This is an automated email from the ASF dual-hosted git repository.
linkinstar pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/answer.git
The following commit(s) were added to refs/heads/dev by this push:
new c7576398 refactor(install): simplify SSL configuration for PostgreSQL
c7576398 is described below
commit c757639805b39d47d0c9fb8f4b854da80d7e286b
Author: LinkinStars <[email protected]>
AuthorDate: Fri Mar 14 16:40:36 2025 +0800
refactor(install): simplify SSL configuration for PostgreSQL
---
configs/config.yaml | 6 --
i18n/en_US.yaml | 18 ++---
i18n/zh_CN.yaml | 12 +--
internal/install/install_req.go | 40 +++++-----
.../pages/Install/components/SecondStep/index.tsx | 85 ++++++----------------
ui/src/pages/Install/index.tsx | 18 ++---
6 files changed, 67 insertions(+), 112 deletions(-)
diff --git a/configs/config.yaml b/configs/config.yaml
index 865bea57..52671010 100644
--- a/configs/config.yaml
+++ b/configs/config.yaml
@@ -24,12 +24,6 @@ data:
connection: "/data/sqlite3/answer.db"
cache:
file_path: "/data/cache/cache.db"
- ssl:
- enabled: "no"
- mode: "require"
- cert_file: "/data/cache/ssl/certs/server-ca.pem"
- key_file: "/data/cache/ssl/certs/client-cert.pem"
- pem_file: "/data/cache/ssl/certs/client-key.pem"
i18n:
bundle_dir: "/data/i18n"
swaggerui:
diff --git a/i18n/en_US.yaml b/i18n/en_US.yaml
index 647e7a21..03de7411 100644
--- a/i18n/en_US.yaml
+++ b/i18n/en_US.yaml
@@ -1657,15 +1657,15 @@ ui:
label: Off
ssl_mode:
label: SSL Mode
- key_file:
- placeholder: Key file path
- msg: Path to Key file cannot be empty
- cert_file:
- placeholder: Cert file path
- msg: Path to Cert file cannot be empty
- pem_file:
- placeholder: Pem file path
- msg: Path to Pem file cannot be empty
+ ssl_root_cert:
+ placeholder: sslrootcert file path
+ msg: Path to sslrootcert file cannot be empty
+ ssl_cert:
+ placeholder: sslcert file path
+ msg: Path to sslcert file cannot be empty
+ ssl_key:
+ placeholder: sslkey file path
+ msg: Path to sslkey file cannot be empty
config_yaml:
title: Create config.yaml
label: The config.yaml file created.
diff --git a/i18n/zh_CN.yaml b/i18n/zh_CN.yaml
index 71c2a756..e16c0699 100644
--- a/i18n/zh_CN.yaml
+++ b/i18n/zh_CN.yaml
@@ -1621,14 +1621,14 @@ ui:
label: 关
ssl_mode:
label: SSL 模式
- key_file:
- placeholder: Key 文件路径
+ ssl_root_cert:
+ placeholder: sslrootcert 文件路径
msg: 文件路径不能为空
- cert_file:
- placeholder: Cert 文件路径
+ ssl_cert:
+ placeholder: sslcert 文件路径
msg: 文件路径不能为空
- pem_file:
- placeholder: Pem 文件路径
+ ssl_key:
+ placeholder: sslkey 文件路径
msg: 文件路径不能为空
config_yaml:
title: 创建 config.yaml
diff --git a/internal/install/install_req.go b/internal/install/install_req.go
index 939492c8..f4d22ff8 100644
--- a/internal/install/install_req.go
+++ b/internal/install/install_req.go
@@ -29,7 +29,6 @@ import (
"github.com/apache/answer/pkg/checker"
"github.com/apache/answer/pkg/dir"
"github.com/segmentfault/pacman/errors"
- "github.com/segmentfault/pacman/log"
"xorm.io/xorm/schemas"
)
@@ -42,17 +41,17 @@ type CheckConfigFileResp struct {
// CheckDatabaseReq check database
type CheckDatabaseReq struct {
- DbType string `validate:"required,oneof=postgres sqlite3 mysql"
json:"db_type"`
- DbUsername string `json:"db_username"`
- DbPassword string `json:"db_password"`
- DbHost string `json:"db_host"`
- DbName string `json:"db_name"`
- DbFile string `json:"db_file"`
- Ssl bool `json:"ssl_enabled"`
- SslMode string `json:"ssl_mode"`
- SslCrt string `json:"pem_file"`
- SslKey string `json:"key_file"`
- SslCrtClient string `json:"cert_file"`
+ DbType string `validate:"required,oneof=postgres sqlite3 mysql"
json:"db_type"`
