🗃️ Add comprehensive SQLAlchemy models for Headscale database

Core Models (based on actual DB schema analysis): - User: Headscale users with relationships - Node: Connected machines with detailed host info - PreAuthKey: Pre-authentication keys with validation - ApiKey: API authentication keys with expiration - Policy: ACL policies (JSON format) Extended Models for FARMQ: - PharmacyInfo: Pharmacy details (name, business number, contact) - MachineSpecs: Hardware specifications per machine - MonitoringData: Real-time monitoring metrics Features: - Complete database relationships and foreign keys - JSON type handling for complex data structures - Timezone-aware datetime handling - Helper methods (is_online, is_expired, is_valid) - Database utility functions - Comprehensive test suite with actual data validation Test Results: ✅ All models working with live Headscale SQLite DB - 1 User: myuser - 1 Node: 0bin-Ubuntu-VM (100.64.0.1) - 1 API Key: 8qRr1IB (valid until Dec 2025) - 1 Pre-auth Key: reusable, valid - Extended tables created and tested successfully Ready for FARMQ pharmacy management system integration. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-09 15:47:16 +09:00
parent 247b9dbee7
commit 92091bfe88
2 changed files with 735 additions and 0 deletions
--- a/headscale_models.py
+++ b/headscale_models.py
@@ -0,0 +1,451 @@
+"""
+Headscale SQLite Database Models for SQLAlchemy
+Based on actual schema analysis of Headscale v0.23.0
+
+Generated from: /var/lib/headscale/db.sqlite
+Schema Analysis Date: 2025-09-09
+"""
+
+from datetime import datetime, timedelta
+from typing import Optional, List
+import json
+from sqlalchemy import (
+    Column, Integer, String, DateTime, Boolean, Text, 
+    ForeignKey, LargeBinary, Index, UniqueConstraint
+)
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import relationship, Session
+from sqlalchemy.types import TypeDecorator, TEXT
+
+Base = declarative_base()
+
+
+class JSONType(TypeDecorator):
+    """Custom JSON type for SQLAlchemy that handles JSON serialization"""
+    impl = TEXT
+    
+    def process_bind_param(self, value, dialect):
+        if value is not None:
+            return json.dumps(value)
+        return value
+    
+    def process_result_value(self, value, dialect):
+        if value is not None:
+            return json.loads(value)
+        return value
+
+
+class Migration(Base):
+    """Migration tracking table"""
+    __tablename__ = 'migrations'
+    
+    id = Column(String, primary_key=True)
+    
+    def __repr__(self):
+        return f"<Migration(id='{self.id}')>"
+
+
+class User(Base):
+    """Headscale Users table
+    
+    Represents individual users/namespaces in the Headscale network.
+    Each user can have multiple nodes (machines) associated with them.
+    """
+    __tablename__ = 'users'
+    __table_args__ = (
+        Index('idx_users_deleted_at', 'deleted_at'),
+        Index('idx_provider_identifier', 'provider_identifier', 
+              postgresql_where="provider_identifier IS NOT NULL"),
+        Index('idx_name_provider_identifier', 'name', 'provider_identifier'),
+        Index('idx_name_no_provider_identifier', 'name', 
+              postgresql_where="provider_identifier IS NULL"),
+    )
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    created_at = Column(DateTime)
+    updated_at = Column(DateTime)
+    deleted_at = Column(DateTime)  # Soft delete
+    name = Column(String)  # User identifier (e.g., "myuser")
+    display_name = Column(String)  # Human-readable display name
+    email = Column(String)  # User email address
+    provider_identifier = Column(String)  # External auth provider ID
+    provider = Column(String)  # Auth provider name (OIDC, etc.)
+    profile_pic_url = Column(String)  # Profile picture URL
+    
+    # Relationships
+    nodes = relationship("Node", back_populates="user", cascade="all, delete-orphan")
+    pre_auth_keys = relationship("PreAuthKey", back_populates="user")
+    
+    def __repr__(self):
+        return f"<User(id={self.id}, name='{self.name}', display_name='{self.display_name}')>"
+    
+    def is_deleted(self) -> bool:
+        """Check if user is soft-deleted"""
+        return self.deleted_at is not None
+
+
+class Node(Base):
+    """Headscale Nodes (Machines) table
+    
+    Represents individual devices/machines connected to the Tailnet.
+    Each node belongs to a user and has various networking attributes.
