Differential D11452 Diff 27584 src/applications/almanac/management/AlmanacManagementRegisterWorkflow.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/almanac/management/AlmanacManagementRegisterWorkflow.php
| Show All 17 Lines | $this | ||||
| 'name' => 'private-key', | 'name' => 'private-key', | ||||
| 'param' => 'key', | 'param' => 'key', | ||||
| 'help' => pht('Path to a private key for the host.'), | 'help' => pht('Path to a private key for the host.'), | ||||
| ), | ), | ||||
| array( | array( | ||||
| 'name' => 'allow-key-reuse', | 'name' => 'allow-key-reuse', | ||||
| 'help' => pht( | 'help' => pht( | ||||
| 'Register even if another host is already registered with this '. | 'Register even if another host is already registered with this '. | ||||
| 'keypair.'), | 'keypair. This is an advanced featuer which allows a pool of '. | ||||
| 'devices to share credentials.'), | |||||
| ), | |||||
| array( | |||||
| 'name' => 'identify-as', | |||||
| 'param' => 'name', | |||||
| 'help' => pht( | |||||
| 'Specify an alternate host identity. This is an advanced '. | |||||
| 'feature which allows a pool of devices to share credentials.'), | |||||
| ), | ), | ||||
| array( | array( | ||||
| 'name' => 'force', | 'name' => 'force', | ||||
| 'help' => pht( | 'help' => pht( | ||||
| 'Register this host even if keys already exist.'), | 'Register this host even if keys already exist.'), | ||||
| ), | ), | ||||
| )); | )); | ||||
| } | } | ||||
| ▲ Show 20 Lines • Show All 45 Lines • ▼ Show 20 Lines | if ($err) { | ||||
| 'Unable to change ownership of a file to daemon user "%s". Run '. | 'Unable to change ownership of a file to daemon user "%s". Run '. | ||||
| 'this command as %s or root.', | 'this command as %s or root.', | ||||
| $phd_user, | $phd_user, | ||||
| $phd_user)); | $phd_user)); | ||||
| } | } | ||||
| $stored_public_path = AlmanacKeys::getKeyPath('device.pub'); | $stored_public_path = AlmanacKeys::getKeyPath('device.pub'); | ||||
| $stored_private_path = AlmanacKeys::getKeyPath('device.key'); | $stored_private_path = AlmanacKeys::getKeyPath('device.key'); | ||||
| $stored_device_path = AlmanacKeys::getKeyPath('device.id'); | |||||
| if (!$args->getArg('force')) { | if (!$args->getArg('force')) { | ||||
| if (Filesystem::pathExists($stored_public_path)) { | if (Filesystem::pathExists($stored_public_path)) { | ||||
| throw new PhutilArgumentUsageException( | throw new PhutilArgumentUsageException( | ||||
| pht( | pht( | ||||
| 'This host already has a registered public key ("%s"). '. | 'This host already has a registered public key ("%s"). '. | ||||
| 'Remove this key before registering the host, or use '. | 'Remove this key before registering the host, or use '. | ||||
| '--force to overwrite it.', | '--force to overwrite it.', | ||||
| ▲ Show 20 Lines • Show All 70 Lines • ▼ Show 20 Lines | $console->writeOut( | ||||
| pht('Installing private key...')); | pht('Installing private key...')); | ||||
| $tmp_private = new TempFile(); | $tmp_private = new TempFile(); | ||||
| Filesystem::changePermissions($tmp_private, 0600); | Filesystem::changePermissions($tmp_private, 0600); | ||||
| execx('chown %s %s', $phd_user, $tmp_private); | execx('chown %s %s', $phd_user, $tmp_private); | ||||
| Filesystem::writeFile($tmp_private, $raw_private_key); | Filesystem::writeFile($tmp_private, $raw_private_key); | ||||
| execx('mv -f %s %s', $tmp_private, $stored_private_path); | execx('mv -f %s %s', $tmp_private, $stored_private_path); | ||||
| $raw_device = $device_name; | |||||
| $identify_as = $args->getArg('identify-as'); | |||||
| if (strlen($identify_as)) { | |||||
| $raw_device = $identify_as; | |||||
| } | |||||
| $console->writeOut( | |||||
| "%s\n", | |||||
| pht('Installing device ID...', $raw_device)); | |||||
| // The permissions on this file are more open because the webserver also | |||||
| // needs to read it. | |||||
| $tmp_device = new TempFile(); | |||||
| Filesystem::changePermissions($tmp_device, 0644); | |||||
| execx('chown %s %s', $phd_user, $tmp_device); | |||||
| Filesystem::writeFile($tmp_device, $raw_device); | |||||
| execx('mv -f %s %s', $tmp_device, $stored_device_path); | |||||
| if (!$public_key->getID()) { | if (!$public_key->getID()) { | ||||
| $console->writeOut( | $console->writeOut( | ||||
| "%s\n", | "%s\n", | ||||
| pht('Registering device key...')); | pht('Registering device key...')); | ||||
| $public_key->save(); | $public_key->save(); | ||||
| } | } | ||||
| $console->writeOut( | $console->writeOut( | ||||
| "**<bg:green> %s </bg>** %s\n", | "**<bg:green> %s </bg>** %s\n", | ||||
| pht('HOST REGISTERED'), | pht('HOST REGISTERED'), | ||||
| pht( | pht( | ||||
| 'This host has been registered as "%s" and a trusted keypair '. | 'This host has been registered as "%s" and a trusted keypair '. | ||||
| 'has been installed.', | 'has been installed.', | ||||
| $device_name)); | $raw_device)); | ||||
| } | } | ||||
| } | } | ||||