+ DbUsername string `json:"db_username"`
+ DbPassword string `json:"db_password"`
+ DbHost string `json:"db_host"`
+ DbName string `json:"db_name"`
+ DbFile string `json:"db_file"`
+ Ssl bool `json:"ssl_enabled"`
+ SslMode string `json:"ssl_mode"`
+ SslRootCert string `json:"ssl_root_cert"`
+ SslKey string `json:"ssl_key"`
+ SslCert string `json:"ssl_cert"`
}
// GetConnection get connection string
@@ -73,17 +72,18 @@ func (r *CheckDatabaseReq) GetConnection() string {
return fmt.Sprintf("host=%s port=%s user=%s password=%s
dbname=%s sslmode=%s",
host, port, r.DbUsername, r.DbPassword,
r.DbName, r.SslMode)
} else if r.SslMode == "verify-ca" || r.SslMode ==
"verify-full" {
- if dir.CheckFileExist(r.SslCrt) {
- log.Warnf("ssl crt file not exist: %s",
r.SslCrt)
+ connection := fmt.Sprintf("host=%s port=%s user=%s
password=%s dbname=%s sslmode=%s",
+ host, port, r.DbUsername, r.DbPassword,
r.DbName, r.SslMode)
+ if len(r.SslRootCert) > 0 &&
dir.CheckFileExist(r.SslRootCert) {
+ connection += fmt.Sprintf(" sslrootcert=%s",
r.SslRootCert)
}
- if dir.CheckFileExist(r.SslCrtClient) {
- log.Warnf("ssl crt client file not exist: %s",
r.SslCrtClient)
+ if len(r.SslCert) > 0 && dir.CheckFileExist(r.SslCert) {
+ connection += fmt.Sprintf(" sslcert=%s",
r.SslCert)
}
- if dir.CheckFileExist(r.SslKey) {
- log.Warnf("ssl key file not exist: %s",
r.SslKey)
+ if len(r.SslKey) > 0 && dir.CheckFileExist(r.SslKey) {
+ connection += fmt.Sprintf(" sslkey=%s",
r.SslKey)
}
- return fmt.Sprintf("host=%s port=%s user=%s password=%s
dbname=%s sslmode=%s sslrootcert=%s sslcert=%s sslkey=%s",
- host, port, r.DbUsername, r.DbPassword,
r.DbName, r.SslMode, r.SslCrt, r.SslCrtClient, r.SslKey)
+ return connection
}
}
return ""
diff --git a/ui/src/pages/Install/components/SecondStep/index.tsx
b/ui/src/pages/Install/components/SecondStep/index.tsx
index 3206f82c..ffb47cd9 100644
--- a/ui/src/pages/Install/components/SecondStep/index.tsx
+++ b/ui/src/pages/Install/components/SecondStep/index.tsx
@@ -63,19 +63,8 @@ const Index: FC<Props> = ({ visible, data, changeCallback,
nextCallback }) => {
const checkValidated = (): boolean => {
let bol = true;
- const {
- db_type,
- db_username,
- db_password,
- db_host,
- db_name,
- db_file,
- ssl_enabled,
- ssl_mode,
- key_file,
- cert_file,
- pem_file,
- } = data;
+ const { db_type, db_username, db_password, db_host, db_name, db_file } =
+ data;
if (db_type.value !== 'sqlite3') {
if (!db_username.value) {
@@ -111,34 +100,6 @@ const Index: FC<Props> = ({ visible, data, changeCallback,
nextCallback }) => {
errorMsg: t('db_name.msg'),
};
}
- if (db_type.value === 'postgres') {
- if (ssl_enabled.value && ssl_mode.value !== 'require') {
- if (!key_file.value) {
- bol = false;
- data.key_file = {
- value: '',
- isInvalid: true,
- errorMsg: t('key_file.msg'),
- };
- }
- if (!pem_file.value) {
- bol = false;
- data.pem_file = {
- value: '',
- isInvalid: true,
- errorMsg: t('pem_file.msg'),
- };
- }
- if (!cert_file.value) {
- bol = false;
- data.cert_file = {
- value: '',
- isInvalid: true,
- errorMsg: t('cert_file.msg'),
- };
- }
- }
- }
} else if (!db_file.value) {
bol = false;
data.db_file = {
@@ -255,17 +216,17 @@ const Index: FC<Props> = ({ visible, data,
changeCallback, nextCallback }) => {
isInvalid: false,
errorMsg: '',
},
- key_file: {
+ ssl_root_cert: {
value: '',
isInvalid: false,
errorMsg: '',
},
- cert_file: {
+ ssl_cert: {
value: '',
isInvalid: false,
errorMsg: '',
},
- pem_file: {
+ ssl_key: {
value: '',
isInvalid: false,
errorMsg: '',
@@ -304,15 +265,15 @@ const Index: FC<Props> = ({ visible, data,
changeCallback, nextCallback }) => {