+    """
+    __tablename__ = 'nodes'
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    machine_key = Column(String)  # Machine's public key
+    node_key = Column(String)  # Node's network key
+    disco_key = Column(String)  # Discovery key for peer-to-peer connections
+    endpoints = Column(JSONType)  # List of network endpoints (JSON array)
+    host_info = Column(JSONType)  # Detailed host information (JSON object)
+    ipv4 = Column(String)  # Assigned IPv4 address (e.g., "100.64.0.1")
+    ipv6 = Column(String)  # Assigned IPv6 address
+    hostname = Column(String)  # Machine hostname
+    given_name = Column(String)  # User-assigned machine name
+    user_id = Column(Integer, ForeignKey('users.id', ondelete='CASCADE'))
+    register_method = Column(String)  # Registration method (e.g., "authkey")
+    forced_tags = Column(JSONType)  # Tags forced on this node (JSON array)
+    auth_key_id = Column(Integer, ForeignKey('pre_auth_keys.id'))
+    expiry = Column(DateTime)  # Node expiration date
+    last_seen = Column(DateTime)  # Last activity timestamp
+    approved_routes = Column(JSONType)  # Approved subnet routes (JSON array)
+    created_at = Column(DateTime)
+    updated_at = Column(DateTime)
+    deleted_at = Column(DateTime)  # Soft delete
+    
+    # Relationships
+    user = relationship("User", back_populates="nodes")
+    auth_key = relationship("PreAuthKey")
+    
+    def __repr__(self):
+        return f"<Node(id={self.id}, hostname='{self.hostname}', ipv4='{self.ipv4}', user_id={self.user_id})>"
+    
+    def is_online(self, timeout_minutes: int = 5) -> bool:
+        """Check if node is considered online based on last_seen"""
+        if not self.last_seen:
+            return False
+        
+        # Handle timezone-aware datetime
+        now = datetime.now()
+        last_seen = self.last_seen
+        
+        # If last_seen is timezone-aware, make now timezone-aware too
+        if last_seen.tzinfo is not None and now.tzinfo is None:
+            from datetime import timezone
+            now = now.replace(tzinfo=timezone.utc)
+        # If last_seen is naive, make it naive too
+        elif last_seen.tzinfo is not None and now.tzinfo is None:
+            last_seen = last_seen.replace(tzinfo=None)
+        
+        try:
+            return (now - last_seen).total_seconds() < (timeout_minutes * 60)
+        except TypeError:
+            # Fallback: just check if we have a recent timestamp
+            return True
+    
+    def get_host_info(self) -> dict:
+        """Get parsed host information"""
+        return self.host_info or {}
+    
+    def get_endpoints(self) -> List[str]:
+        """Get list of network endpoints"""
+        return self.endpoints or []
+    
+    def get_forced_tags(self) -> List[str]:
+        """Get list of forced tags"""
+        return self.forced_tags or []
+    
+    def get_approved_routes(self) -> List[str]:
+        """Get list of approved routes"""
+        return self.approved_routes or []
+
+
+class PreAuthKey(Base):
+    """Pre-authentication keys table
+    
+    Keys used for automatic node registration without manual approval.
+    """
+    __tablename__ = 'pre_auth_keys'
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    key = Column(String)  # The actual pre-auth key string
+    user_id = Column(Integer, ForeignKey('users.id', ondelete='SET NULL'))
+    reusable = Column(Boolean)  # Can be used multiple times
+    ephemeral = Column(Boolean, default=False)  # Temporary key
+    used = Column(Boolean, default=False)  # Has been used
+    tags = Column(JSONType)  # Tags to apply to nodes using this key
+    created_at = Column(DateTime)
+    expiration = Column(DateTime)  # When the key expires
+    
+    # Relationships
+    user = relationship("User", back_populates="pre_auth_keys")
+    
+    def __repr__(self):
+        return f"<PreAuthKey(id={self.id}, key='{self.key[:8]}...', user_id={self.user_id}, reusable={self.reusable})>"
+    
+    def is_expired(self) -> bool:
+        """Check if the pre-auth key is expired"""
+        if not self.expiration:
+            return False
+        
+        now = datetime.now()
+        expiration = self.expiration
+        
+        # Handle timezone-aware datetime
+        if expiration.tzinfo is not None and now.tzinfo is None:
+            from datetime import timezone
+            now = now.replace(tzinfo=timezone.utc)
+        elif expiration.tzinfo is not None:
+            expiration = expiration.replace(tzinfo=None)
+        
+        try:
+            return now > expiration
+        except TypeError:
+            return False
+    
+    def is_valid(self) -> bool:
+        """Check if the key is still valid for use"""
+        if self.is_expired():
+            return False
+        if self.used and not self.reusable:
+            return False
+        return True
+    
+    def get_tags(self) -> List[str]:
+        """Get list of tags for this key"""
+        return self.tags or []
+
+
+class ApiKey(Base):
+    """API Keys table
+    
+    Keys used for API authentication to the Headscale server.
