Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-04-01 21:13:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

instrument all the things

Browse Source
This commit is contained in:
Aiden McClelland
2021-10-11 19:01:37 -06:00
committed by Aiden McClelland
parent 11bd1e0609
commit 69382f788d
44 changed files with 284 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
appmgr/src/net/interface.rs
View File

@@ -8,6 +8,7 @@ use itertools::Either;
use serde::{Deserialize, Deserializer, Serialize};
use sqlx::{Executor, Sqlite};
use torut::onion::TorSecretKeyV3;
use tracing::instrument;
use crate::db::model::{InterfaceAddressMap, InterfaceAddresses};
use crate::id::Id;
@@ -19,6 +20,7 @@ use crate::Error;
#[serde(rename_all = "kebab-case")]
pub struct Interfaces(pub BTreeMap<InterfaceId, Interface>); // TODO
impl Interfaces {
#[instrument(skip(secrets))]
pub async fn install<Ex>(
&self,
secrets: &mut Ex,
@@ -68,6 +70,7 @@ impl Interfaces {
Ok(interface_addresses)
}
#[instrument(skip(secrets))]
pub async fn tor_keys<Ex>(
&self,
secrets: &mut Ex,

4
appmgr/src/net/mod.rs
View File

@@ -4,6 +4,7 @@ use std::path::PathBuf;
use rpc_toolkit::command;
use sqlx::SqlitePool;
use torut::onion::{OnionAddressV3, TorSecretKeyV3};
use tracing::instrument;
use self::interface::{Interface, InterfaceId};
#[cfg(feature = "avahi")]
@@ -35,6 +36,7 @@ pub struct NetController {
pub nginx: NginxController,
}
impl NetController {
#[instrument(skip(db))]
pub async fn init(
embassyd_addr: SocketAddr,
embassyd_tor_key: TorSecretKeyV3,
@@ -49,6 +51,7 @@ impl NetController {
})
}
#[instrument(skip(self, interfaces))]
pub async fn add<
'a,
I: IntoIterator<Item = (InterfaceId, &'a Interface, TorSecretKeyV3)> + Clone,
@@ -105,6 +108,7 @@ impl NetController {
Ok(())
}
#[instrument(skip(self, interfaces))]
pub async fn remove<I: IntoIterator<Item = InterfaceId> + Clone>(
&self,
pkg_id: &PackageId,

7
appmgr/src/net/nginx.rs
View File

@@ -7,6 +7,7 @@ use futures::FutureExt;
use indexmap::IndexSet;
use sqlx::SqlitePool;
use tokio::sync::Mutex;
use tracing::instrument;
use super::interface::{InterfaceId, LanPortConfig};
use super::ssl::SslManager;
@@ -55,6 +56,7 @@ pub struct NginxControllerInner {
ssl_manager: SslManager,
}
impl NginxControllerInner {
#[instrument(skip(db))]
async fn init(nginx_root: &Path, db: SqlitePool) -> Result<Self, Error> {
let inner = NginxControllerInner {
interfaces: BTreeMap::new(),
@@ -77,6 +79,7 @@ impl NginxControllerInner {
)?;
Ok(inner)
}
#[instrument(skip(self, interfaces))]
async fn add<I: IntoIterator<Item = (InterfaceId, InterfaceMetadata)>>(
&mut self,
nginx_root: &Path,
@@ -182,6 +185,8 @@ impl NginxControllerInner {
self.hup().await?;
Ok(())
}
#[instrument(skip(self))]
async fn remove(&mut self, nginx_root: &Path, package: &PackageId) -> Result<(), Error> {
let removed = self.interfaces.remove(package);
if let Some(net_info) = removed {
@@ -207,6 +212,8 @@ impl NginxControllerInner {
self.hup().await?;
Ok(())
}
#[instrument(skip(self))]
async fn hup(&self) -> Result<(), Error> {
let _ = tokio::process::Command::new("systemctl")
.arg("reload")

