feat: introduce swiftwave cli (#133)

* feat: move to yml based config

* feat: replaced env vars with system config

* chore: rename serviceconfig to systemconfig

* chore: remopve http support from haproxy image

* chore: haproxy no need to expose 5555 anymore

* chore: update config variable names

* chore: configuration example added

* chore: configuration example added

* chore: tidy dependecies

* feat: seperating swiftwave server entrypoint from root main.go

* feat: seperated server function call from main and boilerplate cli added

* feat: init and config command added

* feat: update configuration

* feat: added checks so that cli run as root user

* feat: some info added for info command

* feat: swiftwave info command completed

* feat: update docs

* feat: boilerplate added

* chore: remove duplicate code

* feat: postgres commands added

* chore: cleanup

* chore: cleanup

* chore: cleanup and boilerplate for haproxy added

* chore: cmd rename

* chore: init command fixed

* chore: setup and init command added and fixed

* chore: create folder before binding

* chore: setup command modified

* chore: haproxy commands added

* chore: doctor command not required

* chore: remove auto sort of flag and commands

* chore: start command added

* feat: ssl_mode param added

* feat: boilerplate added

* chore: typo fix

* feat: generate-tls cli has been completed

* feat: ssl server support added

* feat: db migrate command added

* chore: cleanup

* feat: swiftwave service command added

* feat: service command added

---------

Co-authored-by: Ubuntu <[email protected]>
Co-authored-by: root <[email protected]>

Author: 3 people

cmd/config.cluster.yml

@@ -0,0 +1,54 @@
+version: 1.0
+mode: cluster # standalone or cluster
+service:
+  use_tls: true # true or false
+  ssl_certificate_dir: /var/lib/swiftwave/certs
+  address_of_current_node: will_be_overridden # provide a domain name associated with the current node
+  bind_address: 0.0.0.0
+  bind_port: 3333 # choose any other ports except 80 and 443
+  network_name: swiftwave_network # docker swarm overflow network name
+  data_dir: /var/lib/swiftwave/data
+  docker_unix_socket_path: /var/run/docker.sock
+  restricted_ports: # ports that can't be exposed and bound to haproxy
+    - 2377 # docker swarm port
+    - 7946 # docker swarm port
+    - 4789 # docker swarm port
+    - 3333 # swiftwave port
+  auto_migrate_database: true # true or false
+lets_encrypt:
+  staging_environment: false # true or false
+  email_id: will_be_overridden
+  account_private_key_path: /etc/swiftwave/letsencrypt/account.key
+haproxy:
+  service_name: haproxy
+  image: ghcr.io/swiftwave-org/haproxy:2.9
+  unix_socket_path: /etc/swiftwave/haproxy/dataplaneapi.sock # should end with dataplaneapi.sock
+  user: will_be_overridden
+  password: will_be_overridden
+  data_dir: /var/lib/swiftwave/haproxy
+postgresql:
+  host: 127.0.0.1
+  port: 5432
+  user: postgres
+  password: postgres
+  database: swiftwave
+  time_zone: Asia/Kolkata
+  ssl_mode: disable # disable or require
+pubsub:
+  mode: remote # local or remote
+  buffer_length: 1000
+  redis: # all the info should be filled if mode is remote
+    host: localhost
+    port: 6379
+    password: ""
+    database_id: 0
+task_queue:
+  mode: remote # local or remote
+  max_outstanding_messages_per_queue: 1000
+  amqp: # all the info should be filled if mode is remote
+    protocol: amqp # amqp or amqps
+    host: localhost
+    user: guest
+    password: guest
+    vhost: vhost
+    client_name: system_hostname # this client name will be shown in rabbitmq management console

cmd/config.go

@@ -0,0 +1,30 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+	"os"
+)
+
+func init() {
+	configCmd.Flags().StringP("editor", "e", "", "Editor to use (vi, vim, nano, gedit, etc.)")
+}
+
+var configCmd = &cobra.Command{
+	Use:   "config",
+	Short: "Open SwiftWave configuration file in editor",
+	Run: func(cmd *cobra.Command, args []string) {
+		if checkIfFileExists(configFilePath) {
+			if editor, _ := cmd.Flags().GetString("editor"); editor != "" {
+				// set env variable
+				err := os.Setenv("EDITOR", editor)
+				if err != nil {
+					printError("Failed to set EDITOR environment variable")
+				}
+			}
+			openFileInEditor(configFilePath)
+		} else {
+			printError("Config file not found at " + configFilePath)
+			printInfo("Run `swiftwave init` to create a new config file")
+		}
+	},
+}

