Add web terminal (hestiacp#3859)

* Add frontend for web-terminal

* Fix Terminal export

* Remove some messages

* Make terminal accessible to regular users

* Add message on terminal exit

* Use writeln for connection messages

* Order sys-config json and add BACKEND_PORT

* Fix json syntax

* Add variable to syshealth

* Add nodejs on install and maybe do a deb?

* Better uid and gid detection

* Whoops, removed something by accident

* Fix dependency and upgrade script

* Check on activation

* Create build directory

* And the other directory

* Make sure node is installed

* Don't run husky in CI

* Fix terminal ids

* Create folders and fix permissions

* Add separate service for web terminal

* Use the user shell

* Use systemd service instead of init.d

* Enable service postinst

* Use class instead of ID, move to xterm deps

* Restart service on upgrade

* Add some logging

* Keep clients in a Set just in case we need them

* Fix service starting, probably

* okay no var in path

* Better logs

* Again, a bit more accurate logs

* Add remote IP to nginx conf

* Add reasons for websockets closing

* Fix websockets error code

* Change service name for consistency

* Return to user list

* Add flag to installer and WEB_TERMINAL_PORT option

* Run service under the hestia-users group

* Add padding to terminal

* Add terminal configs

* Add some debug logs and reorder compile commands

* Add web terminal to service list

* Correctly show service status

* change service name in control panel, redirect settings

* Add command to change the web terminal port

* Render using WebGL or Canvas2D

* Open the terminal after loading the addon

* Build JS/CSS in deb

* Make sure service is disabled/enabled

* Check for node in compile script

* Don't show terminal button for `nologin` users

* Unset temp vars

* Make it work when impersonating

* Use 2 classes for consistency

---------

Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>

Author: imjuniper

.drone.yml

@@ -25,7 +25,7 @@ steps:
       - git submodule update --init --recursive
   - name: Build Hestia package and install
     commands:
-      - npm ci
+      - npm ci --ignore-scripts
       - npm run build
       - ./src/hst_autocompile.sh --hestia --install '~localsrc'
   - name: Reset Web templates
@@ -83,7 +83,7 @@ steps:
       - git submodule update --init --recursive
   - name: Build Hestia package install
     commands:
-      - npm ci
+      - npm ci --ignore-scripts
       - npm run build
       - ./src/hst_autocompile.sh --hestia --install '~localsrc'
   - name: Reset Web templates
@@ -131,7 +131,7 @@ steps:
   - name: Build JS/CSS
     image: node:current-slim
     commands:
-      - npm ci
+      - npm ci --ignore-scripts
       - npm run build
   - name: Build
     image: debian:bullseye

.github/workflows/lint.yml

@@ -46,7 +46,7 @@ jobs:
           node-version: 16
 
       - name: Install Node packages
-        run: npm ci
+        run: npm ci --ignore-scripts
 
       - name: Run Prettier
         run: npx prettier --check .
@@ -64,7 +64,7 @@ jobs:
           node-version: 16
 
       - name: Install Node packages
-        run: npm ci
+        run: npm ci --ignore-scripts
 
       - name: Run ESLint
         run: npx eslint .
@@ -82,7 +82,7 @@ jobs:
           node-version: 16
 
       - name: Install Node packages
-        run: npm ci
+        run: npm ci --ignore-scripts
 
       - name: Run Stylelint
         run: npx stylelint web/css/src/**/*.css

bin/v-add-sys-sftp-jail

@@ -45,14 +45,14 @@ fi
 
 # Enabling jailed sftp
 if [ -z "$sftp_i" ]; then
-    echo " " >> $config
-    echo "# Hestia SFTP Chroot" >> $config
-    echo "Match User sftp_dummy99" >> $config
-    echo "    ChrootDirectory /srv/jail/%u" >> $config
-    echo "    X11Forwarding no" >> $config
-    echo "    AllowTCPForwarding no" >> $config
-    echo "    ForceCommand internal-sftp -d /home" >> $config
-    restart='yes'
+	echo " " >> $config
+	echo "# Hestia SFTP Chroot" >> $config
+	echo "Match User sftp_dummy99" >> $config
+	echo "    ChrootDirectory /srv/jail/%u" >> $config
+	echo "    X11Forwarding no" >> $config
+	echo "    AllowTCPForwarding no" >> $config
+	echo "    ForceCommand internal-sftp -d /home" >> $config
+	restart='yes'
 fi
 
 # Validating opensshd config
@@ -63,10 +63,10 @@ if [ "$restart" = 'yes' ]; then
 	if [ "$?" -ne 0 ]; then
 		mail_text="OpenSSH can not be restarted. Please check config:
             \n\n$(/usr/sbin/sshd -t)"
-        echo -e "$mail_text" |$SENDMAIL -s "$subj" $email
-    else
-        service sshd restart >/dev/null 2>&1
-    fi
+		echo -e "$mail_text" | $SENDMAIL -s "$subj" $email
+	else
+		service sshd restart > /dev/null 2>&1
+	fi
 fi
 
