1
0
Fork 0
mirror of https://github.com/postmannen/ctrl.git synced 2024-12-14 12:37:31 +00:00

fixed linter errors, and added the direct use of nkey as flag

This commit is contained in:
postmannen 2024-03-07 23:17:24 +01:00
parent 69995f76ca
commit fc6e80b1bf
7 changed files with 63 additions and 28 deletions

View file

@ -1,5 +1,5 @@
# build stage # build stage
FROM golang:1.17.7-alpine AS build-env FROM golang:1.22-alpine AS build-env
RUN apk --no-cache add build-base git gcc RUN apk --no-cache add build-base git gcc
RUN mkdir -p /build RUN mkdir -p /build
@ -17,8 +17,6 @@ RUN apk update && apk add curl && apk add nmap
WORKDIR /app WORKDIR /app
COPY --from=build-env /build/cmd/ctrl/ctrl /app/ COPY --from=build-env /build/cmd/ctrl/ctrl /app/
ENV RING_BUFFER_PERSIST_STORE "1"
ENV RING_BUFFER_SIZE "1000"
ENV CONFIG_FOLDER "./etc" ENV CONFIG_FOLDER "./etc"
ENV SOCKET_FOLDER "./tmp" ENV SOCKET_FOLDER "./tmp"
ENV TCP_LISTENER "" ENV TCP_LISTENER ""
@ -41,6 +39,7 @@ ENV SUBSCRIBERS_DATA_FOLDER "./var"
ENV CENTRAL_NODE_NAME "central" ENV CENTRAL_NODE_NAME "central"
ENV ROOT_CA_PATH "" ENV ROOT_CA_PATH ""
ENV NKEY_SEED_FILE "" ENV NKEY_SEED_FILE ""
ENV NKEY_SEED ""
ENV EXPOSE_DATA_FOLDER "127.0.0.1:8090" ENV EXPOSE_DATA_FOLDER "127.0.0.1:8090"
ENV ERROR_MESSAGE_RETRIES 3 ENV ERROR_MESSAGE_RETRIES 3
ENV ERROR_MESSAGE_TIMEOUT 10 ENV ERROR_MESSAGE_TIMEOUT 10
@ -58,25 +57,21 @@ ENV START_PUB_REQ_HELLO 60
ENV ENABLE_KEY_UPDATES "1" ENV ENABLE_KEY_UPDATES "1"
ENV ENABLE_ACL_UPDATES "1" ENV ENABLE_ACL_UPDATES "1"
ENV IS_CENTRAL_ERROR_LOGGER "" ENV IS_CENTRAL_ERROR_LOGGER "0"
ENV START_SUB_REQ_HELLO "" ENV START_SUB_REQ_HELLO "1"
ENV START_SUB_REQ_TO_FILE_APPEND "" ENV START_SUB_REQ_TO_FILE_APPEND "1"
ENV START_SUB_REQ_TO_FILE "" ENV START_SUB_REQ_TO_FILE "1"
ENV START_SUB_REQ_TO_FILE_NACK "" ENV START_SUB_REQ_TO_FILE_NACK "1"
ENV START_SUB_REQ_COPY_SRC "" ENV START_SUB_REQ_COPY_SRC "1"
ENV START_SUB_REQ_COPY_DST "" ENV START_SUB_REQ_COPY_DST "1"
ENV START_SUB_REQ_PING "" ENV START_SUB_REQ_CLI_COMMAND "1"
ENV START_SUB_REQ_PONG "" ENV START_SUB_REQ_TO_CONSOLE "1"
ENV START_SUB_REQ_CLI_COMMAND "" ENV START_SUB_REQ_HTTP_GET "1"
ENV START_SUB_REQ_TO_CONSOLE "" ENV START_SUB_REQ_HTTP_GET_SCHEDULED "1"
ENV START_SUB_REQ_HTTP_GET "" ENV START_SUB_REQ_TAIL_FILE "1"
ENV START_SUB_REQ_HTTP_GET_SCHEDULED "" ENV START_SUB_REQ_CLI_COMMAND_CONT "1"
ENV START_SUB_REQ_TAIL_FILE ""
ENV START_SUB_REQ_CLI_COMMAND_CONT ""
CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\ CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\
-ringBufferPersistStore=${RING_BUFFER_PERSIST_STORE}\
-ringBufferSize=${RING_BUFFER_SIZE}\
-socketFolder=${SOCKET_FOLDER}\ -socketFolder=${SOCKET_FOLDER}\
-tcpListener=${TCP_LISTENER}\ -tcpListener=${TCP_LISTENER}\
-httpListener=${HTTP_LISTENER}\ -httpListener=${HTTP_LISTENER}\
@ -98,6 +93,7 @@ CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\
-centralNodeName=${CENTRAL_NODE_NAME}\ -centralNodeName=${CENTRAL_NODE_NAME}\
-rootCAPath=${ROOT_CA_PATH}\ -rootCAPath=${ROOT_CA_PATH}\
-nkeySeedFile=${NKEY_SEED_FILE}\ -nkeySeedFile=${NKEY_SEED_FILE}\
-nkeySeed=${NKEY_SEED}\
-exposeDataFolder=${EXPOSE_DATA_FOLDER}\ -exposeDataFolder=${EXPOSE_DATA_FOLDER}\
-errorMessageRetries=${ERROR_MESSAGE_RETRIES}\ -errorMessageRetries=${ERROR_MESSAGE_RETRIES}\
-errorMessageTimeout=${ERROR_MESSAGE_TIMEOUT}\ -errorMessageTimeout=${ERROR_MESSAGE_TIMEOUT}\
@ -120,7 +116,6 @@ CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\
-startSubREQCopySrc=${START_SUB_REQ_COPY_SRC}\ -startSubREQCopySrc=${START_SUB_REQ_COPY_SRC}\
-startSubREQCopyDst=${START_SUB_REQ_COPY_DST}\ -startSubREQCopyDst=${START_SUB_REQ_COPY_DST}\
-startSubREQToFileNACK=${START_SUB_REQ_TO_FILE_NACK}\ -startSubREQToFileNACK=${START_SUB_REQ_TO_FILE_NACK}\
-startSubREQPong=${START_SUB_REQ_PONG}\
-startSubREQCliCommand=${START_SUB_REQ_CLI_COMMAND}\ -startSubREQCliCommand=${START_SUB_REQ_CLI_COMMAND}\
-startSubREQToConsole=${START_SUB_REQ_TO_CONSOLE}\ -startSubREQToConsole=${START_SUB_REQ_TO_CONSOLE}\
-startSubREQHttpGet=${START_SUB_REQ_HTTP_GET}\ -startSubREQHttpGet=${START_SUB_REQ_HTTP_GET}\

