uptime-kuma/server/server.js

1488 lines
46 KiB
JavaScript
Raw Normal View History

2021-08-08 06:03:10 -07:00
console.log("Welcome to Uptime Kuma");
2021-10-09 11:36:20 -07:00
const args = require("args-parser")(process.argv);
2021-10-09 22:09:30 -07:00
const { sleep, debug, getRandomInt, genSecret } = require("../src/util");
2021-10-15 09:57:26 -07:00
const config = require("./config");
2021-10-09 11:36:20 -07:00
debug(args);
if (! process.env.NODE_ENV) {
process.env.NODE_ENV = "production";
}
2021-08-08 06:03:10 -07:00
console.log("Node Env: " + process.env.NODE_ENV);
2021-07-31 06:57:58 -07:00
console.log("Importing Node libraries");
2021-07-31 06:57:58 -07:00
const fs = require("fs");
2021-07-27 10:47:13 -07:00
const http = require("http");
2021-09-02 05:18:27 -07:00
const https = require("https");
2021-07-31 06:57:58 -07:00
console.log("Importing 3rd-party libraries");
2021-07-31 06:57:58 -07:00
debug("Importing express");
const express = require("express");
debug("Importing socket.io");
2021-06-25 06:55:49 -07:00
const { Server } = require("socket.io");
2021-07-31 06:57:58 -07:00
debug("Importing redbean-node");
2021-07-27 10:47:13 -07:00
const { R } = require("redbean-node");
2021-07-31 06:57:58 -07:00
debug("Importing jsonwebtoken");
2021-07-27 10:47:13 -07:00
const jwt = require("jsonwebtoken");
2021-07-31 06:57:58 -07:00
debug("Importing http-graceful-shutdown");
2021-07-27 10:47:13 -07:00
const gracefulShutdown = require("http-graceful-shutdown");
2021-07-31 06:57:58 -07:00
debug("Importing prometheus-api-metrics");
2021-07-27 10:47:13 -07:00
const prometheusAPIMetrics = require("prometheus-api-metrics");
2021-09-23 08:31:01 -07:00
debug("Importing compare-versions");
const compareVersions = require("compare-versions");
2021-10-21 07:54:04 -07:00
const { passwordStrength } = require("check-password-strength");
2021-07-31 06:57:58 -07:00
2021-09-09 12:10:31 -07:00
debug("Importing 2FA Modules");
const notp = require("notp");
const base32 = require("thirty-two");
2021-07-31 06:57:58 -07:00
console.log("Importing this project modules");
debug("Importing Monitor");
const Monitor = require("./model/monitor");
debug("Importing Settings");
const { getSettings, setSettings, setting, initJWTSecret, checkLogin, startUnitTest, FBSD } = require("./util-server");
2021-09-07 07:42:46 -07:00
2021-07-31 06:57:58 -07:00
debug("Importing Notification");
const { Notification } = require("./notification");
2021-09-07 07:42:46 -07:00
Notification.init();
2021-07-31 06:57:58 -07:00
debug("Importing Database");
const Database = require("./database");
debug("Importing Background Jobs");
const { initBackgroundJobs } = require("./jobs");
2021-07-27 09:52:31 -07:00
const { basicAuth } = require("./auth");
2021-07-27 10:47:13 -07:00
const { login } = require("./auth");
2021-07-28 05:35:55 -07:00
const passwordHash = require("./password-hash");
2021-07-31 06:57:58 -07:00
2021-08-21 04:50:22 -07:00
const checkVersion = require("./check-version");
console.info("Version: " + checkVersion.version);
2021-08-10 01:36:21 -07:00
2021-08-10 01:45:37 -07:00
// If host is omitted, the server will accept connections on the unspecified IPv6 address (::) when IPv6 is available and the unspecified IPv4 address (0.0.0.0) otherwise.
// Dual-stack support for (::)
let hostname = process.env.UPTIME_KUMA_HOST || args.host;
// Also read HOST if not FreeBSD, as HOST is a system environment variable in FreeBSD
if (!hostname && !FBSD) {
hostname = process.env.HOST;
}
if (hostname) {
console.log("Custom hostname: " + hostname);
}
const port = parseInt(process.env.UPTIME_KUMA_PORT || process.env.PORT || args.port || 3001);
2021-06-25 06:55:49 -07:00
2021-09-02 05:18:27 -07:00
// SSL
const sslKey = process.env.UPTIME_KUMA_SSL_KEY || process.env.SSL_KEY || args["ssl-key"] || undefined;
const sslCert = process.env.UPTIME_KUMA_SSL_CERT || process.env.SSL_CERT || args["ssl-cert"] || undefined;
2021-10-19 01:29:09 -07:00
const disableFrameSameOrigin = !!process.env.UPTIME_KUMA_DISABLE_FRAME_SAMEORIGIN || args["disable-frame-sameorigin"] || false;
2021-09-02 05:18:27 -07:00
2021-10-11 11:18:40 -07:00
// 2FA / notp verification defaults
const twofa_verification_opts = {
"window": 1,
