Hexor/khm
1
0
Fork 0
mirror of https://github.com/house-of-vanity/khm.git synced 2025-10-24 06:59:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added web ui

Browse Source
This commit is contained in:
Ultradesu
2025-07-18 17:52:58 +03:00
parent 484ddd9803
commit d5ce88dfff
9 changed files with 1418 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
src/client.rs
View File

@@ -162,23 +162,43 @@ async fn get_keys_from_server(
pub async fn run_client(args: crate::Args) -> std::io::Result<()> {
info!("Client mode: Reading known_hosts file");
let keys = read_known_hosts(&args.known_hosts).expect("Failed to read known hosts file");
let keys = match read_known_hosts(&args.known_hosts) {
Ok(keys) => keys,
Err(e) => {
if e.kind() == io::ErrorKind::NotFound {
info!("known_hosts file not found: {}. Starting with empty key list.", args.known_hosts);
Vec::new()
} else {
error!("Failed to read known_hosts file: {}", e);
return Err(e);
}
}
};
let host = args.host.expect("host is required in client mode");
info!("Client mode: Sending keys to server at {}", host);
send_keys_to_server(&host, keys, &args.basic_auth)
.await
.expect("Failed to send keys to server");
if let Err(e) = send_keys_to_server(&host, keys, &args.basic_auth).await {
error!("Failed to send keys to server: {}", e);
return Err(io::Error::new(io::ErrorKind::Other, format!("Network error: {}", e)));
}
if args.in_place {
info!("Client mode: In-place update is enabled. Fetching keys from server.");
let server_keys = get_keys_from_server(&host, &args.basic_auth)
.await
.expect("Failed to get keys from server");
let server_keys = match get_keys_from_server(&host, &args.basic_auth).await {
Ok(keys) => keys,
Err(e) => {
error!("Failed to get keys from server: {}", e);
return Err(io::Error::new(io::ErrorKind::Other, format!("Network error: {}", e)));
}
};
info!("Client mode: Writing updated known_hosts file");
write_known_hosts(&args.known_hosts, &server_keys)
.expect("Failed to write known hosts file");
if let Err(e) = write_known_hosts(&args.known_hosts, &server_keys) {
error!("Failed to write known_hosts file: {}", e);
return Err(e);
}
}
info!("Client mode: Finished operations");

14
src/main.rs
View File

@@ -1,6 +1,7 @@
mod client;
mod db;
mod server;
mod web;
use clap::Parser;
use env_logger;
@@ -119,6 +120,19 @@ async fn main() -> std::io::Result<()> {
let args = Args::parse();
// Check if we have the minimum required arguments
if !args.server && args.host.is_none() {
// Neither server mode nor client mode properly configured
eprintln!("Error: You must specify either server mode (--server) or client mode (--host)");
eprintln!();
eprintln!("Examples:");
eprintln!(" Server mode: {} --server --db-user admin --db-password pass --flows work,home", env!("CARGO_PKG_NAME"));
eprintln!(" Client mode: {} --host https://khm.example.com/work", env!("CARGO_PKG_NAME"));
eprintln!();
eprintln!("Use --help for more information.");
std::process::exit(1);
}
if args.server {
info!("Running in server mode");
if let Err(e) = server::run_server(args).await {

7
src/server.rs
View File

@@ -324,8 +324,15 @@ pub async fn run_server(args: crate::Args) -> std::io::Result<()> {
.app_data(web::Data::new(flows.clone()))
.app_data(web::Data::new(db_client.clone()))
.app_data(allowed_flows.clone())
// API routes
.route("/api/flows", web::get().to(crate::web::get_flows_api))
.route("/{flow_id}/keys/{server}", web::delete().to(crate::web::delete_key_by_server))
// Original API routes
.route("/{flow_id}/keys", web::get().to(get_keys))
.route("/{flow_id}/keys", web::post().to(add_keys))
// Web interface routes
.route("/", web::get().to(crate::web::serve_web_interface))
.route("/static/{filename:.*}", web::get().to(crate::web::serve_static_file))
})
.bind((args.ip.as_str(), args.port))?
.run()

