You've already forked ionscale
mirror of
https://github.com/jsiebens/ionscale.git
synced 2026-04-05 12:32:58 +01:00
feat: generate control keys by default in db
This commit is contained in:
Johan Siebens
+18
-10
@@ -5,6 +5,7 @@ import (
|
||||
"github.com/caarlos0/env/v6"
|
||||
"github.com/caddyserver/certmagic"
|
||||
"github.com/imdario/mergo"
|
||||
"github.com/jsiebens/ionscale/internal/domain"
|
||||
"github.com/jsiebens/ionscale/internal/key"
|
||||
"github.com/jsiebens/ionscale/internal/util"
|
||||
"github.com/mitchellh/go-homedir"
|
||||
@@ -178,8 +179,11 @@ func (c *Config) CreateUrl(format string, a ...interface{}) string {
|
||||
return strings.TrimSuffix(c.ServerUrl, "/") + "/" + strings.TrimPrefix(path, "/")
|
||||
}
|
||||
|
||||
func (c *Config) ReadServerKeys() (*ServerKeys, error) {
|
||||
keys := &ServerKeys{}
|
||||
func (c *Config) ReadServerKeys(defaultKeys *domain.ControlKeys) (*ServerKeys, error) {
|
||||
keys := &ServerKeys{
|
||||
ControlKey: defaultKeys.ControlKey,
|
||||
LegacyControlKey: defaultKeys.LegacyControlKey,
|
||||
}
|
||||
|
||||
if len(c.Keys.SystemAdminKey) != 0 {
|
||||
systemAdminKey, err := key.ParsePrivateKey(c.Keys.SystemAdminKey)
|
||||
@@ -190,17 +194,21 @@ func (c *Config) ReadServerKeys() (*ServerKeys, error) {
|
||||
keys.SystemAdminKey = systemAdminKey
|
||||
}
|
||||
|
||||
controlKey, err := util.ParseMachinePrivateKey(c.Keys.ControlKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error reading control key: %v", err)
|
||||
if len(c.Keys.ControlKey) != 0 {
|
||||
controlKey, err := util.ParseMachinePrivateKey(c.Keys.ControlKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error reading control key: %v", err)
|
||||
}
|
||||
keys.ControlKey = *controlKey
|
||||
}
|
||||
keys.ControlKey = *controlKey
|
||||
|
||||
legacyControlKey, err := util.ParseMachinePrivateKey(c.Keys.LegacyControlKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error reading legacy control key: %v", err)
|
||||
if len(c.Keys.LegacyControlKey) != 0 {
|
||||
legacyControlKey, err := util.ParseMachinePrivateKey(c.Keys.LegacyControlKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error reading legacy control key: %v", err)
|
||||
}
|
||||
keys.LegacyControlKey = *legacyControlKey
|
||||
}
|
||||
keys.LegacyControlKey = *legacyControlKey
|
||||
|
||||
return keys, nil
|
||||
}
|
||||
|
||||
@@ -8,6 +8,7 @@ import (
|
||||
"github.com/hashicorp/go-hclog"
|
||||
"github.com/jsiebens/ionscale/internal/broker"
|
||||
"github.com/jsiebens/ionscale/internal/database/migration"
|
||||
"tailscale.com/types/key"
|
||||
"time"
|
||||
|
||||
"github.com/jsiebens/ionscale/internal/config"
|
||||
@@ -77,6 +78,33 @@ func migrate(db *gorm.DB) error {
|
||||
return err
|
||||
}
|
||||
|
||||
ctx := context.Background()
|
||||
repository := domain.NewRepository(db)
|
||||
|
||||
if err := createServerKey(ctx, repository); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func createServerKey(ctx context.Context, repository domain.Repository) error {
|
||||
serverKey, err := repository.GetControlKeys(ctx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if serverKey != nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
keys := domain.ControlKeys{
|
||||
ControlKey: key.NewMachine(),
|
||||
LegacyControlKey: key.NewMachine(),
|
||||
}
|
||||
if err := repository.SetControlKeys(ctx, &keys); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -11,6 +11,9 @@ import (
|
||||
)
|
||||
|
||||
type Repository interface {
|
||||
GetControlKeys(ctx context.Context) (*ControlKeys, error)
|
||||
SetControlKeys(ctx context.Context, keys *ControlKeys) error
|
||||
|
||||
GetDERPMap(ctx context.Context) (*tailcfg.DERPMap, error)
|
||||
SetDERPMap(ctx context.Context, v *tailcfg.DERPMap) error
|
||||
|
||||
|
||||
@@ -6,12 +6,14 @@ import (
|
||||
"errors"
|
||||
"gorm.io/gorm"
|
||||
"tailscale.com/tailcfg"
|
||||
tkey "tailscale.com/types/key"
|
||||
)
|
||||
|
||||
type configKey string
|
||||
|
||||
const (
|
||||
derpMapConfigKey configKey = "derp_map"
|
||||
derpMapConfigKey configKey = "derp_map"
|
||||
controlKeysConfigKey configKey = "control_keys"
|
||||
)
|
||||
|
||||
type ServerConfig struct {
|
||||
@@ -19,6 +21,30 @@ type ServerConfig struct {
|
||||
Value []byte
|
||||
}
|
||||
|
||||
type ControlKeys struct {
|
||||
ControlKey tkey.MachinePrivate
|
||||
LegacyControlKey tkey.MachinePrivate
|
||||
}
|
||||
|
||||
func (r *repository) GetControlKeys(ctx context.Context) (*ControlKeys, error) {
|
||||
var m ControlKeys
|
||||
err := r.getServerConfig(ctx, controlKeysConfigKey, &m)
|
||||
|
||||
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &m, nil
|
||||
}
|
||||
|
||||
func (r *repository) SetControlKeys(ctx context.Context, v *ControlKeys) error {
|
||||
return r.setServerConfig(ctx, controlKeysConfigKey, v)
|
||||
}
|
||||
|
||||
func (r *repository) GetDERPMap(ctx context.Context) (*tailcfg.DERPMap, error) {
|
||||
var m tailcfg.DERPMap
|
||||
|
||||
|
||||
@@ -37,12 +37,17 @@ func Start(c *config.Config) error {
|
||||
|
||||
logger.Info("Starting ionscale server")
|
||||
|
||||
serverKey, err := c.ReadServerKeys()
|
||||
repository, brokers, err := database.OpenDB(&c.Database, logger)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
repository, brokers, err := database.OpenDB(&c.Database, logger)
|
||||
defaultControlKeys, err := repository.GetControlKeys(context.Background())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
serverKey, err := c.ReadServerKeys(defaultControlKeys)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user