mirror of
https://codeberg.org/Codeberg/pages-server.git
synced 2025-04-25 06:16:58 +00:00
wip
This commit is contained in:
6543
parent
75942990ac
commit
3c0ee7e8a3
9 changed files with 192 additions and 70 deletions
|
|
@ -19,29 +19,28 @@ type CertDB interface {
|
|||
}
|
||||
|
||||
type Cert struct {
|
||||
Name string `xorm:"pk NOT NULL 'name'"`
|
||||
Domain string `xorm:" NOT NULL UNIQUE 'domain'"` // TODO: check: is name always same as domain?
|
||||
Domain string `xorm:"pk NOT NULL UNIQUE 'domain'"`
|
||||
Created int64 `xorm:"created NOT NULL DEFAULT 0 'created'"`
|
||||
Updated int64 `xorm:"updated NOT NULL DEFAULT 0 'updated'"`
|
||||
ValidTill int64 `xorm:" NOT NULL DEFAULT 0 'valid_till'"`
|
||||
// certificate.Resource
|
||||
certURL string `xorm:"'cert_url'"`
|
||||
certStableURL string `xorm:"'cert_stable_url''"`
|
||||
privateKey []byte `xorm:"'private_key'"`
|
||||
certificate []byte `xorm:"'certificate'"`
|
||||
issuerCertificate []byte `xorm:"'issuer_certificate'"` // TODO: dedup ?
|
||||
csr []byte `xorm:"'csr'"`
|
||||
CertURL string `xorm:"'cert_url'"`
|
||||
CertStableURL string `xorm:"'cert_stable_url'"`
|
||||
PrivateKey []byte `xorm:"'private_key'"`
|
||||
Certificate []byte `xorm:"'certificate'"`
|
||||
IssuerCertificate []byte `xorm:"'issuer_certificate'"`
|
||||
CSR []byte `xorm:"'csr'"`
|
||||
}
|
||||
|
||||
func (c Cert) Raw() *certificate.Resource {
|
||||
return &certificate.Resource{
|
||||
Domain: c.Domain,
|
||||
CertURL: c.certURL,
|
||||
CertStableURL: c.certStableURL,
|
||||
PrivateKey: c.privateKey,
|
||||
Certificate: c.certificate,
|
||||
IssuerCertificate: c.issuerCertificate,
|
||||
CSR: c.csr,
|
||||
CertURL: c.CertURL,
|
||||
CertStableURL: c.CertStableURL,
|
||||
PrivateKey: c.PrivateKey,
|
||||
Certificate: c.Certificate,
|
||||
IssuerCertificate: c.IssuerCertificate,
|
||||
CSR: c.CSR,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -50,23 +49,28 @@ func toCert(name string, c *certificate.Resource) (*Cert, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if len(tlsCertificates) != 1 || tlsCertificates[0] == nil {
|
||||
err := fmt.Errorf("parsed cert resource has no or more than one cert")
|
||||
log.Error().Err(err).Str("name", name).Msgf("cert: %v", c)
|
||||
if len(tlsCertificates) == 0 || tlsCertificates[0] == nil {
|
||||
err := fmt.Errorf("parsed cert resource has no cert")
|
||||
log.Error().Err(err).Str("domain", c.Domain).Msgf("cert: %v", c)
|
||||
return nil, err
|
||||
}
|
||||
validTill := tlsCertificates[0].NotAfter.Unix()
|
||||
|
||||
// TODO: do we need this or can we just go with domain name for wildcard cert
|
||||
// default *.mock cert is prefixed with '.'
|
||||
if name != c.Domain && name[1:] != c.Domain && name[0] != '.' {
|
||||
return nil, fmt.Errorf("domain key and cert domain not equal")
|
||||
}
|
||||
|
||||
return &Cert{
|
||||
Name: name,
|
||||
Domain: c.Domain,
|
||||
ValidTill: validTill,
|
||||
|
||||
certURL: c.CertURL,
|
||||
certStableURL: c.CertStableURL,
|
||||
privateKey: c.PrivateKey,
|
||||
certificate: c.Certificate,
|
||||
issuerCertificate: c.IssuerCertificate,
|
||||
csr: c.CSR,
|
||||
CertURL: c.CertURL,
|
||||
CertStableURL: c.CertStableURL,
|
||||
PrivateKey: c.PrivateKey,
|
||||
Certificate: c.Certificate,
|
||||
IssuerCertificate: c.IssuerCertificate,
|
||||
CSR: c.CSR,
|
||||
}, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package database
|
|||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/rs/zerolog/log"
|
||||
|
||||
|
|
@ -27,6 +28,9 @@ func NewXormDB(dbType, dbConn string) (CertDB, error) {
|
|||
if !supportedDriver(dbType) {
|
||||
return nil, fmt.Errorf("not supported db type '%s'", dbType)
|
||||
}
|
||||
if dbConn == "" {
|
||||
return nil, fmt.Errorf("no db connection provided")
|
||||
}
|
||||
|
||||
e, err := xorm.NewEngine(dbType, dbConn)
|
||||
if err != nil {
|
||||
|
|
@ -46,31 +50,35 @@ func (x xDB) Close() error {
|
|||
return x.engine.Close()
|
||||
}
|
||||
|
||||
func (x xDB) Put(name string, cert *certificate.Resource) error {
|
||||
log.Trace().Str("name", name).Msg("inserting cert to db")
|
||||
c, err := toCert(name, cert)
|
||||
func (x xDB) Put(domain string, cert *certificate.Resource) error {
|
||||
log.Trace().Str("domain", cert.Domain).Msg("inserting cert to db")
|
||||
c, err := toCert(domain, cert)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
_, err = x.engine.Insert(c)
|
||||
return err
|
||||
}
|
||||
|
||||
func (x xDB) Get(name string) (*certificate.Resource, error) {
|
||||
func (x xDB) Get(domain string) (*certificate.Resource, error) {
|
||||
// TODO: do we need this or can we just go with domain name for wildcard cert
|
||||
domain = strings.TrimPrefix(domain, ".")
|
||||
|
||||
cert := new(Cert)
|
||||
log.Trace().Str("name", name).Msg("get cert from db")
|
||||
if _, err := x.engine.ID(name).Get(&cert); err != nil {
|
||||
log.Trace().Str("domain", domain).Msg("get cert from db")
|
||||
if _, err := x.engine.ID(domain).Get(&cert); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if cert == nil {
|
||||
return nil, fmt.Errorf("%w: name='%s'", ErrNotFound, name)
|
||||
return nil, fmt.Errorf("%w: name='%s'", ErrNotFound, domain)
|
||||
}
|
||||
return cert.Raw(), nil
|
||||
}
|
||||
|
||||
func (x xDB) Delete(name string) error {
|
||||
log.Trace().Str("name", name).Msg("delete cert from db")
|
||||
_, err := x.engine.ID(name).Delete(new(Cert))
|
||||
func (x xDB) Delete(domain string) error {
|
||||
log.Trace().Str("domain", domain).Msg("delete cert from db")
|
||||
_, err := x.engine.ID(domain).Delete(new(Cert))
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
@ -93,7 +101,8 @@ func (x xDB) Items(page, pageSize int) ([]*Cert, error) {
|
|||
|
||||
// return all
|
||||
certs := make([]*Cert, 0, 64)
|
||||
return certs, x.engine.Find(&certs)
|
||||
err := x.engine.Find(&certs)
|
||||
return certs, err
|
||||
}
|
||||
|
||||
// Supported database drivers
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue