jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
6c40cceddc4f5a6127fa6ec8487bd886e3bcf55c
cloudron-box/src/sftp.js
Girish Ramakrishnan 2f9a8029c4 sftp: only rebuild when app task queue is empty 
when multiple apptasks are scheduled, we end up with a sequence like this:
    - task1 finishes
    - task2 (uninstall) removes  appdata directory
    - sftp rebuild (from task1 finish)
    - task2 fails because sftp rebuild created empty appdata directory

a fix is to delay the sftp rebuild until all tasks are done. of course,
the same race is still there, if a user initiated another task immediately
but this seems unlikely. if that happens often, we can further add a sftpRebuildInProgress
flag inside apptaskmanager.

(cherry picked from commit 4cba5ca405)
2021-03-22 14:33:44 -07:00

122 lines
5.0 KiB
JavaScript
Raw Blame History

'use strict';
exports = module.exports = {
start,
rebuild,
DEFAULT_MEMORY_LIMIT: 256 * 1024 * 1024
};
var apps = require('./apps.js'),
assert = require('assert'),
async = require('async'),
debug = require('debug')('box:sftp'),
docker = require('./docker.js'),
hat = require('./hat.js'),
infra = require('./infra_version.js'),
paths = require('./paths.js'),
safe = require('safetydance'),
shell = require('./shell.js'),
system = require('./system.js'),
volumes = require('./volumes.js'),
_ = require('underscore');
function rebuild(serviceConfig, options, callback) {
assert.strictEqual(typeof serviceConfig, 'object');
assert.strictEqual(typeof options, 'object');
assert.strictEqual(typeof callback, 'function');
debug('rebuilding container');
const force = !!options.force;
const tag = infra.images.sftp.tag;
const memoryLimit = serviceConfig.memoryLimit || exports.DEFAULT_MEMORY_LIMIT;
const memory = system.getMemoryAllocation(memoryLimit);
const cloudronToken = hat(8 * 128);
apps.getAll(function (error, result) {
if (error) return callback(error);
let dataDirs = [];
result.forEach(function (app) {
if (!app.manifest.addons['localstorage']) return;
const hostDir = apps.getDataDir(app, app.dataDir), mountDir = `/app/data/${app.id}`;
if (!safe.fs.existsSync(hostDir)) { // this can fail if external mount does not have permissions for yellowtent user
// do not create host path when cloudron is restoring. this will then create dir with root perms making restore logic fail
debug(`Ignoring app data dir ${hostDir} for ${app.id} since it does not exist`);
return;
}
dataDirs.push({ hostDir, mountDir });
});
volumes.list(function (error, allVolumes) {
if (error) return callback(error);
allVolumes.forEach(function (volume) {
if (!safe.fs.existsSync(volume.hostPath)) {
debug(`Ignoring volume host path ${volume.hostPath} since it does not exist`);
return;
}
dataDirs.push({ hostDir: volume.hostPath, mountDir: `/app/data/${volume.id}` });
});
docker.inspect('sftp', function (error, data) {
if (!error && data && data.Mounts) {
let currentDataDirs = data.Mounts;
if (currentDataDirs) {
currentDataDirs = currentDataDirs.filter(function (d) { return d.Destination.indexOf('/app/data/') === 0; }).map(function (d) { return { hostDir: d.Source, mountDir: d.Destination }; });
// sort for comparison
currentDataDirs.sort(function (a, b) { return a.hostDir < b.hostDir ? -1 : 1; });
dataDirs.sort(function (a, b) { return a.hostDir < b.hostDir ? -1 : 1; });
if (!force && _.isEqual(currentDataDirs, dataDirs)) {
debug('Skipping rebuild, no changes');
return callback();
}
}
}
const mounts = dataDirs.map(function (v) { return `-v "${v.hostDir}:${v.mountDir}"`; }).join(' ');
const cmd = `docker run --restart=always -d --name="sftp" \
--hostname sftp \
--net cloudron \
--net-alias sftp \
--log-driver syslog \
--log-opt syslog-address=udp://127.0.0.1:2514 \
--log-opt syslog-format=rfc5424 \
--log-opt tag=sftp \
-m ${memory} \
--memory-swap ${memoryLimit} \
--dns 172.18.0.1 \
--dns-search=. \
-p 222:22 \
${mounts} \
-e CLOUDRON_SFTP_TOKEN="${cloudronToken}" \
-v "${paths.SFTP_KEYS_DIR}:/etc/ssh:ro" \
--label isCloudronManaged=true \
--read-only -v /tmp -v /run "${tag}"`;
// ignore error if container not found (and fail later) so that this code works across restarts
async.series([
shell.exec.bind(null, 'stopSftp', 'docker stop sftp || true'),
shell.exec.bind(null, 'removeSftp', 'docker rm -f sftp || true'),
shell.exec.bind(null, 'startSftp', cmd)
], callback);
});
});
});
}
function start(existingInfra, serviceConfig, callback) {
assert.strictEqual(typeof existingInfra, 'object');
assert.strictEqual(typeof serviceConfig, 'object');
assert.strictEqual(typeof callback, 'function');
rebuild(serviceConfig, { force: true }, callback); // force rebuild when infra changed
}
Reference in New Issue View Git Blame Copy Permalink