mitchell/selfpass
1
0
Fork 0
mirror of https://github.com/mitchell/selfpass.git synced 2025-12-13 21:07:22 +00:00
Code Issues Projects Releases Packages Wiki Activity

Refactor server to make use of Docker secrets

Browse source
This commit is contained in:
mitchell 2019-08-08 00:46:51 -04:00
parent 78f61f3ca7
commit d83a4641a3
6 changed files with 53 additions and 1406 deletions
Download patch file Download diff file Expand all files Collapse all files

38
services/Makefile
View file

@ -1,14 +1,13 @@
.PHONY: all build clean format test gen-certs-go
.PHONY: all build clean format test
docker: clean format install
docker-compose build
docker build -t selfpass:latest .
build: gen-certs-go
build:
go build -mod=vendor -o ./bin/server ./cmd
rm ./cmd/certs.go
clean:
rm -rf ./bin ./vendor ./cmd/certs.go
rm -rf ./bin ./vendor
local:
docker-compose up -d
@ -30,32 +29,38 @@ machine-create-google:
--google-machine-image https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-9-stretch-v20190514 \
--google-username selfpass \
--google-zone us-west1-c \
selfpass01
$(MAKE) machine-put-data
${DOCKER_MACHINE_NAME}
$(MAKE) machine-install-stackdriver-agent
$(MAKE) machine-add-grpc-server-tag
machine-rm:
docker-machine rm selfpass01
docker-machine rm ${DOCKER_MACHINE_NAME}
machine-ssh:
docker-machine ssh selfpass01
docker-machine ssh ${DOCKER_MACHINE_NAME}
machine-put-data:
docker-machine ssh selfpass01 "if [[ ! -e data ]]; then mkdir data && chmod 777 data; fi"
docker-machine scp ./data/bolt.db selfpass01:data/bolt.db
docker-machine ssh selfpass01 "chmod 666 data/bolt.db"
docker-machine ssh ${DOCKER_MACHINE_NAME} "if [[ ! -e data ]]; then mkdir data && chmod 777 data; fi"
docker-machine scp ./data/bolt.db ${DOCKER_MACHINE_NAME}:data/bolt.db
docker-machine ssh ${DOCKER_MACHINE_NAME} "chmod 666 data/bolt.db"
machine-get-data:
docker-machine scp selfpass01:data/bolt.db ./data/
docker-machine scp ${DOCKER_MACHINE_NAME}:data/bolt.db ./data/
machine-put-certs:
docker-machine ssh ${DOCKER_MACHINE_NAME} "if [[ ! -e certs ]]; then mkdir certs; fi && chmod -R 755 certs"
docker-machine scp ./certs/ca.pem ${DOCKER_MACHINE_NAME}:certs/ca.pem
docker-machine scp ./certs/server.pem ${DOCKER_MACHINE_NAME}:certs/server.pem
docker-machine scp ./certs/server-key.pem ${DOCKER_MACHINE_NAME}:certs/server-key.pem
docker-machine ssh ${DOCKER_MACHINE_NAME} "chmod 444 certs/*"
machine-add-grpc-server-tag:
gcloud compute instances add-tags selfpass01 \
gcloud compute instances add-tags ${DOCKER_MACHINE_NAME} \
--zone us-west1-c \
--tags grpc-server
machine-install-stackdriver-agent:
docker-machine ssh selfpass01 "curl -sSO https://dl.google.com/cloudagents/install-monitoring-agent.sh && sudo bash install-monitoring-agent.sh"
docker-machine ssh ${DOCKER_MACHINE_NAME} "curl -sSO https://dl.google.com/cloudagents/install-monitoring-agent.sh && sudo bash install-monitoring-agent.sh"
format:
gofmt -w -s -l .
@ -85,8 +90,5 @@ gen-server-cert:
gen-client-cert:
cd certs && cfssl gencert -ca ca.pem -ca-key ca-key.pem -profile client csr.json | cfssljson -bare client
gen-certs-go:
./gen_certs_go.sh > ./cmd/certs.go
test:
go test -cover ./...