From f720d7accdc2abda9bb6c6fcb5b83174a60a22bc Mon Sep 17 00:00:00 2001 From: Brian Picciano Date: Sun, 16 Oct 2022 21:22:58 +0200 Subject: [PATCH] Enable the garage admin interface --- AppDir/etc/daemon.yml | 1 + go-workspace/src/bootstrap/bootstrap.go | 3 +++ go-workspace/src/bootstrap/garage.go | 3 ++- go-workspace/src/cmd/entrypoint/admin.go | 11 +++++++++++ go-workspace/src/cmd/entrypoint/daemon_util.go | 8 +++++--- go-workspace/src/daemon_yml.go | 1 + go-workspace/src/garage/tpl.go | 12 +++++++++--- 7 files changed, 32 insertions(+), 7 deletions(-) diff --git a/AppDir/etc/daemon.yml b/AppDir/etc/daemon.yml index 17e9ae9..d085dd0 100644 --- a/AppDir/etc/daemon.yml +++ b/AppDir/etc/daemon.yml @@ -73,3 +73,4 @@ storage: # capacity: 1200 # api_port: 3900 # rpc_port: 3901 + # admin_port: 3902 diff --git a/go-workspace/src/bootstrap/bootstrap.go b/go-workspace/src/bootstrap/bootstrap.go index facb44a..c544337 100644 --- a/go-workspace/src/bootstrap/bootstrap.go +++ b/go-workspace/src/bootstrap/bootstrap.go @@ -32,6 +32,7 @@ type Bootstrap struct { NebulaHostCert nebula.HostCert GarageRPCSecret string + GarageAdminToken string GarageGlobalBucketS3APICredentials garage.S3APICredentials } @@ -65,6 +66,7 @@ func FromFS(bootstrapFS fs.FS) (Bootstrap, error) { {&b.NebulaHostCert.HostCert, nebulaCertsHostCertPath}, {&b.NebulaHostCert.HostKey, nebulaCertsHostKeyPath}, {&b.GarageRPCSecret, garageRPCSecretPath}, + {&b.GarageAdminToken, garageAdminTokenPath}, } for _, f := range filesToLoadAsString { @@ -115,6 +117,7 @@ func (b Bootstrap) WriteTo(into io.Writer) error { {b.NebulaHostCert.HostCert, nebulaCertsHostCertPath}, {b.NebulaHostCert.HostKey, nebulaCertsHostKeyPath}, {b.GarageRPCSecret, garageRPCSecretPath}, + {b.GarageAdminToken, garageAdminTokenPath}, } for _, f := range filesToWriteAsString { diff --git a/go-workspace/src/bootstrap/garage.go b/go-workspace/src/bootstrap/garage.go index 6d33af4..785bfef 100644 --- a/go-workspace/src/bootstrap/garage.go +++ b/go-workspace/src/bootstrap/garage.go @@ -7,8 +7,9 @@ import ( // Paths within the bootstrap FS related to garage. const ( - garageGlobalBucketKeyYmlPath = "garage/cryptic-net-global-bucket-key.yml" garageRPCSecretPath = "garage/rpc-secret.txt" + garageAdminTokenPath = "garage/admin-token.txt" + garageGlobalBucketKeyYmlPath = "garage/cryptic-net-global-bucket-key.yml" ) // GaragePeers returns a Peer for each known garage instance in the network. diff --git a/go-workspace/src/cmd/entrypoint/admin.go b/go-workspace/src/cmd/entrypoint/admin.go index 773031f..d136ce9 100644 --- a/go-workspace/src/cmd/entrypoint/admin.go +++ b/go-workspace/src/cmd/entrypoint/admin.go @@ -4,11 +4,21 @@ import ( "cryptic-net/admin" "cryptic-net/bootstrap" "cryptic-net/nebula" + "crypto/rand" + "encoding/hex" "errors" "fmt" "os" ) +func randStr(l int) string { + b := make([]byte, l) + if _, err := rand.Read(b); err != nil { + panic(err) + } + return hex.EncodeToString(b) +} + func readAdmin(path string) (admin.Admin, error) { if path == "-" { @@ -94,6 +104,7 @@ var subCmdAdminMakeBootstrap = subCmd{ NebulaHostCert: nebulaHostCert, GarageRPCSecret: adm.GarageRPCSecret, + GarageAdminToken: randStr(32), GarageGlobalBucketS3APICredentials: adm.GarageGlobalBucketS3APICredentials, } diff --git a/go-workspace/src/cmd/entrypoint/daemon_util.go b/go-workspace/src/cmd/entrypoint/daemon_util.go index 5b9e8e5..7b610d0 100644 --- a/go-workspace/src/cmd/entrypoint/daemon_util.go +++ b/go-workspace/src/cmd/entrypoint/daemon_util.go @@ -155,10 +155,12 @@ func garageWriteChildConf( MetaPath: alloc.MetaPath, DataPath: alloc.DataPath, - RPCSecret: env.Bootstrap.GarageRPCSecret, + RPCSecret: env.Bootstrap.GarageRPCSecret, + AdminToken: env.Bootstrap.GarageAdminToken, - RPCAddr: net.JoinHostPort(thisHost.Nebula.IP, strconv.Itoa(alloc.RPCPort)), - APIAddr: net.JoinHostPort(thisHost.Nebula.IP, strconv.Itoa(alloc.S3APIPort)), + RPCAddr: net.JoinHostPort(thisHost.Nebula.IP, strconv.Itoa(alloc.RPCPort)), + APIAddr: net.JoinHostPort(thisHost.Nebula.IP, strconv.Itoa(alloc.S3APIPort)), + AdminAddr: net.JoinHostPort(thisHost.Nebula.IP, strconv.Itoa(alloc.AdminPort)), BootstrapPeers: env.Bootstrap.GarageRPCPeerAddrs(), }) diff --git a/go-workspace/src/daemon_yml.go b/go-workspace/src/daemon_yml.go index d0f0d4c..15241be 100644 --- a/go-workspace/src/daemon_yml.go +++ b/go-workspace/src/daemon_yml.go @@ -33,6 +33,7 @@ type DaemonYmlStorageAllocation struct { Capacity int `yaml:"capacity"` S3APIPort int `yaml:"s3_api_port"` RPCPort int `yaml:"rpc_port"` + AdminPort int `yaml:"admin_port"` } // DaemonYml describes the structure of the daemon.yml file. diff --git a/go-workspace/src/garage/tpl.go b/go-workspace/src/garage/tpl.go index f5d3c9b..9101230 100644 --- a/go-workspace/src/garage/tpl.go +++ b/go-workspace/src/garage/tpl.go @@ -13,10 +13,12 @@ type GarageTomlData struct { MetaPath string DataPath string - RPCSecret string + RPCSecret string + AdminToken string - RPCAddr string - APIAddr string + RPCAddr string + APIAddr string + AdminAddr string BootstrapPeers []string } @@ -40,6 +42,10 @@ bootstrap_peers = [{{- range .BootstrapPeers }} api_bind_addr = "{{ .APIAddr }}" s3_region = "garage" +[admin] +api_bind_addr = "{{ .AdminAddr }}" +admin_token = "{{ .AdminToken }}" + `)) // RenderGarageToml renders a garage.toml using the given data into the writer.