 +145,6 @@ describe('Caas', function () {
         });
     });
 
-    describe('get config', function () {
-        before(setup);
-        after(cleanup);
-
-        it('succeeds (admin)', function (done) {
-            var scope = nock(config.apiServerOrigin())
-                .get('/api/v1/boxes/BOX_ID?token=ACCESS_TOKEN2')
-                .reply(200, { box: { region: 'sfo', size: '1gb' }, user: { }});
-
-            superagent.get(SERVER_URL + '/api/v1/caas/config')
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(200);
-                    expect(result.body.size).to.eql('1gb');
-                    expect(result.body.region).to.eql('sfo');
-
-                    expect(scope.isDone()).to.be.ok();
-
-                    done();
-                });
-        });
-    });
-
     describe('Backups API', function () {
         var scope1 = nock(config.apiServerOrigin()).post('/api/v1/boxes/BOX_ID/awscredentials?token=BACKUP_TOKEN')
             .reply(201, { credentials: { AccessKeyId: 'accessKeyId', SecretAccessKey: 'secretAccessKey' } }, { 'Content-Type': 'application/json' });
@@ -190,169 +168,5 @@ describe('Caas', function () {
                 });
         });
     });
-
-    xdescribe('migrate', function () {
-        before(function (done) {
-            async.series([
-                setup,
-
-                function (callback) {
-                    var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/BOX_ID/setup/verify?setupToken=somesetuptoken').reply(200, {});
-                    var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/BOX_ID/setup/done?setupToken=somesetuptoken').reply(201, {});
-
-                    superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
-                        .query({ setupToken: 'somesetuptoken' })
-                        .send({ username: USERNAME, password: PASSWORD, email: EMAIL })
-                        .end(function (error, result) {
-                            expect(result).to.be.ok();
-                            expect(scope1.isDone()).to.be.ok();
-                            expect(scope2.isDone()).to.be.ok();
-
-                            // stash token for further use
-                            token = result.body.token;
-
-                            callback();
-                        });
-                }
-            ], done);
-        });
-
-        after(function (done) {
-            locker.unlock(locker._operation); // migrate never unlocks
-            cleanup(done);
-        });
-
-        it('fails without token', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 'small', region: 'sfo'})
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(401);
-                    done();
-                });
-        });
-
-        it('fails without password', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 'small', region: 'sfo'})
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(400);
-                    done();
-                });
-        });
-
-        it('succeeds without size', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ region: 'sfo', password: PASSWORD })
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(202);
-                    done();
-                });
-        });
-
-        it('fails with wrong size type', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 4, region: 'sfo', password: PASSWORD })
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(400);
-                    done();
-                });
-        });
-
-        it('succeeds without region', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 'small', password: PASSWORD })
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(202);
-                    done();
-                });
-        });
-
-        it('fails with wrong region type', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 'small', region: 4, password: PASSWORD })
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(400);
-                    done();
-                });
-        });
-
-        it('fails when in wrong state', function (done) {
-            var scope2 = nock(config.apiServerOrigin())
-                .post('/api/v1/boxes/BOX_ID/awscredentials?token=BACKUP_TOKEN')
-                .reply(201, { credentials: { AccessKeyId: 'accessKeyId', SecretAccessKey: 'secretAccessKey', SessionToken: 'sessionToken' } });
-
-            var scope3 = nock(config.apiServerOrigin())
-                .post('/api/v1/boxes/BOX_ID/backupDone?token=APPSTORE_TOKEN', function (body) {
-                    return body.boxVersion && body.restoreKey && !body.appId && !body.appVersion && body.appBackupIds.length === 0;
-                })
-                .reply(200, { id: 'someid' });
-
-            var scope1 = nock(config.apiServerOrigin())
-                .post('/api/v1/boxes/BOX_ID/migrate?token=APPSTORE_TOKEN', function (body) {
-                    return body.size && body.region && body.restoreKey;
-                }).reply(409, {});
-
-            injectShellMock();
-
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 'small', region: 'sfo', password: PASSWORD })
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(202);
-
-                    function checkAppstoreServerCalled() {
-                        if (scope1.isDone() && scope2.isDone() && scope3.isDone()) {
-                            restoreShellMock();
-                            return done();
-                        }
-
-                        setTimeout(checkAppstoreServerCalled, 100);
-                    }
-
-                    checkAppstoreServerCalled();
-                });
-        });
-
-        it('succeeds', function (done) {
-            var scope1 = nock(config.apiServerOrigin()).post('/api/v1/boxes/BOX_ID/migrate?token=APPSTORE_TOKEN', function (body) {
-                return body.size && body.region && body.restoreKey;
-            }).reply(202, {});
-
-            var scope2 = nock(config.apiServerOrigin())
-                .post('/api/v1/boxes/BOX_ID/backupDone?token=APPSTORE_TOKEN', function (body) {
-                    return body.boxVersion && body.restoreKey && !body.appId && !body.appVersion && body.appBackupIds.length === 0;
-                })
-                .reply(200, { id: 'someid' });
-
-            var scope3 = nock(config.apiServerOrigin())
-                .post('/api/v1/boxes/BOX_ID/awscredentials?token=BACKUP_TOKEN')
-                .reply(201, { credentials: { AccessKeyId: 'accessKeyId', SecretAccessKey: 'secretAccessKey', SessionToken: 'sessionToken' } });
-
-            injectShellMock();
-
-            superagent.post(SERVER_URL + '/api/v1/cloudron/migrate')
-                .send({ size: 'small', region: 'sfo', password: PASSWORD })
-                .query({ access_token: token })
-                .end(function (error, result) {
-                    expect(result.statusCode).to.equal(202);
-
-                    function checkAppstoreServerCalled() {
-                        if (scope1.isDone() && scope2.isDone() && scope3.isDone()) {
-                            restoreShellMock();
-                            return done();
-                        }
-
-                        setTimeout(checkAppstoreServerCalled, 100);
-                    }
-
-                    checkAppstoreServerCalled();
-                });
-        });
-    });
 });
 

src/routes/test/clients-test.js

@@ -483,8 +483,6 @@ describe('Clients', function () {
     });
 
     describe('delete tokens by client', function () {
-        this.timeout(5000);
-
         before(setup2);
         after(cleanup);
 

src/routes/test/cloudron-test.js

@@ -191,7 +191,6 @@ describe('Cloudron', function () {
                     expect(result.body.apiServerOrigin).to.eql('http://localhost:6060');
                     expect(result.body.webServerOrigin).to.eql(null);
                     expect(result.body.adminFqdn).to.eql(config.adminFqdn());
-                    expect(result.body.progress).to.be.an('object');
                     expect(result.body.version).to.eql(config.version());
                     expect(result.body.memory).to.eql(os.totalmem());
                     expect(result.body.cloudronName).to.be.a('string');

src/routes/test/developer-test.js

@@ -37,8 +37,6 @@ function cleanup(done) {
 }
 
 describe('Developer API', function () {
-    this.timeout(20000);
-
     describe('login', function () {
         before(function (done) {
             async.series([

src/routes/test/domains-test.js

@@ -43,8 +43,6 @@ var DOMAIN_1 = {
 };
 
 describe('Domains API', function () {
-    this.timeout(10000);
-
     before(function (done) {
         config._reset();
         config.setFqdn(DOMAIN);

src/routes/test/eventlog-test.js

@@ -78,8 +78,6 @@ function cleanup(done) {
 }
 
 describe('Eventlog API', function () {
-    this.timeout(10000);
-
     before(setup);
     after(cleanup);
 

src/routes/test/mail-test.js

@@ -105,8 +105,6 @@ function cleanup(done) {
 }
 
 describe('Mail API', function () {
-    this.timeout(10000);
-
     before(setup);
     after(cleanup);
 
@@ -231,8 +229,6 @@ describe('Mail API', function () {
         var dnsAnswerQueue = [];
         var dkimDomain, spfDomain, mxDomain, dmarcDomain;
 
-        this.timeout(10000);
-
         before(function (done) {
             var dns = require('../../native-dns.js');
 
