contabo / cntb Goto Github PK

System-wide shell completion for Bash is set with

cntb completion bash | sudo tee /etc/bash_completion.d/cntb > /dev/null

Perhaps something to add to the documentation as the command listed there does not work with sudo.

Please support --displayName string for cntb reinstall instance --help

See also https://api.contabo.com/#tag/Instances/operation/createInstance

Symptom:
Running
~# cntb get snapshots xxxxxxxx
shows no snapshots of the specified instance

Expected behavior:
Running the command should return all snapshots

Logging in the web iface, I can see the snapshot.

When building on MacOS 12.5.1 with Go1.19 and Docker version 20.10.17, build 100c701, the make build process fails with the following error:

docker container create --name dummy -v openapivolume:/openapi alpine bash
6a351b2e711788c0090a45fbf22b4578fb7564251153149f1c416e86c5eab7c7
docker cp dummy:/openapi/ .
docker rm dummy
dummy
go mod tidy
go mod download
export VERSION=$(git rev-list --tags --max-count=1 | xargs -I {} git describe --tags {}); export COMMIT=$(git rev-parse HEAD); export TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ"); go build -ldflags="-w -s -X "contabo.com/cli/cntb/cmd.version=$VERSION" -X "contabo.com/cli/cntb/cmd.commit=$COMMIT" -X "contabo.com/cli/cntb/cmd.date=$TIMESTAMP""
contabo.com/cli/cntb/cmd/instances
cmd/instances/upgrade.go:33:28: upgradeInstanceRequest.AddOns undefined (type openapi.UpgradeInstanceRequest has no field or method AddOns)
make: *** [build-only] Error 2

Please advice

Michel

How to configure roles is not well documented, especially how apiPermissions and resourcePermissions work together.

I want to create a user, who is allowed to create and restore snapshots only for one special instance and not for any other instance.

I have three VPS instances 100123456, 100123457 and 100123458.
The "snapshotmanager" user should be allowed to create snapshots for instance 100123456, but not for the other instances.

What I did:

• Create a Tag "SNAPINST" and assign it to the instance, which should be managed by the user.
• Create a Role "SnapshotManager" which allows "CREATE" and "READ" for the snapshots api restricted to resources tagged with SNAPINST
• Create a User which only has this "SnapshotManager" role
• Verify email
• Create password

cntb create tag --name "SNAPINST" 
  173123

cntb create tagAssignment 173123 instance 100123456

cntb get tagAssignments 173123 
  TAGID   TAGNAME  RESOURCETYPE  RESOURCEID  RESOURCENAME
  173123  SNAPINST instance      100123456   vmd115123

cntb create role --name "snapshotmgr" --permissions "[{\"apiName\" : \"/v1/compute/instances/:instanceId/snapshots\", \"actions\": [\"CREATE\", \"READ\"], \"resources\": [173123]}]"
  82345

cntb create user --firstName Snapshot --lastName Manager --email [email protected] --enabled --locale en --roles 82345
  9c112233-4455-6677-8899-aabbccddeeff

cntb resendEmailVerification user 9c112233-4455-6677-8899-aabbccddeeff

# click link in email

cntb resetPassword user 9c112233-4455-6677-8899-aabbccddeeff

# click link in email and enter password "abcd-2345"

Now I tried if the user is really restricted to the instance tagged with SNAPINST:

cntb config set-credentials --oauth2-clientid=... --oauth2-client-secret=... [email protected] --oauth2-password="abcd-2345"

cntb get instance 100123456
level=error msg="Error while retrieving instance: 403 - Forbidden access to /v1/compute/instances/:instanceId with GET\n"
level=fatal msg="Aborting, due to errors"

That is as expected. The role only grants access to the snapshots api and not to the get instance endpoint.

cntb get snapshots 100123456
  SNAPSHOTID      NAME                     DESCRIPTION  INSTANCEID  CREATEDDATE
  snap1688512345  VPS456 snapshot 1                     100123456   2023-07-05T18:33:29Z
  snap1688512367  VPS456 snapshot 2                     100123456   2023-07-05T16:13:22Z
  snap1688512389  VPS456 snapshot 3                     100123456   2023-07-05T14:52:53Z

That is as expected.
Now I try to get the snapshots for another instance (which is not tagged with "SNAPINST"):

cntb get snapshots 100123457
  SNAPSHOTID      NAME                     DESCRIPTION  INSTANCEID  CREATEDDATE
  snap1688555345  VPS457 snapshot 1                     100123457   2023-07-05T18:33:29Z
  snap1688555367  VPS457 snapshot 2                     100123457   2023-07-05T16:13:22Z

