2016-12-25 20:34:02 +00:00
|
|
|
package file
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/portainer/portainer"
|
|
|
|
|
|
|
|
"io"
|
|
|
|
"os"
|
|
|
|
"path"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
// TLSStorePath represents the subfolder where TLS files are stored in the file store folder.
|
|
|
|
TLSStorePath = "tls"
|
2017-08-10 08:35:23 +00:00
|
|
|
// LDAPStorePath represents the subfolder where LDAP TLS files are stored in the TLSStorePath.
|
|
|
|
LDAPStorePath = "ldap"
|
2016-12-25 20:34:02 +00:00
|
|
|
// TLSCACertFile represents the name on disk for a TLS CA file.
|
|
|
|
TLSCACertFile = "ca.pem"
|
|
|
|
// TLSCertFile represents the name on disk for a TLS certificate file.
|
|
|
|
TLSCertFile = "cert.pem"
|
|
|
|
// TLSKeyFile represents the name on disk for a TLS key file.
|
|
|
|
TLSKeyFile = "key.pem"
|
|
|
|
)
|
|
|
|
|
2017-01-02 19:32:53 +00:00
|
|
|
// Service represents a service for managing files and directories.
|
2016-12-25 20:34:02 +00:00
|
|
|
type Service struct {
|
2017-01-02 19:32:53 +00:00
|
|
|
dataStorePath string
|
2016-12-25 20:34:02 +00:00
|
|
|
fileStorePath string
|
|
|
|
}
|
|
|
|
|
2017-01-02 19:32:53 +00:00
|
|
|
// NewService initializes a new service. It creates a data directory and a directory to store files
|
|
|
|
// inside this directory if they don't exist.
|
|
|
|
func NewService(dataStorePath, fileStorePath string) (*Service, error) {
|
2016-12-25 20:34:02 +00:00
|
|
|
service := &Service{
|
2017-01-02 19:32:53 +00:00
|
|
|
dataStorePath: dataStorePath,
|
|
|
|
fileStorePath: path.Join(dataStorePath, fileStorePath),
|
2016-12-25 20:34:02 +00:00
|
|
|
}
|
|
|
|
|
2017-01-14 01:22:39 +00:00
|
|
|
// Checking if a mount directory exists is broken with Go on Windows.
|
|
|
|
// This will need to be reviewed after the issue has been fixed in Go.
|
2017-03-30 09:17:54 +00:00
|
|
|
// See: https://github.com/portainer/portainer/issues/474
|
2017-01-14 01:22:39 +00:00
|
|
|
// err := createDirectoryIfNotExist(dataStorePath, 0755)
|
|
|
|
// if err != nil {
|
|
|
|
// return nil, err
|
|
|
|
// }
|
2017-01-02 19:32:53 +00:00
|
|
|
|
2017-01-14 01:22:39 +00:00
|
|
|
err := service.createDirectoryInStoreIfNotExist(TLSStorePath)
|
2016-12-25 20:34:02 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return service, nil
|
|
|
|
}
|
|
|
|
|
2017-08-10 08:35:23 +00:00
|
|
|
// StoreTLSFile creates a folder in the TLSStorePath and stores a new file with the content from r.
|
|
|
|
func (service *Service) StoreTLSFile(folder string, fileType portainer.TLSFileType, r io.Reader) error {
|
|
|
|
storePath := path.Join(TLSStorePath, folder)
|
|
|
|
err := service.createDirectoryInStoreIfNotExist(storePath)
|
2016-12-25 20:34:02 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
var fileName string
|
|
|
|
switch fileType {
|
|
|
|
case portainer.TLSFileCA:
|
|
|
|
fileName = TLSCACertFile
|
|
|
|
case portainer.TLSFileCert:
|
|
|
|
fileName = TLSCertFile
|
|
|
|
case portainer.TLSFileKey:
|
|
|
|
fileName = TLSKeyFile
|
|
|
|
default:
|
|
|
|
return portainer.ErrUndefinedTLSFileType
|
|
|
|
}
|
|
|
|
|
2017-08-10 08:35:23 +00:00
|
|
|
tlsFilePath := path.Join(storePath, fileName)
|
2016-12-25 20:34:02 +00:00
|
|
|
err = service.createFileInStore(tlsFilePath, r)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetPathForTLSFile returns the absolute path to a specific TLS file for an endpoint.
|
2017-08-10 08:35:23 +00:00
|
|
|
func (service *Service) GetPathForTLSFile(folder string, fileType portainer.TLSFileType) (string, error) {
|
2016-12-25 20:34:02 +00:00
|
|
|
var fileName string
|
|
|
|
switch fileType {
|
|
|
|
case portainer.TLSFileCA:
|
|
|
|
fileName = TLSCACertFile
|
|
|
|
case portainer.TLSFileCert:
|
|
|
|
fileName = TLSCertFile
|
|
|
|
case portainer.TLSFileKey:
|
|
|
|
fileName = TLSKeyFile
|
|
|
|
default:
|
|
|
|
return "", portainer.ErrUndefinedTLSFileType
|
|
|
|
}
|
2017-08-10 08:35:23 +00:00
|
|
|
return path.Join(service.fileStorePath, TLSStorePath, folder, fileName), nil
|
2016-12-25 20:34:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// DeleteTLSFiles deletes a folder containing the TLS files for an endpoint.
|
2017-08-10 08:35:23 +00:00
|
|
|
func (service *Service) DeleteTLSFiles(folder string) error {
|
|
|
|
storePath := path.Join(service.fileStorePath, TLSStorePath, folder)
|
|
|
|
err := os.RemoveAll(storePath)
|
2016-12-25 20:34:02 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2017-01-02 19:32:53 +00:00
|
|
|
// createDirectoryInStoreIfNotExist creates a new directory in the file store if it doesn't exists on the file system.
|
|
|
|
func (service *Service) createDirectoryInStoreIfNotExist(name string) error {
|
2016-12-25 20:34:02 +00:00
|
|
|
path := path.Join(service.fileStorePath, name)
|
2017-01-02 19:32:53 +00:00
|
|
|
return createDirectoryIfNotExist(path, 0700)
|
|
|
|
}
|
|
|
|
|
|
|
|
// createDirectoryIfNotExist creates a directory if it doesn't exists on the file system.
|
|
|
|
func createDirectoryIfNotExist(path string, mode uint32) error {
|
2016-12-25 20:34:02 +00:00
|
|
|
_, err := os.Stat(path)
|
|
|
|
if os.IsNotExist(err) {
|
2017-01-02 19:32:53 +00:00
|
|
|
err = os.Mkdir(path, os.FileMode(mode))
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2016-12-25 20:34:02 +00:00
|
|
|
} else if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// createFile creates a new file in the file store with the content from r.
|
|
|
|
func (service *Service) createFileInStore(filePath string, r io.Reader) error {
|
|
|
|
path := path.Join(service.fileStorePath, filePath)
|
|
|
|
out, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
defer out.Close()
|
|
|
|
_, err = io.Copy(out, r)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|