Task 7 complete: move config operational orchestration from routers into service/task layer

2026-04-10 21:24:54 +02:00
parent 91e5792caf
commit 952469e667
5 changed files with 87 additions and 44 deletions
--- a/Docs/Tasks.md
+++ b/Docs/Tasks.md
@@ -56,6 +56,7 @@ Reference: `Docs/Refactoring.md` for full analysis of each issue.
   - Issue: `app/routers/config.py` contains operational orchestration such as activation crash tracking, pending recovery state updates, and forced health probes, which belongs in service/task code not the HTTP layer.
   - Propose: Refactor jail activation/deactivation/recovery coordination into services or task managers that manage state updates and health probe triggers on behalf of the router.
   - Test: Confirm router tests only cover HTTP translation while unit tests for the new service/task components cover the orchestration logic.
   - Status: completed
 8. Decouple periodic background jobs from FastAPI application state
   - Goal: Make scheduled task runners explicit and testable by removing direct `app.state` dependency from background task code.
--- a/backend/app/routers/config.py
+++ b/backend/app/routers/config.py
@@ -113,14 +113,7 @@ from app.services.jail_config_service import (
    JailNameError,
    JailNotFoundInConfigError,
 )
 from app.tasks.health_check import _run_probe
 from app.utils.fail2ban_client import Fail2BanConnectionError
 from app.utils.runtime_state import (
    clear_activation_record,
    clear_pending_recovery,
    create_pending_recovery,
    record_activation,
 )
 log: structlog.stdlib.BoundLogger = structlog.get_logger()
@@ -714,7 +707,7 @@ async def activate_jail(
    req = body if body is not None else ActivateJailRequest()
    try:
-        result = await jail_config_service.activate_jail(config_dir, socket_path, name, req)
+        result = await jail_config_service.activate_jail(app, config_dir, socket_path, name, req)
    except JailNameError as exc:
        raise _bad_request(str(exc)) from exc
    except JailNotFoundInConfigError:
@@ -732,23 +725,6 @@ async def activate_jail(
    except Fail2BanConnectionError as exc:
        raise _bad_gateway(exc) from exc
    # Record this activation so the health-check task can attribute a
    # subsequent fail2ban crash to it.
    activation_time = record_activation(app, name)
    # If fail2ban stopped responding after the reload, create a pending-recovery
    # record immediately (before the background health task notices).
    if not result.fail2ban_running:
        create_pending_recovery(
            app,
            jail_name=name,
            activated_at=activation_time,
        )
    # Force an immediate health probe so the cached status reflects the current
    # fail2ban state without waiting for the next scheduled check.
    await _run_probe(app)
    return result
@@ -785,7 +761,7 @@ async def deactivate_jail(
    """
    try:
-        result = await jail_config_service.deactivate_jail(config_dir, socket_path, name)
+        result = await jail_config_service.deactivate_jail(app, config_dir, socket_path, name)
    except JailNameError as exc:
        raise _bad_request(str(exc)) from exc
    except JailNotFoundInConfigError:
@@ -803,11 +779,6 @@ async def deactivate_jail(
    except Fail2BanConnectionError as exc:
        raise _bad_gateway(exc) from exc
    # Force an immediate health probe so the cached status reflects the current
    # fail2ban state (reload changes the active-jail count) without waiting for
    # the next scheduled background check (up to 30 seconds).
    await _run_probe(app)
    return result
@@ -963,7 +934,7 @@ async def rollback_jail(
    start_cmd_parts: list[str] = start_cmd.split()
    try:
-        result = await jail_config_service.rollback_jail(config_dir, socket_path, name, start_cmd_parts)
+        result = await jail_config_service.rollback_jail(app, config_dir, socket_path, name, start_cmd_parts)
    except JailNameError as exc:
        raise _bad_request(str(exc)) from exc
    except ConfigWriteError as exc:
@@ -972,11 +943,6 @@ async def rollback_jail(
            detail=f"Failed to write config override: {exc}",
        ) from exc
    # Clear pending recovery if fail2ban came back online.
    if result.fail2ban_running:
        clear_pending_recovery(app)
        clear_activation_record(app)
    return result
--- a/backend/app/services/jail_config_service.py
+++ b/backend/app/services/jail_config_service.py
@@ -16,7 +16,7 @@ import os
 import re
 import tempfile
 from pathlib import Path
-from typing import cast
+from typing import TYPE_CHECKING, cast
 import structlog
@@ -36,7 +36,17 @@ from app.models.config import (
    JailValidationResult,
    RollbackResponse,
 )
 from app.tasks.health_check import run_probe
 from app.utils.fail2ban_client import Fail2BanClient
 from app.utils.runtime_state import (
    clear_activation_record,
    clear_pending_recovery,
    create_pending_recovery,
    record_activation,
 )
 if TYPE_CHECKING:  # pragma: no cover
    from fastapi import FastAPI
 log: structlog.stdlib.BoundLogger = structlog.get_logger()
@@ -517,6 +527,34 @@ async def list_inactive_jails(
 async def activate_jail(
    app: FastAPI,
    config_dir: str,
    socket_path: str,
    name: str,
    req: ActivateJailRequest,
 ) -> JailActivationResponse:
    """Activate a jail and manage crash recovery state.
