feat: tls in CLI added (#251)

Author: tanmoysrt

cmd/auto-service-tls-renew.go

@@ -0,0 +1,119 @@
+package cmd
+
+import (
+	_ "embed"
+	"os"
+	"os/exec"
+
+	"github.com/spf13/cobra"
+)
+
+//go:embed swiftwave-service-tls-renew.service
+var swiftwaveServiceTLSRenewService string
+
+//go:embed swiftwave-service-tls-renew.timer
+var swiftwaveServiceTLSRenewTimer string
+
+func init() {
+	autoServiceTLSRenewCmd.AddCommand(enableServiceTLSRenewServiceCmd)
+	autoServiceTLSRenewCmd.AddCommand(disableServiceTLSRenewServiceCmd)
+}
+
+var autoServiceTLSRenewCmd = &cobra.Command{
+	Use:   "auto-renew",
+	Short: "Auto renew swiftwave service TLS certificates going to expire in 30 days",
+	Long:  `Auto update swiftwave service TLS certificates going to expire in 30 days`,
+	Run: func(cmd *cobra.Command, args []string) {
+		// print help
+		err := cmd.Help()
+		if err != nil {
+			return
+		}
+	},
+}
+
+var enableServiceTLSRenewServiceCmd = &cobra.Command{
+	Use:   "enable",
+	Short: "Enable auto renew service",
+	Long:  `Enable auto renew service`,
+	Run: func(cmd *cobra.Command, args []string) {
+		// Move swiftwave-service-tls-renew.service to /etc/systemd/system/
+		err := os.WriteFile("/etc/systemd/system/swiftwave-service-tls-renew.service", []byte(swiftwaveServiceTLSRenewService), 0644)
+		if err != nil {
+			printError("Failed to write swiftwave-service-tls-renew.service file")
+			return
+		}
+		// Move swiftwave-service-tls-renew.timer to /etc/systemd/system/
+		err = os.WriteFile("/etc/systemd/system/swiftwave-service-tls-renew.timer", []byte(swiftwaveServiceTLSRenewTimer), 0644)
+		if err != nil {
+			printError("Failed to write swiftwave-service-tls-renew.timer file")
+			return
+		}
+		// Reload systemd daemon
+		runCommand := exec.Command("systemctl", "daemon-reload")
+		err = runCommand.Run()
+		if err != nil {
+			printError("Failed to reload systemd daemon")
+		} else {
+			printSuccess("Reloaded systemd daemon")
+		}
+		// Enable swiftwave service tls renew timer
+		runCommand = exec.Command("systemctl", "enable", "swiftwave-service-tls-renew.timer")
+		err = runCommand.Run()
+		if err != nil {
+			printError("Failed to enable swiftwave service tls renew service")
+		} else {
+			printSuccess("Enabled swiftwave service tls renew service")
+		}
+		// Start swiftwave service
+		runCommand = exec.Command("systemctl", "start", "swiftwave-service-tls-renew.timer")
+		err = runCommand.Run()
+		if err != nil {
+			printError("Failed to start swiftwave service tls renew service")
+		} else {
+			printSuccess("Started swiftwave service tls renew service")
+		}
+	},
+}
+
+var disableServiceTLSRenewServiceCmd = &cobra.Command{
+	Use:   "disable",
+	Short: "Disable auto renew service",
+	Long:  `Disable auto renew service`,
+	Run: func(cmd *cobra.Command, args []string) {
+		// Stop swiftwave service
+		runCommand := exec.Command("systemctl", "stop", "swiftwave-service-tls-renew.timer")
+		err := runCommand.Run()
+		if err != nil {
+			printError("Failed to stop swiftwave auto service tls renew service")
+		} else {
+			printSuccess("Stopped swiftwave auto service tls renew service")
+		}
+		// Disable swiftwave service
+		runCommand = exec.Command("systemctl", "disable", "swiftwave-service-tls-renew.timer")
+		err = runCommand.Run()
+		if err != nil {
+			printError("Failed to disable swiftwave auto service tls renew service")
+		} else {
+			printSuccess("Disabled swiftwave auto service tls renew service")
+		}
+		// Remove swiftwave-service-tls-renew.service from /etc/systemd/system/
+		err = os.Remove("/etc/systemd/system/swiftwave-service-tls-renew.service")
+		if err != nil {
+			printError("Failed to remove swiftwave-service-tls-renew.service file")
+		}
+		// Remove swiftwave-service-tls-renew.timer from /etc/systemd/system/
+		err = os.Remove("/etc/systemd/system/swiftwave-service-tls-renew.timer")
+		if err != nil {
+			printError("Failed to remove swiftwave-service-tls-renew.timer file")
+		}
+		// Reload systemd daemon
+		runCommand = exec.Command("systemctl", "daemon-reload")
+		err = runCommand.Run()
+		if err != nil {
+			printError("Failed to reload systemd daemon")
+		} else {
+			printSuccess("Reloaded systemd daemon")
+		}
+	},
+}

