diff --git a/cmd/install.go b/cmd/install.go index dd76937..23eebbf 100644 --- a/cmd/install.go +++ b/cmd/install.go @@ -2,6 +2,7 @@ package cmd import ( "fmt" + "io" "os" "path" @@ -17,14 +18,28 @@ var installCmd = &cobra.Command{ RunE: runInstall, } +const faasdwd = "/run/faasd" +const faasContainerdwd = "/run/faas-containerd" + func runInstall(_ *cobra.Command, _ []string) error { - if basicAuthErr := makeBasicAuthFiles(); basicAuthErr != nil { + if err := ensureWorkingDir(path.Join(faasdwd, "secrets")); err != nil { + return err + } + + if err := ensureWorkingDir(faasContainerdwd); err != nil { + return err + } + + if basicAuthErr := makeBasicAuthFiles(path.Join(faasdwd, "secrets")); basicAuthErr != nil { return errors.Wrap(basicAuthErr, "cannot create basic-auth-* files") } - wd := "/run/faasd" - if err := ensureWorkingDir(wd); err != nil { + if err := cp("prometheus.yml", faasdwd); err != nil { + return err + } + + if err := cp("resolv.conf", faasdwd); err != nil { return err } @@ -43,12 +58,15 @@ func runInstall(_ *cobra.Command, _ []string) error { return err } - err = systemd.InstallUnit("faas-containerd", wd) + err = systemd.InstallUnit("faas-containerd", map[string]string{ + "Cwd": faasContainerdwd, + "SecretMountPath": path.Join(faasdwd, "secrets")}) + if err != nil { return err } - err = systemd.InstallUnit("faasd", wd) + err = systemd.InstallUnit("faasd", map[string]string{"Cwd": faasdwd}) if err != nil { return err } @@ -91,7 +109,7 @@ func binExists(folder, name string) error { func ensureWorkingDir(folder string) error { if _, err := os.Stat(folder); err != nil { - err = os.MkdirAll("/run/faasd", 0600) + err = os.MkdirAll(folder, 0600) if err != nil { return err } @@ -99,3 +117,22 @@ func ensureWorkingDir(folder string) error { return nil } + +func cp(source, destFolder string) error { + file, err := os.Open(source) + if err != nil { + return err + + } + defer file.Close() + + out, err := os.Create(path.Join(destFolder, source)) + if err != nil { + return err + } + defer out.Close() + + _, err = io.Copy(out, file) + + return err +} diff --git a/cmd/up.go b/cmd/up.go index 289fd31..6e41162 100644 --- a/cmd/up.go +++ b/cmd/up.go @@ -49,7 +49,7 @@ func runUp(_ *cobra.Command, _ []string) error { clientSuffix = "-arm64" } - if basicAuthErr := makeBasicAuthFiles(); basicAuthErr != nil { + if basicAuthErr := makeBasicAuthFiles(path.Join(path.Join(faasdwd, "secrets"))); basicAuthErr != nil { return errors.Wrap(basicAuthErr, "cannot create basic-auth-* files") } @@ -132,8 +132,8 @@ func runUp(_ *cobra.Command, _ []string) error { return nil } -func makeBasicAuthFiles() error { - wd, _ := os.Getwd() +func makeBasicAuthFiles(wd string) error { + pwdFile := wd + "/basic-auth-password" authPassword, err := password.Generate(63, 10, 0, false, true) @@ -183,11 +183,11 @@ func makeServiceDefinitions(archSuffix string) []pkg.Service { }, Mounts: []pkg.Mount{ pkg.Mount{ - Src: path.Join(wd, "basic-auth-password"), + Src: path.Join(path.Join(wd, "secrets"), "basic-auth-password"), Dest: path.Join(secretMountDir, "basic-auth-password"), }, pkg.Mount{ - Src: path.Join(wd, "basic-auth-user"), + Src: path.Join(path.Join(wd, "secrets"), "basic-auth-user"), Dest: path.Join(secretMountDir, "basic-auth-user"), }, }, @@ -231,11 +231,11 @@ func makeServiceDefinitions(archSuffix string) []pkg.Service { Image: "docker.io/openfaas/gateway:0.18.8" + archSuffix, Mounts: []pkg.Mount{ pkg.Mount{ - Src: path.Join(wd, "basic-auth-password"), + Src: path.Join(path.Join(wd, "secrets"), "basic-auth-password"), Dest: path.Join(secretMountDir, "basic-auth-password"), }, pkg.Mount{ - Src: path.Join(wd, "basic-auth-user"), + Src: path.Join(path.Join(wd, "secrets"), "basic-auth-user"), Dest: path.Join(secretMountDir, "basic-auth-user"), }, }, @@ -257,11 +257,11 @@ func makeServiceDefinitions(archSuffix string) []pkg.Service { Image: "docker.io/openfaas/queue-worker:0.9.0", Mounts: []pkg.Mount{ pkg.Mount{ - Src: path.Join(wd, "basic-auth-password"), + Src: path.Join(path.Join(wd, "secrets"), "basic-auth-password"), Dest: path.Join(secretMountDir, "basic-auth-password"), }, pkg.Mount{ - Src: path.Join(wd, "basic-auth-user"), + Src: path.Join(path.Join(wd, "secrets"), "basic-auth-user"), Dest: path.Join(secretMountDir, "basic-auth-user"), }, }, diff --git a/hack/faas-containerd.service b/hack/faas-containerd.service index 7796e47..be5d280 100644 --- a/hack/faas-containerd.service +++ b/hack/faas-containerd.service @@ -3,7 +3,7 @@ Description=faasd-containerd [Service] MemoryLimit=500M -# Environment="basic_auth=true" # Not tested properly in PR #13, causes runtime error +Environment="secret_mount_path={{.SecretMountPath}}" ExecStart=/usr/local/bin/faas-containerd Restart=on-failure RestartSec=10s diff --git a/pkg/systemd/systemd.go b/pkg/systemd/systemd.go index 6b8b47c..069b889 100644 --- a/pkg/systemd/systemd.go +++ b/pkg/systemd/systemd.go @@ -64,10 +64,9 @@ func DaemonReload() error { return nil } -func InstallUnit(name, folder string) error { - if len(folder) == 0 { - wd, _ := os.Getwd() - folder = wd +func InstallUnit(name string, tokens map[string]string) error { + if len(tokens["Cwd"]) == 0 { + return fmt.Errorf("key Cwd expected in tokens parameter") } tmplName := "./hack/" + name + ".service" @@ -78,13 +77,8 @@ func InstallUnit(name, folder string) error { } var tpl bytes.Buffer - userData := struct { - Cwd string - }{ - Cwd: folder, - } - err = tmpl.Execute(&tpl, userData) + err = tmpl.Execute(&tpl, tokens) if err != nil { return err }