config.example.yml renamed to cmd/config.standalone.yml

@@ -1,37 +1,39 @@
 version: 1.0
 mode: standalone # standalone or cluster
 service:
-  auto_tls: true # true or false
-  tls_cache_dir: /var/www/.cache
-  whitelisted_domains: # domains that can be used to access the service and generate certificates
-    - *
+  use_tls: true # true or false
+  ssl_certificate_dir: /var/lib/swiftwave/certs
+  address_of_current_node: will_be_overridden # provide a domain name associated with the current node
   bind_address: 0.0.0.0
   bind_port: 3333 # choose any other ports except 80 and 443
   network_name: swiftwave_network # docker swarm overflow network name
-  data_dir: ~/swiftwave/data
+  data_dir: /var/lib/swiftwave/data
   docker_unix_socket_path: /var/run/docker.sock
   restricted_ports: # ports that can't be exposed and bound to haproxy
     - 2377 # docker swarm port
     - 7946 # docker swarm port
     - 4789 # docker swarm port
     - 3333 # swiftwave port
+  auto_migrate_database: true # true or false
+lets_encrypt:
+  staging_environment: false # true or false
+  email_id: will_be_overridden
+  account_private_key_path: /etc/swiftwave/letsencrypt/account.key
 haproxy:
   service_name: haproxy
   image: ghcr.io/swiftwave-org/haproxy:2.9
-  unix_socket_path: ~/swiftwave/dataplaneapi.sock
-  user: admin
-  password: admin
+  unix_socket_path: /etc/swiftwave/haproxy/dataplaneapi.sock
+  user: will_be_overridden
+  password: will_be_overridden
+  data_dir: /var/lib/swiftwave/haproxy
 postgresql:
-  host: localhost
+  host: 127.0.0.1
   port: 5432
   user: postgres
   password: postgres
   database: swiftwave
   time_zone: Asia/Kolkata
-lets_encrypt:
-  staging_environment: false # true or false
-  email_id: [email protected]
-  account_private_key_path: ~/swiftwave/account.key
+  ssl_mode: disable # disable or require
 pubsub:
   mode: local # local or remote
   buffer_length: 1000
@@ -48,5 +50,5 @@ task_queue:
     host: localhost
     user: guest
     password: guest
-    vhost:
-    client_name: swiftwave
+    vhost: vhost
+    client_name: system_hostname # this client name will be shown in rabbitmq management console

cmd/db-migrate.go

@@ -0,0 +1,29 @@
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+	"github.com/swiftwave-org/swiftwave/swiftwave_service/core"
+	"gorm.io/driver/postgres"
+	"gorm.io/gorm"
+)
+
+var dbMigrateCmd = &cobra.Command{
+	Use:   "db-migrate",
+	Short: "Migrate the database",
+	Long:  `Migrate the database`,
+	Run: func(cmd *cobra.Command, args []string) {
+		// Initiating database client
+		dbDialect := postgres.Open(systemConfig.PostgresqlConfig.DSN())
+		client, err := gorm.Open(dbDialect, &gorm.Config{})
+		if err != nil {
+			printError("Failed to create database client")
+		}
+		// Migrate the database
+		err = core.MigrateDatabase(client)
+		if err != nil {
+			printError("Failed to migrate the database")
+		} else {
+			printSuccess("Successfully migrated the database")
+		}
+	},
+}

