From 882cfa700bc76ff8a24e2c5b71d9b04a08147ff8 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Wed, 6 Jan 2021 16:58:29 +0000
Subject: [PATCH] Updating worker to support using a self host key, a basic
 level of security, stopping builder from asking for API key if currently
 configured for self hosting, made the default values for self hosting make
 sense for a basic local installation, this should be final.

---
 hosting/docker-compose.yaml                   |  8 ++--
 hosting/envoy.yaml                            |  2 +-
 hosting/hosting.properties                    | 23 +++++++++---
 hosting/start.sh                              |  2 +-
 .../start/BuilderSettingsModal.svelte         | 29 +++++++++++----
 .../components/start/CreateAppModal.svelte    | 30 +++++++++------
 .../src/api/controllers/deploy/index.js       |  5 ++-
 .../src/api/controllers/deploy/selfDeploy.js  | 37 +++++++++++--------
 .../src/api/controllers/deploy/utils.js       |  3 +-
 .../server/src/api/controllers/hosting.js     | 16 +++++---
 .../src/api/controllers/static/index.js       |  2 +-
 packages/server/src/environment.js            |  2 +-
 .../server/src/utilities/builder/hosting.js   | 10 ++++-
 packages/worker/src/api/controllers/deploy.js | 21 ++++++-----
 packages/worker/src/environment.js            |  1 +
 packages/worker/src/middleware/check-key.js   |  9 ++++-
 16 files changed, 133 insertions(+), 67 deletions(-)

diff --git a/hosting/docker-compose.yaml b/hosting/docker-compose.yaml
index cf86d3cd98..cfdbc48e5f 100644
--- a/hosting/docker-compose.yaml
+++ b/hosting/docker-compose.yaml
@@ -14,8 +14,8 @@ services:
       LOGO_URL: ${LOGO_URL}
       PORT: 4002
       HOSTING_URL: ${HOSTING_URL}
-      MINIO_PORT: ${MINIO_PORT}
       JWT_SECRET: ${JWT_SECRET}
+      PROXY_PORT: ${MAIN_PORT}
     depends_on:
       - worker-service
 
@@ -33,6 +33,7 @@ services:
       COUCH_DB_USERNAME: ${COUCH_DB_USER}
       COUCH_DB_PASSWORD: ${COUCH_DB_PASSWORD}
       RAW_COUCH_DB_URL: http://couchdb-service:5984
+      SELF_HOST_KEY: ${HOSTING_KEY}
     depends_on:
       - minio-service
       - couch-init
@@ -40,7 +41,7 @@ services:
   minio-service:
     image: minio/minio
     volumes:
-      - data1:/data
+      - minio_data:/data
     ports:
       - "${MINIO_PORT}:9000"
     environment:
@@ -89,4 +90,5 @@ services:
 volumes:
   couchdb_data:
     driver: local
-  data1:
+  minio_data:
+    driver: local
diff --git a/hosting/envoy.yaml b/hosting/envoy.yaml
index a6b110428e..4e0e233430 100644
--- a/hosting/envoy.yaml
+++ b/hosting/envoy.yaml
@@ -33,8 +33,8 @@ static_resources:
 
               - match: { prefix: "/db/" }
                 route:
-                  prefix_rewrite: "/" 
                   cluster: couchdb-service
+                  prefix_rewrite: "/"
 