@@ -765,7 +761,6 @@ describe('Mail API', function () {
                     expect(res.body.mailbox).to.be.an('object');
                     expect(res.body.mailbox.name).to.equal(MAILBOX_NAME);
                     expect(res.body.mailbox.ownerId).to.equal(userId);
-                    expect(res.body.mailbox.ownerType).to.equal('user');
                     expect(res.body.mailbox.aliasTarget).to.equal(null);
                     expect(res.body.mailbox.domain).to.equal(DOMAIN_0.domain);
                     done();
@@ -781,7 +776,6 @@ describe('Mail API', function () {
                     expect(res.body.mailboxes[0]).to.be.an('object');
                     expect(res.body.mailboxes[0].name).to.equal(MAILBOX_NAME);
                     expect(res.body.mailboxes[0].ownerId).to.equal(userId);
-                    expect(res.body.mailboxes[0].ownerType).to.equal('user');
                     expect(res.body.mailboxes[0].aliasTarget).to.equal(null);
                     expect(res.body.mailboxes[0].domain).to.equal(DOMAIN_0.domain);
                     done();
@@ -914,12 +908,10 @@ describe('Mail API', function () {
                     expect(res.body.aliases.length).to.eql(2);
                     expect(res.body.aliases[0].name).to.equal('hello');
                     expect(res.body.aliases[0].ownerId).to.equal(userId);
-                    expect(res.body.aliases[0].ownerType).to.equal('user');
                     expect(res.body.aliases[0].aliasTarget).to.equal(MAILBOX_NAME);
                     expect(res.body.aliases[0].domain).to.equal(DOMAIN_0.domain);
                     expect(res.body.aliases[1].name).to.equal('there');
                     expect(res.body.aliases[1].ownerId).to.equal(userId);
-                    expect(res.body.aliases[1].ownerType).to.equal('user');
                     expect(res.body.aliases[1].aliasTarget).to.equal(MAILBOX_NAME);
                     expect(res.body.aliases[1].domain).to.equal(DOMAIN_0.domain);
                     done();
@@ -1031,7 +1023,6 @@ describe('Mail API', function () {
                     expect(res.body.list).to.be.an('object');
                     expect(res.body.list.name).to.equal(LIST_NAME);
                     expect(res.body.list.ownerId).to.equal('admin');
-                    expect(res.body.list.ownerType).to.equal('group');
                     expect(res.body.list.aliasTarget).to.equal(null);
                     expect(res.body.list.domain).to.equal(DOMAIN_0.domain);
                     expect(res.body.list.members).to.eql([ 'admin2', 'superadmin' ]);
@@ -1048,7 +1039,6 @@ describe('Mail API', function () {
                     expect(res.body.lists.length).to.equal(1);
                     expect(res.body.lists[0].name).to.equal(LIST_NAME);
                     expect(res.body.lists[0].ownerId).to.equal('admin');
-                    expect(res.body.lists[0].ownerType).to.equal('group');
                     expect(res.body.lists[0].aliasTarget).to.equal(null);
                     expect(res.body.lists[0].domain).to.equal(DOMAIN_0.domain);
                     expect(res.body.lists[0].members).to.eql([ 'admin2', 'superadmin' ]);

src/routes/test/oauth2-test.js

@@ -30,6 +30,8 @@ var accesscontrol = require('../../accesscontrol.js'),
 
 var SERVER_URL = 'http://localhost:' + config.get('port');
 
+let AUDIT_SOURCE = { ip: '1.2.3.4' };
+
 describe('OAuth2', function () {
 
     describe('flow', function () {
@@ -208,7 +210,7 @@ describe('OAuth2', function () {
             async.series([
                 server.start,
                 database._clear,
-                domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig),
+                domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0, AUDIT_SOURCE),
                 clientdb.add.bind(null, CLIENT_0.id, CLIENT_0.appId, CLIENT_0.type, CLIENT_0.clientSecret, CLIENT_0.redirectURI, CLIENT_0.scope),
                 clientdb.add.bind(null, CLIENT_1.id, CLIENT_1.appId, CLIENT_1.type, CLIENT_1.clientSecret, CLIENT_1.redirectURI, CLIENT_1.scope),
                 clientdb.add.bind(null, CLIENT_2.id, CLIENT_2.appId, CLIENT_2.type, CLIENT_2.clientSecret, CLIENT_2.redirectURI, CLIENT_2.scope),

src/routes/test/profile-test.js

@@ -24,8 +24,6 @@ const EMAIL_0_NEW_FALLBACK = 'stupIDfallback@me.com';
 const DISPLAY_NAME_0_NEW = 'New Name';
 
 describe('Profile API', function () {
-    this.timeout(5000);
-
     var user_0 = null;
     var token_0;
 

src/routes/test/server-test.js

@@ -137,12 +137,12 @@ describe('REST API', function () {
             });
     });
 
-    it('dns setup twice fails', function (done) {
+    it('dns setup twice succeeds', function (done) {
         superagent.post(SERVER_URL + '/api/v1/cloudron/setup')
             .send({ dnsConfig: { provider: 'noop', domain: DOMAIN, DOMAIN, config: {} } })
             .end(function (error, result) {
                 expect(result).to.be.ok();
-                expect(result.statusCode).to.eql(409);
+                expect(result.statusCode).to.eql(200);
 
                 done();
             });
@@ -247,6 +247,17 @@ describe('REST API', function () {
             });
     });
 
+    it('dns setup after activation fails', function (done) {
+        superagent.post(SERVER_URL + '/api/v1/cloudron/setup')
+            .send({ dnsConfig: { provider: 'noop', domain: DOMAIN, DOMAIN, config: {} } })
+            .end(function (error, result) {
+                expect(result).to.be.ok();
+                expect(result.statusCode).to.eql(409);
+
+                done();
+            });
+    });
+
     it('does not crash with invalid JSON', function (done) {
         superagent.post(SERVER_URL + '/api/v1/users')
             .query({ access_token: token })

src/routes/test/settings-test.js

@@ -82,7 +82,7 @@ describe('Settings API', function () {
 
         it('can set app_autoupdate_pattern', function (done) {
             var eventPattern = null;
-            settings.events.on(settings.APP_AUTOUPDATE_PATTERN_KEY, function (pattern) {
+            settings.on(settings.APP_AUTOUPDATE_PATTERN_KEY, function (pattern) {
                 eventPattern = pattern;
             });
 
@@ -98,7 +98,7 @@ describe('Settings API', function () {
 
         it('can set app_autoupdate_pattern to never', function (done) {
             var eventPattern = null;
-            settings.events.on(settings.APP_AUTOUPDATE_PATTERN_KEY, function (pattern) {
+            settings.on(settings.APP_AUTOUPDATE_PATTERN_KEY, function (pattern) {
                 eventPattern = pattern;
             });
 
@@ -145,7 +145,7 @@ describe('Settings API', function () {
 
         it('can set box_autoupdate_pattern', function (done) {
             var eventPattern = null;
-            settings.events.on(settings.BOX_AUTOUPDATE_PATTERN_KEY, function (pattern) {
+            settings.on(settings.BOX_AUTOUPDATE_PATTERN_KEY, function (pattern) {
                 eventPattern = pattern;
             });
 
@@ -161,7 +161,7 @@ describe('Settings API', function () {
 
         it('can set box_autoupdate_pattern to never', function (done) {
             var eventPattern = null;
-            settings.events.on(settings.BOX_AUTOUPDATE_PATTERN_KEY, function (pattern) {
+            settings.on(settings.BOX_AUTOUPDATE_PATTERN_KEY, function (pattern) {
                 eventPattern = pattern;
             });
 

src/routes/test/ssh-test.js

@@ -61,8 +61,6 @@ function cleanup(done) {
 }
 
 describe('SSH API', function () {
-    this.timeout(10000);
-
     before(setup);
     after(cleanup);
 

src/routes/test/sysadmin-test.js

@@ -29,6 +29,8 @@ const DOMAIN_0 = {
     tlsConfig: { provider: 'fallback' }
 };
 
+let AUDIT_SOURCE = { ip: '1.2.3.4' };
+
 function setup(done) {
     config._reset();
     config.setFqdn(DOMAIN_0.domain);
@@ -36,7 +38,7 @@ function setup(done) {
     async.series([
         server.start,
         database._clear,
-        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig),
+        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0, AUDIT_SOURCE),
 
         function createAdmin(callback) {
             superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
@@ -63,29 +65,27 @@ function cleanup(done) {
 }
 
 describe('Internal API', function () {
-    this.timeout(5000);
-
     before(setup);
     after(cleanup);
 
     describe('backup', function () {
         it('succeeds', function (done) {
             superagent.post(config.sysadminOrigin() + '/api/v1/backup')
-              .end(function (error, result) {
-                expect(result.statusCode).to.equal(202);
+                .end(function (error, result) {
+                    expect(result.statusCode).to.equal(202);
 
-                function checkBackupStartEvent() {
-                    eventlog.getAllPaged([ eventlog.ACTION_BACKUP_START ], '', 1, 100, function (error, result) {
-                        expect(error).to.equal(null);
+                    function checkBackupStartEvent() {
+                        eventlog.getAllPaged([ eventlog.ACTION_BACKUP_START ], '', 1, 100, function (error, result) {
+                            expect(error).to.equal(null);
 
-                        if (result.length === 0) return setTimeout(checkBackupStartEvent, 1000);
+                            if (result.length === 0) return setTimeout(checkBackupStartEvent, 1000);
 
-                        done();
-                    });
-                }
+                            done();
+                        });
+                    }
 
