isle/go/bootstrap/bootstrap.go

// Package bootstrap deals with the parsing and creation of bootstrap.json
// files. It also contains some helpers which rely on bootstrap data.
package bootstrap

import (
	"crypto/sha512"
	"encoding/json"
	"fmt"
	"isle/nebula"
	"net/netip"
	"path/filepath"
	"sort"
)

// StateDirPath returns the path within the user's state directory where the
// bootstrap file is stored.
func StateDirPath(dataDirPath string) string {
	return filepath.Join(dataDirPath, "bootstrap.json")
}

// AppDirPath returns the path within the AppDir where an embedded bootstrap
// file might be found.
func AppDirPath(appDirPath string) string {
	return filepath.Join(appDirPath, "share/bootstrap.json")
}

// CreationParams are general parameters used when creating a new network. These
// are available to all hosts within the network via their bootstrap files.
type CreationParams struct {
	ID     string
	Name   string
	Domain string
}

// Bootstrap contains all information which is needed by a host daemon to join a
// network on boot.
type Bootstrap struct {
	NetworkCreationParams CreationParams
	CAPublicCredentials   nebula.CAPublicCredentials

	PrivateCredentials nebula.HostPrivateCredentials
	HostAssigned       `json:"-"`
	SignedHostAssigned nebula.Signed[HostAssigned] // signed by CA

	Hosts map[nebula.HostName]Host
}

// New initializes and returns a new Bootstrap file for a new host. This
// function assigns Hosts an empty map.
func New(
	caCreds nebula.CACredentials,
	adminCreationParams CreationParams,
	name nebula.HostName,
	ip netip.Addr,
) (
	Bootstrap, error,
) {
	hostPubCreds, hostPrivCreds, err := nebula.NewHostCredentials(
		caCreds, name, ip,
	)
	if err != nil {
		return Bootstrap{}, fmt.Errorf("generating host credentials: %w", err)
	}

	assigned := HostAssigned{
		Name:              name,
		PublicCredentials: hostPubCreds,
	}

	signedAssigned, err := nebula.Sign(assigned, caCreds.SigningPrivateKey)
	if err != nil {
		return Bootstrap{}, fmt.Errorf("signing assigned fields: %w", err)
	}

	return Bootstrap{
		NetworkCreationParams: adminCreationParams,
		CAPublicCredentials:   caCreds.Public,
		PrivateCredentials:    hostPrivCreds,
		HostAssigned:          assigned,
		SignedHostAssigned:    signedAssigned,
		Hosts:                 map[nebula.HostName]Host{},
	}, nil
}

// UnmarshalJSON implements the json.Unmarshaler interface. It will
// automatically populate the HostAssigned field by unwrapping the
// SignedHostAssigned field.
func (b *Bootstrap) UnmarshalJSON(data []byte) error {
	type inner Bootstrap

	err := json.Unmarshal(data, (*inner)(b))
	if err != nil {
		return err
	}

	b.HostAssigned, err = b.SignedHostAssigned.Unwrap(
		b.CAPublicCredentials.SigningKey,
	)
	if err != nil {
		return fmt.Errorf("unwrapping HostAssigned: %w", err)
	}

	return nil
}

// ThisHost is a shortcut for b.Hosts[b.HostName], but will panic if the
// HostName isn't found in the Hosts map.
func (b Bootstrap) ThisHost() Host {
	host, ok := b.Hosts[b.Name]
	if !ok {
		panic(fmt.Sprintf("hostname %q not defined in bootstrap's hosts", b.Name))
	}

	return host
}

// Hash returns a deterministic hash of the given hosts map.
func HostsHash(hostsMap map[nebula.HostName]Host) ([]byte, error) {

	hosts := make([]Host, 0, len(hostsMap))
	for _, host := range hostsMap {
		hosts = append(hosts, host)
	}

	sort.Slice(hosts, func(i, j int) bool {
		return hosts[i].Name < hosts[j].Name
	})

	h := sha512.New()
	if err := json.NewEncoder(h).Encode(hosts); err != nil {
		return nil, err
	}

	return h.Sum(nil), nil
}
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`// Package bootstrap deals with the parsing and creation of bootstrap.json`
			`// files. It also contains some helpers which rely on bootstrap data.`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00			`package bootstrap`

			`import (`
More big refactoring leading up to network creation The `bootstrap/creator` package is gone, almost as quickly as it arrived. The `Bootstrap` type is now able to write its own tgz file, and the two places where bootstrap files are being created pull the data down to do so and create the `Bootstrap` structs directly. The structure of the bootstrap file itself has been changed, now there's just a single `hosts` directory which contains files which are yaml encodings of the `Host` type, rather than having it be split into `nebula` and `garage` directories. This makes creating bootstrap files a lot easier. 2022-10-15 16:41:07 +00:00			`"crypto/sha512"`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`"encoding/json"`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00			`"fmt"`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`"isle/nebula"`
Do proper type-based validation or hostnames and ipnets 2024-07-12 13:30:21 +00:00			`"net/netip"`
More big refactoring leading up to network creation The `bootstrap/creator` package is gone, almost as quickly as it arrived. The `Bootstrap` type is now able to write its own tgz file, and the two places where bootstrap files are being created pull the data down to do so and create the `Bootstrap` structs directly. The structure of the bootstrap file itself has been changed, now there's just a single `hosts` directory which contains files which are yaml encodings of the `Host` type, rather than having it be split into `nebula` and `garage` directories. This makes creating bootstrap files a lot easier. 2022-10-15 16:41:07 +00:00			`"path/filepath"`
			`"sort"`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00			`)`

