Cadoles
/
hydra-werther
10
0
Fork 0
Code Issues Pull Requests Projects Releases 3 Wiki Activity

Compare commits

base: Cadoles:15a47179f46e792e1f42448b4477cf2e5bd151ba
Branches Tags
Cadoles:develop
Cadoles:master
Cadoles:staging
Cadoles:dist/ubuntu/bionic/develop
Cadoles:dist/ubuntu/bionic/staging
Cadoles:2023.12.6-stable.1421.15a4717
Cadoles:2023.12.6-testing.1421.15a4717
Cadoles:2023.12.6-develop.1421.15a4717
Cadoles:2023.12.6-develop.1447.7edc889
Cadoles:2023.12.6-develop.1347.7edc889
Cadoles:2023.12.6-jenkinsrelease.1334.b9bc218
Cadoles:2023.12.6-develop.1202.d74f812
Cadoles:pkg/staging/ubuntu-bionic/1.2.1-2
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-4
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-3
Cadoles:pkg/staging/ubuntu-bionic/1.2.1-1
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-2
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-0
Cadoles:pkg/staging/ubuntu-bionic/1.2.1-0
Cadoles:pkg/deb/ubuntu-bionic/1.2.1-0
Cadoles:v1.2.1
Cadoles:v1.2.0
Cadoles:v1.1.1
Cadoles:v1.1.0
Cadoles:v1.0.1
Cadoles:v1.0.0
Cadoles:1.2.1-2-7-gd74f812
Cadoles:1.2.1-2-6-g885d18e
Cadoles:1.2.1-2-4-g592749e
Cadoles:1.2.1-2-2-g194c186
Cadoles:1.2.1-2-1-gb940aae
..
compare: Cadoles:eab0b724313ed914660e063e6bfd67594be943b2
Branches Tags
Cadoles:develop
Cadoles:master
Cadoles:staging
Cadoles:dist/ubuntu/bionic/develop
Cadoles:dist/ubuntu/bionic/staging
Cadoles:2023.12.6-stable.1421.15a4717
Cadoles:2023.12.6-testing.1421.15a4717
Cadoles:2023.12.6-develop.1421.15a4717
Cadoles:2023.12.6-develop.1447.7edc889
Cadoles:2023.12.6-develop.1347.7edc889
Cadoles:2023.12.6-jenkinsrelease.1334.b9bc218
Cadoles:2023.12.6-develop.1202.d74f812
Cadoles:pkg/staging/ubuntu-bionic/1.2.1-2
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-4
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-3
Cadoles:pkg/staging/ubuntu-bionic/1.2.1-1
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-2
Cadoles:pkg/dev/ubuntu-bionic/1.2.1-0
Cadoles:pkg/staging/ubuntu-bionic/1.2.1-0
Cadoles:pkg/deb/ubuntu-bionic/1.2.1-0
Cadoles:v1.2.1
Cadoles:v1.2.0
Cadoles:v1.1.1
Cadoles:v1.1.0
Cadoles:v1.0.1
Cadoles:v1.0.0
Cadoles:1.2.1-2-7-gd74f812
Cadoles:1.2.1-2-6-g885d18e
Cadoles:1.2.1-2-4-g592749e
Cadoles:1.2.1-2-2-g194c186
Cadoles:1.2.1-2-1-gb940aae

No commits in common. "15a47179f46e792e1f42448b4477cf2e5bd151ba" and "eab0b724313ed914660e063e6bfd67594be943b2" have entirely different histories.
15a47179f4 ... eab0b72431

13 changed files with 48 additions and 232 deletions
Show Stats Expand all files Collapse all files

4
.gitignore vendored
View File

@ -1,5 +1 @@
/bin
/dist
/tools
/.trivy
.mktools/

2
Dockerfile
View File

@ -3,7 +3,7 @@
# This source code is licensed under the MIT license found in the
# LICENSE file in the root directory of this source tree.
FROM golang:1.21-alpine AS build
FROM golang:1.13-alpine AS build
ARG VERSION
ARG GOPROXY