-                checkBackupStartEvent();
-            });
+                    checkBackupStartEvent();
+                });
         });
     });
 });

src/routes/test/tasks-test.js

@@ -0,0 +1,138 @@
+'use strict';
+
+/* global it:false */
+/* global describe:false */
+/* global before:false */
+/* global after:false */
+
+var async = require('async'),
+    config = require('../../config.js'),
+    database = require('../../database.js'),
+    expect = require('expect.js'),
+    server = require('../../server.js'),
+    superagent = require('superagent'),
+    tasks = require('../../tasks.js');
+
+var SERVER_URL = 'http://localhost:' + config.get('port');
+
+var USERNAME = 'superadmin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com';
+var token = null;
+
+function setup(done) {
+    config._reset();
+    config.setFqdn('example-tasks-test.com');
+    config.setAdminFqdn('my.example-tasks-test.com');
+
+    async.series([
+        server.start.bind(null),
+        database._clear.bind(null),
+
+        function createAdmin(callback) {
+            superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
+                .query({ setupToken: 'somesetuptoken' })
+                .send({ username: USERNAME, password: PASSWORD, email: EMAIL })
+                .end(function (error, result) {
+                    expect(result).to.be.ok();
+                    expect(result.statusCode).to.eql(201);
+
+                    // stash token for further use
+                    token = result.body.token;
+
+                    callback();
+                });
+        }
+    ], done);
+}
+
+function cleanup(done) {
+    database._clear(function (error) {
+        expect(!error).to.be.ok();
+
+        server.stop(done);
+    });
+}
+
+describe('Tasks API', function () {
+    before(setup);
+    after(cleanup);
+
+    it('can get task', function (done) {
+        let taskId = null;
+        let task = tasks.startTask(tasks._TASK_IDENTITY, [ 'ping' ]);
+        task.on('error', done);
+        task.on('start', (tid) => { taskId = tid; });
+
+        task.on('finish', function () {
+            superagent.get(SERVER_URL + '/api/v1/tasks/' + taskId)
+                .query({ access_token: token })
+                .end(function (err, res) {
+                    expect(res.statusCode).to.equal(200);
+                    expect(res.body.percent).to.be(100);
+                    expect(res.body.args).to.be(undefined);
+                    expect(res.body.active).to.be(false); // finished
+                    expect(res.body.result).to.be('ping');
+                    expect(res.body.errorMessage).to.be(null);
+                    done();
+                });
+        });
+    });
+
+    it('can get logs', function (done) {
+        let taskId = null;
+        let task = tasks.startTask(tasks._TASK_CRASH, [ 'ping' ]);
+        task.on('error', done);
+        task.on('start', (tid) => { taskId = tid; });
+
+        task.on('finish', function () {
+            superagent.get(SERVER_URL + '/api/v1/tasks/' + taskId + '/logs')
+                .query({ access_token: token })
+                .end(function (err, res) {
+                    expect(res.statusCode).to.equal(200);
+                    done();
+                });
+        });
+    });
+
+    it('cannot stop inactive task', function (done) {
+        let taskId = null;
+        let task = tasks.startTask(tasks._TASK_IDENTITY, [ 'ping' ]);
+        task.on('error', done);
+        task.on('start', (tid) => { taskId = tid; });
+
+        task.on('finish', function () {
+            superagent.post(SERVER_URL + '/api/v1/tasks/' + taskId + '/stop')
+                .query({ access_token: token })
+                .end(function (err, res) {
+                    expect(res.statusCode).to.equal(409);
+                    done();
+                });
+        });
+    });
+
+
+    it('can stop task', function (done) {
+        let taskId = null;
+        let task = tasks.startTask(tasks._TASK_SLEEP, [ 10000 ]);
+        task.on('error', done);
+        task.on('start', (tid) => {
+            taskId = tid;
+            superagent.post(SERVER_URL + '/api/v1/tasks/' + taskId + '/stop')
+                .query({ access_token: token })
+                .end(function (err, res) {
+                    expect(res.statusCode).to.equal(204);
+                });
+        });
+        task.on('finish', () => {
+            superagent.get(SERVER_URL + '/api/v1/tasks/' + taskId)
+                .query({ access_token: token })
+                .end(function (err, res) {
+                    expect(res.statusCode).to.equal(200);
+                    expect(res.body.percent).to.be(100);
+                    expect(res.body.active).to.be(false); // finished
+                    expect(res.body.result).to.be(null);
+                    expect(res.body.errorMessage).to.contain('signal SIGTERM');
+                    done();
+                });
+        });
+    });
+});

src/routes/test/users-test.js

@@ -30,6 +30,8 @@ const DOMAIN_0 = {
     tlsConfig: { provider: 'fallback' }
 };
 
+let AUDIT_SOURCE = { ip: '1.2.3.4' };
+
 const USERNAME_0 = 'superaDmIn', PASSWORD = 'Foobar?1337', EMAIL_0 = 'silLY@me.com', EMAIL_0_NEW = 'stupID@me.com', DISPLAY_NAME_0_NEW = 'New Name';
 const USERNAME_1 = 'userTheFirst', EMAIL_1 = 'taO@zen.mac';
 const USERNAME_2 = 'userTheSecond', EMAIL_2 = 'USER@foo.bar', EMAIL_2_NEW = 'happy@ME.com';
@@ -45,7 +47,7 @@ function setup(done) {
         server.start,
         database._clear,
         mailer._clearMailQueue,
-        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0.zoneName, DOMAIN_0.provider, DOMAIN_0.config, DOMAIN_0.fallbackCertificate, DOMAIN_0.tlsConfig),
+        domains.add.bind(null, DOMAIN_0.domain, DOMAIN_0, AUDIT_SOURCE),
         mail.addDomain.bind(null, DOMAIN_0.domain)
     ], function (error) {
         expect(error).to.not.be.ok();
@@ -80,8 +82,6 @@ function checkMails(number, done) {
 }
 
 describe('Users API', function () {
-    this.timeout(5000);
-
     var user_0, user_1, user_2, user_4;
     var token = null, userToken = null;
     var token_1 = tokendb.generateToken();

src/scripts/backupupload.js

@@ -9,17 +9,10 @@ if (process.argv[2] === '--check') return console.log('OK');
 
 require('supererror')({ splatchError: true });
 
-// remove timestamp from debug() based output
-require('debug').formatArgs = function formatArgs(args) {
-    args[0] = this.namespace + ' ' + args[0];
-};
-
 var assert = require('assert'),
-    backups = require('./backups.js'),
-    database = require('./database.js'),
-    debug = require('debug')('box:backuptask'),
-    paths = require('./paths.js'),
-    safe = require('safetydance');
+    backups = require('../backups.js'),
+    database = require('../database.js'),
+    debug = require('debug')('box:backupupload');
 
 function initialize(callback) {
     assert.strictEqual(typeof callback, 'function');
@@ -38,17 +31,21 @@ process.on('SIGTERM', function () {
     process.exit(0);
 });
 
+// this can happen when the backup task is terminated (not box code)
+process.on('disconnect', function () {
+    debug('parent process died');
+    process.exit(0);
+});
+
 initialize(function (error) {
     if (error) throw error;
 
-    safe.fs.writeFileSync(paths.BACKUP_RESULT_FILE, '');
-
-    backups.upload(backupId, format, dataDir, function resultHandler(error) {
+    backups.upload(backupId, format, dataDir, (progress) => process.send(progress), function resultHandler(error) {
         if (error) debug('upload completed with error', error);
 
         debug('upload completed');
 
-        safe.fs.writeFileSync(paths.BACKUP_RESULT_FILE, error ? error.message : '');
+        process.send({ result: error ? error.message : '' });
 
         // https://nodejs.org/api/process.html are exit codes used by node. apps.js uses the value below
         // to check apptask crashes

src/scripts/restartdocker.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -eu -o pipefail
+
+if [[ ${EUID} -ne 0 ]]; then
+    echo "This script should be run as root." > /dev/stderr
+    exit 1
+fi
+
+if [[ $# == 1 && "$1" == "--check" ]]; then
+    echo "OK"
+    exit 0
+fi
+
+if [[ "${BOX_ENV}" == "cloudron" ]]; then
+    systemctl restart docker
+fi
+

src/scripts/restartunbound.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -eu -o pipefail
+
+if [[ ${EUID} -ne 0 ]]; then
+    echo "This script should be run as root." > /dev/stderr
+    exit 1
+fi
+
+if [[ $# == 1 && "$1" == "--check" ]]; then
+    echo "OK"
+    exit 0
+fi
+
+if [[ "${BOX_ENV}" == "cloudron" ]]; then
+    unbound-anchor -a /var/lib/unbound/root.key
+    systemctl restart unbound
+fi
+

src/scripts/update.sh

@@ -30,21 +30,32 @@ if systemctl reset-failed "${UPDATER_SERVICE}"; then
     echo "=> service has failed earlier"
 fi
 
-echo "=> Run installer.sh as cloudron-updater.service"
-if ! systemd-run --unit "${UPDATER_SERVICE}" ${installer_path}; then
-    echo "Failed to install cloudron. See ${LOG_FILE} for details"
+# StandardError will follow StandardOutput in default inherit mode. https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+echo "=> Run installer.sh as ${UPDATER_SERVICE}."
+if [[ "$(systemd --version | head -n1)" != "systemd 22"* ]]; then
+    readonly DATETIME=`date '+%Y-%m-%d_%H-%M-%S'`
+    readonly LOG_FILE="/home/yellowtent/platformdata/logs/updater/cloudron-updater-${DATETIME}.log"
+
+    update_service_options="-p StandardOutput=file:${LOG_FILE}"
+    echo "=> starting service (ubuntu 18.04) ${UPDATER_SERVICE}. see logs at ${LOG_FILE}"
+else
+    update_service_options=""
+    echo "=> starting service (ubuntu 16.04) ${UPDATER_SERVICE}. see logs using journalctl -u ${UPDATER_SERVICE}"
+fi
+
+if ! systemd-run --unit "${UPDATER_SERVICE}" $update_service_options ${installer_path}; then
+    echo "Failed to install cloudron. See log for details"
     exit 1
 fi
 
