Compare commits

..

23 Commits

Author SHA1 Message Date
8b5a97da54 chore: add logo
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-06-22 09:01:41 -06:00
d73e027ee3 doc: uci configuration deployment tutorial
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-05-26 15:53:00 +02:00
054744e3e9 fix: systemd units
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-05-25 21:23:15 +02:00
0e664bce44 doc: add first steps tutorial (fr) 2023-05-25 21:22:56 +02:00
58ef3b0077 doc: add emissary introduction
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-05-24 10:15:48 +02:00
6a976c0b51 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-26 15:56:15 +02:00
d188af81af chore: update edge lib without goproxy
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-25 13:54:01 +02:00
e975381b4f fix(controller,app): correctly detect ip address for cookie domain resolution
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-24 13:49:53 +02:00
0d03a708f9 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-24 12:23:45 +02:00
64ea0e05a9 fix(app,handler): use real ip
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-21 20:04:37 +02:00
10844a15a3 chore: update spec samples 2023-04-21 20:03:21 +02:00
0394e34055 feat: update arcad/edge dependency
Some checks reported errors
arcad/emissary/pipeline/head Something is wrong with the build of this commit
2023-04-21 20:02:18 +02:00
541d30d74f feat(controller,app): share module integration
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-21 13:10:03 +02:00
87a45090e0 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-21 12:45:51 +02:00
fcd159c0fb chore: use go 1.20.2
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-20 19:28:30 +02:00
eda02c6be3 feat: update arcad/edge dependency
Some checks failed
arcad/emissary/pipeline/head There was a failure building this commit
2023-04-20 19:21:30 +02:00
ef3048b005 feat(controller,app): use new edge new mountpoints api
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-20 12:23:17 +02:00
51e1dc3b2d fix(server,api): return 'not found' errors 2023-04-20 12:22:30 +02:00
3d01cf0f93 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-20 11:01:04 +02:00
bb03b3a54a feat(controller,app): compress http responses
Some checks reported errors
arcad/emissary/pipeline/head Something is wrong with the build of this commit
2023-04-20 10:59:27 +02:00
813f837291 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-14 16:29:09 +02:00
ed35ee5002 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-13 13:48:33 +02:00
4b5bc0bc82 feat: update arcad/edge dependency
All checks were successful
arcad/emissary/pipeline/head This commit looks good
2023-04-13 12:08:13 +02:00
23 changed files with 1022 additions and 160 deletions

3
.gitignore vendored
View File

@ -9,4 +9,5 @@ dist/
/agent-key.json
/apps
/server-key.json
/.emissary-token
/.emissary-token
/out

View File

@ -158,7 +158,7 @@ full-version:
update-edge-lib:
git pull --rebase
GOPRIVATE=forge.cadoles.com/arcad/edge go get -u forge.cadoles.com/arcad/edge
GOPROXY=direct GOPRIVATE=forge.cadoles.com/arcad/edge go get -u forge.cadoles.com/arcad/edge
go mod tidy
$(MAKE) test
git add go.mod go.sum

View File

@ -1,3 +1,7 @@
<div style="text-align:center">
<img style="width:250px" src="./misc/resources/logo.svg" />
</div>
# Emissary
Control plane for "edge" (and OpenWRT-based) devices.

View File

@ -1,20 +1,22 @@
# Documentation
- (FR) - [Introduction](./fr/introduction.md)
## Tutorials
- (FR) - [Premiers pas](./tutorials/fr/first-steps.md)
- (FR) - [Déployer un serveur mandataire inverse sur un agent](./tutorials/fr/deploy-reverse-proxy.md)
- (FR) - [Déployer une configuration UCI personnalisée sur un agent](./tutorials/fr/deploy-uci-configuration.md)
## References
### API
### Specifications
[See `misc/rest/server.rest`](../misc/rest/server.rest)
### Spécifications
- [Schéma `app.emissary.cadoles.com`](../internal/spec/app/schema.json)
- [Schéma `app.emissary.cadoles.com`](../internal/agent/controller/app/spec/schema.json)
- [Schéma `proxy.emissary.cadoles.com`](../internal/spec/proxy/schema.json)
- [Schéma `mdns.emissary.cadoles.com`](../internal/agent/controller/mdns/spec/schema.json)
- [Schéma `uci.emissary.cadoles.com`](../internal/spec/uci/schema.json)
- [Schéma `gateway.emissary.cadoles.com`](../internal/spec/gateway/schema.json)
- [Schéma `sysupgrade.openwrt.emissary.cadoles.com`](../internal/agent/controller/openwrt/spec/sysupgrade/schema.json)
### Configuration

30
doc/fr/introduction.md Normal file
View File

@ -0,0 +1,30 @@
# Introduction
"Emissary" est un programme entrant dans la catégorie des outils de gestion et déploiement de configuration.
En utilisant un agent déployé sur chaque système cible, il permet aux administrateurs système de centraliser le contrôle et la supervision de la configuration. Grâce à ses fonctionnalités avancées, il est capable de faire converger la configuration d'une machine vers un modèle précis défini par une ou plusieurs spécifications centralisées sur un serveur de pilotage dédié.
Le principal atout d'"Emissary" réside dans sa capacité à activer des "contrôleurs" spécifiques pour chaque aspect de la configuration système. Ces contrôleurs sont des modules intelligents qui agissent comme des agents spécialisés, veillant à ce que les paramètres de configuration soient correctement appliqués et respectent les spécifications définies.
Grâce à cette approche modulaire, "Emissary" peut gérer diverses facettes de la configuration, telles que les paramètres réseau, les règles de sécurité, les options de performance et bien plus encore. Chaque contrôleur est conçu pour répondre à des besoins spécifiques, offrant ainsi une flexibilité et une granularité optimales dans la gestion de la configuration.
Certains contrôleurs permettent également l'exécution de services spécialisés comme des serveurs mandataires inverses ou des applications web autonomes.
L'utilisation d'un serveur de pilotage centralisé permet à "Emissary" de stocker et de mettre à jour les spécifications de configuration de manière cohérente. Les administrateurs peuvent définir des modèles de configuration précis, les affiner au fil du temps et les appliquer en un seul clic sur l'ensemble du parc de machines gérées. Cela garantit une uniformité et une conformité accrues, tout en facilitant la maintenance et les mises à jour à grande échelle.
À l'heure actuelle, Emissary est conçu pour cibler spécifiquement le système d'exploitation OpenWRT. L'activation des "contrôleurs" spécifiques à cet OS permet de converger la configuration de la machine OpenWRT vers un modèle correspondant aux spécifications centralisées sur le serveur de pilotage. Ces spécifications peuvent inclure des paramètres réseau, des configurations de sécurité, des règles de pare-feu, des options de routage, des services système, et bien d'autres éléments spécifiques à OpenWRT.
## Vue d'ensemble de l'architecture
![](./resources/overview.svg)
## Contrôleurs
Voici la liste des contrôleurs implémentés à ce jour:
- **Contrôleur UCI** - Permet de modifier les données [UCI](https://openwrt.org/docs/guide-user/base-system/uci) (**U**nified **C**onfiguration **S**ystem) d'un système OpenWRT et ainsi configurer les services systèmes, les règles pare-feu, la configuration des NICs, etc sur celui-ci.
- **Contrôleur SysUpgrade** - Permet de mettre à jour un système OpenWRT via l'outil [`sysupgrade`](https://openwrt.org/docs/guide-user/installation/generic.sysupgrade).
- **Contrôleur Proxy** - Permet de déployer des services de type passerelle mandataire inverse ("reverse proxy") sur la machine cible.
- **Contrôleur mDNS** - Permet d'annoncer des services via mDNS sur les différents réseaux de la machine cible.
- **Contrôleur App** - Permet de déployer des applications web "embarquées" (s'exécutant localement et non dépendantes d'une connectivité internet) sur la machine cible. Voir le projet ["Edge App"](https://forge.cadoles.com/arcad/edge).

View File

@ -0,0 +1,59 @@
@startuml
top to bottom direction
skinparam linetype ortho
node PilotNode as "Pilot Node" {
database DataStore as "Data Store"
component EmissaryServer as "Emissary Server" {
component SpecificationRegistry as "Specification Registry" {
component UCISpecification as "UCI Spec"
component MDNSSpecification as "mDNS Spec"
component AppSpecification as "App Spec"
component ProxySpecification as "Proxy Spec"
component SysUpgradeSpecification as "SysUpgrade Spec"
}
component HTTPHandler as "HTTP Handler"
HTTPHandler .down.> SpecificationRegistry: validates agents data with
HTTPHandler .right.> DataStore: saves agent data in
}
}
node OperatorNode as "Operator Node" {
component EmissaryClient as "Emissary Client"
EmissaryClient -left-> HTTPHandler: administrates
}
node OpenWRTNode as "OpenWRT Node" {
component EmissaryAgent as "Emissary Agent" {
component StateManager as "State Manager"
StateManager --up-> HTTPHandler: fetches agent ^*specs from
component UCIController as "UCI Controller"
UCIController .up.> StateManager: reconciles with
component SysUpgradeController as "SysUpgrade Controller"
SysUpgradeController .up.> StateManager: reconciles with
component ProxyController as "Proxy Controller"
ProxyController .up.> StateManager: reconciles with
component MDNSController as "mDNS Controller"
MDNSController .up.> StateManager: reconciles with
component AppController as "App Controller"
AppController .up.> StateManager: reconciles with
}
}

