bbf81f2479
* Consolidate identity management: Move identity cretaion/signing out of storagenode setup command. * fixes * linters * Consolidate identity management: Move identity cretaion/signing out of storagenode setup command. * fixes * sava backups before saving signed certs * add "-prebuilt-test-cmds" test flag * linters * prepare cli tests for travis * linter fixes * more fixes * linter gods * sp/sdk/sim * remove ca.difficulty * remove unused difficulty * return setup to its rightful place * wip travis * Revert "wip travis" This reverts commit 56834849dcf066d3cc0a4f139033fc3f6d7188ca. * typo in travis.yaml * remove tests * remove more * make it only create one identity at a time for consistency * add config-dir for consitency * add identity creation to storj-sim * add flags * simplify * fix nolint and compile * prevent overwrite and pass difficulty, concurrency, and parent creds * goimports
93 lines
2.3 KiB
Go
93 lines
2.3 KiB
Go
// Copyright (C) 2019 Storj Labs, Inc.
|
|
// See LICENSE for copying information.
|
|
|
|
package main
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
"storj.io/storj/internal/fpath"
|
|
"storj.io/storj/pkg/certificates"
|
|
"storj.io/storj/pkg/cfgstruct"
|
|
"storj.io/storj/pkg/identity"
|
|
"storj.io/storj/pkg/process"
|
|
)
|
|
|
|
var (
|
|
setupCmd = &cobra.Command{
|
|
Use: "setup",
|
|
Short: "Setup a certificate signing server",
|
|
RunE: cmdSetup,
|
|
Annotations: map[string]string{"type": "setup"},
|
|
}
|
|
|
|
setupCfg struct {
|
|
// NB: cert and key paths overridden in setup
|
|
CA identity.CASetupConfig
|
|
// NB: cert and key paths overridden in setup
|
|
Identity identity.SetupConfig
|
|
Signer certificates.CertServerConfig
|
|
Overwrite bool `default:"false" help:"if true ca, identity, and authorization db will be overwritten/truncated"`
|
|
}
|
|
)
|
|
|
|
func init() {
|
|
rootCmd.AddCommand(setupCmd)
|
|
cfgstruct.BindSetup(setupCmd.Flags(), &setupCfg, cfgstruct.ConfDir(defaultConfDir))
|
|
}
|
|
|
|
func cmdSetup(cmd *cobra.Command, args []string) error {
|
|
setupDir, err := filepath.Abs(*confDir)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
err = os.MkdirAll(setupDir, 0700)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
valid, err := fpath.IsValidSetupDir(setupDir)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !setupCfg.Overwrite && !valid {
|
|
fmt.Printf("certificate signer configuration already exists (%v). rerun with --overwrite\n", setupDir)
|
|
return nil
|
|
}
|
|
|
|
if setupCfg.Overwrite {
|
|
setupCfg.CA.Overwrite = true
|
|
setupCfg.Identity.Overwrite = true
|
|
setupCfg.Signer.Overwrite = true
|
|
}
|
|
|
|
if _, err := setupCfg.Signer.NewAuthDB(); err != nil {
|
|
return err
|
|
}
|
|
|
|
if setupDir != defaultConfDir {
|
|
setupCfg.CA.CertPath = filepath.Join(setupDir, "ca.cert")
|
|
setupCfg.CA.KeyPath = filepath.Join(setupDir, "ca.key")
|
|
setupCfg.Identity.CertPath = filepath.Join(setupDir, "identity.cert")
|
|
setupCfg.Identity.KeyPath = filepath.Join(setupDir, "identity.key")
|
|
}
|
|
if setupCfg.Identity.Status() != identity.CertKey {
|
|
return errors.New("identity is missing")
|
|
}
|
|
|
|
o := map[string]interface{}{
|
|
"ca.cert-path": setupCfg.CA.CertPath,
|
|
"ca.key-path": setupCfg.CA.KeyPath,
|
|
"identity.cert-path": setupCfg.Identity.CertPath,
|
|
"identity.key-path": setupCfg.Identity.KeyPath,
|
|
"log.level": "info",
|
|
}
|
|
return process.SaveConfigWithAllDefaults(cmd.Flags(), filepath.Join(setupDir, "config.yaml"), o)
|
|
}
|