               # minio is on the default route because this works
               # best, minio + AWS SDK doesn't handle path proxy
diff --git a/hosting/hosting.properties b/hosting/hosting.properties
index 4f57f0278d..5907d62819 100644
--- a/hosting/hosting.properties
+++ b/hosting/hosting.properties
@@ -1,14 +1,27 @@
+# Use the main port in the builder for your self hosting URL, e.g. localhost:10000
+MAIN_PORT=10000
+
+# Use this password when configuring your self hosting settings
+# This should be updated
+HOSTING_KEY=budibase
+
+# This section contains customisation options
+HOSTING_URL=http://localhost
+LOGO_URL=https://logoipsum.com/logo/logo-15.svg
+HOSTING_URL=http://localhost
+
+# This section contains all secrets pertaining to the system
+# These should be updated
+JWT_SECRET=testsecret
 MINIO_ACCESS_KEY=budibase
 MINIO_SECRET_KEY=budibase
 COUCH_DB_PASSWORD=budibase
 COUCH_DB_USER=budibase
 WORKER_API_KEY=budibase
-BUDIBASE_ENVIRONMENT=PRODUCTION
-HOSTING_URL=http://localhost
-LOGO_URL=https://logoipsum.com/logo/logo-15.svg
-MAIN_PORT=10000
+
+# This section contains variables that do not need to be altered under normal circumstances
 APP_PORT=4002
 WORKER_PORT=4003
 MINIO_PORT=4004
 COUCH_DB_PORT=4005
-JWT_SECRET=testsecret
+BUDIBASE_ENVIRONMENT=PRODUCTION
diff --git a/hosting/start.sh b/hosting/start.sh
index b32098a3b7..803db51eda 100755
--- a/hosting/start.sh
+++ b/hosting/start.sh
@@ -1,2 +1,2 @@
 #!/bin/bash
-docker-compose --env-file hosting.properties up
+docker-compose --env-file hosting.properties up --build
diff --git a/packages/builder/src/components/start/BuilderSettingsModal.svelte b/packages/builder/src/components/start/BuilderSettingsModal.svelte
index 6ddad0c787..0199069f73 100644
--- a/packages/builder/src/components/start/BuilderSettingsModal.svelte
+++ b/packages/builder/src/components/start/BuilderSettingsModal.svelte
@@ -6,14 +6,18 @@
   import analytics from "analytics"
   import { onMount } from "svelte"
 
-  let selfhosted = false
   let hostingInfo
+  let selfhosted = false
 
   async function save() {
-    if (!selfhosted) {
-      return
-    }
     hostingInfo.type = selfhosted ? "self" : "cloud"
+    if (!selfhosted && hostingInfo._rev) {
+      hostingInfo = {
+        type: hostingInfo.type,
+        _id: hostingInfo._id,
+        _rev: hostingInfo._rev,
+      }
+    }
     try {
       await hostingStore.actions.save(hostingInfo)
       notifier.success(`Settings saved.`)
@@ -22,6 +26,15 @@
     }
   }
 
+  function updateSelfHosting(event) {
+
+    if (hostingInfo.type === "cloud" && event.target.checked) {
+      hostingInfo.hostingUrl = "localhost:10000"
+      hostingInfo.useHttps = false
+      hostingInfo.selfHostKey = "budibase"
+    }
+  }
+
   onMount(async () => {
     hostingInfo = await hostingStore.actions.fetch()
     selfhosted = hostingInfo.type === "self"
@@ -31,8 +44,7 @@
 <ModalContent
   title="Builder settings"
   confirmText="Save"
-  onConfirm={save}
-  showConfirmButton={selfhosted}>
+  onConfirm={save}>
   <h5>Theme</h5>
   <ThemeEditor />
   <h5>Hosting</h5>
@@ -40,9 +52,10 @@
     This section contains settings that relate to the deployment and hosting of
     apps made in this builder.
   </p>
-  <Toggle thin text="Self hosted" bind:checked={selfhosted} />
+  <Toggle thin text="Self hosted" on:change={updateSelfHosting} bind:checked={selfhosted} />
   {#if selfhosted}
-    <Input bind:value={hostingInfo.hostingUrl} label="Apps URL" />
+    <Input bind:value={hostingInfo.hostingUrl} label="Hosting URL" />
+    <Input bind:value={hostingInfo.selfHostKey} label="Hosting Key" />
     <Toggle thin text="HTTPS" bind:checked={hostingInfo.useHttps} />
   {/if}
 </ModalContent>
diff --git a/packages/builder/src/components/start/CreateAppModal.svelte b/packages/builder/src/components/start/CreateAppModal.svelte
index b88397b6c4..39ca5032a4 100644
--- a/packages/builder/src/components/start/CreateAppModal.svelte
+++ b/packages/builder/src/components/start/CreateAppModal.svelte
@@ -1,6 +1,6 @@
 <script>
   import { writable } from "svelte/store"
-  import { store, automationStore, backendUiStore } from "builderStore"
+  import { store, automationStore, backendUiStore, hostingStore } from "builderStore"
   import { string, object } from "yup"
   import api, { get } from "builderStore/api"
   import Form from "@svelteschool/svelte-forms"
@@ -12,6 +12,7 @@
   import { fade } from "svelte/transition"
   import { post } from "builderStore/api"
   import analytics from "analytics"
+  import {onMount} from "svelte"
 