13
appmgr/src/net/ssl.rs
View File

@@ -11,6 +11,7 @@ use openssl::x509::{X509Builder, X509Extension, X509NameBuilder, X509};
use openssl::*;
use sqlx::SqlitePool;
use tokio::sync::Mutex;
use tracing::instrument;
use crate::{Error, ErrorKind};
@@ -30,12 +31,14 @@ impl SslStore {
fn new(db: SqlitePool) -> Result<Self, Error> {
Ok(SslStore { secret_store: db })
}
#[instrument(skip(self))]
async fn save_root_certificate(&self, key: &PKey<Private>, cert: &X509) -> Result<(), Error> {
let key_str = String::from_utf8(key.private_key_to_pem_pkcs8()?)?;
let cert_str = String::from_utf8(cert.to_pem()?)?;
let _n = sqlx::query!("INSERT INTO certificates (id, priv_key_pem, certificate_pem, lookup_string, created_at, updated_at) VALUES (0, ?, ?, NULL, datetime('now'), datetime('now'))", key_str, cert_str).execute(&self.secret_store).await?;
Ok(())
}
#[instrument(skip(self))]
async fn load_root_certificate(&self) -> Result<Option<(PKey<Private>, X509)>, Error> {
let m_row =
sqlx::query!("SELECT priv_key_pem, certificate_pem FROM certificates WHERE id = 0;")
@@ -50,6 +53,7 @@ impl SslStore {
}
}
}
#[instrument(skip(self))]
async fn save_intermediate_certificate(
&self,
key: &PKey<Private>,
@@ -74,6 +78,7 @@ impl SslStore {
}
}
}
#[instrument(skip(self))]
async fn save_certificate(
&self,
key: &PKey<Private>,
@@ -104,6 +109,7 @@ impl SslStore {
}
}
}
#[instrument(skip(self))]
async fn update_certificate(
&self,
key: &PKey<Private>,
@@ -133,6 +139,7 @@ lazy_static::lazy_static! {
}
impl SslManager {
#[instrument(skip(db))]
pub async fn init(db: SqlitePool) -> Result<Self, Error> {
let store = SslStore::new(db)?;
let (root_key, root_cert) = match store.load_root_certificate().await? {
@@ -163,6 +170,7 @@ impl SslManager {
})
}
#[instrument(skip(self))]
pub async fn certificate_for(
&self,
dns_base: &str,
@@ -193,17 +201,20 @@ impl SslManager {
}
}
#[instrument]
fn rand_serial() -> Result<Asn1Integer, Error> {
let mut bn = BigNum::new()?;
bn.rand(64, MsbOption::MAYBE_ZERO, false)?;
let asn1 = Asn1Integer::from_bn(&bn)?;
Ok(asn1)
}
#[instrument]
fn generate_key() -> Result<PKey<Private>, Error> {
let new_key = EcKey::generate(EC_GROUP.as_ref())?;
let key = PKey::from_ec_key(new_key)?;
Ok(key)
}
#[instrument]
fn make_root_cert(root_key: &PKey<Private>) -> Result<X509, Error> {
let mut builder = X509Builder::new()?;
builder.set_version(CERTIFICATE_VERSION)?;
@@ -254,6 +265,7 @@ fn make_root_cert(root_key: &PKey<Private>) -> Result<X509, Error> {
let cert = builder.build();
Ok(cert)
}
#[instrument]
fn make_int_cert(
signer: (&PKey<Private>, &X509),
applicant: &PKey<Private>,
@@ -315,6 +327,7 @@ fn make_int_cert(
Ok(cert)
}
#[instrument]
fn make_leaf_cert(
signer: (&PKey<Private>, &X509),
applicant: (&PKey<Private>, &str),

8
appmgr/src/net/tor.rs
View File

@@ -14,6 +14,7 @@ use tokio::net::TcpStream;
use tokio::sync::Mutex;
use torut::control::{AsyncEvent, AuthenticatedConn, ConnError};
use torut::onion::{OnionAddressV3, TorSecretKeyV3};
use tracing::instrument;
use super::interface::{InterfaceId, TorConfig};
use crate::context::RpcContext;
@@ -56,6 +57,7 @@ pub async fn list_services(
ctx.net_controller.tor.list_services().await
}
#[instrument(skip(secrets))]
pub async fn os_key<Ex>(secrets: &mut Ex) -> Result<TorSecretKeyV3, Error>
where
for<'a> &'a mut Ex: Executor<'a, Database = Sqlite>,
@@ -139,6 +141,7 @@ pub struct TorControllerInner {
services: BTreeMap<(PackageId, InterfaceId), (TorSecretKeyV3, TorConfig, Ipv4Addr)>,
}
impl TorControllerInner {
#[instrument(skip(self, interfaces))]
async fn add<'a, I: IntoIterator<Item = (InterfaceId, TorConfig, TorSecretKeyV3)>>(
&mut self,
pkg_id: &PackageId,
@@ -180,6 +183,7 @@ impl TorControllerInner {
Ok(())
}
#[instrument(skip(self, interfaces))]
async fn remove<I: IntoIterator<Item = InterfaceId>>(
&mut self,
pkg_id: &PackageId,
@@ -203,6 +207,7 @@ impl TorControllerInner {
Ok(())
}
#[instrument]
async fn init(
embassyd_addr: SocketAddr,
embassyd_tor_key: TorSecretKeyV3,
@@ -232,6 +237,7 @@ impl TorControllerInner {
Ok(controller)
}
#[instrument(skip(self))]
async fn add_embassyd_onion(&mut self) -> Result<(), Error> {
tracing::info!(
"Registering Main Tor Service: {}",
@@ -256,6 +262,7 @@ impl TorControllerInner {
Ok(())
}
#[instrument(skip(self))]
async fn replace(&mut self) -> Result<bool, Error> {
let connection = self.connection.take();
let uptime = if let Some(mut c) = connection {
@@ -332,6 +339,7 @@ impl TorControllerInner {
self.embassyd_tor_key.public().get_onion_address()
}
#[instrument(skip(self))]
async fn list_services(&mut self) -> Result<Vec<OnionAddressV3>, Error> {
self.connection
.as_mut()

