jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

sftp: move key generation to sftp code

Browse Source
This commit is contained in:
Girish Ramakrishnan
2021-11-16 21:50:09 -08:00
parent 0f04933dbf
commit 132c1872f4
2 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/sftp.js
+20
View File
@@ -9,6 +9,7 @@ exports = module.exports = {
const apps = require('./apps.js'),
assert = require('assert'),
blobs = require('./blobs.js'),
BoxError = require('./boxerror.js'),
debug = require('debug')('box:sftp'),
docker = require('./docker.js'),
@@ -22,6 +23,23 @@ const apps = require('./apps.js'),
system = require('./system.js'),
volumes = require('./volumes.js');
async function ensureKeys() {
let sftpPrivateKey = await blobs.get(blobs.SFTP_PRIVATE_KEY);
let sftpPublicKey = await blobs.get(blobs.SFTP_PUBLIC_KEY);
if (!sftpPrivateKey || !sftpPublicKey) {
debug('ensureSecrets: generating new sftp keys');
if (!safe.child_process.execSync(`ssh-keygen -m PEM -t rsa -f "${paths.SFTP_KEYS_DIR}/ssh_host_rsa_key" -q -N ""`)) throw new BoxError(BoxError.OPENSSL_ERROR, `Could not generate sftp ssh keys: ${safe.error.message}`);
sftpPublicKey = safe.fs.readFileSync(paths.SFTP_PUBLIC_KEY_FILE);
await blobs.set(blobs.SFTP_PUBLIC_KEY, sftpPublicKey);
sftpPrivateKey = safe.fs.readFileSync(paths.SFTP_PRIVATE_KEY_FILE);
await blobs.set(blobs.SFTP_PRIVATE_KEY, sftpPrivateKey);
}
if (!safe.fs.writeFileSync(paths.SFTP_PUBLIC_KEY_FILE, sftpPublicKey)) throw new BoxError(BoxError.FS_ERROR, `Could not save sftp public key: ${safe.error.message}`);
if (!safe.fs.writeFileSync(paths.SFTP_PRIVATE_KEY_FILE, sftpPrivateKey)) throw new BoxError(BoxError.FS_ERROR, `Could not save sftp private key: ${safe.error.message}`);
}
async function start(existingInfra) {
assert.strictEqual(typeof existingInfra, 'object');
@@ -34,6 +52,8 @@ async function start(existingInfra) {
const memory = system.getMemoryAllocation(memoryLimit);
const cloudronToken = hat(8 * 128);
await ensureKeys();
const resolvedAppDataDir = safe.fs.realpathSync(paths.APPS_DATA_DIR);
if (!resolvedAppDataDir) throw new BoxError(BoxError.FS_ERROR, `Could not resolve apps data dir: ${safe.error.message}`);