"time": 30
2021-10-18 02:15:28 -07:00
};
2021-09-02 05:18:27 -07:00
/**
* Run unit test after the server is ready
* @type {boolean}
*/
const testMode = !!args["test"] || false;
2021-09-02 07:37:51 -07:00
2021-10-15 09:57:26 -07:00
if (config.demoMode) {
2021-09-02 07:37:51 -07:00
console.log("==== Demo Mode ====");
2021-09-02 06:10:18 -07:00
}
2021-09-02 05:27:18 -07:00
2021-09-30 09:09:43 -07:00
console.log("Creating express and socket.io instance");
2021-07-15 10:44:51 -07:00
const app = express();
2021-09-02 05:18:27 -07:00
let server;
if (sslKey && sslCert) {
2021-09-02 05:27:18 -07:00
console.log("Server Type: HTTPS");
2021-09-02 06:13:59 -07:00
server = https.createServer({
2021-09-02 06:16:04 -07:00
key: fs.readFileSync(sslKey),
cert: fs.readFileSync(sslCert)
2021-09-02 06:13:59 -07:00
}, app);
2021-09-02 05:18:27 -07:00
} else {
2021-09-02 05:27:18 -07:00
console.log("Server Type: HTTP");
server = http.createServer(app);
2021-09-02 05:18:27 -07:00
}
2021-07-15 10:44:51 -07:00
const io = new Server(server);
module.exports.io = io;
// Must be after io instantiation
const { sendNotificationList, sendHeartbeatList, sendImportantHeartbeatList, sendInfo } = require("./client");
2021-09-16 07:48:28 -07:00
const { statusPageSocketHandler } = require("./socket-handlers/status-page-socket-handler");
app.use(express.json());
2021-07-09 04:33:22 -07:00
2021-10-18 23:26:10 -07:00
// Global Middleware
app.use(function (req, res, next) {
2021-10-19 01:29:09 -07:00
if (!disableFrameSameOrigin) {
res.setHeader("X-Frame-Options", "SAMEORIGIN");
}
2021-10-18 23:26:10 -07:00
res.removeHeader("X-Powered-By");
next();
});
2021-07-21 11:02:35 -07:00
/**
* Total WebSocket client connected to server currently, no actual use
* @type {number}
*/
2021-06-25 06:55:49 -07:00
let totalClient = 0;
2021-07-21 11:02:35 -07:00
/**
* Use for decode the auth object
* @type {null}
*/
2021-06-25 06:55:49 -07:00
let jwtSecret = null;
2021-07-21 11:02:35 -07:00
/**
* Main monitor list
* @type {{}}
*/
2021-06-25 06:55:49 -07:00
let monitorList = {};
2021-07-21 11:02:35 -07:00
/**
* Show Setup Page
* @type {boolean}
*/
2021-07-10 22:47:57 -07:00
let needSetup = false;
2021-06-25 06:55:49 -07:00
/**
* Cache Index HTML
* @type {string}
*/
let indexHTML = "";
try {
indexHTML = fs.readFileSync("./dist/index.html").toString();
} catch (e) {
// "dist/index.html" is not necessary for development
if (process.env.NODE_ENV !== "development") {
console.error("Error: Cannot find 'dist/index.html', did you install correctly?");
process.exit(1);
}
}
2021-09-15 05:40:26 -07:00
exports.entryPage = "dashboard";
2021-06-25 06:55:49 -07:00
(async () => {
2021-09-20 01:29:18 -07:00
Database.init(args);
2021-06-25 06:55:49 -07:00
await initDatabase();
2021-09-15 05:40:26 -07:00
exports.entryPage = await setting("entryPage");
2021-07-27 09:52:31 -07:00
2021-09-15 05:40:26 -07:00
console.log("Adding route");
2021-07-27 09:52:31 -07:00
2021-09-11 04:40:03 -07:00
// ***************************
2021-07-27 09:52:31 -07:00
// Normal Router here
2021-09-11 04:40:03 -07:00
// ***************************
2021-07-27 09:52:31 -07:00
2021-08-09 03:16:27 -07:00
// Robots.txt
app.get("/robots.txt", async (_request, response) => {
let txt = "User-agent: *\nDisallow:";
if (! await setting("searchEngineIndex")) {
txt += " /";
}
response.setHeader("Content-Type", "text/plain");
response.send(txt);
});
2021-06-25 06:55:49 -07:00
2021-07-27 09:52:31 -07:00
// Basic Auth Router here
// Prometheus API metrics /metrics
// With Basic Auth using the first user's username/password
2021-08-09 03:16:27 -07:00
app.get("/metrics", basicAuth, prometheusAPIMetrics());
app.use("/", express.static("dist"));
2021-07-22 00:22:15 -07:00
// ./data/upload
app.use("/upload", express.static(Database.uploadDir));
2021-09-13 21:10:25 -07:00
app.get("/.well-known/change-password", async (_, response) => {
response.redirect("https://github.com/louislam/uptime-kuma/wiki/Reset-Password-via-CLI");
});
2021-09-13 23:55:45 -07:00
// API Router
const apiRouter = require("./routers/api-router");
app.use(apiRouter);
2021-09-11 04:40:03 -07:00
2021-10-18 23:26:10 -07:00
// Universal Route Handler, must be at the end of all express routes.
