diff options
author | Jo-Philipp Wich <jo@mein.io> | 2018-04-26 08:52:55 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jo@mein.io> | 2018-05-05 23:11:23 +0200 |
commit | 8deb9495515b97898514e8ffb8f002c8afe3bfa7 (patch) | |
tree | 65d4d7b831c273329c0a79a6b9e4a547e760481b /modules/luci-base | |
parent | 7cca3139591a08e62b7900115fe0bfd4a3df8f8a (diff) |
treewide: rework uci apply workflow
Switch to rpcd based uci apply/rollback workflow which helps to avoid soft-
bricking devices by requiring an explicit confirmation call after config
apply.
When a user now clicks "Save & Apply", LuCI first issues a call to uci apply
which commits and reloads configuration, then goes into a polling countdown
mode where it repeatedly attempts to call uci confirm.
If the committed configuration is sane, the confirm call will go through and
cancel rpcd's pending rollback timer.
If the configuration change leads to a loss of connectivity (e.g. due to bad
firewall rules or similar), the rollback mechanism will kick in after the
timeout and revert configuration files and pending changes to the pre-apply
state.
In order to cover such rare cases where a lost of connectivity is expected
and desired, the user is offered an "unchecked" apply option after timing
out, which allows committing and applying the changes anyway, without the
extra safety checks.
As a consequence of this change, the luci-reload mechanism is now completely
unsused since rpcd uses ubus config reload signals to reload affected
services, which means that only procd-enabled services will receive proper
reload treatment with the new workflow.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'modules/luci-base')
-rw-r--r-- | modules/luci-base/luasrc/cbi.lua | 14 | ||||
-rw-r--r-- | modules/luci-base/luasrc/controller/admin/servicectl.lua | 49 | ||||
-rw-r--r-- | modules/luci-base/luasrc/dispatcher.lua | 3 | ||||
-rw-r--r-- | modules/luci-base/luasrc/model/uci.lua | 139 | ||||
-rw-r--r-- | modules/luci-base/luasrc/model/uci.luadoc | 57 | ||||
-rw-r--r-- | modules/luci-base/luasrc/view/cbi/apply_widget.htm | 181 | ||||
-rw-r--r-- | modules/luci-base/luasrc/view/cbi/apply_xhr.htm | 43 | ||||
-rw-r--r-- | modules/luci-base/luasrc/view/cbi/map.htm | 17 | ||||
-rw-r--r-- | modules/luci-base/root/etc/config/luci | 6 |
9 files changed, 338 insertions, 171 deletions
diff --git a/modules/luci-base/luasrc/cbi.lua b/modules/luci-base/luasrc/cbi.lua index 218439503..472864211 100644 --- a/modules/luci-base/luasrc/cbi.lua +++ b/modules/luci-base/luasrc/cbi.lua @@ -388,21 +388,21 @@ function Map.parse(self, readinput, ...) if self.save then self:_run_hooks("on_save", "on_before_save") + local i, config for i, config in ipairs(self.parsechain) do self.uci:save(config) end self:_run_hooks("on_after_save") if (not self.proceed and self.flow.autoapply) or luci.http.formvalue("cbi.apply") then self:_run_hooks("on_before_commit") - for i, config in ipairs(self.parsechain) do - self.uci:commit(config) - - -- Refresh data because commit changes section names - self.uci:load(config) + if self.apply_on_parse == false then + for i, config in ipairs(self.parsechain) do + self.uci:commit(config) + end end self:_run_hooks("on_commit", "on_after_commit", "on_before_apply") - if self.apply_on_parse then - self.uci:apply(self.parsechain) + if self.apply_on_parse == true or self.apply_on_parse == false then + self.uci:apply(self.apply_on_parse) self:_run_hooks("on_apply", "on_after_apply") else -- This is evaluated by the dispatcher and delegated to the diff --git a/modules/luci-base/luasrc/controller/admin/servicectl.lua b/modules/luci-base/luasrc/controller/admin/servicectl.lua deleted file mode 100644 index 1d73eb4ec..000000000 --- a/modules/luci-base/luasrc/controller/admin/servicectl.lua +++ /dev/null @@ -1,49 +0,0 @@ --- Copyright 2010 Jo-Philipp Wich <jow@openwrt.org> --- Licensed to the public under the Apache License 2.0. - -module("luci.controller.admin.servicectl", package.seeall) - -function index() - entry({"servicectl"}, alias("servicectl", "status")).sysauth = "root" - entry({"servicectl", "status"}, call("action_status")).leaf = true - entry({"servicectl", "restart"}, post("action_restart")).leaf = true -end - -function action_status() - local data = nixio.fs.readfile("/var/run/luci-reload-status") - if