View File

@ -0,0 +1,99 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentStyleType="text/css" height="643px" preserveAspectRatio="none" style="width:1713px;height:643px;background:#FFFFFF;" version="1.1" viewBox="0 0 1713 643" width="1713px" zoomAndPan="magnify"><defs/><g><!--MD5=[d09f24f3d7c03358bd8c02f81fe1cb3f]
cluster PilotNode--><g id="cluster_PilotNode"><polygon fill="none" points="16,16,26,6,685,6,685,511,675,521,16,521,16,16" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="675" x2="685" y1="16" y2="6"/><line style="stroke:#181818;stroke-width:1.0;" x1="16" x2="675" y1="16" y2="16"/><line style="stroke:#181818;stroke-width:1.0;" x1="675" x2="675" y1="16" y2="521"/><text fill="#000000" font-family="sans-serif" font-size="14" font-weight="bold" lengthAdjust="spacing" textLength="73" x="310" y="33.9659">Pilot Node</text></g><!--MD5=[9c6b5fd9fe3a3a3c784efc27685ccdf9]
cluster EmissaryServer--><g id="cluster_EmissaryServer"><rect fill="none" height="440" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:1.0;" width="523" x="138" y="57"/><rect fill="none" height="10" style="stroke:#181818;stroke-width:1.0;" width="15" x="641" y="62"/><rect fill="none" height="2" style="stroke:#181818;stroke-width:1.0;" width="4" x="639" y="64"/><rect fill="none" height="2" style="stroke:#181818;stroke-width:1.0;" width="4" x="639" y="68"/><text fill="#000000" font-family="sans-serif" font-size="14" font-weight="bold" lengthAdjust="spacing" textLength="110" x="344.5" y="84.9659">Emissary Server</text></g><!--MD5=[5f6297313bdca82dad0981382bb4d88a]
cluster SpecificationRegistry--><g id="cluster_SpecificationRegistry"><rect fill="none" height="273" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:1.0;" width="459" x="170" y="192"/><rect fill="none" height="10" style="stroke:#181818;stroke-width:1.0;" width="15" x="609" y="197"/><rect fill="none" height="2" style="stroke:#181818;stroke-width:1.0;" width="4" x="607" y="199"/><rect fill="none" height="2" style="stroke:#181818;stroke-width:1.0;" width="4" x="607" y="203"/><text fill="#000000" font-family="sans-serif" font-size="14" font-weight="bold" lengthAdjust="spacing" textLength="149" x="325" y="219.9659">Specification Registry</text></g><!--MD5=[b562d696a455f482404b155c6a8fbfca]
cluster OperatorNode--><g id="cluster_OperatorNode"><polygon fill="none" points="709,62,719,52,889,52,889,150,879,160,709,160,709,62" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="879" x2="889" y1="62" y2="52"/><line style="stroke:#181818;stroke-width:1.0;" x1="709" x2="879" y1="62" y2="62"/><line style="stroke:#181818;stroke-width:1.0;" x1="879" x2="879" y1="62" y2="160"/><text fill="#000000" font-family="sans-serif" font-size="14" font-weight="bold" lengthAdjust="spacing" textLength="104" x="743" y="79.9659">Operator Node</text></g><!--MD5=[68861f6d3d90d2f41bc4d4a2796fc73e]
cluster OpenWRTNode--><g id="cluster_OpenWRTNode"><polygon fill="none" points="709,313,719,303,1696,303,1696,616,1686,626,709,626,709,313" style="stroke:#181818;stroke-width:1.0;"/><line style="stroke:#181818;stroke-width:1.0;" x1="1686" x2="1696" y1="313" y2="303"/><line style="stroke:#181818;stroke-width:1.0;" x1="709" x2="1686" y1="313" y2="313"/><line style="stroke:#181818;stroke-width:1.0;" x1="1686" x2="1686" y1="313" y2="626"/><text fill="#000000" font-family="sans-serif" font-size="14" font-weight="bold" lengthAdjust="spacing" textLength="109" x="1144" y="330.9659">OpenWRT Node</text></g><!--MD5=[6e6320f5227e3e26302b14a131b17aa5]
cluster EmissaryAgent--><g id="cluster_EmissaryAgent"><rect fill="none" height="248" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:1.0;" width="939" x="733" y="354"/><rect fill="none" height="10" style="stroke:#181818;stroke-width:1.0;" width="15" x="1652" y="359"/><rect fill="none" height="2" style="stroke:#181818;stroke-width:1.0;" width="4" x="1650" y="361"/><rect fill="none" height="2" style="stroke:#181818;stroke-width:1.0;" width="4" x="1650" y="365"/><text fill="#000000" font-family="sans-serif" font-size="14" font-weight="bold" lengthAdjust="spacing" textLength="108" x="1148.5" y="381.9659">Emissary Agent</text></g><!--MD5=[45eee4c5a57edb1e2ac175c76a239d17]
entity DataStore--><g id="elem_DataStore"><path d="M32,105.5 C32,95.5 77,95.5 77,95.5 C77,95.5 122,95.5 122,105.5 L122,133.5679 C122,143.5679 77,143.5679 77,143.5679 C77,143.5679 32,143.5679 32,133.5679 L32,105.5 " fill="#F1F1F1" style="stroke:#181818;stroke-width:0.5;"/><path d="M32,105.5 C32,115.5 77,115.5 77,115.5 C77,115.5 122,115.5 122,105.5 " fill="none" style="stroke:#181818;stroke-width:0.5;"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="70" x="42" y="134.4659">Data Store</text></g><!--MD5=[7d2b259075cd0e421afb7965bd22532b]
entity HTTPHandler--><g id="elem_HTTPHandler"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="132" x="335" y="95"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="447" y="100"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="445" y="102"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="445" y="106"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="92" x="350" y="129.9659">HTTP Handler</text></g><!--MD5=[d74c349cfc963885f78088443cb132a3]
entity UCISpecification--><g id="elem_UCISpecification"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="100" x="213" y="238"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="293" y="243"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="291" y="245"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="291" y="249"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="60" x="228" y="272.9659">UCI Spec</text></g><!--MD5=[631d6ad5bad1f198f42ccf56fafe0582]
entity MDNSSpecification--><g id="elem_MDNSSpecification"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="118" x="348" y="238"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="446" y="243"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="444" y="245"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="444" y="249"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="78" x="363" y="272.9659">mDNS Spec</text></g><!--MD5=[f8753067470155b04e2f3a693924c320]
entity AppSpecification--><g id="elem_AppSpecification"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="103" x="501.5" y="238"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="584.5" y="243"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="582.5" y="245"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="582.5" y="249"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="63" x="516.5" y="272.9659">App Spec</text></g><!--MD5=[fd240f711946cd5d0dcadb1ea2ed786c]
entity ProxySpecification--><g id="elem_ProxySpecification"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="112" x="213" y="392"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="305" y="397"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="303" y="399"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="303" y="403"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="72" x="228" y="426.9659">Proxy Spec</text></g><!--MD5=[74aafaf76d366e174271de99960a7b8d]
entity SysUpgradeSpecification--><g id="elem_SysUpgradeSpecification"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="157" x="360.5" y="392"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="497.5" y="397"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="495.5" y="399"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="495.5" y="403"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="117" x="375.5" y="426.9659">SysUpgrade Spec</text></g><!--MD5=[584b4e495bc4cb9e5d46ff66335fc219]
entity EmissaryClient--><g id="elem_EmissaryClient"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="143" x="725.5" y="95"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="848.5" y="100"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="846.5" y="102"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="846.5" y="106"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="103" x="740.5" y="129.9659">Emissary Client</text></g><!--MD5=[cbe48146c9698f81ea53c2c6f51c8eda]
entity StateManager--><g id="elem_StateManager"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="139" x="1048.5" y="392"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="1167.5" y="397"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1165.5" y="399"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1165.5" y="403"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="99" x="1063.5" y="426.9659">State Manager</text></g><!--MD5=[27f8877b35bcf78d2c9b0e363caea569]
