diff --git a/headscale_models.py b/headscale_models.py new file mode 100644 index 0000000..73227ad --- /dev/null +++ b/headscale_models.py @@ -0,0 +1,451 @@ +""" +Headscale SQLite Database Models for SQLAlchemy +Based on actual schema analysis of Headscale v0.23.0 + +Generated from: /var/lib/headscale/db.sqlite +Schema Analysis Date: 2025-09-09 +""" + +from datetime import datetime, timedelta +from typing import Optional, List +import json +from sqlalchemy import ( + Column, Integer, String, DateTime, Boolean, Text, + ForeignKey, LargeBinary, Index, UniqueConstraint +) +from sqlalchemy.ext.declarative import declarative_base +from sqlalchemy.orm import relationship, Session +from sqlalchemy.types import TypeDecorator, TEXT + +Base = declarative_base() + + +class JSONType(TypeDecorator): + """Custom JSON type for SQLAlchemy that handles JSON serialization""" + impl = TEXT + + def process_bind_param(self, value, dialect): + if value is not None: + return json.dumps(value) + return value + + def process_result_value(self, value, dialect): + if value is not None: + return json.loads(value) + return value + + +class Migration(Base): + """Migration tracking table""" + __tablename__ = 'migrations' + + id = Column(String, primary_key=True) + + def __repr__(self): + return f"" + + +class User(Base): + """Headscale Users table + + Represents individual users/namespaces in the Headscale network. + Each user can have multiple nodes (machines) associated with them. + """ + __tablename__ = 'users' + __table_args__ = ( + Index('idx_users_deleted_at', 'deleted_at'), + Index('idx_provider_identifier', 'provider_identifier', + postgresql_where="provider_identifier IS NOT NULL"), + Index('idx_name_provider_identifier', 'name', 'provider_identifier'), + Index('idx_name_no_provider_identifier', 'name', + postgresql_where="provider_identifier IS NULL"), + ) + + id = Column(Integer, primary_key=True, autoincrement=True) + created_at = Column(DateTime) + updated_at = Column(DateTime) + deleted_at = Column(DateTime) # Soft delete + name = Column(String) # User identifier (e.g., "myuser") + display_name = Column(String) # Human-readable display name + email = Column(String) # User email address + provider_identifier = Column(String) # External auth provider ID + provider = Column(String) # Auth provider name (OIDC, etc.) + profile_pic_url = Column(String) # Profile picture URL + + # Relationships + nodes = relationship("Node", back_populates="user", cascade="all, delete-orphan") + pre_auth_keys = relationship("PreAuthKey", back_populates="user") + + def __repr__(self): + return f"" + + def is_deleted(self) -> bool: + """Check if user is soft-deleted""" + return self.deleted_at is not None + + +class Node(Base): + """Headscale Nodes (Machines) table + + Represents individual devices/machines connected to the Tailnet. + Each node belongs to a user and has various networking attributes. + """ + __tablename__ = 'nodes' + + id = Column(Integer, primary_key=True, autoincrement=True) + machine_key = Column(String) # Machine's public key + node_key = Column(String) # Node's network key + disco_key = Column(String) # Discovery key for peer-to-peer connections + endpoints = Column(JSONType) # List of network endpoints (JSON array) + host_info = Column(JSONType) # Detailed host information (JSON object) + ipv4 = Column(String) # Assigned IPv4 address (e.g., "100.64.0.1") + ipv6 = Column(String) # Assigned IPv6 address + hostname = Column(String) # Machine hostname + given_name = Column(String) # User-assigned machine name + user_id = Column(Integer, ForeignKey('users.id', ondelete='CASCADE')) + register_method = Column(String) # Registration method (e.g., "authkey") + forced_tags = Column(JSONType) # Tags forced on this node (JSON array) + auth_key_id = Column(Integer, ForeignKey('pre_auth_keys.id')) + expiry = Column(DateTime) # Node expiration date + last_seen = Column(DateTime) # Last activity timestamp + approved_routes = Column(JSONType) # Approved subnet routes (JSON array) + created_at = Column(DateTime) + updated_at = Column(DateTime) + deleted_at = Column(DateTime) # Soft delete + + # Relationships + user = relationship("User", back_populates="nodes") + auth_key = relationship("PreAuthKey") + + def __repr__(self): + return f"" + + def is_online(self, timeout_minutes: int = 5) -> bool: + """Check if node is considered online based on last_seen""" + if not self.last_seen: + return False + + # Handle timezone-aware datetime + now = datetime.now() + last_seen = self.last_seen + + # If last_seen is timezone-aware, make now timezone-aware too + if last_seen.tzinfo is not None and now.tzinfo is None: + from datetime import timezone + now = now.replace(tzinfo=timezone.utc) + # If last_seen is naive, make it naive too + elif last_seen.tzinfo is not None and now.tzinfo is None: + last_seen = last_seen.replace(tzinfo=None) + + try: + return (now - last_seen).total_seconds() < (timeout_minutes * 60) + except TypeError: + # Fallback: just check if we have a recent timestamp + return True + + def get_host_info(self) -> dict: + """Get parsed host information""" + return self.host_info or {} + + def get_endpoints(self) -> List[str]: + """Get list of network endpoints""" + return self.endpoints or [] + + def get_forced_tags(self) -> List[str]: + """Get list of forced tags""" + return self.forced_tags or [] + + def get_approved_routes(self) -> List[str]: + """Get list of approved routes""" + return self.approved_routes or [] + + +class PreAuthKey(Base): + """Pre-authentication keys table + + Keys used for automatic node registration without manual approval. + """ + __tablename__ = 'pre_auth_keys' + + id = Column(Integer, primary_key=True, autoincrement=True) + key = Column(String) # The actual pre-auth key string + user_id = Column(Integer, ForeignKey('users.id', ondelete='SET NULL')) + reusable = Column(Boolean) # Can be used multiple times + ephemeral = Column(Boolean, default=False) # Temporary key + used = Column(Boolean, default=False) # Has been used + tags = Column(JSONType) # Tags to apply to nodes using this key + created_at = Column(DateTime) + expiration = Column(DateTime) # When the key expires + + # Relationships + user = relationship("User", back_populates="pre_auth_keys") + + def __repr__(self): + return f"" + + def is_expired(self) -> bool: + """Check if the pre-auth key is expired""" + if not self.expiration: + return False + + now = datetime.now() + expiration = self.expiration + + # Handle timezone-aware datetime + if expiration.tzinfo is not None and now.tzinfo is None: + from datetime import timezone + now = now.replace(tzinfo=timezone.utc) + elif expiration.tzinfo is not None: + expiration = expiration.replace(tzinfo=None) + + try: + return now > expiration + except TypeError: + return False + + def is_valid(self) -> bool: + """Check if the key is still valid for use""" + if self.is_expired(): + return False + if self.used and not self.reusable: + return False + return True + + def get_tags(self) -> List[str]: + """Get list of tags for this key""" + return self.tags or [] + + +class ApiKey(Base): + """API Keys table + + Keys used for API authentication to the Headscale server. + """ + __tablename__ = 'api_keys' + __table_args__ = ( + Index('idx_api_keys_prefix', 'prefix', unique=True), + ) + + id = Column(Integer, primary_key=True, autoincrement=True) + prefix = Column(String) # Key prefix for identification (e.g., "8qRr1IB") + hash = Column(LargeBinary) # Hashed key value + created_at = Column(DateTime) + expiration = Column(DateTime) # When the key expires + last_seen = Column(DateTime) # Last time key was used + + def __repr__(self): + return f"" + + def is_expired(self) -> bool: + """Check if the API key is expired""" + if not self.expiration: + return False + + now = datetime.now() + expiration = self.expiration + + # Handle timezone-aware datetime + if expiration.tzinfo is not None and now.tzinfo is None: + from datetime import timezone + now = now.replace(tzinfo=timezone.utc) + elif expiration.tzinfo is not None: + expiration = expiration.replace(tzinfo=None) + + try: + return now > expiration + except TypeError: + return False + + +class Policy(Base): + """ACL Policies table + + Stores Access Control List policies in JSON format. + """ + __tablename__ = 'policies' + __table_args__ = ( + Index('idx_policies_deleted_at', 'deleted_at'), + ) + + id = Column(Integer, primary_key=True, autoincrement=True) + created_at = Column(DateTime) + updated_at = Column(DateTime) + deleted_at = Column(DateTime) # Soft delete + data = Column(Text) # JSON policy data + + def __repr__(self): + return f"" + + def get_policy_data(self) -> dict: + """Parse and return policy data as dictionary""" + try: + return json.loads(self.data) if self.data else {} + except json.JSONDecodeError: + return {} + + +# ========================================== +# Extended Models for FARMQ Customization +# ========================================== + +class PharmacyInfo(Base): + """Extended table for pharmacy information + + This extends the base Headscale functionality to store + pharmacy-specific information for FARMQ management. + """ + __tablename__ = 'pharmacy_info' + + id = Column(Integer, primary_key=True, autoincrement=True) + user_id = Column(String, ForeignKey('users.name'), unique=True) # Link to users.name + pharmacy_name = Column(String, nullable=False) # 약국명 + business_number = Column(String(20)) # 사업자번호 + address = Column(Text) # 주소 + phone = Column(String(20)) # 전화번호 + manager_name = Column(String(100)) # 담당자명 + proxmox_host = Column(String(255)) # Proxmox 호스트 IP + proxmox_api_token = Column(Text) # Proxmox API 토큰 + created_at = Column(DateTime, default=datetime.now) + updated_at = Column(DateTime, default=datetime.now, onupdate=datetime.now) + + def __repr__(self): + return f"" + + +class MachineSpecs(Base): + """Extended table for machine specifications + + Stores detailed hardware specifications for each machine/node. + """ + __tablename__ = 'machine_specs' + + id = Column(Integer, primary_key=True, autoincrement=True) + machine_id = Column(Integer, ForeignKey('nodes.id'), nullable=False) + pharmacy_id = Column(Integer, ForeignKey('pharmacy_info.id')) + cpu_model = Column(String(255)) # CPU 모델명 + cpu_cores = Column(Integer) # CPU 코어 수 + ram_gb = Column(Integer) # RAM 용량 (GB) + storage_gb = Column(Integer) # 스토리지 용량 (GB) + gpu_model = Column(String(255)) # GPU 모델명 + last_updated = Column(DateTime, default=datetime.now, onupdate=datetime.now) + + # Relationships + machine = relationship("Node") + pharmacy = relationship("PharmacyInfo") + + def __repr__(self): + return f"" + + +class MonitoringData(Base): + """Real-time monitoring data table + + Stores time-series monitoring data collected from Proxmox hosts. + """ + __tablename__ = 'monitoring_data' + + id = Column(Integer, primary_key=True, autoincrement=True) + machine_id = Column(Integer, ForeignKey('nodes.id'), nullable=False) + cpu_usage = Column(String(5)) # CPU 사용률 (예: "75.50") + memory_usage = Column(String(5)) # 메모리 사용률 + disk_usage = Column(String(5)) # 디스크 사용률 + cpu_temperature = Column(Integer) # CPU 온도 (섭씨) + network_rx_bytes = Column(Integer) # 네트워크 수신 바이트 + network_tx_bytes = Column(Integer) # 네트워크 송신 바이트 + vm_count = Column(Integer) # 총 VM 개수 + vm_running = Column(Integer) # 실행중인 VM 개수 + collected_at = Column(DateTime, default=datetime.now) + + # Relationships + machine = relationship("Node") + + def __repr__(self): + return f"" + + def get_cpu_usage_float(self) -> float: + """CPU 사용률을 float로 반환""" + try: + return float(self.cpu_usage) if self.cpu_usage else 0.0 + except ValueError: + return 0.0 + + +# ========================================== +# Database Helper Functions +# ========================================== + +def create_all_tables(engine): + """Create all tables in the database""" + Base.metadata.create_all(engine) + + +def get_active_nodes(session: Session) -> List[Node]: + """Get all non-deleted nodes""" + return session.query(Node).filter(Node.deleted_at.is_(None)).all() + + +def get_online_nodes(session: Session, timeout_minutes: int = 5) -> List[Node]: + """Get nodes that are currently online""" + cutoff_time = datetime.now() - timedelta(minutes=timeout_minutes) + return session.query(Node).filter( + Node.deleted_at.is_(None), + Node.last_seen > cutoff_time + ).all() + + +def get_user_with_pharmacy_info(session: Session, user_name: str): + """Get user with associated pharmacy information""" + return session.query(User).join(PharmacyInfo).filter(User.name == user_name).first() + + +def get_node_with_specs_and_monitoring(session: Session, node_id: int): + """Get node with hardware specs and latest monitoring data""" + return session.query(Node)\ + .outerjoin(MachineSpecs)\ + .outerjoin(MonitoringData)\ + .filter(Node.id == node_id)\ + .first() + + +# ========================================== +# Usage Example +# ========================================== + +if __name__ == "__main__": + from sqlalchemy import