-echo "=> service ${UPDATER_SERVICE} started."
-echo "=> See logs with journalctl -u ${UPDATER_SERVICE} -f"
-
 while true; do
-    if systemctl is-failed "${UPDATER_SERVICE}"; then
+    if systemctl is-failed "${UPDATER_SERVICE}" >/dev/null 2>&1; then
         echo "=> ${UPDATER_SERVICE} has failed"
         exit 1
     fi
 
+    echo "${UPDATER_SERVICE} is still active. will check in 5 seconds"
+
     sleep 5
     # this loop will stop once the update process stopped the box unit and thus terminating this child process
 done

src/server.js

@@ -19,7 +19,6 @@ var accesscontrol = require('./accesscontrol.js'),
     passport = require('passport'),
     path = require('path'),
     routes = require('./routes/index.js'),
-    setup = require('./setup.js'),
     ws = require('ws');
 
 var gHttpServer = null;
@@ -109,12 +108,11 @@ function initializeExpressSync() {
     var csrf = routes.oauth2.csrf();
 
     // public routes
-    router.post('/api/v1/cloudron/setup', routes.setup.providerTokenAuth, routes.setup.provision);    // only available until no-domain
-    router.post('/api/v1/cloudron/restore', routes.setup.restore);    // only available until activated
-    router.post('/api/v1/cloudron/activate', routes.setup.setupTokenAuth, routes.setup.activate);
-    router.get ('/api/v1/cloudron/status', routes.setup.getStatus);
+    router.post('/api/v1/cloudron/setup', routes.provision.providerTokenAuth, routes.provision.setup);    // only available until no-domain
+    router.post('/api/v1/cloudron/restore', routes.provision.restore);    // only available until activated
+    router.post('/api/v1/cloudron/activate', routes.provision.setupTokenAuth, routes.provision.activate);
+    router.get ('/api/v1/cloudron/status', routes.cloudron.getStatus);
 
-    router.get ('/api/v1/cloudron/progress', routes.cloudron.getProgress);
     router.get ('/api/v1/cloudron/avatar', routes.settings.getCloudronAvatar); // this is a public alias for /api/v1/settings/cloudron_avatar
 
     // developer routes
@@ -123,7 +121,10 @@ function initializeExpressSync() {
     // cloudron routes
     router.get ('/api/v1/cloudron/update', cloudronScope, routes.cloudron.getUpdateInfo);
     router.post('/api/v1/cloudron/update', cloudronScope, routes.cloudron.update);
+    router.post('/api/v1/cloudron/set_dashboard_domain', cloudronScope, routes.cloudron.setDashboardDomain);
+    router.post('/api/v1/cloudron/renew_certs', cloudronScope, routes.cloudron.renewCerts);
     router.post('/api/v1/cloudron/check_for_updates', cloudronScope, routes.cloudron.checkForUpdates);
+    router.get ('/api/v1/cloudron/reboot', cloudronScope, routes.cloudron.isRebootRequired);
     router.post('/api/v1/cloudron/reboot', cloudronScope, routes.cloudron.reboot);
     router.get ('/api/v1/cloudron/graphs', cloudronScope, routes.graphs.getGraphs);
     router.get ('/api/v1/cloudron/disks', cloudronScope, routes.cloudron.getDisks);
@@ -135,6 +136,17 @@ function initializeExpressSync() {
     router.del ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, isUnmanaged, routes.ssh.delAuthorizedKey);
     router.get ('/api/v1/cloudron/eventlog', cloudronScope, routes.eventlog.get);
 
+    // tasks
+    router.get ('/api/v1/tasks', settingsScope, routes.tasks.list);
+    router.get ('/api/v1/tasks/:taskId', settingsScope, routes.tasks.get);
+    router.get ('/api/v1/tasks/:taskId/logs', cloudronScope, routes.tasks.getLogs);
+    router.get ('/api/v1/tasks/:taskId/logstream', cloudronScope, routes.tasks.getLogStream);
+    router.post('/api/v1/tasks/:taskId/stop', settingsScope, routes.tasks.stopTask);
+
+    // backups
+    router.get ('/api/v1/backups', settingsScope, routes.backups.list);
+    router.post('/api/v1/backups', settingsScope, routes.backups.startBackup);
+
     // config route (for dashboard)
     router.get ('/api/v1/config', profileScope, routes.cloudron.getConfig);
 
@@ -253,7 +265,7 @@ function initializeExpressSync() {
     router.post('/api/v1/mail/:domain/enable',        mailScope, routes.mail.setMailEnabled);
     router.post('/api/v1/mail/:domain/dns',        mailScope, routes.mail.setDnsRecords);
     router.post('/api/v1/mail/:domain/send_test_mail',  mailScope, routes.mail.sendTestMail);
-    router.get ('/api/v1/mail/:domain/mailboxes',  mailScope, routes.mail.getMailboxes);
+    router.get ('/api/v1/mail/:domain/mailboxes',  mailScope, routes.mail.listMailboxes);
     router.get ('/api/v1/mail/:domain/mailboxes/:name',  mailScope, routes.mail.getMailbox);
     router.post('/api/v1/mail/:domain/mailboxes',  mailScope, routes.mail.addMailbox);
     router.post('/api/v1/mail/:domain/mailboxes/:name',  mailScope, routes.mail.updateMailbox);
@@ -270,21 +282,20 @@ function initializeExpressSync() {
     // feedback
     router.post('/api/v1/feedback', cloudronScope, isUnmanaged, routes.cloudron.feedback);
 
-    // backup routes
-    router.get ('/api/v1/backups', settingsScope, routes.backups.get);
-    router.post('/api/v1/backups', settingsScope, routes.backups.create);
-
     // domain routes
     router.post('/api/v1/domains', domainsManageScope, routes.domains.add);
     router.get ('/api/v1/domains', domainsReadScope, routes.domains.getAll);
     router.get ('/api/v1/domains/:domain', domainsManageScope, verifyDomainLock, routes.domains.get);  // this is manage scope because it returns non-restricted fields
     router.put ('/api/v1/domains/:domain', domainsManageScope, verifyDomainLock, routes.domains.update);
-    router.post ('/api/v1/domains/:domain/renew_certs', domainsManageScope, verifyDomainLock, routes.domains.renewCerts);
     router.del ('/api/v1/domains/:domain', domainsManageScope, verifyDomainLock, routes.users.verifyPassword, routes.domains.del);
 
-    // caas routes
-    router.get('/api/v1/caas/config', cloudronScope, routes.caas.getConfig);
-    router.post('/api/v1/caas/change_plan', cloudronScope, routes.users.verifyPassword, routes.caas.changePlan);
+    // addon routes
+    router.get ('/api/v1/services', cloudronScope, routes.services.getAll);
+    router.get ('/api/v1/services/:service', cloudronScope, routes.services.get);
+    router.post('/api/v1/services/:service', cloudronScope, routes.services.configure);
+    router.get ('/api/v1/services/:service/logs', cloudronScope, routes.services.getLogs);
+    router.get ('/api/v1/services/:service/logstream', cloudronScope, routes.services.getLogStream);
+    router.post('/api/v1/services/:service/restart', cloudronScope, routes.services.restart);
 
     // disable server socket "idle" timeout. we use the timeout middleware to handle timeouts on a route level
     // we rely on nginx for timeouts on the TCP level (see client_header_timeout)
@@ -344,6 +355,7 @@ function initializeSysadminExpressSync() {
     router.post('/api/v1/backup', routes.sysadmin.backup);
     router.post('/api/v1/update', routes.sysadmin.update);
     router.post('/api/v1/retire', routes.sysadmin.retire);
+    router.post('/api/v1/apps/:id/import', routes.sysadmin.importAppDatabase);
 
     return httpServer;
 }
@@ -361,7 +373,6 @@ function start(callback) {
         routes.accesscontrol.initialize,  // hooks up authentication strategies into passport
         database.initialize,
         cloudron.initialize,
-        setup.configureWebadmin,
         gHttpServer.listen.bind(gHttpServer, config.get('port'), '127.0.0.1'),
         gSysadminHttpServer.listen.bind(gSysadminHttpServer, config.get('sysadminPort'), '127.0.0.1'),
         eventlog.add.bind(null, eventlog.ACTION_START, { userId: null, username: 'boot' }, { version: config.version() })
@@ -380,7 +391,7 @@ function stop(callback) {
         gHttpServer.close.bind(gHttpServer),
         gSysadminHttpServer.close.bind(gSysadminHttpServer)
     ], function (error) {
-        if (error) console.error(error);
+        if (error) return callback(error);
 
         routes.oauth2.uninitialize();
 

src/settings.js

@@ -3,9 +3,6 @@
 exports = module.exports = {
     SettingsError: SettingsError,
 
-    initialize: initialize,
-    uninitialize: uninitialize,
-
     getAppAutoupdatePattern: getAppAutoupdatePattern,
     setAppAutoupdatePattern: setAppAutoupdatePattern,
 