entity UCIController--><g id="elem_UCIController"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="135" x="749.5" y="537"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="864.5" y="542"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="862.5" y="544"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="862.5" y="548"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="95" x="764.5" y="571.9659">UCI Controller</text></g><!--MD5=[f5a45e51cb66ff1d3b5626d0df038fee]
entity SysUpgradeController--><g id="elem_SysUpgradeController"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="192" x="920" y="537"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="1092" y="542"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1090" y="544"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1090" y="548"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="152" x="935" y="571.9659">SysUpgrade Controller</text></g><!--MD5=[ed1f476319cb2bbabd1b988180210f61]
entity ProxyController--><g id="elem_ProxyController"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="147" x="1147.5" y="537"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="1274.5" y="542"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1272.5" y="544"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1272.5" y="548"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="107" x="1162.5" y="571.9659">Proxy Controller</text></g><!--MD5=[dcaaaabc13b59746f8f74cc6285a228b]
entity MDNSController--><g id="elem_MDNSController"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="153" x="1329.5" y="537"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="1462.5" y="542"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1460.5" y="544"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1460.5" y="548"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="113" x="1344.5" y="571.9659">mDNS Controller</text></g><!--MD5=[f7cab0dbd7f354492deaa54be612571f]
entity AppController--><g id="elem_AppController"><rect fill="#F1F1F1" height="49.0679" rx="2.5" ry="2.5" style="stroke:#181818;stroke-width:0.5;" width="138" x="1518" y="537"/><rect fill="#F1F1F1" height="10" style="stroke:#181818;stroke-width:0.5;" width="15" x="1636" y="542"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1634" y="544"/><rect fill="#F1F1F1" height="2" style="stroke:#181818;stroke-width:0.5;" width="4" x="1634" y="548"/><text fill="#000000" font-family="sans-serif" font-size="14" lengthAdjust="spacing" textLength="98" x="1533" y="571.9659">App Controller</text></g><!--MD5=[8c3501b26c9c3ea39952224ab3fba557]
link HTTPHandler to SpecificationRegistry--><g id="link_HTTPHandler_SpecificationRegistry"><path d="M334.7,128 C268.96,128 178,128 178,128 C178,128 178,158.5475 178,190.5263 C178,190.7761 178,191.026 178,191.276 " fill="none" id="HTTPHandler-to-SpecificationRegistry" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="178,191.276,182,182.276,178,186.276,174,182.276,178,191.276" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="156" x="151.03" y="142.897">validates agents data with</text></g><!--MD5=[1442fca2dc2f53bf9ae23d9e844c6c8b]
link HTTPHandler to DataStore--><g id="link_HTTPHandler_DataStore"><path d="M334.65,112 C334.65,112 128.41,112 128.41,112 " fill="none" id="HTTPHandler-to-DataStore" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="123.41,112,132.41,116,128.41,112,132.41,108,123.41,112" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="115" x="203.28" y="126.897">saves agent data in</text></g><!--MD5=[04b946759b53ef2d0699bda61eed296c]
reverse link HTTPHandler to EmissaryClient--><g id="link_HTTPHandler_EmissaryClient"><path d="M473.28,112 C473.28,112 725.14,112 725.14,112 " fill="none" id="HTTPHandler-backto-EmissaryClient" style="stroke:#181818;stroke-width:1.0;"/><polygon fill="#181818" points="468.28,112,477.28,116,473.28,112,477.28,108,468.28,112" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="82" x="516.21" y="107.897">administrates</text></g><!--MD5=[0dd7156c6052ea784bc88dfca61e007b]
reverse link HTTPHandler to StateManager--><g id="link_HTTPHandler_StateManager"><path d="M473.28,128 C473.28,128 665,128 665,128 C665,128 665,409 665,409 C665,409 921.14,409 1048.21,409 " fill="none" id="HTTPHandler-backto-StateManager" style="stroke:#181818;stroke-width:1.0;"/><polygon fill="#181818" points="468.28,128,477.28,132,473.28,128,477.28,124,468.28,128" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="163" x="501" y="360.137">fetches agent ^*specs from</text></g><!--MD5=[beea302d68a5d9dc6027ab4e0b987cea]
reverse link StateManager to UCIController--><g id="link_StateManager_UCIController"><path d="M1042.15,425 C1042.15,425 876.5,425 876.5,425 C876.5,425 876.5,497.45 876.5,536.78 " fill="none" id="StateManager-backto-UCIController" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="1047.15,425,1038.15,421,1042.15,425,1038.15,429,1047.15,425" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="814.43" y="420.897">reconciles with</text></g><!--MD5=[8cf138a1950decb1251fc88353171770]
reverse link StateManager to SysUpgradeController--><g id="link_StateManager_SysUpgradeController"><path d="M1080.25,447.43 C1080.25,447.43 1080.25,536.9 1080.25,536.9 " fill="none" id="StateManager-backto-SysUpgradeController" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="1080.25,442.43,1076.25,451.43,1080.25,447.43,1084.25,451.43,1080.25,442.43" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="991.25" y="488.057">reconciles with</text></g><!--MD5=[8dba0e44c0268b5c6a2c1c6565c41b8b]
reverse link StateManager to ProxyController--><g id="link_StateManager_ProxyController"><path d="M1167.5,447.43 C1167.5,447.43 1167.5,536.9 1167.5,536.9 " fill="none" id="StateManager-backto-ProxyController" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="1167.5,442.43,1163.5,451.43,1167.5,447.43,1171.5,451.43,1167.5,442.43" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="1078.5" y="507.057">reconciles with</text></g><!--MD5=[94df0ade1dc92be8853ce902c4f83dad]
reverse link StateManager to MDNSController--><g id="link_StateManager_MDNSController"><path d="M1193.72,425 C1193.72,425 1406,425 1406,425 C1406,425 1406,497.45 1406,536.78 " fill="none" id="StateManager-backto-MDNSController" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="1188.72,425,1197.72,429,1193.72,425,1197.72,421,1188.72,425" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="1266.75" y="420.897">reconciles with</text></g><!--MD5=[e74434bc519cba41fdddc7c857699717]
reverse link StateManager to AppController--><g id="link_StateManager_AppController"><path d="M1193.96,409 C1193.96,409 1587,409 1587,409 C1587,409 1587,493.45 1587,536.66 " fill="none" id="StateManager-backto-AppController" style="stroke:#181818;stroke-width:1.0;stroke-dasharray:7.0,7.0;"/><polygon fill="#181818" points="1188.96,409,1197.96,413,1193.96,409,1197.96,405,1188.96,409" style="stroke:#181818;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="88" x="1365.31" y="404.897">reconciles with</text></g><!--MD5=[6fc50b732d8962c26a79ff20e99a40e3]
@startuml
top to bottom direction
skinparam linetype ortho
node PilotNode as "Pilot Node" {
database DataStore as "Data Store"
component EmissaryServer as "Emissary Server" {
component SpecificationRegistry as "Specification Registry" {
component UCISpecification as "UCI Spec"
component MDNSSpecification as "mDNS Spec"
component AppSpecification as "App Spec"
component ProxySpecification as "Proxy Spec"
component SysUpgradeSpecification as "SysUpgrade Spec"
}
component HTTPHandler as "HTTP Handler"
HTTPHandler .down.> SpecificationRegistry: validates agents data with
HTTPHandler .right.> DataStore: saves agent data in
}
}
node OperatorNode as "Operator Node" {
component EmissaryClient as "Emissary Client"
EmissaryClient -left-> HTTPHandler: administrates
}
node OpenWRTNode as "OpenWRT Node" {
component EmissaryAgent as "Emissary Agent" {
component StateManager as "State Manager"
StateManager - -up-> HTTPHandler: fetches agent ^*specs from
component UCIController as "UCI Controller"
UCIController .up.> StateManager: reconciles with
component SysUpgradeController as "SysUpgrade Controller"
SysUpgradeController .up.> StateManager: reconciles with
component ProxyController as "Proxy Controller"
ProxyController .up.> StateManager: reconciles with
component MDNSController as "mDNS Controller"
MDNSController .up.> StateManager: reconciles with
component AppController as "App Controller"
AppController .up.> StateManager: reconciles with
}
}
@end
PlantUML version 1.2022.7(Mon Aug 22 19:01:30 CEST 2022)
(GPL source distribution)
Java Runtime: OpenJDK Runtime Environment
JVM: OpenJDK 64-Bit Server VM
Default Encoding: UTF-8
Language: fr
Country: FR
--></g></svg>

