48 lines
988 B
Go
48 lines
988 B
Go
package server
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/rsa"
|
|
"database/sql"
|
|
"encoding/gob"
|
|
"errors"
|
|
"fmt"
|
|
"github.com/rs/zerolog/log"
|
|
"gitlab.com/texm/shokku/internal/models"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
type secrets struct {
|
|
signingKey []byte
|
|
privKey *rsa.PrivateKey
|
|
}
|
|
|
|
func getServerSecrets(db *gorm.DB) (*secrets, error) {
|
|
var s models.ServerSecrets
|
|
if err := db.Find(&s).Error; err != nil && err != sql.ErrNoRows {
|
|
log.Error().
|
|
Err(err).
|
|
Msg("failed to get server secrets")
|
|
return nil, err
|
|
}
|
|
|
|
var key *rsa.PrivateKey
|
|
if len(s.DokkuSSHKeyGob) == 0 {
|
|
return nil, errors.New("no ssh key stored")
|
|
}
|
|
|
|
r := bytes.NewReader(s.DokkuSSHKeyGob)
|
|
if decodeErr := gob.NewDecoder(r).Decode(&key); decodeErr != nil {
|
|
return nil, fmt.Errorf("failed to decode priv key: %w", decodeErr)
|
|
}
|
|
|
|
if validErr := key.Validate(); validErr != nil {
|
|
return nil, fmt.Errorf("private key validation failed: %w", validErr)
|
|
}
|
|
|
|
return &secrets{
|
|
privKey: key,
|
|
signingKey: s.SigningKey,
|
|
}, nil
|
|
}
|