Skip to content

Commit

Permalink
Add manager as package
Browse files Browse the repository at this point in the history
  • Loading branch information
@lukechilds
lukechilds committed Jun 17, 2023
1 parent cfb93a3 commit 4429207
Show file tree
Hide file tree
Showing 48 changed files with 13,248 additions and 0 deletions.
5 changes: 5 additions & 0 deletions packages/manager/.babelrc
View file
@@ -0,0 +1,5 @@
{
"presets": [
"@babel/preset-env"
]
}
19 changes: 19 additions & 0 deletions packages/manager/.dockerignore
View file
@@ -0,0 +1,19 @@
.dockerignore
node_modules
npm-debug.log
logs
README.md
.git
.gitignore
.env.default
.idea
Dockerfile
pre-commit
.eslintrc
test/
.eslintignore
coverage
.nyc_output
*.env
db/
.github
1 change: 1 addition & 0 deletions packages/manager/.eslintignore
View file
@@ -0,0 +1 @@
coverage
276 changes: 276 additions & 0 deletions packages/manager/.eslintrc
View file

Large diffs are not rendered by default.

47 changes: 47 additions & 0 deletions packages/manager/.github/workflows/on-push.yml
View file
@@ -0,0 +1,47 @@
name: Docker build on push
env:
DOCKER_CLI_EXPERIMENTAL: enabled

on: push

jobs:
build:
runs-on: ubuntu-18.04
name: Build and push manager image
steps:
- name: Set env variables
run: echo "BRANCH=$(echo ${GITHUB_REF#refs/heads/} | sed 's/\//-/g')" >> $GITHUB_ENV
- name: Show set env variables
run: |
printf " BRANCH: %s\n" "$BRANCH"
- name: Login to Docker Hub
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
- name: Checkout project
uses: actions/checkout@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v1
id: qemu

- name: Setup Docker buildx action
uses: docker/setup-buildx-action@v1
id: buildx

- name: Cache Docker layers
uses: actions/cache@v2
id: cache
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Show available buildx platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Run Docker buildx
run: |
docker buildx build \
--cache-from "type=local,src=/tmp/.buildx-cache" \
--cache-to "type=local,dest=/tmp/.buildx-cache" \
--platform linux/amd64,linux/arm64,linux/arm/v7 \
--tag ${{ secrets.DOCKER_HUB_USER }}/manager:$BRANCH \
--output "type=registry" ./
66 changes: 66 additions & 0 deletions packages/manager/.github/workflows/on-tag.yml
View file
@@ -0,0 +1,66 @@
name: Docker build on tag
env:
DOCKER_CLI_EXPERIMENTAL: enabled
TAG_FMT: '^refs/tags/(((.?[0-9]+){3,4}))$'

on:
push:
tags:
- v[0-9]+.[0-9]+.[0-9]+
- v[0-9]+.[0-9]+.[0-9]+-*

jobs:
build:
runs-on: ubuntu-18.04
name: Build and push manager image
steps:
- name: Set env variables
run: echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV

- name: Show set environment variables
run: |
printf " TAG: %s\n" "$TAG"
- name: Login to Docker for building
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin

- name: Checkout project
uses: actions/checkout@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v1
id: qemu

- name: Setup Docker buildx action
uses: docker/setup-buildx-action@v1
id: buildx

- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}

- name: Cache Docker layers
uses: actions/cache@v2
id: cache
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Run Docker buildx against tag
run: |
docker buildx build \
--cache-from "type=local,src=/tmp/.buildx-cache" \
--cache-to "type=local,dest=/tmp/.buildx-cache" \
--platform linux/amd64,linux/arm64,linux/arm/v7 \
--tag ${{ secrets.DOCKER_HUB_USER }}/manager:$TAG \
--output "type=registry" ./
- name: Run Docker buildx against latest
run: |
docker buildx build \
--cache-from "type=local,src=/tmp/.buildx-cache" \
--cache-to "type=local,dest=/tmp/.buildx-cache" \
--platform linux/amd64,linux/arm64,linux/arm/v7 \
--tag ${{ secrets.DOCKER_HUB_USER }}/manager:latest \
--output "type=registry" ./
13 changes: 13 additions & 0 deletions packages/manager/.gitignore
View file
@@ -0,0 +1,13 @@
node_modules/
npm-debug.log
/.idea/
/tls.cert
*.log
*.env
logs/
package-lock.json
*.bak
lb_settings.json
.nyc_output
coverage
db/
29 changes: 29 additions & 0 deletions packages/manager/Dockerfile
View file
@@ -0,0 +1,29 @@
# Build Stage
FROM node:12-buster-slim as umbrel-manager-builder

# Install tools
RUN apt-get update && apt-get install -y build-essential libffi-dev libssl-dev python3

# Create app directory
WORKDIR /app

# Copy 'yarn.lock' and 'package.json'
COPY yarn.lock package.json ./

# Install dependencies
RUN yarn install --production

# Copy project files and folders to the current working directory (i.e. '/app')
COPY . .

# Final image
FROM node:12-buster-slim AS umbrel-manager

# Copy built code from build stage to '/app' directory
COPY --from=umbrel-manager-builder /app /app

# Change directory to '/app'
WORKDIR /app

EXPOSE 3006
CMD [ "yarn", "start" ]
22 changes: 22 additions & 0 deletions packages/manager/LICENSE
View file
@@ -0,0 +1,22 @@
The MIT License

