1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
package main
import (
"database/sql"
"flag"
"fmt"
"log"
"strings"
mgo "gopkg.in/mgo.v2"
"github.com/go-sql-driver/mysql"
_ "github.com/mattn/go-sqlite3"
)
var (
host = flag.String("host", "localhost", "host[:port]")
adminUser = flag.String("admin_user", "root", "Admin user")
adminPasswd = flag.String("admin_password", "", "Admin password")
dbUser = flag.String("db_user", "user", "Database user")
dbPasswd = flag.String("db_password", "passwd", "Admin password")
dbType = flag.String("db_type", "mysql", "Database engine (\"mysql\", \"sqlite\" or \"mongo\")")
sqliteDB = flag.String("db_path", "certs.db", "Path to SQLite database")
authDB = flag.String("authdb", "admin", "Admin database (mongo)")
certsDB = "certs"
issuedTable = "issued_certs"
createTable = `CREATE TABLE IF NOT EXISTS ` + issuedTable + ` (
key_id VARCHAR(255) NOT NULL,
principals VARCHAR(255) NULL,
created_at DATETIME NULL,
expires_at DATETIME NULL,
revoked BOOLEAN DEFAULT NULL,
raw_key TEXT NULL,
PRIMARY KEY (key_id)
);`
)
func initSQLite() {
db, err := sql.Open("sqlite3", *sqliteDB)
if err != nil {
log.Fatal(err)
}
defer db.Close()
if _, err = db.Exec(createTable); err != nil {
log.Fatal(err)
}
}
func initMySQL() {
var createTableStmt = []string{
`CREATE DATABASE IF NOT EXISTS ` + certsDB + ` DEFAULT CHARACTER SET = 'utf8' DEFAULT COLLATE 'utf8_general_ci';`,
`USE ` + certsDB + `;`,
createTable,
`GRANT ALL PRIVILEGES ON certs.* TO '` + *dbUser + `'@'%' IDENTIFIED BY '` + *dbPasswd + `';`,
}
if len(strings.Split(*host, ":")) != 2 {
*host = fmt.Sprintf("%s:3306", *host)
}
conn := &mysql.Config{
User: *adminUser,
Passwd: *adminPasswd,
Net: "tcp",
Addr: *host,
}
db, err := sql.Open("mysql", conn.FormatDSN())
if err != nil {
log.Fatalf("Error connecting to database: %v", err)
}
defer db.Close()
if err := db.Ping(); err != nil {
log.Fatalf("Unable to connect to database.")
}
for _, stmt := range createTableStmt {
_, err := db.Exec(stmt)
if err != nil {
log.Fatalf("Error running setup: %v", err)
}
}
}
func initMongo() {
di := &mgo.DialInfo{
Addrs: strings.Split(*host, ","),
Username: *adminUser,
Password: *adminPasswd,
Database: *authDB,
}
session, err := mgo.DialWithInfo(di)
if err != nil {
log.Fatalln(err)
}
defer session.Close()
d := session.DB(certsDB)
if err := d.UpsertUser(&mgo.User{
Username: *dbUser,
Password: *dbPasswd,
Roles: []mgo.Role{mgo.RoleReadWrite},
}); err != nil {
log.Fatalln(err)
}
c := d.C(issuedTable)
i := mgo.Index{
Key: []string{"keyid"},
Unique: true,
}
if err != c.EnsureIndex(i) {
log.Fatalln(err)
}
}
func main() {
flag.Parse()
switch *dbType {
case "mysql":
initMySQL()
case "mongo":
initMongo()
case "sqlite":
initSQLite()
default:
log.Fatalf("Invalid database type")
}
}
|