Skip to content

Commit

Permalink
v0.0.2 commit includes optimization for /services/unbound/ calls, all…
Browse files Browse the repository at this point in the history
…owed configuration to be added without applying changes at the same time, added separate API call to apply unbound configuration
  • Loading branch information
Jared Hendrickson committed Apr 22, 2020
1 parent 84554e1 commit 949d8ba
Show file tree
Hide file tree
Showing 8 changed files with 97 additions and 19 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
.idea
*.DS_Store

4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
---
# Introduction
pfSense API is a fast, safe, full-fledged API based on REST architecture. This works by leveraging the same PHP functions and processes used by pfSense's webConfigurator into API endpoints to create, read, update and delete pfSense configurations. All API endpoints enforce input validation to prevent invalid configurations from being made. Configurations made via API are properly written to the master XML configuration and the correct backend configurations are made preventing the need for a reboot. All this results in the fastest, safest, and easiest way to automate pfSense!
pfSense API is a fast, safe, full-fledged HTTP API. This works by leveraging the same PHP functions and processes used by pfSense's webConfigurator into API endpoints to create, read, update and delete pfSense configurations. All API endpoints enforce input validation to prevent invalid configurations from being made. Configurations made via API are properly written to the master XML configuration and the correct backend configurations are made preventing the need for a reboot. All this results in the fastest, safest, and easiest way to automate pfSense!

# Installation
To install pfSense API, simply run the following command from the pfSense shell:<br>
`pkg add https://github.com/jaredhendrickson13/pfsense-api/releases/v0.0.1/pfSense-pkg-API-0.0_1.txz`<br>
`pkg add https://github.com/jaredhendrickson13/pfsense-api/releases/v0.0.2/pfSense-2-4-pkg-API-0.0_2.txz`<br>

To uninstall, run the following command:<br>
`pkg delete pfSense-pkg-API`<br>
Expand Down
6 changes: 5 additions & 1 deletion pfSense-pkg-API/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

PORTNAME= pfSense-pkg-API
PORTVERSION= 0.0
PORTREVISION= 1
PORTREVISION= 2
CATEGORIES= sysutils
MASTER_SITES= # empty
DISTFILES= # empty
Expand Down Expand Up @@ -412,6 +412,10 @@ do-install:
${MKDIR} ${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/modify/hosts
${INSTALL_DATA} ${FILESDIR}${PREFIX}/www/api/v1/services/unbound/modify/hosts/index.php \
${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/modify/hosts
# Unbound apply
${MKDIR} ${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/apply
${INSTALL_DATA} ${FILESDIR}${PREFIX}/www/api/v1/services/unbound/apply/index.php \
${STAGEDIR}${PREFIX}/www/api/v1/services/unbound/apply

# INSTALL OUR PKG INFO
${MKDIR} ${STAGEDIR}${DATADIR}
Expand Down
13 changes: 13 additions & 0 deletions pfSense-pkg-API/files/etc/inc/api.inc
Original file line number Diff line number Diff line change
Expand Up @@ -445,6 +445,19 @@ function get_arp_entry($search, $value) {
return $arp_match;
}

// Reload our unbound configuration, restart associated services and clear config locks
function unbound_reload_config() {
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
// Check if application was successful
if ($reload_unbound === 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
clear_subsystem_dirty("unbound");
return true;
}
}