That is not, what I wanted. The user should not have access to this instance.
I tried it another way, to hard-code the instance id in the path, when defining the role, but that is not accepted:

cntb create role --name "snapshotmgr2" --permissions "[{\"apiName\" : \"/v1/compute/instances/100123456/snapshots\", \"actions\": [\"CREATE\", \"READ\"]}]"
level=error msg="Error creating role: 400 - Bad Request Cannot find action CREATE for apiName /v1/compute/instances/100123456/snapshots. You can find a list of available apiNames and actions at '/api-permissions'\n"
level=fatal msg="Aborting, due to errors"

So, my question is:
How do I configure a user to get access to snapshots only for one instance?

i run cntb on linux but not working. i face this issue. please guide me in details. i want to run one script to take backup and upload it on my object storage of contabo.

[root@ptp1 home]# cntb completion
-bash: cntb: command not found
[root@ptp1 home]# cntb completion bash > /etc/bash_completion.d/cntb
-bash: cntb: command not found
[root@ptp1 home]#

hi
what's the 'link to release' for macos?

# cntb version
cntb v1.4.12

Even this statement, not properly set command cntb create instance launches new VPS in Germany and Contabo charges 10.50 euro right away.
How come does it go through Contabo without instance size, type, etc and they charge money??
I got unordered charges twice today.

I found the file of checksums of 64-bit length, but I have no idea with which algo they have been generated. Thus; I am unable to verify the integrity of the archives. I use default linux cli tools, so I generally need that info to not trial and error.
Maybe you can please provide the type of checksum that has been used.

I need this server for start node on babylon crypto. On the beginning was root , when I change password now is admin and server not working.

I'm encountering an issue while trying to use cloud-init to automate the installation of my VPS. This is crucial for me as I aim to create a small cluster of 4 VPS instances with installed and configured public services.

Unfortunately, the Contabo client panel does not seem to support this functionality. Therefore, I have resorted to using the CLI tool.

During my exploration, I discovered a flag called --file which allows me to perform a reinstall using my cloud-init.yml configuration.

To reinstall the instance, I executed the following command:

.\cntb.exe reinstall instance <<myId>> --imageId "afecbb85-e2fc-46f0-9684-b46b1faf00bb" --file "cloud-init.yml"

However, the output I received was as follows:

level=error msg="Error while reinstalling instance: 400 - [imageId must be a UUID]\n"
level=fatal msg="Aborting, due to errors"

Expected Behavior

The instance should be reinstalled successfully using the specified cloud-init.yml configuration file. Or if there is another error with my way of passing the file as an argument the error message should be descriptive and not point to an error with the imageId

Actual Behavior

Reinstallation fails with the error message: "Error while reinstalling instance: 400 - [imageId must be a UUID]."

Additional Information

• Operating System: Windows 11
• cntb.exe version: 1.4.2

cntb get instances

i'm try to call api (/v1/compute/instances) it's also not have new server. i'm not sure what's happend.

希望有mac os支持

I was trying to upload 500G file to the bucket (which took around 2 days straight), but it failed for unknown reason.

$ cntb create object --storageId xxx-yyy --bucket mybucket --prefix prefix/ --path myfile
FATAL Could not create object file prefix/myfile. Got error The requested range is not satisfiable

I'll try again, but if it fails again, then this tool isn't appropriate for uploading the big files to the Contabo bucket without ability to retry from were it stopped (waste of resources).

In my small use of cntb, I've discovered there is no browser login. I suggest that there be a command such as cntb login which will either store the OAuth credentials in a file (non-plaintext is nice), permanently or temporarily.

For macOS users a Homebrew Cask would be super convenient.

I'm unable to find any documentation on how to assign/remove additional IP address to an instance. This is possible via the Contabo Control Panel > IP Management. However, to automate the usage of keepalived with a Virtual IP address, it becomes necessary to be able to assign the additional public IP address to an instance at least programmatically, if assigning it to multiple instances is not supported.

Could you please comment/give any directions about this?

Currently, I am running the cntb CLI in a minimal Docker container based on Busybox:

FROM busybox
RUN wget -qO- https://github.com/contabo/cntb/releases/download/v1.3.2/cntb_v1.3.2_Linux_x86_64.tar.gz | tar xvz -C /bin
ENTRYPOINT [ "/bin/cntb" ]

This works fine, but I need to update the Dockerfile and rebuild the container whenever a new version is released. It would be much better if cntb was officially published on Docker Hub or a similar repository. I believe that a minimal image containing the statically compiled cntb binary can easily be created during your CI/CD and release process, as demonstrated in the Dockerfile above (just replace the wget command with COPY …).

please help me to solve it as soon as possible thank you
my customer id is 11595934

ping sin1.contabostorage.com
is OK

“We were unable to perform the request. You are most likely being affected by blacklisting. Please check here or contact support. (Object Storage SIN 2034)”

Hey, it'd be great if the Contabo CLI could respect the XDG Base Directory Specification

Thanks

hallo,
how reupload file to Object-Storages?