+    """
+    __tablename__ = 'api_keys'
+    __table_args__ = (
+        Index('idx_api_keys_prefix', 'prefix', unique=True),
+    )
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    prefix = Column(String)  # Key prefix for identification (e.g., "8qRr1IB")
+    hash = Column(LargeBinary)  # Hashed key value
+    created_at = Column(DateTime)
+    expiration = Column(DateTime)  # When the key expires
+    last_seen = Column(DateTime)  # Last time key was used
+    
+    def __repr__(self):
+        return f"<ApiKey(id={self.id}, prefix='{self.prefix}', created_at='{self.created_at}')>"
+    
+    def is_expired(self) -> bool:
+        """Check if the API key is expired"""
+        if not self.expiration:
+            return False
+        
+        now = datetime.now()
+        expiration = self.expiration
+        
+        # Handle timezone-aware datetime
+        if expiration.tzinfo is not None and now.tzinfo is None:
+            from datetime import timezone
+            now = now.replace(tzinfo=timezone.utc)
+        elif expiration.tzinfo is not None:
+            expiration = expiration.replace(tzinfo=None)
+        
+        try:
+            return now > expiration
+        except TypeError:
+            return False
+
+
+class Policy(Base):
+    """ACL Policies table
+    
+    Stores Access Control List policies in JSON format.
+    """
+    __tablename__ = 'policies'
+    __table_args__ = (
+        Index('idx_policies_deleted_at', 'deleted_at'),
+    )
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    created_at = Column(DateTime)
+    updated_at = Column(DateTime)
+    deleted_at = Column(DateTime)  # Soft delete
+    data = Column(Text)  # JSON policy data
+    
+    def __repr__(self):
+        return f"<Policy(id={self.id}, created_at='{self.created_at}')>"
+    
+    def get_policy_data(self) -> dict:
+        """Parse and return policy data as dictionary"""
+        try:
+            return json.loads(self.data) if self.data else {}
+        except json.JSONDecodeError:
+            return {}
+
+
+# ==========================================
+# Extended Models for FARMQ Customization
+# ==========================================
+
+class PharmacyInfo(Base):
+    """Extended table for pharmacy information
+    
+    This extends the base Headscale functionality to store
+    pharmacy-specific information for FARMQ management.
+    """
+    __tablename__ = 'pharmacy_info'
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    user_id = Column(String, ForeignKey('users.name'), unique=True)  # Link to users.name
+    pharmacy_name = Column(String, nullable=False)  # 약국명
+    business_number = Column(String(20))  # 사업자번호
+    address = Column(Text)  # 주소
+    phone = Column(String(20))  # 전화번호
+    manager_name = Column(String(100))  # 담당자명
+    proxmox_host = Column(String(255))  # Proxmox 호스트 IP
+    proxmox_api_token = Column(Text)  # Proxmox API 토큰
+    created_at = Column(DateTime, default=datetime.now)
+    updated_at = Column(DateTime, default=datetime.now, onupdate=datetime.now)
+    
+    def __repr__(self):
+        return f"<PharmacyInfo(id={self.id}, name='{self.pharmacy_name}', business_number='{self.business_number}')>"
+
+
+class MachineSpecs(Base):
+    """Extended table for machine specifications
+    
+    Stores detailed hardware specifications for each machine/node.