data then - luci.http.write("/etc/config/") - luci.http.write(data) - else - luci.http.write("finish") - end -end - -function action_restart(args) - local uci = require "luci.model.uci".cursor() - if args then - local service - local services = { } - - for service in args:gmatch("[%w_-]+") do - services[#services+1] = service - end - - local command = uci:apply(services, true) - if nixio.fork() == 0 then - local i = nixio.open("/dev/null", "r") - local o = nixio.open("/dev/null", "w") - - nixio.dup(i, nixio.stdin) - nixio.dup(o, nixio.stdout) - - i:close() - o:close() - - nixio.exec("/bin/sh", unpack(command)) - else - luci.http.write("OK") - os.exit(0) - end - end -end diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua index 38d919481..baaa95ad7 100644 --- a/modules/luci-base/luasrc/dispatcher.lua +++ b/modules/luci-base/luasrc/dispatcher.lua @@ -883,6 +883,8 @@ local function _cbi(self, ...) local pageaction = true local parsechain = { } + local is_rollback, time_remaining = uci:rollback_pending() + for i, res in ipairs(maps) do if res.apply_needed and res.parsechain then local c @@ -910,6 +912,7 @@ local function _cbi(self, ...) res:render({ firstmap = (i == 1), applymap = applymap, + confirmmap = (is_rollback and time_remaining or nil), redirect = redirect, messages = messages, pageaction = pageaction, diff --git a/modules/luci-base/luasrc/model/uci.lua b/modules/luci-base/luasrc/model/uci.lua index fc2a605b3..34323f08b 100644 --- a/modules/luci-base/luasrc/model/uci.lua +++ b/modules/luci-base/luasrc/model/uci.lua @@ -3,6 +3,7 @@ local os = require "os" local util = require "luci.util" +local conf = require "luci.config" local table = require "table" @@ -143,22 +144,84 @@ function commit(self, config) return (err == nil), ERRSTR[err] end ---[[ -function apply(self, configs, command) - local _, config +function apply(self, rollback) + local _, err + + if rollback then + local timeout = tonumber(conf.apply and conf.apply.rollback or "") or 0 - assert(not command, "Apply command not supported anymore") + _, err = call("apply", { + timeout = (timeout > 30) and timeout or 30, + rollback = true + }) - if type(configs) == "table" then - for _, config in ipairs(configs) do - call("service", "event", { - type = "config.change", - data = { package = config } + if not err then + util.ubus("session", "set", { + ubus_rpc_session = session_id, + values = { rollback = os.time() + timeout } }) end + else + _, err = call("changes", {}) + + if not err then + if type(_) == "table" and type(_.changes) == "table" then + local k, v + for k, v in pairs(_.changes) do + _, err = call("commit", { config = k }) + if err then + break + end + end + end + end + + if not err then + _, err = call("apply", { rollback = false }) + end + end + + return (err == nil), ERRSTR[err] +end + +function confirm(self) + local _, err = call("confirm", {}) + if not err then + util.ubus("session", "set", { + ubus_rpc_session = session_id, + values = { rollback = 0 } + }) end + return (err == nil), ERRSTR[err] +end + +function rollback(self) + local _, err = call("rollback", {}) + if not err then + util.ubus("session", "set", { + ubus_rpc_session = session_id, + values = { rollback = 0 } + }) + end + return (err == nil), ERRSTR[err] +end + +function rollback_pending(self) + local deadline, err = util.ubus("session", "get", { + ubus_rpc_session = session_id, + keys = { "rollback" } + }) + + if type(deadline) == "table" and + type(deadline.values) == "table" and + type(deadline.values.rollback) == "number" and + deadline.values.rollback > os.time() + then + return true, deadline.values.rollback - os.time() + end + + return false, ERRSTR[err] end -]] function foreach(self, config, stype, callback) @@ -425,59 +488,3 @@ function delete_all(self, config, stype, comparator) return (err == nil), ERRSTR[err] end - - -function apply(self, configlist, command) - configlist = self:_affected(configlist) - if command then - return { "/sbin/luci-reload", unpack(configlist) } - else - return os.execute("/sbin/luci-reload %s >/dev/null 2>&1" - % util.shellquote(table.concat(configlist, " "))) - end -end - --- Return a list of initscripts affected by configuration changes. -function _affected(self, configlist) - configlist = type(configlist) == "table" and