Add SSH Key Management

internal/config/config.go

@@ -74,9 +74,6 @@ type Config struct {
 	// Public port to use for the ssh server
 	PublicSSHPort uint16 `env:"SSH_PORT" default:"2222" parser:"port"`
 
-	// A file to be used for global authorized_keys for the ssh server.
-	GlobalAuthorizedKeysFile string `env:"GLOBAL_AUTHORIZED_KEYS_FILE" default:"/var/www/deploy/authorized_keys" parser:"file"`
-
 	// admin credentials for graphdb
 	TriplestoreAdminUser     string `env:"GRAPHDB_ADMIN_USER" default:"admin" parser:"nonempty"`
 	TriplestoreAdminPassword string `env:"GRAPHDB_ADMIN_PASSWORD" default:"" parser:"nonempty"`

internal/config/config_template

@@ -55,9 +55,6 @@ DISTILLERY_BOOKKEEPING_DATABASE=distillery
 # This variable can be used to determine their length. 
 PASSWORD_LENGTH=64
 
-# A file to be used for global authorized_keys for the ssh server.
-GLOBAL_AUTHORIZED_KEYS_FILE=${AUTHORIZED_KEYS_FILE}
-
 # the port to use for the ssh server
 SSH_PORT=2222
 

internal/config/domains.go

@@ -30,6 +30,15 @@ func (cfg Config) HTTPSEnabledEnv() string {
 	return "false"
 }
 
+// HostFromSlug returns the hostname belonging to a given slug.
+// When the slug is empty, returns the default (top-level) domain.
+func (cfg Config) HostFromSlug(slug string) string {
+	if slug == "" {
+		return cfg.DefaultDomain
+	}
+	return fmt.Sprintf("%s.%s", slug, cfg.DefaultDomain)
+}
+
 // DefaultHostRule returns the default traefik hostname rule for this distillery.
 // This consists of the [DefaultDomain] as well as [ExtraDomains].
 func (cfg Config) DefaultHostRule() string {
@@ -43,6 +52,8 @@ func (cfg Config) DefaultHostRule() string {
 func (cfg Config) SlugFromHost(host string) (slug string, ok bool) {
 	// extract an ':port' that happens to be in the host.
 	domain, _, _ := strings.Cut(host, ":")
+	domain = TrimSuffixFold(domain, ".wisski") // remove optional ".wisski" ending that is used inside docker
+
 	domainL := strings.ToLower(domain)
 
 	// check all the possible domain endings
@@ -59,3 +70,10 @@ func (cfg Config) SlugFromHost(host string) (slug string, ok bool) {
 	// no domain found!
 	return "", ok
 }
+
+func TrimSuffixFold(s string, suffix string) string {
+	if len(s) >= len(suffix) && strings.EqualFold(s[len(s)-len(suffix):], suffix) {
+		return s[:len(s)-len(suffix)]
+	}
+	return s
+}

internal/config/template.go

@@ -21,7 +21,6 @@ type Template struct {
 	DefaultDomain            string `env:"DEFAULT_DOMAIN"`
 	SelfOverridesFile        string `env:"SELF_OVERRIDES_FILE"`
 	SelfResolverBlockFile    string `env:"SELF_RESOLVER_BLOCK_FILE"`
-	AuthorizedKeys           string `env:"AUTHORIZED_KEYS_FILE"`
 	TriplestoreAdminUser     string `env:"GRAPHDB_ADMIN_USER"`
 	TriplestoreAdminPassword string `env:"GRAPHDB_ADMIN_PASSWORD"`
 	MysqlAdminUsername       string `env:"MYSQL_ADMIN_USER"`
@@ -48,10 +47,6 @@ func (tpl *Template) SetDefaults(env environment.Environment) (err error) {
 		tpl.SelfResolverBlockFile = filepath.Join(tpl.DeployRoot, bootstrap.ResolverBlockedTXT)
 	}
 
-	if tpl.AuthorizedKeys == "" {
-		tpl.AuthorizedKeys = filepath.Join(tpl.DeployRoot, bootstrap.AuthorizedKeys)
-	}
-
 	if tpl.TriplestoreAdminUser == "" {
 		tpl.TriplestoreAdminUser = "admin"
 	}