From a8e2978a10298c298fa15275c1aaacb180b4aad4 Mon Sep 17 00:00:00 2001 From: Jonathan Cobb Date: Fri, 10 Jan 2020 10:13:18 -0500 Subject: [PATCH] refresh ssh keys upon startup --- .../bubble/dao/account/AccountSshKeyDAO.java | 2 +- .../main/java/bubble/dao/device/DeviceDAO.java | 7 ++----- .../main/java/bubble/model/device/Device.java | 17 +++++++++++++++++ .../service/boot/StandardSelfNodeService.java | 4 ++++ .../dbfilter/FilteredEntityIterator.java | 9 ++------- 5 files changed, 26 insertions(+), 13 deletions(-) diff --git a/bubble-server/src/main/java/bubble/dao/account/AccountSshKeyDAO.java b/bubble-server/src/main/java/bubble/dao/account/AccountSshKeyDAO.java index 7ece7d23..33d804a1 100644 --- a/bubble-server/src/main/java/bubble/dao/account/AccountSshKeyDAO.java +++ b/bubble-server/src/main/java/bubble/dao/account/AccountSshKeyDAO.java @@ -72,6 +72,6 @@ public class AccountSshKeyDAO extends AccountOwnedEntityDAO { // refresh_bubble_ssh_keys_monitor.sh watches this file (in ansible bubble role) private static final File REFRESH_SSH_KEYS_FILE = new File(HOME_DIR, ".refresh_ssh_keys"); - private void refreshInstalledKeys() { touch(REFRESH_SSH_KEYS_FILE); } + public void refreshInstalledKeys() { touch(REFRESH_SSH_KEYS_FILE); } } diff --git a/bubble-server/src/main/java/bubble/dao/device/DeviceDAO.java b/bubble-server/src/main/java/bubble/dao/device/DeviceDAO.java index a64a65c0..40c8e85b 100644 --- a/bubble-server/src/main/java/bubble/dao/device/DeviceDAO.java +++ b/bubble-server/src/main/java/bubble/dao/device/DeviceDAO.java @@ -11,6 +11,7 @@ import java.util.List; import static bubble.ApiConstants.HOME_DIR; import static bubble.model.device.Device.UNINITIALIZED_DEVICE; +import static bubble.model.device.Device.newUninitializedDevice; import static org.cobbzilla.util.io.FileUtil.abs; import static org.cobbzilla.util.io.FileUtil.touch; @@ -77,11 +78,7 @@ public class DeviceDAO extends AccountOwnedEntityDAO { Device uninitialized = null; if (devices.isEmpty()) { log.info("ensureSpareDevice: no uninitialized devices for account " + account + ", creating one"); - uninitialized = create(new Device() - .setName(UNINITIALIZED_DEVICE) - .setNetwork(network) - .setAccount(account) - .initTotpKey()); + uninitialized = create(newUninitializedDevice(network, account)); } if (refreshVpnUsers) refreshVpnUsers(); return uninitialized; diff --git a/bubble-server/src/main/java/bubble/model/device/Device.java b/bubble-server/src/main/java/bubble/model/device/Device.java index fa6d3c3b..1a5c0c36 100644 --- a/bubble-server/src/main/java/bubble/model/device/Device.java +++ b/bubble-server/src/main/java/bubble/model/device/Device.java @@ -16,6 +16,7 @@ import javax.persistence.Column; import javax.persistence.Entity; import javax.validation.constraints.Size; +import static java.util.UUID.randomUUID; import static org.apache.commons.lang3.RandomStringUtils.randomAlphanumeric; import static org.cobbzilla.util.reflect.ReflectionUtil.copy; import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING; @@ -39,6 +40,22 @@ public class Device extends IdentifiableBase implements HasAccount { public Device (String uuid) { setUuid(uuid); } + public static Device newUninitializedDevice(String networkUuid, String accountUuid) { + return new Device() + .setName(UNINITIALIZED_DEVICE) + .setNetwork(networkUuid) + .setAccount(accountUuid) + .initTotpKey(); + } + + public static Device firstDeviceForNewNetwork(BubbleNetwork network) { + return new Device(randomUUID().toString()) + .setName(UNINITIALIZED_DEVICE) + .setNetwork(network.getUuid()) + .setAccount(network.getAccount()) + .initTotpKey(); + } + @Override public Identifiable update(Identifiable thing) { copy(this, thing, UPDATE_FIELDS); return this; diff --git a/bubble-server/src/main/java/bubble/service/boot/StandardSelfNodeService.java b/bubble-server/src/main/java/bubble/service/boot/StandardSelfNodeService.java index 6801fb93..4f19c799 100644 --- a/bubble-server/src/main/java/bubble/service/boot/StandardSelfNodeService.java +++ b/bubble-server/src/main/java/bubble/service/boot/StandardSelfNodeService.java @@ -2,6 +2,7 @@ package bubble.service.boot; import bubble.cloud.CloudServiceType; import bubble.cloud.storage.local.LocalStorageDriver; +import bubble.dao.account.AccountSshKeyDAO; import bubble.dao.cloud.BubbleNetworkDAO; import bubble.dao.cloud.BubbleNodeDAO; import bubble.dao.cloud.BubbleNodeKeyDAO; @@ -70,6 +71,9 @@ public class StandardSelfNodeService implements SelfNodeService { log.info("initThisNode: initializing with thisNode="+thisNode.id()); final BubbleConfiguration c = configuration; + // ensure ssh keys are configured + c.getBean(AccountSshKeyDAO.class).refreshInstalledKeys(); + final BubbleNode dbThis = nodeDAO.findByUuid(thisNode.getUuid()); if (dbThis == null) return die("initThisNode: self_node not found in database: "+thisNode.getUuid()); diff --git a/bubble-server/src/main/java/bubble/service/dbfilter/FilteredEntityIterator.java b/bubble-server/src/main/java/bubble/service/dbfilter/FilteredEntityIterator.java index 6ee7ce2a..bf728ac9 100644 --- a/bubble-server/src/main/java/bubble/service/dbfilter/FilteredEntityIterator.java +++ b/bubble-server/src/main/java/bubble/service/dbfilter/FilteredEntityIterator.java @@ -19,8 +19,7 @@ import java.util.ArrayList; import java.util.List; import java.util.concurrent.atomic.AtomicReference; -import static bubble.model.device.Device.UNINITIALIZED_DEVICE; -import static java.util.UUID.randomUUID; +import static bubble.model.device.Device.firstDeviceForNewNetwork; import static org.cobbzilla.util.daemon.ZillaRuntime.die; @Slf4j @@ -94,11 +93,7 @@ public class FilteredEntityIterator extends EntityIterator { // add an initial device so that algo starts properly the first time // name and totp key will be overwritten when the device is initialized for use - add(new Device(randomUUID().toString()) - .setName(UNINITIALIZED_DEVICE) - .setAccount(node.getAccount()) - .setNetwork(node.getNetwork()) - .initTotpKey()); + add(firstDeviceForNewNetwork(network)); // in the new DB, the sage's node key must exist, but not its private key final BubbleNodeKey sageKey = configuration.getBean(BubbleNodeKeyDAO.class).findFirstByNode(sageNode.getUuid());