2019-01-11 14:59:35 +00:00
|
|
|
// Copyright (C) 2019 Storj Labs, Inc.
|
2018-12-20 18:29:05 +00:00
|
|
|
// See LICENSE for copying information.
|
|
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"github.com/spf13/cobra"
|
2019-08-19 23:10:38 +01:00
|
|
|
"github.com/zeebo/errs"
|
2019-01-22 12:35:48 +00:00
|
|
|
"go.uber.org/zap"
|
2018-12-20 18:29:05 +00:00
|
|
|
|
2019-09-26 17:11:05 +01:00
|
|
|
"storj.io/storj/certificate"
|
|
|
|
|
"storj.io/storj/certificate/authorization"
|
2018-12-20 18:29:05 +00:00
|
|
|
"storj.io/storj/pkg/cfgstruct"
|
|
|
|
|
"storj.io/storj/pkg/process"
|
2019-08-19 23:10:38 +01:00
|
|
|
"storj.io/storj/pkg/revocation"
|
2019-11-14 19:46:15 +00:00
|
|
|
"storj.io/storj/private/fpath"
|
2018-12-20 18:29:05 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
rootCmd = &cobra.Command{
|
|
|
|
|
Use: "certificates",
|
|
|
|
|
Short: "Certificate request signing",
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
runCmd = &cobra.Command{
|
|
|
|
|
Use: "run",
|
|
|
|
|
Short: "Run a certificate signing server",
|
|
|
|
|
RunE: cmdRun,
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-05 16:11:21 +01:00
|
|
|
runCfg certificate.Config
|
2019-09-05 15:56:57 +01:00
|
|
|
|
|
|
|
|
setupCfg struct {
|
|
|
|
|
Overwrite bool `help:"if true ca, identity, and authorization db will be overwritten/truncated" default:"false"`
|
2019-09-05 16:11:21 +01:00
|
|
|
certificate.Config
|
2019-09-05 15:56:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
authCfg struct {
|
2019-01-22 12:35:48 +00:00
|
|
|
All bool `help:"print the all authorizations for auth info/export subcommands" default:"false"`
|
|
|
|
|
Out string `help:"output file path for auth export subcommand; if \"-\", will use STDOUT" default:"-"`
|
|
|
|
|
ShowTokens bool `help:"if true, token strings will be printed for auth info command" default:"false"`
|
2019-09-05 15:56:57 +01:00
|
|
|
EmailsPath string `help:"optional path to a list of emails, delimited by <delimiter>, for batch processing"`
|
|
|
|
|
Delimiter string `help:"delimiter to split emails loaded from <emails-path> on (e.g. comma, new-line)" default:"\n"`
|
|
|
|
|
|
2019-09-05 16:11:21 +01:00
|
|
|
certificate.Config
|
2018-12-20 18:29:05 +00:00
|
|
|
}
|
|
|
|
|
|
2019-09-05 16:11:21 +01:00
|
|
|
claimsExportCfg struct {
|
|
|
|
|
Raw bool `default:"false" help:"if true, the raw data structures will be printed"`
|
|
|
|
|
certificate.Config
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
claimsDeleteCfg certificate.Config
|
|
|
|
|
|
2019-03-12 12:51:06 +00:00
|
|
|
confDir string
|
|
|
|
|
identityDir string
|
2018-12-20 18:29:05 +00:00
|
|
|
)
|
|
|
|
|
|
2019-02-06 16:40:55 +00:00
|
|
|
func cmdRun(cmd *cobra.Command, args []string) error {
|
2019-09-19 17:37:40 +01:00
|
|
|
ctx, _ := process.Ctx(cmd)
|
2019-02-06 16:40:55 +00:00
|
|
|
|
2019-09-05 15:56:57 +01:00
|
|
|
identity, err := runCfg.Identity.Load()
|
2019-02-06 16:40:55 +00:00
|
|
|
if err != nil {
|
2019-09-05 16:11:21 +01:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
signer, err := runCfg.Signer.Load()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-11 09:36:44 +01:00
|
|
|
authorizationDB, err := authorization.NewDBFromCfg(runCfg.AuthorizationDB)
|
2019-09-05 16:11:21 +01:00
|
|
|
if err != nil {
|
|
|
|
|
return errs.New("error opening authorizations database: %+v", err)
|
2019-02-06 16:40:55 +00:00
|
|
|
}
|
|
|
|
|
|
2019-09-05 15:56:57 +01:00
|
|
|
revocationDB, err := revocation.NewDBFromCfg(runCfg.Server.Config)
|
2019-08-19 23:10:38 +01:00
|
|
|
if err != nil {
|
2019-09-05 16:11:21 +01:00
|
|
|
return errs.New("error creating revocation database: %+v", err)
|
2019-08-19 23:10:38 +01:00
|
|
|
}
|
2019-08-20 16:04:17 +01:00
|
|
|
defer func() {
|
|
|
|
|
err = errs.Combine(err, revocationDB.Close())
|
|
|
|
|
}()
|
2019-08-19 23:10:38 +01:00