2021-08-09 03:16:27 -07:00
app.get("*", async (_request, response) => {
if (_request.originalUrl.startsWith("/upload/")) {
response.status(404).send("File not found.");
} else {
response.send(indexHTML);
}
2021-07-08 23:14:03 -07:00
});
console.log("Adding socket handler");
2021-07-27 10:47:13 -07:00
io.on("connection", async (socket) => {
2021-07-13 03:08:12 -07:00
sendInfo(socket);
2021-07-13 03:08:12 -07:00
2021-06-25 06:55:49 -07:00
totalClient++;
2021-07-10 22:47:57 -07:00
if (needSetup) {
console.log("Redirect to setup page");
socket.emit("setup");
2021-07-10 22:47:57 -07:00
}
2021-07-27 10:47:13 -07:00
socket.on("disconnect", () => {
2021-06-25 06:55:49 -07:00
totalClient--;
});
2021-07-29 20:33:44 -07:00
// ***************************
2021-09-11 04:40:03 -07:00
// Public Socket API
2021-07-29 20:33:44 -07:00
// ***************************
2021-06-25 06:55:49 -07:00
socket.on("loginByToken", async (token, callback) => {
try {
let decoded = jwt.verify(token, jwtSecret);
console.log("Username from JWT: " + decoded.username);
2021-06-25 06:55:49 -07:00
let user = await R.findOne("user", " username = ? AND active = 1 ", [
2021-07-27 10:47:13 -07:00
decoded.username,
]);
2021-06-25 06:55:49 -07:00
if (user) {
debug("afterLogin");
2021-08-03 10:03:40 -07:00
afterLogin(socket, user);
2021-06-25 06:55:49 -07:00
debug("afterLogin ok");
2021-08-03 10:03:40 -07:00
2021-06-25 06:55:49 -07:00
callback({
ok: true,
});
2021-06-25 06:55:49 -07:00
} else {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: "The user is inactive or deleted.",
});
2021-06-25 06:55:49 -07:00
}
} catch (error) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: "Invalid token.",
});
2021-06-25 06:55:49 -07:00
}
});
socket.on("login", async (data, callback) => {
console.log("Login");
2021-06-25 06:55:49 -07:00
let user = await login(data.username, data.password);
2021-07-13 07:22:46 -07:00
2021-07-27 09:52:31 -07:00
if (user) {
afterLogin(socket, user);
2021-06-25 06:55:49 -07:00
if (user.twofaStatus == 0) {
callback({
ok: true,
token: jwt.sign({
username: data.username,
}, jwtSecret),
});
}
if (user.twofaStatus == 1 && !data.token) {
callback({
tokenRequired: true,
});
}
if (data.token) {
2021-10-11 11:18:40 -07:00
let verify = notp.totp.verify(data.token, user.twofa_secret, twofa_verification_opts);
if (verify && verify.delta == 0) {
callback({
ok: true,
token: jwt.sign({
username: data.username,
}, jwtSecret),
});
} else {
callback({
ok: false,
msg: "Invalid Token!",
});
}
}
2021-06-25 06:55:49 -07:00
} else {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: "Incorrect username or password.",
});
2021-06-25 06:55:49 -07:00
}
});
socket.on("logout", async (callback) => {
socket.leave(socket.userID);
2021-06-25 06:55:49 -07:00
socket.userID = null;
callback();
2021-07-10 22:47:57 -07:00
});
socket.on("prepare2FA", async (callback) => {
try {
checkLogin(socket);
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
if (user.twofa_status == 0) {
2021-10-18 02:37:11 -07:00
let newSecret = genSecret();
let encodedSecret = base32.encode(newSecret);
// Google authenticator doesn't like equal signs
// The fix is found at https://github.com/guyht/notp
// Related issue: https://github.com/louislam/uptime-kuma/issues/486
encodedSecret = encodedSecret.toString().replace(/=/g, "");
2021-09-11 11:25:51 -07:00
let uri = `otpauth://totp/Uptime%20Kuma:${user.username}?secret=${encodedSecret}`;
await R.exec("UPDATE `user` SET twofa_secret = ? WHERE id = ? ", [
newSecret,
socket.userID,
]);
callback({
ok: true,
uri: uri,
});
} else {
callback({
ok: false,
msg: "2FA is already enabled.",
});
}
} catch (error) {
callback({
ok: false,
msg: "Error while trying to prepare 2FA.",
});
}
});
socket.on("save2FA", async (callback) => {
try {
checkLogin(socket);
await R.exec("UPDATE `user` SET twofa_status = 1 WHERE id = ? ", [
socket.userID,
]);
callback({
ok: true,
msg: "2FA Enabled.",
});
} catch (error) {
callback({
ok: false,
msg: "Error while trying to change 2FA.",
});
}
});
socket.on("disable2FA", async (callback) => {
try {
checkLogin(socket);
await R.exec("UPDATE `user` SET twofa_status = 0 WHERE id = ? ", [
socket.userID,
]);
callback({
ok: true,
msg: "2FA Disabled.",
});
} catch (error) {
callback({
ok: false,
msg: "Error while trying to change 2FA.",
});
}
});
socket.on("verifyToken", async (token, callback) => {
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
2021-10-11 11:18:40 -07:00
let verify = notp.totp.verify(token, user.twofa_secret, twofa_verification_opts);
if (verify && verify.delta == 0) {
callback({
ok: true,
valid: true,
});
} else {
callback({
ok: false,
msg: "Invalid Token.",
valid: false,
});
}
});
socket.on("twoFAStatus", async (callback) => {
checkLogin(socket);
try {
let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID,
]);
if (user.twofa_status == 1) {
callback({
ok: true,
status: true,
});
} else {
callback({
ok: true,
status: false,
});
}
} catch (error) {
callback({
ok: false,
msg: "Error while trying to get 2FA status.",
});
}
});
2021-07-10 22:47:57 -07:00
socket.on("needSetup", async (callback) => {
callback(needSetup);
});
socket.on("setup", async (username, password, callback) => {
try {
2021-10-21 07:54:04 -07:00
if (passwordStrength(password).value === "Too weak") {
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
2021-07-10 22:47:57 -07:00