29
Jenkinsfile vendored
View File

@ -1,29 +0,0 @@
@Library('cadoles') _
// Utilisation du pipeline "standard"
// Voir https://forge.cadoles.com/Cadoles/Jenkins/src/branch/master/doc/tutorials/standard-make-pipeline.md
standardMakePipeline([
'dockerfileExtension': '''
RUN apt-get update \
&& apt-get install -y zip jq
RUN wget https://go.dev/dl/go1.21.5.linux-amd64.tar.gz \
&& rm -rf /usr/local/go \
&& tar -C /usr/local -xzf go1.21.5.linux-amd64.tar.gz
ENV PATH="${PATH}:/usr/local/go/bin"
''',
'hooks': [
'pre-release': {
// Login into docker registry
sh '''
make .mktools
echo "$MKT_GITEA_RELEASE_PASSWORD" | docker login --username "$MKT_GITEA_RELEASE_USERNAME" --password-stdin reg.cadoles.com
'''
}
],
// Use credentials to push images to registry and pubish gitea release
'credentials': [
usernamePassword(credentialsId: 'kipp-credentials', usernameVariable: 'MKT_GITEA_RELEASE_USERNAME', passwordVariable: 'MKT_GITEA_RELEASE_PASSWORD')
]
])

82
Makefile
View File

@ -1,86 +1,10 @@
SHELL := /bin/bash
IMAGE_NAME := reg.cadoles.com/cadoles/hydra-werther
NFPM_VERSION ?= 2.20.0
NFPM_PACKAGERS ?= deb rpm
MKT_GITEA_RELEASE_ORG ?= Cadoles
MKT_GITEA_RELEASE_PROJECT ?= hydra-werther
MKT_GITEA_RELEASE_VERSION ?= $(MKT_PROJECT_VERSION)
define MKT_GITEA_RELEASE_BODY
## Docker usage
```
docker pull $(IMAGE_NAME):$(MKT_PROJECT_VERSION)
```
endef
export MKT_GITEA_RELEASE_BODY
build: build-bin build-image
build-bin: clean generate
build: clean generate
CGO_ENABLED=0 misc/script/build
test: scan
generate:
go generate ./...
clean:
rm -rf bin dist
rm -rf bin
dist:
mkdir -p dist
package: clean build-bin $(foreach p,$(NFPM_PACKAGERS), package-$(p))
package-%: dist tools/nfpm/bin/nfpm
PACKAGE_VERSION=$(MKT_PROJECT_VERSION) \
tools/nfpm/bin/nfpm package \
--config misc/packaging/nfpm.yml \
--target ./dist \
--packager $*
tools/nfpm/bin/nfpm:
mkdir -p tools/nfpm/bin
curl -L --output tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz https://github.com/goreleaser/nfpm/releases/download/v$(NFPM_VERSION)/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz \
&& tar -xzf tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz -C tools/nfpm/bin \
&& chmod +x tools/nfpm/bin/nfpm \
&& rm -f tools/nfpm/nfpm_$(NFPM_VERSION)_Linux_x86_64.tar.gz
build-image:
docker build \
-t "${IMAGE_NAME}:latest" \
.
scan: build-image tools/trivy/bin/trivy
mkdir -p .trivy
tools/trivy/bin/trivy --cache-dir .trivy/.cache image --ignorefile .trivyignore.yaml $(TRIVY_ARGS) $(IMAGE_NAME):latest
tools/trivy/bin/trivy:
mkdir -p tools/trivy/bin
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.47.0
release: release-image release-gitea
release-gitea: .mktools package
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
$(MAKE) MKT_GITEA_RELEASE_ATTACHMENTS="$$(find dist/* -type f -printf '%p ')" mkt-gitea-release
release-image: .mktools
@[ ! -z "$(MKT_PROJECT_VERSION)" ] || ( echo "Just downloaded mktools. Please re-run command."; exit 1 )
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
docker tag "${IMAGE_NAME}:latest" "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION)"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_SHORT_VERSION)"
docker push "${IMAGE_NAME}:$(MKT_PROJECT_VERSION_CHANNEL)-latest"
.mktools:
rm -rf .mktools
curl -q https://forge.cadoles.com/Cadoles/mktools/raw/branch/master/install.sh | TASKS="version gitea" $(SHELL)
-include .mktools/*.mk
.PHONY: build