configlist or { configlist } - - -- Resolve dependencies - local reloadlist = { } - - local function _resolve_deps(name) - local reload = { name } - local deps = { } - - self:foreach("ucitrack", name, - function(section) - if section.affects then - for i, aff in ipairs(section.affects) do - deps[#deps+1] = aff - end - end - end) - - local i, dep - for i, dep in ipairs(deps) do - local j, add - for j, add in ipairs(_resolve_deps(dep)) do - reload[#reload+1] = add - end - end - - return reload - end - - -- Collect initscripts - local j, config - for j, config in ipairs(configlist) do - local i, e - for i, e in ipairs(_resolve_deps(config)) do - if not util.contains(reloadlist, e) then - reloadlist[#reloadlist+1] = e - end - end - end - - return reloadlist -end diff --git a/modules/luci-base/luasrc/model/uci.luadoc b/modules/luci-base/luasrc/model/uci.luadoc index ef89d09b9..d798b0033 100644 --- a/modules/luci-base/luasrc/model/uci.luadoc +++ b/modules/luci-base/luasrc/model/uci.luadoc @@ -28,12 +28,63 @@ Create a new Cursor initialized to the state directory. ]] ---[[ -Applies UCI configuration changes +Applies UCI configuration changes. + +If the rollback parameter is set to true, the apply function will invoke the +rollback mechanism which causes the configuration to be automatically reverted +if no confirm() call occurs within a certain timeout. + +The current default timeout is 30s and can be increased using the +"luci.apply.timeout" uci configuration key. @class function @name Cursor.apply -@param configlist List of UCI configurations -@param command Don't apply only return the command +@param rollback Enable rollback mechanism +@return Boolean whether operation succeeded +]] + +---[[ +Confirms UCI apply process. + +If a previous UCI apply with rollback has been invoked using apply(true), +this function confirms the process and cancels the pending rollback timer. + +If no apply with rollback session is active, the function has no effect and +returns with a "No data" error. + +@class function +@name Cursor.confirm +@return Boolean whether operation succeeded +]] + +---[[ +Cancels UCI apply process. + +If a previous UCI apply with rollback has been invoked using apply(true), +this function cancels the process and rolls back the configuration to the +pre-apply state. + +If no apply with rollback session is active, the function has no effect and +returns with a "No data" error. + +@class function +@name Cursor.rollback +@return Boolean whether operation succeeded +]] + +---[[ +Checks whether a pending rollback is scheduled. + +If a previous UCI apply with rollback has been invoked using apply(true), +and has not been confirmed or rolled back yet, this function returns true +and the remaining time until rollback in seconds. If no rollback is pending, +the function returns false. On error, the function returns false and an +additional string describing the error. + +@class function +@name Cursor.rollback_pending +@return Boolean whether rollback is pending +@return Remaining time in seconds ]] ---[[ diff --git a/modules/luci-base/luasrc/view/cbi/apply_widget.htm b/modules/luci-base/luasrc/view/cbi/apply_widget.htm new file mode 100644 index 000000000..543ef0b80 --- /dev/null +++ b/modules/luci-base/luasrc/view/cbi/apply_widget.htm @@ -0,0 +1,181 @@ +<% export("cbi_apply_widget", function(redirect_ok) -%> +<style type="text/css"> + #cbi_apply_status { + display: flex; + flex-wrap: wrap; + min-height: 32px; + align-items: center; + margin: 1.5em 0 1.5em 0; + } + + #cbi_apply_status > h4, + #cbi_apply_status > p, + #cbi_apply_status > div { + flex-basis: 100%; + } + + #cbi_apply_status > img { + margin-right: 1em; + flex-basis: 32px; + } + + #cbi_apply_status + script + .cbi-section { + margin-top: -1em; + } + + .alert-message.notice { + background: linear-gradient(#fff 0%, #eee 100%); + } +</style> + +<script type="text/javascript" src="<%=resource%>/cbi.js"></script> +<script type="text/javascript">//<![CDATA[ + var xhr = new XHR(), + stat, indicator, + uci_apply_auth = { sid: '<%=luci.dispatcher.context.authsession%>', token: '<%=token%>' }, + uci_apply_rollback = <%=math.max(luci.config and luci.config.apply and luci.config.apply.rollback or 30, 30)%>, + uci_apply_holdoff = <%=math.max(luci.config and luci.config.apply