From c5e76f303aa9c98120d4bfde3dd13890cb5d2472 Mon Sep 17 00:00:00 2001 From: Nicola Murino Date: Sun, 20 Apr 2025 18:48:19 +0200 Subject: [PATCH] commands: initialize plugins if we have a KMS this is necessary to be able to read KMS secrets stored within the data provider Signed-off-by: Nicola Murino --- internal/cmd/acme.go | 10 ++++++++ internal/cmd/initprovider.go | 10 ++++++++ internal/cmd/resetpwd.go | 10 ++++++++ internal/cmd/revertprovider.go | 16 +++++++++++++ internal/cmd/signals_unix.go | 41 +++++++++++++++++++++++++++++++++ internal/cmd/signals_windows.go | 36 +++++++++++++++++++++++++++++ internal/config/config.go | 11 +++++++++ internal/config/config_test.go | 12 ++++++++++ 8 files changed, 146 insertions(+) create mode 100644 internal/cmd/signals_unix.go create mode 100644 internal/cmd/signals_windows.go diff --git a/internal/cmd/acme.go b/internal/cmd/acme.go index bce51598..e98cf515 100644 --- a/internal/cmd/acme.go +++ b/internal/cmd/acme.go @@ -24,6 +24,7 @@ import ( "github.com/drakkan/sftpgo/v2/internal/config" "github.com/drakkan/sftpgo/v2/internal/dataprovider" "github.com/drakkan/sftpgo/v2/internal/logger" + "github.com/drakkan/sftpgo/v2/internal/plugin" "github.com/drakkan/sftpgo/v2/internal/util" ) @@ -56,6 +57,15 @@ renewed by the SFTPGo service logger.ErrorToConsole("unable to initialize KMS: %v", err) os.Exit(1) } + if config.HasKMSPlugin() { + if err := plugin.Initialize(config.GetPluginsConfig(), "debug"); err != nil { + logger.ErrorToConsole("unable to initialize plugin system: %v", err) + os.Exit(1) + } + registerSignals() + defer plugin.Handler.Cleanup() + } + mfaConfig := config.GetMFAConfig() err = mfaConfig.Initialize() if err != nil { diff --git a/internal/cmd/initprovider.go b/internal/cmd/initprovider.go index f5620a5e..f019ee92 100644 --- a/internal/cmd/initprovider.go +++ b/internal/cmd/initprovider.go @@ -24,6 +24,7 @@ import ( "github.com/drakkan/sftpgo/v2/internal/config" "github.com/drakkan/sftpgo/v2/internal/dataprovider" "github.com/drakkan/sftpgo/v2/internal/logger" + "github.com/drakkan/sftpgo/v2/internal/plugin" "github.com/drakkan/sftpgo/v2/internal/service" "github.com/drakkan/sftpgo/v2/internal/util" ) @@ -65,6 +66,15 @@ Please take a look at the usage below to customize the options.`, logger.ErrorToConsole("Unable to initialize KMS: %v", err) os.Exit(1) } + if config.HasKMSPlugin() { + if err := plugin.Initialize(config.GetPluginsConfig(), "debug"); err != nil { + logger.ErrorToConsole("unable to initialize plugin system: %v", err) + os.Exit(1) + } + registerSignals() + defer plugin.Handler.Cleanup() + } + mfaConfig := config.GetMFAConfig() err = mfaConfig.Initialize() if err != nil { diff --git a/internal/cmd/resetpwd.go b/internal/cmd/resetpwd.go index fec8c4ea..eb009e31 100644 --- a/internal/cmd/resetpwd.go +++ b/internal/cmd/resetpwd.go @@ -27,6 +27,7 @@ import ( "github.com/drakkan/sftpgo/v2/internal/config" "github.com/drakkan/sftpgo/v2/internal/dataprovider" "github.com/drakkan/sftpgo/v2/internal/logger" + "github.com/drakkan/sftpgo/v2/internal/plugin" "github.com/drakkan/sftpgo/v2/internal/util" ) @@ -58,6 +59,15 @@ Please take a look at the usage below to customize the options.`, logger.ErrorToConsole("unable to initialize KMS: %v", err) os.Exit(1) } + if config.HasKMSPlugin() { + if err := plugin.Initialize(config.GetPluginsConfig(), "debug"); err != nil { + logger.ErrorToConsole("unable to initialize plugin system: %v", err) + os.Exit(1) + } + registerSignals() + defer plugin.Handler.Cleanup() + } + mfaConfig := config.GetMFAConfig() err = mfaConfig.Initialize() if err != nil { diff --git a/internal/cmd/revertprovider.go b/internal/cmd/revertprovider.go index f28fc8a3..10f0ca2f 100644 --- a/internal/cmd/revertprovider.go +++ b/internal/cmd/revertprovider.go @@ -24,6 +24,7 @@ import ( "github.com/drakkan/sftpgo/v2/internal/config" "github.com/drakkan/sftpgo/v2/internal/dataprovider" "github.com/drakkan/sftpgo/v2/internal/logger" + "github.com/drakkan/sftpgo/v2/internal/plugin" "github.com/drakkan/sftpgo/v2/internal/util" ) @@ -56,6 +57,21 @@ Please take a look at the usage below to customize the options.