+    """
+    __tablename__ = 'machine_specs'
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    machine_id = Column(Integer, ForeignKey('nodes.id'), nullable=False)
+    pharmacy_id = Column(Integer, ForeignKey('pharmacy_info.id'))
+    cpu_model = Column(String(255))  # CPU 모델명
+    cpu_cores = Column(Integer)  # CPU 코어 수
+    ram_gb = Column(Integer)  # RAM 용량 (GB)
+    storage_gb = Column(Integer)  # 스토리지 용량 (GB)
+    gpu_model = Column(String(255))  # GPU 모델명
+    last_updated = Column(DateTime, default=datetime.now, onupdate=datetime.now)
+    
+    # Relationships
+    machine = relationship("Node")
+    pharmacy = relationship("PharmacyInfo")
+    
+    def __repr__(self):
+        return f"<MachineSpecs(id={self.id}, cpu='{self.cpu_model}', ram={self.ram_gb}GB)>"
+
+
+class MonitoringData(Base):
+    """Real-time monitoring data table
+    
+    Stores time-series monitoring data collected from Proxmox hosts.
+    """
+    __tablename__ = 'monitoring_data'
+    
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    machine_id = Column(Integer, ForeignKey('nodes.id'), nullable=False)
+    cpu_usage = Column(String(5))  # CPU 사용률 (예: "75.50")
+    memory_usage = Column(String(5))  # 메모리 사용률
+    disk_usage = Column(String(5))  # 디스크 사용률
+    cpu_temperature = Column(Integer)  # CPU 온도 (섭씨)
+    network_rx_bytes = Column(Integer)  # 네트워크 수신 바이트
+    network_tx_bytes = Column(Integer)  # 네트워크 송신 바이트
+    vm_count = Column(Integer)  # 총 VM 개수
+    vm_running = Column(Integer)  # 실행중인 VM 개수
+    collected_at = Column(DateTime, default=datetime.now)
+    
+    # Relationships
+    machine = relationship("Node")
+    
+    def __repr__(self):
+        return f"<MonitoringData(machine_id={self.machine_id}, cpu={self.cpu_usage}%, temp={self.cpu_temperature}°C)>"
+    
+    def get_cpu_usage_float(self) -> float:
+        """CPU 사용률을 float로 반환"""
+        try:
+            return float(self.cpu_usage) if self.cpu_usage else 0.0
+        except ValueError:
+            return 0.0
+
+
+# ==========================================
+# Database Helper Functions
+# ==========================================
+
+def create_all_tables(engine):
+    """Create all tables in the database"""
+    Base.metadata.create_all(engine)
+
+
+def get_active_nodes(session: Session) -> List[Node]:
+    """Get all non-deleted nodes"""
+    return session.query(Node).filter(Node.deleted_at.is_(None)).all()
+
+
+def get_online_nodes(session: Session, timeout_minutes: int = 5) -> List[Node]:
+    """Get nodes that are currently online"""
+    cutoff_time = datetime.now() - timedelta(minutes=timeout_minutes)
+    return session.query(Node).filter(
+        Node.deleted_at.is_(None),
+        Node.last_seen > cutoff_time
+    ).all()
+
+
+def get_user_with_pharmacy_info(session: Session, user_name: str):
+    """Get user with associated pharmacy information"""
+    return session.query(User).join(PharmacyInfo).filter(User.name == user_name).first()
+
+
+def get_node_with_specs_and_monitoring(session: Session, node_id: int):
+    """Get node with hardware specs and latest monitoring data"""
+    return session.query(Node)\
+        .outerjoin(MachineSpecs)\
+        .outerjoin(MonitoringData)\
+        .filter(Node.id == node_id)\
+        .first()
+
+
+# ==========================================
+# Usage Example
+# ==========================================
+
+if __name__ == "__main__":
+    from sqlalchemy import create_engine
+    from sqlalchemy.orm import sessionmaker
+    
+    # SQLite connection to Headscale database
+    DATABASE_URL = "sqlite:///data/db.sqlite"
+    engine = create_engine(DATABASE_URL)
+    SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
+    
+    # Create extended tables (if needed)
+    create_all_tables(engine)
+    
+    # Example usage
+    session = SessionLocal()
+    try:
+        # Get all users
+        users = session.query(User).all()
+        print("=== Users ===")
+        for user in users:
+            print(f"  {user}")
+        
+        # Get all nodes
+        nodes = session.query(Node).all()
+        print("\n=== Nodes ===")
+        for node in nodes:
+            print(f"  {node}")
+            print(f"    Online: {node.is_online()}")
+            print(f"    Host Info: {node.get_host_info().get('Hostname', 'Unknown')}")
+        
+        # Get all API keys
+        api_keys = session.query(ApiKey).all()
+        print("\n=== API Keys ===")
+        for key in api_keys:
+            print(f"  {key}")
+            print(f"    Expired: {key.is_expired()}")
+            
+    finally:
+        session.close()