diff --git a/cmd/bootstrap.go b/cmd/bootstrap.go index 1ec1bb2..cde800b 100644 --- a/cmd/bootstrap.go +++ b/cmd/bootstrap.go @@ -100,7 +100,7 @@ func (bs cBootstrap) Run(context wisski_distillery.Context) error { // setup a new template for the configuration file! var tpl config.Template - tpl.DeployRoot = bs.Directory + tpl.RootPath = bs.Directory tpl.DefaultDomain = bs.Hostname // and use thge defaults @@ -129,7 +129,7 @@ func (bs cBootstrap) Run(context wisski_distillery.Context) error { // write out all the extra config files if err := logging.LogOperation(func() error { - context.Println(tpl.SelfOverridesFile) + context.Println(cfg.Paths.OverridesJSON) if err := environment.WriteFile( env, cfg.Paths.OverridesJSON, @@ -139,7 +139,7 @@ func (bs cBootstrap) Run(context wisski_distillery.Context) error { return err } - context.Println(tpl.SelfResolverBlockFile) + context.Println(cfg.Paths.ResolverBlocks) if err := environment.WriteFile( env, cfg.Paths.ResolverBlocks, diff --git a/internal/config/config.go b/internal/config/config.go index 18dacb6..41a5ae9 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -42,7 +42,7 @@ type Config struct { PublicSSHPort uint16 `yaml:"ssh_port" default:"2222" validate:"port"` // session secret holds the secret for login - SessionSecret string `yaml:"session_secret" default:"" validate:"nonempty"` + SessionSecret string `yaml:"session_secret" validate:"nonempty"` // interval to trigger distillery cron tasks in CronInterval time.Duration `yaml:"cron_interval" default:"10m" validate:"duration"` diff --git a/internal/config/config.yml b/internal/config/config.yml index 17a08f2..8c656cc 100644 --- a/internal/config/config.yml +++ b/internal/config/config.yml @@ -2,24 +2,24 @@ paths: # A WissKI Distillery needs to store a lot of data on disk. # This setting defines a root folder all of these will be placed in. # On top of this all real-system space will be created under this directory - root: "" + root: null # Individual paths on the root domain can be overwritten. # This can be achieved by adding URLs (without trailing '/'s) into a JSON file. # This setting defines the path to that file. - overrides: "" + overrides: null # You can block specific prefixes within Triplestore from showing up in the global resolver. # Do this by adding one prefix per line in this file. # Lines starting with '#' and blank lines are ignored. # This setting defines the path to that file. - blocks: "" + blocks: null http: # Each created Drupal Instance corresponds to a single domain name. # These domain names should either be a complete domain name or a sub-domain of a default domain. # This setting configures the default domain-name to create subdomains of. - domain: ${DEFAULT_DOMAIN} + domain: null # By default, only the 'domain' domain above is caught. # To catch additional domains, add them here @@ -28,59 +28,59 @@ http: # The system can support setting up certificate(s) automatically. # It can be enabled by setting an email for certbot certificates. # This email address can be configured here. - certbot_email: "" + certbot_email: null # By default, the default domain redirects to the distillery repository. # If you want to change this, set an alternate domain name here. theme: - home: "" + home: null docker: # The name of the (global) docker network to run the distillery services in. - network: ${DOCKER_NETWORK_NAME} + network: null # Configuration of the sql backend sql: # username and password for the sql administrative user. # this user is automatically created. - username: ${MYSQL_ADMIN_USER} - password: ${MYSQL_ADMIN_PASSWORD} + username: null + password: null # prefixes for the data and users to be created and managed # one of these is created per WissKI instance. - user_prefix: "mysql-factory-" - data_prefix: "mysql-factory-" + user_prefix: null + data_prefix: null # database used for internal configuration - database: "distillery" + database: null # configuration of the triplestore backend triplestore: # admin user and password of the graphdb interface # this will be created automatically. - username: ${GRAPHDB_ADMIN_USER} - password: ${GRAPHDB_ADMIN_PASSWORD} + username: null + password: null # prefixes for the users and repositories to be created - user_prefix: "graphdb-factory-" - data_prefix: "graphdb-factory-" + user_prefix: null + data_prefix: null # The maximum agefor backups to be kept. # Backups older than this will be removed when a new backup is made. # The default here is 720hours (== 30 days) -age: '720h' +age: null # Various components use password-based-authentication. # These passwords are generated automatically. # This variable can be used to determine their length. -password_length: 64 +password_length: null # the port to use for the ssh server -ssh_port: 2222 +ssh_port: null # The secret for sessions (for login etc) -session_secret: ${SESSION_SECRET} +session_secret: null # the interval to run cron in -cron_interval: "10m" \ No newline at end of file +cron_interval: null \ No newline at end of file diff --git a/internal/config/password.go b/internal/config/password.go index 49e44a1..c9fb64b 100644 --- a/internal/config/password.go +++ b/internal/config/password.go @@ -9,5 +9,5 @@ import ( // NewPassword returns a new password using the password settings from this configuration func (cfg Config) NewPassword() (string, error) { - return password.Generate(rand.Reader, cfg.PasswordLength, passwordx.Charset) + return password.Generate(rand.Reader, cfg.PasswordLength, passwordx.Safe) } diff --git a/internal/config/template.go b/internal/config/template.go index 2f9357f..845946d 100644 --- a/internal/config/template.go +++ b/internal/config/template.go @@ -12,62 +12,55 @@ import ( "github.com/tkw1536/pkglib/password" ) -// Template is a template for the configuration file +// Template is used to generate a configuration file. type Template struct { - DeployRoot string `env:"DEPLOY_ROOT"` - DefaultDomain string `env:"DEFAULT_DOMAIN"` - SelfOverridesFile string `env:"SELF_OVERRIDES_FILE"` - SelfResolverBlockFile string `env:"SELF_RESOLVER_BLOCK_FILE"` - TriplestoreAdminUser string `env:"GRAPHDB_ADMIN_USER"` - TriplestoreAdminPassword string `env:"GRAPHDB_ADMIN_PASSWORD"` - MysqlAdminUsername string `env:"MYSQL_ADMIN_USER"` - MysqlAdminPassword string `env:"MYSQL_ADMIN_PASSWORD"` - DockerNetworkName string `env:"DOCKER_NETWORK_NAME"` - SessionSecret string `env:"SESSION_SECRET"` + RootPath string + DefaultDomain string + + TSAdminUser string + TSAdminPassword string + + SQLAdminUsername string + SQLAdminPassword string + + DockerNetworkName string + SessionSecret string } // SetDefaults sets defaults on the template func (tpl *Template) SetDefaults(env environment.Environment) (err error) { - if tpl.DeployRoot == "" { - tpl.DeployRoot = bootstrap.BaseDirectoryDefault + if tpl.RootPath == "" { + tpl.RootPath = bootstrap.BaseDirectoryDefault } if tpl.DefaultDomain == "" { tpl.DefaultDomain = hostname.FQDN() // TODO: Make this environment specific } - if tpl.SelfOverridesFile == "" { - tpl.SelfOverridesFile = filepath.Join(tpl.DeployRoot, bootstrap.OverridesJSON) + if tpl.TSAdminUser == "" { + tpl.TSAdminUser = "admin" } - if tpl.SelfResolverBlockFile == "" { - tpl.SelfResolverBlockFile = filepath.Join(tpl.DeployRoot, bootstrap.ResolverBlockedTXT) - } - - if tpl.TriplestoreAdminUser == "" { - tpl.TriplestoreAdminUser = "admin" - } - - if tpl.TriplestoreAdminPassword == "" { - tpl.TriplestoreAdminPassword, err = password.Generate(rand.Reader, 64, passwordx.Charset) + if tpl.TSAdminPassword == "" { + tpl.TSAdminPassword, err = password.Generate(rand.Reader, 64, passwordx.Safe) if err != nil { return