`, logger.ErrorToConsole("unable to initialize KMS: %v", err) os.Exit(1) } + if config.HasKMSPlugin() { + if err := plugin.Initialize(config.GetPluginsConfig(), "debug"); err != nil { + logger.ErrorToConsole("unable to initialize plugin system: %v", err) + os.Exit(1) + } + registerSignals() + defer plugin.Handler.Cleanup() + } + + mfaConfig := config.GetMFAConfig() + err = mfaConfig.Initialize() + if err != nil { + logger.ErrorToConsole("Unable to initialize MFA: %v", err) + os.Exit(1) + } providerConf := config.GetProviderConf() logger.InfoToConsole("Reverting provider: %q config file: %q target version %d", providerConf.Driver, viper.ConfigFileUsed(), revertProviderTargetVersion) diff --git a/internal/cmd/signals_unix.go b/internal/cmd/signals_unix.go new file mode 100644 index 00000000..91849b9a --- /dev/null +++ b/internal/cmd/signals_unix.go @@ -0,0 +1,41 @@ +// Copyright (C) 2025 Nicola Murino +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published +// by the Free Software Foundation, version 3. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +//go:build !windows + +package cmd + +import ( + "os" + "os/signal" + "syscall" + + "github.com/drakkan/sftpgo/v2/internal/logger" + "github.com/drakkan/sftpgo/v2/internal/plugin" +) + +func registerSignals() { + c := make(chan os.Signal, 1) + signal.Notify(c, syscall.SIGINT, syscall.SIGTERM) + go func() { + for sig := range c { + switch sig { + case syscall.SIGINT, syscall.SIGTERM: + logger.DebugToConsole("Received interrupt request") + plugin.Handler.Cleanup() + os.Exit(0) + } + } + }() +} diff --git a/internal/cmd/signals_windows.go b/internal/cmd/signals_windows.go new file mode 100644 index 00000000..3ea1e6ff --- /dev/null +++ b/internal/cmd/signals_windows.go @@ -0,0 +1,36 @@ +// Copyright (C) 2025 Nicola Murino +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published +// by the Free Software Foundation, version 3. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . + +package cmd + +import ( + "os" + "os/signal" + + "github.com/drakkan/sftpgo/v2/internal/logger" + "github.com/drakkan/sftpgo/v2/internal/plugin" +) + +func registerSignals() { + c := make(chan os.Signal, 1) + signal.Notify(c, os.Interrupt) + + go func() { + for range c { + logger.DebugToConsole("Received interrupt request") + plugin.Handler.Cleanup() + os.Exit(0) + } + }() +} diff --git a/internal/config/config.go b/internal/config/config.go index f3a3237c..5431d5a4 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -24,6 +24,7 @@ import ( "strconv" "strings" + kmsplugin "github.com/sftpgo/sdk/plugin/kms" "github.com/spf13/viper" "github.com/subosito/gotenv" @@ -588,6 +589,16 @@ func SetPluginsConfig(config []plugin.Config) { globalConf.PluginsConfig = config } +// HasKMSPlugin returns true if at least one KMS plugin is configured. +func HasKMSPlugin() bool { + for _, c := range globalConf.PluginsConfig { + if c.Type == kmsplugin.PluginName { + return true + } + } + return false +} + // GetMFAConfig returns multi-factor authentication config func GetMFAConfig() mfa.Config { return globalConf.MFAConfig diff --git a/internal/config/config_test.go b/internal/config/config_test.go index f908953d..094a467a 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -343,6 +343,18 @@ func TestSetGetConfig(t *testing.T) { if assert.Len(t, config.GetPluginsConfig(), 1) { assert.Equal(t, pluginConf[0].Type, config.GetPluginsConfig()[0].Type) } + assert.False(t, config.HasKMSPlugin()) + pluginConf = []plugin.Config{ + { + Type: "notifier", + }, + { + Type: "kms", + }, + } + config.SetPluginsConfig(pluginConf) + assert.Len(t, config.GetPluginsConfig(), 2) + assert.True(t, config.HasKMSPlugin()) } func TestServiceToStart(t *testing.T) {