// Check if a DNS Resolver (Unbound) host override already exists
function unbound_host_override_exists($hostname, $domain) {
// Local variables
Expand Down
78 changes: 63 additions & 15 deletions pfSense-pkg-API/files/etc/inc/apicalls.inc
Original file line number Diff line number Diff line change
Expand Up @@ -5059,6 +5059,9 @@ function api_services_unbound_delete_hosts() {
if ($client_params['aliases'] === true) {
$a_mode = true;
}
if ($client_params['apply'] === true) {
$apply = $client_params['apply'];
}
// Determine criteria for deletion
if ($h_mode and !$d_mode and !$i_mode) {
$del_mode = "h";
Expand Down Expand Up @@ -5091,6 +5094,8 @@ function api_services_unbound_delete_hosts() {
echo var_dump($a_mode) . PHP_EOL;
echo "MODE:" . PHP_EOL;
echo var_dump($del_mode) . PHP_EOL;
echo "APPLY:" . PHP_EOL;
echo var_dump($apply) . PHP_EOL;
}
// Check that our configuration is a list and loop through each item, otherwise return ok resp
if (array_key_exists("hosts", $config["unbound"]) and is_array($config["unbound"]["hosts"])) {
Expand Down Expand Up @@ -5173,11 +5178,13 @@ function api_services_unbound_delete_hosts() {
usort($hosts_conf, "strcmp");
$config["unbound"]["hosts"] = $hosts_conf;
write_config(sprintf(gettext($change_note)));
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
if ($reload_unbound == 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
mark_subsystem_dirty("unbound");
# If user requests immediately application
if ($apply === true) {
$applied = unbound_reload_config();
}
// Return success if our function was successful
if ($applied === true or $apply !== true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "host override deleted";
$api_resp["data"] = $del_list;
Expand Down Expand Up @@ -5255,6 +5262,9 @@ function api_services_unbound_modify_hosts() {
if (isset($client_params['aliases'])) {
$aliases = $client_params['aliases'];
}
if ($client_params['apply'] === true) {
$apply = $client_params['apply'];
}
// Add debug data if requested
if (array_key_exists("debug", $client_params)) {
echo "HOSTNAME:" . PHP_EOL;
Expand All @@ -5273,6 +5283,8 @@ function api_services_unbound_modify_hosts() {
echo var_dump($descr) . PHP_EOL;
echo "ALIASES:" . PHP_EOL;
echo var_dump($aliases) . PHP_EOL;
echo "APPLY:" . PHP_EOL;
echo var_dump($aliases) . PHP_EOL;
}
// Validate our input against our exist configuration
if (unbound_host_override_exists($hostname, $domain) or $i_mode) {
Expand Down Expand Up @@ -5377,11 +5389,13 @@ function api_services_unbound_modify_hosts() {
usort($hosts_conf, "strcmp");
$config["unbound"]["hosts"] = $hosts_conf;
write_config(sprintf(gettext($change_note)));
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
if ($reload_unbound == 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
mark_subsystem_dirty("unbound");
# If user requests immediately application
if ($apply === true) {
$applied = unbound_reload_config();
}
// Return success if our function was successful
if ($applied === true or $apply !== true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "Successfully updated unbound host override";
$api_resp["data"] = $update_list;
Expand Down Expand Up @@ -5598,6 +5612,9 @@ function api_services_unbound_add_hosts() {
if (isset($client_params['aliases'])) {
$aliases = $client_params['aliases'];
}
if ($client_params['apply'] === true) {
$apply = $client_params['apply'];
}
// Add debug data if requested
if (array_key_exists("debug", $client_params)) {
echo "HOSTNAME:" . PHP_EOL;
Expand All @@ -5610,6 +5627,8 @@ function api_services_unbound_add_hosts() {
echo var_dump($descr) . PHP_EOL;
echo "ALIASES:" . PHP_EOL;
echo var_dump($aliases) . PHP_EOL;
echo "APPLY:" . PHP_EOL;
echo var_dump($apply) . PHP_EOL;
}
// Validate our input against our exist configuration
if (!unbound_host_override_exists($hostname, $domain)) {
Expand All @@ -5627,11 +5646,13 @@ function api_services_unbound_add_hosts() {
$config["unbound"]["hosts"][] = $host_ent;
usort($config["unbound"]["hosts"], "host_cmp");
write_config(sprintf(gettext($change_note)));
$reload_unbound = 0;
$reload_unbound |= services_unbound_configure();
if ($reload_unbound == 0) {
system_resolvconf_generate(); // Update resolveconf
system_dhcpleases_configure(); // Update DHCPD
mark_subsystem_dirty("unbound");
# If user requests immediately application
if ($apply === true) {
$applied = unbound_reload_config();
}
// Return success if our function was successful
if ($applied === true or $apply !== true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "Successfully added unbound host override";
$api_resp["data"] = $host_ent;
Expand Down Expand Up @@ -5662,6 +5683,33 @@ function api_services_unbound_add_hosts() {
}
}

function api_services_unbound_apply() {
# VARIABLES;
global $err_lib;
$read_only_action = false; // Set whether this action requires read only access
$req_privs = array("page-all", "page-services-dnsresolver-edithost"); // Array of privileges allowing this action
$http_method = $_SERVER['REQUEST_METHOD']; // Save our HTTP method
# RUN TIME
// Check that client is authenticated and authorized
if (api_authorized($req_privs, $read_only_action)) {
// Check that our HTTP method is POST (CREATE)
if ($http_method === 'POST') {
// Check if application was successful
if (unbound_reload_config() === true) {
$api_resp = array("status" => "ok", "code" => 200, "return" => 0);
$api_resp["message"] = "Successfully applied unbound configuration";
$api_resp["data"] = "";
return $api_resp;
} else {
$api_resp = array("status" => "server error", "code" => 500, "return" => 1);
$api_resp["message"] = $err_lib[$api_resp["return"]];
return $api_resp;
}
}
}
}


function api_interfaces_vlans() {
# VARIABLES
global $err_lib, $g, $config, $argv, $userindex, $api_resp, $client_params;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<name>API</name>
<internal_name>api</internal_name>
<descr><![CDATA[A full API for pfSense]]></descr>
<website>https://github.com/jaredhendrickson13</website>
<website>pfsense-api.jaredhendrickson.com</website>
<category>System</category>
<version>%%PKGVERSION%%</version>
<configurationfile>api.xml</configurationfile>
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<?php
# Copyright 2020 - Jared Hendrickson
# IMPORTS
require_once("apicalls.inc");

# RUN API CALL
$resp = api_services_unbound_apply();
http_response_code($resp["code"]);
echo json_encode($resp) . PHP_EOL;
exit();
2 changes: 2 additions & 0 deletions pfSense-pkg-API/pkg-plist
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,7 @@
@dir /usr/local/www/api/v1/services/unbound/start
@dir /usr/local/www/api/v1/services/unbound/stop
@dir /usr/local/www/api/v1/services/unbound/restart
@dir /usr/local/www/api/v1/services/unbound/apply
@dir /usr/local/www/api/v1/services/unbound/add/hosts
@dir /usr/local/www/api/v1/services/unbound/delete/hosts
@dir /usr/local/www/api/v1/services/unbound/modify/hosts
Expand Down Expand Up @@ -209,6 +210,7 @@
/usr/local/www/api/v1/services/unbound/start/index.php
/usr/local/www/api/v1/services/unbound/stop/index.php
/usr/local/www/api/v1/services/unbound/restart/index.php
/usr/local/www/api/v1/services/unbound/apply/index.php
/usr/local/www/api/v1/services/unbound/add/hosts/index.php
/usr/local/www/api/v1/services/unbound/delete/hosts/index.php
/usr/local/www/api/v1/services/unbound/modify/hosts/index.php
Expand Down

0 comments on commit 949d8ba

Please sign in to comment.