mirror of
https://github.com/postmannen/ctrl.git
synced 2025-01-18 21:59:30 +00:00
fixed linter errors, and added the direct use of nkey as flag
This commit is contained in:
parent
69995f76ca
commit
fc6e80b1bf
7 changed files with 63 additions and 28 deletions
37
Dockerfile
37
Dockerfile
|
@ -1,5 +1,5 @@
|
|||
# build stage
|
||||
FROM golang:1.17.7-alpine AS build-env
|
||||
FROM golang:1.22-alpine AS build-env
|
||||
RUN apk --no-cache add build-base git gcc
|
||||
|
||||
RUN mkdir -p /build
|
||||
|
@ -17,8 +17,6 @@ RUN apk update && apk add curl && apk add nmap
|
|||
WORKDIR /app
|
||||
COPY --from=build-env /build/cmd/ctrl/ctrl /app/
|
||||
|
||||
ENV RING_BUFFER_PERSIST_STORE "1"
|
||||
ENV RING_BUFFER_SIZE "1000"
|
||||
ENV CONFIG_FOLDER "./etc"
|
||||
ENV SOCKET_FOLDER "./tmp"
|
||||
ENV TCP_LISTENER ""
|
||||
|
@ -41,6 +39,7 @@ ENV SUBSCRIBERS_DATA_FOLDER "./var"
|
|||
ENV CENTRAL_NODE_NAME "central"
|
||||
ENV ROOT_CA_PATH ""
|
||||
ENV NKEY_SEED_FILE ""
|
||||
ENV NKEY_SEED ""
|
||||
ENV EXPOSE_DATA_FOLDER "127.0.0.1:8090"
|
||||
ENV ERROR_MESSAGE_RETRIES 3
|
||||
ENV ERROR_MESSAGE_TIMEOUT 10
|
||||
|
@ -58,25 +57,21 @@ ENV START_PUB_REQ_HELLO 60
|
|||
|
||||
ENV ENABLE_KEY_UPDATES "1"
|
||||
ENV ENABLE_ACL_UPDATES "1"
|
||||
ENV IS_CENTRAL_ERROR_LOGGER ""
|
||||
ENV START_SUB_REQ_HELLO ""
|
||||
ENV START_SUB_REQ_TO_FILE_APPEND ""
|
||||
ENV START_SUB_REQ_TO_FILE ""
|
||||
ENV START_SUB_REQ_TO_FILE_NACK ""
|
||||
ENV START_SUB_REQ_COPY_SRC ""
|
||||
ENV START_SUB_REQ_COPY_DST ""
|
||||
ENV START_SUB_REQ_PING ""
|
||||
ENV START_SUB_REQ_PONG ""
|
||||
ENV START_SUB_REQ_CLI_COMMAND ""
|
||||
ENV START_SUB_REQ_TO_CONSOLE ""
|
||||
ENV START_SUB_REQ_HTTP_GET ""
|
||||
ENV START_SUB_REQ_HTTP_GET_SCHEDULED ""
|
||||
ENV START_SUB_REQ_TAIL_FILE ""
|
||||
ENV START_SUB_REQ_CLI_COMMAND_CONT ""
|
||||
ENV IS_CENTRAL_ERROR_LOGGER "0"
|
||||
ENV START_SUB_REQ_HELLO "1"
|
||||
ENV START_SUB_REQ_TO_FILE_APPEND "1"
|
||||
ENV START_SUB_REQ_TO_FILE "1"
|
||||
ENV START_SUB_REQ_TO_FILE_NACK "1"
|
||||
ENV START_SUB_REQ_COPY_SRC "1"
|
||||
ENV START_SUB_REQ_COPY_DST "1"
|
||||
ENV START_SUB_REQ_CLI_COMMAND "1"
|
||||
ENV START_SUB_REQ_TO_CONSOLE "1"
|
||||
ENV START_SUB_REQ_HTTP_GET "1"
|
||||
ENV START_SUB_REQ_HTTP_GET_SCHEDULED "1"
|
||||
ENV START_SUB_REQ_TAIL_FILE "1"
|
||||
ENV START_SUB_REQ_CLI_COMMAND_CONT "1"
|
||||
|
||||
CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\
|
||||
-ringBufferPersistStore=${RING_BUFFER_PERSIST_STORE}\
|
||||
-ringBufferSize=${RING_BUFFER_SIZE}\
|
||||
-socketFolder=${SOCKET_FOLDER}\
|
||||
-tcpListener=${TCP_LISTENER}\
|
||||
-httpListener=${HTTP_LISTENER}\
|
||||
|
@ -98,6 +93,7 @@ CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\
|
|||
-centralNodeName=${CENTRAL_NODE_NAME}\
|
||||
-rootCAPath=${ROOT_CA_PATH}\
|
||||
-nkeySeedFile=${NKEY_SEED_FILE}\
|
||||
-nkeySeed=${NKEY_SEED}\
|
||||
-exposeDataFolder=${EXPOSE_DATA_FOLDER}\
|
||||
-errorMessageRetries=${ERROR_MESSAGE_RETRIES}\
|
||||
-errorMessageTimeout=${ERROR_MESSAGE_TIMEOUT}\
|
||||
|
@ -120,7 +116,6 @@ CMD ["ash","-c","env CONFIGFOLDER=./etc/ /app/ctrl\
|
|||
-startSubREQCopySrc=${START_SUB_REQ_COPY_SRC}\
|
||||
-startSubREQCopyDst=${START_SUB_REQ_COPY_DST}\
|
||||
-startSubREQToFileNACK=${START_SUB_REQ_TO_FILE_NACK}\
|
||||
-startSubREQPong=${START_SUB_REQ_PONG}\
|
||||