create_engine + from sqlalchemy.orm import sessionmaker + + # SQLite connection to Headscale database + DATABASE_URL = "sqlite:///data/db.sqlite" + engine = create_engine(DATABASE_URL) + SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine) + + # Create extended tables (if needed) + create_all_tables(engine) + + # Example usage + session = SessionLocal() + try: + # Get all users + users = session.query(User).all() + print("=== Users ===") + for user in users: + print(f" {user}") + + # Get all nodes + nodes = session.query(Node).all() + print("\n=== Nodes ===") + for node in nodes: + print(f" {node}") + print(f" Online: {node.is_online()}") + print(f" Host Info: {node.get_host_info().get('Hostname', 'Unknown')}") + + # Get all API keys + api_keys = session.query(ApiKey).all() + print("\n=== API Keys ===") + for key in api_keys: + print(f" {key}") + print(f" Expired: {key.is_expired()}") + + finally: + session.close() \ No newline at end of file diff --git a/test_headscale_models.py b/test_headscale_models.py new file mode 100644 index 0000000..506b59a --- /dev/null +++ b/test_headscale_models.py @@ -0,0 +1,284 @@ +#!/usr/bin/env python3 +""" +Headscale Database Model Test Script +테스트를 위해 실제 SQLite DB에 연결하여 데이터 조회 +""" + +import sys +import os +from datetime import datetime, timedelta +from pathlib import Path + +# Add current directory to path for importing models +sys.path.append(os.path.dirname(os.path.abspath(__file__))) + +try: + from sqlalchemy import create_engine, text + from sqlalchemy.orm import sessionmaker + from headscale_models import ( + User, Node, PreAuthKey, ApiKey, Policy, + PharmacyInfo, MachineSpecs, MonitoringData, + create_all_tables + ) + print("✅ SQLAlchemy models imported successfully") +except ImportError as e: + print(f"❌ Failed to import models: {e}") + print("💡 Install required packages: pip install sqlalchemy") + sys.exit(1) + + +def test_database_connection(): + """데이터베이스 연결 테스트""" + db_path = Path("data/db.sqlite") + if not db_path.exists(): + print(f"❌ Database file not found: {db_path}") + return None + + DATABASE_URL = f"sqlite:///{db_path}" + print(f"🔗 Connecting to: {DATABASE_URL}") + + try: + engine = create_engine(DATABASE_URL) + SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine) + session = SessionLocal() + + # Test connection with a simple query + result = session.execute(text("SELECT COUNT(*) FROM users")).scalar() + print(f"✅ Database connection successful. User count: {result}") + return session, engine + except Exception as e: + print(f"❌ Database connection failed: {e}") + return None, None + + +def test_user_model(session): + """User 모델 테스트""" + print("\n" + "="*50) + print("📊 TESTING USER MODEL") + print("="*50) + + users = session.query(User).all() + print(f"📋 Total users: {len(users)}") + + for user in users: + print(f"\n👤 {user}") + print(f" - Created: {user.created_at}") + print(f" - Display Name: {user.display_name or 'Not set'}") + print(f" - Email: {user.email or 'Not set'}") + print(f" - Deleted: {user.is_deleted()}") + print(f" - Nodes Count: {len(user.nodes)}") + + +def test_node_model(session): + """Node 모델 테스트""" + print("\n" + "="*50) + print("💻 TESTING NODE MODEL") + print("="*50) + + nodes = session.query(Node).all() + print(f"📋 Total nodes: {len(nodes)}") + + for node in nodes: + print(f"\n🖥️ {node}") + print(f" - Given Name: {node.given_name}") + print(f" - User: {node.user.name if node.user else 'None'}") + print(f" - Online: {'🟢 Yes' if node.is_online() else '🔴 No'}") + print(f" - Last Seen: {node.last_seen}") + print(f" - Endpoints: {len(node.get_endpoints())} endpoint(s)") + + # Host info details + host_info = node.get_host_info() + if host_info: + print(f" - OS: {host_info.get('OS', 'Unknown')} {host_info.get('OSVersion', '')}") + print(f" - Hostname: {host_info.get('Hostname', 'Unknown')}") + print(f" - Machine: {host_info.get('Machine', 'Unknown')}") + + +def test_api_key_model(session): + """API Key 모델 테스트""" + print("\n" + "="*50) + print("🔑 TESTING API KEY MODEL") + print("="*50) + + api_keys = session.query(ApiKey).all() + print(f"📋 Total API keys: {len(api_keys)}") + + for key in api_keys: + print(f"\n🔐 {key}") + print(f" - Expired: {'❌ Yes' if key.is_expired() else '✅ No'}") + print(f" - Created: {key.created_at}") + print(f" - Expires: {key.expiration}") + print(f" - Last