Use XDG_STATE_HOME rather than XDG_DATA_HOME for storing bootstrap 2024-06-17 12:13:53 +00:00			`// StateDirPath returns the path within the user's state directory where the`
Remove Bootstrap from Env 2022-10-26 22:23:39 +00:00			`// bootstrap file is stored.`
Use XDG_STATE_HOME rather than XDG_DATA_HOME for storing bootstrap 2024-06-17 12:13:53 +00:00			`func StateDirPath(dataDirPath string) string {`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`return filepath.Join(dataDirPath, "bootstrap.json")`
Remove Bootstrap from Env 2022-10-26 22:23:39 +00:00			`}`

			`// AppDirPath returns the path within the AppDir where an embedded bootstrap`
			`// file might be found.`
			`func AppDirPath(appDirPath string) string {`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`return filepath.Join(appDirPath, "share/bootstrap.json")`
Remove Bootstrap from Env 2022-10-26 22:23:39 +00:00			`}`

State CA signing key in secrets store, eliminate admin bundle 2024-07-14 11:11:18 +00:00			`// CreationParams are general parameters used when creating a new network. These`
			`// are available to all hosts within the network via their bootstrap files.`
			`type CreationParams struct {`
			`ID string`
			`Name string`
			`Domain string`
			`}`

Propagate garage RPC secret with created host bootstrap 2024-07-14 09:58:39 +00:00			`// Bootstrap contains all information which is needed by a host daemon to join a`
			`// network on boot.`
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00			`type Bootstrap struct {`
State CA signing key in secrets store, eliminate admin bundle 2024-07-14 11:11:18 +00:00			`NetworkCreationParams CreationParams`
			`CAPublicCredentials nebula.CAPublicCredentials`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00
			`PrivateCredentials nebula.HostPrivateCredentials`
			HostAssigned `json:"-"`
			`SignedHostAssigned nebula.Signed[HostAssigned] // signed by CA`

Do proper type-based validation or hostnames and ipnets 2024-07-12 13:30:21 +00:00			`Hosts map[nebula.HostName]Host`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`}`
Introduce admin.CreationParams 2022-10-16 15:05:05 +00:00
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`// New initializes and returns a new Bootstrap file for a new host. This`
			`// function assigns Hosts an empty map.`
			`func New(`
			`caCreds nebula.CACredentials,`
State CA signing key in secrets store, eliminate admin bundle 2024-07-14 11:11:18 +00:00			`adminCreationParams CreationParams,`
Do proper type-based validation or hostnames and ipnets 2024-07-12 13:30:21 +00:00			`name nebula.HostName,`
			`ip netip.Addr,`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`) (`
			`Bootstrap, error,`
			`) {`
			`hostPubCreds, hostPrivCreds, err := nebula.NewHostCredentials(`
			`caCreds, name, ip,`
			`)`
			`if err != nil {`
			`return Bootstrap{}, fmt.Errorf("generating host credentials: %w", err)`
			`}`
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`assigned := HostAssigned{`
			`Name: name,`
			`PublicCredentials: hostPubCreds,`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`}`
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`signedAssigned, err := nebula.Sign(assigned, caCreds.SigningPrivateKey)`
			`if err != nil {`
			`return Bootstrap{}, fmt.Errorf("signing assigned fields: %w", err)`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`}`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00
			`return Bootstrap{`
State CA signing key in secrets store, eliminate admin bundle 2024-07-14 11:11:18 +00:00			`NetworkCreationParams: adminCreationParams,`
			`CAPublicCredentials: caCreds.Public,`
			`PrivateCredentials: hostPrivCreds,`
			`HostAssigned: assigned,`
			`SignedHostAssigned: signedAssigned,`
			`Hosts: map[nebula.HostName]Host{},`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`}, nil`
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00			`}`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 2021-04-20 21:31:37 +00:00
Propagate garage RPC secret with created host bootstrap 2024-07-14 09:58:39 +00:00			`// UnmarshalJSON implements the json.Unmarshaler interface. It will`
			`// automatically populate the HostAssigned field by unwrapping the`
			`// SignedHostAssigned field.`
Implement JoinNetwork RPC method, and accompanying sub-command 2024-07-07 10:44:49 +00:00			`func (b *Bootstrap) UnmarshalJSON(data []byte) error {`
			`type inner Bootstrap`

			`err := json.Unmarshal(data, (*inner)(b))`
			`if err != nil {`
			`return err`
			`}`