View file

@ -308,7 +308,7 @@ func (c *centralAuth) generateACLsForAllNodes() error {
// defer a.schemaMain.mu.Unlock() // defer a.schemaMain.mu.Unlock()
enc := json.NewEncoder(fh) enc := json.NewEncoder(fh)
enc.SetEscapeHTML(false) enc.SetEscapeHTML(false)
enc.Encode(c.accessLists.schemaMain.ACLMap) err = enc.Encode(c.accessLists.schemaMain.ACLMap)
if err != nil { if err != nil {
er := fmt.Errorf("error: generateACLsForAllNodes: encoding json to file failed: %v, err: %v", c.accessLists.schemaMain.ACLMapFilePath, err) er := fmt.Errorf("error: generateACLsForAllNodes: encoding json to file failed: %v, err: %v", c.accessLists.schemaMain.ACLMapFilePath, err)
c.errorKernel.logError(er, c.configuration) c.errorKernel.logError(er, c.configuration)

View file

@ -305,7 +305,7 @@ func (c *centralAuth) updateHash(proc process, message Message) {
c.pki.nodesAcked.keysAndHash.Hash = hash c.pki.nodesAcked.keysAndHash.Hash = hash
// Store the key to the db for persistence. // Store the key to the db for persistence.
c.pki.dbUpdateHash(hash[:]) err = c.pki.dbUpdateHash(hash[:])
if err != nil { if err != nil {
er := fmt.Errorf("error: methodREQKeysAllow, failed to store the hash into the db: %v", err) er := fmt.Errorf("error: methodREQKeysAllow, failed to store the hash into the db: %v", err)
c.pki.errorKernel.errSend(proc, message, er, logError) c.pki.errorKernel.errSend(proc, message, er, logError)

