You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
offline-octopus/index.js

384 lines
13 KiB

const fs = require("fs");
const http = require("http");
const https = require("https");
2 years ago
const path = require("path");
const {execSync} = require('child_process');
const express = require("express"); // could be good to replace with code, no dep
// express does not seem architecture dependant thus copying node_modules sufficed for now
// (worked at least on RPi, Deck, Quest and x64 machines)
2 years ago
// Get port or default to 8082
2 years ago
const port = process.env.PORT || 8082;
const protocol = 'https'
const subclass = '192.168.4.'
2 years ago
const publicKeyPath = path.resolve(process.env.HOME,'.ssh','id_rsa_offlineoctopus.pub')
const publicKey = fs.readFileSync(publicKeyPath).toString().split(' ')[1]
2 years ago
const md5fromPub = fs.readFileSync( path.resolve(__dirname, ".keyfrommd5")).toString().replace('\n','')
process.title = 'offtopus' // offline-octopus seems too long
const filename = 'editor.html'
const fileSaveFullPath = path.join(__dirname,'examples', filename)
const minfilename = 'editor.html.minimal'
const minfileSaveFullPath = path.join(__dirname,'examples', minfilename)
const sshconfigpath = path.resolve(process.env.HOME,'.ssh','config')
const propath = path.resolve(process.env.HOME,'Prototypes')
// does not apply in a P2P fashion, must rely on local configuration here config.json
let localServices = [ ]
const configFilePath = path.resolve(__dirname, "config.json")
if (fs.existsSync( configFilePath ) ){
const configurationFromFile = JSON.parse( fs.readFileSync( configFilePath ).toString() )
localServices = configurationFromFile
}
// note that this is crucial to populate properly as this is what allow recombination
/* e.g on quest
spascanodesecure https localhost 7778 /engine/
requires CORS to fetch here
fetch('https://192.168.4.3:8082/available')
.then( r => r.json() )
.then( r => { if (r) addNewNote( 'available' ) } )
gitea http localhost 3000 /
pmwiki http localhost 4000 /pmwiki.php
sshd see quest in ssh config, specific user and port
*/
const utilsCmd = { // security risk but for now not accepting user input so safer
//'update' : { desc: 'note that will lose the state, e.g foundpeers', cmd: 'killall '+process.title+' && ' },
// should first download the new version and proceed only if new
// e.g git clone deck@localhost:~/Prototypes/offline-octopus/
// should see /sshconfig
// tried git instaweb but unable without lighttpd/apache
// would probably be problematic with https anyway
// ideally all handles within node
'shutdown' : { cmd: 'shutdown -h now' }, // not available everywhere, e.g unrooted Quest
'listprototypes': { cmd: 'ls', context: {cwd: propath},
format: res => res.toString().split('\n')
},
//'npmfind' : { desc: 'package manager finder', cmd: 'find . -wholename "*node_modules/acorn"' },
// security risk if relying on user provided name, e.g replacing acorn by user input
// example that could be generalized to other package managers e.g .deb or opkg
}
// could be interesting to consider also recent containers and ~/.bashrc for services
2 years ago
const instructions = `
/home/deck/.ssh/
trusted context, i.e on closed WiFi and over https with bearer authorization
/home/deck/.ssh/config
limit to known IP subclass e.g cat .ssh/config | grep 192.168.4. -C 3
see /sshconfig
could also re-add new entries rather than extend the format
2 years ago
/home/deck/server.locatedb
seems to be plain text with metadata
2 years ago
/home/deck/desktop.plocate.db
seems to be a specific format, binary or maybe compressed
both should be queriable via http with json output
2 years ago
ssh remarkable2 to get drawing preview
2 years ago
conversion should be done, if necessary, on device
not feasible right now without toltec to get opkg to get node
for typed text
cat 43*.rm | sed "s/[^a-zA-z0-9 ]//g" | sed "s/[OT,EC]//g"
2 years ago
util functions
modify WiFi parameters, including AP if available
shutdown/reboot
`
const auth_instructions = `generate md5 from pub offline-octopus then provide as bearer query param`
// Setup and configure Express http server.