if ((await R.count("user")) !== 0) {
2021-10-18 13:35:47 -07:00
throw new Error("Uptime Kuma has been initialized. If you want to run setup again, please delete the database.");
2021-07-10 22:47:57 -07:00
}
let user = R.dispense("user");
2021-07-10 22:47:57 -07:00
user.username = username;
user.password = passwordHash.generate(password);
await R.store(user);
2021-07-10 22:47:57 -07:00
needSetup = false;
callback({
ok: true,
2021-07-27 10:47:13 -07:00
msg: "Added Successfully.",
2021-07-10 22:47:57 -07:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-07-10 22:47:57 -07:00
});
}
2021-06-25 06:55:49 -07:00
});
2021-07-29 20:33:44 -07:00
// ***************************
2021-06-25 06:55:49 -07:00
// Auth Only API
2021-07-29 20:33:44 -07:00
// ***************************
2021-06-25 06:55:49 -07:00
2021-07-30 04:18:26 -07:00
// Add a new monitor
2021-06-25 06:55:49 -07:00
socket.on("add", async (monitor, callback) => {
try {
checkLogin(socket);
let bean = R.dispense("monitor");
let notificationIDList = monitor.notificationIDList;
delete monitor.notificationIDList;
2021-08-06 11:10:38 -07:00
monitor.accepted_statuscodes_json = JSON.stringify(monitor.accepted_statuscodes);
delete monitor.accepted_statuscodes;
bean.import(monitor);
bean.user_id = socket.userID;
await R.store(bean);
2021-06-25 06:55:49 -07:00
await updateMonitorNotification(bean.id, notificationIDList);
2021-06-27 01:10:55 -07:00
await startMonitor(socket.userID, bean.id);
await sendMonitorList(socket);
2021-06-25 06:55:49 -07:00
callback({
ok: true,
msg: "Added Successfully.",
2021-07-27 10:47:13 -07:00
monitorID: bean.id,
2021-06-25 06:55:49 -07:00
});
2021-06-27 01:10:55 -07:00
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-27 01:10:55 -07:00
});
}
});
2021-07-30 04:18:26 -07:00
// Edit a monitor
2021-06-27 01:10:55 -07:00
socket.on("editMonitor", async (monitor, callback) => {
try {
checkLogin(socket);
2021-06-27 01:10:55 -07:00
let bean = await R.findOne("monitor", " id = ? ", [ monitor.id ]);
2021-06-27 01:10:55 -07:00
if (bean.user_id !== socket.userID) {
throw new Error("Permission denied.");
2021-06-27 01:10:55 -07:00
}
bean.name = monitor.name;
bean.type = monitor.type;
bean.url = monitor.url;
bean.method = monitor.method;
bean.body = monitor.body;
bean.headers = monitor.headers;
bean.interval = monitor.interval;
bean.retryInterval = monitor.retryInterval;
2021-06-30 23:03:06 -07:00
bean.hostname = monitor.hostname;
bean.maxretries = monitor.maxretries;
2021-06-30 23:03:06 -07:00
bean.port = monitor.port;
2021-07-01 02:19:28 -07:00
bean.keyword = monitor.keyword;
2021-07-30 04:18:26 -07:00
bean.ignoreTls = monitor.ignoreTls;
bean.upsideDown = monitor.upsideDown;
2021-08-08 09:23:51 -07:00
bean.maxredirects = monitor.maxredirects;
bean.accepted_statuscodes_json = JSON.stringify(monitor.accepted_statuscodes);
2021-08-22 15:05:48 -07:00
bean.dns_resolve_type = monitor.dns_resolve_type;
bean.dns_resolve_server = monitor.dns_resolve_server;
2021-09-30 09:09:43 -07:00
bean.pushToken = monitor.pushToken;
2021-06-27 01:10:55 -07:00
await R.store(bean);
2021-06-27 01:10:55 -07:00
await updateMonitorNotification(bean.id, monitor.notificationIDList);
2021-06-27 01:10:55 -07:00
if (bean.active) {
await restartMonitor(socket.userID, bean.id);
2021-06-27 01:10:55 -07:00
}
2021-06-25 06:55:49 -07:00
await sendMonitorList(socket);
2021-06-27 01:10:55 -07:00
callback({
ok: true,
msg: "Saved.",
2021-07-27 10:47:13 -07:00
monitorID: bean.id,
2021-06-27 01:10:55 -07:00
});
2021-06-25 06:55:49 -07:00
} catch (e) {
console.error(e);
2021-06-25 06:55:49 -07:00
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-25 06:55:49 -07:00
});
}
});
socket.on("getMonitorList", async (callback) => {
try {
checkLogin(socket);
await sendMonitorList(socket);
callback({
ok: true,
});
} catch (e) {
console.error(e);
callback({
ok: false,
msg: e.message,
});
}
});
2021-06-25 06:55:49 -07:00
socket.on("getMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
2021-06-25 06:55:49 -07:00
console.log(`Get Monitor: ${monitorID} User ID: ${socket.userID}`);
2021-06-25 06:55:49 -07:00
let bean = await R.findOne("monitor", " id = ? AND user_id = ? ", [
monitorID,
socket.userID,
]);
2021-06-25 06:55:49 -07:00
callback({
ok: true,
monitor: await bean.toJSON(),
2021-06-25 06:55:49 -07:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-25 06:55:49 -07:00
});
}
});
// Start or Resume the monitor
socket.on("resumeMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
2021-06-25 06:55:49 -07:00
await startMonitor(socket.userID, monitorID);
await sendMonitorList(socket);
callback({
ok: true,
2021-07-27 10:47:13 -07:00
msg: "Resumed Successfully.",
2021-06-25 06:55:49 -07:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-25 06:55:49 -07:00
});
}
});
socket.on("pauseMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
await pauseMonitor(socket.userID, monitorID);
2021-06-25 06:55:49 -07:00
await sendMonitorList(socket);
callback({
ok: true,
2021-07-27 10:47:13 -07:00
msg: "Paused Successfully.",
2021-06-25 06:55:49 -07:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-25 06:55:49 -07:00
});
}
});
socket.on("deleteMonitor", async (monitorID, callback) => {
try {
checkLogin(socket);
2021-06-25 06:55:49 -07:00
console.log(`Delete Monitor: ${monitorID} User ID: ${socket.userID}`);
2021-06-25 06:55:49 -07:00
if (monitorID in monitorList) {