18
cmd/werther/main.go
View File

@ -14,8 +14,6 @@ import (
"net/url"
"os"
"crypto/tls"
"github.com/i-core/rlog"
"github.com/i-core/routegroup"
"github.com/i-core/werther/internal/identp"
@ -32,12 +30,11 @@ var version = ""
// Config is a server's configuration.
type Config struct {
DevMode bool `envconfig:"dev_mode" default:"false" desc:"Enable development mode"`
Listen string `default:":8080" desc:"a host and port to listen on (<host>:<port>)"`
InsecureSkipVerify bool `envconfig:"insecure_skip_verify" default:"false" desc:"Disable TLS verification on Hydra connection"`
Identp identp.Config
LDAP ldapclient.Config
Web web.Config
DevMode bool `envconfig:"dev_mode" default:"false" desc:"a development mode"`
Listen string `default:":8080" desc:"a host and port to listen on (<host>:<port>)"`
Identp identp.Config
LDAP ldapclient.Config
Web web.Config
}
func main() {
@ -83,11 +80,6 @@ func main() {
os.Exit(1)
}
if cnf.InsecureSkipVerify {
log.Warn("All ssl verifications are disabled !")
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
}
ldap := ldapclient.New(cnf.LDAP)
router := routegroup.NewRouter(nosurf.NewPure, rlog.NewMiddleware(log))

12
conf/hydra-werther.conf
View File

@ -117,15 +117,3 @@ WERTHER_LDAP_ROLE_BASEDN=ou=groups,dc=myorg,dc=com
# [type] String
# [default] /
# [required]
#WERTHER_LDAP_CONNECTION_TIMEOUT=
# [description] LDAP server connection timeout
# [type] Duration
# [default] 60s
# [required]
# WERTHER_INSECURE_SKIP_VERIFY=
# [description] Disable TLS verification on Hydra connection
# [type] True or False
# [default] false
# [required]

23
go.mod
View File

@ -1,8 +1,11 @@
module github.com/i-core/werther
require (
github.com/OneOfOne/xxhash v1.2.2 // indirect
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883
github.com/cespare/xxhash v1.0.0 // indirect
github.com/coocood/freecache v1.0.1
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/elazarl/go-bindata-assetfs v1.0.0
github.com/go-ldap/ldap/v3 v3.2.3
github.com/i-core/rlog v1.0.0
@ -11,24 +14,10 @@ require (
github.com/kelseyhightower/envconfig v1.3.0
github.com/kevinburke/go-bindata v3.13.0+incompatible
github.com/pkg/errors v0.8.1
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
go.uber.org/zap v1.10.0
golang.org/x/text v0.3.2
)
require (
github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c // indirect
github.com/OneOfOne/xxhash v1.2.2 // indirect
github.com/cespare/xxhash v1.0.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.1 // indirect
github.com/gofrs/uuid v3.2.0+incompatible // indirect
github.com/julienschmidt/httprouter v1.2.0 // indirect
github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da // indirect
github.com/sergi/go-diff v1.0.0 // indirect
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 // indirect
go.uber.org/atomic v1.4.0 // indirect
go.uber.org/multierr v1.1.0 // indirect
golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 // indirect
)
go 1.21
go 1.13

5
internal/hydra/hydra.go
View File

@ -26,8 +26,6 @@ var (
ErrChallengeNotFound = errors.New("challenge not found")
// ErrChallengeExpired is an error that happens when a challenge is already used.
ErrChallengeExpired = errors.New("challenge expired")
//ErrServiceUnavailable is an error that happens when the hydra admin service is unavailable
ErrServiceUnavailable = errors.New("hydra service unavailable")
)
type reqType string
@ -54,7 +52,6 @@ func initiateRequest(typ reqType, hydraURL string, fakeTLSTermination bool, chal
if err != nil {
return nil, err
}
u, err := parseURL(hydraURL)
if err != nil {
return nil, err
@ -148,8 +145,6 @@ func checkResponse(resp *http.Response) error {
return ErrChallengeNotFound
case 409:
return ErrChallengeExpired
case 503:
return ErrServiceUnavailable
default:
var rs struct {
Message string `json:"error"`