Used: {key.last_seen or 'Never'}") + + +def test_pre_auth_key_model(session): + """Pre-Auth Key 모델 테스트""" + print("\n" + "="*50) + print("🎫 TESTING PRE-AUTH KEY MODEL") + print("="*50) + + pre_auth_keys = session.query(PreAuthKey).all() + print(f"📋 Total pre-auth keys: {len(pre_auth_keys)}") + + for key in pre_auth_keys: + print(f"\n🎟️ {key}") + print(f" - User: {key.user.name if key.user else 'None'}") + print(f" - Reusable: {'✅ Yes' if key.reusable else '❌ No'}") + print(f" - Used: {'✅ Yes' if key.used else '❌ No'}") + print(f" - Valid: {'✅ Yes' if key.is_valid() else '❌ No'}") + print(f" - Expires: {key.expiration}") + print(f" - Tags: {key.get_tags()}") + + +def test_policy_model(session): + """Policy 모델 테스트""" + print("\n" + "="*50) + print("📜 TESTING POLICY MODEL") + print("="*50) + + policies = session.query(Policy).all() + print(f"📋 Total policies: {len(policies)}") + + for policy in policies: + print(f"\n📄 {policy}") + policy_data = policy.get_policy_data() + if policy_data: + print(f" - ACL Rules: {len(policy_data.get('acls', []))}") + print(f" - Groups: {len(policy_data.get('groups', {}))}") + + +def create_sample_extended_data(session, engine): + """확장 테이블용 샘플 데이터 생성""" + print("\n" + "="*50) + print("🏥 CREATING SAMPLE PHARMACY DATA") + print("="*50) + + # Create extended tables + create_all_tables(engine) + + # Get first user + user = session.query(User).first() + if not user: + print("❌ No users found. Cannot create pharmacy info.") + return + + # Check if pharmacy info already exists + existing_pharmacy = session.query(PharmacyInfo).filter_by(user_id=user.name).first() + if existing_pharmacy: + print(f"ℹ️ Pharmacy info already exists for user '{user.name}'") + return + + # Create pharmacy info + pharmacy = PharmacyInfo( + user_id=user.name, + pharmacy_name="서울중앙약국", + business_number="123-45-67890", + address="서울시 강남구 테헤란로 123", + phone="02-1234-5678", + manager_name="홍길동", + proxmox_host="192.168.1.100", + proxmox_api_token="sample_token_here" + ) + session.add(pharmacy) + + # Get first node + node = session.query(Node).first() + if node: + # Create machine specs + specs = MachineSpecs( + machine_id=node.id, + pharmacy_id=1, # Will be set properly after pharmacy is committed + cpu_model="Intel Core i7-12700", + cpu_cores=12, + ram_gb=32, + storage_gb=1000, + gpu_model="NVIDIA GTX 1660" + ) + session.add(specs) + + # Create monitoring data + monitoring = MonitoringData( + machine_id=node.id, + cpu_usage="75.50", + memory_usage="60.25", + disk_usage="45.00", + cpu_temperature=65, + network_rx_bytes=1024000, + network_tx_bytes=512000, + vm_count=5, + vm_running=4 + ) + session.add(monitoring) + + try: + session.commit() + print("✅ Sample extended data created successfully") + except Exception as e: + session.rollback() + print(f"❌ Failed to create sample data: {e}") + + +def test_extended_models(session): + """확장된 모델 테스트""" + print("\n" + "="*50) + print("🏥 TESTING EXTENDED MODELS (FARMQ)") + print("="*50) + + # Test pharmacy info + pharmacies = session.query(PharmacyInfo).all() + print(f"🏪 Total pharmacies: {len(pharmacies)}") + for pharmacy in pharmacies: + print(f" - {pharmacy}") + + # Test machine specs + specs = session.query(MachineSpecs).all() + print(f"⚙️ Total machine specs: {len(specs)}") + for spec in specs: + print(f" - {spec}") + + # Test monitoring data + monitoring = session.query(MonitoringData).all() + print(f"📊 Total monitoring records: {len(monitoring)}") + for monitor in monitoring: + print(f" - {monitor}") + + +def main(): + """메인 테스트 함수""" + print("🧪 HEADSCALE DATABASE MODEL TEST") + print("=" * 60) + + # Connect to database + session, engine = test_database_connection() + if not session: + return + + try: + # Test core models + test_user_model(session) + test_node_model(session) + test_api_key_model(session) + test_pre_auth_key_model(session) + test_policy_model(session) + + # Create sample extended data (if needed) + create_sample_extended_data(session, engine) + + # Test extended models + test_extended_models(session) + + print("\n" + "="*60) + print("🎉 ALL TESTS COMPLETED SUCCESSFULLY!") + print("="*60) + + except Exception as e: + print(f"\n❌ Test failed with error: {e}") + import traceback + traceback.print_exc() + + finally: + session.close() + + +if __name__ == "__main__": + main() \ No newline at end of file