const app = express();
app.use(express.static(path.resolve(__dirname, ".", "examples")));
// CORS
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.get('/', (req, res) => {
res.send( instructions )
})
app.get('/authtestviaheader', (req, res) => {
if (req.header('authorization') != 'Bearer '+md5fromPub){ res.sendStatus(401); return; }
res.sendStatus(200)
// fetch('/authtestviaheader', {headers: {'authorization': 'Bearer '+ bearer}}).then(r=>r.text()).then(t=>console.log(t))
// prevents from showing in browser history but also makes testing slightly harder
// consider next() for middleware instead of copy/pasting this line
})
app.get('/authtest', (req, res) => {
if (req.query?.bearer != md5fromPub){ res.send( auth_instructions); return; }
// relying on this line for each specific route
// this is NOT authentification proper, even less secure
// this is done ONLY to avoid mistakes on a secure LAN
res.json( {msg: "success"} )
})
app.get('/pwa', (req, res) => {
// for offline use on mobile or VR headset
// should try to sync back when devices connect back
// same when itself connects back to (Internet) own server e.g benetou.fr
// can be cascading or federatede or properly P2P
// responsive programming also, not "just" design
res.redirect('pwa/index.html')
// see also /editor
})
let resultFromLastGlobalCmd = {}
app.get('/allpeers/exec', (req, res) => {
if (req.query?.bearer != md5fromPub){ res.send( auth_instructions); return; }
if (!req.query.cmdName){
res.json(utilsCmd)
} else {
foundPeers.map( i => {
let url=protocol+'://'+subclass+i+':'+port
+'/exec?cmdName='+req.query.cmdName
+'&bearer='+req.query.bearer
let opt={rejectUnauthorized: false}
https.get(url, opt, res => {
// to simplify with fetch and promises
let data = '';
res.on('data', chunk => {
data += chunk;
});
res.on('end', () => {
console.log('data', url, data)
data = JSON.parse(data);
resultFromLastGlobalCmd[url] = data
})
}).on('error', err => {
console.log(err.message);
}).end()
})
res.json( {msg: 'started'} ) // could redirect('/all/result') instead after a timeout
}
})
app.get('/allpeers/result', (req, res) => {
res.json( resultFromLastGlobalCmd )
})
app.get('/exec', (req, res) => {
if (req.query?.bearer != md5fromPub){ res.send( auth_instructions); return; }
if (!req.query.cmdName){
res.json(utilsCmd)
} else {
res.json( execConfiguredCommand(req.query.cmdName) )
}
})
function execConfiguredCommand(cmdName){
let resultFromExecution = execSync(utilsCmd[cmdName].cmd, utilsCmd[cmdName].context)
let formatter = utilsCmd[cmdName].format
if (formatter) resultFromExecution = formatter(resultFromExecution)
return resultFromExecution
}
// app.get('/interface/register', (req, res) => {
// consider uinput to access devices proper, e.g physical keyboard
// could be use for e.g reMarkable2, Quest2, etc with specifically accepted or prefered formats
// app.get('/interface/unregister', (req, res) => {
app.get('/services', (req, res) => {
// should be updated via register/unregister
res.json( localServices )
})
app.get('/services/register', (req, res) => {
// see localServices to load and save in configFilePath
res.json( {msg: 'not yet implemented'})
// example {name:'hmdlink', desc:'share URL between local devices', protocol:'http', port:8082, path: '/hmdlink', url:'http://192.168.4.3:8082/hmdlink'},
2 years ago
})
app.get('/services/unregister', (req, res) => {
res.json( {msg: 'not yet implemented'})
})
app.get('/updates', (req, res) => {
// see utilsCmd['update']
// could rely on a git reachable by all peers
// this might be feasible from this very https server as read-only
// surely feasible via ssh
// could killall offtopus first then pull then restart detached
res.json( {msg: 'not yet implemented'})
})
app.get('/recentfiles', (req, res) => {
// e.g lsof | grep home | grep vim | grep -v firefox
// or history | grep vi
// should be available after (ideally local) conversion if needed, e.g rm -> .svg on reMarkable
res.json( {msg: 'not yet implemented'})
})
let dynURL = 'https://192.168.4.1/offline.html'
app.get('/hmdlink/set', (req, res) => { // could be a PUT instead
// e.g http://192.168.4.3:8082/hmdlink/set?url=http://192.168.4.3:8082/114df5f8-3921-42f0-81e7-48731b563571.thumbnails/f07120ba-0ca1-429d-869f-c704a52b7aa3.png
dynURL = req.query.url
res.redirect( dynURL )
})
2 years ago
app.get('/hmdlink', (req, res) => {
res.redirect( dynURL )
2 years ago
})
app.get('/webxr', (req, res) => {