4
internal/identp/identp.go
View File

@ -11,7 +11,6 @@ package identp
import (
"context"
"fmt"
"net/http"
"net/url"
"strings"
@ -128,8 +127,7 @@ func newLoginStartHandler(rproc oa2LoginReqProcessor, tmplRenderer TemplateRende
return
}
log.Infow("Failed to initiate an OAuth2 login request", zap.Error(err), "challenge", challenge)
errMsg := fmt.Sprintf("%s - %s - %s", http.StatusText(http.StatusInternalServerError), err, errors.Cause(err))
http.Error(w, errMsg, http.StatusInternalServerError)
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
return
}
log.Infow("A login request is initiated", "challenge", challenge, "username", ri.Subject)

51
internal/ldapclient/ldapclient.go
View File

@ -48,20 +48,19 @@ type connector interface {
// Config is a LDAP configuration.
type Config struct {
Endpoints []string `envconfig:"endpoints" required:"true" desc:"a LDAP's server URLs as \"<address>:<port>\""`
BindDN string `envconfig:"binddn" desc:"a LDAP bind DN"`
BindPass string `envconfig:"bindpw" json:"-" desc:"a LDAP bind password"`
BaseDN string `envconfig:"basedn" required:"true" desc:"a LDAP base DN for searching users"`
UserSearchQuery string `envconfig:"user_search_query" desc:"the user search query" default:"(&(|(objectClass=organizationalPerson)(objectClass=inetOrgPerson))(|(uid=%[1]s)(mail=%[1]s)(userPrincipalName=%[1]s)(sAMAccountName=%[1]s)))"`
AttrClaims map[string]string `envconfig:"attr_claims" default:"name:name,sn:family_name,givenName:given_name,mail:email" desc:"a mapping of LDAP attributes to OpenID connect claims"`
RoleBaseDN string `envconfig:"role_basedn" required:"true" desc:"a LDAP base DN for searching roles"`
RoleSearchQuery string `envconfig:"role_search_query" desc:"the role search query" default:"(|(&(|(objectClass=group)(objectClass=groupOfNames))(member=%[1]s))(&(objectClass=groupOfUniqueNames)(uniqueMember=%[1]s)))"`
RoleAttr string `envconfig:"role_attr" default:"description" desc:"a LDAP group's attribute that contains a role's name"`
RoleClaim string `envconfig:"role_claim" default:"https://github.com/i-core/werther/claims/roles" desc:"a name of an OpenID Connect claim that contains user roles"`
CacheSize int `envconfig:"cache_size" default:"512" desc:"a user info cache's size in KiB"`
CacheTTL time.Duration `envconfig:"cache_ttl" default:"30m" desc:"a user info cache TTL"`
IsTLS bool `envconfig:"is_tls" default:"false" desc:"should LDAP connection be established via TLS"`
ConnectionTimeout time.Duration `envconfig:"connection_timeout" default:"60s" desc:"LDAP server connection timeout"`
Endpoints []string `envconfig:"endpoints" required:"true" desc:"a LDAP's server URLs as \"<address>:<port>\""`
