fabaccess-bffh/bffhd/lib.rs

262 lines
6.7 KiB
Rust
Raw Normal View History

2022-03-10 20:52:34 +01:00
#![warn(unused_imports, unused_import_braces)]
//#![warn(missing_debug_implementations)]
//#![warn(missing_docs)]
//#![warn(missing_crate_level_docs)]
2021-10-28 00:32:25 +02:00
2021-10-28 01:10:35 +02:00
//! Diflouroborane
//!
2022-03-08 16:41:38 +01:00
//! This is the capnp component of the FabAccess project.
2021-10-28 01:10:35 +02:00
//! The entry point of bffhd can be found in [bin/bffhd/main.rs](../bin/bffhd/main.rs)
2021-10-27 23:20:35 +02:00
use miette::Diagnostic;
use std::io;
use thiserror::Error;
pub mod config;
2021-10-28 01:10:35 +02:00
/// Internal Databases build on top of LMDB, a mmap()'ed B-tree DB optimized for reads
2021-10-27 23:20:35 +02:00
pub mod db;
2021-11-26 02:25:48 +01:00
2021-10-28 01:10:35 +02:00
/// Shared error type
2021-10-27 23:20:35 +02:00
pub mod error;
2021-11-26 02:25:48 +01:00
2022-03-08 18:52:49 +01:00
pub mod authentication;
2022-03-10 20:52:34 +01:00
pub mod authorization;
2022-05-05 15:50:44 +02:00
pub mod users;
2021-11-26 21:01:43 +01:00
2021-10-28 01:10:35 +02:00
/// Resources
2021-11-26 02:25:48 +01:00
pub mod resources;
pub mod actors;
2022-06-07 14:05:46 +02:00
pub mod initiators;
pub mod sensors;
2022-03-08 16:41:38 +01:00
pub mod capnp;
2021-11-26 21:01:43 +01:00
pub mod utils;
2022-05-18 17:01:03 +02:00
// Store build information in the `env` module.
shadow_rs::shadow!(env);
2022-05-05 15:50:44 +02:00
mod audit;
mod keylog;
mod logging;
2022-03-12 17:31:53 +01:00
mod session;
2022-05-05 15:50:44 +02:00
mod tls;
2022-05-05 15:50:44 +02:00
use std::sync::Arc;
2022-03-15 20:00:43 +01:00
use futures_util::{FutureExt, StreamExt};
2022-06-02 17:46:26 +02:00
use miette::{Context, IntoDiagnostic, Report};
2022-03-13 20:33:26 +01:00
use once_cell::sync::OnceCell;
2022-03-15 20:00:43 +01:00
2022-03-20 22:46:04 +01:00
use crate::audit::AuditLog;
2022-03-12 17:31:53 +01:00
use crate::authentication::AuthenticationHandle;
2022-03-15 19:13:55 +01:00
use crate::authorization::roles::Roles;
use crate::capnp::APIServer;
2022-05-05 15:50:44 +02:00
use crate::config::Config;
2022-03-13 20:11:37 +01:00
use crate::resources::modules::fabaccess::MachineState;
2022-03-13 20:33:26 +01:00
use crate::resources::search::ResourcesHandle;
use crate::resources::state::db::StateDB;
2022-05-05 15:50:44 +02:00
use crate::resources::Resource;
2022-03-12 17:31:53 +01:00
use crate::session::SessionManager;
use crate::tls::TlsConfig;
2022-03-13 22:50:37 +01:00
use crate::users::db::UserDB;
use crate::users::Users;
2022-05-05 15:50:44 +02:00
use executor::pool::Executor;
2022-07-24 16:07:49 +02:00
use lightproc::recoverable_handle::RecoverableHandle;
2022-05-05 15:50:44 +02:00
use signal_hook::consts::signal::*;
2022-06-22 14:43:09 +02:00
use tracing::Span;
pub struct Diflouroborane {
2022-03-15 19:13:55 +01:00
config: Config,
executor: Executor<'static>,
2022-03-16 18:10:59 +01:00
pub statedb: StateDB,
2022-03-15 19:13:55 +01:00
pub users: Users,
pub roles: Roles,
pub resources: ResourcesHandle,
2022-06-22 14:43:09 +02:00
span: Span,
}
2022-03-13 20:33:26 +01:00
pub static RESOURCES: OnceCell<ResourcesHandle> = OnceCell::new();
2023-01-09 16:58:32 +01:00
pub static CONFIG: OnceCell<Config> = OnceCell::new();
2022-07-11 12:14:49 +02:00
struct SignalHandlerErr;
impl error::Description for SignalHandlerErr {
const CODE: &'static str = "signals::new";
}
#[derive(Debug, Error, Diagnostic)]
pub enum BFFHError {
#[error("DB operation failed")]
DBError(
#[from]
#[source]
db::Error,
),
#[error("failed to initialize global user store")]
UsersError(
#[from]
#[source]
users::Error,
),
#[error("failed to initialize state database")]
StateDBError(
#[from]
#[source]
resources::state::db::StateDBError,
),
#[error("audit log failed")]
AuditLogError(
#[from]
#[source]
audit::Error,
),
#[error("Failed to initialize signal handler")]
SignalsError(#[source] std::io::Error),
#[error("error in actor subsystem")]