monitorList[monitorID].stop();
delete monitorList[monitorID];
2021-06-25 06:55:49 -07:00
}
await R.exec("DELETE FROM monitor WHERE id = ? AND user_id = ? ", [
monitorID,
2021-07-27 10:47:13 -07:00
socket.userID,
2021-06-25 06:55:49 -07:00
]);
callback({
ok: true,
2021-07-27 10:47:13 -07:00
msg: "Deleted Successfully.",
2021-06-25 06:55:49 -07:00
});
await sendMonitorList(socket);
// Clear heartbeat list on client
await sendImportantHeartbeatList(socket, monitorID, true, true);
2021-06-25 06:55:49 -07:00
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("getTags", async (callback) => {
try {
checkLogin(socket);
const list = await R.findAll("tag");
callback({
ok: true,
tags: list.map(bean => bean.toJSON()),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("addTag", async (tag, callback) => {
try {
checkLogin(socket);
let bean = R.dispense("tag");
bean.name = tag.name;
bean.color = tag.color;
await R.store(bean);
callback({
ok: true,
tag: await bean.toJSON(),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("editTag", async (tag, callback) => {
try {
checkLogin(socket);
let bean = await R.findOne("monitor", " id = ? ", [ tag.id ]);
bean.name = tag.name;
bean.color = tag.color;
await R.store(bean);
callback({
ok: true,
tag: await bean.toJSON(),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("deleteTag", async (tagID, callback) => {
try {
checkLogin(socket);
await R.exec("DELETE FROM tag WHERE id = ? ", [ tagID ]);
callback({
ok: true,
msg: "Deleted Successfully.",
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("addMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await R.exec("INSERT INTO monitor_tag (tag_id, monitor_id, value) VALUES (?, ?, ?)", [
tagID,
monitorID,
value,
]);
callback({
ok: true,
msg: "Added Successfully.",
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("editMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await R.exec("UPDATE monitor_tag SET value = ? WHERE tag_id = ? AND monitor_id = ?", [
value,
tagID,
monitorID,
]);
callback({
ok: true,
msg: "Edited Successfully.",
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("deleteMonitorTag", async (tagID, monitorID, value, callback) => {
try {
checkLogin(socket);
await R.exec("DELETE FROM monitor_tag WHERE tag_id = ? AND monitor_id = ? AND value = ?", [
tagID,
monitorID,
value,
]);
// Cleanup unused Tags
await R.exec("delete from tag where ( select count(*) from monitor_tag mt where tag.id = mt.tag_id ) = 0");
callback({
ok: true,
msg: "Deleted Successfully.",
});
} catch (e) {
2021-06-25 06:55:49 -07:00
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-25 06:55:49 -07:00
});
}
});
socket.on("changePassword", async (password, callback) => {
try {
checkLogin(socket);
2021-06-25 06:55:49 -07:00
2021-10-21 07:54:04 -07:00
if (! password.newPassword) {
throw new Error("Invalid new password");
2021-06-25 06:55:49 -07:00
}
2021-10-21 07:54:04 -07:00
if (passwordStrength(password.newPassword).value === "Too weak") {
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
2021-06-25 06:55:49 -07:00
let user = await R.findOne("user", " id = ? AND active = 1 ", [
2021-07-27 10:47:13 -07:00
socket.userID,
]);
2021-06-25 06:55:49 -07:00
if (user && passwordHash.verify(password.currentPassword, user.password)) {
2021-08-08 22:34:44 -07:00
user.resetPassword(password.newPassword);
2021-06-25 06:55:49 -07:00
callback({
ok: true,
2021-07-27 10:47:13 -07:00
msg: "Password has been updated successfully.",
});
2021-06-25 06:55:49 -07:00
} else {
throw new Error("Incorrect current password");
2021-06-25 06:55:49 -07:00
}
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-06-25 06:55:49 -07:00
});
}
});
2021-07-05 23:30:10 -07:00
2021-07-31 06:57:58 -07:00
socket.on("getSettings", async (callback) => {
2021-07-05 23:30:10 -07:00
try {
checkLogin(socket);
2021-07-05 23:30:10 -07:00
callback({
ok: true,
2021-07-31 06:57:58 -07:00
data: await getSettings("general"),
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("setSettings", async (data, callback) => {
try {
checkLogin(socket);
2021-07-31 06:57:58 -07:00
2021-09-15 05:40:26 -07:00
await setSettings("general", data);
exports.entryPage = data.entryPage;
2021-07-31 06:57:58 -07:00
callback({
ok: true,
msg: "Saved"
2021-07-05 23:30:10 -07:00
});
sendInfo(socket);
2021-07-05 23:30:10 -07:00
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-07-05 23:30:10 -07:00
});
}
});
2021-07-08 23:14:03 -07:00
// Add or Edit
socket.on("addNotification", async (notification, notificationID, callback) => {
try {
checkLogin(socket);
2021-07-08 23:14:03 -07:00
let notificationBean = await Notification.save(notification, notificationID, socket.userID);
await sendNotificationList(socket);
2021-07-08 23:14:03 -07:00
callback({
ok: true,
msg: "Saved",
id: notificationBean.id,
2021-07-08 23:14:03 -07:00
});
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-07-08 23:14:03 -07:00
});
}
});
socket.on("deleteNotification", async (notificationID, callback) => {
try {
checkLogin(socket);
2021-07-08 23:14:03 -07:00
await Notification.delete(notificationID, socket.userID);
await sendNotificationList(socket);
2021-07-08 23:14:03 -07:00
callback({
ok: true,
msg: "Deleted",
});
} catch (e) {
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-07-08 23:14:03 -07:00
});
}
});
socket.on("testNotification", async (notification, callback) => {