@@ -57,7 +54,8 @@ exports = module.exports = {
     TIME_ZONE_KEY: 'time_zone',
     CLOUDRON_NAME_KEY: 'cloudron_name',
 
-    events: null
+    on: on,
+    removeListener: removeListener
 };
 
 var addons = require('./addons.js'),
@@ -88,6 +86,7 @@ var gDefaults = (function () {
         provider: 'filesystem',
         key: '',
         backupFolder: '/var/backups',
+        format: 'tgz',
         retentionSecs: 2 * 24 * 60 * 60, // 2 days
         intervalSecs: 24 * 60 * 60 // ~1 day
     };
@@ -100,6 +99,8 @@ var gDefaults = (function () {
     return result;
 })();
 
+let gEvents = new (require('events').EventEmitter)();
+
 function SettingsError(reason, errorOrMessage) {
     assert.strictEqual(typeof reason, 'string');
     assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
@@ -124,18 +125,12 @@ SettingsError.EXTERNAL_ERROR = 'External Error';
 SettingsError.NOT_FOUND = 'Not Found';
 SettingsError.BAD_FIELD = 'Bad Field';
 
-function initialize(callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    exports.events = new (require('events').EventEmitter)();
-    callback();
+function on(key, handler) {
+    gEvents.on(key, handler);
 }
 
-function uninitialize(callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    exports.events = null;
-    callback();
+function removeListener(key, handler) {
+    gEvents.removeListener(key, handler);
 }
 
 function setAppAutoupdatePattern(pattern, callback) {
@@ -150,7 +145,7 @@ function setAppAutoupdatePattern(pattern, callback) {
     settingsdb.set(exports.APP_AUTOUPDATE_PATTERN_KEY, pattern, function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        exports.events.emit(exports.APP_AUTOUPDATE_PATTERN_KEY, pattern);
+        gEvents.emit(exports.APP_AUTOUPDATE_PATTERN_KEY, pattern);
 
         return callback(null);
     });
@@ -179,7 +174,7 @@ function setBoxAutoupdatePattern(pattern, callback) {
     settingsdb.set(exports.BOX_AUTOUPDATE_PATTERN_KEY, pattern, function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        exports.events.emit(exports.BOX_AUTOUPDATE_PATTERN_KEY, pattern);
+        gEvents.emit(exports.BOX_AUTOUPDATE_PATTERN_KEY, pattern);
 
         return callback(null);
     });
@@ -205,7 +200,7 @@ function setTimeZone(tz, callback) {
     settingsdb.set(exports.TIME_ZONE_KEY, tz, function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        exports.events.emit(exports.TIME_ZONE_KEY, tz);
+        gEvents.emit(exports.TIME_ZONE_KEY, tz);
 
         return callback(null);
     });
@@ -244,7 +239,7 @@ function setCloudronName(name, callback) {
     settingsdb.set(exports.CLOUDRON_NAME_KEY, name, function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        exports.events.emit(exports.CLOUDRON_NAME_KEY, name);
+        gEvents.emit(exports.CLOUDRON_NAME_KEY, name);
 
         return callback(null);
     });
@@ -293,7 +288,7 @@ function setDynamicDnsConfig(enabled, callback) {
     settingsdb.set(exports.DYNAMIC_DNS_KEY, enabled ? 'enabled' : '', function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        exports.events.emit(exports.DYNAMIC_DNS_KEY, enabled);
+        gEvents.emit(exports.DYNAMIC_DNS_KEY, enabled);
 
         return callback(null);
     });
@@ -324,7 +319,7 @@ function setBackupConfig(backupConfig, callback) {
         settingsdb.set(exports.BACKUP_CONFIG_KEY, JSON.stringify(backupConfig), function (error) {
             if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-            exports.events.emit(exports.BACKUP_CONFIG_KEY, backupConfig);
+            gEvents.emit(exports.BACKUP_CONFIG_KEY, backupConfig);
 
             callback(null);
         });
@@ -349,7 +344,7 @@ function setEmailDigest(enabled, callback) {
     settingsdb.set(exports.EMAIL_DIGEST, enabled ? 'enabled' : '', function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        exports.events.emit(exports.EMAIL_DIGEST, enabled);
+        gEvents.emit(exports.EMAIL_DIGEST, enabled);
 
         callback(null);
     });
@@ -399,7 +394,7 @@ function setPlatformConfig(platformConfig, callback) {
     settingsdb.set(exports.PLATFORM_CONFIG_KEY, JSON.stringify(platformConfig), function (error) {
         if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-        addons.updateAddonConfig(platformConfig, callback);
+        addons.updateServiceConfig(platformConfig, callback);
     });
 }
 
@@ -422,7 +417,7 @@ function setAppstoreConfig(appstoreConfig, callback) {
             settingsdb.set(exports.APPSTORE_CONFIG_KEY, JSON.stringify(data), function (error) {
                 if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error));
 
-                exports.events.emit(exports.APPSTORE_CONFIG_KEY, appstoreConfig);
+                gEvents.emit(exports.APPSTORE_CONFIG_KEY, appstoreConfig);
 
                 callback(null);
             });