ActorError(
#[from]
#[source]
actors::ActorError,
),
#[error("failed to initialize TLS config")]
TlsSetup(
#[from]
#[source]
tls::Error,
),
#[error("API handler failed")]
ApiError(
#[from]
#[source]
capnp::Error,
),
}
impl Diflouroborane {
2022-07-24 16:39:33 +02:00
pub fn setup() {}
2022-07-24 16:07:49 +02:00
pub fn new(config: Config) -> Result<Self, BFFHError> {
2022-06-21 22:23:55 +02:00
let mut server = logging::init(&config.logging);
2022-06-22 14:43:09 +02:00
let span = tracing::info_span!(
target: "bffh",
"bffh"
);
let span2 = span.clone();
let _guard = span2.enter();
2022-05-14 15:36:32 +02:00
tracing::info!(version = env::VERSION, "Starting BFFH");
2022-03-15 19:13:55 +01:00
let executor = Executor::new();
2022-06-21 22:23:55 +02:00
if let Some(aggregator) = server.aggregator.take() {
executor.spawn(aggregator.run());
}
2022-06-22 19:01:51 +02:00
tracing::info!("Server is being spawned");
let handle = executor.spawn(server.serve());
executor.spawn(handle.map(|result| match result {
Some(Ok(())) => {
tracing::info!("console server finished without error");
2022-06-22 19:01:51 +02:00
}
Some(Err(error)) => {
tracing::info!(%error, "console server finished with error");
}
None => {
tracing::info!("console server finished with panic");
}
}));
2022-06-21 22:23:55 +02:00
2022-06-02 17:46:26 +02:00
let env = StateDB::open_env(&config.db_path)?;
let statedb = StateDB::create_with_env(env.clone())?;
2022-03-13 22:50:37 +01:00
2022-06-02 17:46:26 +02:00
let users = Users::new(env.clone())?;
2022-03-15 19:13:55 +01:00
let roles = Roles::new(config.roles.clone());
2022-03-13 22:50:37 +01:00
let _audit_log = AuditLog::new(&config)?;
2022-03-20 22:46:04 +01:00
2022-03-13 20:33:26 +01:00
let resources = ResourcesHandle::new(config.machines.iter().map(|(id, desc)| {
2022-05-05 15:50:44 +02:00
Resource::new(Arc::new(resources::Inner::new(
id.to_string(),
statedb.clone(),
desc.clone(),
)))
2022-03-13 20:33:26 +01:00
}));
2023-01-09 16:58:32 +01:00
RESOURCES.set(resources.clone()).unwrap();
CONFIG.set(config.clone()).unwrap();
2022-03-13 21:54:48 +01:00
2022-05-05 15:50:44 +02:00
Ok(Self {
config,
executor,
statedb,
users,
roles,
resources,
2022-06-22 14:43:09 +02:00
span,
2022-05-05 15:50:44 +02:00
})
2022-03-15 19:13:55 +01:00
}
pub fn run(&mut self) -> Result<(), BFFHError> {
2022-06-22 14:43:09 +02:00
let _guard = self.span.enter();
2022-05-05 15:50:44 +02:00
let mut signals = signal_hook_async_std::Signals::new(&[SIGINT, SIGQUIT, SIGTERM])
.map_err(BFFHError::SignalsError)?;
2022-03-15 19:13:55 +01:00
2022-06-07 14:05:46 +02:00
let sessionmanager = SessionManager::new(self.users.clone(), self.roles.clone());
let authentication = AuthenticationHandle::new(self.users.clone());
initiators::load(
self.executor.clone(),
&self.config,
self.resources.clone(),
sessionmanager.clone(),
authentication.clone(),
);
2022-03-15 19:13:55 +01:00
actors::load(self.executor.clone(), &self.config, self.resources.clone())?;
2022-03-13 21:54:48 +01:00
let tlsconfig = TlsConfig::new(self.config.tlskeylog.as_ref(), !self.config.is_quiet())?;
2022-03-15 19:13:55 +01:00
let acceptor = tlsconfig.make_tls_acceptor(&self.config.tlsconfig)?;
2022-05-05 15:50:44 +02:00
let apiserver = self.executor.run(APIServer::bind(
self.executor.clone(),
&self.config.listens,
acceptor,
sessionmanager,
authentication,
))?;
2022-03-11 22:43:50 +01:00
let (mut tx, rx) = async_oneshot::oneshot();
self.executor.spawn(apiserver.handle_until(rx));
let f = async {
let mut sig = None;
while {
sig = signals.next().await;
sig.is_none()
} {}
tracing::info!(signal = %sig.unwrap(), "Received signal");
tx.send(());
};
self.executor.run(f);
Ok(())
}
2022-03-13 21:30:26 +01:00
}
2022-07-24 16:07:49 +02:00
struct ShutdownHandler {
tasks: Vec<RecoverableHandle<()>>,
}
impl ShutdownHandler {
pub fn new(tasks: Vec<RecoverableHandle<()>>) -> Self {
Self { tasks }
}
pub fn shutdown(&mut self) {
for handle in self.tasks.drain(..) {
handle.cancel()
}
}
2022-07-24 16:39:33 +02:00
}