try {
checkLogin(socket);
2021-07-08 23:14:03 -07:00
let msg = await Notification.send(notification, notification.name + " Testing");
2021-07-08 23:14:03 -07:00
callback({
ok: true,
2021-07-27 10:47:13 -07:00
msg,
2021-07-08 23:14:03 -07:00
});
} catch (e) {
console.error(e);
2021-07-18 05:49:46 -07:00
2021-07-08 23:14:03 -07:00
callback({
ok: false,
2021-07-27 10:47:13 -07:00
msg: e.message,
2021-07-08 23:14:03 -07:00
});
}
});
2021-07-18 03:51:58 -07:00
socket.on("checkApprise", async (callback) => {
try {
checkLogin(socket);
2021-07-18 03:51:58 -07:00
callback(Notification.checkApprise());
} catch (e) {
callback(false);
}
});
2021-08-03 10:03:40 -07:00
2021-09-11 12:53:17 -07:00
socket.on("uploadBackup", async (uploadedJSON, importHandle, callback) => {
2021-09-01 08:09:32 -07:00
try {
checkLogin(socket);
2021-09-01 08:09:32 -07:00
2021-09-02 07:13:31 -07:00
let backupData = JSON.parse(uploadedJSON);
2021-09-01 08:09:32 -07:00
console.log(`Importing Backup, User ID: ${socket.userID}, Version: ${backupData.version}`);
2021-09-23 08:31:01 -07:00
2021-09-11 12:53:17 -07:00
let notificationListData = backupData.notificationList;
let monitorListData = backupData.monitorList;
2021-09-01 08:09:32 -07:00
let version17x = compareVersions.compare(backupData.version, "1.7.0", ">=");
// If the import option is "overwrite" it'll clear most of the tables, except "settings" and "user"
2021-09-11 12:53:17 -07:00
if (importHandle == "overwrite") {
// Stops every monitor first, so it doesn't execute any heartbeat while importing
2021-09-11 12:53:17 -07:00
for (let id in monitorList) {
let monitor = monitorList[id];
await monitor.stop();
2021-09-01 08:09:32 -07:00
}
2021-09-11 12:53:17 -07:00
await R.exec("DELETE FROM heartbeat");
await R.exec("DELETE FROM monitor_notification");
await R.exec("DELETE FROM monitor_tls_info");
await R.exec("DELETE FROM notification");
await R.exec("DELETE FROM monitor_tag");
await R.exec("DELETE FROM tag");
2021-09-11 12:53:17 -07:00
await R.exec("DELETE FROM monitor");
2021-09-01 08:09:32 -07:00
}
// Only starts importing if the backup file contains at least one notification
2021-09-11 12:53:17 -07:00
if (notificationListData.length >= 1) {
// Get every existing notification name and puts them in one simple string
2021-09-11 12:53:17 -07:00
let notificationNameList = await R.getAll("SELECT name FROM notification");
let notificationNameListString = JSON.stringify(notificationNameList);
2021-09-01 08:09:32 -07:00
2021-09-11 12:53:17 -07:00
for (let i = 0; i < notificationListData.length; i++) {
// Only starts importing the notification if the import option is "overwrite", "keep" or "skip" but the notification doesn't exists
2021-09-11 12:53:17 -07:00
if ((importHandle == "skip" && notificationNameListString.includes(notificationListData[i].name) == false) || importHandle == "keep" || importHandle == "overwrite") {
2021-09-01 08:09:32 -07:00
2021-09-11 12:53:17 -07:00
let notification = JSON.parse(notificationListData[i].config);
await Notification.save(notification, null, socket.userID);
2021-09-01 08:09:32 -07:00
2021-09-11 12:53:17 -07:00
}
}
}
2021-09-01 08:09:32 -07:00
// Only starts importing if the backup file contains at least one monitor
2021-09-11 12:53:17 -07:00
if (monitorListData.length >= 1) {
// Get every existing monitor name and puts them in one simple string
2021-09-11 12:53:17 -07:00
let monitorNameList = await R.getAll("SELECT name FROM monitor");
let monitorNameListString = JSON.stringify(monitorNameList);
for (let i = 0; i < monitorListData.length; i++) {
// Only starts importing the monitor if the import option is "overwrite", "keep" or "skip" but the notification doesn't exists
2021-09-11 12:53:17 -07:00
if ((importHandle == "skip" && monitorNameListString.includes(monitorListData[i].name) == false) || importHandle == "keep" || importHandle == "overwrite") {
// Define in here every new variable for monitors which where implemented after the first version of the Import/Export function (1.6.0)
// --- Start ---
// Define default values
let retryInterval = 0;
/*
Only replace the default value with the backup file data for the specific version, where it appears the first time
More information about that where "let version" will be defined
*/
if (version17x) {
retryInterval = monitorListData[i].retryInterval;
}
// --- End ---
2021-09-11 12:53:17 -07:00
let monitor = {
// Define the new variable from earlier here
2021-09-11 12:53:17 -07:00
name: monitorListData[i].name,
type: monitorListData[i].type,
url: monitorListData[i].url,
method: monitorListData[i].method || "GET",
body: monitorListData[i].body,
headers: monitorListData[i].headers,
2021-09-11 12:53:17 -07:00
interval: monitorListData[i].interval,
retryInterval: retryInterval,
2021-09-11 12:53:17 -07:00
hostname: monitorListData[i].hostname,
maxretries: monitorListData[i].maxretries,
port: monitorListData[i].port,
keyword: monitorListData[i].keyword,
ignoreTls: monitorListData[i].ignoreTls,
upsideDown: monitorListData[i].upsideDown,
maxredirects: monitorListData[i].maxredirects,
accepted_statuscodes: monitorListData[i].accepted_statuscodes,
dns_resolve_type: monitorListData[i].dns_resolve_type,
dns_resolve_server: monitorListData[i].dns_resolve_server,
notificationIDList: {},
};
2021-09-11 12:53:17 -07:00
2021-10-09 02:45:05 -07:00
if (monitorListData[i].pushToken) {
