github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Boot minimal app for DB changes (#1305)

Browse Source 
Adds a minimal supervision tree for making DB changes from the
`FzHttp.Release` module. This allows the `bin/create-or-reset-admin` and
`bin/create-api-token` commands to be with `docker compose exec` or
`docker compose run --rm` indiscriminately.

Starting the FzHttp.Repo directly is more involved it's not compiled
into the release as an OTP app.
This commit is contained in:
Jamil
2023-01-13 13:45:18 -08:00
committed by GitHub
parent e2e1dd441b
commit 330cafbbe5
7 changed files with 30 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/fz_http/lib/fz_http/application.ex
View File

@@ -58,4 +58,11 @@ defmodule FzHttp.Application do
FzHttpWeb.Presence
]
end
defp children(:database) do
[
FzHttp.Repo,
FzHttp.Vault
]
end
end

21
apps/fz_http/lib/fz_http/release.ex
View File

@@ -24,10 +24,7 @@ defmodule FzHttp.Release do
end
def create_admin_user do
load_app()
# The whole app needs to be started to run actual DB queries
Application.ensure_all_started(@app)
boot_database_app()
reply =
if Repo.exists?(from u in User, where: u.email == ^email()) do
@@ -48,6 +45,8 @@ defmodule FzHttp.Release do
end
def create_api_token(device \\ :stdio) do
boot_database_app()
device
|> IO.write(default_admin_user() |> mint_jwt())
end
@@ -76,6 +75,10 @@ defmodule FzHttp.Release do
FzHttp.Config.fetch_env!(@app, :admin_email)
end
defp set_supervision_tree_mode(mode) do
Application.put_env(@app, :supervision_tree_mode, mode)
end
defp default_admin_user do
Users.get_by_email(email())
end
@@ -89,6 +92,12 @@ defmodule FzHttp.Release do
secret
end
defp boot_database_app do
load_app()
set_supervision_tree_mode(:database)
start_app()
end
defp load_app do
Application.load(@app)
@@ -97,6 +106,10 @@ defmodule FzHttp.Release do
Application.ensure_all_started(:ssl)
end
defp start_app do
Application.ensure_all_started(@app)
end
defp default_password do
FzHttp.Config.fetch_env!(@app, :default_admin_password)
end

4
docs/docs/administer/troubleshoot.mdx
View File

@@ -145,8 +145,8 @@ to reset the admin user's password. The password for the user specified by
in `$HOME/.firezone/.env` will be reset to the `DEFAULT_ADMIN_PASSWORD` variable.
```shell
cd $HOME/.firezone
docker compose exec firezone bin/create-or-reset-admin
cd $HOME/.firezone
docker compose exec firezone bin/create-or-reset-admin
```
**Note**: If local authentication is disabled, resetting the admin user's

2
docs/docs/deploy/docker/README.mdx
View File

@@ -79,7 +79,7 @@ installation process, follow the steps below to install manually.
Optionally modify other secrets as needed.
1. Create the first admin:
```shell
docker compose exec firezone bin/create-or-reset-admin
docker compose run --rm firezone bin/create-or-reset-admin
```
1. Bring the services up: `docker compose up -d`

2
omnibus/cookbooks/firezone/recipes/create_admin.rb
View File

@@ -21,7 +21,7 @@
include_recipe 'firezone::config'
execute 'create_admin' do
command 'bin/firezone rpc "FzHttp.Release.create_admin_user"'
command 'bin/firezone eval "FzHttp.Release.create_admin_user"'
cwd node['firezone']['app_directory']
environment(Firezone::Config.app_env(node))
user node['firezone']['user']

2
rel/overlays/bin/create-api-token
View File

@@ -1,3 +1,3 @@
#!/bin/sh
cd -P -- "$(dirname -- "$0")"
exec ./firezone rpc FzHttp.Release.create_api_token
exec ./firezone eval FzHttp.Release.create_api_token

2
scripts/install.sh
View File

@@ -161,7 +161,7 @@ firezoneSetup() {
echo "Resetting DB password..."
$dc -f $installDir/docker-compose.yml exec postgres psql -p 5432 -U postgres -d firezone -h 127.0.0.1 -c "ALTER ROLE postgres WITH PASSWORD '${db_pass}'"
echo "Creating admin..."
$dc -f $installDir/docker-compose.yml exec firezone bin/create-or-reset-admin
$dc -f $installDir/docker-compose.yml run --rm firezone bin/create-or-reset-admin
echo "Upping firezone services..."
$dc -f $installDir/docker-compose.yml up -d firezone caddy