|
|
|
|
2019-09-05 16:11:21 +01:00
|
|
|
peer, err := certificate.New(zap.L(), identity, signer, authorizationDB, revocationDB, &runCfg)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return peer.Run(ctx)
|
2019-02-06 16:40:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func main() {
|
2019-03-12 12:51:06 +00:00
|
|
|
defaultConfDir := fpath.ApplicationDir("storj", "cert-signing")
|
|
|
|
|
defaultIdentityDir := fpath.ApplicationDir("storj", "identity", "certificates")
|
|
|
|
|
cfgstruct.SetupFlag(zap.L(), rootCmd, &confDir, "config-dir", defaultConfDir, "main directory for certificates configuration")
|
2019-10-04 21:48:41 +01:00
|
|
|
cfgstruct.SetupFlag(zap.L(), rootCmd, &identityDir, "identity-dir", defaultIdentityDir, "main directory for identity credentials")
|
2019-04-19 19:17:30 +01:00
|
|
|
defaults := cfgstruct.DefaultsFlag(rootCmd)
|
2019-01-04 17:23:23 +00:00
|
|
|
|
2019-02-06 16:40:55 +00:00
|
|
|
rootCmd.AddCommand(authCmd)
|
2019-01-04 17:23:23 +00:00
|
|
|
rootCmd.AddCommand(runCmd)
|
2019-02-06 16:40:55 +00:00
|
|
|
rootCmd.AddCommand(setupCmd)
|
|
|
|
|
rootCmd.AddCommand(signCmd)
|
|
|
|
|
rootCmd.AddCommand(verifyCmd)
|
2019-02-26 08:55:52 +00:00
|
|
|
rootCmd.AddCommand(claimsCmd)
|
|
|
|
|
claimsCmd.AddCommand(claimsExportCmd)
|
|
|
|
|
claimsCmd.AddCommand(claimDeleteCmd)
|
2019-02-06 16:40:55 +00:00
|
|
|
authCmd.AddCommand(authCreateCmd)
|
|
|
|
|
authCmd.AddCommand(authInfoCmd)
|
|
|
|
|
authCmd.AddCommand(authExportCmd)
|
2019-01-25 14:54:54 +00:00
|
|
|
|
2019-09-05 15:56:57 +01:00
|
|
|
process.Bind(authCreateCmd, &authCfg, defaults, cfgstruct.ConfDir(confDir))
|
|
|
|
|
process.Bind(authInfoCmd, &authCfg, defaults, cfgstruct.ConfDir(confDir))
|
|
|
|
|
process.Bind(authExportCmd, &authCfg, defaults, cfgstruct.ConfDir(confDir))
|
|
|
|
|
process.Bind(runCmd, &runCfg, defaults, cfgstruct.ConfDir(confDir), cfgstruct.IdentityDir(identityDir))
|
|
|
|
|
process.Bind(setupCmd, &setupCfg, defaults, cfgstruct.ConfDir(confDir), cfgstruct.IdentityDir(identityDir), cfgstruct.SetupMode())
|
Command line flags features and cleanup (#2068)
* change BindSetup to be an option to Bind
* add process.Bind to allow composite structures
* hack fix for noprefix flags
* used tagged version of structs
Before this PR, some flags were created by calling `cfgstruct.Bind` and having their fields create a flag. Once the flags were parsed, `viper` was used to acquire all the values from them and config files, and the fields in the struct were set through the flag interface.
This doesn't work for slices of things on config structs very well, since it can only set strings, and for a string slice, it turns out that the implementation in `pflag` appends an entry rather than setting it.
This changes three things:
1. Only have a `Bind` call instead of `Bind` and `BindSetup`, and make `BindSetup` an option instead.
2. Add a `process.Bind` call that takes in a `*cobra.Cmd`, binds the struct to the command's flags, and keeps track of that struct in a global map keyed by the command.
3. Use `viper` to get the values and load them into the bound configuration structs instead of using the flags to propagate the changes.
In this way, we can support whatever rich configuration we want in the config yaml files, while still getting command like flags when important.
2019-05-29 18:56:22 +01:00
|
|
|
process.Bind(signCmd, &signCfg, defaults, cfgstruct.ConfDir(confDir), cfgstruct.IdentityDir(identityDir))
|
|
|
|
|
process.Bind(verifyCmd, &verifyCfg, defaults, cfgstruct.ConfDir(confDir), cfgstruct.IdentityDir(identityDir))
|
|
|
|
|
process.Bind(claimsExportCmd, &claimsExportCfg, defaults, cfgstruct.ConfDir(confDir))
|
|
|
|
|
process.Bind(claimDeleteCmd, &claimsDeleteCfg, defaults, cfgstruct.ConfDir(confDir))
|
2018-12-20 18:29:05 +00:00
|
|
|
|
|
|
|
|
process.Exec(rootCmd)
|
|
|
|
|
}
|