   //Move this to context="module" once svelte-forms is updated so that it can bind to stores correctly
   const createAppStore = writable({ currentStep: 0, values: {} })
@@ -62,20 +63,27 @@
     },
   ]
 
-  let steps = [
-    {
-      component: API,
-      errors,
-    },
-    {
+  let steps = []
+
+  onMount(async () => {
+    let hostingInfo = await hostingStore.actions.fetch()
+    steps = []
+    // only validate API key for Cloud
+    if (hostingInfo.type === "cloud") {
+      steps.push({
+        component: API,
+        errors,
+      })
+    }
+    steps.push({
       component: Info,
       errors,
-    },
-    {
+    })
+    steps.push({
       component: User,
       errors,
-    },
-  ]
+    })
+  })
 
   if (hasKey) {
     validationSchemas.shift()
diff --git a/packages/server/src/api/controllers/deploy/index.js b/packages/server/src/api/controllers/deploy/index.js
index 0117fd3735..026ce5c85b 100644
--- a/packages/server/src/api/controllers/deploy/index.js
+++ b/packages/server/src/api/controllers/deploy/index.js
@@ -84,7 +84,10 @@ async function deployApp(deployment) {
   } catch (err) {
     deployment.setStatus(DeploymentStatus.FAILURE, err.message)
     await storeLocalDeploymentHistory(deployment)
-    throw new Error(`Deployment Failed: ${err.message}`)
+    throw {
+      ...err,
+      message: `Deployment Failed: ${err.message}`,
+    }
   }
 }
 
diff --git a/packages/server/src/api/controllers/deploy/selfDeploy.js b/packages/server/src/api/controllers/deploy/selfDeploy.js
index 429c4c9505..81fa72cae5 100644
--- a/packages/server/src/api/controllers/deploy/selfDeploy.js
+++ b/packages/server/src/api/controllers/deploy/selfDeploy.js
@@ -1,4 +1,3 @@
-const env = require("../../../environment")
 const AWS = require("aws-sdk")
 const {
   deployToObjectStore,
@@ -9,26 +8,34 @@ const {
   getWorkerUrl,
   getCouchUrl,
   getMinioUrl,
+  getSelfHostKey,
 } = require("../../../utilities/builder/hosting")
 
 exports.preDeployment = async function() {
   const url = `${await getWorkerUrl()}/api/deploy`
-  const json = await fetchCredentials(url, {
-    apiKey: env.BUDIBASE_API_KEY,
-  })
-
-  // response contains:
-  // couchDbSession, bucket, objectStoreSession
-
-  // set credentials here, means any time we're verified we're ready to go
-  if (json.objectStoreSession) {
-    AWS.config.update({
-      accessKeyId: json.objectStoreSession.accessKeyId,
-      secretAccessKey: json.objectStoreSession.secretAccessKey,
+  try {
+    const json = await fetchCredentials(url, {
+      selfHostKey: await getSelfHostKey(),
     })
-  }
 
