-- trifid-api, an open source reimplementation of the Defined Networking nebula management server.
--     Copyright (C) 2023 c0repwn3r
--
--     This program is free software: you can redistribute it and/or modify
--     it under the terms of the GNU General Public License as published by
--     the Free Software Foundation, either version 3 of the License, or
--     (at your option) any later version.
--
--     This program is distributed in the hope that it will be useful,
--     but WITHOUT ANY WARRANTY; without even the implied warranty of
--     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--     GNU General Public License for more details.
--
--     You should have received a copy of the GNU General Public License
--     along with this program.  If not, see <https:--www.gnu.org/licenses/>.

CREATE TABLE organizations (
    id SERIAL NOT NULL PRIMARY KEY,
    owner SERIAL NOT NULL REFERENCES users(id),
    ca_key VARCHAR(3072) NOT NULL,  -- The hex-encoded ENCRYPTED (see below) concatenation of all CA keys on this org
    ca_crt VARCHAR(3072) NOT NULL,  -- The concatenation of all CA certificates on this org. This is passed directly to NebulaCAPool
    iv VARCHAR(128) NOT NULL        -- The 12-byte hex-encoded IV, used to encrypt ca_key with the instance AES key
);
CREATE INDEX idx_organizations_owner ON organizations(owner);