Triton Datacenter user portal https://spearhead.cloud
This repository has been archived on 2024-08-21. You can view files and clone it, but cannot push or open issues or pull requests.
Go to file
Marsell Kukuljevic db8758cc30 Attempt to fix 408 errors from the cueball connection pool. The pool now
regularly pings cloudapi's /. Also (temporarily) silenced cueball noise.
2021-04-11 00:07:01 +02:00
app added app project files 2021-04-07 14:26:28 +03:00
bin Attempt to fix 408 errors from the cueball connection pool. The pool now 2021-04-11 00:07:01 +02:00
cfg Server uses TLS, sign all requests to cloudapi, and enable SSO. 2021-01-26 17:22:37 +01:00
.gitignore Server uses TLS, sign all requests to cloudapi, and enable SSO. 2021-01-26 17:22:37 +01:00
package-lock.json Server uses TLS, sign all requests to cloudapi, and enable SSO. 2021-01-26 17:22:37 +01:00
package.json Server uses TLS, sign all requests to cloudapi, and enable SSO. 2021-01-26 17:22:37 +01:00
README.md Log all requests, using the bunyan format (JSON with certain fields). This 2021-04-10 23:06:24 +02:00
static Changed how paths are handled by server.js, to more closely match the Angular 2021-04-10 21:50:50 +02:00

Installation

npm install

Generate server certificates

From within the config/ directory:

openssl genrsa -out key.pem
openssl req -new -key key.pem -out csr.pem
openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem
rm csr.pem

Configuration

Ensure the config file in config/ matches your details.

The SSH key used must be the correct format, e.g. generated with:

ssh-keygen -m PEM -t rsa -C "your@email.address"

Running the server

node bin/server.js config/prod.json

The server generates a lot of JSON data about every request. This is easier for a human to handle if they have bunyan installed ("npm install -g bunyan"), and instead:

node bin/server.js config/prod.json | bunyan

Endpoints

GET /*

This is where all the front-end code goes. All files will be served as-is as found in that directory (by default a symlink to app/dist). The default is static/index.html. There is no authentication; all files are public.

GET /api/login

Call this endpoint to begin the login cycle. It will redirect you to the SSO login page: an HTTP 302, with a Location header.

GET/POST/PUT/DELETE/HEAD /api/*

All calls will be passed through to cloudapi. For these calls to succeed, they MUST provide an X-Auth-Token header, containing the token returned from SSO.

Interaction cycle

client --- GET /api/login --------> this server <-- 302 Location #1 ----

client --- GET <Location #1> --> SSO server <-- 302 with token query arg

From now on call this server as if it were a cloudapi server (using cloudapi paths), except prefixing any path with "/api". Also always provide the X-Auth-Token.

For example, to retrieve a list of packages:

client --- GET /api/my/packages --> this server <-- 200 JSON body ------

The most useful cloudapi endpoints to begin with will be ListPackages, GetPackage, ListImages, GetImage, ListMachines, GetMachine, CreateMachine and DeleteMachine (see cloudapi docs).