Copyright (c) 2018-2019 Casa, Inc. https://keys.casa/
Copyright (c) 2020 Umbrel. https://getumbrel.com/

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
100 changes: 100 additions & 0 deletions packages/manager/README.md
View file
@@ -0,0 +1,100 @@
[![Umbrel Manager](https://static.getumbrel.com/github/github-banner-umbrel-manager.svg)](https://github.com/getumbrel/umbrel-manager)

[![Version](https://img.shields.io/github/v/release/getumbrel/umbrel-manager?color=%235351FB&label=version)](https://github.com/getumbrel/umbrel-manager/releases)
[![Docker Build](https://img.shields.io/github/workflow/status/getumbrel/umbrel-manager/Docker%20build%20on%20push?color=%235351FB)](https://github.com/getumbrel/umbrel-manager/actions?query=workflow%3A"Docker+build+on+push")
[![Docker Pulls](https://img.shields.io/docker/pulls/getumbrel/manager?color=%235351FB)](https://hub.docker.com/repository/registry-1.docker.io/getumbrel/manager/tags?page=1)
[![Community Chat](https://img.shields.io/badge/community%20chat-telegram-%235351FB)](https://t.me/getumbrel)
[![Developer Chat](https://img.shields.io/badge/dev%20chat-keybase-%235351FB)](https://keybase.io/team/getumbrel)

[![Twitter](https://img.shields.io/twitter/follow/getumbrel?style=social)](https://twitter.com/getumbrel)
[![Reddit](https://img.shields.io/reddit/subreddit-subscribers/getumbrel?label=Subscribe%20%2Fr%2Fgetumbrel&style=social)](https://reddit.com/r/getumbrel)


# ☂️ manager

Manager runs by-default on [Umbrel OS](https://github.com/getumbrel/umbrel-os) as a containerized service. It provides a low-level system API that handles:
- User authentication using JWT
- Encryption/decryption of sensitive information, such as the lightning wallet's seed
- CRUD operations
- Lifecycle-management of all other containerized services

## 🚀 Getting started

If you are looking to run Umbrel on your hardware, you do not need to run this service on it's own. Just download [Umbrel OS](https://github.com/getumbrel/umbrel-os/releases) and you're good to go.

## 🛠 Running manager

### Step 1. Install dependencies
```sh
yarn
```

### Step 2. Set environment variables
Set the following environment variables directly or by placing them in `.env` file of project's root.

| Variable | Description | Default |
| ------------- | ------------- | ------------- |
| `PORT` | Port where manager should listen for requests | `3006` |
| `DEVICE_HOSTS` | Comma separated list of IPs or domain names to whitelist for CORS | `http://umbrel.local` |
| `USER_FILE` | Path to the user's data file (automatically created on user registration) | `/db/user.json` |
| `SHUTDOWN_SIGNAL_FILE` | Path to write a file to signal a system shutdown | `/signals/shutdown` |
| `REBOOT_SIGNAL_FILE` | Path to write a file to signal a system reboot | `/signals/reboot` |
| `MIDDLEWARE_API_URL` | IP or domain where [`umbrel-middleware`](https://github.com/getumbrel/umbrel-middleware) is listening | `http://localhost` |
| `MIDDLEWARE_API_PORT` | Port where [`umbrel-middleware`](https://github.com/getumbrel/umbrel-middleware) is listening | `3005` |
| `JWT_PUBLIC_KEY_FILE` | Path to the JWT public key (automatically created) | `/db/jwt-public-key/jwt.pem` |
| `JWT_PRIVATE_KEY_FILE` | Path to the JWT private key (automatically created) | `/db/jwt-public-key/jwt.key` |
| `JWT_EXPIRATION` | JWT expiration in miliseconds | `3600` |
| `UMBREL_SEED_FILE` | Path to the seed used to deterministically generate entropy | `'/db/umbrel-seed/seed'` |
| `UMBREL_DASHBOARD_HIDDEN_SERVICE_FILE` | Path to Tor hostname of [`umbrel-dashboard`](https://github.com/getumbrel/umbrel-dashboard) | `/var/lib/tor/dashboard/hostname` |
| `ELECTRUM_HIDDEN_SERVICE_FILE` | Path to Electrum hidden service hostname | `/var/lib/tor/electrum/hostname` |
| `ELECTRUM_PORT` | Port the Electrum server is listening on | `50001` |
| `BITCOIN_P2P_HIDDEN_SERVICE_FILE` | Path to P2P hidden service hostname of `bitcoin` | `/var/lib/tor/bitcoin-p2p/hostname` |
| `BITCOIN_P2P_PORT` | P2P port of `bitcoin` | `8333` |
| `BITCOIN_RPC_HIDDEN_SERVICE_FILE` | Path to RPC hidden service hostname of `bitcoin` | `/var/lib/tor/bitcoin-rpc/hostname` |
| `BITCOIN_RPC_PORT` | RPC port of `bitcoin` | `8332` |
| `BITCOIN_RPC_USER` | RPC user for `bitcoin` | `umbrel` |
| `BITCOIN_RPC_PASSWORD` | RPC password for `bitcoin` | `moneyprintergobrrr` |
| `GITHUB_REPO` | GitHub repository of Umbrel | `getumbrel/umbrel` |
| `UMBREL_VERSION_FILE` | Path to the Umbrel's version file | `/info.json` |
| `UPDATE_STATUS_FILE` | Path to update status file | `/statuses/update-status.json` |
| `UPDATE_SIGNAL_FILE` | Path to write the update signal file | `/signals/update` |
| `UPDATE_LOCK_FILE` | Path to the update lock file | `/statuses/update-in-progress` |
| `BACKUP_STATUS_FILE` | Path to backup status file | `/statuses/backup-status.json` |
| `TOR_PROXY_IP` | IP or domain where Tor proxy is listening | `192.168.0.1` |
| `TOR_PROXY_PORT` | Port where Tor proxy is listening | `9050` |
| `APP_DATA_DIR` | Path to the 'app-data' directory | `/app-data` |
| `REPOS_DIR` | Path to the 'repos' directory | `/repos` |
| `SESSIONS_DIR` | Path to the file-based sessions directory | `/db/sessions` |
| `UMBREL_AUTH_SECRET` | A shared secret to sign (using hmac) the auth cookie | `undefined` |
| `UMBREL_APP_REPO_URL` | Umbrel's remote app repo git url | `https://github.com/getumbrel/umbrel-apps.git` |

