Skip to content
Snippets Groups Projects
Commit 3c86c57b authored by Florent Gluck's avatar Florent Gluck
Browse files

Installation doc wasn't always accurate.

Had forgotten to modify help in Makefile to match the latest changes.
Updated nexush and nexus-cli code to exit with an information msg when there was no embedded certificate and when NEXUS_CERT wasn't defined.
parent 3a51f343
No related branches found
No related tags found
No related merge requests found
......@@ -226,13 +226,14 @@ help_client:
@echo "┌──────────────────────────────────────────────────────────────────────────────┐"
@echo "│ BUILD nexus clients (in $(BUILD_DIR_CLIENT) directory) │"
@echo "└──────────────────────────────────────────────────────────────────────────────┘"
@echo " build_nexush Build nexush; require CERT and SERVER variables"
@echo " build_nexus-cli Build nexus-cli; require CERT and SERVER variables"
@echo " build_nexus-exam Build nexus-exam; require CERT and SERVER_IP variables"
@echo " build_nexush Build nexush; require the SERVER variable and optionally"
@echo " CERT (see below)"
@echo " build_nexus-cli Build nexus-cli; same as above"
@echo " build_nexus-exam Build nexus-exam; require the SERVER_IP variable"
@echo " xbuild_client Cross-build $(BIN) for Linux, Windows, Darwin (OSX)"
@echo " Require BIN variable which specifies which binary to"
@echo " Require the BIN variable which specifies which binary to"
@echo " cross-build: nexush or nexus-cli"
@echo " Require CERT and SERVER variables (see below)"
@echo " Require SERVER and optionally CERT (see below)"
@echo " clean_client Delete $(BUILD_DIR_CLIENT) directory (generated binaries)"
@echo ""
@echo "┌──────────────────────────────────────────────────────────────────────────────┐"
......@@ -240,7 +241,7 @@ help_client:
@echo "└──────────────────────────────────────────────────────────────────────────────┘"
@echo " run_nexush Run nexush; require LOGIN variable"
@echo " Example: make run_nexush LOGIN=janedoe@nexus.org"
@echo " run_nexus-exam Run nexus-exam; require CERT and SERVER_IP variables."
@echo " run_nexus-exam Run nexus-exam; require CERT and SERVER_IP variables"
@echo ""
@echo "┌──────────────────────────────────────────────────────────────────────────────┐"
@echo "│ VALIDATION tests │"
......@@ -260,7 +261,7 @@ copy_resources_client: check_prefix_var
ifdef CERT
@cp $(CERT)/$(CA_CERT_FILE) $(RESOURCES_DIR_CLIENT)
else
@echo "" > $(RESOURCES_DIR_CLIENT)/$(CA_CERT_FILE)
@echo -n "" > $(RESOURCES_DIR_CLIENT)/$(CA_CERT_FILE)
endif
xbuild_client: check_bin_var check_server_var copy_resources_client $(SRC_CLIENT)/nexush $(SRC_CLIENT)/nexus-cli
......
......@@ -225,7 +225,7 @@ build/
## Specifically building for Linux/amd64
In term of environment variables, this case is identical to [Building nexush and nexus-cli](#building-nexush-and-nexus-cli)
For this specific case, only `SERVER` and `CERT` environment variables are used, in a similar way to what is described in [Building nexush and nexus-cli](#building-nexush-and-nexus-cli).
To only build nexush for Linux/amd64:
```sh
......@@ -263,7 +263,7 @@ For now, the only supported combination of OS and architecture for nexus-exam is
make build_nexus-exam SERVER_IP=10.0.2.15
```
Running nexus-exam requires the `CERT` environment variable. It specifies the directory where resides the public certificate `ca-cert.pem` (typically `nexus-server/certs/`).
Running nexus-exam requires the `CERT` environment variable. It specifies the directory where the public certificate `ca-cert.pem` resides (typically in `nexus-server/certs/`).