monitor.pushToken = monitorListData[i].pushToken;
}
let bean = R.dispense("monitor");
2021-09-11 12:53:17 -07:00
let notificationIDList = monitor.notificationIDList;
delete monitor.notificationIDList;
monitor.accepted_statuscodes_json = JSON.stringify(monitor.accepted_statuscodes);
delete monitor.accepted_statuscodes;
bean.import(monitor);
bean.user_id = socket.userID;
await R.store(bean);
2021-09-11 12:53:17 -07:00
// Only for backup files with the version 1.7.0 or higher, since there was the tag feature implemented
if (version17x) {
// Only import if the specific monitor has tags assigned
for (const oldTag of monitorListData[i].tags) {
// Check if tag already exists and get data ->
let tag = await R.findOne("tag", " name = ?", [
oldTag.name,
]);
let tagId;
if (! tag) {
// -> If it doesn't exist, create new tag from backup file
let beanTag = R.dispense("tag");
beanTag.name = oldTag.name;
beanTag.color = oldTag.color;
await R.store(beanTag);
tagId = beanTag.id;
} else {
// -> If it already exist, set tagId to value from database
tagId = tag.id;
}
// Assign the new created tag to the monitor
await R.exec("INSERT INTO monitor_tag (tag_id, monitor_id, value) VALUES (?, ?, ?)", [
tagId,
bean.id,
oldTag.value,
]);
}
}
await updateMonitorNotification(bean.id, notificationIDList);
2021-09-11 12:53:17 -07:00
// If monitor was active start it immediately, otherwise pause it
2021-09-11 12:53:17 -07:00
if (monitorListData[i].active == 1) {
await startMonitor(socket.userID, bean.id);
} else {
await pauseMonitor(socket.userID, bean.id);
}
2021-09-01 08:09:32 -07:00
}
2021-09-01 08:09:32 -07:00
}
await sendNotificationList(socket);
2021-09-01 08:09:32 -07:00
await sendMonitorList(socket);
}
callback({
ok: true,
msg: "Backup successfully restored.",
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("clearEvents", async (monitorID, callback) => {
try {
checkLogin(socket);
console.log(`Clear Events Monitor: ${monitorID} User ID: ${socket.userID}`);
await R.exec("UPDATE heartbeat SET msg = ?, important = ? WHERE monitor_id = ? ", [
"",
"0",
monitorID,
]);
await sendImportantHeartbeatList(socket, monitorID, true, true);
callback({
ok: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("clearHeartbeats", async (monitorID, callback) => {
try {
checkLogin(socket);
console.log(`Clear Heartbeats Monitor: ${monitorID} User ID: ${socket.userID}`);
await R.exec("DELETE FROM heartbeat WHERE monitor_id = ?", [
monitorID
]);
await sendHeartbeatList(socket, monitorID, true, true);
callback({
ok: true,
2021-08-31 15:36:24 -07:00
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
socket.on("clearStatistics", async (callback) => {
try {
checkLogin(socket);
2021-08-31 15:36:24 -07:00
console.log(`Clear Statistics User ID: ${socket.userID}`);
2021-08-31 15:36:24 -07:00
await R.exec("DELETE FROM heartbeat");
callback({
ok: true,
});
} catch (e) {
callback({
ok: false,
msg: e.message,
});
}
});
2021-09-16 07:48:28 -07:00
// Status Page Socket Handler for admin only
statusPageSocketHandler(socket);
debug("added all socket handlers");
2021-08-03 10:03:40 -07:00
2021-08-03 22:31:17 -07:00
// ***************************
// Better do anything after added all socket handlers here
// ***************************
debug("check auto login");
2021-08-03 10:03:40 -07:00
if (await setting("disableAuth")) {
console.log("Disabled Auth: auto login to admin");
afterLogin(socket, await R.findOne("user"));
socket.emit("autoLogin");
2021-08-03 10:03:40 -07:00
} else {
debug("need auth");
2021-08-03 10:03:40 -07:00
}
2021-06-25 06:55:49 -07:00
});
console.log("Init the server");
2021-08-10 06:28:54 -07:00
server.once("error", async (err) => {
console.error("Cannot listen: " + err.message);
await Database.close();
});
2021-08-10 01:36:21 -07:00
2021-08-10 06:28:54 -07:00
server.listen(port, hostname, () => {
2021-08-10 01:36:21 -07:00
if (hostname) {
console.log(`Listening on ${hostname}:${port}`);
} else {
2021-08-10 07:00:29 -07:00
console.log(`Listening on ${port}`);
2021-08-10 01:36:21 -07:00
}
2021-06-25 06:55:49 -07:00
startMonitors();
2021-08-21 04:50:22 -07:00
checkVersion.startInterval();
if (testMode) {
startUnitTest();
}
2021-06-25 06:55:49 -07:00
});
initBackgroundJobs(args);
2021-06-25 06:55:49 -07:00
})();
async function updateMonitorNotification(monitorID, notificationIDList) {
2021-08-10 06:37:51 -07:00
await R.exec("DELETE FROM monitor_notification WHERE monitor_id = ? ", [
2021-07-27 10:47:13 -07:00
monitorID,
]);
for (let notificationID in notificationIDList) {
if (notificationIDList[notificationID]) {
let relation = R.dispense("monitor_notification");
relation.monitor_id = monitorID;
relation.notification_id = notificationID;
await R.store(relation);
}
}
}
2021-06-25 06:55:49 -07:00
async function checkOwner(userID, monitorID) {
let row = await R.getRow("SELECT id FROM monitor WHERE id = ? AND user_id = ? ", [
monitorID,
userID,
]);
2021-06-25 06:55:49 -07:00
if (! row) {
throw new Error("You do not own this monitor.");
}
}
async function sendMonitorList(socket) {
2021-06-29 01:06:20 -07:00
let list = await getMonitorJSONList(socket.userID);
io.to(socket.userID).emit("monitorList", list);
2021-06-29 01:06:20 -07:00
return list;
2021-06-25 06:55:49 -07:00
}
async function afterLogin(socket, user) {
socket.userID = user.id;
socket.join(user.id);
2021-06-29 01:06:20 -07:00
