From f5f7a9297b8608a6754a4856b9a4e0ba0899684e Mon Sep 17 00:00:00 2001
From: Philippe Pittoli <karchnu@karchnu.fr>
Date: Thu, 15 Jun 2023 20:14:27 +0200
Subject: [PATCH] dnsmanagerd connects itself to authd at boot

---
 Makefile      | 82 +++++++++++++++++++++++++++++----------------------
 src/config.cr |  2 ++
 src/main.cr   | 36 +++++++++++++++-------
 3 files changed, 75 insertions(+), 45 deletions(-)

diff --git a/Makefile b/Makefile
index 2981556..2fbc7be 100644
--- a/Makefile
+++ b/Makefile
@@ -1,54 +1,66 @@
 all: build
 
-build: build-server build-client
+# For requests where authentication is required.
+LOGIN ?=
+ifeq ($(LOGIN),)
+LOGIN_OPT =
+else
+LOGIN_OPT = -l $(LOGIN)
+endif
 
 # No idea why, but I need that to run applications. Ignore that.
 LD_P ?= LD_PRELOAD=/usr/local/lib/libipc.so.0
 
-DOMAIN ?= example.com
-KEY_FILE ?= /tmp/KEY
-setup:
-	@echo -n "coucou" > $(KEY_FILE)
+####################
+### REQUEST EXAMPLES
+####################
 
+DOMAIN ?= example.com
 zone-file:
 	crystal run ./tools/write-zone-file.cr -- $(DOMAIN)
 
+VERBOSITY ?= 4
+run-client-verbosity:
+	@$(LD_P) ./bin/dnsmanager-client admin maintenance verbosity $(VERBOSITY) $(LOGIN_OPT)
+
+run-client-zone-add:
+	@$(LD_P) ./bin/dnsmanager-client user zone add $(DOMAIN).json $(LOGIN_OPT)
+
+run-client-zone-del:
+	@$(LD_P) ./bin/dnsmanager-client user zone del $(DOMAIN) $(LOGIN_OPT)
+
+RRID ?= 1
+NAME ?=
+TTL ?= 3600
+TARGET ?=
+run-client-rr-add-a:
+	@$(LD_P) ./bin/dnsmanager-client user rr add A $(DOMAIN) $(NAME) $(TTL) $(TARGET) $(LOGIN_OPT)
+run-client-rr-update-a:
+	@$(LD_P) ./bin/dnsmanager-client user rr update A $(DOMAIN) $(RRID) $(NAME) $(TTL) $(TARGET) $(LOGIN_OPT)
+
+run-client-rr-del:
+	@$(LD_P) ./bin/dnsmanager-client user rr del $(DOMAIN) $(RRID) $(LOGIN_OPT)
+
+run-client-zone-get:
+	@$(LD_P) ./bin/dnsmanager-client user zone get $(DOMAIN) $(LOGIN_OPT)
+
+run-client-zone-list:
+	@$(LD_P) ./bin/dnsmanager-client user zone list $(LOGIN_OPT)
+
+##################
+### SETUP COMMANDS
+##################
+
+run-dnsmanagerd:
+	@$(LD_P) ./bin/dnsmanagerd -v $(VERBOSITY) -r /tmp/DATA-dnsmanagerd
+
 build-server:
 	shards build dnsmanagerd
 
