traefik/pkg/provider/acme/local_store.go

package acme

import (
	"encoding/json"
	"io"
	"os"
	"sync"

	"github.com/traefik/traefik/v2/pkg/log"
	"github.com/traefik/traefik/v2/pkg/safe"
)

var _ Store = (*LocalStore)(nil)

// LocalStore Stores implementation for local file.
type LocalStore struct {
	saveDataChan chan map[string]*StoredData
	filename     string

	lock       sync.RWMutex
	storedData map[string]*StoredData
}

// NewLocalStore initializes a new LocalStore with a file name.
func NewLocalStore(filename string) *LocalStore {
	store := &LocalStore{filename: filename, saveDataChan: make(chan map[string]*StoredData)}
	store.listenSaveAction()
	return store
}

func (s *LocalStore) save(resolverName string, storedData *StoredData) {
	s.lock.Lock()
	defer s.lock.Unlock()

	s.storedData[resolverName] = storedData

	// we cannot pass s.storedData directly, map is reference type and as result
	// we can face with race condition, so we need to work with objects copy
	s.saveDataChan <- s.unSafeCopyOfStoredData()
}

func (s *LocalStore) get(resolverName string) (*StoredData, error) {
	s.lock.Lock()
	defer s.lock.Unlock()

	if s.storedData == nil {
		s.storedData = map[string]*StoredData{}

		hasData, err := CheckFile(s.filename)
		if err != nil {
			return nil, err
		}

		if hasData {
			logger := log.WithoutContext().WithField(log.ProviderName, "acme")

			f, err := os.Open(s.filename)
			if err != nil {
				return nil, err
			}
			defer f.Close()

			file, err := io.ReadAll(f)
			if err != nil {
				return nil, err
			}

			if len(file) > 0 {
				if err := json.Unmarshal(file, &s.storedData); err != nil {
					return nil, err
				}
			}

			// Delete all certificates with no value
			var certificates []*CertAndStore
			for _, storedData := range s.storedData {
				for _, certificate := range storedData.Certificates {
					if len(certificate.Certificate.Certificate) == 0 || len(certificate.Key) == 0 {
						logger.Debugf("Deleting empty certificate %v for %v", certificate, certificate.Domain.ToStrArray())
						continue
					}
					certificates = append(certificates, certificate)
				}
				if len(certificates) < len(storedData.Certificates) {
					storedData.Certificates = certificates

					// we cannot pass s.storedData directly, map is reference type and as result
					// we can face with race condition, so we need to work with objects copy
					s.saveDataChan <- s.unSafeCopyOfStoredData()
				}
			}
		}
	}

	if s.storedData[resolverName] == nil {
		s.storedData[resolverName] = &StoredData{}
	}
	return s.storedData[resolverName], nil
}

// listenSaveAction listens to a chan to store ACME data in json format into `LocalStore.filename`.
func (s *LocalStore) listenSaveAction() {
	safe.Go(func() {
		logger := log.WithoutContext().WithField(log.ProviderName, "acme")
		for object := range s.saveDataChan {
			data, err := json.MarshalIndent(object, "", "  ")
			if err != nil {
				logger.Error(err)
			}

			err = os.WriteFile(s.filename, data, 0o600)
			if err != nil {
				logger.Error(err)
			}
		}
	})
}

// unSafeCopyOfStoredData creates maps copy of storedData. Is not thread safe, you should use `s.lock`.
func (s *LocalStore) unSafeCopyOfStoredData() map[string]*StoredData {
	result := map[string]*StoredData{}
	for k, v := range s.storedData {
		result[k] = v
	}
	return result
}

// GetAccount returns ACME Account.
func (s *LocalStore) GetAccount(resolverName string) (*Account, error) {
	storedData, err := s.get(resolverName)
	if err != nil {
		return nil, err
	}

	return storedData.Account, nil
}

// SaveAccount stores ACME Account.
func (s *LocalStore) SaveAccount(resolverName string, account *Account) error {
	storedData, err := s.get(resolverName)
	if err != nil {
		return err
	}

	storedData.Account = account
	s.save(resolverName, storedData)

	return nil
}

// GetCertificates returns ACME Certificates list.
func (s *LocalStore) GetCertificates(resolverName string) ([]*CertAndStore, error) {
	storedData, err := s.get(resolverName)
	if err != nil {
		return nil, err
	}