let monitorList = await sendMonitorList(socket);
sendNotificationList(socket);
2021-08-08 10:58:56 -07:00
2021-08-23 03:52:55 -07:00
await sleep(500);
for (let monitorID in monitorList) {
await sendHeartbeatList(socket, monitorID);
}
for (let monitorID in monitorList) {
await sendImportantHeartbeatList(socket, monitorID);
}
for (let monitorID in monitorList) {
await Monitor.sendStats(io, monitorID, user.id);
2021-08-23 03:52:55 -07:00
}
2021-06-25 06:55:49 -07:00
}
async function getMonitorJSONList(userID) {
2021-06-27 01:10:55 -07:00
let result = {};
2021-06-25 06:55:49 -07:00
2021-08-23 03:52:55 -07:00
let monitorList = await R.find("monitor", " user_id = ? ORDER BY weight DESC, name", [
2021-07-27 10:47:13 -07:00
userID,
]);
2021-06-25 06:55:49 -07:00
for (let monitor of monitorList) {
result[monitor.id] = await monitor.toJSON();
2021-06-25 06:55:49 -07:00
}
return result;
}
async function initDatabase() {
2021-07-21 11:02:35 -07:00
if (! fs.existsSync(Database.path)) {
console.log("Copying Database");
2021-07-21 11:02:35 -07:00
fs.copyFileSync(Database.templatePath, Database.path);
2021-07-10 22:47:57 -07:00
}
2021-10-18 13:35:47 -07:00
console.log("Connecting to the Database");
2021-08-08 22:34:44 -07:00
await Database.connect();
console.log("Connected");
2021-07-18 03:51:58 -07:00
2021-07-21 11:02:35 -07:00
// Patch the database
await Database.patch();
2021-07-21 11:02:35 -07:00
2021-06-25 06:55:49 -07:00
let jwtSecretBean = await R.findOne("setting", " `key` = ? ", [
2021-07-27 10:47:13 -07:00
"jwtSecret",
2021-06-25 06:55:49 -07:00
]);
if (! jwtSecretBean) {
2021-08-08 22:34:44 -07:00
console.log("JWT secret is not found, generate one.");
2021-08-09 05:09:01 -07:00
jwtSecretBean = await initJWTSecret();
2021-08-08 22:34:44 -07:00
console.log("Stored JWT secret into database");
2021-06-25 06:55:49 -07:00
} else {
2021-08-08 22:34:44 -07:00
console.log("Load JWT secret from database.");
2021-06-25 06:55:49 -07:00
}
2021-07-21 11:02:35 -07:00
// If there is no record in user table, it is a new Uptime Kuma instance, need to setup
2021-07-10 22:47:57 -07:00
if ((await R.count("user")) === 0) {
console.log("No user, need setup");
2021-07-10 22:47:57 -07:00
needSetup = true;
}
2021-06-25 06:55:49 -07:00
jwtSecret = jwtSecretBean.value;
}
async function startMonitor(userID, monitorID) {
await checkOwner(userID, monitorID);
2021-06-25 06:55:49 -07:00
console.log(`Resume Monitor: ${monitorID} User ID: ${userID}`);
2021-06-25 06:55:49 -07:00
await R.exec("UPDATE monitor SET active = 1 WHERE id = ? AND user_id = ? ", [
monitorID,
2021-07-27 10:47:13 -07:00
userID,
2021-06-25 06:55:49 -07:00
]);
let monitor = await R.findOne("monitor", " id = ? ", [
2021-07-27 10:47:13 -07:00
monitorID,
]);
2021-06-25 06:55:49 -07:00
2021-06-27 01:10:55 -07:00
if (monitor.id in monitorList) {
monitorList[monitor.id].stop();
}
2021-06-25 06:55:49 -07:00
monitorList[monitor.id] = monitor;
monitor.start(io);
2021-06-25 06:55:49 -07:00
}
2021-06-27 01:10:55 -07:00
async function restartMonitor(userID, monitorID) {
return await startMonitor(userID, monitorID);
2021-06-27 01:10:55 -07:00
}
2021-06-25 06:55:49 -07:00
async function pauseMonitor(userID, monitorID) {
await checkOwner(userID, monitorID);
2021-06-25 06:55:49 -07:00
console.log(`Pause Monitor: ${monitorID} User ID: ${userID}`);
2021-06-25 06:55:49 -07:00
await R.exec("UPDATE monitor SET active = 0 WHERE id = ? AND user_id = ? ", [
monitorID,
2021-07-27 10:47:13 -07:00
userID,
2021-06-25 06:55:49 -07:00
]);
if (monitorID in monitorList) {
monitorList[monitorID].stop();
}
}
/**
* Resume active monitors
*/
async function startMonitors() {
let list = await R.find("monitor", " active = 1 ");
2021-06-25 06:55:49 -07:00
for (let monitor of list) {
monitorList[monitor.id] = monitor;
}
for (let monitor of list) {
monitor.start(io);
// Give some delays, so all monitors won't make request at the same moment when just start the server.
await sleep(getRandomInt(300, 1000));
2021-06-25 06:55:49 -07:00
}
}
2021-07-15 10:44:51 -07:00
async function shutdownFunction(signal) {
2021-07-28 05:35:55 -07:00
console.log("Shutdown requested");
2021-07-27 10:47:13 -07:00
console.log("Called signal: " + signal);
2021-07-15 10:44:51 -07:00
console.log("Stopping all monitors");
2021-07-15 10:44:51 -07:00
for (let id in monitorList) {
let monitor = monitorList[id];
monitor.stop();
2021-07-15 10:44:51 -07:00
}
2021-07-21 11:02:35 -07:00
await sleep(2000);
await Database.close();
2021-07-15 10:44:51 -07:00
}
function finalFunction() {
2021-10-18 13:35:47 -07:00
console.log("Graceful shutdown successful!");
2021-07-15 10:44:51 -07:00
}
gracefulShutdown(server, {
2021-07-27 10:47:13 -07:00
signals: "SIGINT SIGTERM",
2021-07-15 10:44:51 -07:00
timeout: 30000, // timeout: 30 secs
development: false, // not in dev mode
forceExit: true, // triggers process.exit() at the end of shutdown process
onShutdown: shutdownFunction, // shutdown function (async) - e.g. for cleanup DB, ...
2021-07-27 10:47:13 -07:00
finally: finalFunction, // finally function (sync) - e.g. for logging
2021-07-15 10:44:51 -07:00
});
2021-08-17 00:32:34 -07:00
// Catch unexpected errors here
process.addListener("unhandledRejection", (error, promise) => {
console.trace(error);
console.error("If you keep encountering errors, please report to https://github.com/louislam/uptime-kuma/issues");
});