After

Width:  |  Height:  |  Size: 21 KiB

View File

@ -0,0 +1,3 @@
# Déployer un serveur mandataire inverse sur un agent
> TODO

View File

@ -0,0 +1,130 @@
# Déployer une configuration UCI personnalisée sur un agent
Via la spécification [`uci.emissary.cadoles.com`](../../../internal/spec/uci/schema.json) il est possible de configurer un agent avec un système OpenWRT. Dans ce tutoriel nous verrons:
- Comment exporter une configuration UCI existante au format attendu par Emissary;
- Comment modifier la spécification d'un agent Emissary pour mettre à jour sa configuration via le serveur de pilotage.
## Étapes
### Identifier l'empreinte de votre agent
1. Sur la machine agent, utiliser la commande intégrée pour récupérer l'empreinte ("thumbprint") identifiant l'agent:
```
emissary agent show-thumbprint
```
**Noter la valeur retournée. Elle sera utilisée dans les étapes suivantes.**
### Exporter la configuration UCI de votre agent au format Emissary
1. Se connecter en SSH sur votre agent Emissary:
```
ssh root@<agent_ip>
```
2. Sur la machine agent, utiliser la commande intégrée pour exporter la configuration UCI de votre agent au format Emissary:
```
uci export | emissary agent openwrt uci transform > my-agent-config.json
```
> **Astuce**
>
> Par défaut, l'outil [LuCi](https://openwrt.org/fr/doc/howto/luci.essentials) est disponible sur votre agent. Vous pouvez y accéder via l'URL `http://<agent_ip>/`.
>
> Vous pouvez utiliser LuCi pour modifier la configuration de l'agent (par exemple, configurer le WiFi, créer des règles réseaux, etc) avant d'exporter la configuration.
>
> De cette manière, il est possible de répliquer celle ci sur plusieurs agents via Emissary !
3. Transférer le fichier `my-agent-config.json` sur la machine hébergeant votre serveur de pilotage Emissary.
### Transformer la configuration en spécification
#### Prérequis
- [`jq`](https://stedolan.github.io/jq/)
- [`sponge`](https://linux.die.net/man/1/sponge) (paquet `moreutils` sur Ubuntu)
#### Étapes
1. Sur la machine hébergeant le serveur de pilotage Emissary, utiliser l'outil `jq` pour créer un objet JSON correspondant au schéma attendu par la spécification [`uci.emissary.cadoles.com`](../../../internal/spec/uci/schema.json):
```bash
# Créer la structure de base de la spécification UCI
cat >> my-uci-spec.json <<EOF
{
"config": null,
"postImportCommands": [
{ "command": "uci", "args": ["commit"] },
{ "command": "reload_config", "args": [] }
]
}
EOF
# Injecter la configuration récupérée de notre agent dans la spécification
cat my-uci-spec.json | jq --slurpfile config my-agent-config.json '.config = $config[0]' | sponge my-uci-spec.json
```
Notre spécification est prête à être assignée à notre agent !
### Assigner la spécification à l'agent
1. Sur la machine hébergeant le serveur de pilotage Emissary, retrouver l'identifiant associé à l'agent:
```bash
# Déclarer une variable contenant l'empreinte de l'agent précédemment trouvée
AGENT_THUMBPRINT="<empreinte agent>"
# Récupérer l'identifiant de l'agent
AGENT_ID=$(emissary api agent query -f json | jq -r --arg thumbprint "$AGENT_THUMBPRINT" '.[] | select(.thumbprint == $thumbprint) | .id')
```
2. Assigner la spécification à l'agent UCI:
```bash
cat my-uci-spec.json | emissary api agent spec update -a ${AGENT_ID} --no-patch --spec-data - --spec-name uci.emissary.cadoles.com
```
**Bravo, vous avez déployé des spécifications UCI sur votre agent !**
### Exemple: modifier le `hostname` de votre agent
En intervenant directement sur notre spécification, il est possible de modifier la configuration et appliquer ces changements à notre agent.
1. Sur la machine hébergeant le serveur de pilotage, faire:
```bash
# On créait une variable avec le nouveau hostname de notre agent
MY_NEW_AGENT_HOSTNAME="MyEmissaryAgent"
# On utilise jq afin de modifier la valeur de configuration dans notre spécification UCI
cat my-uci-spec.json | jq --arg hostname "$MY_NEW_AGENT_HOSTNAME" '( .config.packages[] | select(.name == "system") | .configs[].options[] | select(.name == "hostname").value ) |= $hostname' | sponge my-uci-spec.json
```
> **Astuce**
>
> En utilisant la commande `grep -C 10 hostname my-uci-spec.json`, on peut voir que la valeur de configuration `hostname` a bien été mise à jour dans notre spécification.
2. Mettre à jour la configuration de l'agent:
```bash
cat my-uci-spec.json | emissary api agent spec update -a ${AGENT_ID} --no-patch --spec-data - --spec-name uci.emissary.cadoles.com
```
3. Sur l'agent, après quelques secondes (par défaut, la fréquence de mise à jour est de 1 fois par minute) l'agent devrait avoir son `hostname` mis à jour:
```
uci show system.@system[].hostname
```
Un message de ce type devrait s'afficher:
```
system.cfg01e48a.hostname='MyEmissaryAgent'
```
La modification devrait être également visible dans le prompt du shell de l'agent.

View File

@ -1 +1,158 @@
# Premiers pas
# Premiers pas
## Prérequis
- Pour le serveur, une machine [Ubuntu 22.04](https://ubuntu.com/download/server)
- Pour l'agent, un [RaspberryPi version 3](https://openwrt.org/toh/raspberry_pi_foundation/raspberry_pi)
## Étapes
### Préparer votre RaspberryPi
1. Sur la page des ["versions"](https://forge.cadoles.com/arcad/emissary-firmware/releases) des firmwares du projet Emissary, télécharger la dernière version disponibles correspondant à votre système cible, dans le cas présent `openwrt-<openwrt_version>-emissary-<emissary_firmware_version>-bcm27xx-bcm2710-rpi-3-ext4-factory.img.gz`
2. Brancher votre carte SD dans le lecteur, flasher celle ci avec le firmware:
```bash
# Chemin vers le fichier de firmware précédemment téléchargé
FIRMWARE_FILE="openwrt-<openwrt_version>-emissary-<emissary_firmware_version>-bcm27xx-bcm2710-rpi-3-ext4-factory.img.gz"
SDCARD_DEVICE=/dev/sdX # Chemin vers le "device" correspondant à votre carte SD
# Décompresser le firmware
gzip -d "${FIRMWARE_FILE}"
# Flash la carte SD
sudo dd if="${FIRMWARE_FILE%.gz}" of="${SDCARD_DEVICE}" bs=2M conv=fsync
# Attendre la fin des écritures
sudo sync
```
3. Placer votre carte SD dans votre RaspberryPi, le connecter à votre réseau en Ethernet puis l'allumer.
4. Scanner votre réseau pour trouver l'adresse IP de votre Raspberry Pi. Par exemple, avec l'outil `nmap`:
```bash
sudo nmap -sP 192.168.0.* # À modifier par le préfixe correspondant à votre réseau local
```
Une entrée équivalente à la suivante devrait être affichée:
```bash
Starting Nmap 7.93 ( https://nmap.org ) at 2023-05-25 19:29 CEST
Nmap scan report for 192.168.0.24
Host is up (0.0034s latency).
MAC Address: B8:27:EB:E5:7B:55 (Raspberry Pi Foundation)
[...]
```
5. Se connecter en SSH sur votre RaspberryPi et définir un mot de passe pour le compte administrateur:
```bash
ssh root@<ip>
passwd
```
### Installer le serveur Emissary
1. Sur la machine Ubuntu 22.04, télécharger les paquets Emissary sur la page ["Versions"](https://forge.cadoles.com/arcad/emissary/releases) du projet. Dans le cas présent, choisir le paquet Debian `emissary-server_<emissary_version>_linux_<arch>.deb` où `<arch>` correspond à l'architecture CPU de votre machine.
2. Installer le paquet télécharger via `dpkg`:
```
sudo dpkg -i emissary-server_<emissary_version>_linux_<arch>.deb
```
3. Appliquer les migrations sur la base de données:
```shell
sudo emissary --workdir /usr/share/emissary --config /etc/emissary/server.yml server database migrate
```
4. Redémarrer le service:
```shell
sudo systemctl restart emissary-server
```
5. Créer un jeton d'administration:
```shell
sudo emissary --workdir /usr/share/emissary --config /etc/emissary/server.yml server auth create-token --role writer --subject $(whoami) > .emissary-token
```
6. Vérifier l'authentification sur l'API:
```shell
emissary api agent query
```
Une réponse équivalente à la suivante devrait s'afficher:
```shell
+----+-------+------------+--------+-------------+-----------+
| ID | LABEL | THUMBPRINT | STATUS | CONTACTEDAT | UPDATEDAT |
+----+-------+------------+--------+-------------+-----------+
+----+-------+------------+--------+-------------+-----------+
```
### Appairer l'agent avec votre serveur
1. Sur le RaspberryPi, exécuter la commande suivante:
```shell
uci set emissary.agent.server_url='http://<server_ip>:3000'
uci commit emissary
reload_config
```
2. Via la commande `logread`, vérifier que l'agent arrive à se connecter avec le serveur:
```shell
logread -f
```
Un message de ce type devrait s'afficher:
```
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.611 [INFO] <./internal/agent/controller/persistence/controller.go:58> (*Controller).Reconcile no changes detected, doing nothing {"controller": "persistence-controller"}
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.675 [ERROR] <./internal/agent/controller/spec/controller.go:43>(*Controller).reconcileAgent unexpected agent status {"controller": "spec-controller", "agentID": 1, "status": 0}
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.676 [INFO] <./internal/agent/controller/openwrt/uci_controller.go:32> (*UCIController).Reconcile could not find uci spec, doing nothing {"controller": "uci-controller"}
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.677 [INFO] <./internal/agent/controller/app/controller.go:43> (*Controller).Reconcile could not find app spec {"controller": "app-controller"}
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.678 [INFO] <./internal/agent/controller/proxy/controller.go:35>(*Controller).Reconcile could not find proxy spec {"controller": "proxy-controller"}
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.680 [INFO] <./internal/agent/controller/mdns/controller.go:38>(*Controller).Reconcile could not find mdns spec {"controller": "mdns-controller"}
Thu May 25 18:48:51 2023 daemon.info emissary[2202]: 2023-05-25 18:48:51.680 [INFO] <./internal/agent/controller/openwrt/sysupgrade_controller.go:36> (*SysUpgradeController).Reconcile could not find sysupgrade spec, doing nothing {"controller": "sysupgrade-controller"}
```
3. Sur le serveur, vérifier que l'agent a pu s'enregistrer:
```shell
emissary api agent query
```
Un message de ce type devrait s'afficher:
```
+----+-------+-----------------------------------+--------+-----------------------------------+-----------------------------------+
| ID | LABEL | THUMBPRINT | STATUS | CONTACTEDAT | UPDATEDAT |
+----+-------+-----------------------------------+--------+-----------------------------------+-----------------------------------+
| 1 | | 21CnUATcboKCaheb2uczWCuoxTZtnp... | 0 | 2023-05-25 18:49:51.652680196 ... | "2023-05-25T18:49:51.589225817... |
+----+-------+-----------------------------------+--------+-----------------------------------+-----------------------------------+
```
Noter l'identifiant associé à l'agent.
4. Mettre à jour le statut de l'agent afin qu'il soit en capacité à récupérer ses spécifications:
```
emissary api agent update --agent-id <agent_id> --status 1
```
**Bravo, vous avez appairé votre premier agent et son serveur Emissary !**
## Aller plus loin
- [Déployer une configuration UCI personnalisée sur un agent](./deploy-uci-configuration.md)
- [Déployer un serveur mandataire inverse sur votre agent](./deploy-reverse-proxy.md)