	return storedData.Certificates, nil
}

// SaveCertificates stores ACME Certificates list.
func (s *LocalStore) SaveCertificates(resolverName string, certificates []*CertAndStore) error {
	storedData, err := s.get(resolverName)
	if err != nil {
		return err
	}

	storedData.Certificates = certificates
	s.save(resolverName, storedData)

	return nil
}
Create ACME Provider 2018-03-05 20:54:04 +01:00			`package acme`

			`import (`
			`"encoding/json"`
Update to go1.16 2021-03-04 20:08:03 +01:00			`"io"`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`"os"`
ACME TLS ALPN 2018-07-03 12:44:04 +02:00			`"sync"`
Create ACME Provider 2018-03-05 20:54:04 +01:00
chore: move to Traefik organization. Co-authored-by: Romain <rtribotte@users.noreply.github.com> 2020-09-16 15:46:04 +02:00			`"github.com/traefik/traefik/v2/pkg/log"`
			`"github.com/traefik/traefik/v2/pkg/safe"`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`)`

			`var _ Store = (*LocalStore)(nil)`

Update linter 2020-05-11 12:06:07 +02:00			`// LocalStore Stores implementation for local file.`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`type LocalStore struct {`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`saveDataChan chan map[string]*StoredData`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`filename string`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00
			`lock sync.RWMutex`
			`storedData map[string]*StoredData`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`}`

Update linter 2020-05-11 12:06:07 +02:00			`// NewLocalStore initializes a new LocalStore with a file name.`
ACME TLS ALPN 2018-07-03 12:44:04 +02:00			`func NewLocalStore(filename string) *LocalStore {`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`store := &LocalStore{filename: filename, saveDataChan: make(chan map[string]*StoredData)}`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`store.listenSaveAction()`
			`return store`
			`}`

Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`func (s LocalStore) save(resolverName string, storedData StoredData) {`
			`s.lock.Lock()`
			`defer s.lock.Unlock()`

			`s.storedData[resolverName] = storedData`
acme: Fix race condition in LocalStore during saving. 2020-09-30 13:04:04 +03:00
			`// we cannot pass s.storedData directly, map is reference type and as result`
			`// we can face with race condition, so we need to work with objects copy`
			`s.saveDataChan <- s.unSafeCopyOfStoredData()`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`}`

			`func (s LocalStore) get(resolverName string) (StoredData, error) {`
			`s.lock.Lock()`
			`defer s.lock.Unlock()`

Create ACME Provider 2018-03-05 20:54:04 +01:00			`if s.storedData == nil {`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`s.storedData = map[string]*StoredData{}`
Create ACME Provider 2018-03-05 20:54:04 +01:00
Fix acme.json file automatic creation 2018-04-10 10:52:04 +02:00			`hasData, err := CheckFile(s.filename)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`if err != nil {`
			`return nil, err`
			`}`

Fix acme.json file automatic creation 2018-04-10 10:52:04 +02:00			`if hasData {`
Dynamic Configuration Refactoring 2018-11-14 10:18:03 +01:00			`logger := log.WithoutContext().WithField(log.ProviderName, "acme")`

Fix acme.json file automatic creation 2018-04-10 10:52:04 +02:00			`f, err := os.Open(s.filename)`
			`if err != nil {`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`return nil, err`
			`}`
Fix acme.json file automatic creation 2018-04-10 10:52:04 +02:00			`defer f.Close()`

Update to go1.16 2021-03-04 20:08:03 +01:00			`file, err := io.ReadAll(f)`
ACME V2 Integration 2018-03-26 14:12:03 +02:00			`if err != nil {`
			`return nil, err`
			`}`
Fix acme.json file automatic creation 2018-04-10 10:52:04 +02:00
			`if len(file) > 0 {`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`if err := json.Unmarshal(file, &s.storedData); err != nil {`
Fix acme.json file automatic creation 2018-04-10 10:52:04 +02:00			`return nil, err`
			`}`
			`}`
Create backup file during migration from ACME V1 to ACME V2 2018-04-16 19:34:04 +02:00
			`// Delete all certificates with no value`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`var certificates []*CertAndStore`
			`for _, storedData := range s.storedData {`
			`for _, certificate := range storedData.Certificates {`
			`if len(certificate.Certificate.Certificate) == 0 \|\| len(certificate.Key) == 0 {`
			`logger.Debugf("Deleting empty certificate %v for %v", certificate, certificate.Domain.ToStrArray())`
			`continue`
			`}`
			`certificates = append(certificates, certificate)`
			`}`
			`if len(certificates) < len(storedData.Certificates) {`
			`storedData.Certificates = certificates`
acme: Fix race condition in LocalStore during saving. 2020-09-30 13:04:04 +03:00
			`// we cannot pass s.storedData directly, map is reference type and as result`
			`// we can face with race condition, so we need to work with objects copy`
			`s.saveDataChan <- s.unSafeCopyOfStoredData()`
Create backup file during migration from ACME V1 to ACME V2 2018-04-16 19:34:04 +02:00			`}`
			`}`
ACME V2 Integration 2018-03-26 14:12:03 +02:00			`}`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`}`

Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`if s.storedData[resolverName] == nil {`
			`s.storedData[resolverName] = &StoredData{}`
			`}`
			`return s.storedData[resolverName], nil`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`}`

Update linter 2020-05-11 12:06:07 +02:00			// listenSaveAction listens to a chan to store ACME data in json format into `LocalStore.filename`.
Create ACME Provider 2018-03-05 20:54:04 +01:00			`func (s *LocalStore) listenSaveAction() {`
			`safe.Go(func() {`
Dynamic Configuration Refactoring 2018-11-14 10:18:03 +01:00			`logger := log.WithoutContext().WithField(log.ProviderName, "acme")`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`for object := range s.saveDataChan {`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`data, err := json.MarshalIndent(object, "", " ")`
			`if err != nil {`
Dynamic Configuration Refactoring 2018-11-14 10:18:03 +01:00			`logger.Error(err)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`}`

Update to go1.16 2021-03-04 20:08:03 +01:00			`err = os.WriteFile(s.filename, data, 0o600)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`if err != nil {`
Dynamic Configuration Refactoring 2018-11-14 10:18:03 +01:00			`logger.Error(err)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`}`
			`}`
			`})`
			`}`

acme: Fix race condition in LocalStore during saving. 2020-09-30 13:04:04 +03:00			// unSafeCopyOfStoredData creates maps copy of storedData. Is not thread safe, you should use `s.lock`.
			`func (s LocalStore) unSafeCopyOfStoredData() map[string]StoredData {`
			`result := map[string]*StoredData{}`
			`for k, v := range s.storedData {`
			`result[k] = v`
			`}`
			`return result`
			`}`

Update linter 2020-05-11 12:06:07 +02:00			`// GetAccount returns ACME Account.`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`func (s LocalStore) GetAccount(resolverName string) (Account, error) {`
			`storedData, err := s.get(resolverName)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`if err != nil {`
			`return nil, err`
			`}`

			`return storedData.Account, nil`
			`}`

Update linter 2020-05-11 12:06:07 +02:00			`// SaveAccount stores ACME Account.`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`func (s LocalStore) SaveAccount(resolverName string, account Account) error {`
			`storedData, err := s.get(resolverName)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`if err != nil {`
			`return err`
			`}`

			`storedData.Account = account`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`s.save(resolverName, storedData)`
Create ACME Provider 2018-03-05 20:54:04 +01:00
			`return nil`
			`}`

Update linter 2020-05-11 12:06:07 +02:00			`// GetCertificates returns ACME Certificates list.`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`func (s LocalStore) GetCertificates(resolverName string) ([]CertAndStore, error) {`
			`storedData, err := s.get(resolverName)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`if err != nil {`
			`return nil, err`
			`}`

			`return storedData.Certificates, nil`
			`}`

Update linter 2020-05-11 12:06:07 +02:00			`// SaveCertificates stores ACME Certificates list.`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`func (s LocalStore) SaveCertificates(resolverName string, certificates []CertAndStore) error {`
			`storedData, err := s.get(resolverName)`
Create ACME Provider 2018-03-05 20:54:04 +01:00			`if err != nil {`
			`return err`
			`}`

			`storedData.Certificates = certificates`
Certificate resolvers. Co-authored-by: Julien Salleyron <julien.salleyron@gmail.com> Co-authored-by: Jean-Baptiste Doumenjou <jb.doumenjou@gmail.com> 2019-07-19 11:52:04 +02:00			`s.save(resolverName, storedData)`
Create ACME Provider 2018-03-05 20:54:04 +01:00
			`return nil`
			`}`