			`b.HostAssigned, err = b.SignedHostAssigned.Unwrap(`
			`b.CAPublicCredentials.SigningKey,`
			`)`
			`if err != nil {`
			`return fmt.Errorf("unwrapping HostAssigned: %w", err)`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`}`

Implement JoinNetwork RPC method, and accompanying sub-command 2024-07-07 10:44:49 +00:00			`return nil`
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00			`}`
Refactor how bootstrap files are created The new code makes it a lot clearer what the sources of each file/directory is, and makes it more difficult to forget to add a file or directory. This will be helpful when it comes to bootstrapping an entire network, which will require yet a third way of generating bootstrap files. 2022-10-11 19:24:53 +00:00
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00			`// ThisHost is a shortcut for b.Hosts[b.HostName], but will panic if the`
			`// HostName isn't found in the Hosts map.`
			`func (b Bootstrap) ThisHost() Host {`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`host, ok := b.Hosts[b.Name]`
Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00			`if !ok {`
Refactor how host data is signed, now it's simpler and probably more secure 2024-06-10 20:31:29 +00:00			`panic(fmt.Sprintf("hostname %q not defined in bootstrap's hosts", b.Name))`
Refactor how bootstrap files are created The new code makes it a lot clearer what the sources of each file/directory is, and makes it more difficult to forget to add a file or directory. This will be helpful when it comes to bootstrapping an entire network, which will require yet a third way of generating bootstrap files. 2022-10-11 19:24:53 +00:00			`}`

Some large inter-related refactors, moving towards network creation command Host types have been moved within the `bootstrap` package. Refactored how boostrap FS is interacted with. There is now a `Bootstrap` struct which has pre-loaded all data within the bootstrap FS. This helps centralize the logic around reading the data (though not yet completely). Choosing of the garage node to interact with no longer occurs in like three different places. It occurs at the environment level now, and is aided by the new `garage.Peer` type. 2022-10-15 14:28:03 +00:00			`return host`
Refactor how bootstrap files are created The new code makes it a lot clearer what the sources of each file/directory is, and makes it more difficult to forget to add a file or directory. This will be helpful when it comes to bootstrapping an entire network, which will require yet a third way of generating bootstrap files. 2022-10-11 19:24:53 +00:00			`}`
More big refactoring leading up to network creation The `bootstrap/creator` package is gone, almost as quickly as it arrived. The `Bootstrap` type is now able to write its own tgz file, and the two places where bootstrap files are being created pull the data down to do so and create the `Bootstrap` structs directly. The structure of the bootstrap file itself has been changed, now there's just a single `hosts` directory which contains files which are yaml encodings of the `Host` type, rather than having it be split into `nebula` and `garage` directories. This makes creating bootstrap files a lot easier. 2022-10-15 16:41:07 +00:00
			`// Hash returns a deterministic hash of the given hosts map.`
Do proper type-based validation or hostnames and ipnets 2024-07-12 13:30:21 +00:00			`func HostsHash(hostsMap map[nebula.HostName]Host) ([]byte, error) {`
More big refactoring leading up to network creation The `bootstrap/creator` package is gone, almost as quickly as it arrived. The `Bootstrap` type is now able to write its own tgz file, and the two places where bootstrap files are being created pull the data down to do so and create the `Bootstrap` structs directly. The structure of the bootstrap file itself has been changed, now there's just a single `hosts` directory which contains files which are yaml encodings of the `Host` type, rather than having it be split into `nebula` and `garage` directories. This makes creating bootstrap files a lot easier. 2022-10-15 16:41:07 +00:00
			`hosts := make([]Host, 0, len(hostsMap))`
			`for _, host := range hostsMap {`
			`hosts = append(hosts, host)`
			`}`

Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`sort.Slice(hosts, func(i, j int) bool {`
			`return hosts[i].Name < hosts[j].Name`
			`})`
More big refactoring leading up to network creation The `bootstrap/creator` package is gone, almost as quickly as it arrived. The `Bootstrap` type is now able to write its own tgz file, and the two places where bootstrap files are being created pull the data down to do so and create the `Bootstrap` structs directly. The structure of the bootstrap file itself has been changed, now there's just a single `hosts` directory which contains files which are yaml encodings of the `Host` type, rather than having it be split into `nebula` and `garage` directories. This makes creating bootstrap files a lot easier. 2022-10-15 16:41:07 +00:00
			`h := sha512.New()`
Use JSON instead of YAML for files which aren't intended for human editing 2024-06-10 16:56:36 +00:00			`if err := json.NewEncoder(h).Encode(hosts); err != nil {`
More big refactoring leading up to network creation The `bootstrap/creator` package is gone, almost as quickly as it arrived. The `Bootstrap` type is now able to write its own tgz file, and the two places where bootstrap files are being created pull the data down to do so and create the `Bootstrap` structs directly. The structure of the bootstrap file itself has been changed, now there's just a single `hosts` directory which contains files which are yaml encodings of the `Host` type, rather than having it be split into `nebula` and `garage` directories. This makes creating bootstrap files a lot easier. 2022-10-15 16:41:07 +00:00			`return nil, err`
			`}`

			`return h.Sum(nil), nil`
			`}`