2022-04-06 06:13:40 +00:00
|
|
|
package setup
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2022-04-12 14:20:17 +00:00
|
|
|
"database/sql"
|
|
|
|
"fmt"
|
2022-04-28 08:30:41 +00:00
|
|
|
"strings"
|
2022-04-06 06:13:40 +00:00
|
|
|
|
2022-05-03 13:58:38 +00:00
|
|
|
"golang.org/x/text/language"
|
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
|
|
"github.com/zitadel/zitadel/internal/command"
|
|
|
|
"github.com/zitadel/zitadel/internal/config/systemdefaults"
|
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
|
|
crypto_db "github.com/zitadel/zitadel/internal/crypto/database"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
2022-04-06 06:13:40 +00:00
|
|
|
)
|
|
|
|
|
2022-07-27 08:22:20 +00:00
|
|
|
type FirstInstance struct {
|
2022-05-03 13:58:38 +00:00
|
|
|
InstanceName string
|
|
|
|
DefaultLanguage language.Tag
|
|
|
|
Org command.OrgSetup
|
2022-04-12 14:20:17 +00:00
|
|
|
|
2022-04-28 08:30:41 +00:00
|
|
|
instanceSetup command.InstanceSetup
|
2022-04-12 14:20:17 +00:00
|
|
|
userEncryptionKey *crypto.KeyConfig
|
2022-05-13 12:13:07 +00:00
|
|
|
smtpEncryptionKey *crypto.KeyConfig
|
2022-04-12 14:20:17 +00:00
|
|
|
masterKey string
|
|
|
|
db *sql.DB
|
|
|
|
es *eventstore.Eventstore
|
|
|
|
defaults systemdefaults.SystemDefaults
|
|
|
|
zitadelRoles []authz.RoleMapping
|
2022-04-28 08:30:41 +00:00
|
|
|
externalDomain string
|
2022-04-21 10:37:39 +00:00
|
|
|
externalSecure bool
|
2022-04-25 09:16:36 +00:00
|
|
|
externalPort uint16
|
2022-07-27 08:22:20 +00:00
|
|
|
domain string
|
2022-04-06 06:13:40 +00:00
|
|
|
}
|
|
|
|
|
2022-07-27 08:22:20 +00:00
|
|
|
func (mig *FirstInstance) Execute(ctx context.Context) error {
|
2022-04-12 14:20:17 +00:00
|
|
|
keyStorage, err := crypto_db.NewKeyStorage(mig.db, mig.masterKey)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("cannot start key storage: %w", err)
|
|
|
|
}
|
|
|
|
if err = verifyKey(mig.userEncryptionKey, keyStorage); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
userAlg, err := crypto.NewAESCrypto(mig.userEncryptionKey, keyStorage)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-05-13 12:13:07 +00:00
|
|
|
if err = verifyKey(mig.smtpEncryptionKey, keyStorage); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
smtpEncryption, err := crypto.NewAESCrypto(mig.smtpEncryptionKey, keyStorage)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-04-20 14:59:37 +00:00
|
|
|
cmd, err := command.StartCommands(mig.es,
|
|
|
|
mig.defaults,
|
|
|
|
mig.zitadelRoles,
|
|
|
|
nil,
|
|
|
|
nil,
|
2022-04-28 08:30:41 +00:00
|
|
|
mig.externalDomain,
|
2022-04-25 09:16:36 +00:00
|
|
|
mig.externalSecure,
|
|
|
|
mig.externalPort,
|
2022-04-20 14:59:37 +00:00
|
|
|
nil,
|
|
|
|
nil,
|
2022-05-13 12:13:07 +00:00
|
|
|
smtpEncryption,
|
2022-04-20 14:59:37 +00:00
|
|
|
nil,
|
|
|
|
userAlg,
|
|
|
|
nil,
|
|
|
|
nil)
|
2022-04-06 06:13:40 +00:00
|
|
|
|
2022-04-21 10:37:39 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-04-28 08:30:41 +00:00
|
|
|
mig.instanceSetup.InstanceName = mig.InstanceName
|
2022-07-27 08:22:20 +00:00
|
|
|
mig.instanceSetup.CustomDomain = mig.externalDomain
|
2022-05-03 13:58:38 +00:00
|
|
|
mig.instanceSetup.DefaultLanguage = mig.DefaultLanguage
|
2022-04-28 08:30:41 +00:00
|
|
|
mig.instanceSetup.Org = mig.Org
|
|
|
|
mig.instanceSetup.Org.Human.Email.Address = strings.TrimSpace(mig.instanceSetup.Org.Human.Email.Address)
|
|
|
|
if mig.instanceSetup.Org.Human.Email.Address == "" {
|
|
|
|
mig.instanceSetup.Org.Human.Email.Address = "admin@" + mig.instanceSetup.CustomDomain
|
|
|
|
}
|
|
|
|
|
|
|
|
_, _, err = cmd.SetUpInstance(ctx, &mig.instanceSetup)
|
2022-04-06 06:13:40 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-07-27 08:22:20 +00:00
|
|
|
func (mig *FirstInstance) String() string {
|
2022-04-06 06:13:40 +00:00
|
|
|
return "03_default_instance"
|
|
|
|
}
|
2022-04-12 14:20:17 +00:00
|
|
|
|
|
|
|
func verifyKey(key *crypto.KeyConfig, storage crypto.KeyStorage) (err error) {
|
|
|
|
_, err = crypto.LoadKey(key.EncryptionKeyID, storage)
|
|
|
|
if err == nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
k, err := crypto.NewKey(key.EncryptionKeyID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return storage.CreateKeys(k)
|
|
|
|
}
|