18
go.mod
View File

@ -3,7 +3,7 @@ module forge.cadoles.com/Cadoles/emissary
go 1.19
require (
forge.cadoles.com/arcad/edge v0.0.0-20230413093531-de330c004207
forge.cadoles.com/arcad/edge v0.0.0-20230426135323-17808d14c978
github.com/Masterminds/sprig/v3 v3.2.3
github.com/alecthomas/participle/v2 v2.0.0-beta.5
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883
@ -25,7 +25,7 @@ require (
github.com/pkg/errors v0.9.1
github.com/qri-io/jsonschema v0.2.1
github.com/urfave/cli/v2 v2.24.4
gitlab.com/wpetit/goweb v0.0.0-20230227162855-a1f09bafccb3
gitlab.com/wpetit/goweb v0.0.0-20230419082146-a94d9ed7202b
gopkg.in/yaml.v3 v3.0.1
modernc.org/sqlite v1.21.0
)
@ -44,14 +44,14 @@ require (
github.com/huandu/xstrings v1.3.3 // indirect
github.com/igm/sockjs-go/v3 v3.0.2 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/miekg/dns v1.1.51 // indirect
github.com/miekg/dns v1.1.53 // indirect
github.com/mitchellh/copystructure v1.0.0 // indirect
github.com/mitchellh/reflectwalk v1.0.0 // indirect
github.com/oklog/ulid/v2 v2.1.0 // indirect
github.com/orcaman/concurrent-map v1.0.0 // indirect
github.com/shopspring/decimal v1.2.0 // indirect
github.com/spf13/cast v1.3.1 // indirect
golang.org/x/net v0.8.0 // indirect
golang.org/x/net v0.9.0 // indirect
google.golang.org/genproto v0.0.0-20220728213248-dd149ef739b9 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
)
@ -96,12 +96,12 @@ require (
go.opencensus.io v0.24.0 // indirect
go.uber.org/atomic v1.10.0 // indirect
golang.org/x/crypto v0.7.0 // indirect
golang.org/x/mod v0.8.0 // indirect
golang.org/x/mod v0.10.0 // indirect
golang.org/x/sync v0.1.0 // indirect
golang.org/x/sys v0.6.0 // indirect
golang.org/x/term v0.6.0 // indirect
golang.org/x/text v0.8.0 // indirect
golang.org/x/tools v0.6.0 // indirect
golang.org/x/sys v0.7.0 // indirect
golang.org/x/term v0.7.0 // indirect
golang.org/x/text v0.9.0 // indirect
golang.org/x/tools v0.8.0 // indirect
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
google.golang.org/protobuf v1.28.1 // indirect
gopkg.in/go-playground/validator.v9 v9.31.0 // indirect

32
go.sum
View File

@ -54,8 +54,8 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
forge.cadoles.com/arcad/edge v0.0.0-20230413093531-de330c004207 h1:SClle/69UAfxm1a0ZYGCAUYagH0uB1iEcWBAPLJPJ/k=
forge.cadoles.com/arcad/edge v0.0.0-20230413093531-de330c004207/go.mod h1:Vx4iq/oewXUOkGyi8QKc14clTLNO1sWpb0SjBYELlAs=
forge.cadoles.com/arcad/edge v0.0.0-20230426135323-17808d14c978 h1:fekSRSb8gYcVx8C0B9K6B7+KiFHVixIwvPUkxcnRFp4=
forge.cadoles.com/arcad/edge v0.0.0-20230426135323-17808d14c978/go.mod h1:uv3wBa+UbcEUb7IiJCj1T96Xo3cmx1BwNxbBYRZhln8=
gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8=
github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg=
github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k=
@ -981,8 +981,8 @@ github.com/miekg/dns v0.0.0-20161006100029-fc4e1e2843d8/go.mod h1:W1PPwlIAgtquWB
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI=
github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
github.com/miekg/dns v1.1.51 h1:0+Xg7vObnhrz/4ZCZcZh7zPXlmU0aveS2HDBd0m0qSo=
github.com/miekg/dns v1.1.51/go.mod h1:2Z9d3CP1LQWihRZUf29mQ19yDThaI4DAYzte2CaQW5c=
github.com/miekg/dns v1.1.53 h1:ZBkuHr5dxHtB1caEOlZTLPo7D3L3TWckgUUs/RHfDxw=
github.com/miekg/dns v1.1.53/go.mod h1:uInx36IzPl7FYnDcMeVWxj9byh7DutNykX4G9Sj60FY=
github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4=
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
@ -1310,8 +1310,8 @@ github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPS
github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg=
github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
gitlab.com/nyarla/go-crypt v0.0.0-20160106005555-d9a5dc2b789b/go.mod h1:T3BPAOm2cqquPa0MKWeNkmOM5RQsRhkrwMWonFMN7fE=
gitlab.com/wpetit/goweb v0.0.0-20230227162855-a1f09bafccb3 h1:ddXRTeqEr7LcHQEtkd6gogZOh9tI1Y6Gappr0a1oa2I=
gitlab.com/wpetit/goweb v0.0.0-20230227162855-a1f09bafccb3/go.mod h1:3sus4zjoUv1GB7eDLL60QaPkUnXJCWBpjvbe0jWifeY=
gitlab.com/wpetit/goweb v0.0.0-20230419082146-a94d9ed7202b h1:nkvOl8TCj/mErADnwFFynjxBtC+hHsrESw6rw56JGmg=
gitlab.com/wpetit/goweb v0.0.0-20230419082146-a94d9ed7202b/go.mod h1:3sus4zjoUv1GB7eDLL60QaPkUnXJCWBpjvbe0jWifeY=
go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
@ -1449,9 +1449,9 @@ golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20161013035702-8b4af36cd21a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -1528,8 +1528,9 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM=
golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
golang.org/x/oauth2 v0.0.0-20180227000427-d7d64896b5ff/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@ -1693,8 +1694,9 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@ -1703,8 +1705,9 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ=
golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@ -1718,8 +1721,9 @@ golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@ -1809,9 +1813,9 @@ golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k=
golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y=
golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4=
golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

View File

@ -3,13 +3,11 @@ package app
import (
"bytes"
"context"
"database/sql"
"net"
"path/filepath"
"text/template"
"forge.cadoles.com/Cadoles/emissary/internal/agent/controller/app/spec"
appSpec "forge.cadoles.com/Cadoles/emissary/internal/agent/controller/app/spec"
"forge.cadoles.com/Cadoles/emissary/internal/jwk"
"forge.cadoles.com/arcad/edge/pkg/app"
"forge.cadoles.com/arcad/edge/pkg/bus"
@ -21,13 +19,27 @@ import (
"forge.cadoles.com/arcad/edge/pkg/module/cast"
fetchModule "forge.cadoles.com/arcad/edge/pkg/module/fetch"
netModule "forge.cadoles.com/arcad/edge/pkg/module/net"
shareModule "forge.cadoles.com/arcad/edge/pkg/module/share"
shareSqlite "forge.cadoles.com/arcad/edge/pkg/module/share/sqlite"
"forge.cadoles.com/arcad/edge/pkg/storage"
"forge.cadoles.com/arcad/edge/pkg/storage/sqlite"
"github.com/Masterminds/sprig/v3"
"github.com/go-chi/chi/v5"
"github.com/lestrrat-go/jwx/v2/jwa"
"github.com/pkg/errors"
"gitlab.com/wpetit/goweb/logger"
)
type Dependencies struct {
Bus bus.Bus
DocumentStore storage.DocumentStore
BlobStore storage.BlobStore
KeySet jwk.Set
AppRepository appModule.Repository
AppID app.ID
ShareRepository shareModule.Repository
}
const defaultSQLiteParams = "?_pragma=foreign_keys(1)&_pragma=busy_timeout=60000"
func (c *Controller) getHandlerOptions(ctx context.Context, appKey string, specs *spec.Spec) ([]edgeHTTP.HandlerOptionFunc, error) {
@ -42,17 +54,46 @@ func (c *Controller) getHandlerOptions(ctx context.Context, appKey string, specs
return nil, errors.Wrapf(err, "could not open database file '%s'", dbFile)
}
shareDBFile := filepath.Join(dataDir, "shared.sqlite")
shareDB, err := sqlite.Open(shareDBFile + defaultSQLiteParams)
if err != nil {
return nil, errors.Wrapf(err, "could not open database file '%s'", shareDBFile)
}
keySet, err := getAuthKeySet(specs.Config)
if err != nil {
return nil, errors.Wrap(err, "could not retrieve auth key set")
}
bus := memory.NewBus()
modules := c.getAppModules(bus, db, specs, keySet)
mounts := make([]func(r chi.Router), 0)
authMount, err := getAuthMount(specs.Config.Auth, keySet)
if err != nil {
return nil, errors.WithStack(err)
}
if authMount != nil {
mounts = append(mounts, authMount)
}
mounts = append(mounts, appModule.Mount(c.appRepository))
deps := Dependencies{
Bus: memory.NewBus(),
DocumentStore: sqlite.NewDocumentStoreWithDB(db),
BlobStore: sqlite.NewBlobStoreWithDB(db),
KeySet: keySet,
AppRepository: c.appRepository,
AppID: app.ID(appKey),
ShareRepository: shareSqlite.NewRepositoryWithDB(shareDB),
}
modules := c.getAppModules(deps)
options := []edgeHTTP.HandlerOptionFunc{
edgeHTTP.WithBus(bus),
edgeHTTP.WithBus(deps.Bus),
edgeHTTP.WithServerModules(modules...),
edgeHTTP.WithHTTPMounts(mounts...),
}
return options, nil
@ -231,21 +272,19 @@ func createResolveAppURL(specs *spec.Spec) (ResolveAppURLFunc, error) {
}, nil
}
func (c *Controller) getAppModules(bus bus.Bus, db *sql.DB, spec *appSpec.Spec, keySet jwk.Set) []app.ServerModuleFactory {
ds := sqlite.NewDocumentStoreWithDB(db)
bs := sqlite.NewBlobStoreWithDB(db)
func (c *Controller) getAppModules(deps Dependencies) []app.ServerModuleFactory {
return []app.ServerModuleFactory{
module.ContextModuleFactory(),
module.ConsoleModuleFactory(),
cast.CastModuleFactory(),
module.LifecycleModuleFactory(),
netModule.ModuleFactory(bus),
module.RPCModuleFactory(bus),
module.StoreModuleFactory(ds),
blob.ModuleFactory(bus, bs),
authModule(keySet),
appModule.ModuleFactory(c.appRepository),
fetchModule.ModuleFactory(bus),
netModule.ModuleFactory(deps.Bus),
module.RPCModuleFactory(deps.Bus),
module.StoreModuleFactory(deps.DocumentStore),
blob.ModuleFactory(deps.Bus, deps.BlobStore),
authModuleFactory(deps.KeySet),
appModule.ModuleFactory(deps.AppRepository),
fetchModule.ModuleFactory(deps.Bus),
shareModule.ModuleFactory(deps.AppID, deps.ShareRepository),
}
}

