Merge pull request #9 from resin-io/RES-1396-random-logs-channel

Use random secret for logs channel
2025-01-21 03:55:23 +00:00 · 2015-11-04 11:43:34 -03:00 · 2015-11-04 11:43:34 -03:00 · 4ac0feeca3
commit 4ac0feeca3
parent 605d72cbdc 0605a9f4ee
6 changed files with 29 additions and 23 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,5 @@
+* Use random name for PubNub channel and report to API [Pablo]
+
 # v1.2.0

 * Don't bind mount (the sometimes non-existent) docker.sock [Pablo]
--- a/src/api.coffee
+++ b/src/api.coffee
@ -13,7 +13,7 @@ module.exports = (application) ->
 	api = express()
 	api.use(bodyParser())
 	api.use (req, res, next) ->
-		utils.getOrGenerateApiSecret()
+		utils.getOrGenerateSecret('api')
 		.then (secret) ->
 			if req.query.apikey is secret
 				next()
@ -129,9 +129,9 @@ module.exports = (application) ->
 	# Expires the supervisor's API key and generates a new one.
 	# It also communicates the new key to the Resin API.
 	api.post '/v1/regenerate-api-key', (req, res) ->
-		utils.newApiSecret()
+		utils.newSecret('api')
 		.then (secret) ->
-			device.updateState(apikey: secret)
+			device.updateState(api_secret: secret)
 			res.status(200).send(secret)
 		.catch (err) ->
 			res.status(503).send(err?.message or err or 'Unknown error')
--- a/src/app.coffee
+++ b/src/app.coffee
@ -14,12 +14,12 @@ knex.init.then ->
 	console.log('Starting connectivity check..')
 	utils.connectivityCheck()

-	Promise.join bootstrap.startBootstrapping(), utils.getOrGenerateApiSecret(), (uuid, secret) ->
+	Promise.join bootstrap.startBootstrapping(), utils.getOrGenerateSecret('api'), utils.getOrGenerateSecret('logsChannel'), (uuid, secret, logsChannel) ->
 		# Persist the uuid in subsequent metrics
 		utils.mixpanelProperties.uuid = uuid

 		api = require './api'
-		application = require('./application')(uuid)
+		application = require('./application')(logsChannel)
 		device = require './device'

 		bootstrap.done
@ -35,6 +35,7 @@ knex.init.then ->
 				provisioning_progress: null
 				provisioning_state: ''
 				download_progress: null
+				logs_channel: logsChannel
 			)

 		console.log('Starting Apps..')
--- a/src/application.coffee
+++ b/src/application.coffee
@ -508,10 +508,10 @@ application.initialize = ->
 		application.poll()
 		application.update()

-module.exports = (uuid) ->
+module.exports = (logsChannel) ->
 	logger.init(
 		dockerSocket: config.dockerSocket
 		pubnub: config.pubnub
-		channel: "device-#{uuid}-logs"
+		channel: "device-#{logsChannel}-logs"
 	)
 	return application
--- a/src/config.coffee
+++ b/src/config.coffee
@ -30,6 +30,8 @@ module.exports = config =
 	restartSuccessTimeout: checkInt(process.env.RESTART_SUCCESS_TIMEOUT) ? 60000
 	appUpdatePollInterval: checkInt(process.env.APPLICATION_UPDATE_POLL_INTERVAL) ? 60000
 	successMessage: 'SUPERVISOR OK'
-	forceApiSecret: process.env.RESIN_SUPERVISOR_SECRET ? null
+	forceSecret:
+		api: process.env.RESIN_SUPERVISOR_SECRET ? null
+		logsChannel: process.env.RESIN_SUPERVISOR_LOGS_CHANNEL ? null
 	vpnStatusPath: process.env.VPN_STATUS_PATH ? '/mnt/root/run/openvpn/vpn_status'
 	checkInt: checkInt
--- a/src/utils.coffee
+++ b/src/utils.coffee
@ -102,27 +102,28 @@ exports.connectivityCheck = _.once ->
 				blink.pattern.start(networkPattern)


-apiSecretPromise = null
-generateApiSecret = ->
+secretPromises = {}
+generateSecret = (name) ->
 	Promise.try ->
-		return config.forceApiSecret ? randomHexString.generate()
+		return config.forceSecret[name] if config.forceSecret[name]?
+		return randomHexString.generate()
 	.then (newSecret) ->
-		secretInDB = { key: 'apiSecret', value: newSecret }
-		knex('config').update(secretInDB).where(key: 'apiSecret')
+		secretInDB = { key: "#{name}Secret", value: newSecret }
+		knex('config').update(secretInDB).where(key: "#{name}Secret")
 		.then (affectedRows) ->
 			knex('config').insert(secretInDB) if affectedRows == 0
 		.return(newSecret)

-exports.newApiSecret = newApiSecret = ->
-	apiSecretPromise ?= Promise.resolve()
-	apiSecretPromise = apiSecretPromise.then ->
-		generateApiSecret()
+exports.newSecret = (name) ->
+	secretPromises[name] ?= Promise.resolve()
+	secretPromises[name] = secretPromises[name].then ->
+		generateSecret(name)

-exports.getOrGenerateApiSecret = ->
-	apiSecretPromise ?= knex('config').select('value').where(key: 'apiSecret').then ([ apiSecret ]) ->
-		return apiSecret.value if apiSecret?
-		generateApiSecret()
-	return apiSecretPromise
+exports.getOrGenerateSecret = (name) ->
+	secretPromises[name] ?= knex('config').select('value').where(key: "#{name}Secret").then ([ secret ]) ->
+		return secret.value if secret?
+		generateSecret(name)
+	return secretPromises[name]

 exports.extendEnvVars = (env, uuid) ->
 	host = '127.0.0.1'
@ -131,7 +132,7 @@ exports.extendEnvVars = (env, uuid) ->
 		RESIN_SUPERVISOR_ADDRESS: "http://#{host}:#{config.listenPort}"
 		RESIN_SUPERVISOR_HOST: host
 		RESIN_SUPERVISOR_PORT: config.listenPort
-		RESIN_SUPERVISOR_API_KEY: exports.getOrGenerateApiSecret()
+		RESIN_SUPERVISOR_API_KEY: exports.getOrGenerateSecret('api')
 		RESIN_SUPERVISOR_VERSION: exports.supervisorVersion
 		RESIN: '1'
 		USER: 'root'