and luci.config.apply.holdoff or 4, 1)%>, + uci_apply_timeout = <%=math.max(luci.config and luci.config.apply and luci.config.apply.timeout or 5, 1)%>, + uci_apply_display = <%=math.max(luci.config and luci.config.apply and luci.config.apply.display or 1.5, 1)%>; + + function uci_rollback(checked) { + if (checked) { + stat.classList.remove('notice'); + stat.classList.add('warning'); + stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' + + '<%:Failed to confirm apply within %ds, waiting for rollback…%>'.format(uci_apply_rollback); + + var call = function(r) { + if (r.status === 204) { + stat.innerHTML = '<h4><%:Configuration has been rolled back!%></h4>' + + '<p><%:The device could not be reached within %d seconds after applying the pending changes, which caused the configuration to be rolled back for safety reasons. If you believe that the configuration changes are correct nonetheless, perform an unchecked configuration apply. Alternatively, you can dismiss this warning and edit changes before attempting to apply again, or revert all pending changes to keep the currently working configuration state.%></p>'.format(uci_apply_rollback) + + '<div class="right">' + + '<input type="button" class="btn" onclick="this.parentNode.parentNode.style.display=\'none\'" value="<%:Dismiss%>" /> ' + + '<input type="button" class="btn" onclick="uci_revert()" value="<%:Revert changes%>" /> ' + + '<input type="button" class="btn danger" onclick="uci_apply(false)" value="<%:Apply unchecked%>" />' + + '</div>'; + + return; + } + + xhr.post('<%=url("admin/uci/confirm")%>', uci_apply_auth, call, uci_apply_timeout * 1000); + }; + + call({ status: 0 }); + } + else { + stat.classList.remove('notice'); + stat.classList.add('warning'); + stat.innerHTML = '<h4><%:Device unreachable!%></h4>' + + '<p><%:Could not regain access to the device after applying the configuration changes. You might need to reconnect if you modified network related settings such as the IP address or wireless security credentials.%></p>'; + } + } + + function uci_confirm(checked, deadline) { + var tt; + var ts = Date.now(); + + stat = document.getElementById('cbi_apply_status'); + stat.style.display = ''; + stat.classList.remove('warning'); + stat.classList.add('notice'); + + indicator = document.querySelector('.uci_change_indicator'); + + var call = function(r) { + if (Date.now() >= deadline) { + uci_rollback(checked); + return; + } + else if (r && (r.status === 200 || r.status === 204)) { + if (indicator) + indicator.style.display = 'none'; + + stat.innerHTML = '<%:Configuration has been applied.%>'; + + window.clearTimeout(tt); + window.setTimeout(function() { + stat.style.display = 'none'; + <% if redirect_ok then %>location.href = decodeURIComponent('<%=luci.util.urlencode(redirect_ok)%>');<% end %> + }, uci_apply_display * 1000); + + return; + } + + xhr.post('<%=url("admin/uci/confirm")%>', uci_apply_auth, call, uci_apply_timeout * 1000); + }; + + var tick = function() { + var now = Date.now(); + + stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' + + '<%:Waiting for configuration to get applied… %ds%>'.format(Math.max(Math.floor((deadline - Date.now()) / 1000), 0)); + + if (now >= deadline) + return; + + tt = window.setTimeout(tick, 1000 - (now - ts)); + ts = now; + }; + + tick(); + + /* wait a few seconds for the settings to become effective */ + window.setTimeout(call, Math.max(uci_apply_holdoff * 1000 - ((ts + uci_apply_rollback * 1000) - deadline), 1)); + } + + function uci_apply(checked) { + stat = document.getElementById('cbi_apply_status'); + stat.style.display = ''; + stat.classList.remove('warning'); + stat.classList.add('notice'); + stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' + + '<%:Starting configuration apply…%>'; + + xhr.post('<%=url("admin/uci")%>/' + (checked ? 'apply_rollback' : 'apply_unchecked'), uci_apply_auth, function(r) { + if (r.status === (checked ? 200 : 204)) { + uci_confirm(checked, Date.now() + uci_apply_rollback * 1000); + } + else if (checked && r.status === 204) { + stat.innerHTML = '<%:There are no changes to apply.