diff --git a/controller/account.go b/controller/account.go index 1f96b47e..262076fa 100644 --- a/controller/account.go +++ b/controller/account.go @@ -8,11 +8,10 @@ import ( ) type createAccountHandler struct { - cfg *Config } -func newCreateAccountHandler(cfg *Config) *createAccountHandler { - return &createAccountHandler{cfg: cfg} +func newCreateAccountHandler() *createAccountHandler { + return &createAccountHandler{} } func (self *createAccountHandler) Handle(params identity.CreateAccountParams) middleware.Responder { @@ -66,7 +65,7 @@ func (self *createAccountHandler) Handle(params identity.CreateAccountParams) mi return identity.NewCreateAccountInternalServerError() } - if err := sendVerificationEmail(params.Body.Email, token, self.cfg); err != nil { + if err := sendVerificationEmail(params.Body.Email, token); err != nil { logrus.Errorf("error sending verification email for '%v': %v", params.Body.Email, err) return identity.NewCreateAccountInternalServerError() } diff --git a/controller/config.go b/controller/config.go index a049bf40..bfd28de5 100644 --- a/controller/config.go +++ b/controller/config.go @@ -14,6 +14,7 @@ type Config struct { Store *store.Config Ziti *ZitiConfig Metrics *MetricsConfig + Influx *InfluxConfig } type EndpointConfig struct { @@ -44,6 +45,17 @@ type ZitiConfig struct { Password string } +type MetricsConfig struct { + ServiceName string +} + +type InfluxConfig struct { + Url string + Bucket string + Org string + Token string +} + func LoadConfig(path string) (*Config, error) { cfg := &Config{} if err := cf.BindYaml(cfg, path, cf.DefaultOptions()); err != nil { diff --git a/controller/controller.go b/controller/controller.go index b6de9eb8..5bab7529 100644 --- a/controller/controller.go +++ b/controller/controller.go @@ -10,12 +10,15 @@ import ( "github.com/pkg/errors" ) +var cfg *Config var str *store.Store var mtr *metricsAgent const version = "v0.2.0" -func Run(cfg *Config) error { +func Run(inCfg *Config) error { + cfg = inCfg + swaggerSpec, err := loads.Embedded(rest_server_zrok.SwaggerJSON, rest_server_zrok.FlatSwaggerJSON) if err != nil { return errors.Wrap(err, "error loading embedded swagger spec") @@ -23,18 +26,18 @@ func Run(cfg *Config) error { api := operations.NewZrokAPI(swaggerSpec) api.KeyAuth = ZrokAuthenticate - api.IdentityCreateAccountHandler = newCreateAccountHandler(cfg) - api.IdentityEnableHandler = newEnableHandler(cfg) - api.IdentityDisableHandler = newDisableHandler(cfg) + api.IdentityCreateAccountHandler = newCreateAccountHandler() + api.IdentityEnableHandler = newEnableHandler() + api.IdentityDisableHandler = newDisableHandler() api.IdentityLoginHandler = identity.LoginHandlerFunc(loginHandler) api.IdentityRegisterHandler = newRegisterHandler() - api.IdentityVerifyHandler = newVerifyHandler(cfg) + api.IdentityVerifyHandler = newVerifyHandler() api.MetadataOverviewHandler = metadata.OverviewHandlerFunc(overviewHandler) api.MetadataVersionHandler = metadata.VersionHandlerFunc(versionHandler) - api.TunnelTunnelHandler = newTunnelHandler(cfg) - api.TunnelUntunnelHandler = newUntunnelHandler(cfg) + api.TunnelTunnelHandler = newTunnelHandler() + api.TunnelUntunnelHandler = newUntunnelHandler() - if err := controllerStartup(cfg); err != nil { + if err := controllerStartup(); err != nil { return err } @@ -45,7 +48,7 @@ func Run(cfg *Config) error { } if cfg.Metrics != nil { - mtr = newMetricsAgent(cfg.Metrics) + mtr = newMetricsAgent() go mtr.run() defer func() { mtr.stop() diff --git a/controller/disable.go b/controller/disable.go index aef434f6..3211304a 100644 --- a/controller/disable.go +++ b/controller/disable.go @@ -11,11 +11,10 @@ import ( ) type disableHandler struct { - cfg *Config } -func newDisableHandler(cfg *Config) *disableHandler { - return &disableHandler{cfg: cfg} +func newDisableHandler() *disableHandler { + return &disableHandler{} } func (self *disableHandler) Handle(params identity.DisableParams, principal *rest_model_zrok.Principal) middleware.Responder { @@ -30,7 +29,7 @@ func (self *disableHandler) Handle(params identity.DisableParams, principal *res logrus.Errorf("identity check failed: %v", err) return identity.NewDisableUnauthorized() } - edge, err := edgeClient(self.cfg.Ziti) + edge, err := edgeClient() if err != nil { logrus.Errorf("error getting edge client: %v", err) return identity.NewDisableInternalServerError() diff --git a/controller/enable.go b/controller/enable.go index de6ecc22..0ed7c7c4 100644 --- a/controller/enable.go +++ b/controller/enable.go @@ -20,11 +20,10 @@ import ( ) type enableHandler struct { - cfg *Config } -func newEnableHandler(cfg *Config) *enableHandler { - return &enableHandler{cfg: cfg} +func newEnableHandler() *enableHandler { + return &enableHandler{} } func (self *enableHandler) Handle(params identity.EnableParams, principal *rest_model_zrok.Principal) middleware.Responder { @@ -37,7 +36,7 @@ func (self *enableHandler) Handle(params identity.EnableParams, principal *rest_ return identity.NewEnableInternalServerError() } - client, err := edgeClient(self.cfg.Ziti) + client, err := edgeClient() if err != nil { logrus.Errorf("error getting edge client: %v", err) return identity.NewEnableInternalServerError() diff --git a/controller/gc.go b/controller/gc.go index 69d2b139..73434668 100644 --- a/controller/gc.go +++ b/controller/gc.go @@ -15,7 +15,8 @@ import ( "time" ) -func GC(cfg *Config) error { +func GC(inCfg *Config) error { + cfg = inCfg if v, err := store.Open(cfg.Store); err == nil { str = v } else { @@ -26,7 +27,7 @@ func GC(cfg *Config) error { logrus.Errorf("error closing store: %v", err) } }() - edge, err := edgeClient(cfg.Ziti) + edge, err := edgeClient() if err != nil { return err } diff --git a/controller/metrics.go b/controller/metrics.go index 5783ddf7..c40495e9 100644 --- a/controller/metrics.go +++ b/controller/metrics.go @@ -20,20 +20,7 @@ import ( "time" ) -type MetricsConfig struct { - ServiceName string - Influx *InfluxConfig -} - -type InfluxConfig struct { - Url string - Bucket string - Org string - Token string -} - type metricsAgent struct { - cfg *MetricsConfig influx influxdb2.Client writeApi api.WriteAPIBlocking metricsQueue chan *model.Metrics @@ -49,9 +36,8 @@ type envCacheEntry struct { lastAccess time.Time } -func newMetricsAgent(cfg *MetricsConfig) *metricsAgent { +func newMetricsAgent() *metricsAgent { ma := &metricsAgent{ - cfg: cfg, metricsQueue: make(chan *model.Metrics, 1024), envCache: make(map[string]*envCacheEntry), shutdown: make(chan struct{}), @@ -106,9 +92,9 @@ func (ma *metricsAgent) bindService() error { ConnectTimeout: 5 * time.Minute, MaxConnections: 1024, } - ma.zListener, err = ma.zCtx.ListenWithOptions(ma.cfg.ServiceName, opts) + ma.zListener, err = ma.zCtx.ListenWithOptions(cfg.Metrics.ServiceName, opts) if err != nil { - return errors.Wrapf(err, "error listening for metrics