diff --git a/cli/flags.go b/cli/flags.go index 33ec6ff7..dc648293 100644 --- a/cli/flags.go +++ b/cli/flags.go @@ -15,24 +15,18 @@ package cli var flags = map[string]string{ - "auth": `Master database authentication details. (Default root:root)`, - "auth-pass": `The master password for the database. Use this as an alternative to the --auth flag.`, - "auth-user": `The master username for the database. Use this as an alternative to the --auth flag.`, - "cert-crt": `Path to the server certificate. Needed in secure mode.`, - "cert-key": `Path to the server private key. Needed in secure mode.`, - "cert-pem": `The PEM encoded certificate and private key data. Use this as an alternative to the --cert-crt and --cert-key flags.`, - "db-base": `Name of the root database key. (Default surreal)`, - "db-path": `Set database file location. (Default surreal.db)`, - "join": `A comma-separated list of addresses to use when a new node is joining an existing cluster. For the first node in a cluster, --join should NOT be specified.`, - "key": `Encryption key to use for intra-cluster communications, and on-disk encryption. For AES-128 encryption use a 16 bit key, for AES-192 encryption use a 24 bit key, and for AES-256 encryption use a 32 bit key.`, - "name": `The name of this node, used for logs and statistics. When not specified this will default to the hostname of the machine.`, - "port-tcp": `The port on which to serve the tcp server. (Default 33693)`, - "port-web": `The port on which to serve the web server. (Default 8000)`, - "signature": `Set the secret key used to digitally sign authentication tokens.`, - "tags": `An ordered, comma-separated list of node attributes. Tags are arbitrary strings specifying topography or machine capabilities. Topography might include datacenter designation (e.g. "us-west-1a", "us-west-1b", "us-east-1c"). Machine capabilities might include specialized hardware or number of cores (e.g. "gpu", "x16c"). The relative geographic proximity of two nodes is inferred from the common prefix of the attributes list, so topographic attributes should be specified first and in the same order for all nodes.`, + "db": `Database configuration path used for storing data. Available baend stores are boltdb, mysql, or pgsql. (default "boltdb://surreal.db").`, + "key": `Encryption key to use for intra-cluster communications, and on-disk encryption. For AES-128 encryption use a 16 bit key, for AES-192 encryption use a 24 bit key, and for AES-256 encryption use a 32 bit key.`, + "join": `A comma-separated list of addresses to use when a new node is joining an existing cluster. For the first node in a cluster, --join should NOT be specified.`, + "zone": `The continent that the server is located within. Possible values are: GL (Global), EU (Europe), AS (Asia), NA (North America), SA (South America), OC (Oceania), AF (Africa). (default "GL")`, } var usage = map[string][]string{ + "db": []string{ + "--db-path boltdb://surreal.db", + "--db-path mysql://user:pass@127.0.0.1:3306/database", + "--db-path pgsql://user:pass@127.0.0.1:5432/database", + }, "join": []string{ "--join 10.0.0.1", "--join 10.0.0.1:33693", @@ -40,12 +34,8 @@ var usage = map[string][]string{ "--join 89.13.7.33:33693,example.com:33693", }, "key": []string{ - "--key 1hg7dbrma8ghe547", - "--key 1hg7dbrma8ghe5473kghvie6", - "--key 1hg7dbrma8ghe5473kghvie64jgi3ph4", - }, - "tags": []string{ - "--tags us-west-1b", - "--tags us-west-1b,gpu", + "--enc 1hg7dbrma8ghe547", + "--enc 1hg7dbrma8ghe5473kghvie6", + "--enc 1hg7dbrma8ghe5473kghvie64jgi3ph4", }, } diff --git a/cli/setup.go b/cli/setup.go index 2c545f6e..6fc0cbb3 100644 --- a/cli/setup.go +++ b/cli/setup.go @@ -41,10 +41,20 @@ func setup() { opts.DB.Path = "boltdb://surreal.db" } - if ok, _ := regexp.MatchString(`^(boltdb|mysql|pgsql):\/\/(.+)$`, opts.DB.Path); !ok { + if opts.DB.Code != "" { + opts.DB.Key = []byte(opts.DB.Code) + } + + if ok, _ := regexp.MatchString(`^(boltdb|mysql|pgsql)://(.