letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Factor out DBConfig

This commit is contained in:
Jacob Hoffman-Andrews 2015-11-20 22:17:17 -08:00
parent 5dd212dd47
commit 0a276a2c53
3 changed files with 39 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
cmd/config.go
View File

@ -66,8 +66,7 @@ type Config struct {
SA struct { SA struct {
ServiceConfig ServiceConfig
DBConfig
DBConnect ConfigSecret
MaxConcurrentRPCServerRequests int64 MaxConcurrentRPCServerRequests int64
} }
@ -93,7 +92,7 @@ type Config struct {
Syslog SyslogConfig Syslog SyslogConfig
Revoker struct { Revoker struct {
DBConnect string DBConfig
// The revoker isn't a long running service, so doesn't get a full // The revoker isn't a long running service, so doesn't get a full
// ServiceConfig, just an AMQPConfig. // ServiceConfig, just an AMQPConfig.
AMQP *AMQPConfig AMQP *AMQPConfig
@ -101,14 +100,13 @@ type Config struct {
Mailer struct { Mailer struct {
ServiceConfig ServiceConfig
DBConfig
Server string Server string
Port string Port string
Username string Username string
Password string Password string
DBConnect string
CertLimit int CertLimit int
NagTimes []string NagTimes []string
// How much earlier (than configured nag intervals) to // How much earlier (than configured nag intervals) to
@ -121,10 +119,12 @@ type Config struct {
OCSPResponder struct { OCSPResponder struct {
ServiceConfig ServiceConfig
DBConfig
// Source indicates the source of pre-signed OCSP responses to be used. It // Source indicates the source of pre-signed OCSP responses to be used. It
// can be a DBConnect string or a file URL. The file URL style is used // can be a DBConnect string or a file URL. The file URL style is used
// when responding from a static file for intermediates and roots. // when responding from a static file for intermediates and roots.
// If DBConfig has non-empty fields, it takes precedence over this.
Source string Source string
Path string Path string
@ -166,9 +166,10 @@ type Config struct {
} }
CertChecker struct { CertChecker struct {
DBConfig
Workers int Workers int
ReportDirectoryPath string ReportDirectoryPath string
DBConnect string
} }
SubscriberAgreementURL string SubscriberAgreementURL string
@ -182,10 +183,19 @@ type ServiceConfig struct {
AMQP *AMQPConfig AMQP *AMQPConfig
} }
type DBConfig struct {
DBConnect string
// A file containing a connect URL for the DB.
DBConnectFile string
}
// AMQPConfig describes how to connect to AMQP, and how to speak to each of the // AMQPConfig describes how to connect to AMQP, and how to speak to each of the
// RPC services we offer via AMQP. // RPC services we offer via AMQP.
type AMQPConfig struct { type AMQPConfig struct {
Server ConfigSecret // A file containing a connect URL for the server.
ServerURLFile string
Server string
Insecure bool Insecure bool
RA *RPCServerConfig RA *RPCServerConfig
VA *RPCServerConfig VA *RPCServerConfig
@ -207,10 +217,10 @@ type AMQPConfig struct {
// issued certificates. // issued certificates.
type CAConfig struct { type CAConfig struct {
ServiceConfig ServiceConfig
DBConfig
Profile string Profile string
TestMode bool TestMode bool
DBConnect string
SerialPrefix int SerialPrefix int
Key KeyConfig Key KeyConfig
// LifespanOCSP is how long OCSP responses are valid for; It should be longer // LifespanOCSP is how long OCSP responses are valid for; It should be longer
@ -232,7 +242,7 @@ type CAConfig struct {
// database, what policies it should enforce, and what challenges // database, what policies it should enforce, and what challenges
// it should offer. // it should offer.
type PAConfig struct { type PAConfig struct {
DBConnect string DBConfig
EnforcePolicyWhitelist bool EnforcePolicyWhitelist bool
Challenges map[string]bool Challenges map[string]bool
} }
@ -295,7 +305,7 @@ type RPCServerConfig struct {
// for the OCSP (and SCT) updater // for the OCSP (and SCT) updater
type OCSPUpdaterConfig struct { type OCSPUpdaterConfig struct {
ServiceConfig ServiceConfig
DBConnect string DBConfig
NewCertificateWindow ConfigDuration NewCertificateWindow ConfigDuration
OldOCSPWindow ConfigDuration OldOCSPWindow ConfigDuration

