trifid/tfclient/src/nebulaworker.rs

// Code to handle the nebula worker

use crate::config::{load_cdata, NebulaConfig, TFClientConfig};
use crate::daemon::ThreadMessageSender;
use crate::dirs::{nebula_yml};
use log::{debug, error, info};
use std::error::Error;
use std::fs;
use std::sync::mpsc::Receiver;
use nebula_ffi::NebulaInstance;
use crate::util::shutdown;

pub enum NebulaWorkerMessage {
    Shutdown,
    ConfigUpdated,
    WakeUp,
}

fn insert_private_key(instance: &str) -> Result<(), Box<dyn Error>> {
    if !nebula_yml(instance).exists() {
        return Ok(()); // cant insert private key into a file that does not exist - BUT. we can gracefully handle nebula crashing - we cannot gracefully handle this fn failing
    }
    let cdata = load_cdata(instance)?;
    let key = cdata.dh_privkey.ok_or("Missing private key")?;

    let config_str = fs::read_to_string(
        nebula_yml(instance),
    )?;
    let mut config: NebulaConfig = serde_yaml::from_str(&config_str)?;

    config.pki.key = Some(String::from_utf8(key)?);

    debug!("inserted private key into config: {:?}", config);

    let config_str = serde_yaml::to_string(&config)?;
    fs::write(
        nebula_yml(instance),
        config_str,
    )?;

    Ok(())
}

pub fn nebulaworker_main(
    _config: TFClientConfig,
    instance: String,
    transmitter: ThreadMessageSender,
    rx: Receiver<NebulaWorkerMessage>,
) {
    let cdata = match load_cdata(&instance) {
        Ok(data) => data,
        Err(e) => {
            error!("unable to load cdata: {}", e);
            error!("nebula thread exiting with error");
            return;
        }
    };

    info!("fixing config...");
    match insert_private_key(&instance) {
        Ok(_) => {
            info!("config fixed (private-key embedded)");
        }
        Err(e) => {
            error!("unable to fix config: {}", e);
            error!("nebula thread exiting with error");
            return;
        }
    }

    let mut nebula: Option<NebulaInstance> = None;

    if cdata.creds.is_none() {
        error!("not enrolled, cannot start nebula");
    } else {
        info!("setting up nebula...");
        nebula = Some(match NebulaInstance::new(nebula_yml(&instance).as_path(), false) {
            Ok(i) => {
                info!("nebula setup");
                info!("starting nebula...");
                match i.start() {
                    Ok(_) => (),
                    Err(e) => {
                        error!("error starting Nebula: {}", e);
                        error!("nebula thread exiting with error");
                        shutdown(&transmitter);
                        return;
                    }
                }

                i
            },
            Err(e) => {
                error!("error setting up Nebula: {}", e);
                error!("nebula thread exiting with error");
                shutdown(&transmitter);
                return;
            }

        });
        info!("nebula process started");
    }

    loop {
        match rx.recv() {
            Ok(msg) => match msg {
                NebulaWorkerMessage::WakeUp => {
                    continue;
                }
                NebulaWorkerMessage::Shutdown => {
                    info!("recv on command socket: shutdown, stopping");
                    info!("shutting down nebula");

                    if let Some(i) = nebula.as_ref() {
                        match i.stop() {
                            Ok(_) => (),
                            Err(e) => {
                                error!("error stopping Nebula: {}", e);
                                error!("nebula thread exiting with error");
                                return;
                            }
                        }
                    }

                    info!("nebula shut down");
                    break;
                }
                NebulaWorkerMessage::ConfigUpdated => {
                    info!("our configuration has been updated - reloading");

                    debug!("fixing config...");
                    match insert_private_key(&instance) {
                        Ok(_) => {
                            debug!("config fixed (private-key embedded)");
                        }
                        Err(e) => {
                            error!("unable to fix config: {}", e);
                            error!("nebula thread exiting with error");
                            return;
                        }
                    }

                    if let Some(i) = nebula.as_ref() {
                        debug!("reloading nebula");

                        match i.reload_config() {
                            Ok(_) => (),
                            Err(e) => {
                                error!("error reloading Nebula config: {}", e);
                                error!("nebula thread exiting with error");
                                shutdown(&transmitter);
                                return;
                            }
                        }

                        debug!("config reloaded");
                    } else {
                        debug!("detected enrollment, starting nebula for the first time");
                        info!("setting up nebula...");
                        nebula = Some(match NebulaInstance::new(nebula_yml(&instance).as_path(), false) {
                            Ok(i) => {
                                info!("nebula setup");
                                info!("starting nebula...");
                                match i.start() {
                                    Ok(_) => (),
                                    Err(e) => {
                                        error!("error starting Nebula: {}", e);
                                        error!("nebula thread exiting with error");
                                        shutdown(&transmitter);
                                        return;
                                    }
                                }