15
appmgr/src/net/wifi.rs
View File

@@ -6,6 +6,7 @@ use clap::ArgMatches;
use isocountry::CountryCode;
use rpc_toolkit::command;
use tokio::process::Command;
use tracing::instrument;
use crate::context::RpcContext;
use crate::util::{display_none, display_serializable, Invoke, IoFormat};
@@ -17,6 +18,7 @@ pub async fn wifi() -> Result<(), Error> {
}
#[command(display(display_none))]
#[instrument(skip(ctx))]
pub async fn add(
#[context] ctx: RpcContext,
#[arg] ssid: String,
@@ -74,6 +76,7 @@ pub async fn add(
}
#[command(display(display_none))]
#[instrument(skip(ctx))]
pub async fn connect(#[context] ctx: RpcContext, #[arg] ssid: String) -> Result<(), Error> {
if !ssid.is_ascii() {
return Err(Error::new(
@@ -112,6 +115,7 @@ pub async fn connect(#[context] ctx: RpcContext, #[arg] ssid: String) -> Result<
}
#[command(display(display_none))]
#[instrument(skip(ctx))]
pub async fn delete(#[context] ctx: RpcContext, #[arg] ssid: String) -> Result<(), Error> {
if !ssid.is_ascii() {
return Err(Error::new(
@@ -195,6 +199,7 @@ fn display_wifi_info(info: WiFiInfo, matches: &ArgMatches<'_>) {
}
#[command(display(display_wifi_info))]
#[instrument(skip(ctx))]
pub async fn get(
#[context] ctx: RpcContext,
#[allow(unused_variables)]
@@ -239,6 +244,7 @@ pub async fn get(
}
#[command(display(display_none))]
#[instrument(skip(ctx))]
pub async fn set_country(
#[context] ctx: RpcContext,
#[arg(parse(country_code_parse))] country: CountryCode,
@@ -247,6 +253,7 @@ pub async fn set_country(
wpa_supplicant.set_country_low(country.alpha2()).await
}
#[derive(Debug)]
pub struct WpaCli {
datadir: PathBuf,
interface: String,
@@ -372,6 +379,7 @@ impl WpaCli {
.await?;
Ok(())
}
#[instrument]
pub async fn list_networks_low(&self) -> Result<BTreeMap<String, NetworkId>, Error> {
let r = Command::new("wpa_cli")
.arg("-i")
@@ -411,6 +419,7 @@ impl WpaCli {
.await?;
Ok(())
}
#[instrument]
pub async fn signal_poll_low(&self) -> Result<Option<isize>, Error> {
let r = Command::new("wpa_cli")
.arg("-i")
@@ -447,6 +456,7 @@ impl WpaCli {
pub async fn check_network(&self, ssid: &str) -> Result<Option<NetworkId>, Error> {
Ok(self.list_networks_low().await?.remove(ssid))
}
#[instrument]
pub async fn select_network(&self, ssid: &str) -> Result<bool, Error> {
let m_id = self.check_network(ssid).await?;
match m_id {
@@ -485,6 +495,7 @@ impl WpaCli {
}
}
}
#[instrument]
pub async fn get_current_network(&self) -> Result<Option<String>, Error> {
let r = Command::new("iwgetid")
.arg(&self.interface)
@@ -500,6 +511,7 @@ impl WpaCli {
Ok(Some(network.to_owned()))
}
}
#[instrument]
pub async fn remove_network(&self, ssid: &str) -> Result<bool, Error> {
match self.check_network(ssid).await? {
None => Ok(false),
@@ -511,6 +523,7 @@ impl WpaCli {
}
}
}
#[instrument]
pub async fn add_network(&self, ssid: &str, psk: &str, priority: isize) -> Result<(), Error> {
use NetworkAttr::*;
let nid = match self.check_network(ssid).await? {
@@ -533,6 +546,7 @@ impl WpaCli {
}
}
#[instrument]
pub async fn interface_connected(interface: &str) -> Result<bool, Error> {
let out = Command::new("ifconfig")
.arg(interface)
@@ -552,6 +566,7 @@ pub fn country_code_parse(code: &str, _matches: &ArgMatches<'_>) -> Result<Count
)))
}
#[instrument(skip(main_datadir))]
pub async fn synchronize_wpa_supplicant_conf<P: AsRef<Path>>(main_datadir: P) -> Result<(), Error> {
let persistent = main_datadir.as_ref().join("wpa_supplicant.conf");
tracing::debug!("persistent: {:?}", persistent);