To run it:
```sh
......
......@@ -15,6 +15,10 @@ var (
)
func CreateCert() (string, error) {
// No embedded certificate
if nexusPubCert == "" {
return "", nil
} else {
f, err := os.CreateTemp("", "nexus-client-")
if err != nil {
return "", err
......@@ -25,3 +29,4 @@ func CreateCert() (string, error) {
defer f.Close()
return f.Name(), nil
}
}
\ No newline at end of file
......@@ -4,8 +4,6 @@ import (
"os"
"path"
"strings"
"syscall"
"os/signal"
"nexus-common/utils"
u "nexus-client/utils"
g "nexus-client/globals"
......@@ -92,41 +90,34 @@ func run() int {
var err error
certEnvVar, found := os.LookupEnv(g.ENV_NEXUS_CERT)
certPath, found := os.LookupEnv(g.ENV_NEXUS_CERT)
if !found {
certEnvVar, err = defaults.CreateCert()
certPath, err = defaults.CreateCert()
if err != nil {
u.PrintlnErr("Failed creating certificate from embedded certificate: ")
return 1
}
defer os.Remove(certEnvVar)
// No embedded certificate, exit with a information message.
if certPath == "" {
u.PrintlnErr("Environment variable \""+g.ENV_NEXUS_CERT+"\" must be set!")
u.PrintlnErr("It specifies the path to the public certificate required for encrypted communications (TLS) with the nexus server.")
u.PrintlnErr("Example: export "+g.ENV_NEXUS_CERT+"=ca-cert.pem")
return 1
}
defer os.Remove(certPath)
// This thread acts as a signal handler for SIGINT or SIGTERM.
// When one of these signals is received, the temporary certificate file is deleted.
// Without this "handler", the temporary certificate file wouldn't be deleted.
go func(certFile string) {
// Wait on dedicated signals.
sigs := make(chan os.Signal, 1)
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
for {
sig := <-sigs // blocks on any of the above signals.
u.Println("Caught signal ("+sig.String()+")")
break;
}
u.WaitForSignals()
os.Remove(certFile)
os.Exit(1)
}(certEnvVar)
// u.PrintlnErr("Environment variable \""+g.ENV_NEXUS_CERT+"\" must be set!")
// u.PrintlnErr("It specifies the path to the public certificate required for encrypted communications (TLS) with the nexus server.")
// u.PrintlnErr("Example: export "+g.ENV_NEXUS_CERT+"=ca-cert.pem")
// return 1
}(certPath)
}
if !utils.FileExists(certEnvVar) {
u.PrintlnErr("Failed reading certificate \""+certEnvVar+"\"!")
if !utils.FileExists(certPath) {
u.PrintlnErr("Failed reading certificate \""+certPath+"\"!")
return 1
}
......@@ -134,10 +125,10 @@ func run() int {
hostname := parts[0]
client := resty.New()
client.SetRootCertificate(certEnvVar)
client.SetRootCertificate(certPath)
host := "https://"+serverEnvVar
g.Init(hostname, host, certEnvVar, client)
g.Init(hostname, host, certPath, client)
// Checks the client version is compatible with the server's API.
if !cmdVersion.CheckServerCompatibility(appname) {
......
......@@ -8,7 +8,6 @@ import (
"errors"
"strings"
"syscall"
"os/signal"
"golang.org/x/term"
u "nexus-client/utils"
"nexus-common/utils"
......@@ -100,42 +99,44 @@ func run() int {
savedTermState, _ = term.GetState(int(os.Stdin.Fd()))
var err error // necessary for certEnvVar below to be ref as the same variable
var err error // necessary for certPath below to be ref as the same variable
certEnvVar, found := os.LookupEnv(g.ENV_NEXUS_CERT)
if found {
// This thread acts as a signal handler for SIGINT or SIGTERM.
// When one of these signals is received, the temporary certificate file is deleted.
