From 24e533f2623ac6ebbdac92efa9c08b6092c59daf Mon Sep 17 00:00:00 2001
From: Quentin Dufour <quentin@deuxfleurs.fr>
Date: Tue, 8 Aug 2023 11:05:42 +0200
Subject: support {s3,web}.root_domains in /check endpoint

---
 src/api/admin/api_server.rs | 47 ++++++++++++++++++++++++++++++++++++---------
 1 file changed, 38 insertions(+), 9 deletions(-)

(limited to 'src/api/admin/api_server.rs')

diff --git a/src/api/admin/api_server.rs b/src/api/admin/api_server.rs
index b0dfdfb7..8bf467dc 100644
--- a/src/api/admin/api_server.rs
+++ b/src/api/admin/api_server.rs
@@ -26,6 +26,7 @@ use crate::admin::cluster::*;
 use crate::admin::error::*;
 use crate::admin::key::*;
 use crate::admin::router::{Authorization, Endpoint};
+use crate::helpers::host_to_bucket;
 
 pub struct AdminApiServer {
 	garage: Arc<Garage>,
@@ -78,10 +79,7 @@ impl AdminApiServer {
 			.body(Body::empty())?)
 	}
 
-	async fn handle_check_website_enabled(
-		&self,
-		req: Request<Body>,
-	) -> Result<Response<Body>, Error> {
+	async fn handle_check_domain(&self, req: Request<Body>) -> Result<Response<Body>, Error> {
 		let query_params: HashMap<String, String> = req
 			.uri()
 			.query()
@@ -102,12 +100,43 @@ impl AdminApiServer {
 			.get("domain")
 			.ok_or_internal_error("Could not parse domain query string")?;
 
+		// Resolve bucket from domain name, inferring if the website must be activated for the
+		// domain to be valid.
+		let (bucket_name, must_check_website) = if let Some(bname) = self
+			.garage
+			.config
+			.s3_api
+			.root_domain
+			.as_ref()
+			.and_then(|rd| host_to_bucket(domain, rd))
+		{
+			(bname.to_string(), false)
+		} else if let Some(bname) = self
+			.garage
+			.config
+			.s3_web
+			.as_ref()
+			.and_then(|sw| host_to_bucket(domain, sw.root_domain.as_str()))
+		{
+			(bname.to_string(), true)
+		} else {
+			(domain.to_string(), true)
+		};
+
 		let bucket_id = self
 			.garage
 			.bucket_helper()
-			.resolve_global_bucket_name(domain)
+			.resolve_global_bucket_name(&bucket_name)
 			.await?
-			.ok_or(HelperError::NoSuchBucket(domain.to_string()))?;
+			.ok_or(HelperError::NoSuchBucket(bucket_name.to_string()))?;
+
+		if !must_check_website {
+			return Ok(Response::builder()
+				.status(StatusCode::OK)
+				.body(Body::from(format!(
+					"Domain '{domain}' is managed by Garage"
+				)))?);
+		}
 
 		let bucket = self
 			.garage
@@ -123,11 +152,11 @@ impl AdminApiServer {
 				Ok(Response::builder()
 					.status(StatusCode::OK)
 					.body(Body::from(format!(
-						"Bucket '{domain}' is authorized for website hosting"
+						"Domain '{domain}' is managed by Garage"
 					)))?)
 			}
 			None => Err(Error::bad_request(format!(
-				"Bucket '{domain}' is not authorized for website hosting"
+				"Domain '{domain}' is not managed by Garage"
 			))),
 		}
 	}
@@ -229,7 +258,7 @@ impl ApiHandler for AdminApiServer {
 
 		match endpoint {
 			Endpoint::Options => self.handle_options(&req),
-			Endpoint::CheckWebsiteEnabled => self.handle_check_website_enabled(req).await,
+			Endpoint::CheckDomain => self.handle_check_domain(req).await,
 			Endpoint::Health => self.handle_health(),
 			Endpoint::Metrics => self.handle_metrics(),
 			Endpoint::GetClusterStatus => handle_get_cluster_status(&self.garage).await,
-- 
cgit v1.2.3


From 9b4ce4a8ad645a012d5bd31d4d588cb7c3962b1a Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Mon, 28 Aug 2023 12:16:44 +0200
Subject: admin api: refactor caddy check api code

---
 src/api/admin/api_server.rs | 39 ++++++++++++++++++++++-----------------
 1 file changed, 22 insertions(+), 17 deletions(-)

(limited to 'src/api/admin/api_server.rs')

diff --git a/src/api/admin/api_server.rs b/src/api/admin/api_server.rs
index 8bf467dc..50c79120 100644
--- a/src/api/admin/api_server.rs
+++ b/src/api/admin/api_server.rs
@@ -100,6 +100,20 @@ impl AdminApiServer {
 			.get("domain")
 			.ok_or_internal_error("Could not parse domain query string")?;
 
+		if self.check_domain(domain).await? {
+			Ok(Response::builder()
+				.status(StatusCode::OK)
+				.body(Body::from(format!(
+					"Domain '{domain}' is managed by Garage"
+				)))?)
+		} else {
+			Err(Error::bad_request(format!(
+				"Domain '{domain}' is not managed by Garage"
+			)))
+		}
+	}
+
+	async fn check_domain(&self, domain: &str) -> Result<bool, Error> {
 		// Resolve bucket from domain name, inferring if the website must be activated for the
 		// domain to be valid.
 		let (bucket_name, must_check_website) = if let Some(bname) = self
@@ -123,19 +137,18 @@ impl AdminApiServer {
 			(domain.to_string(), true)
 		};
 
-		let bucket_id = self
+		let bucket_id = match self
 			.garage
 			.bucket_helper()
 			.resolve_global_bucket_name(&bucket_name)
 			.await?
-			.ok_or(HelperError::NoSuchBucket(bucket_name.to_string()))?;
+		{
+			Some(bucket_id) => bucket_id,
+			None => return Ok(false),
+		};
 
 		if !must_check_website {
-			return Ok(Response::builder()
-				.status(StatusCode::OK)
-				.body(Body::from(format!(
-					"Domain '{domain}' is managed by Garage"
-				)))?);
+			return Ok(true);
 		}
 
 		let bucket = self
@@ -148,16 +161,8 @@ impl AdminApiServer {
 		let bucket_website_config = bucket_state.website_config.get();
 
 		match bucket_website_config {
-			Some(_v) => {
-				Ok(Response::builder()
-					.status(StatusCode::OK)
-					.body(Body::from(format!(
-						"Domain '{domain}' is managed by Garage"
-					)))?)
-			}
-			None => Err(Error::bad_request(format!(
-				"Domain '{domain}' is not managed by Garage"
-			))),
+			Some(_v) => Ok(true),
+			None => Ok(false),
 		}
 	}
 
-- 
cgit v1.2.3