### Step 3. Run manager
```sh
yarn start
```

You can browse through the available API endpoints [here](https://github.com/getumbrel/umbrel-manager/tree/master/routes/v1).

---

### ⚡️ Don't be too reckless

> Umbrel is still in an early stage and things are expected to break every now and then. We **DO NOT** recommend running it on the mainnet with real money just yet, unless you want to be really *#reckless*.
## ❤️ Contributing

We welcome and appreciate new contributions!

If you're a developer looking to help but not sure where to begin, check out [these issues](https://github.com/getumbrel/umbrel-manager/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22) that have specifically been marked as being friendly to new contributors.

If you're looking for a bigger challenge, before opening a pull request please [create an issue](https://github.com/getumbrel/umbrel-manager/issues/new/choose) or [join our community chat](https://t.me/getumbrel) to get feedback, discuss the best way to tackle the challenge, and to ensure that there's no duplication of work.

## 🙏 Acknowledgements

Umbrel Manager is inspired by and built upon the work done by [Casa](https://github.com/casa) on its open-source [Node Manager API](https://github.com/Casa/V2-Casa-Node-Manager).

---

[![License](https://img.shields.io/github/license/getumbrel/umbrel-manager?color=%235351FB)](https://github.com/getumbrel/umbrel-manager/blob/master/LICENSE)

[getumbrel.com](https://getumbrel.com)
63 changes: 63 additions & 0 deletions packages/manager/app.js
View file
@@ -0,0 +1,63 @@
require('module-alias/register');
require('module-alias').addPath('.');
require('dotenv').config();

const express = require('express');
const path = require('path');
const morgan = require('morgan');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const passport = require('passport');

// Keep requestCorrelationId middleware as the first middleware. Otherwise we risk losing logs.
const requestCorrelationMiddleware = require('middlewares/requestCorrelationId.js'); // eslint-disable-line id-length
const camelCaseReqMiddleware = require('middlewares/camelCaseRequest.js').camelCaseRequest;
const errorHandleMiddleware = require('middlewares/errorHandling.js');
require('middlewares/auth.js');

const logger = require('utils/logger.js');

const ping = require('routes/ping.js');
const account = require('routes/v1/account.js');
const system = require('routes/v1/system.js');
const external = require('routes/v1/external.js');
const apps = require('routes/v1/apps.js');
const communityAppStores = require('routes/v1/community-app-stores.js');
const constants = require('utils/const.js');

const app = express();

// Define custom response method for setting
// the Umbrel auth/session cookie
app.response.umbrelSessionCookie = function (token) {
return this.cookie(constants.UMBREL_COOKIE_NAME, token, {
httpOnly: true,
signed: true,
sameSite: "lax"
});
};

app.use(cookieParser(constants.UMBREL_AUTH_SECRET));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));
app.use(express.static(path.join(__dirname, 'public')));
app.use(passport.initialize());
app.use(passport.session());

app.use(requestCorrelationMiddleware);
app.use(camelCaseReqMiddleware);
app.use(morgan(logger.morganConfiguration));

app.use('/ping', ping);
app.use('/v1/account', account);
app.use('/v1/system', system);
app.use('/v1/external', external);
app.use('/v1/apps', apps);
app.use('/v1/community-app-stores', communityAppStores);

app.use(errorHandleMiddleware);
app.use((req, res) => {
res.status(404).json(); // eslint-disable-line no-magic-numbers
});

module.exports = app;

0 comments on commit 4429207

Please sign in to comment.