214
src/web.rs Normal file
View File

@@ -0,0 +1,214 @@
use actix_web::{web, HttpResponse, Result};
use log::info;
use serde_json::json;
use std::collections::HashSet;
use tokio_postgres::Client;
use crate::server::{get_keys_from_db, Flows};
// API endpoint to get list of available flows
pub async fn get_flows_api(allowed_flows: web::Data<Vec<String>>) -> Result<HttpResponse> {
info!("API request for available flows");
Ok(HttpResponse::Ok().json(&**allowed_flows))
}
// API endpoint to delete a specific key by server name
pub async fn delete_key_by_server(
flows: web::Data<Flows>,
flow_id: web::Path<String>,
server: web::Path<String>,
db_client: web::Data<std::sync::Arc<Client>>,
allowed_flows: web::Data<Vec<String>>,
) -> Result<HttpResponse> {
let flow_id_str = flow_id.into_inner();
let server_name = server.into_inner();
info!("API request to delete key for server '{}' in flow '{}'", server_name, flow_id_str);
if !allowed_flows.contains(&flow_id_str) {
return Ok(HttpResponse::Forbidden().json(json!({
"error": "Flow ID not allowed"
})));
}
// Delete from database
match delete_key_from_db(&db_client, &server_name, &flow_id_str).await {
Ok(deleted_count) => {
if deleted_count > 0 {
info!("Deleted {} key(s) for server '{}' in flow '{}'", deleted_count, server_name, flow_id_str);
// Refresh the in-memory flows
let updated_flows = match get_keys_from_db(&db_client).await {
Ok(flows) => flows,
Err(e) => {
return Ok(HttpResponse::InternalServerError().json(json!({
"error": format!("Failed to refresh flows: {}", e)
})));
}
};
let mut flows_guard = flows.lock().unwrap();
*flows_guard = updated_flows;
Ok(HttpResponse::Ok().json(json!({
"message": format!("Successfully deleted {} key(s) for server '{}'", deleted_count, server_name),
"deleted_count": deleted_count
})))
} else {
Ok(HttpResponse::NotFound().json(json!({
"error": format!("No keys found for server '{}'", server_name)
})))
}
}
Err(e) => {
Ok(HttpResponse::InternalServerError().json(json!({
"error": format!("Failed to delete key: {}", e)
})))
}
}
}
// Helper function to delete a key from database
async fn delete_key_from_db(
client: &Client,
server_name: &str,
flow_name: &str,
) -> Result<u64, tokio_postgres::Error> {
// First, find the key_ids for the given server
let key_rows = client
.query("SELECT key_id FROM public.keys WHERE host = $1", &[&server_name])
.await?;
if key_rows.is_empty() {
return Ok(0);
}
let key_ids: Vec<i32> = key_rows.iter().map(|row| row.get::<_, i32>(0)).collect();
// Delete flow associations first
let mut flow_delete_count = 0;
for key_id in &key_ids {
let deleted = client
.execute(
"DELETE FROM public.flows WHERE name = $1 AND key_id = $2",
&[&flow_name, key_id],
)
.await?;
flow_delete_count += deleted;
}
// Check if any of these keys are used in other flows
let mut keys_to_delete = Vec::new();
for key_id in &key_ids {
let count: i64 = client
.query_one(
"SELECT COUNT(*) FROM public.flows WHERE key_id = $1",
&[key_id],
)
.await?
.get(0);
if count == 0 {
keys_to_delete.push(*key_id);
}
}
// Delete keys that are no longer referenced by any flow
let mut total_deleted = 0;
for key_id in keys_to_delete {
let deleted = client
.execute("DELETE FROM public.keys WHERE key_id = $1", &[&key_id])
.await?;
total_deleted += deleted;
}
info!(
"Deleted {} flow associations and {} orphaned keys for server '{}'",
flow_delete_count, total_deleted, server_name
);
Ok(std::cmp::max(flow_delete_count, total_deleted))
}
// Serve static files
pub async fn serve_static_file(path: web::Path<String>) -> Result<HttpResponse> {
let file_path = path.into_inner();
// Get the path to the static directory relative to the executable
let exe_path = std::env::current_exe().unwrap_or_else(|_| std::path::PathBuf::from("."));
let exe_dir = exe_path.parent().unwrap_or_else(|| std::path::Path::new("."));
let static_dir = exe_dir.join("static");
// Fallback to current directory if static dir doesn't exist next to executable
let static_dir = if static_dir.exists() {
static_dir
} else {
std::path::PathBuf::from("static")
};
let full_path = static_dir.join(&file_path);
// Security check - ensure the path is within the static directory
if !full_path.starts_with(&static_dir) {
return Ok(HttpResponse::Forbidden().body("Access denied"));
}
if !full_path.exists() {
return Ok(HttpResponse::NotFound().body(format!("File not found: {}", full_path.display())));
}
match tokio::fs::read(&full_path).await {
Ok(contents) => {
let content_type = match full_path.extension().and_then(|s| s.to_str()) {
Some("html") => "text/html; charset=utf-8",
Some("css") => "text/css; charset=utf-8",
Some("js") => "application/javascript; charset=utf-8",
Some("png") => "image/png",
Some("jpg") | Some("jpeg") => "image/jpeg",
Some("svg") => "image/svg+xml",
_ => "application/octet-stream",
};
Ok(HttpResponse::Ok()
.content_type(content_type)
.body(contents))
}
Err(e) => {
info!("Failed to read file {}: {}", full_path.display(), e);
Ok(HttpResponse::InternalServerError().body("Failed to read file"))
}
}
}
// Serve the main web interface
pub async fn serve_web_interface() -> Result<HttpResponse> {
// Get the path to the static directory relative to the executable
let exe_path = std::env::current_exe().unwrap_or_else(|_| std::path::PathBuf::from("."));
let exe_dir = exe_path.parent().unwrap_or_else(|| std::path::Path::new("."));
let static_dir = exe_dir.join("static");
// Fallback to current directory if static dir doesn't exist next to executable
let static_dir = if static_dir.exists() {
static_dir
} else {
std::path::PathBuf::from("static")
};
let index_path = static_dir.join("index.html");
if !index_path.exists() {
return Ok(HttpResponse::NotFound().body(format!("Web interface not found: {}", index_path.display())));
}
match tokio::fs::read(&index_path).await {
Ok(contents) => {
Ok(HttpResponse::Ok()
.content_type("text/html; charset=utf-8")
.body(contents))
}
Err(e) => {
info!("Failed to read index.html: {}", e);
Ok(HttpResponse::InternalServerError().body("Failed to load web interface"))
}
}
}