src/setup.js

@@ -1,325 +0,0 @@
-'use strict';
-
-exports = module.exports = {
-    provision: provision,
-    restore: restore,
-    getStatus: getStatus,
-    activate: activate,
-
-    configureWebadmin: configureWebadmin,
-
-    SetupError: SetupError
-};
-
-var assert = require('assert'),
-    async = require('async'),
-    backups = require('./backups.js'),
-    BackupsError = require('./backups.js').BackupsError,
-    config = require('./config.js'),
-    constants = require('./constants.js'),
-    clients = require('./clients.js'),
-    cloudron = require('./cloudron.js'),
-    debug = require('debug')('box:setup'),
-    domains = require('./domains.js'),
-    DomainsError = domains.DomainsError,
-    eventlog = require('./eventlog.js'),
-    mail = require('./mail.js'),
-    path = require('path'),
-    reverseProxy = require('./reverseproxy.js'),
-    safe = require('safetydance'),
-    semver = require('semver'),
-    settingsdb = require('./settingsdb.js'),
-    settings = require('./settings.js'),
-    shell = require('./shell.js'),
-    superagent = require('superagent'),
-    sysinfo = require('./sysinfo.js'),
-    users = require('./users.js'),
-    UsersError = users.UsersError,
-    tld = require('tldjs'),
-    util = require('util');
-
-var RESTART_CMD = path.join(__dirname, 'scripts/restart.sh');
-
-var NOOP_CALLBACK = function (error) { if (error) debug(error); };
-
-var gWebadminStatus = {
-    dns: false,
-    tls: false,
-    configuring: false,
-    restore: {
-        active: false,
-        error: null
-    }
-};
-
-function SetupError(reason, errorOrMessage) {
-    assert.strictEqual(typeof reason, 'string');
-    assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
-
-    Error.call(this);
-    Error.captureStackTrace(this, this.constructor);
-
-    this.name = this.constructor.name;
-    this.reason = reason;
-    if (typeof errorOrMessage === 'undefined') {
-        this.message = reason;
-    } else if (typeof errorOrMessage === 'string') {
-        this.message = errorOrMessage;
-    } else {
-        this.message = 'Internal error';
-        this.nestedError = errorOrMessage;
-    }
-}
-util.inherits(SetupError, Error);
-SetupError.BAD_FIELD = 'Field error';
-SetupError.BAD_STATE = 'Bad State';
-SetupError.ALREADY_SETUP = 'Already Setup';
-SetupError.INTERNAL_ERROR = 'Internal Error';
-SetupError.EXTERNAL_ERROR = 'External Error';
-SetupError.ALREADY_PROVISIONED = 'Already Provisioned';
-
-function autoprovision(autoconf, callback) {
-    assert.strictEqual(typeof autoconf, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    async.eachSeries(Object.keys(autoconf), function (key, iteratorDone) {
-        debug(`autoprovision: ${key}`);
-
-        switch (key) {
-        case 'appstoreConfig':
-            if (config.provider() === 'caas') { // skip registration
-                settingsdb.set(settings.APPSTORE_CONFIG_KEY, JSON.stringify(autoconf[key]), iteratorDone);
-            } else { // register cloudron
-                settings.setAppstoreConfig(autoconf[key], iteratorDone);
-            }
-            break;
-        case 'caasConfig':
-            settingsdb.set(settings.CAAS_CONFIG_KEY, JSON.stringify(autoconf[key]), iteratorDone);
-            break;
-        case 'backupConfig':
-            settings.setBackupConfig(autoconf[key], iteratorDone);
-            break;
-        default:
-            debug(`autoprovision: ${key} ignored`);
-            return iteratorDone();
-        }
-    }, function (error) {
-        if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-        callback(null);
-    });
-}
-
-function configureWebadmin(callback) {
-    callback = callback || NOOP_CALLBACK;
-
-    debug('configureWebadmin: adminDomain:%s status:%j', config.adminDomain(), gWebadminStatus);
-
-    if (process.env.BOX_ENV === 'test' || !config.adminDomain() || gWebadminStatus.configuring) return callback();
-
-    gWebadminStatus.configuring = true; // re-entracy guard
-
-    function configureReverseProxy(error) {
-        debug('configureReverseProxy: error %j', error || null);
-
-        reverseProxy.configureAdmin({ userId: null, username: 'setup' }, function (error) {
-            debug('configureWebadmin: done error: %j', error || {});
-            gWebadminStatus.configuring = false;
-
-            if (error) return callback(error);
-
-            gWebadminStatus.tls = true;
-
-            callback();
-        });
-    }
-
-    // update the DNS. configure nginx regardless of whether it succeeded so that
-    // box is accessible even if dns creds are invalid
-    sysinfo.getPublicIp(function (error, ip) {
-        if (error) return configureReverseProxy(error);
-
-        domains.upsertDnsRecords(config.adminLocation(), config.adminDomain(), 'A', [ ip ], function (error) {
-            debug('addWebadminDnsRecord: updated records with error:', error);
-            if (error) return configureReverseProxy(error);
-
-            domains.waitForDnsRecord(config.adminLocation(), config.adminDomain(), 'A', ip, { interval: 30000, times: 50000 }, function (error) {
-                if (error) return configureReverseProxy(error);
-
-                gWebadminStatus.dns = true;
-
-                configureReverseProxy();
-            });
-        });
-    });
-}
-
-function provision(dnsConfig, autoconf, callback) {
-    assert.strictEqual(typeof dnsConfig, 'object');
-    assert.strictEqual(typeof autoconf, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    if (config.adminDomain()) return callback(new SetupError(SetupError.ALREADY_SETUP));
-
-    if (gWebadminStatus.configuring || gWebadminStatus.restore.active) return callback(new SetupError(SetupError.BAD_STATE, 'Already restoring or configuring'));
-
-    const domain = dnsConfig.domain.toLowerCase();
-    const zoneName = dnsConfig.zoneName ? dnsConfig.zoneName : (tld.getDomain(domain) || domain);
-
-    const adminFqdn = 'my' + (dnsConfig.config.hyphenatedSubdomains ? '-' : '.') + domain;
-
-    debug(`provision: Setting up Cloudron with domain ${domain} and zone ${zoneName} using admin fqdn ${adminFqdn}`);
-
-    domains.get(domain, function (error, result) {
-        if (error && error.reason !== DomainsError.NOT_FOUND) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-        if (result) return callback(new SetupError(SetupError.BAD_STATE, 'Domain already exists'));
-
-        async.series([
-            domains.add.bind(null, domain, zoneName, dnsConfig.provider, dnsConfig.config, dnsConfig.fallbackCertificate || null, dnsConfig.tlsConfig || { provider: 'letsencrypt-prod' }),
-            mail.addDomain.bind(null, domain)
-        ],  function (error) {
-            if (error && error.reason === DomainsError.BAD_FIELD) return callback(new SetupError(SetupError.BAD_FIELD, error.message));
-            if (error && error.reason === DomainsError.ALREADY_EXISTS) return callback(new SetupError(SetupError.BAD_FIELD, error.message));
-            if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-            config.setAdminDomain(domain); // set fqdn only after dns config is valid, otherwise cannot re-setup if we failed
-            config.setAdminFqdn(adminFqdn);
-            config.setAdminLocation('my');
-
-            clients.addDefaultClients(config.adminOrigin(), callback);
-
-            async.series([
-                autoprovision.bind(null, autoconf),
-                configureWebadmin
-            ], NOOP_CALLBACK);
-        });
-    });
-}
-
-function setTimeZone(ip, callback) {
-    assert.strictEqual(typeof ip, 'string');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('setTimeZone ip:%s', ip);
-
-    superagent.get('https://geolocation.cloudron.io/json').query({ ip: ip }).timeout(10 * 1000).end(function (error, result) {
-        if ((error && !error.response) || result.statusCode !== 200) {
-            debug('Failed to get geo location: %s', error.message);
-            return callback(null);
-        }
-
-        var timezone = safe.query(result.body, 'location.time_zone');
-
-        if (!timezone || typeof timezone !== 'string') {
-            debug('No timezone in geoip response : %j', result.body);
-            return callback(null);
-        }
-
-        debug('Setting timezone to ', timezone);
-
-        settings.setTimeZone(timezone, callback);
-    });
-}
-
-function activate(username, password, email, displayName, ip, auditSource, callback) {
-    assert.strictEqual(typeof username, 'string');
-    assert.strictEqual(typeof password, 'string');
-    assert.strictEqual(typeof email, 'string');
-    assert.strictEqual(typeof displayName, 'string');
-    assert.strictEqual(typeof ip, 'string');
-    assert.strictEqual(typeof auditSource, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    debug('activating user:%s email:%s', username, email);
-
-    setTimeZone(ip, function () { }); // TODO: get this from user. note that timezone is detected based on the browser location and not the cloudron region
-
-    users.createOwner(username, password, email, displayName, auditSource, function (error, userObject) {
-        if (error && error.reason === UsersError.ALREADY_EXISTS) return callback(new SetupError(SetupError.ALREADY_PROVISIONED));
-        if (error && error.reason === UsersError.BAD_FIELD) return callback(new SetupError(SetupError.BAD_FIELD, error.message));
-        if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-        clients.addTokenByUserId('cid-webadmin', userObject.id, Date.now() + constants.DEFAULT_TOKEN_EXPIRATION, {}, function (error, result) {
-            if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-            eventlog.add(eventlog.ACTION_ACTIVATE, auditSource, { });
-
-            callback(null, {
-                userId: userObject.id,
-                token: result.accessToken,
-                expires: result.expires
-            });
-
-            setTimeout(cloudron.onActivated, 3000); // hack for now to not block the above http response
-        });
-    });
-}
-
-function restore(backupConfig, backupId, version, autoconf, callback) {
-    assert.strictEqual(typeof backupConfig, 'object');
-    assert.strictEqual(typeof backupId, 'string');
-    assert.strictEqual(typeof version, 'string');
-    assert.strictEqual(typeof autoconf, 'object');
-    assert.strictEqual(typeof callback, 'function');
-
-    if (!semver.valid(version)) return callback(new SetupError(SetupError.BAD_STATE, 'version is not a valid semver'));
-    if (semver.major(config.version()) !== semver.major(version) || semver.minor(config.version()) !== semver.minor(version)) return callback(new SetupError(SetupError.BAD_STATE, `Run cloudron-setup with --version ${version} to restore from this backup`));
-
-    if (gWebadminStatus.configuring || gWebadminStatus.restore.active) return callback(new SetupError(SetupError.BAD_STATE, 'Already restoring or configuring'));
-
-    users.count(function (error, count) {
-        if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-        if (count) return callback(new SetupError(SetupError.ALREADY_PROVISIONED, 'Already activated'));
-
-        backups.testConfig(backupConfig, function (error) {
-            if (error && error.reason === BackupsError.BAD_FIELD) return callback(new SetupError(SetupError.BAD_FIELD, error.message));
-            if (error && error.reason === BackupsError.EXTERNAL_ERROR) return callback(new SetupError(SetupError.EXTERNAL_ERROR, error.message));
-            if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-            debug(`restore: restoring from ${backupId} from provider ${backupConfig.provider} with format ${backupConfig.format}`);
-
-            gWebadminStatus.restore.active = true;
-            gWebadminStatus.restore.error = null;
-
-            callback(null); // do no block
-
-            async.series([
-                backups.restore.bind(null, backupConfig, backupId),
-                autoprovision.bind(null, autoconf),
-                // currently, our suggested restore flow is after a dnsSetup. The dnSetup creates DKIM keys and updates the DNS
-                // for this reason, we have to re-setup DNS after a restore so it has DKIm from the backup
-                // Once we have a 100% IP based restore, we can skip this
-                mail.setDnsRecords.bind(null, config.adminDomain()),
-                shell.sudo.bind(null, 'restart', [ RESTART_CMD ])
-            ], function (error) {
-                debug('restore:', error);
-                if (error) gWebadminStatus.restore.error = error.message;
-                gWebadminStatus.restore.active = false;
-            });
-        });
-    });
-}
-
-function getStatus(callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    users.count(function (error, count) {
-        if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-        settings.getCloudronName(function (error, cloudronName) {
-            if (error) return callback(new SetupError(SetupError.INTERNAL_ERROR, error));
-
-            callback(null, {
-                version: config.version(),
-                apiServerOrigin: config.apiServerOrigin(), // used by CaaS tool
-                provider: config.provider(),
-                cloudronName: cloudronName,
-                adminFqdn: config.adminDomain() ? config.adminFqdn() : null,
-                activated: count !== 0,
-                edition: config.edition(),
-                webadminStatus: gWebadminStatus // only valid when !activated
-            });
-        });
-    });
-}

src/shell.js

@@ -1,10 +1,9 @@
 'use strict';
 
 exports = module.exports = {
+    spawn: spawn,
     exec: exec,
-    execSync: execSync,
-    sudo: sudo,
-    sudoSync: sudoSync
+    sudo: sudo
 };
 
 var assert = require('assert'),
@@ -15,21 +14,22 @@ var assert = require('assert'),
 
 var SUDO = '/usr/bin/sudo';
 
