Migrated to cobra for command handling and viper for config handling

2026-02-25 21:17:23 +01:00
parent 61b65bf81c
commit 9eeb7a6ec0
13 changed files with 646 additions and 580 deletions
--- a/config.go
+++ b/config.go
@@ -9,173 +9,258 @@ import (
 	"strings"
 	"sync"

-	"git.nevets.tech/Steven/ezconf"
-	"gopkg.in/ini.v1"
+	"github.com/spf13/viper"
 )

-var domainConfigs map[string]*ezconf.Configuration
-var mu sync.RWMutex
-
 var (
-	BlankConfigEntry = errors.New("blank config entry")
-	ConfigNotFound   = errors.New("config file not found")
+	ErrBlankConfigEntry = errors.New("blank config entry")
+	ErrConfigNotFound   = errors.New("config file not found")
 )

-func makeDirs() {
-	err := os.MkdirAll("/etc/certman", 0644)
-	if err != nil {
-		if !os.IsExist(err) {
-			fmt.Println("Unable to create config directory")
-			os.Exit(1)
-		}
-	}
+type DomainConfigStore struct {
+	mu      sync.RWMutex
+	configs map[string]*viper.Viper
+}

-	err = os.Mkdir("/etc/certman/domains", 0644)
-	if err != nil {
-		if !os.IsExist(err) {
-			fmt.Println("Unable to create config directory")
-			os.Exit(1)
-		}
-	}
-
-	err = os.Mkdir("/var/local/certman", 0640)
-	if err != nil {
-		if !os.IsExist(err) {
-			fmt.Printf("Unable to create certman directory: %v\n", err)
-			os.Exit(1)
-		}
+func NewDomainConfigStore() *DomainConfigStore {
+	return &DomainConfigStore{
+		configs: make(map[string]*viper.Viper),
 	}
 }

-func createNewDomainConfig(domain string) {
-	key, err := GenerateKey()
-	if err != nil {
-		log.Fatalf("Unable to generate key: %v\n", err)
-	}
-	data := []byte(strings.ReplaceAll(strings.ReplaceAll(defaultDomainConfig, "{domain}", domain), "{key}", key))
-	createFile("/etc/certman/domains/"+domain+".conf", 0640, data)
+func (s *DomainConfigStore) Get(domain string) (*viper.Viper, bool) {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	v, ok := s.configs[domain]
+	return v, ok
 }

-func createNewDomainCertsDir(domain string, dir string) {
-	var err error
-	if dir == "/opt/certs/example.com" {
-		err = os.MkdirAll("/var/local/certman/certificates/"+domain, 0640)
-	} else {
-		if strings.HasSuffix(dir, "/") {
-			err = os.MkdirAll(dir+domain, 0640)
-		} else {
-			err = os.Mkdir(dir+"/"+domain, 0640)
-		}
-	}
-	if err != nil {
-		if os.IsExist(err) {
-			fmt.Println("Directory already exists...")
-		} else {
-			log.Fatalf("Error creating certificate directory for %s: %v\n", domain, err)
-		}
-	}
+func (s *DomainConfigStore) Set(domain string, v *viper.Viper) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	s.configs[domain] = v
 }

-func loadDomainConfigs() error {
-	tempDomainConfigs := make(map[string]*ezconf.Configuration)
-	entries, err := os.ReadDir("/etc/certman/domains/")
-	if err != nil {
-		return err
+// Swap atomically replaces the entire config map (used during reload).
+func (s *DomainConfigStore) Swap(newConfigs map[string]*viper.Viper) {
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	s.configs = newConfigs
+}
+
+// Snapshot returns a shallow copy safe to iterate without holding the lock.
+func (s *DomainConfigStore) Snapshot() map[string]*viper.Viper {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	snap := make(map[string]*viper.Viper, len(s.configs))
+	for k, v := range s.configs {
+		snap[k] = v
 	}
+	return snap
+}
+
+// ---------------------------------------------------------------------------
+//  Global state
+// ---------------------------------------------------------------------------
+
+var (
+	config      *viper.Viper
+	domainStore = NewDomainConfigStore()
+)
+
+// ---------------------------------------------------------------------------
+//  Loading
+// ---------------------------------------------------------------------------
+
+// LoadConfig reads the main certman.conf into config.
+func LoadConfig(path string) error {
+	config = viper.New()
+	config.SetConfigFile(path)
+	config.SetConfigType("ini")
+	return config.ReadInConfig()
+}
+
+// LoadDomainConfigs reads every .conf file in the domains directory.
+func LoadDomainConfigs() error {
+	dir := "/etc/certman/domains/"
+	entries, err := os.ReadDir(dir)
+	if err != nil {
+		return fmt.Errorf("reading domain config dir: %w", err)
+	}
+
+	temp := make(map[string]*viper.Viper)

 	for _, entry := range entries {
 		if entry.IsDir() || filepath.Ext(entry.Name()) != ".conf" {
 			continue
 		}