// Without this "handler", the temporary certificate file wouldn't be deleted.
go func() {
waitForSignals()
restoreTerm()
os.Exit(1)
}()
} else {
certEnvVar, err = defaults.CreateCert()
certPath, found := os.LookupEnv(g.ENV_NEXUS_CERT)
if !found {
certPath, err = defaults.CreateCert()
if err != nil {
u.PrintlnErr("Failed creating certificate from embedded certificate: ")
return 1
}
defer os.Remove(certEnvVar)
// No embedded certificate, exit with a information message.
if certPath == "" {
u.PrintlnErr("Environment variable \""+g.ENV_NEXUS_CERT+"\" must be set!")
u.PrintlnErr("It specifies the path to the public certificate required for encrypted communications (TLS) with the nexus server.")
u.PrintlnErr("Example: export "+g.ENV_NEXUS_CERT+"=ca-cert.pem")
return 1
}
defer os.Remove(certPath)
// As above, this thread acts as a signal handler for SIGINT or SIGTERM.
// This thread acts as a signal handler for SIGINT or SIGTERM.
// When one of these signals is received, the temporary certificate file is deleted.
// Without this "handler", the temporary certificate file wouldn't be deleted.
go func(certFile string) {
waitForSignals()
u.WaitForSignals()
os.Remove(certFile)
restoreTerm()
os.Exit(1)
}(certEnvVar)
// u.PrintlnErr("Environment variable \""+g.ENV_NEXUS_CERT+"\" must be set!")
// u.PrintlnErr("It specifies the path to the public certificate required for encrypted communications (TLS) with the nexus server.")
// u.PrintlnErr("Example: export "+g.ENV_NEXUS_CERT+"=ca-cert.pem")
// return 1
}(certPath)
} else {
// As above, this thread acts as a signal handler for SIGINT or SIGTERM.
go func() {
u.WaitForSignals()
restoreTerm()
os.Exit(1)
}()
}
if !utils.FileExists(certEnvVar) {
u.PrintlnErr("Failed reading certificate \""+certEnvVar+"\"!")
if !utils.FileExists(certPath) {
u.PrintlnErr("Failed reading certificate \""+certPath+"\"!")
return 1
}
......@@ -143,10 +144,10 @@ func run() int {
hostname := parts[0]
client := resty.New()
client.SetRootCertificate(certEnvVar)
client.SetRootCertificate(certPath)
host := "https://"+serverEnvVar
g.Init(hostname, host, certEnvVar, client)
g.Init(hostname, host, certPath, client)
// Checks the client version is compatible with the server's API.
if !cmdVersion.CheckServerCompatibility(appname) {
......@@ -261,18 +262,6 @@ Type: "help" for help on commands
restoreTerm()
}
func waitForSignals() {
// Wait on dedicated signals.
sigs := make(chan os.Signal, 1)
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
for {
sig := <-sigs // blocks on any of the above signals.
u.Println("Caught signal ("+sig.String()+")")
break;
}
}
func restoreTerm() {
if prompt != nil {
prompt.Close()
......
......@@ -2,12 +2,14 @@ package utils
import (
"os"
"io"
"io/ioutil"
"fmt"
"io/fs"
"bytes"
"errors"
"io"
"io/fs"
"io/ioutil"
"os/signal"
"syscall"
"strings"
"net/mail"
"archive/tar"
......@@ -142,3 +144,15 @@ func AppendNewLine(s string) string {
newLine = fmt.Sprintln(newLine, "")
return s+newLine
}
// Wait on dedicated signals
func WaitForSignals() {
sigs := make(chan os.Signal, 1)
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGHUP)
for {
sig := <-sigs // blocks on any of the above signals.
Println("Caught signal ("+sig.String()+")")
break;
}
}
......@@ -7,7 +7,7 @@ import (
const (
major = 1
minor = 10
bugfix = 0
bugfix = 1
)
var version params.Version = params.NewVersion(major, minor, bugfix)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment