Skip to content

Commit

Permalink
acmeserver: support additional database types beside bbolt
Browse files Browse the repository at this point in the history
  • Loading branch information
mohammed90 authored Feb 11, 2024
1 parent c78ebb3 commit f94affb
Showing 1 changed file with 39 additions and 7 deletions.
46 changes: 39 additions & 7 deletions modules/caddypki/acmeserver/acmeserver.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
weakrand "math/rand"
"net"
"net/http"
"net/url"
"os"
"path/filepath"
"regexp"
Expand Down Expand Up @@ -52,6 +53,10 @@ type Handler struct {
// the default ID is "local".
CA string `json:"ca,omitempty"`

// The connection string of the database used for
// the account data of the ACME clients
Database string `json:"database,omitempty"`

// The lifetime for issued certificates
Lifetime caddy.Duration `json:"lifetime,omitempty"`

Expand Down Expand Up @@ -153,6 +158,12 @@ func (ash *Handler) Provision(ctx caddy.Context) error {
return fmt.Errorf("certificate lifetime (%s) should be less than intermediate certificate lifetime (%s)", time.Duration(ash.Lifetime), time.Duration(ca.IntermediateLifetime))
}

repl, ok := ctx.Context.Value(caddy.ReplacerCtxKey).(*caddy.Replacer)
if !ok {
repl = caddy.NewReplacer()
ctx.Context = context.WithValue(ctx.Context, caddy.ReplacerCtxKey, repl)
}
ash.Database = repl.ReplaceKnown(ash.Database, "")
database, err := ash.openDatabase()
if err != nil {
return err
Expand Down Expand Up @@ -248,17 +259,38 @@ func (ash Handler) Cleanup() error {
func (ash Handler) openDatabase() (*db.AuthDB, error) {
key := ash.getDatabaseKey()
database, loaded, err := databasePool.LoadOrNew(key, func() (caddy.Destructor, error) {
dbFolder := filepath.Join(caddy.AppDataDir(), "acme_server", key)
dbPath := filepath.Join(dbFolder, "db")

err := os.MkdirAll(dbFolder, 0o755)
var dsn string
dburl, err := url.Parse(ash.Database)
if err != nil {
return nil, fmt.Errorf("making folder for CA database: %v", err)
return nil, err
}
if dburl.Scheme == "" {
dburl.Scheme = "bbolt"
}
var dbtype string
switch dburl.Scheme {
case "postgresql", "postgres", "psql":
dbtype = nosql.PostgreSQLDriver // normalize the postgres identifier
dsn = ash.Database
case "mysql":
dbtype = nosql.MySQLDriver
dsn = ash.Database
case "bbolt":
dbtype = nosql.BBoltDriver
dbFolder := filepath.Join(caddy.AppDataDir(), "acme_server", key)
dsn = filepath.Join(dbFolder, "db")
if err := os.MkdirAll(dbFolder, 0o755); err != nil {
return nil, fmt.Errorf("making folder for CA database: %v", err)
}
default:
// Although smallstep/nosql rejects unrecognized database, we
// reject them here to avoid surprises. We also reject 'badger'.
return nil, fmt.Errorf("unsupported database type: %s", dburl.Scheme)
}

dbConfig := &db.Config{
Type: "bbolt",
DataSource: dbPath,
Type: dbtype,
DataSource: dsn,
}
database, err := db.New(dbConfig)
return databaseCloser{&database}, err
Expand Down

0 comments on commit f94affb

Please sign in to comment.