-		domainConf, err := ezconf.LoadConfiguration("/etc/certman/domains/" + entry.Name())
-		if err != nil {
-			return err
-		}
-		domain, err := domainConf.GetAsStringErr("Domain.domain_name")
-		if err != nil {
-			return err
+		path := filepath.Join(dir, entry.Name())
+		v := viper.New()
+		v.SetConfigFile(path)
+		v.SetConfigType("ini")
+
+		if err := v.ReadInConfig(); err != nil {
+			return fmt.Errorf("loading %s: %w", path, err)
 		}

-		if _, exists := tempDomainConfigs[domain]; exists {
-			fmt.Printf("Duplicate domain found in %s, skipping...\n", "/etc/certman/domains/"+entry.Name())
+		domain := v.GetString("domain.domain_name")
+		if domain == "" {
+			return fmt.Errorf("%s: missing domain.domain_name", path)
+		}
+
+		if _, exists := temp[domain]; exists {
+			fmt.Printf("Duplicate domain in %s, skipping...\n", path)
 			continue
 		}
-		tempDomainConfigs[domain] = domainConf
+		temp[domain] = v
 	}
-	mu.Lock()
-	domainConfigs = tempDomainConfigs
-	mu.Unlock()
+
+	domainStore.Swap(temp)
 	return nil
 }

-func saveDomainConfigs() {
-	mu.RLock()
-	localDomainConfigs := make(map[string]*ezconf.Configuration, len(domainConfigs))
-	for k, v := range domainConfigs {
-		localDomainConfigs[k] = v
-	}
-	mu.RUnlock()
+// ---------------------------------------------------------------------------
+//  Saving
+// ---------------------------------------------------------------------------

-	for domainStr, domainConfig := range localDomainConfigs {
-		err := domainConfig.Save()
-		if err != nil {
-			fmt.Printf("Error saving domain config %s: %v\n", domainStr, err)
-			continue
+// SaveDomainConfigs writes every loaded domain config back to disk.
+func SaveDomainConfigs() {
+	for domain, v := range domainStore.Snapshot() {
+		if err := v.WriteConfig(); err != nil {
+			fmt.Printf("Error saving domain config %s: %v\n", domain, err)
 		}
 	}
 }

-func getDomainConfig(domain string) (*ezconf.Configuration, bool) {
-	mu.RLock()
-	defer mu.RUnlock()
-	funcDomainConfig, exists := domainConfigs[domain]
-	return funcDomainConfig, exists
-}
+// ---------------------------------------------------------------------------
+//  Effective lookups (domain → global fallback)
+// ---------------------------------------------------------------------------

-func getEffectiveKey(domainConfig *ezconf.Configuration, path string) *ini.Key {
-	key, err := getEffectiveKeyErr(domainConfig, path)
-	if err != nil {
-		if errors.Is(err, BlankConfigEntry) {
-			return &ini.Key{}
-		}
-		fmt.Printf("Error getting value for %s: %v\n", path, err)
-		return nil
-	}
-	return key
-}
-
-func getEffectiveKeyErr(domainConfig *ezconf.Configuration, path string) (*ini.Key, error) {
-	if domainConfig != nil {
-		if key, err := domainConfig.GetKey(path); err == nil && key != nil {
-			if strings.TrimSpace(key.String()) != "" {
-				return key, nil
-			}
+// EffectiveString looks up a key in the domain config first, falling back to
+// the global config. Keys use dot notation matching INI sections, e.g.
+// "certificates.data_root".
+func EffectiveString(domainCfg *viper.Viper, key string) (string, error) {
+	if domainCfg != nil {
+		val := strings.TrimSpace(domainCfg.GetString(key))
+		if val != "" {
+			return val, nil
 		}
 	}