View File

@ -1,11 +1,17 @@
package app
import (
"time"
"forge.cadoles.com/Cadoles/emissary/internal/agent/controller/app/spec"
"forge.cadoles.com/Cadoles/emissary/internal/jwk"
"forge.cadoles.com/arcad/edge/pkg/app"
"forge.cadoles.com/arcad/edge/pkg/module"
"forge.cadoles.com/arcad/edge/pkg/module/auth"
authModule "forge.cadoles.com/arcad/edge/pkg/module/auth"
authHTTP "forge.cadoles.com/arcad/edge/pkg/module/auth/http"
"github.com/dop251/goja"
"github.com/lestrrat-go/jwx/v2/jwa"
"github.com/pkg/errors"
)
@ -17,30 +23,14 @@ const (
RoleSuperadmin string = "superadmin"
)
func authModule(keySet jwk.Set) app.ServerModuleFactory {
func authModuleFactory(keySet jwk.Set) app.ServerModuleFactory {
return module.Extends(
auth.ModuleFactory(
auth.WithJWT(func() (jwk.Set, error) {
authModule.ModuleFactory(
authModule.WithJWT(func() (jwk.Set, error) {
return keySet, nil
}),
),
func(o *goja.Object) {
if err := o.Set("CLAIM_TENANT", "arcad_tenant"); err != nil {
panic(errors.New("could not set 'CLAIM_TENANT' property"))
}
if err := o.Set("CLAIM_ENTRYPOINT", "arcad_entrypoint"); err != nil {
panic(errors.New("could not set 'CLAIM_ENTRYPOINT' property"))
}
if err := o.Set("CLAIM_ROLE", "arcad_role"); err != nil {
panic(errors.New("could not set 'CLAIM_ROLE' property"))
}
if err := o.Set("CLAIM_PREFERRED_USERNAME", "preferred_username"); err != nil {
panic(errors.New("could not set 'CLAIM_PREFERRED_USERNAME' property"))
}
if err := o.Set("ROLE_VISITOR", RoleVisitor); err != nil {
panic(errors.New("could not set 'ROLE_VISITOR' property"))
}
@ -63,3 +53,41 @@ func authModule(keySet jwk.Set) app.ServerModuleFactory {
},
)
}
func getAuthMount(auth *spec.Auth, keySet jwk.Set) (auth.MountFunc, error) {
switch {
case auth.Local != nil:
var rawKey any = auth.Local.Key
if strKey, ok := rawKey.(string); ok {
rawKey = []byte(strKey)
}
key, err := jwk.FromRaw(rawKey)
if err != nil {
return nil, errors.WithStack(err)
}
cookieDuration := defaultCookieDuration
if auth.Local.CookieDuration != "" {
cookieDuration, err = time.ParseDuration(auth.Local.CookieDuration)
if err != nil {
return nil, errors.WithStack(err)
}
}
return authModule.Mount(
authHTTP.NewLocalHandler(
jwa.HS256, key,
authHTTP.WithRoutePrefix("/auth"),
authHTTP.WithAccounts(auth.Local.Accounts...),
authHTTP.WithCookieOptions(getCookieDomain, cookieDuration),
),
authModule.WithJWT(func() (jwk.Set, error) {
return keySet, nil
}),
), nil
default:
return nil, nil
}
}

View File

@ -12,14 +12,11 @@ import (
appSpec "forge.cadoles.com/Cadoles/emissary/internal/agent/controller/app/spec"
"forge.cadoles.com/Cadoles/emissary/internal/proxy/wildcard"
edgeHTTP "forge.cadoles.com/arcad/edge/pkg/http"
authHTTP "forge.cadoles.com/arcad/edge/pkg/module/auth/http"
"gitlab.com/wpetit/goweb/logger"
"forge.cadoles.com/arcad/edge/pkg/bundle"
"github.com/go-chi/chi/middleware"
"github.com/go-chi/chi/v5"
"github.com/lestrrat-go/jwx/v2/jwa"
"github.com/lestrrat-go/jwx/v2/jwk"
"github.com/pkg/errors"
_ "forge.cadoles.com/Cadoles/emissary/internal/imports/passwd"
@ -47,7 +44,9 @@ func (s *Server) Start(ctx context.Context, addr string) (err error) {
router := chi.NewRouter()
router.Use(middleware.RealIP)
router.Use(middleware.Logger)
router.Use(middleware.Compress(5))
handler := edgeHTTP.NewHandler(s.handlerOptions...)
if err := handler.Load(s.bundle); err != nil {
@ -61,12 +60,6 @@ func (s *Server) Start(ctx context.Context, addr string) (err error) {
s.config.UnexpectedHostRedirect.AcceptedHostPatterns...,
))
}
if s.config.Auth != nil {
if err := s.configureAuth(router, s.config.Auth); err != nil {
return errors.WithStack(err)
}
}
}
router.Handle("/*", handler)
@ -135,38 +128,6 @@ func (s *Server) Stop() error {
return nil
}
func (s *Server) configureAuth(router chi.Router, auth *spec.Auth) error {
switch {
case auth.Local != nil:
var rawKey any = auth.Local.Key
if strKey, ok := rawKey.(string); ok {
rawKey = []byte(strKey)
}
key, err := jwk.FromRaw(rawKey)
if err != nil {
return errors.WithStack(err)
}
cookieDuration := defaultCookieDuration
if auth.Local.CookieDuration != "" {
cookieDuration, err = time.ParseDuration(auth.Local.CookieDuration)
if err != nil {
return errors.WithStack(err)
}
}
router.Handle("/auth/*", authHTTP.NewLocalHandler(
jwa.HS256, key,
authHTTP.WithRoutePrefix("/auth"),
authHTTP.WithAccounts(auth.Local.Accounts...),
authHTTP.WithCookieOptions(getCookieDomain, cookieDuration),
))
}
return nil
}
func NewServer(bundle bundle.Bundle, config *spec.Config, handlerOptions ...edgeHTTP.HandlerOptionFunc) *Server {
return &Server{
bundle: bundle,
@ -182,7 +143,7 @@ func getCookieDomain(r *http.Request) (string, error) {
}
// If host is an IP address
if wildcard.Match(host, "*.*.*.*") {
if ip := net.ParseIP(host); ip != nil {
return "", nil
}

View File

@ -58,6 +58,12 @@ func (s *Server) updateSpec(w http.ResponseWriter, r *http.Request) {
updateSpecReq.SpecData(),
)
if err != nil {
if errors.Is(err, datastore.ErrNotFound) {
api.ErrorResponse(w, http.StatusNotFound, ErrCodeNotFound, nil)
return
}
if errors.Is(err, datastore.ErrUnexpectedRevision) {
api.ErrorResponse(w, http.StatusConflict, ErrCodeUnexpectedRevision, nil)
@ -87,6 +93,12 @@ func (s *Server) getAgentSpecs(w http.ResponseWriter, r *http.Request) {
specs, err := s.agentRepo.GetSpecs(ctx, agentID)
if err != nil {
if errors.Is(err, datastore.ErrNotFound) {
api.ErrorResponse(w, http.StatusNotFound, ErrCodeNotFound, nil)
return
}
logger.Error(ctx, "could not list specs", logger.E(errors.WithStack(err)))
api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)

View File

@ -4,7 +4,7 @@ ARG HTTP_PROXY=
ARG HTTPS_PROXY=
ARG http_proxy=
ARG https_proxy=
ARG GO_VERSION=1.19.2
ARG GO_VERSION=1.20.2
# Install dev environment dependencies
RUN export DEBIAN_FRONTEND=noninteractive &&\

View File

@ -6,7 +6,7 @@ After=network.target
Type=simple
Restart=always
WorkingDirectory=/usr/share/emissary
ExecStart=/usr/bin/emissary --config /etc/emissary/config.yml agent run
ExecStart=/usr/bin/emissary --config /etc/emissary/agent.yml agent run
[Install]
WantedBy=multi-user.target

View File

@ -4,9 +4,9 @@ After=network.target
[Service]
Type=simple
Restart=always
Restart=on-failure
WorkingDirectory=/usr/share/emissary
ExecStart=/usr/bin/emissary --config /etc/emissary/config.yml server run
ExecStart=/usr/bin/emissary --config /etc/emissary/server.yml server run
[Install]
WantedBy=multi-user.target