Can a command be added to disable/enable VNC for an VPS instance?

While using 2 separate Contabo accounts on the same machine, each with its own API user, I noticed that the cached token from one account is being incorrectly reused when querying the other, even when specifying the --config option for the invocation. This results in erroneously manipulating the first account, instead of the second one as intended by the user.

This is because the function to get the token from the token cache

I run this command on Windows CLI:
cntb create object --region xxx --bucket tmp --prefix test/ --path A:\Download\a.jpg

The file wasn't uploaded to /test folder, instead, it went with the name: test\a.jpg at the root folder

Running

make build -j$(nproc)

fails due to a race condition:

• the generate-api-clients task deletes the openapi directory
• the build-only task requires the openapi directory to exist

It seems this is occurring because make is attempting to run both tasks in parallel, causing the openapi directory to not exist when build-only is run, however it always should. Running make with -j1 solves this issue.

It would be very nice in the Makefile to:

• Choose to build with a container engine (docker or podman)
• Handle rebuild removing the volume or checking if it exists (at the moment the command "docker volume create openaivolume" exits with errors if it exists)

For newly created file, these should be 600, see

For existing files the user should be warned that 600 is the recommended setting, if the current file permissions are different.

I'd like to be able to manage the Contabo DNS entries for my zone. This would be most useful when migrating DNS entries from another provider.

I absolutely love this CLI tool -- it elevated my NPS of Contabo by a couple of points for sure.

--oauth2-password= doesn't accept all special characters.

example
--oauth2-password=#3N5646Y4&5%$*7K%wP#BzhP

generates the following error
[1] 30820
zsh: command not found: 5%7K%wP#BzhP

& is not accepted in my case on MacOS with zsh

Michel

Hello cntb developers

since a couple of days I get the following error when using secret-based commands. Before it worked flawlessly. Every other command works as well. I just cannot list the secrets or retrieve on of them.

I tried on different computers (native, WSL, Ubuntu 18, 20, v1.2.2, v1.2.1), but the behavior is reproducible. I already contacted the contabo support, but just got the answer to provide more data. Since it is a server error and I already use the newest version, I wanted to ask if this problem is already known or if somebody else can confirm it. Please let me know, if you need further information :-)

Thanks!

It would be good to add some parameter to show the progress of file being uploaded to the bucket and its transfer speed. This is especially useful for the big files. For example upload of the file failed (as per GH-37), and I've no idea at what point it failed or what's the completion progress (especially for big files which can take several days to complete).

Hi, I get an error when the userdata exceeds a certain size. In the case here for example:

cntb reinstall instance xxx --imageId "81d9280e-8753-40ae-8aef-7f6e20751b85" --userData 'hostname: xxx
users:
 - name: xxx
   ssh_authorized_keys:
     - ssh-ed25519 xxx
   sudo: ALL=(ALL) NOPASSWD:ALL
   groups: sudo
disable_root: true
package_update: true
package_upgrade: true
packages:
 - zsh
write_files:
 - path: /etc/ssh/sshd_config.d/sshd.config
   content: |
     PermitRootLogin no
     MaxAuthTries 2
     PasswordAuthentication no
     PermitEmptyPasswords no
     KbdInteractiveAuthentication no
     X11Forwarding no
     ClientAliveInterval 300
     ClientAliveCountMax 3
     AllowUsers xxx'

X-Request-Id: 8417db5a-8219-4705-aaf4-9d8d8d81bccc

Info from Response:

Your IP is not allowed to access Contabo.com. This only happens very rarely and can have a number of reasons, but is only temporary. Please restart your local router, this will most likely renew your IP address, and try to access Contabo.com again. You can reach us via e-mail at [email protected]

But it's not blockt, when the content is smaller.

Object Storage SIN 2034 Kong Error Too many requests. my Customer ID: 11595934

I just created a PR to add cntb to nixpkgs and I realized that this repository contains two files with the same filename modulo case.

This doesn't behave well on case insensitive filesystems and made Nix compute two different hashes for the sources depending if on linux or macos.

The infamous files are:

• [AddOnResponse.md](https://github.com/contabo/cntb/blob/main/openapi/docs/AddOnResponse.md)
• [AddonResponse.md](https://github.com/contabo/cntb/blob/main/openapi/docs/AddonResponse.md)

My current workaround is patching the sources deleting the entire ./openapi/docs directory.