host download tokens

cmd/dkl-local-server/render-context.go

@@ -4,10 +4,12 @@ import (
 	"bytes"
 	"crypto/sha256"
 	"encoding/hex"
+	"fmt"
 	"io"
 	"log"
 	"net/http"
 	"net/url"
+	"path"
 	"path/filepath"
 	"text/template"
 
@@ -115,7 +117,7 @@ func (ctx *renderContext) BootstrapConfig() (ba []byte, cfg *bsconfig.Config, er
 
 func (ctx *renderContext) render(templateText string) (ba []byte, err error) {
 	tmpl, err := template.New(ctx.Host.Name + "/config").
-		Funcs(templateFuncs(ctx.SSLConfig)).
+		Funcs(ctx.TemplateFuncs()).
 		Parse(templateText)
 
 	if err != nil {
@@ -168,3 +170,69 @@ func asMap(v interface{}) map[string]interface{} {
 
 	return result
 }
+
+func (ctx *renderContext) TemplateFuncs() map[string]any {
+	funcs := templateFuncs(ctx.SSLConfig)
+
+	for name, method := range map[string]any{
+		"ssh_host_keys": func(dir, cluster, host string) (s string, err error) {
+			if host == "" {
+				host = ctx.Host.Name
+			}
+			if host != ctx.Host.Name {
+				err = fmt.Errorf("wrong host name")
+				return
+			}
+
+			pairs, err := getSSHKeyPairs(host)
+			if err != nil {
+				return
+			}
+
+			files := make([]config.FileDef, 0, len(pairs)*2)
+
+			for _, pair := range pairs {
+				basePath := path.Join(dir, "ssh_host_"+pair.Type+"_key")
+				files = append(files, []config.FileDef{
+					{
+						Path:    basePath,
+						Mode:    0600,
+						Content: pair.Private,
+					},
+					{
+						Path:    basePath + ".pub",
+						Mode:    0644,
+						Content: pair.Public,
+					},
+				}...)
+			}
+
+			return asYaml(files)
+		},
+		"host_download_token": func() (token string, err error) {
+			key := ctx.Host.Name
+			token, found, err := hostDownloadTokens.Get(key)
+			if err != nil {
+				return
+			}
+
+			if !found {
+				token, err = newToken(32)
+				if err != nil {
+					return
+				}
+
+				err = hostDownloadTokens.Put(key, token)
+				if err != nil {
+					return
+				}
+			}
+
+			return
+		},
+	} {
+		funcs[name] = method
+	}
+
+	return funcs
+}