Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-04-01 21:13:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

rename frontend to web and update contributing guide (#2509)

Browse Source 
* rename frontend to web and update contributing guide

* rename this time

* fix build

* restructure rust code

* update documentation

* update descriptions

* Update CONTRIBUTING.md

Co-authored-by: J H <2364004+Blu-J@users.noreply.github.com>

---------

Co-authored-by: Aiden McClelland <me@drbonez.dev>
Co-authored-by: Aiden McClelland <3732071+dr-bonez@users.noreply.github.com>
Co-authored-by: J H <2364004+Blu-J@users.noreply.github.com>
This commit is contained in:
Matt Hill
2023-11-13 14:22:23 -07:00
committed by GitHub
parent 871f78b570
commit 86567e7fa5
968 changed files with 812 additions and 6672 deletions
Download Patch File Download Diff File Expand all files Collapse all files

197
core/startos/src/ssh.rs Normal file
View File

@@ -0,0 +1,197 @@
use std::path::Path;
use chrono::Utc;
use clap::ArgMatches;
use color_eyre::eyre::eyre;
use rpc_toolkit::command;
use sqlx::{Pool, Postgres};
use tracing::instrument;
use crate::context::RpcContext;
use crate::util::display_none;
use crate::util::serde::{display_serializable, IoFormat};
use crate::{Error, ErrorKind};
static SSH_AUTHORIZED_KEYS_FILE: &str = "/home/start9/.ssh/authorized_keys";
#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct PubKey(
#[serde(serialize_with = "crate::util::serde::serialize_display")]
#[serde(deserialize_with = "crate::util::serde::deserialize_from_str")]
openssh_keys::PublicKey,
);
#[derive(serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "kebab-case")]
pub struct SshKeyResponse {
pub alg: String,
pub fingerprint: String,
pub hostname: String,
pub created_at: String,
}
impl std::fmt::Display for SshKeyResponse {
fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
write!(
f,
"{} {} {} {}",
self.created_at, self.alg, self.fingerprint, self.hostname
)
}
}
impl std::str::FromStr for PubKey {
type Err = Error;
fn from_str(s: &str) -> Result<Self, Self::Err> {
s.parse().map(|pk| PubKey(pk)).map_err(|e| Error {
source: e.into(),
kind: crate::ErrorKind::ParseSshKey,
revision: None,
})
}
}
#[command(subcommands(add, delete, list,))]
pub fn ssh() -> Result<(), Error> {
Ok(())
}
#[command(display(display_none))]
#[instrument(skip_all)]
pub async fn add(#[context] ctx: RpcContext, #[arg] key: PubKey) -> Result<SshKeyResponse, Error> {
let pool = &ctx.secret_store;
// check fingerprint for duplicates
let fp = key.0.fingerprint_md5();
match sqlx::query!("SELECT * FROM ssh_keys WHERE fingerprint = $1", fp)
.fetch_optional(pool)
.await?
{
None => {
// if no duplicates, insert into DB
let raw_key = format!("{}", key.0);
let created_at = Utc::now().to_rfc3339();
sqlx::query!(
"INSERT INTO ssh_keys (fingerprint, openssh_pubkey, created_at) VALUES ($1, $2, $3)",
fp,
raw_key,
created_at
)
.execute(pool)
.await?;
// insert into live key file, for now we actually do a wholesale replacement of the keys file, for maximum
// consistency
sync_keys_from_db(pool, Path::new(SSH_AUTHORIZED_KEYS_FILE)).await?;
Ok(SshKeyResponse {
alg: key.0.keytype().to_owned(),
fingerprint: fp,
hostname: key.0.comment.unwrap_or(String::new()).to_owned(),
created_at,
})
}
Some(_) => Err(Error::new(eyre!("Duplicate ssh key"), ErrorKind::Duplicate)),
}
}
#[command(display(display_none))]
#[instrument(skip_all)]
pub async fn delete(#[context] ctx: RpcContext, #[arg] fingerprint: String) -> Result<(), Error> {
let pool = &ctx.secret_store;
// check if fingerprint is in DB
// if in DB, remove it from DB
let n = sqlx::query!("DELETE FROM ssh_keys WHERE fingerprint = $1", fingerprint)
.execute(pool)
.await?
.rows_affected();
// if not in DB, Err404
if n == 0 {
Err(Error {
source: color_eyre::eyre::eyre!("SSH Key Not Found"),
kind: crate::error::ErrorKind::NotFound,
revision: None,
})
} else {
// AND overlay key file
sync_keys_from_db(pool, Path::new(SSH_AUTHORIZED_KEYS_FILE)).await?;
Ok(())
}
}
fn display_all_ssh_keys(all: Vec<SshKeyResponse>, matches: &ArgMatches) {
use prettytable::*;
if matches.is_present("format") {
return display_serializable(all, matches);
}
let mut table = Table::new();
table.add_row(row![bc =>
"CREATED AT",
"ALGORITHM",
"FINGERPRINT",
"HOSTNAME",
]);
for key in all {
let row = row![
&format!("{}", key.created_at),
&key.alg,
&key.fingerprint,
&key.hostname,
];
table.add_row(row);
}
table.print_tty(false).unwrap();
}
#[command(display(display_all_ssh_keys))]
#[instrument(skip_all)]
pub async fn list(
#[context] ctx: RpcContext,
#[allow(unused_variables)]
#[arg(long = "format")]
format: Option<IoFormat>,
) -> Result<Vec<SshKeyResponse>, Error> {
let pool = &ctx.secret_store;
// list keys in DB and return them
let entries = sqlx::query!("SELECT fingerprint, openssh_pubkey, created_at FROM ssh_keys")
.fetch_all(pool)
.await?;
Ok(entries
.into_iter()
.map(|r| {
let k = PubKey(r.openssh_pubkey.parse().unwrap()).0;
let alg = k.keytype().to_owned();
let fingerprint = k.fingerprint_md5();
let hostname = k.comment.unwrap_or("".to_owned());
let created_at = r.created_at;
SshKeyResponse {
alg,
fingerprint,
hostname,
created_at,
}
})
.collect())
}
#[instrument(skip_all)]
pub async fn sync_keys_from_db<P: AsRef<Path>>(
pool: &Pool<Postgres>,
dest: P,
) -> Result<(), Error> {
let dest = dest.as_ref();
let keys = sqlx::query!("SELECT openssh_pubkey FROM ssh_keys")
.fetch_all(pool)
.await?;
let contents: String = keys
.into_iter()
.map(|k| format!("{}\n", k.openssh_pubkey))
.collect();
let ssh_dir = dest.parent().ok_or_else(|| {
Error::new(
eyre!("SSH Key File cannot be \"/\""),
crate::ErrorKind::Filesystem,
)
})?;
if tokio::fs::metadata(ssh_dir).await.is_err() {
tokio::fs::create_dir_all(ssh_dir).await?;
}
std::fs::write(dest, contents).map_err(|e| e.into())
}