setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $pdo->exec("SET search_path TO admin, public"); } return $pdo; } function getHuaweiCredentials($db) { $stmt = $db->query("SELECT * FROM huawei_accounts WHERE status = 'Activated' LIMIT 1"); $account = $stmt->fetch(PDO::FETCH_ASSOC); if (!$account) throw new Exception("No active Huawei account"); return $account; } function getHuaweiToken($account) { $region = $account['region'] ?? 'la-south-2'; $url = "https://iam.$region.myhuaweicloud.com/v3/auth/tokens"; $data = ['auth' => ['identity' => ['methods' => ['hw_ak_sk'], 'hw_ak_sk' => [ 'access' => ['key' => $account['application_key']], 'secret' => ['key' => $account['secret_key']] ]], 'scope' => ['project' => ['id' => $account['consumer_key']]]]]; $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_POST => true, CURLOPT_POSTFIELDS => json_encode($data), CURLOPT_HTTPHEADER => ['Content-Type: application/json'], CURLOPT_RETURNTRANSFER => true, CURLOPT_HEADER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_TIMEOUT => 30 ]); $resp = curl_exec($ch); preg_match('/X-Subject-Token:\s*(.+)/i', $resp, $m); return trim($m[1] ?? ''); } function createInstance($account, $token, $params) { $region = $params['region'] ?? $account['region'] ?? 'la-south-2'; $projectId = $account['consumer_key']; $url = "https://ecs.$region.myhuaweicloud.com/v1/$projectId/cloudservers"; $serverName = 'wevads-mta-' . date('YmdHis') . '-' . rand(100, 999); // Configs réelles découvertes $serverData = [ 'server' => [ 'name' => $serverName, 'availability_zone' => $region . 'a', 'flavorRef' => $params['flavor'] ?? 's6.medium.2', 'imageRef' => 'd39d0f43-d86b-4e2a-b672-317d17c96554', // Ubuntu 22.04 'vpcid' => '5f5cfb42-2f44-4940-a7dc-b6e949303c44', 'nics' => [['subnet_id' => '5295886d-ad08-4647-bbb7-dd5e19768a11']], 'root_volume' => ['volumetype' => 'SSD', 'size' => 40], 'count' => 1, 'security_groups' => [['id' => '26df35a8-2441-4126-aaba-c4fe965bbb01']], // 'key_name' => 'wevads-mta-key', // Disabled - policy issue 'adminPass' => 'Wevads2026!Mta' ] ]; $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_POST => true, CURLOPT_POSTFIELDS => json_encode($serverData), CURLOPT_HTTPHEADER => ['Content-Type: application/json', 'X-Auth-Token: ' . $token], CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_TIMEOUT => 120 ]); $response = curl_exec($ch); $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); $result = json_decode($response, true); if ($httpCode >= 400 || isset($result['error'])) { throw new Exception("ECS creation failed: " . json_encode($result)); } return [ 'job_id' => $result['job_id'] ?? null, 'server_ids' => $result['serverIds'] ?? [], 'name' => $serverName, 'status' => 'creating' ]; } function getServerDetails($account, $token, $serverId) { $region = $account['region'] ?? 'la-south-2'; $projectId = $account['consumer_key']; $url = "https://ecs.$region.myhuaweicloud.com/v1/$projectId/cloudservers/$serverId"; $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_HTTPHEADER => ['X-Auth-Token: ' . $token], CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false ]); return json_decode(curl_exec($ch), true); } function getJobStatus($account, $token, $jobId) { $region = $account['region'] ?? 'la-south-2'; $url = "https://ecs.$region.myhuaweicloud.com/v1/$account[consumer_key]/jobs/$jobId"; $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_HTTPHEADER => ['X-Auth-Token: ' . $token], CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false ]); return json_decode(curl_exec($ch), true); } // Main handler try { $db = getDB(); $input = array_merge($_GET, $_POST, json_decode(file_get_contents('php://input'), true) ?: []); $action = $input['action'] ?? 'status'; switch ($action) { case 'create_instance': case 'provision': $account = getHuaweiCredentials($db); $token = getHuaweiToken($account); $count = min((int)($input['count'] ?? 1), 5); $results = []; $errors = []; for ($i = 0; $i < $count; $i++) { try { $instance = createInstance($account, $token, $input); // Insert in mta_servers $stmt = $db->prepare("INSERT INTO mta_servers (name, main_ip, status, provider_name, provider_id, ssh_username, ssh_password, ssh_port, created_by, created_date, expiration_date) VALUES (?, '0.0.0.0', 'Creating', 'Huawei Cloud', 1, 'root', 'Wevads2026!Mta', 22, 'API', NOW(), NOW() + INTERVAL '30 days') RETURNING id"); $stmt->execute([$instance['name']]); $dbId = $stmt->fetch()['id']; $instance['db_id'] = $dbId; $results[] = $instance; } catch (Exception $e) { $errors[] = $e->getMessage(); } if ($i < $count - 1) usleep(1000000); } echo json_encode(['success' => count($results) > 0, 'created' => count($results), 'errors' => count($errors), 'results' => $results, 'error_messages' => $errors], JSON_PRETTY_PRINT); break; case 'job_status': $account = getHuaweiCredentials($db); $token = getHuaweiToken($account); $jobId = $input['job_id'] ?? ''; echo json_encode(getJobStatus($account, $token, $jobId), JSON_PRETTY_PRINT); break; case 'server_details': $account = getHuaweiCredentials($db); $token = getHuaweiToken($account); $serverId = $input['server_id'] ?? ''; echo json_encode(getServerDetails($account, $token, $serverId), JSON_PRETTY_PRINT); break; case 'list_servers': $account = getHuaweiCredentials($db); $token = getHuaweiToken($account); $region = $account['region']; $url = "https://ecs.$region.myhuaweicloud.com/v1/{$account['consumer_key']}/cloudservers/detail"; $ch = curl_init($url); curl_setopt_array($ch, [CURLOPT_HTTPHEADER => ['X-Auth-Token: ' . $token], CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => false]); echo curl_exec($ch); break; case 'test_auth': $account = getHuaweiCredentials($db); $token = getHuaweiToken($account); echo json_encode(['success' => true, 'token_preview' => substr($token, 0, 30) . '...']); break; case 'status': default: echo json_encode(['status' => 'ready', 'version' => '2.0', 'message' => 'Huawei IR API Production']); } } catch (Exception $e) { http_response_code(500); echo json_encode(['success' => false, 'error' => $e->getMessage()], JSON_PRETTY_PRINT); }