-startSubREQCliCommand=${START_SUB_REQ_CLI_COMMAND}\
|
||||
-startSubREQToConsole=${START_SUB_REQ_TO_CONSOLE}\
|
||||
-startSubREQHttpGet=${START_SUB_REQ_HTTP_GET}\
|
||||
|
|
|
@ -308,7 +308,7 @@ func (c *centralAuth) generateACLsForAllNodes() error {
|
|||
// defer a.schemaMain.mu.Unlock()
|
||||
enc := json.NewEncoder(fh)
|
||||
enc.SetEscapeHTML(false)
|
||||
enc.Encode(c.accessLists.schemaMain.ACLMap)
|
||||
err = enc.Encode(c.accessLists.schemaMain.ACLMap)
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: generateACLsForAllNodes: encoding json to file failed: %v, err: %v", c.accessLists.schemaMain.ACLMapFilePath, err)
|
||||
c.errorKernel.logError(er, c.configuration)
|
||||
|
|
|
@ -305,7 +305,7 @@ func (c *centralAuth) updateHash(proc process, message Message) {
|
|||
c.pki.nodesAcked.keysAndHash.Hash = hash
|
||||
|
||||
// Store the key to the db for persistence.
|
||||
c.pki.dbUpdateHash(hash[:])
|
||||
err = c.pki.dbUpdateHash(hash[:])
|
||||
if err != nil {
|
||||
er := fmt.Errorf("error: methodREQKeysAllow, failed to store the hash into the db: %v", err)
|
||||
c.pki.errorKernel.errSend(proc, message, er, logError)
|
||||
|
|
|
@ -69,6 +69,8 @@ type Configuration struct {
|
|||
NkeyPublicKey string `toml:"-"`
|
||||
//
|
||||
NkeyFromED25519SSHKeyFile string `comment:"Full path to the ED25519 SSH private key. Will generate the NKEY Seed from an SSH ED25519 private key file. NB: This option will take precedence over NkeySeedFile if specified"`
|
||||
// NkeySeed
|
||||
NkeySeed string `toml:"-"`
|
||||
// The host and port to expose the data folder, <host>:<port>
|
||||
ExposeDataFolder string `comment:"The host and port to expose the data folder, <host>:<port>"`
|
||||
// Timeout in seconds for error messages
|
||||
|
@ -169,6 +171,7 @@ type ConfigurationFromFile struct {
|
|||
RootCAPath *string
|
||||
NkeySeedFile *string
|
||||
NkeyFromED25519SSHKeyFile *string
|
||||
NkeySeed *string
|
||||
ExposeDataFolder *string
|
||||
ErrorMessageTimeout *int
|
||||
ErrorMessageRetries *int
|
||||
|
@ -236,6 +239,7 @@ func newConfigurationDefaults() Configuration {
|
|||
RootCAPath: "",
|
||||
NkeySeedFile: "",
|
||||
NkeyFromED25519SSHKeyFile: "",
|
||||
NkeySeed: "",
|
||||
ExposeDataFolder: "",
|
||||
ErrorMessageTimeout: 60,
|
||||
ErrorMessageRetries: 10,
|
||||
|
@ -402,6 +406,11 @@ func checkConfigValues(cf ConfigurationFromFile) Configuration {
|
|||
} else {
|
||||
conf.NkeyFromED25519SSHKeyFile = *cf.NkeyFromED25519SSHKeyFile
|
||||
}
|
||||
if cf.NkeySeed == nil {
|
||||
conf.NkeySeed = cd.NkeySeed
|
||||
} else {
|
||||
conf.NkeySeed = *cf.NkeySeed
|
||||
}
|
||||
if cf.ExposeDataFolder == nil {
|
||||
conf.ExposeDataFolder = cd.ExposeDataFolder
|
||||
} else {
|
||||
|
@ -613,6 +622,7 @@ func (c *Configuration) CheckFlags(version string) error {
|
|||
flag.StringVar(&c.RootCAPath, "rootCAPath", fc.RootCAPath, "If TLS, enter the path for where to find the root CA certificate")
|
||||
flag.StringVar(&c.NkeyFromED25519SSHKeyFile, "nkeyFromED25519SSHKeyFile", fc.NkeyFromED25519SSHKeyFile, "The full path of the nkeys seed file")
|
||||
flag.StringVar(&c.NkeySeedFile, "nkeySeedFile", fc.NkeySeedFile, "Full path to the ED25519 SSH private key. Will generate the NKEY Seed from an SSH ED25519 private key file. NB: This option will take precedence over NkeySeedFile if specified")
