direktil/local-server
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: direktil:0dbab431a0970758ea56a59e3fc5fb91120f548a
Branches Tags
direktil:main direktil:wip direktil:dev direktil:testing direktil:test
..
compare: direktil:main
Branches Tags
direktil:main direktil:wip direktil:dev direktil:testing direktil:test

5 Commits
0dbab431a0 ... main

Author SHA1 Message Date
Mikaël Cluseau
06a87a6d07 fix ws config as yaml 2026-02-21 14:34:53 +01:00
Mikaël Cluseau
d37c4c2f13 feat: ca extra certs 2026-02-21 08:43:43 +01:00
Mikaël Cluseau
629bb21f12 base64 k8s (yaml) decoder expects padding 2026-02-10 21:08:45 +01:00
Mikaël Cluseau
6d9499ebb1 bump pkg dep 2026-02-10 15:20:51 +01:00
Mikaël Cluseau
4ab136be68 cleanup 2026-01-26 12:08:54 +01:00
9 changed files with 41 additions and 45 deletions
Expand all files Collapse all files

2
cmd/dkl-local-server/boot-iso.go
View File

@ -51,7 +51,7 @@ func buildBootISO(out io.Writer, ctx *renderContext) (err error) {
} }
// create a tag file // create a tag file
bootstrapBytes, _, err := ctx.BootstrapConfig() bootstrapBytes, err := ctx.BootstrapConfig()
if err != nil { if err != nil {
return return
} }

17
cmd/dkl-local-server/bootv2.go
View File

@ -4,7 +4,6 @@ import (
"archive/tar" "archive/tar"
"bytes" "bytes"
"crypto" "crypto"
"encoding/json"
"fmt" "fmt"
"io" "io"
"log" "log"
@ -12,26 +11,20 @@ import (
"os" "os"
"github.com/klauspost/compress/zstd" "github.com/klauspost/compress/zstd"
yaml "gopkg.in/yaml.v2"
"novit.tech/direktil/pkg/cpiocat" "novit.tech/direktil/pkg/cpiocat"
) )
func renderBootstrapConfig(w http.ResponseWriter, r *http.Request, ctx *renderContext, asJson bool) (err error) { func renderBootstrapConfig(w http.ResponseWriter, ctx *renderContext) (err error) {
log.Printf("sending bootstrap config for %q", ctx.Host.Name) log.Printf("sending bootstrap config for %q", ctx.Host.Name)
_, cfg, err := ctx.BootstrapConfig() ba, err := ctx.BootstrapConfig()
if err != nil { if err != nil {
return err return err
} }
if asJson { _, err = w.Write(ba)
err = json.NewEncoder(w).Encode(cfg) return
} else {
err = yaml.NewEncoder(w).Encode(cfg)
}
return nil
} }
func buildInitrd(out io.Writer, ctx *renderContext) (err error) { func buildInitrd(out io.Writer, ctx *renderContext) (err error) {
@ -72,7 +65,7 @@ func buildInitrd(out io.Writer, ctx *renderContext) (err error) {
} }
// config // config
cfgBytes, _, err := ctx.BootstrapConfig() cfgBytes, err := ctx.BootstrapConfig()
if err != nil { if err != nil {
return return
} }

14
cmd/dkl-local-server/cluster-render-context.go
View File

@ -117,7 +117,12 @@ func templateFuncs(sslCfg *cfsslconfig.Config) map[string]any {
return return
} }
s = string(ca.Cert) extra, err := caExtraCerts(cluster, name)
if err != nil {
return
}
s = string(ca.Cert) + extra
return return
}, },
@ -127,13 +132,18 @@ func templateFuncs(sslCfg *cfsslconfig.Config) map[string]any {
return return
} }
extra, err := caExtraCerts(cluster, name)
if err != nil {
return
}
dir := "/etc/tls-ca/" + name dir := "/etc/tls-ca/" + name
return asYaml([]config.FileDef{ return asYaml([]config.FileDef{
{ {
Path: path.Join(dir, "ca.crt"), Path: path.Join(dir, "ca.crt"),
Mode: 0644, Mode: 0644,
Content: string(ca.Cert), Content: string(ca.Cert) + extra,
}, },
{ {
Path: path.Join(dir, "ca.key"), Path: path.Join(dir, "ca.key"),

8
cmd/dkl-local-server/initrd.go
View File

@ -4,14 +4,12 @@ import (
"encoding/json" "encoding/json"
"log" "log"
"net/http" "net/http"
yaml "gopkg.in/yaml.v2"
) )
func renderConfig(w http.ResponseWriter, r *http.Request, ctx *renderContext, asJson bool) (err error) { func renderConfig(w http.ResponseWriter, _ *http.Request, ctx *renderContext, asJson bool) (err error) {
log.Printf("sending config for %q", ctx.Host.Name) log.Printf("sending config for %q", ctx.Host.Name)
_, cfg, err := ctx.Config() cfgBytes, cfg, err := ctx.Config()
if err != nil { if err != nil {
return err return err
} }
@ -19,7 +17,7 @@ func renderConfig(w http.ResponseWriter, r *http.Request, ctx *renderContext, as
if asJson { if asJson {
err = json.NewEncoder(w).Encode(cfg) err = json.NewEncoder(w).Encode(cfg)
} else { } else {
err = yaml.NewEncoder(w).Encode(cfg) _, err = w.Write(cfgBytes)
} }
return nil return nil