-function execSync(tag, cmd, callback) {
+function exec(tag, cmd, callback) {
     assert.strictEqual(typeof tag, 'string');
     assert.strictEqual(typeof cmd, 'string');
+    assert.strictEqual(typeof callback, 'function');
 
-    debug(cmd);
-    try {
-        child_process.execSync(cmd, { stdio: 'inherit' });
-    } catch (e) {
-        if (callback) return callback(e);
-        throw e;
-    }
-    if (callback) callback();
+    debug(`${tag} exec: ${cmd}`);
+
+    child_process.exec(cmd, function (error, stdout, stderr) {
+        debug(`${tag} (stdout): %s`, stdout.toString('utf8'));
+        debug(`${tag} (stderr): %s`, stderr.toString('utf8'));
+
+        callback(error);
+    });
 }
 
-function exec(tag, file, args, options, callback) {
+function spawn(tag, file, args, options, callback) {
     assert.strictEqual(typeof tag, 'string');
     assert.strictEqual(typeof file, 'string');
     assert(util.isArray(args));
@@ -38,7 +38,9 @@ function exec(tag, file, args, options, callback) {
 
     callback = once(callback); // exit may or may not be called after an 'error'
 
-    debug(tag + ' execFile: %s', file); // do not dump args as it might have sensitive info
+    debug(tag + ' spawn: %s %s', file, args.join(' '));
+
+    if (options.ipc) options.stdio = ['pipe', 'pipe', 'pipe', 'ipc'];
 
     var cp = child_process.spawn(file, args, options);
     if (options.logStream) {
@@ -50,7 +52,7 @@ function exec(tag, file, args, options, callback) {
         });
 
         cp.stderr.on('data', function (data) {
-            debug(tag + ' (stderr): %s', data.toString('utf8'));
+            debug(tag + ' (stdout): %s', data.toString('utf8'));
         });
     }
 
@@ -75,33 +77,14 @@ function exec(tag, file, args, options, callback) {
 function sudo(tag, args, options, callback) {
     assert.strictEqual(typeof tag, 'string');
     assert(util.isArray(args));
-
-    if (typeof options === 'function') {
-        callback = options;
-        options = { };
-    }
-
     assert.strictEqual(typeof options, 'object');
+    assert.strictEqual(typeof callback, 'function');
 
-    // -S makes sudo read stdin for password. -E preserves environment
-    var cp = exec(tag, SUDO, [ options.env ? '-SE' : '-S' ].concat(args), options, callback);
+    let sudoArgs = [ '-S' ]; // -S makes sudo read stdin for password
+    if (options.preserveEnv) sudoArgs.push('-E'); // -E preserves environment
+    if (options.ipc) sudoArgs.push('--close-from=4'); // keep the ipc open. requires closefrom_override in sudoers file
+
+    var cp = spawn(tag, SUDO, sudoArgs.concat(args), options, callback);
     cp.stdin.end();
     return cp;
 }
-
-function sudoSync(tag, cmd, callback) {
-    assert.strictEqual(typeof tag, 'string');
-    assert.strictEqual(typeof cmd, 'string');
-
-    // -S makes sudo read stdin for password
-    cmd = 'sudo -S ' + cmd;
-    debug(cmd);
-
-    try {
-        child_process.execSync(cmd, { stdio: 'inherit' });
-    } catch (e) {
-        if (callback) return callback(e);
-        throw e;
-    }
-    if (callback) callback();
-}

src/ssh.js

@@ -14,7 +14,6 @@ exports = module.exports = {
 var assert = require('assert'),
     config = require('./config.js'),
     debug = require('debug')('box:ssh'),
-    fs = require('fs'),
     path = require('path'),
     safe = require('safetydance'),
     shell = require('./shell.js'),
@@ -56,61 +55,72 @@ function clear(callback) {
     callback();
 }
 
-function saveKeys(keys) {
+function saveKeys(keys, callback) {
     assert(Array.isArray(keys));
+    assert.strictEqual(typeof callback, 'function');
 
     if (!safe.fs.writeFileSync(AUTHORIZED_KEYS_TMP_FILEPATH, keys.map(function (k) { return k.key; }).join('\n'))) {
         debug('Error writing to temporary file', safe.error);
-        return false;
+        return callback(safe.error);
     }
 
-    try {
-        // 600 = rw-------
-        fs.chmodSync(AUTHORIZED_KEYS_TMP_FILEPATH, '600');
-    } catch (e) {
-        debug('Failed to adjust permissions of %s %j', AUTHORIZED_KEYS_TMP_FILEPATH, e);
-        return false;
+    if (!safe.fs.chmodSync(AUTHORIZED_KEYS_TMP_FILEPATH, '600')) { // 600 = rw-------
+        debug('Failed to adjust permissions of %s %s', AUTHORIZED_KEYS_TMP_FILEPATH, safe.error);
+        return callback(safe.error);
     }
 
     var user = config.TEST ? process.env.USER : ((config.provider() === 'ec2' || config.provider() === 'lightsail' || config.provider() === 'ami') ? 'ubuntu' : 'root');
-    shell.sudoSync('authorized_keys', util.format('%s %s %s %s', AUTHORIZED_KEYS_CMD, user, AUTHORIZED_KEYS_TMP_FILEPATH, AUTHORIZED_KEYS_FILEPATH));
+    shell.sudo('authorized_keys', [ AUTHORIZED_KEYS_CMD, user, AUTHORIZED_KEYS_TMP_FILEPATH, AUTHORIZED_KEYS_FILEPATH ], {}, function (error) {
+        if (error) return callback(error);
 
-    return true;
+        callback(null);
+    });
 }
 
-function getKeys() {
-    shell.sudoSync('authorized_keys', util.format('%s %s %s %s', AUTHORIZED_KEYS_CMD, process.env.USER, AUTHORIZED_KEYS_FILEPATH, AUTHORIZED_KEYS_TMP_FILEPATH));
+function getKeys(callback) {
+    assert.strictEqual(typeof callback, 'function');
 
-    var content = safe.fs.readFileSync(AUTHORIZED_KEYS_TMP_FILEPATH, 'utf8');
-    if (!content) return [];
+    shell.sudo('authorized_keys', [ AUTHORIZED_KEYS_CMD, process.env.USER, AUTHORIZED_KEYS_FILEPATH, AUTHORIZED_KEYS_TMP_FILEPATH ], {}, function (error) {
+        if (error) return callback(error);
 
-    var keys = content.split('\n')
-        .filter(function (k) { return !!k.trim(); })
-        .map(function (k) { return { identifier: k.split(' ')[2], key: k }; })
-        .filter(function (k) { return k.identifier && k.key; });
+        var content = safe.fs.readFileSync(AUTHORIZED_KEYS_TMP_FILEPATH, 'utf8');
+        if (!content) return callback(null, []);
 
-    safe.fs.unlinkSync(AUTHORIZED_KEYS_TMP_FILEPATH);
+        var keys = content.split('\n')
+            .filter(function (k) { return !!k.trim(); })
+            .map(function (k) { return { identifier: k.split(' ')[2], key: k }; })
+            .filter(function (k) { return k.identifier && k.key; });
 
-    return keys;
+        safe.fs.unlinkSync(AUTHORIZED_KEYS_TMP_FILEPATH);
+
+        return callback(null, keys);
+    });
 }
 
 function getAuthorizedKeys(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    return callback(null, getKeys().sort(function (a, b) { return a.identifier.localeCompare(b.identifier); }));
+    getKeys(function (error, keys) {
+        if (error) return callback(new SshError(SshError.INTERNAL_ERROR, error));
+
+        return callback(null, keys.sort(function (a, b) { return a.identifier.localeCompare(b.identifier); }));
+    });
 }
 
 function getAuthorizedKey(identifier, callback) {
     assert.strictEqual(typeof identifier, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    var keys = getKeys();
-    if (keys.length === 0) return callback(new SshError(SshError.NOT_FOUND));
+    getKeys(function (error, keys) {
+        if (error) return callback(new SshError(SshError.INTERNAL_ERROR, error));
 
-    var key = keys.find(function (k) { return k.identifier === identifier; });
-    if (!key) return callback(new SshError(SshError.NOT_FOUND));
+        if (keys.length === 0) return callback(new SshError(SshError.NOT_FOUND));
 
-    callback(null, key);
+        var key = keys.find(function (k) { return k.identifier === identifier; });
+        if (!key) return callback(new SshError(SshError.NOT_FOUND));
+
+        callback(null, key);
+    });
 }
 
 function addAuthorizedKey(key, callback) {
@@ -124,28 +134,38 @@ function addAuthorizedKey(key, callback) {
 
     var identifier = tmp[2];
 
-    var keys = getKeys();
-    var index = keys.findIndex(function (k) { return k.identifier === identifier; });
-    if (index !== -1) keys[index] = { identifier: identifier, key: key };
-    else keys.push({ identifier: identifier, key: key });
+    getKeys(function (error, keys) {
+        if (error) return callback(new SshError(SshError.INTERNAL_ERROR, error));
 
