summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-lxc/luasrc/controller
diff options
context:
space:
mode:
authorDirk Brenken <dev@brenken.org>2018-05-26 19:32:39 +0200
committerDirk Brenken <dev@brenken.org>2018-05-27 20:46:13 +0200
commitd9b6c5dd781fec6603e7941b72774b9af140e858 (patch)
tree4aa99a1d39c05c418e5c5609f7b0c13540d13f8d /applications/luci-app-lxc/luasrc/controller
parentfa4dc6be91ad86dbaa0959b40bdb14f50ad21a67 (diff)
luci-app-lxc: fix "plain-vanilla" integration, part 2
I've tried to get the lxc app in a more usable state. Tested with mips and amd64 targets. * check /etc/config/lxc in controller, not in cbi * more controller cleanups * remove unused 'fork_exec' function * check path before container creation * check space requirements before container creation * support new uci options 'min_space' and 'min_temp', default for both is 100000 KB * both options are configurable via LuCI CBI template * write messages to log in case of an error * validate the container name during creation, automatically remove invalid chars * inform the user that only a stopped container can be destroyed * add experimental ssl support (untested, disabled by default) Signed-off-by: Dirk Brenken <dev@brenken.org>
Diffstat (limited to 'applications/luci-app-lxc/luasrc/controller')
-rw-r--r--applications/luci-app-lxc/luasrc/controller/lxc.lua112
1 files changed, 55 insertions, 57 deletions
diff --git a/applications/luci-app-lxc/luasrc/controller/lxc.lua b/applications/luci-app-lxc/luasrc/controller/lxc.lua
index e15915df5d..f14606ee81 100644
--- a/applications/luci-app-lxc/luasrc/controller/lxc.lua
+++ b/applications/luci-app-lxc/luasrc/controller/lxc.lua
@@ -14,73 +14,43 @@ Author: Petar Koretic <petar.koretic@sartura.hr>
]]--
+module("luci.controller.lxc", package.seeall)
+
local uci = require "luci.model.uci".cursor()
local util = require "luci.util"
local fs = require "nixio"
-module("luci.controller.lxc", package.seeall)
-
-function fork_exec(command)
- local pid = fs.fork()
- if pid > 0 then
+function index()
+ if not nixio.fs.access("/etc/config/lxc") then
return
- elseif pid == 0 then
- -- change to root dir
- fs.chdir("/")
-
- -- patch stdin, out, err to /dev/null
- local null = fs.open("/dev/null", "w+")
- if null then
- fs.dup(null, fs.stderr)
- fs.dup(null, fs.stdout)
- fs.dup(null, fs.stdin)
- if null:fileno() > 2 then
- null:close()
- end
- end
-
- -- replace with target command
- fs.exec("/bin/sh", "-c", command)
end
-end
-function index()
page = node("admin", "services", "lxc")
page.target = cbi("lxc")
page.title = _("LXC Containers")
page.order = 70
- page = entry({"admin", "services", "lxc_create"}, call("lxc_create"), nil)
- page.leaf = true
-
- page = entry({"admin", "services", "lxc_action"}, call("lxc_action"), nil)
- page.leaf = true
-
- page = entry({"admin", "services", "lxc_get_downloadable"}, call("lxc_get_downloadable"), nil)
- page.leaf = true
-
- page = entry({"admin", "services", "lxc_configuration_get"}, call("lxc_configuration_get"), nil)
- page.leaf = true
-
- page = entry({"admin", "services", "lxc_configuration_set"}, call("lxc_configuration_set"), nil)
- page.leaf = true
-
+ entry({"admin", "services", "lxc_create"}, call("lxc_create"), nil).leaf = true
+ entry({"admin", "services", "lxc_action"}, call("lxc_action"), nil).leaf = true
+ entry({"admin", "services", "lxc_get_downloadable"}, call("lxc_get_downloadable"), nil).leaf = true
+ entry({"admin", "services", "lxc_configuration_get"}, call("lxc_configuration_get"), nil).leaf = true