-  return json
+    // response contains:
+    // couchDbSession, bucket, objectStoreSession
+
+    // set credentials here, means any time we're verified we're ready to go
+    if (json.objectStoreSession) {
+      AWS.config.update({
+        accessKeyId: json.objectStoreSession.accessKeyId,
+        secretAccessKey: json.objectStoreSession.secretAccessKey,
+      })
+    }
+
+    return json
+  } catch (err) {
+    throw {
+      message: "Unauthorised to deploy, check self hosting key",
+      status: 401,
+    }
+  }
 }
 
 exports.postDeployment = async function() {
diff --git a/packages/server/src/api/controllers/deploy/utils.js b/packages/server/src/api/controllers/deploy/utils.js
index 87030a82e7..3536a6f630 100644
--- a/packages/server/src/api/controllers/deploy/utils.js
+++ b/packages/server/src/api/controllers/deploy/utils.js
@@ -17,6 +17,7 @@ exports.fetchCredentials = async function(url, body) {
   const response = await fetch(url, {
     method: "POST",
     body: JSON.stringify(body),
+    headers: { "Content-Type": "application/json" },
   })
 
   const json = await response.json()
@@ -26,7 +27,7 @@ exports.fetchCredentials = async function(url, body) {
 
   if (response.status !== 200) {
     throw new Error(
-      `Error fetching temporary credentials for api key: ${body.apiKey}`
+      `Error fetching temporary credentials: ${JSON.stringify(json)}`
     )
   }
 
diff --git a/packages/server/src/api/controllers/hosting.js b/packages/server/src/api/controllers/hosting.js
index ce4ff98c69..fd876c2300 100644
--- a/packages/server/src/api/controllers/hosting.js
+++ b/packages/server/src/api/controllers/hosting.js
@@ -15,13 +15,17 @@ exports.fetchInfo = async ctx => {
 exports.save = async ctx => {
   const db = new CouchDB(BUILDER_CONFIG_DB)
   const { type } = ctx.request.body
-  if (type === HostingTypes.CLOUD) {
-    ctx.throw(400, "Cannot update Cloud hosting information")
+  if (type === HostingTypes.CLOUD && ctx.request.body._rev) {
+    ctx.body = await db.remove({
+      ...ctx.request.body,
+      _id: HOSTING_DOC,
+    })
+  } else {
+    ctx.body = await db.put({
+      ...ctx.request.body,
+      _id: HOSTING_DOC,
+    })
   }
-  ctx.body = await db.put({
-    ...ctx.request.body,
-    _id: HOSTING_DOC,
-  })
 }
 
 exports.fetch = async ctx => {
diff --git a/packages/server/src/api/controllers/static/index.js b/packages/server/src/api/controllers/static/index.js
index 8916758d20..5c5294a7c7 100644
--- a/packages/server/src/api/controllers/static/index.js
+++ b/packages/server/src/api/controllers/static/index.js
@@ -20,7 +20,7 @@ const env = require("../../../environment")
 function objectStoreUrl() {
   if (env.SELF_HOSTED) {
     // TODO: need a better way to handle this, probably reverse proxy
-    return `${env.HOSTING_URL}:${env.MINIO_PORT}/app-assets/assets`
+    return `${env.HOSTING_URL}:${env.PROXY_PORT}/app-assets/assets`
   } else {
     return "https://cdn.app.budi.live/assets"
   }
diff --git a/packages/server/src/environment.js b/packages/server/src/environment.js
index a06d5ea23c..9d1bccf7c1 100644
--- a/packages/server/src/environment.js
+++ b/packages/server/src/environment.js
@@ -38,7 +38,7 @@ module.exports = {
   LOCAL_TEMPLATES: process.env.LOCAL_TEMPLATES,
   // self hosting features
   HOSTING_URL: process.env.HOSTING_URL,
-  MINIO_PORT: process.env.MINIO_PORT,
+  PROXY_PORT: process.env.PROXY_PORT,
   LOGO_URL: process.env.LOGO_URL,
   _set(key, value) {
     process.env[key] = value
diff --git a/packages/server/src/utilities/builder/hosting.js b/packages/server/src/utilities/builder/hosting.js
index f7a3528733..b72544e3f7 100644
--- a/packages/server/src/utilities/builder/hosting.js
+++ b/packages/server/src/utilities/builder/hosting.js
@@ -1,6 +1,8 @@
 const CouchDB = require("../../db")
 const { BUILDER_CONFIG_DB, HOSTING_DOC } = require("../../constants")
 
