Add healthcheck controller with loopback-only authorization filter. A…

…dd curl install to Dockerfile.

Server/API/HealthCheckController.cs

@@ -0,0 +1,33 @@
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Remotely.Server.Auth;
+using Remotely.Server.Services;
+using System.Threading.Tasks;
+
+namespace Remotely.Server.API
+{
+    /// <summary>
+    /// Can only be accessed from the local machine.  The sole purpose
+    /// is to provide a healthcheck endpoint for Docker that exercises
+    /// the database connection.
+    /// </summary>
+    [Route("api/[controller]")]
+    [ApiController]
+    [ServiceFilter(typeof(LocalOnlyFilter))]
+    public class HealthCheckController : ControllerBase
+    {
+        private readonly IDataService _dataService;
+
+        public HealthCheckController(IDataService dataService)
+        {
+            _dataService = dataService;
+        }
+
+        [HttpGet]
+        public async Task<IActionResult> Get()
+        {
+            var orgCount = await _dataService.GetOrganizationCountAsync();
+            return Ok($"Organization Count: {orgCount}");
+        }
+    }
+}

Server/Auth/LocalOnlyFilter.cs

@@ -0,0 +1,19 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System.Net;
+
+namespace Remotely.Server.Auth
+{
+    public class LocalOnlyFilter : IAuthorizationFilter
+    {
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            var remoteIp = context.HttpContext.Connection.RemoteIpAddress;
+            if (!IPAddress.IsLoopback(remoteIp))
+            {
+                context.Result = new UnauthorizedResult();
+                return;
+            }
+        }
+    }
+}

Server/Dockerfile

@@ -13,6 +13,8 @@ COPY /_immense.Remotely/Server/linux-x64/Server /app
 WORKDIR /app
 
 RUN \
+  apt-get -y update && \
+  apt-get -y install curl && \
   mkdir -p /remotely-data && \
   sed -i 's/DataSource=Remotely.db/DataSource=\/remotely-data\/Remotely.db/' /app/appsettings.json
 
@@ -23,4 +25,4 @@ RUN chmod +x "/src/DockerMain.sh"
 ENTRYPOINT ["/src/DockerMain.sh"]
 
 HEALTHCHECK --interval=5m --timeout=3s \
-  CMD curl -f http://localhost:5000/ || exit 1
+  CMD curl -f http://localhost:5000/api/healthcheck || exit 1

Server/Dockerfile.local

@@ -16,11 +16,16 @@ COPY ./DockerMain.sh .
 WORKDIR /app
 
 RUN \
+  apt-get -y update && \
+  apt-get -y install curl && \
   mkdir -p /remotely-data && \
   sed -i 's/DataSource=Remotely.db/DataSource=\/remotely-data\/Remotely.db/' ./appsettings.json
 
 VOLUME "/remotely-data"
 
 RUN chmod +x "/src/DockerMain.sh"
 
-ENTRYPOINT ["/src/DockerMain.sh"]
+ENTRYPOINT ["/src/DockerMain.sh"]
+
+HEALTHCHECK --interval=5m --timeout=3s \
+  CMD curl -f http://localhost:5000/api/healthcheck || exit 1

Server/Program.cs

@@ -180,6 +180,7 @@
 services.AddTransient<IDataService, DataService>();
 services.AddSingleton<IApplicationConfig, ApplicationConfig>();
 services.AddScoped<ApiAuthorizationFilter>();
+services.AddScoped<LocalOnlyFilter>();
 services.AddScoped<ExpiringTokenFilter>();
 services.AddHostedService<DbCleanupService>();
 services.AddHostedService<ScriptScheduler>();

Server/Services/DataService.cs

@@ -143,6 +143,7 @@ public interface IDataService
         Task<Organization> GetOrganizationByUserName(string userName);
 
         int GetOrganizationCount();
+        Task<int> GetOrganizationCountAsync();
 
         string GetOrganizationNameById(string organizationID);
 
@@ -1399,6 +1400,13 @@ public int GetOrganizationCount()
             return dbContext.Organizations.Count();
         }
 
+        public async Task<int> GetOrganizationCountAsync()
+        {
+            using var dbContext = _appDbFactory.GetContext();
+
+            return await dbContext.Organizations.CountAsync();
+        }
+
         public string GetOrganizationNameById(string organizationID)
         {
             using var dbContext = _appDbFactory.GetContext();