BindDN string `envconfig:"binddn" desc:"a LDAP bind DN"`
BindPass string `envconfig:"bindpw" json:"-" desc:"a LDAP bind password"`
BaseDN string `envconfig:"basedn" required:"true" desc:"a LDAP base DN for searching users"`
UserSearchQuery string `envconfig:"user_search_query" desc:"the user search query" default:"(&(|(objectClass=organizationalPerson)(objectClass=inetOrgPerson))(|(uid=%[1]s)(mail=%[1]s)(userPrincipalName=%[1]s)(sAMAccountName=%[1]s)))"`
AttrClaims map[string]string `envconfig:"attr_claims" default:"name:name,sn:family_name,givenName:given_name,mail:email" desc:"a mapping of LDAP attributes to OpenID connect claims"`
RoleBaseDN string `envconfig:"role_basedn" required:"true" desc:"a LDAP base DN for searching roles"`
RoleSearchQuery string `envconfig:"role_search_query" desc:"the role search query" default:"(|(&(|(objectClass=group)(objectClass=groupOfNames))(member=%[1]s))(&(objectClass=groupOfUniqueNames)(uniqueMember=%[1]s)))"`
RoleAttr string `envconfig:"role_attr" default:"description" desc:"a LDAP group's attribute that contains a role's name"`
RoleClaim string `envconfig:"role_claim" default:"https://github.com/i-core/werther/claims/roles" desc:"a name of an OpenID Connect claim that contains user roles"`
CacheSize int `envconfig:"cache_size" default:"512" desc:"a user info cache's size in KiB"`
CacheTTL time.Duration `envconfig:"cache_ttl" default:"30m" desc:"a user info cache TTL"`
IsTLS bool `envconfig:"is_tls" default:"false" desc:"should LDAP connection be established via TLS"`
}
// Client is a LDAP client (compatible with Active Directory).
@ -76,12 +75,11 @@ func New(cnf Config) *Client {
return &Client{
Config: cnf,
connector: &ldapConnector{
BaseDN: cnf.BaseDN,
UserSearchQuery: cnf.UserSearchQuery,
RoleBaseDN: cnf.RoleBaseDN,
IsTLS: cnf.IsTLS,
RoleSearchQuery: cnf.RoleSearchQuery,
ConnectionTimeout: cnf.ConnectionTimeout,
BaseDN: cnf.BaseDN,
UserSearchQuery: cnf.UserSearchQuery,
RoleBaseDN: cnf.RoleBaseDN,
IsTLS: cnf.IsTLS,
RoleSearchQuery: cnf.RoleSearchQuery,
},
cache: freecache.NewCache(cnf.CacheSize * 1024),
}
@ -293,16 +291,15 @@ func (cli *Client) findBasicUserDetails(cn conn, username string, attrs []string
}
type ldapConnector struct {
BaseDN string
RoleBaseDN string
IsTLS bool
UserSearchQuery string
RoleSearchQuery string
ConnectionTimeout time.Duration
BaseDN string
RoleBaseDN string
IsTLS bool
UserSearchQuery string
RoleSearchQuery string
}
func (c *ldapConnector) Connect(ctx context.Context, addr string) (conn, error) {
d := net.Dialer{Timeout: c.ConnectionTimeout}
d := net.Dialer{Timeout: ldap.DefaultTimeout}
tcpcn, err := d.DialContext(ctx, "tcp", addr)
if err != nil {
return nil, err