+)$`, opts.DB.Path); !ok { log.Fatal("Specify a valid data store configuration path") } + switch len(opts.DB.Key) { + case 0, 16, 24, 32: + default: + log.Fatal("Specify a valid encryption key length. Valid key sizes are 16bit, 24bit, or 32bit.") + } + if strings.HasPrefix(opts.DB.Cert.CA, "-----") { var err error var doc *os.File diff --git a/cli/start.go b/cli/start.go index 8bc54930..f931d5e3 100644 --- a/cli/start.go +++ b/cli/start.go @@ -16,10 +16,12 @@ package cli import ( "fmt" + "os" "github.com/spf13/cobra" "github.com/abcum/surreal/db" + "github.com/abcum/surreal/log" "github.com/abcum/surreal/tcp" "github.com/abcum/surreal/web" ) @@ -35,14 +37,17 @@ var startCmd = &cobra.Command{ RunE: func(cmd *cobra.Command, args []string) (err error) { if err = db.Setup(opts); err != nil { + log.Fatal(err) return } if err = tcp.Setup(opts); err != nil { + log.Fatal(err) return } if err = web.Setup(opts); err != nil { + log.Fatal(err) return } @@ -60,31 +65,29 @@ var startCmd = &cobra.Command{ func init() { - startCmd.PersistentFlags().StringVarP(&opts.Auth.Auth, "auth", "a", "", flag("auth")) - startCmd.PersistentFlags().StringVar(&opts.Auth.User, "auth-user", "", flag("auth-user")) - startCmd.PersistentFlags().StringVar(&opts.Auth.Pass, "auth-pass", "", flag("auth-pass")) + host, _ := os.Hostname() - startCmd.PersistentFlags().StringVarP(&opts.Auth.Auth, "key", "k", "", flag("key")) + startCmd.PersistentFlags().StringVarP(&opts.Auth.Auth, "auth", "a", "root:root", "Master database authentication details.") + startCmd.PersistentFlags().StringVar(&opts.Auth.User, "auth-user", "", "The master username for the database. Use this as an alternative to the --auth flag.") + startCmd.PersistentFlags().StringVar(&opts.Auth.Pass, "auth-pass", "", "The master password for the database. Use this as an alternative to the --auth flag.") - startCmd.PersistentFlags().StringVar(&opts.Cert.Crt, "cert-crt", "", flag("cert-crt")) - startCmd.PersistentFlags().StringVar(&opts.Cert.Key, "cert-key", "", flag("cert-key")) - startCmd.PersistentFlags().StringVar(&opts.Cert.Pem, "cert-pem", "", flag("cert-pem")) + startCmd.PersistentFlags().StringVar(&opts.Cert.Crt, "cert-crt", "", "Path to the server certificate. Needed when running in secure mode.") + startCmd.PersistentFlags().StringVar(&opts.Cert.Key, "cert-key", "", "Path to the server private key. Needed when running in secure mode.") - startCmd.PersistentFlags().StringVar(&opts.DB.Base, "db-base", "", flag("db-base")) - startCmd.PersistentFlags().StringVar(&opts.DB.Path, "db-path", "", flag("db-path")) startCmd.PersistentFlags().StringVar(&opts.DB.Cert.CA, "db-ca", "", "Path to the CA file used to connect to the remote database.") startCmd.PersistentFlags().StringVar(&opts.DB.Cert.Crt, "db-crt", "", "Path to the certificate file used to connect to the remote database.") startCmd.PersistentFlags().StringVar(&opts.DB.Cert.Key, "db-key", "", "Path to the private key file used to connect to the remote database.") - - startCmd.PersistentFlags().IntVar(&opts.Port.Tcp, "port-tcp", 0, flag("port-tcp")) - startCmd.PersistentFlags().IntVar(&opts.Port.Web, "port-web", 0, flag("port-web")) - - startCmd.PersistentFlags().StringVarP(&opts.Node.Name, "name", "n", "", flag("name")) - startCmd.PersistentFlags().StringVarP(&opts.Node.Attr, "tags", "t", "", flag("tags")) + startCmd.PersistentFlags().StringVar(&opts.DB.Path, "db-path", "", flag("db")) startCmd.PersistentFlags().StringVarP(&opts.Cluster.Join, "join", "j", "", flag("join")) - startCmd.PersistentFlags().MarkHidden("auth-user") - startCmd.PersistentFlags().MarkHidden("auth-pass") + startCmd.PersistentFlags().StringVarP(&opts.DB.Code, "key", "k", "", flag("key")) + + startCmd.PersistentFlags().StringVarP(&opts.Node.Name, "name", "n", host, "The name of this node, used for logs and statistics.") + + startCmd.PersistentFlags().IntVar(&opts.Port.Tcp, "port-tcp", 33693, "The port on which to serve the tcp server.") + startCmd.PersistentFlags().IntVar(&opts.Port.Web, "port-web", 8000, "The port on which to serve the web server.") + + startCmd.PersistentFlags().StringVarP(&opts.Cluster.Join, "zone", "z", "", flag("zone")) }