                                i
                            },
                            Err(e) => {
                                error!("error setting up Nebula: {}", e);
                                error!("nebula thread exiting with error");
                                shutdown(&transmitter);
                                return;
                            }

                        });
                        info!("nebula process started");
                    }

                    debug!("nebula process reloaded");
                }
            },
            Err(e) => {
                error!("nebulaworker command socket errored: {}", e);
                shutdown(&transmitter);
                return;
            }
        }
    }
}
[wip] thread workers 2023-03-22 18:34:06 +00:00			`// Code to handle the nebula worker`
[wip] tfclient work (cli and service generators) 2023-03-21 17:00:01 +00:00
cargo-fix 2023-03-30 16:28:34 +00:00			`use crate::config::{load_cdata, NebulaConfig, TFClientConfig};`
[wip] thread workers 2023-03-22 18:34:06 +00:00			`use crate::daemon::ThreadMessageSender;`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`use crate::dirs::{nebula_yml};`
enrollment 2023-05-14 17:47:49 +00:00			`use log::{debug, error, info};`
			`use std::error::Error;`
			`use std::fs;`
			`use std::sync::mpsc::Receiver;`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`use nebula_ffi::NebulaInstance;`
			`use crate::util::shutdown;`
[wip] thread workers 2023-03-22 18:34:06 +00:00
			`pub enum NebulaWorkerMessage {`
dnapi-rs - make EnrollMeta cloneable tfclient - finish enrollment routine 2023-03-29 22:44:46 +00:00			`Shutdown,`
reduce tfclient CPU usage by 99.96%! 2023-03-31 12:33:02 +00:00			`ConfigUpdated,`
enrollment 2023-05-14 17:47:49 +00:00			`WakeUp,`
[wip] thread workers 2023-03-22 18:34:06 +00:00			`}`

finish nebula impl 2023-03-30 14:43:09 +00:00			`fn insert_private_key(instance: &str) -> Result<(), Box<dyn Error>> {`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`if !nebula_yml(instance).exists() {`
tfclient is done! woo! 2023-03-30 16:13:29 +00:00			`return Ok(()); // cant insert private key into a file that does not exist - BUT. we can gracefully handle nebula crashing - we cannot gracefully handle this fn failing`
			`}`
finish nebula impl 2023-03-30 14:43:09 +00:00			`let cdata = load_cdata(instance)?;`
			`let key = cdata.dh_privkey.ok_or("Missing private key")?;`

enrollment 2023-05-14 17:47:49 +00:00			`let config_str = fs::read_to_string(`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`nebula_yml(instance),`
enrollment 2023-05-14 17:47:49 +00:00			`)?;`
finish nebula impl 2023-03-30 14:43:09 +00:00			`let mut config: NebulaConfig = serde_yaml::from_str(&config_str)?;`

tfclient is done! woo! 2023-03-30 16:13:29 +00:00			`config.pki.key = Some(String::from_utf8(key)?);`
finish nebula impl 2023-03-30 14:43:09 +00:00
			`debug!("inserted private key into config: {:?}", config);`

			`let config_str = serde_yaml::to_string(&config)?;`
enrollment 2023-05-14 17:47:49 +00:00			`fs::write(`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`nebula_yml(instance),`
enrollment 2023-05-14 17:47:49 +00:00			`config_str,`
			`)?;`
finish nebula impl 2023-03-30 14:43:09 +00:00
			`Ok(())`
			`}`

enrollment 2023-05-14 17:47:49 +00:00			`pub fn nebulaworker_main(`
			`_config: TFClientConfig,`
			`instance: String,`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`transmitter: ThreadMessageSender,`
enrollment 2023-05-14 17:47:49 +00:00			`rx: Receiver<NebulaWorkerMessage>,`
			`) {`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`let cdata = match load_cdata(&instance) {`
upd 2023-03-30 11:29:02 +00:00			`Ok(data) => data,`
			`Err(e) => {`
			`error!("unable to load cdata: {}", e);`
			`error!("nebula thread exiting with error");`
			`return;`
			`}`
			`};`

finish nebula impl 2023-03-30 14:43:09 +00:00			`info!("fixing config...");`
			`match insert_private_key(&instance) {`
			`Ok(_) => {`
			`info!("config fixed (private-key embedded)");`
enrollment 2023-05-14 17:47:49 +00:00			`}`
finish nebula impl 2023-03-30 14:43:09 +00:00			`Err(e) => {`
			`error!("unable to fix config: {}", e);`
			`error!("nebula thread exiting with error");`
			`return;`
			`}`
			`}`

tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`let mut nebula: Option<NebulaInstance> = None;`
tfclient is done! woo! 2023-03-30 16:13:29 +00:00
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`if cdata.creds.is_none() {`
			`error!("not enrolled, cannot start nebula");`
			`} else {`
			`info!("setting up nebula...");`
			`nebula = Some(match NebulaInstance::new(nebula_yml(&instance).as_path(), false) {`
			`Ok(i) => {`
			`info!("nebula setup");`
			`info!("starting nebula...");`
			`match i.start() {`
			`Ok(_) => (),`
tfclient is done! woo! 2023-03-30 16:13:29 +00:00			`Err(e) => {`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`error!("error starting Nebula: {}", e);`
tfclient is done! woo! 2023-03-30 16:13:29 +00:00			`error!("nebula thread exiting with error");`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`shutdown(&transmitter);`
tfclient is done! woo! 2023-03-30 16:13:29 +00:00			`return;`
			`}`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`}`

			`i`
			`},`
			`Err(e) => {`
			`error!("error setting up Nebula: {}", e);`
			`error!("nebula thread exiting with error");`
			`shutdown(&transmitter);`
			`return;`
tfclient is done! woo! 2023-03-30 16:13:29 +00:00			`}`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00
			`});`
			`info!("nebula process started");`
			`}`

			`loop {`
reduce tfclient CPU usage by 99.96%! 2023-03-31 12:33:02 +00:00			`match rx.recv() {`
enrollment 2023-05-14 17:47:49 +00:00			`Ok(msg) => match msg {`
			`NebulaWorkerMessage::WakeUp => {`
			`continue;`
			`}`
			`NebulaWorkerMessage::Shutdown => {`
			`info!("recv on command socket: shutdown, stopping");`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`info!("shutting down nebula");`

			`if let Some(i) = nebula.as_ref() {`
			`match i.stop() {`
			`Ok(_) => (),`
			`Err(e) => {`
			`error!("error stopping Nebula: {}", e);`
			`error!("nebula thread exiting with error");`
			`return;`
			`}`
finish nebula impl 2023-03-30 14:43:09 +00:00			`}`
enrollment 2023-05-14 17:47:49 +00:00			`}`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00
enrollment 2023-05-14 17:47:49 +00:00			`info!("nebula shut down");`
			`break;`
			`}`
			`NebulaWorkerMessage::ConfigUpdated => {`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`info!("our configuration has been updated - reloading");`

enrollment 2023-05-14 17:47:49 +00:00			`debug!("fixing config...");`
			`match insert_private_key(&instance) {`
			`Ok(_) => {`
			`debug!("config fixed (private-key embedded)");`
			`}`
			`Err(e) => {`
			`error!("unable to fix config: {}", e);`
			`error!("nebula thread exiting with error");`
			`return;`
			`}`
			`}`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00
			`if let Some(i) = nebula.as_ref() {`
			`debug!("reloading nebula");`

			`match i.reload_config() {`
			`Ok(_) => (),`
			`Err(e) => {`
			`error!("error reloading Nebula config: {}", e);`
			`error!("nebula thread exiting with error");`
			`shutdown(&transmitter);`
			`return;`
			`}`
enrollment 2023-05-14 17:47:49 +00:00			`}`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00
			`debug!("config reloaded");`
			`} else {`
			`debug!("detected enrollment, starting nebula for the first time");`
			`info!("setting up nebula...");`
			`nebula = Some(match NebulaInstance::new(nebula_yml(&instance).as_path(), false) {`
			`Ok(i) => {`
			`info!("nebula setup");`
			`info!("starting nebula...");`
			`match i.start() {`
			`Ok(_) => (),`
			`Err(e) => {`
			`error!("error starting Nebula: {}", e);`
			`error!("nebula thread exiting with error");`
			`shutdown(&transmitter);`
			`return;`
			`}`
			`}`

			`i`
			`},`
			`Err(e) => {`
			`error!("error setting up Nebula: {}", e);`
			`error!("nebula thread exiting with error");`
			`shutdown(&transmitter);`
			`return;`
			`}`

			`});`
			`info!("nebula process started");`
			`}`

			`debug!("nebula process reloaded");`
command socktes na djjhbfxvr5d ghgd9k7bvtx h 2023-03-23 17:17:37 +00:00			`}`
			`},`
			`Err(e) => {`
reduce tfclient CPU usage by 99.96%! 2023-03-31 12:33:02 +00:00			`error!("nebulaworker command socket errored: {}", e);`
tfclient 0.2, nebula-ffi 0.1 2023-06-26 02:00:36 +00:00			`shutdown(&transmitter);`
reduce tfclient CPU usage by 99.96%! 2023-03-31 12:33:02 +00:00			`return;`
command socktes na djjhbfxvr5d ghgd9k7bvtx h 2023-03-23 17:17:37 +00:00			`}`
			`}`
			`}`
enrollment 2023-05-14 17:47:49 +00:00			`}`