cmd/generate-tls.go

@@ -0,0 +1,131 @@
+package cmd
+
+import (
+	"context"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"errors"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/labstack/echo/v4"
+	"github.com/labstack/echo/v4/middleware"
+	"github.com/spf13/cobra"
+	SSL "github.com/swiftwave-org/swiftwave/ssl_manager"
+	"gorm.io/driver/postgres"
+	"gorm.io/gorm"
+)
+
+func init() {
+	generateTLSCommand.Flags().String("domain", "", "Domain name for which to generate the certificate")
+}
+
+var generateTLSCommand = &cobra.Command{
+	Use:   "generate-tls",
+	Short: "Generate TLS certificates for swiftwave endpoints",
+	Long: `This command generates TLS certificates for swiftwave endpoints.
+	It's not for generating certificates for domain of hosted applications`,
+	Run: func(cmd *cobra.Command, args []string) {
+		// If domain is not provided, use the domain from config
+		domain := cmd.Flag("domain").Value.String()
+		if strings.TrimSpace(domain) == "" {
+			domain = systemConfig.ServiceConfig.AddressOfCurrentNode
+		}
+		// Check if there is already someone listening on port 80
+		if checkIfPortIsInUse("80") {
+			printError("Port 80 is already in use, please stop the process and try again")
+			return
+		}
+		//// Start http-01 challenge server
+		echoServer := echo.New()
+		echoServer.HideBanner = true
+		echoServer.Pre(middleware.RemoveTrailingSlash())
+		// Initiating database client
+		dbDialect := postgres.Open(systemConfig.PostgresqlConfig.DSN())
+		dbClient, err := gorm.Open(dbDialect, &gorm.Config{})
+		if err != nil {
+			printError("Failed to connect to database")
+			return
+		}
+		// Initiating SSL Manager
+		options := SSL.ManagerOptions{
+			IsStaging:                 systemConfig.LetsEncryptConfig.StagingEnvironment,
+			Email:                     systemConfig.LetsEncryptConfig.EmailID,
+			AccountPrivateKeyFilePath: systemConfig.LetsEncryptConfig.AccountPrivateKeyPath,
+		}
+		sslManager := SSL.Manager{}
+		err = sslManager.Init(context.Background(), *dbClient, options)
+		if err != nil {
+			printError("Failed to initiate SSL Manager")
+			return
+		}
+		// Start the server
+		go func(sslManager *SSL.Manager) {
+			sslManager.InitHttpHandlers(echoServer)
+			err := echoServer.Start(":80")
+			if err != nil {
+				if errors.Is(err, http.ErrServerClosed) {
+				printSuccess("http-01 challenge server has been stopped")
+				} else {
+					printError("Failed to start http-01 challenge server")
+					os.Exit(1)
+				}
+			}
+		}(&sslManager)
+		// Generate private key
+		privateKey, err := generatePrivateKey()
+		if err != nil {
+			printError("Failed to generate private key")
+			return
+		}
+		// Generate the certificate
+		certificate, err := sslManager.ObtainCertificate(domain, privateKey)
+		if err != nil {
+			println(err.Error())
+			printError("Failed to generate certificate")
+			return
+		}
+		// Stop the http-01 challenge server
+		echoServer.Server.Shutdown(context.Background())
+		// Store private key and certificate in the service.ssl_certificate_dir/<domain> folder
+		dir := systemConfig.ServiceConfig.SSLCertificateDir + "/" + domain
+		if !checkIfFolderExists(dir) {
+			err = createFolder(dir)
+			if err != nil {
+				printError("Failed to create folder " + dir)
+				return
+			}
+		}
+		// Store private key
+		err = os.WriteFile(dir+"/private.key", []byte(privateKey), 0644)
+		if err != nil {
+			printError("Failed to store private key")
+			return
+		}
+		// Store certificate
+		err = os.WriteFile(dir+"/certificate.crt", []byte(certificate), 0644)
+		if err != nil {
+			printError("Failed to store certificate")
+			return
+		}
+		// Print success message
+		printSuccess("Successfully generated TLS certificate for " + domain)
+	},
+}
+
+func generatePrivateKey() (string, error) {
+	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		return "", errors.New("unable to generate private key")
+	}
+	privateKeyBytes := x509.MarshalPKCS1PrivateKey(privateKey)
+	pemKey := pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: privateKeyBytes,
+	}
+	privateKeyBytes = pem.EncodeToMemory(&pemKey)
+	return string(privateKeyBytes), nil
+}