12
sa/database.go
View File

@ -14,10 +14,22 @@ import (
// Provide access to the MySQL driver // Provide access to the MySQL driver
_ "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/go-sql-driver/mysql" _ "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/go-sql-driver/mysql"
gorp "github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1" gorp "github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1"
"github.com/letsencrypt/boulder/cmd"
"github.com/letsencrypt/boulder/core" "github.com/letsencrypt/boulder/core"
blog "github.com/letsencrypt/boulder/log" blog "github.com/letsencrypt/boulder/log"
) )
func NewDbMapFromConfig(c cmd.DBConfig) (*gorp.DbMap, error) {
if c.DBConnectFile != "" {
url, err := ioutil.ReadFile(c.DBConnectFile)
if err != nil {
return nil, err
}
return NewDbMap(url)
}
return NewDbMap(c.DBConnect)
}
// NewDbMap creates the root gorp mapping object. Create one of these for each // NewDbMap creates the root gorp mapping object. Create one of these for each
// database schema you wish to map. Each DbMap contains a list of mapped tables. // database schema you wish to map. Each DbMap contains a list of mapped tables.
// It automatically maps the tables for the primary parts of Boulder around the // It automatically maps the tables for the primary parts of Boulder around the

14
test/boulder-config.json
View File

@ -21,7 +21,7 @@
"shutdownKillTimeout": "1m", "shutdownKillTimeout": "1m",
"debugAddr": "localhost:8000", "debugAddr": "localhost:8000",
"amqp": { "amqp": {
"server": "secret:test/secrets/amqp", "serverURLFile": "test/secrets/amqp",
"insecure": true, "insecure": true,
"RA": { "RA": {
"server": "RA.server", "server": "RA.server",
@ -111,7 +111,7 @@
}, },
"pa": { "pa": {
"dbConnect": "secret:test/secrets/pa_dburl", "dbConnectFile": "test/secrets/pa_dburl",
"challenges": { "challenges": {
"simpleHttp": true, "simpleHttp": true,
"dvsni": true, "dvsni": true,
@ -147,7 +147,7 @@
}, },
"sa": { "sa": {
"dbConnect": "secret:test/secrets/sa_dburl", "dbConnectFile": "test/secrets/sa_dburl",
"maxConcurrentRPCServerRequests": 16, "maxConcurrentRPCServerRequests": 16,
"debugAddr": "localhost:8003", "debugAddr": "localhost:8003",
"amqp": { "amqp": {
@ -182,7 +182,7 @@
}, },
"revoker": { "revoker": {
"dbConnect": "secret:test/secrets/revoker_dburl", "dbConnectFile": "test/secrets/revoker_dburl",
"amqp": { "amqp": {
"server": "secret:test/secrets/amqp", "server": "secret:test/secrets/amqp",
"insecure": true, "insecure": true,
@ -208,7 +208,7 @@
}, },
"ocspUpdater": { "ocspUpdater": {
"dbConnect": "secret:test/secrets/ocsp_updater_dburl", "dbConnectFile": "test/secrets/ocsp_updater_dburl",
"newCertificateWindow": "1s", "newCertificateWindow": "1s",
"oldOCSPWindow": "2s", "oldOCSPWindow": "2s",
"missingSCTWindow": "1m", "missingSCTWindow": "1m",
@ -253,7 +253,7 @@
"port": "25", "port": "25",
"username": "cert-master@example.com", "username": "cert-master@example.com",
"password": "password", "password": "password",
"dbConnect": "secret:test/secrets/mailer_dburl", "dbConnectFile": "test/secrets/mailer_dburl",
"messageLimit": 0, "messageLimit": 0,
"nagTimes": ["24h", "72h", "168h", "336h"], "nagTimes": ["24h", "72h", "168h", "336h"],
"nagCheckInterval": "24h", "nagCheckInterval": "24h",
@ -295,7 +295,7 @@
}, },
"certChecker": { "certChecker": {
"dbConnect": "secret:test/secrets/cert_checker_dburl" "dbConnectFile": "test/secrets/cert_checker_dburl"
}, },
"subscriberAgreementURL": "http://127.0.0.1:4001/terms/v1" "subscriberAgreementURL": "http://127.0.0.1:4001/terms/v1"