|
||||
flag.StringVar(&c.NkeySeed, "nkeySeed", fc.NkeySeed, "The actual nkey seed. To use if not stored in file")
|
||||
flag.StringVar(&c.ExposeDataFolder, "exposeDataFolder", fc.ExposeDataFolder, "If set the data folder will be exposed on the given host:port. Default value is not exposed at all")
|
||||
flag.IntVar(&c.ErrorMessageTimeout, "errorMessageTimeout", fc.ErrorMessageTimeout, "The number of seconds to wait for an error message to time out")
|
||||
flag.IntVar(&c.ErrorMessageRetries, "errorMessageRetries", fc.ErrorMessageRetries, "The number of if times to retry an error message before we drop it")
|
||||
|
|
2
go.mod
2
go.mod
|
@ -1,6 +1,6 @@
|
|||
module github.com/postmannen/ctrl
|
||||
|
||||
go 1.21
|
||||
go 1.22
|
||||
|
||||
require (
|
||||
github.com/fsnotify/fsnotify v1.6.0
|
||||
|
|
|
@ -154,7 +154,7 @@ func (n *nodeAcl) saveToFile() error {
|
|||
|
||||
enc := json.NewEncoder(fh)
|
||||
enc.SetEscapeHTML(false)
|
||||
enc.Encode(n.aclAndHash)
|
||||
err = enc.Encode(n.aclAndHash)
|
||||
|
||||
// HERE
|
||||
// b, err := json.Marshal(n.aclAndHash)
|
||||
|
|
36
server.go
36
server.go
|
@ -97,7 +97,37 @@ func NewServer(configuration *Configuration, version string) (*server, error) {
|
|||
opt = nats.RootCAs(configuration.RootCAPath)
|
||||
}
|
||||
|
||||
if configuration.NkeySeedFile != "" && configuration.NkeyFromED25519SSHKeyFile == "" {
|
||||
switch {
|
||||
case configuration.NkeySeed != "":
|
||||
cwd, err := os.Getwd()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error: failed to get current working directory when creating tmp seed file: %v", err)
|
||||
}
|
||||
|
||||
pth := filepath.Join(cwd, "seed.txt")
|
||||
|
||||
// f, err := os.CreateTemp(pth, "")
|
||||
// if err != nil {
|
||||
// return nil, fmt.Errorf("error: failed to create tmp seed file: %v", err)
|
||||
// }
|
||||
|
||||
err = os.WriteFile(pth, []byte(configuration.NkeySeed), 0700)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error: failed to write temp seed file: %v", err)
|
||||
}
|
||||
|
||||
opt, err = nats.NkeyOptionFromSeed(pth)
|
||||
if err != nil {
|
||||
cancel()
|
||||
return nil, fmt.Errorf("error: failed to read temp nkey seed file: %v", err)
|
||||
}
|
||||
err = os.Remove(pth)
|
||||
if err != nil {
|
||||
cancel()
|
||||
return nil, fmt.Errorf("error: failed to remove temp seed file: %v", err)
|
||||
}
|
||||
|
||||
case configuration.NkeySeedFile != "" && configuration.NkeyFromED25519SSHKeyFile == "":
|
||||
var err error
|
||||
|
||||
opt, err = nats.NkeyOptionFromSeed(configuration.NkeySeedFile)
|
||||
|
@ -105,9 +135,8 @@ func NewServer(configuration *Configuration, version string) (*server, error) {
|
|||
cancel()
|
||||
return nil, fmt.Errorf("error: failed to read nkey seed file: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
if configuration.NkeyFromED25519SSHKeyFile != "" {
|
||||
case configuration.NkeyFromED25519SSHKeyFile != "":
|
||||
var err error
|
||||
|
||||
opt, err = configuration.nkeyOptFromSSHKey()
|
||||
|
@ -115,6 +144,7 @@ func NewServer(configuration *Configuration, version string) (*server, error) {
|
|||
cancel()
|
||||
return nil, fmt.Errorf("error: failed to read nkey seed file: %v", err)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
var conn *nats.Conn
|
||||
|
|
Loading…
Add table
Reference in a new issue