+const PROD_HOSTING_URL = "app.budi.live"
+
 function getProtocol(hostingInfo) {
   return hostingInfo.useHttps ? "https://" : "http://"
 }
@@ -30,7 +32,8 @@ exports.getHostingInfo = async () => {
     doc = {
       _id: HOSTING_DOC,
       type: exports.HostingTypes.CLOUD,
-      hostingUrl: "app.budi.live",
+      hostingUrl: PROD_HOSTING_URL,
+      selfHostKey: "",
       templatesUrl: "prod-budi-templates.s3-eu-west-1.amazonaws.com",
       useHttps: true,
     }
@@ -62,6 +65,11 @@ exports.getCouchUrl = async () => {
   return getURLWithPath("/db")
 }
 
+exports.getSelfHostKey = async () => {
+  const hostingInfo = await exports.getHostingInfo()
+  return hostingInfo.selfHostKey
+}
+
 exports.getTemplatesUrl = async (appId, type, name) => {
   const hostingInfo = await exports.getHostingInfo()
   const protocol = getProtocol(hostingInfo)
diff --git a/packages/worker/src/api/controllers/deploy.js b/packages/worker/src/api/controllers/deploy.js
index 8a2f8a3ea7..19c28bf362 100644
--- a/packages/worker/src/api/controllers/deploy.js
+++ b/packages/worker/src/api/controllers/deploy.js
@@ -10,9 +10,11 @@ const PUBLIC_READ_POLICY = {
   Statement: [
     {
       Effect: "Allow",
-      Principal: "*",
+      Principal: {
+        AWS: ["*"]
+      },
       Action: "s3:GetObject",
-      Resource: `arn:aws:s3:::${APP_BUCKET}/*`,
+      Resource: [`arn:aws:s3:::${APP_BUCKET}/*`],
     },
   ],
 }
@@ -63,19 +65,18 @@ async function getMinioSession() {
           Bucket: APP_BUCKET,
         })
         .promise()
-    } else if (err.statusCode === 403) {
-      await objClient
-        .putBucketPolicy({
-          Bucket: APP_BUCKET,
-          Policy: JSON.stringify(PUBLIC_READ_POLICY),
-        })
-        .promise()
     }
     else {
       throw err
     }
   }
-  // TODO: need to do something better than this
+  // always make sure policy is correct
+  await objClient
+    .putBucketPolicy({
+      Bucket: APP_BUCKET,
+      Policy: JSON.stringify(PUBLIC_READ_POLICY),
+    })
+    .promise()
   // Ideally want to send back some pre-signed URLs for files that are to be uploaded
   return {
     accessKeyId: env.MINIO_ACCESS_KEY,
diff --git a/packages/worker/src/environment.js b/packages/worker/src/environment.js
index ce0f174eb9..c8863f5b51 100644
--- a/packages/worker/src/environment.js
+++ b/packages/worker/src/environment.js
@@ -10,6 +10,7 @@ module.exports = {
   RAW_MINIO_URL: process.env.RAW_MINIO_URL,
   COUCH_DB_PORT: process.env.COUCH_DB_PORT,
   MINIO_PORT: process.env.MINIO_PORT,
+  SELF_HOST_KEY: process.env.SELF_HOST_KEY,
   _set(key, value) {
     process.env[key] = value
     module.exports[key] = value
diff --git a/packages/worker/src/middleware/check-key.js b/packages/worker/src/middleware/check-key.js
index 6a8f59a6d5..a155aa59a5 100644
--- a/packages/worker/src/middleware/check-key.js
+++ b/packages/worker/src/middleware/check-key.js
@@ -1,4 +1,9 @@
+const env = require("../environment")
+
 module.exports = async (ctx, next) => {
-  // TODO: need to check the API key provided in the header
-  await next()
+  if (!ctx.request.body.selfHostKey || env.SELF_HOST_KEY !== ctx.request.body.selfHostKey) {
+    ctx.throw(401, "Deployment unauthorised")
+  } else {
+    await next()
+  }
 }