allow store upload, + upload UIs for store and config

cmd/dkl-local-server/ws-public.go

@@ -5,10 +5,13 @@ import (
 	"bytes"
 	"io"
 	"io/fs"
+	"log"
 	"net/http"
 	"os"
+	"path/filepath"
 
 	restful "github.com/emicklei/go-restful"
+	"m.cluseau.fr/go/httperr"
 )
 
 func wsUnlockStore(req *restful.Request, resp *restful.Response) {
@@ -96,3 +99,68 @@ func wsStoreDownload(req *restful.Request, resp *restful.Response) {
 
 	buf.WriteTo(resp)
 }
+
+func wsStoreUpload(req *restful.Request, resp *restful.Response) {
+	if !secStore.IsNew() {
+		wsError(resp, httperr.BadRequest("store is not new"))
+		return
+	}
+
+	buf := new(bytes.Buffer)
+
+	_, err := io.Copy(buf, req.Request.Body)
+	if err != nil {
+		wsError(resp, err)
+		return
+	}
+
+	arch := tar.NewReader(buf)
+
+	root := secStoreRoot()
+
+	for {
+		hdr, err := arch.Next()
+		if err == io.EOF {
+			err = nil
+			break
+		} else if err != nil {
+			wsError(resp, err)
+			return
+		}
+
+		log.Print(hdr.Name)
+
+		fullPath := filepath.Join(root, hdr.Name)
+
+		switch {
+		case hdr.FileInfo().IsDir():
+			err = os.MkdirAll(fullPath, 0700)
+			if err != nil {
+				wsError(resp, err)
+				return
+			}
+
+		default:
+			content, err := io.ReadAll(io.LimitReader(arch, hdr.Size))
+			if err != nil {
+				wsError(resp, err)
+				return
+			}
+
+			err = os.WriteFile(fullPath, content, 0600)
+			if err != nil {
+				wsError(resp, err)
+				return
+			}
+		}
+	}
+
+	if err != nil {
+		wsError(resp, err)
+		return
+	}
+
+	openSecretStore()
+
+	resp.WriteEntity(map[string]any{"ok": true})
+}

cmd/dkl-local-server/ws.go

@@ -34,6 +34,9 @@ func registerWS(rest *restful.Container) {
 				Produces(mime.TAR).
 				Param(ws.QueryParameter("token", "the download token")).
 				Doc("Fetch the encrypted store")).
+			Route(ws.POST("/store.tar").To(wsStoreUpload).
+				Consumes(mime.TAR).
+				Doc("Upload an existing store")).
 			Route(ws.GET("/downloads/{token}/{asset}").To(wsDownload).
 				Param(ws.PathParameter("token", "the download token")).
 				Param(ws.PathParameter("asset", "the requested asset")).

html/ui/index.html

@@ -39,15 +39,21 @@
 </template>
 <template v-else-if="publicState.Store.New">
     <p>Store is new.</p>
-    <form @submit="unlockStore" action="/public/unlock-store">
+    <p>Option 1: initialize a new store</p>
+    <form @submit="unlockStore">
         <input type="password" v-model="forms.store.pass1" name="passphrase" required />
         <input type="password" v-model="forms.store.pass2" required />
         <input type="submit" value="initialize" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
     </form>
+    <p>Option 2: upload a previously downloaded store</p>
+    <form @submit="uploadStore">
+        <input type="file" ref="storeUpload" />
+        <input type="submit" value="upload" />
+    </form>
 </template>
 <template v-else-if="!publicState.Store.Open">
     <p>Store is not open.</p>
-    <form @submit="unlockStore" action="/public/unlock-store">
+    <form @submit="unlockStore">
         <input type="password" name="passphrase" v-model="forms.store.pass1" required />
         <input type="submit" value="unlock" :disabled="!forms.store.pass1" />
     </form>
@@ -70,6 +76,10 @@
         <input type="password" v-model="forms.store.pass2" autocomplete="new-password" required />
         <input type="submit" value="add unlock phrase" :disabled="!forms.store.pass1 || forms.store.pass1 != forms.store.pass2" />
     </form>
+    <form @submit="uploadConfig">
+        <input type="file" ref="configUpload" required />
+        <input type="submit" value="upload config" />
+    </form>
   </div>
 
   <div v-if="state.Clusters" id="clusters">

html/ui/js/app.js

@@ -10,6 +10,7 @@ createApp({
         return {
             forms: {
                 store: {  },
+                storeUpload: {},
             },
             session: {},
             error: null,
@@ -60,6 +61,12 @@ createApp({
             this.session.token = this.forms.setToken
             this.forms.setToken = null
         },
+        uploadStore() {
+            event.preventDefault()
+            this.apiPost('/public/store.tar', this.$refs.storeUpload.files[0], (v) => {
+                this.forms.store = {}
+            }, "application/tar")
+        },
         storeAddKey() {
             this.apiPost('/store/add-key', this.forms.store.pass1, (v) => {
                 this.forms.store = {}
@@ -78,7 +85,11 @@ createApp({
                 }
             })
         },
-        apiPost(action, data, onload) {
+        uploadConfig() {
+            event.preventDefault()
+            this.apiPost('/configs', this.$refs.configUpload.files[0], (v) => {}, "text/vnd.yaml")
+        },
+        apiPost(action, data, onload, contentType = 'application/json') {
             event.preventDefault()
 
             if (data === undefined) {
@@ -97,7 +108,7 @@ createApp({
             var xhr = new XMLHttpRequest()
 
             xhr.responseType = 'json'
-            // TODO spinner, pending aciton notification, or something
+            // TODO spinner, pending action notification, or something
             xhr.onerror = () => {
                 // this.actionResults.splice(idx, 1, {...item, done: true, failed: true })
             }
@@ -115,11 +126,16 @@ createApp({
 
             xhr.open("POST", action)
             xhr.setRequestHeader('Accept', 'application/json')
-            xhr.setRequestHeader('Content-Type', 'application/json')
+            xhr.setRequestHeader('Content-Type', contentType)
             if (this.session.token) {
                 xhr.setRequestHeader('Authorization', 'Bearer '+this.session.token)
             }
+
+            if (contentType == "application/json") {
                 xhr.send(JSON.stringify(data))
+            } else {
+                xhr.send(data)
+            }
         },
         download(url) {
             event.target.target = '_blank'