-    if (!saveKeys(keys)) return callback(new SshError(SshError.INTERNAL_ERROR));
+        var index = keys.findIndex(function (k) { return k.identifier === identifier; });
+        if (index !== -1) keys[index] = { identifier: identifier, key: key };
+        else keys.push({ identifier: identifier, key: key });
 
-    callback();
+        saveKeys(keys, function (error) {
+            if (error) return callback(new SshError(SshError.INTERNAL_ERROR, error));
+
+            callback(null);
+        });
+    });
 }
 
 function delAuthorizedKey(identifier, callback) {
     assert.strictEqual(typeof identifier, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    var keys = getKeys();
-    var index = keys.findIndex(function (k) { return k.identifier === identifier; });
-    if (index === -1) return callback(new SshError(SshError.NOT_FOUND));
+    getKeys(function (error, keys) {
+        if (error) return callback(new SshError(SshError.INTERNAL_ERROR, error));
 
-    // now remove the key
-    keys.splice(index, 1);
+        let index = keys.findIndex(function (k) { return k.identifier === identifier; });
+        if (index === -1) return callback(new SshError(SshError.NOT_FOUND));
 
-    if (!saveKeys(keys)) return callback(new SshError(SshError.INTERNAL_ERROR));
+        // now remove the key
+        keys.splice(index, 1);
 
-    callback();
+        saveKeys(keys, function (error) {
+            if (error) return callback(new SshError(SshError.INTERNAL_ERROR, error));
+
+            callback(null);
+        });
+    });
 }

src/storage/filesystem.js

@@ -120,7 +120,7 @@ function copy(apiConfig, oldFilePath, newFilePath) {
 
         // this will hardlink backups saving space
         var cpOptions = apiConfig.noHardlinks ? '-a' : '-al';
-        shell.exec('copy', '/bin/cp', [ cpOptions, oldFilePath, newFilePath ], { }, function (error) {
+        shell.spawn('copy', '/bin/cp', [ cpOptions, oldFilePath, newFilePath ], { }, function (error) {
             if (error) return events.emit('done', new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
 
             events.emit('done', null);
@@ -155,7 +155,7 @@ function removeDir(apiConfig, pathPrefix) {
 
     events.emit('progress', `removeDir: ${pathPrefix}`);
 
-    shell.exec('removeDir', '/bin/rm', [ '-rf', pathPrefix ], { }, function (error) {
+    shell.spawn('removeDir', '/bin/rm', [ '-rf', pathPrefix ], { }, function (error) {
         if (error) return events.emit('done', new BackupsError(BackupsError.EXTERNAL_ERROR, error.message));
 
         events.emit('done', null);

src/taskdb.js

@@ -0,0 +1,115 @@
+'use strict';
+
+exports = module.exports = {
+    get: get,
+    add: add,
+    update: update,
+    del: del,
+    listByTypePaged: listByTypePaged
+};
+
+let assert = require('assert'),
+    database = require('./database.js'),
+    DatabaseError = require('./databaseerror'),
+    safe = require('safetydance');
+
+const TASKS_FIELDS = [ 'id', 'type', 'argsJson', 'percent', 'message', 'errorMessage', 'creationTime', 'result', 'ts' ];
+
+function postProcess(result) {
+    assert.strictEqual(typeof result, 'object');
+
+    assert(result.argsJson === null || typeof result.argsJson === 'string');
+    result.args = safe.JSON.parse(result.argsJson) || [];
+    delete result.argsJson;
+
+    result.id = String(result.id);
+}
+
+function add(task, callback) {
+    assert.strictEqual(typeof task, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    const query = 'INSERT INTO tasks (type, argsJson, percent, message) VALUES (?, ?, ?, ?)';
+    const args = [ task.type, JSON.stringify(task.args), task.percent, task.message ];
+
+    database.query(query, args, function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        callback(null, String(result.insertId));
+    });
+}
+
+function update(id, data, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof data, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    let args = [ ];
+    let fields = [ ];
+    for (let k in data) {
+        fields.push(k + ' = ?');
+        args.push(data[k]);
+    }
+    args.push(id);
+
+    database.query('UPDATE tasks SET ' + fields.join(', ') + ' WHERE id = ?', args, function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        return callback(null);
+    });
+}
+
+function get(id, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT ' + TASKS_FIELDS + ' FROM tasks WHERE id = ?', [ id ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        postProcess(result[0]);
+
+        callback(null, result[0]);
+    });
+}
+
+function del(id, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('DELETE FROM tasks WHERE id = ?', [ id ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        callback(null);
+    });
+}
+
+function listByTypePaged(type, page, perPage, callback) {
+    assert(typeof type === 'string' || type === null);
+    assert.strictEqual(typeof page, 'number');
+    assert.strictEqual(typeof perPage, 'number');
+    assert.strictEqual(typeof callback, 'function');
+
+    var data = [];
+    var query = 'SELECT ' + TASKS_FIELDS + ' FROM tasks';
+
+    if (type) {
+        query += ' WHERE TYPE=?';
+        data.push(type);
+    }
+
+    query += ' ORDER BY creationTime DESC LIMIT ?,?';
+
+    data.push((page-1)*perPage);
+    data.push(perPage);
+
+    database.query(query, data, function (error, results) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        results.forEach(postProcess);
+
+        callback(null, results);
+    });
+}

src/taskmanager.js

@@ -98,6 +98,7 @@ function startNextTask() {
     startAppTask(gPendingTasks.shift(), NOOP_CALLBACK);
 }
 
+// WARNING callback has to be called in sync for the concurrency check to work!
 function startAppTask(appId, callback) {
     assert.strictEqual(typeof appId, 'string');
     assert.strictEqual(typeof callback, 'function');
@@ -126,39 +127,39 @@ function startAppTask(appId, callback) {
         return callback();
     }
 
-    // ensure log folder
-    mkdirp.sync(path.join(paths.LOG_DIR, appId));
     var logFilePath = path.join(paths.LOG_DIR, appId, 'apptask.log');
+    var fd;
 
-    // will autoclose
-    fs.open(logFilePath, 'a', function (error, fd) {
-        if (error) {
-            debug('Unable to open log file, queueing task for %s', appId, error);
-            gPendingTasks.push(appId);
-            return callback();
+    // have to use sync here to avoid async callback, breaking concurrency check
+    try {
+        mkdirp.sync(path.join(paths.LOG_DIR, appId)); // ensure log folder
+        fd = fs.openSync(logFilePath, 'a'); // will autoclose
+    } catch (e) {
+        debug('Unable to get log filedescriptor, queueing task for %s', appId, e);
+        gPendingTasks.push(appId);
+        return callback();
+    }
+
+    // when parent process dies, apptask processes are killed because KillMode=control-group in systemd unit file
+    gActiveTasks[appId] = child_process.fork(__dirname + '/apptask.js', [ appId ], { stdio: [ 'pipe', fd, fd, 'ipc' ]});
+
+    var pid = gActiveTasks[appId].pid;
+    debug('Started task of %s pid: %s. See logs at %s', appId, pid, logFilePath);
+
+    gActiveTasks[appId].once('exit', function (code, signal) {
+        debug('Task for %s pid %s completed with status %s', appId, pid, code);
+        if (code === null /* signal */ || (code !== 0 && code !== 50)) { // apptask crashed
+            debug('Apptask crashed with code %s and signal %s', code, signal);
+            sendFailureLogs('apptask', { unit: 'box' });
+            appdb.update(appId, { installationState: appdb.ISTATE_ERROR, installationProgress: 'Apptask crashed with code ' + code + ' and signal ' + signal }, NOOP_CALLBACK);
+        } else if (code === 50) {
+            sendFailureLogs('apptask', { unit: 'box' });
         }
-
-        // when parent process dies, apptask processes are killed because KillMode=control-group in systemd unit file
-        gActiveTasks[appId] = child_process.fork(__dirname + '/apptask.js', [ appId ], { stdio: [ 'pipe', fd, fd, 'ipc' ]});
-
-        var pid = gActiveTasks[appId].pid;
-        debug('Started task of %s pid: %s. See logs at %s', appId, pid, logFilePath);
-
-        gActiveTasks[appId].once('exit', function (code, signal) {
-            debug('Task for %s pid %s completed with status %s', appId, pid, code);
-            if (code === null /* signal */ || (code !== 0 && code !== 50)) { // apptask crashed
-                debug('Apptask crashed with code %s and signal %s', code, signal);
-                sendFailureLogs('apptask', { unit: 'box' });
-                appdb.update(appId, { installationState: appdb.ISTATE_ERROR, installationProgress: 'Apptask crashed with code ' + code + ' and signal ' + signal }, NOOP_CALLBACK);
-            } else if (code === 50) {
-                sendFailureLogs('apptask', { unit: 'box' });
-            }
-            delete gActiveTasks[appId];
-            locker.unlock(locker.OP_APPTASK); // unlock event will trigger next task
-        });
-
-        callback();
+        delete gActiveTasks[appId];
+        locker.unlock(locker.OP_APPTASK); // unlock event will trigger next task
     });
+
+    callback();
 }
 
 function stopAppTask(appId, callback) {