339
misc/resources/logo.svg Normal file
View File

@ -0,0 +1,339 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
viewBox="0 0 620 620"
version="1.1"
id="svg110"
sodipodi:docname="logo.svg"
inkscape:version="1.2.2 (b0a8486541, 2022-12-01)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<sodipodi:namedview
id="namedview112"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:showpageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#d1d1d1"
showgrid="false"
inkscape:zoom="0.38064516"
inkscape:cx="310"
inkscape:cy="306.05932"
inkscape:current-layer="svg110" />
<defs
id="defs50">
<style
id="style2">.cls-1{fill:#fff;}.cls-2{fill:url(#Dégradé_sans_nom_22);}.cls-3{fill:url(#Dégradé_sans_nom_22-2);}.cls-4{fill:url(#Dégradé_sans_nom_22-3);}.cls-5{fill:#acdce9;}.cls-6{fill:none;}.cls-7{fill:url(#Dégradé_sans_nom_14);}.cls-8{fill:url(#Dégradé_sans_nom_14-2);}.cls-9{fill:url(#Dégradé_sans_nom_14-3);}.cls-10{fill:url(#Dégradé_sans_nom_14-4);}.cls-11{fill:url(#Dégradé_sans_nom_14-5);}.cls-12{fill:url(#Dégradé_sans_nom_14-6);}.cls-13{fill:url(#Dégradé_sans_nom_14-7);}</style>
<linearGradient
id="Dégradé_sans_nom_22"
x1="389.04"
y1="577.91"
x2="843.52"
y2="444.49"
gradientUnits="userSpaceOnUse">
<stop
offset="0"
stop-color="#f9b233"
id="stop4" />
<stop
offset="0.05"
stop-color="#ef9630"
id="stop6" />
<stop
offset="0.12"
stop-color="#e2742c"
id="stop8" />
<stop
offset="0.2"
stop-color="#d65729"
id="stop10" />
<stop
offset="0.29"
stop-color="#cd3f26"
id="stop12" />
<stop
offset="0.39"
stop-color="#c72d24"
id="stop14" />
<stop
offset="0.51"
stop-color="#c22023"
id="stop16" />
<stop
offset="0.66"
stop-color="#bf1822"
id="stop18" />
<stop
offset="0.99"
stop-color="#be1622"
id="stop20" />
</linearGradient>
<linearGradient
id="Dégradé_sans_nom_22-2"
x1="347.14"
y1="435.21"
x2="801.63"
y2="301.79"
xlink:href="#Dégradé_sans_nom_22" />
<linearGradient
id="Dégradé_sans_nom_22-3"
x1="363.28"
y1="490.17"
x2="817.76"
y2="356.75"
xlink:href="#Dégradé_sans_nom_22" />
<linearGradient
id="Dégradé_sans_nom_14"
x1="295.82"
y1="531.3"
x2="915.72"
y2="148.45"
gradientUnits="userSpaceOnUse">
<stop
offset="0"
stop-color="#36a9e1"
id="stop25" />
<stop
offset="0.01"
stop-color="#35a3db"
id="stop27" />
<stop
offset="0.09"
stop-color="#3281b9"
id="stop29" />
<stop
offset="0.17"
stop-color="#2f649c"
id="stop31" />
<stop
offset="0.26"
stop-color="#2d4c85"
id="stop33" />
<stop
offset="0.37"
stop-color="#2b3a72"
id="stop35" />
<stop
offset="0.49"
stop-color="#2a2d66"
id="stop37" />
<stop
offset="0.65"
stop-color="#29255e"
id="stop39" />
<stop
offset="0.99"
stop-color="#29235c"
id="stop41" />
</linearGradient>
<linearGradient
id="Dégradé_sans_nom_14-2"
x1="302.24"
y1="541.68"
x2="922.14"
y2="158.84"
xlink:href="#Dégradé_sans_nom_14" />
<linearGradient
id="Dégradé_sans_nom_14-3"
x1="308.78"
y1="537.64"
x2="795.27"
y2="237.19"
xlink:href="#Dégradé_sans_nom_14" />
<linearGradient
id="Dégradé_sans_nom_14-4"
x1="416.02"
y1="726.54"
x2="1047.24"
y2="336.7"
xlink:href="#Dégradé_sans_nom_14" />
<linearGradient
id="Dégradé_sans_nom_14-5"
x1="422.84"
y1="722.33"
x2="909.33"
y2="421.88"
xlink:href="#Dégradé_sans_nom_14" />
<linearGradient
id="Dégradé_sans_nom_14-6"
x1="265.42"
y1="482.7"
x2="896.65"
y2="92.86"
xlink:href="#Dégradé_sans_nom_14" />
<linearGradient
id="Dégradé_sans_nom_14-7"
x1="272.25"
y1="478.49"
x2="758.74"
y2="178.04"
xlink:href="#Dégradé_sans_nom_14" />
</defs>
<g
id="Calque_4"
data-name="Calque 4">
<circle
class="cls-1"
cx="310"
cy="310"
r="310"
id="circle52" />
</g>
<g
id="Calque_3"
data-name="Calque 3">
<path
class="cls-2"
d="M382.43,551.91c-2.64,12.13-5,37.74,16.31,54a11.79,11.79,0,0,0,10.58,1.87L536.08,569a11.7,11.7,0,0,0,7.55-7.05c3.86-10.27,8.25-33.2-17.06-54.7A11.78,11.78,0,0,0,515.5,505l-7.95,2.44L446.89,526l-56.42,17.28A11.72,11.72,0,0,0,382.43,551.91Z"
transform="translate(-270.7 -127.63)"
id="path55" />
<path
class="cls-3"
d="M479,384.26c4-2.64,8.43-5.3,13.2-7.93l.27-.14,0,0a4.79,4.79,0,0,0-4.38-.81l-88.29,27a4.79,4.79,0,0,0-3.24,3.35c-1.38,5.29-3.62,17.74,2.13,28.71a4.83,4.83,0,0,0,7.07,1.77,382.78,382.78,0,0,1,40.87-24.81,4.88,4.88,0,0,0,1.67-1.49C453.94,401.88,464.6,393.06,479,384.26Z"
transform="translate(-270.7 -127.63)"
id="path57" />
<path
class="cls-4"
d="M681.16,333.19a.1.1,0,0,0,0,.2c11.53,2.22,19,6.52,21,12.92,6.28,20.52-46.38,54.83-117.63,76.63-57.32,17.55-109.18,21.65-130.54,11.9-5.18-2.37-8.59-5.55-9.82-9.55a12.49,12.49,0,0,1-.15-6.41.13.13,0,0,0-.19-.14A342.31,342.31,0,0,0,405.47,443c-23.59,17.58-35.56,33.72-31.8,46,4.78,15.62,34.14,22.17,78.27,20.26a.12.12,0,0,1,.13.16l-3,9.55a.13.13,0,0,0,.16.16L508.59,501l13.77-4.21a.13.13,0,0,1,.12,0c1.58,1.16,3,2.32,4.45,3.49a.1.1,0,0,0,.1,0A977.1,977.1,0,0,0,638.75,472.9c136.34-41.74,238.73-102.19,228.68-135C859.38,311.6,781.74,311,681.16,333.19Z"
transform="translate(-270.7 -127.63)"
id="path59" />
<path
class="cls-5"
d="M694.39,348.33c-2-6.73-12.15-10.44-27.62-11.29a154.33,154.33,0,0,0-16.61.08c16,24.86-14.65,54-30.44,66.73C667.12,384.85,698.66,362.27,694.39,348.33Z"
transform="translate(-270.7 -127.63)"
id="path61" />
<path
class="cls-6"
d="M873.93,336.73c-2.86-12.89-15.64-20-33.51-23.45A283.91,283.91,0,0,1,861,371.4C871.09,360.09,876.52,348.34,873.93,336.73Z"
transform="translate(-270.7 -127.63)"
id="path63" />
<path
class="cls-7"
d="M299.08,479.05a2.32,2.32,0,0,0-2.2,2.73A309.22,309.22,0,0,0,323.68,562a2.27,2.27,0,0,0,2.43,1.21A283.59,283.59,0,0,1,299.91,479Z"
transform="translate(-270.7 -127.63)"
id="path65" />
<path
class="cls-8"
d="M363,548.81q6.94-2.13,13.73-3.79a2.31,2.31,0,0,0,1.63-1.53c.36-1.14.75-2.3,1.18-3.47a2.3,2.3,0,0,1,1.5-1.43l59.3-18.15a2.31,2.31,0,0,0-.74-4.52c-14.07.37-63.57-.07-72-24.18,0,0-5.47-10.13,4.16-25.33-1.49.5-3,1-4.51,1.45-18.64,5.7-46.44,10.25-67.28,11.15a283.59,283.59,0,0,0,26.2,84.17,2.25,2.25,0,0,0,.62-.15A298.13,298.13,0,0,1,363,548.81Z"
transform="translate(-270.7 -127.63)"
id="path67" />
<path
class="cls-9"
d="M363,548.81q6.94-2.13,13.73-3.79a2.31,2.31,0,0,0,1.63-1.53c.36-1.14.75-2.3,1.18-3.47a2.3,2.3,0,0,1,1.5-1.43l59.3-18.15a2.31,2.31,0,0,0-.74-4.52c-14.07.37-63.57-.07-72-24.18,0,0-5.47-10.13,4.16-25.33-1.49.5-3,1-4.51,1.45-18.64,5.7-46.44,10.25-67.28,11.15a283.59,283.59,0,0,0,26.2,84.17,2.25,2.25,0,0,0,.62-.15A298.13,298.13,0,0,1,363,548.81Z"
transform="translate(-270.7 -127.63)"
id="path69" />
<path
class="cls-10"
d="M582.7,722.94c157.87,0,285.85-128,285.85-285.85A286.63,286.63,0,0,0,861,371.4c-37.61,42-140.24,77.8-140.27,77.8s-98,40.65-188,55.81c0,0,0,0,0,0,.64.42,36.32,24.49,13,68.42h0L403.46,615.88h0a41.35,41.35,0,0,1-5.21-3.19h0q-6.9,2.55-14.24,4.81c-5.69,1.74-12.1,3.41-18.87,5A285.19,285.19,0,0,0,582.7,722.94Z"
transform="translate(-270.7 -127.63)"
id="path71" />
<path
class="cls-11"
d="M582.7,722.94c157.87,0,285.85-128,285.85-285.85A286.63,286.63,0,0,0,861,371.4c-37.61,42-140.24,77.8-140.27,77.8s-98,40.65-188,55.81c0,0,0,0,0,0,.64.42,36.32,24.49,13,68.42h0L403.46,615.88h0a41.35,41.35,0,0,1-5.21-3.19h0q-6.9,2.55-14.24,4.81c-5.69,1.74-12.1,3.41-18.87,5A285.19,285.19,0,0,0,582.7,722.94Z"
transform="translate(-270.7 -127.63)"
id="path73" />
<path
class="cls-12"
d="M390,402.12h0a42,42,0,0,1,1.88-5.3h0l102.24-31.3h0l5.49,5.94h0c.52-.28,89.13-46.1,171-40.81h0c.13,0,111.77-28.45,169.78-17.37-46.14-95.88-144.2-162-257.72-162-156.72,0-284,126.12-285.81,282.4,16.25-9.51,36.55-18.94,52.53-23.83A177.82,177.82,0,0,1,390,402.12Z"
transform="translate(-270.7 -127.63)"
id="path75" />
<path
class="cls-13"
d="M390,402.12h0a42,42,0,0,1,1.88-5.3h0l102.24-31.3h0l5.49,5.94h0c.52-.28,89.13-46.1,171-40.81h0c.13,0,111.77-28.45,169.78-17.37-46.14-95.88-144.2-162-257.72-162-156.72,0-284,126.12-285.81,282.4,16.25-9.51,36.55-18.94,52.53-23.83A177.82,177.82,0,0,1,390,402.12Z"
transform="translate(-270.7 -127.63)"
id="path77" />
<path
class="cls-5"
d="M613.5,341.7a453.93,453.93,0,0,0-50.22,12.41c-26.81,8.2-50.89,18-69.82,28-20.21,10.63-34.52,21.39-40,30.47-2.22,3.7-3,7.13-2.08,10.14,1,3.39,4.13,6,8.91,7.89,19,7.48,64.86,3.18,116.58-12C635.88,378.72,622.92,352.06,613.5,341.7Z"
transform="translate(-270.7 -127.63)"
id="path79" />
<circle
class="cls-1"
cx="432.9"
cy="112.17"
r="8.82"
id="circle81" />
<circle
class="cls-1"
cx="360.51"
cy="174.46"
r="4.41"
id="circle83" />
<circle
class="cls-1"
cx="253.85"
cy="124.11"
r="6.72"
id="circle85" />
<circle
class="cls-1"
cx="140.55"
cy="150.46"
r="4.41"
id="circle87" />
<circle
class="cls-1"
cx="221.77"
cy="190.68"
r="5.03"
id="circle89" />
<circle
class="cls-1"
cx="316"
cy="56.58"
r="4.41"
id="circle91" />
<circle
class="cls-1"
cx="272.6"
cy="497.14"
r="8.82"
id="circle93" />
<circle
class="cls-1"
cx="370.54"
cy="480.67"
r="4.41"
id="circle95" />
<circle
class="cls-1"
cx="434.95"
cy="420.7"
r="6.72"
id="circle97" />
<circle
class="cls-1"
cx="546.81"
cy="388.76"
r="4.41"
id="circle99" />
<circle
class="cls-1"
cx="495.3"
cy="463.34"
r="5.03"
id="circle101" />
<circle
class="cls-1"
cx="347.84"
cy="391.81"
r="4.41"
id="circle103" />
<circle
class="cls-1"
cx="346.13"
cy="559.72"
r="6.72"
id="circle105" />
<circle
class="cls-1"
cx="499.71"
cy="334.37"
r="4.41"
id="circle107" />
</g>
</svg>