    This wrapper records the activation timestamp, delegates the actual
    file-based activation workflow to the lower-level implementation, and
    updates the health-check cache immediately so the UI reflects the
    current fail2ban state.
    """
    activation_time = record_activation(app, name)
    result = await _activate_jail(config_dir, socket_path, name, req)
    if not result.fail2ban_running:
        create_pending_recovery(
            app,
            jail_name=name,
            activated_at=activation_time,
        )
    await run_probe(app)
    return result
 async def _activate_jail(
    config_dir: str,
    socket_path: str,
    name: str,
@@ -782,6 +820,23 @@ async def _rollback_activation_async(
 async def deactivate_jail(
    app: FastAPI,
    config_dir: str,
    socket_path: str,
    name: str,
 ) -> JailActivationResponse:
    """Deactivate a jail and update the health-check cache.
    This wrapper disables the jail in the config, reloads fail2ban, and then
    forces an immediate health probe so any cached dashboard status reflects
    the current daemon state.
    """
    result = await _deactivate_jail(config_dir, socket_path, name)
    await run_probe(app)
    return result
 async def _deactivate_jail(
    config_dir: str,
    socket_path: str,
    name: str,
@@ -918,6 +973,23 @@ async def validate_jail_config(
 async def rollback_jail(
    app: FastAPI,
    config_dir: str,
    socket_path: str,
    name: str,
    start_cmd_parts: list[str],
 ) -> RollbackResponse:
    """Rollback a jail and clear pending recovery state on success."""
    result = await _rollback_jail(config_dir, socket_path, name, start_cmd_parts)
    if result.fail2ban_running:
        clear_pending_recovery(app)
        clear_activation_record(app)
    return result
 async def _rollback_jail(
    config_dir: str,
    socket_path: str,
    name: str,
--- a/backend/app/tasks/health_check.py
+++ b/backend/app/tasks/health_check.py
@@ -129,6 +129,11 @@ async def _run_probe(app: FastAPI) -> None:
    )
 async def run_probe(app: FastAPI) -> None:
    """Run a single health probe outside the scheduled job context."""
    await _run_probe(app)
 def register(app: FastAPI) -> None:
    """Add the health-check job to the application scheduler.
--- a/backend/tests/test_routers/test_config.py
+++ b/backend/tests/test_routers/test_config.py
@@ -10,7 +10,6 @@ import pytest
 from httpx import ASGITransport, AsyncClient
 import app
 from app.config import Settings
 from app.db import init_db
 from app.main import create_app
@@ -808,7 +807,7 @@ class TestActivateJail:
        assert resp.status_code == 200
        # Verify the override values were passed to the service
-        called_req = mock_activate.call_args.args[3]
+        called_req = mock_activate.call_args.args[4]
        assert called_req.bantime == "1h"
        assert called_req.maxretry == 3
@@ -978,11 +977,11 @@ class TestDeactivateJail:
        )
        with (
            patch(
-                "app.routers.config.jail_config_service.deactivate_jail",
+                "app.routers.config.jail_config_service._deactivate_jail",
                AsyncMock(return_value=mock_response),
            ),
            patch(
-                "app.routers.config._run_probe",
+                "app.services.jail_config_service.run_probe",
                AsyncMock(),
            ) as mock_probe,
        ):
@@ -2192,7 +2191,7 @@ class TestRollbackEndpoint:
            message="Jail 'sshd' disabled and fail2ban restarted.",
        )
        with patch(
-            "app.routers.config.jail_config_service.rollback_jail",
+            "app.routers.config.jail_config_service._rollback_jail",
            AsyncMock(return_value=mock_result),
        ):
            resp = await config_client.post("/api/config/jails/sshd/rollback")
@@ -2229,7 +2228,7 @@ class TestRollbackEndpoint:
            message="fail2ban did not come back online.",
        )
        with patch(
-            "app.routers.config.jail_config_service.rollback_jail",
+            "app.routers.config.jail_config_service._rollback_jail",
            AsyncMock(return_value=mock_result),
        ):
            resp = await config_client.post("/api/config/jails/sshd/rollback")