+ entry({"admin", "services", "lxc_configuration_set"}, call("lxc_configuration_set"), nil).leaf = true
end
function lxc_get_downloadable()
local target = lxc_get_arch_target()
local templates = {}
+ local ssl_status = lxc_get_ssl_status()
- local f = io.popen('sh /usr/share/lxc/templates/lxc-download --list --no-validate --server %s 2>/dev/null'
- % util.shellquote(uci:get("lxc", "lxc", "url")), 'r')
+ local f = io.popen('sh /usr/share/lxc/templates/lxc-download --list %s --server %s 2>/dev/null'
+ %{ ssl_status, util.shellquote(uci:get("lxc", "lxc", "url")) }, 'r')
local line
for line in f:lines() do
local dist, version, dist_target = line:match("^(%S+)%s+(%S+)%s+(%S+)%s+default%s+%S+$")
- if dist and version and dist_target == target then
+ if dist and version and dist_target and dist_target == target then
templates[#templates+1] = "%s:%s" %{ dist, version }
end
end
-
f:close()
luci.http.prepare_content("application/json")
@@ -90,23 +60,26 @@ end
function lxc_create(lxc_name, lxc_template)
luci.http.prepare_content("text/plain")
- if not pcall(dofile, "/etc/openwrt_release") then
- return luci.http.write("1")
+ local check = lxc_get_config_path()
+ if not check then
+ return
end
- local lxc_dist, lxc_release = lxc_template:match("^(.+):(.+)$")
+ local ssl_status = lxc_get_ssl_status()
+ local src_err
+ local lxc_dist, lxc_release = lxc_template:match("^(.+):(.+)$")
luci.http.write(util.ubus("lxc", "create", {
name = lxc_name,
template = "download",
args = {
"--server", uci:get("lxc", "lxc", "url"),
- "--no-validate",
"--dist", lxc_dist,
"--release", lxc_release,
- "--arch", lxc_get_arch_target()
+ "--arch", lxc_get_arch_target(),
+ ssl_status
}
- }))
+ }), src_err)
end
function lxc_action(lxc_action, lxc_name)
@@ -123,9 +96,25 @@ function lxc_get_config_path()
local ret = content:match('^%s*lxc.lxcpath%s*=%s*([^%s]*)')
if ret then
- return ret .. "/"
+ if nixio.fs.access(ret) then
+ local min_space = tonumber(uci:get("lxc", "lxc", "min_space")) or 100000
+ local free_space = tonumber(util.exec("df " ..ret.. " | awk '{if(NR==2)print $4}'"))
+ if free_space and free_space >= min_space then
+ local min_temp = tonumber(uci:get("lxc", "lxc", "min_temp")) or 100000
+ local free_temp = tonumber(util.exec("df /tmp | awk '{if(NR==2)print $4}'"))
+ if free_temp and free_temp >= min_temp then
+ return ret .. "/"
+ else
+ util.perror("lxc error: not enough temporary space (< " ..min_temp.. " KB)")
+ end
+ else
+ util.perror("lxc error: not enough space (< " ..min_space.. " KB)")
+ end
+ else
+ util.perror("lxc error: directory not found")
+ end
else
- return "/srv/lxc/"
+ util.perror("lxc error: config path is empty")
end
end
@@ -143,14 +132,15 @@ function lxc_configuration_set(lxc_name)
luci.http.prepare_content("text/plain")
local lxc_configuration = luci.http.formvalue("lxc_configuration")
-
if lxc_configuration == nil then
- return luci.http.write("1")
+ util.perror("lxc error: config formvalue is empty")
+ return
end
local f, err = io.open(lxc_get_config_path() .. lxc_name .. "/config","w+")
if not f then
- return luci.http.write("2")
+ util.perror("lxc error: config file not found")
+ return
end
f:write(lxc_configuration)
@@ -168,13 +158,21 @@ function lxc_get_arch_target()
armv8 = "arm64",
x86_64 = "amd64"
}
-
local k, v
for k, v in pairs(target_map) do
- if target:find(k) then
+ if target:find("^" ..k.. "$") then
return v
end
end
-
return target
end
+
+function lxc_get_ssl_status()
+ local ssl_enabled = uci:get("lxc", "lxc", "ssl_enabled")
+ local ssl_status = "--no-validate"
+
+ if ssl_enabled and ssl_enabled == "1" then
+ ssl_status = ""
+ end
+ return ssl_status
+end