After

Width:  |  Height:  |  Size: 11 KiB

View File

@ -1,34 +1,21 @@
{
"apps": {
"edge.portal": {
"url": "https://emissary.cadol.es/files/apps/edge.portal_v2023.4.9-41c100d.zip",
"sha256sum": "b73a6741654f3e24281e354b3b506b109dac6ada8a9698452f52b03a53299a7d",
"address": ":8082",
"format": "zip"
},
"app.arcad.edge.hextris": {
"url": "https://emissary.cadol.es/files/apps/app.arcad.edge.hextris_v2023.4.11-81fb4c4.zip",
"sha256sum": "6d70f65971b3dd288da32d8d004ab8fbca030398b5c12e3c052ef98c53a6b81a",
"url": "https://emissary.cadol.es/files/apps/app.arcad.edge.hextris_v2023.4.20-2bbbe94.zip",
"sha256sum": "67942ef4b623c46308c3f640b534bd4cb6b1d6021a422e40b62ab97658ba4586",
"address": ":8083",
"format": "zip"
},
"edge.sdk.client.test": {
"url": "https://emissary.cadol.es/files/apps/edge.sdk.client.test_v2023.4.11-f5283b8.zip",
"sha256sum": "785d9f8d427900e1bb27ab85a33e8b1cbd1b6a1f8b2eab6366dc215a69655ade",
"url": "https://emissary.cadol.es/files/apps/edge.sdk.client.test_v2023.4.20-20c4189.zip",
"sha256sum": "1edeb4aa75c1675db49cf27367b1537234a04526848ea6657931ca63f26e5dae",
"address": ":8084",
"format": "zip"
},
"arcad.diffusion": {
"url": "https://emissary.cadol.es/files/apps/arcad.diffusion_v2023.4.9-81046a2.zip",
"sha256sum": "b8770adfaaf60e6d3e7776e0a090e6e7a0b31f3f9425b91168b42144d0346513",
"address": ":8085",
"format": "zip"
}
},
"config": {
"appUrlResolving": {
"ifaceMappings": {
"lo": "http://{{ .DeviceIP }}:{{ .AppPort }}",
"wlp4s0": "http://{{ .DeviceIP }}:{{ .AppPort }}",
"enp0s31f6": "http://{{ .DeviceIP }}:{{ .AppPort }}"
},
@ -48,11 +35,44 @@
"algo": "plain",
"password": "admin",
"claims": {
"arcad_role": "admin",
"arcad_tenant": "x86",
"edge_role": "admin",
"edge_tenant": "emissary-dev",
"preferred_username": "Admin",
"sub": "admin"
}
},
{
"username": "superadmin",
"algo": "plain",
"password": "superadmin",
"claims": {
"edge_role": "superadmin",
"edge_tenant": "emissary-dev",
"preferred_username": "SuperAdmin",
"sub": "superadmin"
}
},
{
"username": "user",
"algo": "plain",
"password": "user",
"claims": {
"edge_role": "user",
"edge_tenant": "emissary-dev",
"preferred_username": "User",
"sub": "user"
}
},
{
"username": "superuser",
"algo": "plain",
"password": "superuser",
"claims": {
"edge_role": "superuser",
"edge_tenant": "emissary-dev",
"preferred_username": "SuperUser",
"sub": "superuser"
}
}
]
}

View File

@ -5,11 +5,6 @@
"port": 8080,
"host": "arcad"
},
"portal": {
"type": "_http._tcp",
"port": 8080,
"host": "arcad-portal"
},
"hextris": {
"type": "_http._tcp",
"port": 8080,
@ -19,11 +14,6 @@
"type": "_http._tcp",
"port": 8080,
"host": "arcad-test"
},
"diffusion": {
"type": "_http._tcp",
"port": 8080,
"host": "arcad-diffusion"
}
}
}

View File

@ -3,10 +3,6 @@
"main": {
"address": ":8080",
"mappings": [
{
"hostPattern": "portal.localhost.arcad.lan:*",
"target": "http://localhost:8082"
},
{
"hostPattern": "hextris.localhost.arcad.lan:*",
"target": "http://localhost:8083"
@ -15,14 +11,6 @@
"hostPattern": "test.localhost.arcad.lan:*",
"target": "http://localhost:8084"
},
{
"hostPattern": "diffusion.localhost.arcad.lan:*",
"target": "http://localhost:8085"
},
{
"hostPattern": "arcad-portal.local:*",
"target": "http://localhost:8082"
},
{
"hostPattern": "arcad-hextris.local:*",
"target": "http://localhost:8083"
@ -31,13 +19,9 @@
"hostPattern": "arcad-test.local:*",
"target": "http://localhost:8084"
},
{
"hostPattern": "arcad-diffusion.local:*",
"target": "http://localhost:8085"
},
{
"hostPattern": "*",
"target": "http://localhost:8082"
"target": "http://localhost:8084"
}
]
}