 # Checking users

bin/v-add-sys-web-terminal

@@ -0,0 +1,57 @@
+#!/bin/bash
+# info: add system web terminal
+# options: NONE
+#
+# example: v-add-sys-web-terminal
+#
+# This function enables the web terminal.
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+if [ "$WEB_TERMINAL" = 'true' ]; then
+	exit
+fi
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Updating WEB_TERMINAL value
+$BIN/v-change-sys-config-value "WEB_TERMINAL" "true"
+
+# Check if nodejs and hestia-web-terminal are installed
+if [ ! -f "/usr/bin/node" ] || [ ! -f "$HESTIA/web-terminal/server.js" ]; then
+	apt-get -qq update
+	apt-get -qq install nodejs hestia-web-terminal -y
+else
+	# Starting web terminal websocket server
+	$BIN/v-start-service "hestia-web-terminal"
+	systemctl enable hestia-web-terminal
+fi
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+$BIN/v-log-action "system" "Info" "Web Terminal" "Web terminal enabled."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-change-sys-web-terminal-port

@@ -0,0 +1,89 @@
+#!/bin/bash
+# info: change system web terminal backend port
+# options: PORT
+#
+# example: v-change-sys-web-terminal-port 5678
+#
+# This function for changing the system's web terminal backend port in NGINX configuration.
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Argument definition
+PORT=$1
+NGINX_CONFIG="$HESTIA/nginx/conf/nginx.conf"
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+# Functions
+is_port_valid() {
+	# Check if PORT is numeric
+	if [[ ! "$PORT" =~ ^[0-9]+$ ]]; then
+		echo "Port should contains a numeric value only!"
+		log_event "$E_INVALID" "$ARGUMENTS"
+		exit "$E_INVALID"
+	fi
+
+	# Check if PORT is already used
+	BUSY_PORT=$(lsof -i:"$PORT")
+	if [ -n "$BUSY_PORT" ] && [ "$PORT" != "$BACKEND_PORT" ]; then
+		echo "Port is already used by Hestia, please set another one!"
+		log_event "$E_INUSE" "$ARGUMENTS"
+		exit "$E_INUSE"
+	fi
+}
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'PORT'
+is_port_valid
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Get original port
+ORIGINAL_PORT=$(cat ${NGINX_CONFIG} | grep -m1 "proxy_pass http://localhost:" | sed 's/[^0-9]*//g')
+
+# Check if port is different to nginx.conf
+if [ "$ORIGINAL_PORT" = "$PORT" ]; then
+	# Nothing to do, exit
+	exit
+else
+	# Set new port in config via v-change-sys-config-value
+	$BIN/v-change-sys-config-value "WEB_TERMINAL_PORT" "$PORT"
+	# Replace port in config files.
+	sed -i "s/\(proxy_pass http:\/\/localhost:\)[0-9][0-9]*\([^0-9]*\;$\)/\1$PORT\2/" ${NGINX_CONFIG}
+
+	# Check if the web terminal backend is running
+	if [[ $(ps -eaf | grep -i hestia/web-terminal | sed '/^$/d' | wc -l) -gt 1 ]]; then
+		$BIN/v-restart-service hestia-web-terminal
+	fi
+
+	# Check if Hestia is running
+	if [[ $(ps -eaf | grep -i hestia | sed '/^$/d' | wc -l) -gt 1 ]]; then
+		$BIN/v-restart-service hestia
+	fi
+fi
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+$BIN/v-log-action "system" "Warning" "System" "Hestia Control Panel web terminal port changed (New Value: $PORT, Old Value: $ORIGINAL_PORT)."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-sys-web-terminal

@@ -0,0 +1,51 @@
+#!/bin/bash
+# info: delete web terminal
+# options: NONE
+#
+# example: v-delete-sys-web-terminal
+#
+# This function disables the web terminal.
+
+#----------------------------------------------------------#
+#                Variables & Functions                     #
+#----------------------------------------------------------#
+
+# Includes
+# shellcheck source=/etc/hestiacp/hestia.conf
+source /etc/hestiacp/hestia.conf
+# shellcheck source=/usr/local/hestia/func/main.sh
+source $HESTIA/func/main.sh
+# load config file
+source_conf "$HESTIA/conf/hestia.conf"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+if [ -z "$WEB_TERMINAL" ]; then
+	exit
+fi
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Updating WEB_TERMINAL value
+$BIN/v-change-sys-config-value "WEB_TERMINAL" "false"
+
+# Stopping web terminal websocket server
+$BIN/v-stop-service "hestia-web-terminal"
+systemctl disable hestia-web-terminal
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+$BIN/v-log-action "system" "Warning" "Web Terminal" "Web terminal disabled."
+log_event "$OK" "$ARGUMENTS"
+
+exit