shimun/ssh-cert-dist
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

rename to sshcd

Browse Source
This commit is contained in:
shimun 2023-07-09 19:12:27 +02:00
parent f47c57c1c0
commit e7c3a9f116
Signed by: shimun
GPG Key ID: E0420647856EA39E
6 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
client/Cargo.toml
View File

@ -5,7 +5,7 @@ authors = ["shimun <shimun@shimun.net>"]
edition = "2021"
[[bin]]
name = "ssh-cert-dist"
name = "sshcd"
path = "src/main.rs"
[dependencies]
@ -17,7 +17,7 @@ clap = { version = "4.0.29", features = ["env", "derive"] }
rand = "0.8.5"
reqwest = { version = "0.11.13" }
serde = { version = "1.0.148", features = ["derive"] }
ssh-key = { version = "0.6.0-pre.0", features = ["ed25519", "p256", "p384", "rsa"] }
ssh-key = { version = "0.6.0-pre.0", features = ["ed25519", "p256", "p384", "rsa", "serde"] }
thiserror = "1.0.37"
tokio = { version = "1.22.0", features = ["io-std", "test-util", "tracing", "macros", "fs"] }
tracing = { version = "0.1.37", features = ["release_max_level_debug"] }

4
client/src/client.rs
View File

@ -117,12 +117,12 @@ async fn fetch(
}: FetchArgs,
) -> anyhow::Result<()> {
let certs = read_certs_dir(&cert_dir).await?;
let publics_keys = read_pubkey_dir(&cert_dir).await?;
// let publics_keys = read_pubkey_dir(&cert_dir).await?;
let client = reqwest::Client::new();
let threshold_exp = min_delta.and_then(|min_delta| {
SystemTime::now().checked_add(Duration::from_secs(60 * 60 * 24 * min_delta as u64))
});
let standalone_certs = publics_keys.into_iter().map(|(name, key)| )
// let standalone_certs = publics_keys.into_iter().map(|(name, key)| )
let updates = certs
.into_iter()
.filter(|cert| {

12
flake.nix
View File

@ -43,9 +43,11 @@
# `nix run`
apps."${pname}-server" = utils.lib.mkApp {
drv = packages."${pname}-server";
exePath = "/bin/sshcd-server";
};
apps."${pname}-client" = utils.lib.mkApp {
drv = packages."${pname}-client";
exePath = "/bin/sshcd";
};
# `nix run .#streamDockerImage | docker load`
@ -91,7 +93,15 @@
rustc --version
printf "\nbuild inputs: ${pkgs.lib.concatStringsSep ", " (map (bi: bi.name) (buildInputs ++ nativeBuildInputs))}"
function server() {
cargo watch -x "run --bin ssh-cert-dist-server --all-features -- ''${@}"
if [ ! -e "certs/ca.pub" ]; then
mkdir -p certs keys
ssh-keygen -t ed25519 -f certs/ca -q -N ""
ssh-keygen -t ed25519 -f keys/host -q -N ""
ssh-keygen -t ed25519 -f keys/client -q -N ""
ssh-keygen -s certs/ca -V +1000d -h -I host -n localhost,127.0.0.1 -h keys/host.pub
ssh-keygen -s certs/ca -V +1000d -I client -n "client,client@localhost" keys/client.pub -O force-command="echo Hello World"
fi
cargo watch -x "run --bin sshcd-server --all-features -- ''${@}"
}
'';
};

4
modules/home-manager.nix
View File

@ -16,10 +16,10 @@ in
runtimeInputs = [ cfg.package ];
text = ''
${optionalString options.fetch ''
ssh-cert-dist fetch --cert-dir '${path}' --api-endpoint '${cfg.endpoint}'
sshcd fetch --cert-dir '${path}' --api-endpoint '${cfg.endpoint}'
''}
${optionalString options.upload ''
ssh-cert-dist upload --api-endpoint '${cfg.endpoint}' ${path}/*
sshcd upload --api-endpoint '${cfg.endpoint}' ${path}/*
''}
'';
});

2
modules/nixos.nix
View File

@ -57,7 +57,7 @@ in
chown ${cfg.user}:${cfg.group} ${cfg.dataDir}
''}";
User = cfg.user;
ExecStart = "${cfg.package}/bin/ssh-cert-dist-server";
ExecStart = "${cfg.package}/bin/sshcd-server";
};
};
};

3
server/Cargo.toml
View File

@ -13,6 +13,9 @@ authorized =[ "dep:jwt-compact" ]
index = []
info = [ "axum/json", "ssh-key/serde" ]
[[bin]]
name = "sshcd-server"
path = "src/main.rs"
[dependencies]
anyhow = "1.0.66"