-	key, err := config.GetKey(path)
-	if err != nil {
-		fmt.Printf("Error getting key for %s: %v\n", path, err)
-		return nil, err
-	}
-	if strings.TrimSpace(key.String()) == "" {
-		return nil, BlankConfigEntry
+	if config == nil {
+		return "", ErrConfigNotFound
 	}

-	return key, nil
+	val := strings.TrimSpace(config.GetString(key))
+	if val == "" {
+		return "", ErrBlankConfigEntry
+	}
+	return val, nil
 }

-func getEffectiveString(domainCfg *ezconf.Configuration, path string) (string, error) {
-	k, err := getEffectiveKeyErr(domainCfg, path)
+// MustEffectiveString is like EffectiveString but logs a fatal error on failure.
+func MustEffectiveString(domainCfg *viper.Viper, key string) string {
+	val, err := EffectiveString(domainCfg, key)
 	if err != nil {
-		return "", err
+		log.Fatalf("Config key %q: %v", key, err)
 	}
-	return strings.TrimSpace(k.String()), nil
+	return val
 }

+// EffectiveInt returns an int with domain → global fallback. Returns the
+// fallback value if the key is missing or zero in both configs.
+func EffectiveInt(domainCfg *viper.Viper, key string, fallback int) int {
+	if domainCfg != nil {
+		if val := domainCfg.GetInt(key); val != 0 {
+			return val
+		}
+	}
+	if config != nil {
+		if val := config.GetInt(key); val != 0 {
+			return val
+		}
+	}
+	return fallback
+}
+
+// EffectiveBool returns a bool with domain → global fallback.
+func EffectiveBool(domainCfg *viper.Viper, key string) bool {
+	if domainCfg != nil && domainCfg.IsSet(key) {
+		return domainCfg.GetBool(key)
+	}
+	if config != nil {
+		return config.GetBool(key)
+	}
+	return false
+}
+
+// ---------------------------------------------------------------------------
+//  Directory bootstrapping
+// ---------------------------------------------------------------------------
+
+func makeDirs() {
+	dirs := []struct {
+		path string
+		perm os.FileMode
+	}{
+		{"/etc/certman", 0755},
+		{"/etc/certman/domains", 0755},
+		{"/var/local/certman", 0750},
+	}
+
+	for _, d := range dirs {
+		if err := os.MkdirAll(d.path, d.perm); err != nil {
+			log.Fatalf("Unable to create directory %s: %v", d.path, err)
+		}
+	}
+}
+
+func createNewConfig(mode string) {
+	content := strings.NewReplacer("{mode}", mode).Replace(defaultConfig)
+	createFile("/etc/certman/certman.conf", 640, []byte(content))
+}
+
+func createNewDomainConfig(domain string) error {
+	key, err := GenerateKey()
+	if err != nil {
+		return fmt.Errorf("unable to generate key: %v", err)
+	}
+
+	content := strings.NewReplacer(
+		"{domain}", domain,
+		"{key}", key,
+	).Replace(defaultDomainConfig)
+
+	path := filepath.Join("/etc/certman/domains", domain+".conf")
+	createFile(path, 0640, []byte(content))
+	return nil
+}
+
+func createNewDomainCertsDir(domain string, dir string, dirOverride bool) {
+	var target string
+	if dirOverride {
+		target = filepath.Join(dir, domain)
+	} else {
+		target = filepath.Join("/var/local/certman/certificates", domain)
+	}
+
+	if err := os.MkdirAll(target, 0750); err != nil {
+		if os.IsExist(err) {
+			fmt.Println("Directory already exists...")
+			return
+		}
+		log.Fatalf("Error creating certificate directory for %s: %v", domain, err)
+	}
+}
+
+// ---------------------------------------------------------------------------
+//  Default config templates
+// ---------------------------------------------------------------------------
+
 const defaultConfig = `[App]
 mode = {mode}
+tick_rate = 2

 [Git]
 host = gitea
@@ -197,7 +282,6 @@ cf_api_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxx
 const defaultDomainConfig = `[Domain]
 domain_name = {domain}
 enabled = true
-; default (use system dns) or IPv4 Address (1.1.1.1)
 dns_server = default


@@ -217,9 +301,10 @@ crypto_key = {key}
 repo_suffix = -certificates


-; Don't change setting below here unless you know what you're doing!
 [Internal]
 last_issued = 0
 repo_exists = false
 status = clean
 `
+
+const readme = ``