 build-client:
 	shards build dnsmanager-client
 
-VERBOSITY ?= 4
-run-client-verbosity:
-	@$(LD_P) ./bin/dnsmanager-client admin maintenance -k $(KEY_FILE) verbosity $(VERBOSITY)
-
-run-client-zone-add:
-	@$(LD_P) ./bin/dnsmanager-client user zone add $(DOMAIN).json
-
-run-client-zone-del:
-	@$(LD_P) ./bin/dnsmanager-client user zone del $(DOMAIN)
-
-RRID ?= 1
-NAME ?=
-TTL ?= 3600
-TARGET ?=
-run-client-rr-add-a:
-	@$(LD_P) ./bin/dnsmanager-client user rr add A $(DOMAIN) $(NAME) $(TTL) $(TARGET)
-run-client-rr-update-a:
-	@$(LD_P) ./bin/dnsmanager-client user rr update A $(DOMAIN) $(RRID) $(NAME) $(TTL) $(TARGET)
-
-run-client-rr-del:
-	@$(LD_P) ./bin/dnsmanager-client user rr del $(DOMAIN) $(RRID)
-
-run-client-zone-get:
-	@$(LD_P) ./bin/dnsmanager-client user zone get $(DOMAIN)
-
-run-client-zone-list:
-	@$(LD_P) ./bin/dnsmanager-client user zone list
-
-run-dnsmanagerd:
-	@$(LD_P) ./bin/dnsmanagerd -v 4 -r /tmp/DATA-dnsmanagerd -k $(KEY_FILE)
+build: build-server build-client
 
 print-messages:
 	cat src/requests/*.cr | ./bin/get-messages.awk
diff --git a/src/config.cr b/src/config.cr
index 6a77d6e..4f32eae 100644
--- a/src/config.cr
+++ b/src/config.cr
@@ -2,6 +2,8 @@
 class Baguette::Configuration
 	class DNSManager < IPC
 		property service_name      : String  = "dnsmanager"
+		property login             : String  = "dnsmanager"
+		property pass              : String?
 		property recreate_indexes  : Bool    = false
 		property storage_directory : String  = "storage"
 
diff --git a/src/main.cr b/src/main.cr
index 63d70a2..a04a107 100644
--- a/src/main.cr
+++ b/src/main.cr
@@ -40,6 +40,16 @@ class DNSManager::Service < IPC
 		# TODO: auth service isn't in the FDs pool.
 		# If the service crashes, dnsmanagerd won't know it.
 		@authd = AuthD::Client.new
+		response = authd.login? @configuration.login, @configuration.pass.not_nil!
+		case response
+		when AuthD::Response::Login
+			uid = response.uid
+			token = response.token
+			Baguette::Log.info "Authenticated as #{@configuration.login} #{uid}, token: #{token}"
+		else
+			@authd.close
+			raise "Cannot authenticate to authd with login #{@configuration.login}: #{response}."
+		end
 
 		self.timer @configuration.ipc_timer
 		self.service_init @configuration.service_name
@@ -147,15 +157,6 @@ def main
 	# First option parsing, same with all Baguette (service) applications.
 	simulation, no_configuration, configuration_file = Baguette::Configuration.option_parser
 
-	# Authd configuration.
-	authd_configuration = if no_configuration
-		Baguette::Log.info "do not load a configuration file."
-		Baguette::Configuration::Auth.new
-	else
-		# Configuration file is for dnsmanagerd.
-		Baguette::Configuration::Auth.get || Baguette::Configuration::Auth.new
-	end
-
 	# DNSManagerd configuration.
 	configuration = if no_configuration
 		Baguette::Log.info "do not load a configuration file."
@@ -184,6 +185,15 @@ def main
 			configuration.storage_directory = storage_directory
 		end
 
+		parser.on "-l login", "--login login", "DNS manager authd login." do |login|
+			Baguette::Log.info "Authd login for dnsmanager: #{login}"
+			configuration.login = login
+		end
+
+		parser.on "-p pass", "--pass pass", "DNS manager authd pass." do |pass|
+			Baguette::Log.info "Authd pass (not echoed)"
+			configuration.pass = pass
+		end
 
 		parser.on "-h", "--help", "Show this help" do
 			puts parser
@@ -192,10 +202,16 @@ def main
 	end
 
 	if simulation
-		pp! authd_configuration, configuration
+		pp! configuration
 		exit 0
 	end
 
+	unless configuration.pass
+		Baguette::Log.error "no pass found"
+		Baguette::Log.error "Should be present in dnsmanager.yml or via command line arguments (-p)"
+		exit 1
+	end
+
 	service = DNSManager::Service.new configuration
 	service.run
 end