on '%v'", ma.cfg.ServiceName) + return errors.Wrapf(err, "error listening for metrics on '%v'", cfg.Metrics.ServiceName) } go ma.listen() return nil diff --git a/controller/overview.go b/controller/overview.go index 668fba89..d2454142 100644 --- a/controller/overview.go +++ b/controller/overview.go @@ -26,29 +26,31 @@ func overviewHandler(_ metadata.OverviewParams, principal *rest_model_zrok.Princ logrus.Errorf("error finding services for environment '%v': %v", env.ZId, err) return metadata.NewOverviewInternalServerError() } - es := &rest_model_zrok.EnvironmentServices{ - Environment: &rest_model_zrok.Environment{ - Active: env.Active, - Address: env.Address, - CreatedAt: env.CreatedAt.String(), - Description: env.Description, - Host: env.Host, - UpdatedAt: env.UpdatedAt.String(), - ZID: env.ZId, - }, + if env.Active { + es := &rest_model_zrok.EnvironmentServices{ + Environment: &rest_model_zrok.Environment{ + Address: env.Address, + CreatedAt: env.CreatedAt.String(), + Description: env.Description, + Host: env.Host, + UpdatedAt: env.UpdatedAt.String(), + ZID: env.ZId, + }, + } + for _, svc := range svcs { + if svc.Active { + es.Services = append(es.Services, &rest_model_zrok.Service{ + CreatedAt: svc.CreatedAt.String(), + Frontend: svc.Frontend, + Backend: svc.Backend, + UpdatedAt: svc.UpdatedAt.String(), + ZID: svc.ZId, + Name: svc.Name, + }) + } + } + out = append(out, es) } - for _, svc := range svcs { - es.Services = append(es.Services, &rest_model_zrok.Service{ - Active: svc.Active, - CreatedAt: svc.CreatedAt.String(), - Frontend: svc.Frontend, - Backend: svc.Backend, - UpdatedAt: svc.UpdatedAt.String(), - ZID: svc.ZId, - Name: svc.Name, - }) - } - out = append(out, es) } return metadata.NewOverviewOK().WithPayload(out) } diff --git a/controller/startup.go b/controller/startup.go index e0e32064..730550f5 100644 --- a/controller/startup.go +++ b/controller/startup.go @@ -14,17 +14,17 @@ import ( var zrokProxyConfigId string -func controllerStartup(cfg *Config) error { - if err := inspectZiti(cfg); err != nil { +func controllerStartup() error { + if err := inspectZiti(); err != nil { return err } return nil } -func inspectZiti(cfg *Config) error { +func inspectZiti() error { logrus.Infof("inspecting ziti controller configuration") - edge, err := edgeClient(cfg.Ziti) + edge, err := edgeClient() if err != nil { return errors.Wrap(err, "error getting ziti edge client") } diff --git a/controller/tunnel.go b/controller/tunnel.go index 7f48051c..1b7f570b 100644 --- a/controller/tunnel.go +++ b/controller/tunnel.go @@ -20,11 +20,10 @@ import ( ) type tunnelHandler struct { - cfg *Config } -func newTunnelHandler(cfg *Config) *tunnelHandler { - return &tunnelHandler{cfg: cfg} +func newTunnelHandler() *tunnelHandler { + return &tunnelHandler{} } func (self *tunnelHandler) Handle(params tunnel.TunnelParams, principal *rest_model_zrok.Principal) middleware.Responder { @@ -58,7 +57,7 @@ func (self *tunnelHandler) Handle(params tunnel.TunnelParams, principal *rest_mo return tunnel.NewTunnelInternalServerError() } - edge, err := edgeClient(self.cfg.Ziti) + edge, err := edgeClient() if err != nil { logrus.Error(err) return tunnel.NewTunnelInternalServerError() @@ -203,7 +202,7 @@ func (self *tunnelHandler) createServicePolicyBind(svcName, svcId, envId string, func (self *tunnelHandler) createServicePolicyDial(svcName, svcId string, edge *rest_management_api_client.ZitiEdgeManagement) error { var identityRoles []string - for _, proxyIdentity := range self.cfg.Proxy.Identities { + for _, proxyIdentity := range cfg.Proxy.Identities { identityRoles = append(identityRoles, "@"+proxyIdentity) logrus.Infof("added proxy identity role '%v'", proxyIdentity) } @@ -259,7 +258,7 @@ func (self *tunnelHandler) createServiceEdgeRouterPolicy(svcName, svcId string, } func (self *tunnelHandler) proxyUrl(svcName string) string { - return strings.Replace(self.cfg.Proxy.UrlTemplate, "{svcName}", svcName, -1) + return strings.Replace(cfg.Proxy.UrlTemplate, "{svcName}", svcName, -1) } func (self *tunnelHandler) zrokTags(svcName string) *rest_model.Tags { diff --git a/controller/untunnel.go b/controller/untunnel.go index ca09459c..a0756059 100644 --- a/controller/untunnel.go +++ b/controller/untunnel.go @@ -15,11 +15,10 @@ import ( ) type untunnelHandler struct { - cfg *Config } -func newUntunnelHandler(cfg *Config) *untunnelHandler { - return &untunnelHandler{cfg: cfg} +func newUntunnelHandler() *untunnelHandler { + return &untunnelHandler{} } func (self *untunnelHandler) Handle(params tunnel.UntunnelParams, principal *rest_model_zrok.Principal) middleware.Responder { @@ -32,7 +31,7 @@ func (self *untunnelHandler) Handle(params tunnel.UntunnelParams, principal *res } defer func() { _ = tx.Rollback() }() - edge, err := edgeClient(self.cfg.Ziti) + edge, err := edgeClient() if err != nil { logrus.Error(err) return tunnel.NewUntunnelInternalServerError() diff --git a/controller/util.go b/controller/util.go index 9b911294..6895a50d 100644 --- a/controller/util.go +++ b/controller/util.go @@ -31,8 +31,8 @@ func ZrokAuthenticate(token string) (*rest_model_zrok.Principal, error) { } } -func edgeClient(cfg *ZitiConfig) (*rest_management_api_client.ZitiEdgeManagement, error) { - caCerts, err := rest_util.GetControllerWellKnownCas(cfg.ApiEndpoint) +func edgeClient() (*rest_management_api_client.ZitiEdgeManagement, error) { + caCerts, err := rest_util.GetControllerWellKnownCas(cfg.Ziti.ApiEndpoint) if err != nil { return nil, err } @@ -40,7 +40,7 @@ func edgeClient(cfg *ZitiConfig) (*rest_management_api_client.ZitiEdgeManagement for _, ca := range caCerts { caPool.AddCert(ca) } - return rest_util.NewEdgeManagementClientWithUpdb(cfg.Username, cfg.Password, cfg.ApiEndpoint, caPool) + return rest_util.NewEdgeManagementClientWithUpdb(cfg.Ziti.Username, cfg.Ziti.Password, cfg.Ziti.ApiEndpoint, caPool) } func createToken() (string, error) { diff --git a/controller/verify.go b/controller/verify.go index 203cf819..f7e49487 100644 --- a/controller/verify.go +++ b/controller/verify.go @@ -8,11 +8,10 @@ import ( ) type verifyHandler struct { - cfg *Config } -func newVerifyHandler(cfg *Config) *verifyHandler { - return &verifyHandler{cfg: cfg} +func newVerifyHandler() *verifyHandler { + return &verifyHandler{} } func (self *verifyHandler) Handle(params identity.VerifyParams) middleware.Responder { diff --git a/controller/verify_email.go b/controller/verify_email.go index 2b834bab..bef9a11a 100644 --- a/controller/verify_email.go +++ b/controller/verify_email.go @@ -14,7 +14,7 @@ type verificationEmail struct { VerifyUrl string } -func sendVerificationEmail(emailAddress, token string, cfg *Config) error { +func sendVerificationEmail(emailAddress, token string) error { emailData := &verificationEmail{ EmailAddress: emailAddress, VerifyUrl: cfg.Registration.RegistrationUrlTemplate + "/" + token,