View file

@ -69,6 +69,8 @@ type Configuration struct {
NkeyPublicKey string `toml:"-"` NkeyPublicKey string `toml:"-"`
// //
NkeyFromED25519SSHKeyFile string `comment:"Full path to the ED25519 SSH private key. Will generate the NKEY Seed from an SSH ED25519 private key file. NB: This option will take precedence over NkeySeedFile if specified"` NkeyFromED25519SSHKeyFile string `comment:"Full path to the ED25519 SSH private key. Will generate the NKEY Seed from an SSH ED25519 private key file. NB: This option will take precedence over NkeySeedFile if specified"`
// NkeySeed
NkeySeed string `toml:"-"`
// The host and port to expose the data folder, <host>:<port> // The host and port to expose the data folder, <host>:<port>
ExposeDataFolder string `comment:"The host and port to expose the data folder, <host>:<port>"` ExposeDataFolder string `comment:"The host and port to expose the data folder, <host>:<port>"`
// Timeout in seconds for error messages // Timeout in seconds for error messages
@ -169,6 +171,7 @@ type ConfigurationFromFile struct {
RootCAPath *string RootCAPath *string
NkeySeedFile *string NkeySeedFile *string
NkeyFromED25519SSHKeyFile *string NkeyFromED25519SSHKeyFile *string
NkeySeed *string
ExposeDataFolder *string ExposeDataFolder *string
ErrorMessageTimeout *int ErrorMessageTimeout *int
ErrorMessageRetries *int ErrorMessageRetries *int
@ -236,6 +239,7 @@ func newConfigurationDefaults() Configuration {
RootCAPath: "", RootCAPath: "",
NkeySeedFile: "", NkeySeedFile: "",
NkeyFromED25519SSHKeyFile: "", NkeyFromED25519SSHKeyFile: "",
NkeySeed: "",
ExposeDataFolder: "", ExposeDataFolder: "",
ErrorMessageTimeout: 60, ErrorMessageTimeout: 60,
ErrorMessageRetries: 10, ErrorMessageRetries: 10,
@ -402,6 +406,11 @@ func checkConfigValues(cf ConfigurationFromFile) Configuration {
} else { } else {
conf.NkeyFromED25519SSHKeyFile = *cf.NkeyFromED25519SSHKeyFile conf.NkeyFromED25519SSHKeyFile = *cf.NkeyFromED25519SSHKeyFile
} }
if cf.NkeySeed == nil {
conf.NkeySeed = cd.NkeySeed
} else {
conf.NkeySeed = *cf.NkeySeed
}
if cf.ExposeDataFolder == nil { if cf.ExposeDataFolder == nil {
conf.ExposeDataFolder = cd.ExposeDataFolder conf.ExposeDataFolder = cd.ExposeDataFolder
} else { } else {
@ -613,6 +622,7 @@ func (c *Configuration) CheckFlags(version string) error {
flag.StringVar(&c.RootCAPath, "rootCAPath", fc.RootCAPath, "If TLS, enter the path for where to find the root CA certificate") flag.StringVar(&c.RootCAPath, "rootCAPath", fc.RootCAPath, "If TLS, enter the path for where to find the root CA certificate")
flag.StringVar(&c.NkeyFromED25519SSHKeyFile, "nkeyFromED25519SSHKeyFile", fc.NkeyFromED25519SSHKeyFile, "The full path of the nkeys seed file") flag.StringVar(&c.NkeyFromED25519SSHKeyFile, "nkeyFromED25519SSHKeyFile", fc.NkeyFromED25519SSHKeyFile, "The full path of the nkeys seed file")
flag.StringVar(&c.NkeySeedFile, "nkeySeedFile", fc.NkeySeedFile, "Full path to the ED25519 SSH private key. Will generate the NKEY Seed from an SSH ED25519 private key file. NB: This option will take precedence over NkeySeedFile if specified") flag.StringVar(&c.NkeySeedFile, "nkeySeedFile", fc.NkeySeedFile, "Full path to the ED25519 SSH private key. Will generate the NKEY Seed from an SSH ED25519 private key file. NB: This option will take precedence over NkeySeedFile if specified")
flag.StringVar(&c.NkeySeed, "nkeySeed", fc.NkeySeed, "The actual nkey seed. To use if not stored in file")
flag.StringVar(&c.ExposeDataFolder, "exposeDataFolder", fc.ExposeDataFolder, "If set the data folder will be exposed on the given host:port. Default value is not exposed at all") flag.StringVar(&c.ExposeDataFolder, "exposeDataFolder", fc.ExposeDataFolder, "If set the data folder will be exposed on the given host:port. Default value is not exposed at all")
flag.IntVar(&c.ErrorMessageTimeout, "errorMessageTimeout", fc.ErrorMessageTimeout, "The number of seconds to wait for an error message to time out") flag.IntVar(&c.ErrorMessageTimeout, "errorMessageTimeout", fc.ErrorMessageTimeout, "The number of seconds to wait for an error message to time out")
flag.IntVar(&c.ErrorMessageRetries, "errorMessageRetries", fc.ErrorMessageRetries, "The number of if times to retry an error message before we drop it") flag.IntVar(&c.ErrorMessageRetries, "errorMessageRetries", fc.ErrorMessageRetries, "The number of if times to retry an error message before we drop it")

