merge branch 'feat484-external-endpoints' into release-1.11.4

2025-08-05 05:45:22 +02:00 · 2017-03-03 12:35:54 +01:00 · 2017-03-03 12:35:54 +01:00 · 2232adbd8b
commit 2232adbd8b
parent 0f81ad5654 a78758123b
13 changed files with 519 additions and 103 deletions
--- a/api/cmd/portainer/main.go
+++ b/api/cmd/portainer/main.go
@ -4,6 +4,7 @@ import (
 	"github.com/portainer/portainer"
 	"github.com/portainer/portainer/bolt"
 	"github.com/portainer/portainer/cli"
+	"github.com/portainer/portainer/cron"
 	"github.com/portainer/portainer/crypto"
 	"github.com/portainer/portainer/file"
 	"github.com/portainer/portainer/http"
@ -12,7 +13,7 @@ import (
 	"log"
 )

-func main() {
+func initCLI() *portainer.CLIFlags {
 	var cli portainer.CLIService = &cli.Service{}
 	flags, err := cli.ParseFlags(portainer.APIVersion)
 	if err != nil {
@ -23,41 +24,76 @@ func main() {
 	if err != nil {
 		log.Fatal(err)
 	}
+	return flags
+}

-	settings := &portainer.Settings{
-		HiddenLabels:   *flags.Labels,
-		Logo:           *flags.Logo,
-		Authentication: !*flags.NoAuth,
-	}
-
-	fileService, err := file.NewService(*flags.Data, "")
+func initFileService(dataStorePath string) portainer.FileService {
+	fileService, err := file.NewService(dataStorePath, "")
 	if err != nil {
 		log.Fatal(err)
 	}
+	return fileService
+}

-	var store = bolt.NewStore(*flags.Data)
-	err = store.Open()
+func initStore(dataStorePath string) *bolt.Store {
+	var store = bolt.NewStore(dataStorePath)
+	err := store.Open()
 	if err != nil {
 		log.Fatal(err)
 	}
-	defer store.Close()
+	return store
+}

-	var jwtService portainer.JWTService
-	if !*flags.NoAuth {
-		jwtService, err = jwt.NewService()
+func initJWTService(authenticationEnabled bool) portainer.JWTService {
+	if authenticationEnabled {
+		jwtService, err := jwt.NewService()
+		if err != nil {
+			log.Fatal(err)
+		}
+		return jwtService
+	}
+	return nil
+}
+
+func initCryptoService() portainer.CryptoService {
+	return &crypto.Service{}
+}
+
+func initEndpointWatcher(endpointService portainer.EndpointService, externalEnpointFile string, syncInterval string) bool {
+	authorizeEndpointMgmt := true
+	if externalEnpointFile != "" {
+		authorizeEndpointMgmt = false
+		log.Println("Using external endpoint definition. Endpoint management via the API will be disabled.")
+		endpointWatcher := cron.NewWatcher(endpointService, syncInterval)
+		err := endpointWatcher.WatchEndpointFile(externalEnpointFile)
 		if err != nil {
 			log.Fatal(err)
 		}
 	}
+	return authorizeEndpointMgmt
+}

-	var cryptoService portainer.CryptoService = &crypto.Service{}
+func initSettings(authorizeEndpointMgmt bool, flags *portainer.CLIFlags) *portainer.Settings {
+	return &portainer.Settings{
+		HiddenLabels:       *flags.Labels,
+		Logo:               *flags.Logo,
+		Authentication:     !*flags.NoAuth,
+		EndpointManagement: authorizeEndpointMgmt,
+	}
+}

-	// Initialize the active endpoint from the CLI only if there is no
-	// active endpoint defined yet.
-	var activeEndpoint *portainer.Endpoint
-	if *flags.Endpoint != "" {
-		activeEndpoint, err = store.EndpointService.GetActive()
-		if err == portainer.ErrEndpointNotFound {
+func retrieveFirstEndpointFromDatabase(endpointService portainer.EndpointService) *portainer.Endpoint {
+	endpoints, err := endpointService.Endpoints()
+	if err != nil {
+		log.Fatal(err)
+	}
+	return &endpoints[0]
+}
+
+func initActiveEndpoint(endpointService portainer.EndpointService, flags *portainer.CLIFlags) *portainer.Endpoint {
+	activeEndpoint, err := endpointService.GetActive()
+	if err == portainer.ErrEndpointNotFound {
+		if *flags.Endpoint != "" {
 			activeEndpoint = &portainer.Endpoint{
 				Name:          "primary",
 				URL:           *flags.Endpoint,
@ -66,31 +102,54 @@ func main() {
 				TLSCertPath:   *flags.TLSCert,
 				TLSKeyPath:    *flags.TLSKey,
 			}
-			err = store.EndpointService.CreateEndpoint(activeEndpoint)
+			err = endpointService.CreateEndpoint(activeEndpoint)
 			if err != nil {
 				log.Fatal(err)
 			}
-		} else if err != nil {
-			log.Fatal(err)
+		} else if *flags.ExternalEndpoints != "" {
+			activeEndpoint = retrieveFirstEndpointFromDatabase(endpointService)
 		}
+	} else if err != nil {
+		log.Fatal(err)
 	}
+	return activeEndpoint
+}
+
+func main() {
+	flags := initCLI()
+
+	fileService := initFileService(*flags.Data)
+
+	store := initStore(*flags.Data)
+	defer store.Close()
+
+	jwtService := initJWTService(!*flags.NoAuth)
+
+	cryptoService := initCryptoService()
+
+	authorizeEndpointMgmt := initEndpointWatcher(store.EndpointService, *flags.ExternalEndpoints, *flags.SyncInterval)
+
+	settings := initSettings(authorizeEndpointMgmt, flags)
+
+	activeEndpoint := initActiveEndpoint(store.EndpointService, flags)

 	var server portainer.Server = &http.Server{
-		BindAddress:     *flags.Addr,
-		AssetsPath:      *flags.Assets,
-		Settings:        settings,
-		TemplatesURL:    *flags.Templates,
-		AuthDisabled:    *flags.NoAuth,
-		UserService:     store.UserService,
-		EndpointService: store.EndpointService,
-		CryptoService:   cryptoService,
-		JWTService:      jwtService,
-		FileService:     fileService,
-		ActiveEndpoint:  activeEndpoint,
+		BindAddress:        *flags.Addr,
+		AssetsPath:         *flags.Assets,
+		Settings:           settings,
+		TemplatesURL:       *flags.Templates,
+		AuthDisabled:       *flags.NoAuth,
+		EndpointManagement: authorizeEndpointMgmt,
+		UserService:        store.UserService,
+		EndpointService:    store.EndpointService,
+		CryptoService:      cryptoService,
+		JWTService:         jwtService,
+		FileService:        fileService,
+		ActiveEndpoint:     activeEndpoint,
 	}

 	log.Printf("Starting Portainer on %s", *flags.Addr)
-	err = server.Start()
+	err := server.Start()
 	if err != nil {
 		log.Fatal(err)
 	}