res.redirect( '/local-metaverse-tooling/local-aframe-test.html' )
2 years ago
})
// user for /scan to populate foundPeers
app.get('/available', (req, res) => {
res.json( true )
})
app.get('/foundpeers', (req, res) => {
res.json( foundPeers )
})
let foundPeers = []
app.get('/scan', (req, res) => {
scanpeers()
res.json( {msg: 'started'} ) // could redirect('/foundpeers') too after a timeout
})
function scanpeers(){
foundPeers = []
for (let i=1;i<25;i++){ // async so blasting, gives very quick result for positives
let url=protocol+'://'+subclass+i+':'+port+'/available'
let opt={rejectUnauthorized: false}
https.get(url, opt, res => {
let data = '';
res.on('data', chunk => {
data += chunk;
});
res.on('end', () => {
data = JSON.parse(data);
foundPeers.push(i)
// could also register there and then
})
}).on('error', err => {
//console.log(err.message); usually ECONNREFUSED or EHOSTUNREACH
}).end()
}
}
app.get('/sshconfig', (req, res) => {
res.json( getSshConfig() )
// should filter on foundPeers to avoid offline peers
2 years ago
})
// note that stopping this process removes the mounts
function mountAll(){
getSshConfig().map( l => {
let cs = 'sshfs ' + l.name + ':'
if (l.custom)
cs+= l.custom
else
cs+='/home/'+l.user
return cs + ' ' + path.resolve(__dirname, "sshfsmounts", l.name)
} )
.map( l => execSync(l))
}
function getSshConfig(){
let txt = fs.readFileSync(sshconfigpath).toString()
return txt.split('Host ')
.filter( m => m.match(subclass) )
.map( c => {
let all = c.replaceAll(' ','')
.split('\n')
let p = all
.filter(i=>i.match(/^[a-zA-Z]/));
let custom = all
.filter(i=>i.match(/^#Dir /))[0]
?.split(' ')[1]
// custom ~/.ssh/config parameter as comment
// user here for home directory in termux
let user = p.filter(pm=>pm.match('User '))[0].replace('User ','')
let hostname = p.filter(pm=>pm.match('HostName'))[0].replace('HostName ','')
let connectionString = user + '@' + hostname
let port = p.filter(pm=>pm.match('Port'))[0]?.replace('Port ','')
if (port) connectionString += ':' + port
return {name: p[0], user, connectionString, custom}
})
}
/*
e.g AFTER mounting
f.readdirSync('./sshfsmounts/').map( d=>f.readdirSync('./sshfsmounts/'+d) )
location : /home/deck/Prototypes/offline-octopus/sshfsmounts
sshfs remarkable2:/home/root/xochitl-data/ remarkable2/
works if available
sshfs fabien@192.168.4.1:/home/fabien/ rpi0/
still prompts for password, need manual login
ls rpi0/
ls remarkable2/
must be done after passwordless login, i.e after ssh-copy-id
made a dedicated key : /home/deck/.ssh/id_rsa_offlineoctopus
easier to revoke if need be
*/
app.get('/localprototypes', (req, res) => {
// examples to disentangle own work for cloned existing repositories :
// find Prototypes/ -iwholename */.git/config | xargs grep git.benetou.fr
// find ~/Prototypes/ -depth -maxdepth 4 -wholename "*/.git/config" | xargs grep -l git.benetou.fr | sed "s|.*Prototypes/\(.*\)/.git/config|\1|"
res.json( execConfiguredCommand('listprototypes') )
})
app.get('/editor/recover', (req, res) => {
// could move the previous file with time stamp
fs.copyFileSync(minfileSaveFullPath, fileSaveFullPath )
res.json( {msg: 'copied'} )
})
/*
* example of finding past local solution, here shiki for syntax highlighting
*
(deck@steamdeck serverhome)$ find . -iname shiki
./fabien/web/future_of_text_demo/content/shiki
(deck@steamdeck serverhome)$ ls ./fabien/web/future_of_text_demo/content/shiki/dist/
onig.wasm
see syntax-highlighting branch in SpaSca git repository
in /home/deck/serverhome/fabien/web/future_of_text_demo/engine/
*/
app.get('/editor/read', (req, res) => {
content = fs.readFileSync(fileSaveFullPath ).toString()
res.json( {msg: content} )
})
app.get('/editor/save', (req, res) => {
let content = req.query.content // does not escape, loses newlines
if (!content){
res.json( {msg: 'missing content'} )
} else {
console.log('writting', content)
fs.writeFileSync(fileSaveFullPath, content)
res.json( {msg: 'written to '+fileSaveFullPath} )
}
})
const privateKey = fs.readFileSync("naf-key.pem", "utf8");
const certificate = fs.readFileSync("naf.pem", "utf8");
const credentials = { key: privateKey, cert: certificate };
2 years ago
const webServer = https.createServer(credentials, app);
2 years ago
// Start Express http server
// const webServer = http.createServer(app);
2 years ago
// Listen on port
webServer.listen(port, () => {
console.log("listening on "+protocol+"://localhost:" + port);
2 years ago
});