%>'; + window.setTimeout(function() { + stat.style.display = 'none'; + <% if redirect_ok then %>location.href = decodeURIComponent('<%=luci.util.urlencode(redirect_ok)%>');<% end %> + }, uci_apply_display * 1000); + } + else { + stat.classList.add('warning'); + stat.classList.remove('notice'); + stat.innerHTML = '<%_Apply request failed with status <code>%h</code>%>'.format(r.responseText || r.statusText || r.status); + } + }); + } + + function uci_revert() { + stat = document.getElementById('cbi_apply_status'); + stat.style.display = ''; + stat.classList.remove('warning'); + stat.classList.add('notice'); + stat.innerHTML = '<img src="<%=resource%>/icons/loading.gif" alt="" style="vertical-align:middle" /> ' + + '<%:Reverting configuration…%>'; + + xhr.post('<%=url("admin/uci/revert")%>', uci_apply_auth, function(r) { + if (r.status === 200) { + stat.innerHTML = '<%:Changes have been reverted.%>'; + window.setTimeout(function() { + <% if redirect_ok then -%> + location.href = decodeURIComponent('<%=luci.util.urlencode(redirect_ok)%>'); + <%- else -%> + window.location = window.location.href.split('#')[0]; + <%- end %> + }, uci_apply_display * 1000); + } + else { + stat.classList.add('warning'); + stat.classList.remove('notice'); + stat.innerHTML = '<%_Revert request failed with status <code>%h</code>%>'.format(r.statusText || r.status); + } + }); + } +//]]></script> +<%- end) %> diff --git a/modules/luci-base/luasrc/view/cbi/apply_xhr.htm b/modules/luci-base/luasrc/view/cbi/apply_xhr.htm deleted file mode 100644 index daa57c1db..000000000 --- a/modules/luci-base/luasrc/view/cbi/apply_xhr.htm +++ /dev/null @@ -1,43 +0,0 @@ -<% export("cbi_apply_xhr", function(id, configs, redirect) -%> -<fieldset class="cbi-section" id="cbi-apply-<%=id%>"> - <legend><%:Applying changes%></legend> - <script type="text/javascript">//<![CDATA[ - var apply_xhr = new XHR(); - - apply_xhr.post('<%=url('servicectl/restart', table.concat(configs, ","))%>', { token: '<%=token%>' }, - function() { - var checkfinish = function() { - apply_xhr.get('<%=url('servicectl/status')%>', null, - function(x) { - if( x.responseText == 'finish' ) - { - var e = document.getElementById('cbi-apply-<%=id%>-status'); - if( e ) - { - e.innerHTML = '<%:Configuration applied.%>'; - window.setTimeout(function() { - e.parentNode.style.display = 'none'; - <% if redirect then %>location.href='<%=redirect%>';<% end %> - }, 1000); - } - } - else - { - var e = document.getElementById('cbi-apply-<%=id%>-status'); - if( e && x.responseText ) e.innerHTML = x.responseText; - - window.setTimeout(checkfinish, 1000); - } - } - ); - } - - window.setTimeout(checkfinish, 1000); - } - ); - //]]></script> - - <img src="<%=resource%>/icons/loading.gif" alt="<%:Loading%>" style="vertical-align:middle" /> - <span id="cbi-apply-<%=id%>-status"><%:Waiting for changes to be applied...%></span> -</fieldset> -<%- end) %> diff --git a/modules/luci-base/luasrc/view/cbi/map.htm b/modules/luci-base/luasrc/view/cbi/map.htm index e3210add6..69ef3615a 100644 --- a/modules/luci-base/luasrc/view/cbi/map.htm +++ b/modules/luci-base/luasrc/view/cbi/map.htm @@ -2,12 +2,23 @@ <div class="errorbox"><%=pcdata(msg)%></div> <%- end end -%> -<%-+cbi/apply_xhr-%> - <div class="cbi-map" id="cbi-<%=self.config%>"> <% if self.title and #self.title > 0 then %><h2 name="content"><%=self.title%></h2><% end %> <% if self.description and #self.description > 0 then %><div class="cbi-map-descr"><%=self.description%></div><% end %> - <%- if firstmap and applymap then cbi_apply_xhr(self.config, parsechain, redirect) end -%> + <%- if firstmap and (applymap or confirmmap) then -%> + <%+cbi/apply_widget%> + <% cbi_apply_widget(redirect) %> + <div class="alert-message" id="cbi_apply_status" style="display:none"></div> + <script type="text/javascript"> + document.addEventListener("DOMContentLoaded", function() { + <% if confirmmap then -%> + uci_confirm(true, Date.now() + <%=confirmmap%> * 1000); + <%- else -%> + uci_apply(true); + <%- end %> + }); + </script> + <%- end -%> <% if self.tabbed then %> <ul class="cbi-tabmenu map"> diff --git a/modules/luci-base/root/etc/config/luci b/modules/luci-base/root/etc/config/luci index baa3ac5d1..82c2230e5 100644 --- a/modules/luci-base/root/etc/config/luci +++ b/modules/luci-base/root/etc/config/luci @@ -22,3 +22,9 @@ config internal ccache option enable 1 config internal themes + +config internal apply + option rollback 30 + option holdoff 4 + option timeout 5 + option display 1.5 |