(data.ssl_mode.value === 'verify-ca' ||
data.ssl_mode.value === 'verify-full') && (
<Row className="mb-3">
- <Form.Group as={Col} controlId="key_file">
+ <Form.Group as={Col} controlId="ssl_root_cert">
<Form.Control
- placeholder={t('key_file.placeholder')}
- aria-label="key_file"
+ placeholder={t('ssl_root_cert.placeholder')}
+ aria-label="ssl_root_cert"
aria-describedby="basic-addon1"
- isInvalid={data.key_file.isInvalid}
+ isInvalid={data.ssl_root_cert.isInvalid}
onChange={(e) => {
changeCallback({
- key_file: {
+ ssl_root_cert: {
value: e.target.value,
isInvalid: false,
errorMsg: '',
@@ -322,18 +283,18 @@ const Index: FC<Props> = ({ visible, data,
changeCallback, nextCallback }) => {
required
/>
<Form.Control.Feedback type="invalid">
- {`${data.key_file.errorMsg}`}
+ {`${data.ssl_root_cert.errorMsg}`}
</Form.Control.Feedback>
</Form.Group>
- <Form.Group as={Col} controlId="cert_file">
+ <Form.Group as={Col} controlId="ssl_cert">
<Form.Control
- placeholder={t('cert_file.placeholder')}
- aria-label="cert_file"
+ placeholder={t('ssl_cert.placeholder')}
+ aria-label="ssl_cert"
aria-describedby="basic-addon1"
- isInvalid={data.cert_file.isInvalid}
+ isInvalid={data.ssl_cert.isInvalid}
onChange={(e) => {
changeCallback({
- cert_file: {
+ ssl_cert: {
value: e.target.value,
isInvalid: false,
errorMsg: '',
@@ -343,18 +304,18 @@ const Index: FC<Props> = ({ visible, data,
changeCallback, nextCallback }) => {
required
/>
<Form.Control.Feedback type="invalid">
- {`${data.cert_file.errorMsg}`}
+ {`${data.ssl_cert.errorMsg}`}
</Form.Control.Feedback>
</Form.Group>
- <Form.Group as={Col} controlId="pem_file">
+ <Form.Group as={Col} controlId="ssl_key">
<Form.Control
- placeholder={t('pem_file.placeholder')}
- aria-label="pem_file"
+ placeholder={t('ssl_key.placeholder')}
+ aria-label="ssl_key"
aria-describedby="basic-addon1"
- isInvalid={data.pem_file.isInvalid}
+ isInvalid={data.ssl_key.isInvalid}
onChange={(e) => {
changeCallback({
- pem_file: {
+ ssl_key: {
value: e.target.value,
isInvalid: false,
errorMsg: '',
@@ -364,7 +325,7 @@ const Index: FC<Props> = ({ visible, data, changeCallback,
nextCallback }) => {
required
/>
<Form.Control.Feedback type="invalid">
- {`${data.pem_file.errorMsg}`}
+ {`${data.ssl_key.errorMsg}`}
</Form.Control.Feedback>
</Form.Group>
</Row>
diff --git a/ui/src/pages/Install/index.tsx b/ui/src/pages/Install/index.tsx
index ce7889b9..044f07e2 100644
--- a/ui/src/pages/Install/index.tsx
+++ b/ui/src/pages/Install/index.tsx
@@ -146,17 +146,17 @@ const Index: FC = () => {
isInvalid: false,
errorMsg: '',
},
- pem_file: {
+ ssl_key: {
value: '',
isInvalid: false,
errorMsg: '',
},
- key_file: {
+ ssl_root_cert: {
value: '',
isInvalid: false,
errorMsg: '',
},
- cert_file: {
+ ssl_cert: {
value: '',
isInvalid: false,
errorMsg: '',
@@ -221,9 +221,9 @@ const Index: FC = () => {
db_file: formData.db_file.value,
ssl_enabled: formData.ssl_enabled.value,
ssl_mode: formData.ssl_mode.value,
- pem_file: formData.pem_file.value,
- key_file: formData.key_file.value,
- cert_file: formData.cert_file.value,
+ ssl_key: formData.ssl_key.value,
+ ssl_root_cert: formData.ssl_root_cert.value,
+ ssl_cert: formData.ssl_cert.value,
};
installInit(params)
.then(() => {
@@ -245,9 +245,9 @@ const Index: FC = () => {
db_file: formData.db_file.value,
ssl_enabled: formData.ssl_enabled.value,
ssl_mode: formData.ssl_mode.value,
- pem_file: formData.pem_file.value,
- key_file: formData.key_file.value,
- cert_file: formData.cert_file.value,
+ ssl_key: formData.ssl_key.value,
+ ssl_root_cert: formData.ssl_root_cert.value,
+ ssl_cert: formData.ssl_cert.value,
};
dbCheck(params)
.then(() => {