22
cmd/dkl-local-server/render-context.go
View File

@ -26,14 +26,10 @@ import (
"novit.tech/direktil/pkg/config" "novit.tech/direktil/pkg/config"
"novit.tech/direktil/pkg/localconfig" "novit.tech/direktil/pkg/localconfig"
bsconfig "novit.tech/direktil/pkg/bootstrapconfig"
) )
var cmdlineParam = restful.QueryParameter("cmdline", "Linux kernel cmdline addition") var cmdlineParam = restful.QueryParameter("cmdline", "Linux kernel cmdline addition")
var b64 = base64.StdEncoding.WithPadding(base64.NoPadding)
type renderContext struct { type renderContext struct {
Host *localconfig.Host Host *localconfig.Host
SSLConfig *cfsslconfig.Config SSLConfig *cfsslconfig.Config
@ -114,19 +110,8 @@ func (ctx *renderContext) Config() (ba []byte, cfg *config.Config, err error) {
return return
} }
func (ctx *renderContext) BootstrapConfig() (ba []byte, cfg *bsconfig.Config, err error) { func (ctx *renderContext) BootstrapConfig() (ba []byte, err error) {
ba, err = ctx.render(ctx.Host.BootstrapConfig) return ctx.render(ctx.Host.BootstrapConfig)
if err != nil {
return
}
cfg = &bsconfig.Config{}
if err = yaml.Unmarshal(ba, cfg); err != nil {
log.Print("invalid bootstrap config yaml:\n", string(ba))
return
}
return
} }
func (ctx *renderContext) render(templateText string) (ba []byte, err error) { func (ctx *renderContext) render(templateText string) (ba []byte, err error) {
@ -190,8 +175,7 @@ func (ctx *renderContext) TemplateFuncs() map[string]any {
for name, method := range map[string]any{ for name, method := range map[string]any{
"base64": func(input string) string { "base64": func(input string) string {
enc := base64.StdEncoding.WithPadding(base64.NoPadding) return base64.StdEncoding.EncodeToString([]byte(input))
return enc.EncodeToString([]byte(input))
}, },
"host_ip": func() (s string) { "host_ip": func() (s string) {

11
cmd/dkl-local-server/ws-cluster-cas.go
View File

@ -79,6 +79,17 @@ func getUsableClusterCA(cluster, name string) (ca CA, err error) {
return return
} }
func caExtraCerts(cluster, name string) (extra string, err error) {
cfg, err := readConfig()
if err != nil {
return
}
if cfg.ExtraCaCerts != nil {
extra = cfg.ExtraCaCerts[cluster+"/"+name]
}
return
}
var clusterCASignedKeys = newClusterSecretKV[KeyCert]("CA-signed-keys") var clusterCASignedKeys = newClusterSecretKV[KeyCert]("CA-signed-keys")
func wsClusterCASignedKeys(req *restful.Request, resp *restful.Response) { func wsClusterCASignedKeys(req *restful.Request, resp *restful.Response) {

4
cmd/dkl-local-server/ws-host.go
View File

@ -211,9 +211,7 @@ func renderHost(w http.ResponseWriter, r *http.Request, what string, host *local
// boot v2 // boot v2
case "bootstrap-config": case "bootstrap-config":
err = renderBootstrapConfig(w, r, ctx, false) err = renderBootstrapConfig(w, ctx)
case "bootstrap-config.json":
err = renderBootstrapConfig(w, r, ctx, true)
default: default:
http.NotFound(w, r) http.NotFound(w, r)

2
go.mod
View File

@ -25,7 +25,7 @@ require (
gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v2 v2.4.0
k8s.io/apimachinery v0.33.2 k8s.io/apimachinery v0.33.2
m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766 m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766
novit.tech/direktil/pkg v0.0.0-20260125193049-56f78e083a84 novit.tech/direktil/pkg v0.0.0-20260221072850-b72bed72bb51
) )
replace github.com/zmap/zlint/v3 => github.com/zmap/zlint/v3 v3.3.1 replace github.com/zmap/zlint/v3 => github.com/zmap/zlint/v3 v3.3.1

6
go.sum
View File

@ -346,5 +346,7 @@ k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8
k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766 h1:JRzMBDbUwrTTGDJaJSH0ap4vRL0Q9CN1bG8a6n49eaQ= m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766 h1:JRzMBDbUwrTTGDJaJSH0ap4vRL0Q9CN1bG8a6n49eaQ=
m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766/go.mod h1:BMv3aOSYpupuiiG3Ch3ND88aB5CfAks3YZuRLE8j1ls= m.cluseau.fr/go v0.0.0-20230809064045-12c5a121c766/go.mod h1:BMv3aOSYpupuiiG3Ch3ND88aB5CfAks3YZuRLE8j1ls=
novit.tech/direktil/pkg v0.0.0-20260125193049-56f78e083a84 h1:eqLPaRpVth1WgdvprKKtc4CVF13dkxuKbo7bLzlYG6s= novit.tech/direktil/pkg v0.0.0-20260210141740-4d5661fa8ecd h1:proGf8Cid9tzJzoRbqQHGGpZZKTpUDFwOREbjYrCbkM=
novit.tech/direktil/pkg v0.0.0-20260125193049-56f78e083a84/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10= novit.tech/direktil/pkg v0.0.0-20260210141740-4d5661fa8ecd/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10=
novit.tech/direktil/pkg v0.0.0-20260221072850-b72bed72bb51 h1:NBcpvWcTBMzFos0pkuLsbVCQ+mHf8KqNOdVywMX6FFk=
novit.tech/direktil/pkg v0.0.0-20260221072850-b72bed72bb51/go.mod h1:zjezU6tELE880oYHs/WAauGBupKIEQQ7KqWTB69RW10=