2
go.mod
View file

@ -1,6 +1,6 @@
module github.com/postmannen/ctrl module github.com/postmannen/ctrl
go 1.21 go 1.22
require ( require (
github.com/fsnotify/fsnotify v1.6.0 github.com/fsnotify/fsnotify v1.6.0

View file

@ -154,7 +154,7 @@ func (n *nodeAcl) saveToFile() error {
enc := json.NewEncoder(fh) enc := json.NewEncoder(fh)
enc.SetEscapeHTML(false) enc.SetEscapeHTML(false)
enc.Encode(n.aclAndHash) err = enc.Encode(n.aclAndHash)
// HERE // HERE
// b, err := json.Marshal(n.aclAndHash) // b, err := json.Marshal(n.aclAndHash)

View file

@ -97,7 +97,37 @@ func NewServer(configuration *Configuration, version string) (*server, error) {
opt = nats.RootCAs(configuration.RootCAPath) opt = nats.RootCAs(configuration.RootCAPath)
} }
if configuration.NkeySeedFile != "" && configuration.NkeyFromED25519SSHKeyFile == "" { switch {
case configuration.NkeySeed != "":
cwd, err := os.Getwd()
if err != nil {
return nil, fmt.Errorf("error: failed to get current working directory when creating tmp seed file: %v", err)
}
pth := filepath.Join(cwd, "seed.txt")
// f, err := os.CreateTemp(pth, "")
// if err != nil {
// return nil, fmt.Errorf("error: failed to create tmp seed file: %v", err)
// }
err = os.WriteFile(pth, []byte(configuration.NkeySeed), 0700)
if err != nil {
return nil, fmt.Errorf("error: failed to write temp seed file: %v", err)
}
opt, err = nats.NkeyOptionFromSeed(pth)
if err != nil {
cancel()
return nil, fmt.Errorf("error: failed to read temp nkey seed file: %v", err)
}
err = os.Remove(pth)
if err != nil {
cancel()
return nil, fmt.Errorf("error: failed to remove temp seed file: %v", err)
}
case configuration.NkeySeedFile != "" && configuration.NkeyFromED25519SSHKeyFile == "":
var err error var err error
opt, err = nats.NkeyOptionFromSeed(configuration.NkeySeedFile) opt, err = nats.NkeyOptionFromSeed(configuration.NkeySeedFile)
@ -105,9 +135,8 @@ func NewServer(configuration *Configuration, version string) (*server, error) {
cancel() cancel()
return nil, fmt.Errorf("error: failed to read nkey seed file: %v", err) return nil, fmt.Errorf("error: failed to read nkey seed file: %v", err)
} }
}
if configuration.NkeyFromED25519SSHKeyFile != "" { case configuration.NkeyFromED25519SSHKeyFile != "":
var err error var err error
opt, err = configuration.nkeyOptFromSSHKey() opt, err = configuration.nkeyOptFromSSHKey()
@ -115,6 +144,7 @@ func NewServer(configuration *Configuration, version string) (*server, error) {
cancel() cancel()
return nil, fmt.Errorf("error: failed to read nkey seed file: %v", err) return nil, fmt.Errorf("error: failed to read nkey seed file: %v", err)
} }
} }
var conn *nats.Conn var conn *nats.Conn