err } } - if tpl.MysqlAdminUsername == "" { - tpl.MysqlAdminUsername = "admin" + if tpl.SQLAdminUsername == "" { + tpl.SQLAdminUsername = "admin" } - if tpl.MysqlAdminPassword == "" { - tpl.MysqlAdminPassword, err = password.Generate(rand.Reader, 64, passwordx.Charset) + if tpl.SQLAdminPassword == "" { + tpl.SQLAdminPassword, err = password.Generate(rand.Reader, 64, passwordx.Safe) if err != nil { return err } } if tpl.DockerNetworkName == "" { - tpl.DockerNetworkName, err = password.Generate(rand.Reader, 10, passwordx.Charset) + tpl.DockerNetworkName, err = password.Generate(rand.Reader, 10, passwordx.Identifier) if err != nil { return err } @@ -75,7 +68,7 @@ func (tpl *Template) SetDefaults(env environment.Environment) (err error) { } if tpl.SessionSecret == "" { - tpl.SessionSecret, err = password.Generate(rand.Reader, 100, passwordx.Charset) + tpl.SessionSecret, err = password.Generate(rand.Reader, 100, passwordx.Printable) if err != nil { return err } @@ -88,9 +81,9 @@ func (tpl *Template) SetDefaults(env environment.Environment) (err error) { func (tpl Template) Generate() Config { return Config{ Paths: PathsConfig{ - Root: tpl.DeployRoot, - OverridesJSON: tpl.SelfOverridesFile, - ResolverBlocks: tpl.SelfResolverBlockFile, + Root: tpl.RootPath, + OverridesJSON: filepath.Join(tpl.RootPath, bootstrap.OverridesJSON), + ResolverBlocks: filepath.Join(tpl.RootPath, bootstrap.ResolverBlockedTXT), }, HTTP: HTTPConfig{ PrimaryDomain: tpl.DefaultDomain, @@ -101,8 +94,8 @@ func (tpl Template) Generate() Config { }, SQL: SQLConfig{ DatabaseConfig: DatabaseConfig{ - AdminUsername: tpl.MysqlAdminUsername, - AdminPassword: tpl.MysqlAdminPassword, + AdminUsername: tpl.SQLAdminUsername, + AdminPassword: tpl.SQLAdminPassword, UserPrefix: "mysql-factory-", DataPrefix: "mysql-factory-", @@ -112,8 +105,8 @@ func (tpl Template) Generate() Config { }, TS: TSConfig{ DatabaseConfig: DatabaseConfig{ - AdminUsername: tpl.TriplestoreAdminUser, - AdminPassword: tpl.TriplestoreAdminPassword, + AdminUsername: tpl.TSAdminUser, + AdminPassword: tpl.TSAdminPassword, UserPrefix: "graphdb-factory-", DataPrefix: "graphdb-factory-", diff --git a/internal/dis/component/exporter/exporter.go b/internal/dis/component/exporter/exporter.go index bd46a12..aaf34ab 100644 --- a/internal/dis/component/exporter/exporter.go +++ b/internal/dis/component/exporter/exporter.go @@ -60,7 +60,7 @@ func (dis *Exporter) NewArchivePath(prefix string) (path string) { // newSnapshot name returns a new basename for a snapshot with the provided prefix. // The name is guaranteed to be unique within this process. func (*Exporter) newSnapshotName(prefix string) string { - suffix, _ := password.Generate(rand.Reader, 10, passwordx.Snapshot) // silently ignore any errors! + suffix, _ := password.Generate(rand.Reader, 10, passwordx.Identifier) // silently ignore any errors! if prefix == "" { prefix = "backup" } else { diff --git a/internal/passwordx/charset.go b/internal/passwordx/charset.go index de62126..41f95b4 100644 --- a/internal/passwordx/charset.go +++ b/internal/passwordx/charset.go @@ -2,8 +2,12 @@ package passwordx import "github.com/tkw1536/pkglib/password" -// Charset is a Charset safe for usage within the distillery -const Charset = password.DefaultCharSet +// Safe is a charset used for generating passwords that can be safely passed without having to be escaped. +const Safe = password.DefaultCharSet -// Snapshot is a charset to be used to generate snapshot ids -const Snapshot = password.DefaultCharSet +// Printable is a charset that contains all printable ascii characters +const Printable = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~" + +// Identifier is a charset to be used to generate unique identifiers. +// These are typically used for snapshots and names. +const Identifier = password.DefaultCharSet