cmd/generate-tls.go

@@ -71,9 +71,6 @@ var haproxyStartCmd = &cobra.Command{
 			}
 		}
 		dockerImage := systemConfig.HAProxyConfig.DockerImage
-		if !systemConfig.ServiceConfig.UseTLS {
-			dockerImage = dockerImage + "-http"
-		}
 		// base directory for socket file
 		unixSocketMountDir := filepath.Dir(systemConfig.HAProxyConfig.UnixSocketPath)
 		err := generateDefaultHAProxyConfiguration(systemConfig)

cmd/haproxy.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"io"
 	"log"
+	"math/rand"
 	"net/http"
 	"os"
 	"strings"
@@ -179,11 +180,17 @@ var initCmd = &cobra.Command{
 			return
 		}
 
+		configTemplate.ServiceConfig.JwtSecretKey = generateRandomString(64)
 		configTemplate.ServiceConfig.AddressOfCurrentNode = domainName
 		configTemplate.LetsEncryptConfig.EmailID = letsEncryptEmail
 		configTemplate.HAProxyConfig.User = haproxyUser
 		configTemplate.HAProxyConfig.Password = haproxyPassword
-
+		hostname, err := os.Hostname()
+		if err != nil {
+			printError("Failed to fetch system hostname")
+			os.Exit(1)
+		}
+		configTemplate.TaskQueueConfig.AMQPConfig.ClientName = hostname
 		isCreated = createConfig(configTemplate, configFilePath)
 
 		if isCreated {
@@ -270,3 +277,12 @@ func getIPAddress() (string, error) {
 	}
 	return string(body), nil
 }
+
+func generateRandomString(length int) string {
+	const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+	result := make([]byte, length)
+	for i := range result {
+		result[i] = charset[rand.Intn(len(charset))]
+	}
+	return string(result)
+}

cmd/init.go

@@ -23,11 +23,11 @@ func init() {
 	rootCmd.AddCommand(configCmd)
 	rootCmd.AddCommand(createUserCmd)
 	rootCmd.AddCommand(deleteUserCmd)
+	rootCmd.AddCommand(tlsCmd)
 	rootCmd.AddCommand(startCmd)
 	rootCmd.AddCommand(haproxyCmd)
 	rootCmd.AddCommand(udpProxyCmd)
 	rootCmd.AddCommand(postgresCmd)
-	rootCmd.AddCommand(generateTLSCommand)
 	rootCmd.AddCommand(dbMigrateCmd)
 	rootCmd.AddCommand(serviceCmd)
 	rootCmd.AddCommand(updateCmd)

cmd/root.go

@@ -0,0 +1,10 @@
+[Unit]
+Description=Swiftwave Service TLS Ceritificate Updater Service
+After=multi-user.target
+
+[Service]
+ExecStart=/bin/sh -c "/usr/bin/swiftwave tls renew-certificates || true"
+Type=simple
+
+[Install]
+WantedBy=multi-user.target

cmd/swiftwave-service-tls-renew.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Swiftwave Service TLS Ceritificate Updater
+
+[Timer]
+OnCalendar=*-*-* 00:00:00
+Unit=swiftwave-service-tls-renew.service
+Persistent=true
+
+[Install]
+WantedBy=timers.target