12
internal/web/templates.go
View File

@ -89,7 +89,7 @@ func loginTmpl() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "login.tmpl", size: 1376, mode: os.FileMode(0644), modTime: time.Unix(1632751659, 0)}
info := bindataFileInfo{name: "login.tmpl", size: 1376, mode: os.FileMode(0664), modTime: time.Unix(1598432745, 0)}
a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x96, 0x82, 0x4c, 0x6a, 0xc3, 0x92, 0x44, 0x14, 0x82, 0xe7, 0x9a, 0xa8, 0xc8, 0x81, 0x35, 0x91, 0x53, 0xa8, 0x9, 0xe5, 0x8, 0xd5, 0xf, 0x5c, 0x48, 0x31, 0xde, 0xbf, 0xb7, 0x65, 0x23, 0xa9}}
return a, nil
}
@ -109,7 +109,7 @@ func staticFontsRobotoLightTtf() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/fonts/Roboto-Light.ttf", size: 170012, mode: os.FileMode(0644), modTime: time.Unix(1631861563, 0)}
info := bindataFileInfo{name: "static/fonts/Roboto-Light.ttf", size: 170012, mode: os.FileMode(0644), modTime: time.Unix(1574945279, 0)}
a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xdb, 0x2, 0x9, 0x6a, 0x91, 0xc2, 0xa, 0xb6, 0x2d, 0x45, 0x90, 0x1, 0xa1, 0x5, 0x9b, 0xc8, 0xd7, 0x8c, 0xaa, 0x35, 0xd6, 0x37, 0xdc, 0x91, 0x49, 0x4c, 0x44, 0x40, 0x81, 0x5a, 0x6a, 0xc1}}
return a, nil
}
@ -129,7 +129,7 @@ func staticFontsRobotoLightWoff() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/fonts/Roboto-Light.woff", size: 93468, mode: os.FileMode(0644), modTime: time.Unix(1631861563, 0)}
info := bindataFileInfo{name: "static/fonts/Roboto-Light.woff", size: 93468, mode: os.FileMode(0644), modTime: time.Unix(1574945279, 0)}
a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x77, 0xad, 0xe0, 0x48, 0xda, 0x36, 0xf1, 0x3, 0xa5, 0x20, 0x45, 0x5a, 0xcb, 0xd2, 0xf, 0x26, 0xbd, 0x45, 0xd6, 0xf1, 0xc4, 0x21, 0x5, 0x4a, 0x5d, 0x92, 0x6f, 0x55, 0x65, 0x25, 0x16, 0x35}}
return a, nil
}
@ -149,7 +149,7 @@ func staticFontsRobotoLightWoff2() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/fonts/Roboto-Light.woff2", size: 64272, mode: os.FileMode(0644), modTime: time.Unix(1631861563, 0)}
info := bindataFileInfo{name: "static/fonts/Roboto-Light.woff2", size: 64272, mode: os.FileMode(0644), modTime: time.Unix(1574945279, 0)}
a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x1a, 0x87, 0xc0, 0x97, 0xd1, 0xa3, 0x42, 0xec, 0x1b, 0x1a, 0x40, 0x6, 0x6d, 0x4d, 0xbe, 0x9d, 0x6f, 0x14, 0x49, 0x2d, 0x78, 0x80, 0x5d, 0xe2, 0xa1, 0xb5, 0x7d, 0xaf, 0x8b, 0x28, 0xd6, 0x40}}
return a, nil
}
@ -169,7 +169,7 @@ func staticScriptJs() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/script.js", size: 1240, mode: os.FileMode(0644), modTime: time.Unix(1631861563, 0)}
info := bindataFileInfo{name: "static/script.js", size: 1240, mode: os.FileMode(0644), modTime: time.Unix(1565090829, 0)}
a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x21, 0x83, 0x40, 0xc4, 0xb1, 0x4e, 0x2c, 0xf8, 0x84, 0x11, 0x9b, 0x80, 0xc2, 0xe6, 0xab, 0xb5, 0xf8, 0xd5, 0x3b, 0xc9, 0x2e, 0x5b, 0x12, 0x7, 0x29, 0x2f, 0x21, 0x5f, 0x59, 0x35, 0xf7, 0xad}}
return a, nil
}
@ -189,7 +189,7 @@ func staticStyleCss() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/style.css", size: 5966, mode: os.FileMode(0644), modTime: time.Unix(1631861563, 0)}
info := bindataFileInfo{name: "static/style.css", size: 5966, mode: os.FileMode(0644), modTime: time.Unix(1574945279, 0)}
a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xdf, 0x10, 0x89, 0x7e, 0x7, 0xd2, 0xf2, 0xcc, 0xa2, 0x4e, 0xcf, 0x1, 0x63, 0x75, 0x97, 0xa1, 0x1c, 0x36, 0x4e, 0x34, 0x44, 0x85, 0x53, 0x93, 0xd4, 0x40, 0x69, 0x5f, 0x78, 0x30, 0x17, 0x8f}}
return a, nil
}

22
misc/packaging/nfpm.yml
View File

@ -1,22 +0,0 @@
name: "hydra-werther"
arch: "amd64"
platform: "linux"
version: "${PACKAGE_VERSION}"
section: "default"
priority: "extra"
maintainer: "Cadoles <contact@cadoles.com>"
description: |
PostgreSQL automated backup scripts
vendor: "Cadoles"
homepage: "https://forge.cadoles.com/Cadoles/postgres-backup"
license: "AGPL-3.0"
version_schema: none
contents:
- src: bin/werther_linux_amd64
dst: /usr/bin/hydra-werther
- src: conf/hydra-werther.conf
dst: /etc/hydra-werther/hydra-werther.conf
- src: misc/packaging/systemd/hydra-werther.service
dst: /usr/lib/systemd/system/hydra-werther.service

12
misc/packaging/systemd/hydra-werther.service
View File

@ -1,12 +0,0 @@
[Unit]
Description=Run Hydra Werther login/consent/logout app
After=network-online.target
[Service]
Type=simple
EnvironmentFile=/etc/hydra-werther/hydra-werther.conf
ExecStart=/usr/bin/hydra-werther
Restart=on-failure
[Install]
WantedBy=multi-user.target