diff --git a/apps/emqx_ft/src/emqx_ft_conf.erl b/apps/emqx_ft/src/emqx_ft_conf.erl index 2e994925c..0907ffd09 100644 --- a/apps/emqx_ft/src/emqx_ft_conf.erl +++ b/apps/emqx_ft/src/emqx_ft_conf.erl @@ -34,7 +34,9 @@ %% Load/Unload -export([ load/0, - unload/0 + unload/0, + get/0, + update/1 ]). %% callbacks for emqx_config_handler @@ -43,6 +45,8 @@ post_config_update/5 ]). +-type update_request() :: emqx_config:config(). + -type milliseconds() :: non_neg_integer(). -type seconds() :: non_neg_integer(). @@ -95,49 +99,96 @@ load() -> -spec unload() -> ok. unload() -> - ok = stop(), - emqx_conf:remove_handler([file_transfer]). + ok = emqx_conf:remove_handler([file_transfer]), + maybe_stop(). + +-spec get() -> emqx_config:config(). +get() -> + emqx_config:get([file_transfer]). + +-spec update(emqx_config:config()) -> {ok, emqx_config:update_result()} | {error, term()}. +update(Config) -> + emqx_conf:update([file_transfer], Config, #{override_to => cluster}). %%-------------------------------------------------------------------- %% emqx_config_handler callbacks %%-------------------------------------------------------------------- --spec pre_config_update(list(atom()), emqx_config:update_request(), emqx_config:raw_config()) -> +-spec pre_config_update(list(atom()), update_request(), emqx_config:raw_config()) -> {ok, emqx_config:update_request()} | {error, term()}. -pre_config_update(_, Req, _Config) -> - {ok, Req}. +pre_config_update([file_transfer | _], NewConfig, OldConfig) -> + propagate_config_update( + fun emqx_ft_storage_exporter_s3:pre_config_update/3, + [<<"storage">>, <<"local">>, <<"exporter">>, <<"s3">>], + NewConfig, + OldConfig + ). -spec post_config_update( list(atom()), - emqx_config:update_request(), + update_request(), emqx_config:config(), emqx_config:config(), emqx_config:app_envs() ) -> ok | {ok, Result :: any()} | {error, Reason :: term()}. post_config_update([file_transfer | _], _Req, NewConfig, OldConfig, _AppEnvs) -> - on_config_update(OldConfig, NewConfig). + PropResult = propagate_config_update( + fun emqx_ft_storage_exporter_s3:post_config_update/3, + [storage, local, exporter, s3], + NewConfig, + OldConfig + ), + case PropResult of + ok -> + on_config_update(OldConfig, NewConfig); + {error, Reason} -> + {error, Reason} + end. + +propagate_config_update(Fun, ConfKey, NewConfig, OldConfig) -> + NewSubConf = emqx_utils_maps:deep_get(ConfKey, NewConfig, undefined), + OldSubConf = emqx_utils_maps:deep_get(ConfKey, OldConfig, undefined), + case Fun(ConfKey, NewSubConf, OldSubConf) of + ok -> + ok; + {ok, undefined} -> + {ok, NewConfig}; + {ok, NewSubConfUpdate} -> + {ok, emqx_utils_maps:deep_put(ConfKey, NewConfig, NewSubConfUpdate)}; + {error, Reason} -> + {error, Reason} + end. on_config_update(#{enable := false}, #{enable := false}) -> ok; on_config_update(#{enable := true, storage := OldStorage}, #{enable := false}) -> - ok = emqx_ft_storage:on_config_update(OldStorage, undefined), - ok = emqx_ft:unhook(); + ok = stop(OldStorage); on_config_update(#{enable := false}, #{enable := true, storage := NewStorage}) -> - ok = emqx_ft_storage:on_config_update(undefined, NewStorage), - ok = emqx_ft:hook(); + ok = start(NewStorage); on_config_update(#{enable := true, storage := OldStorage}, #{enable := true, storage := NewStorage}) -> - ok = emqx_ft_storage:on_config_update(OldStorage, NewStorage). + ok = emqx_ft_storage:update_config(OldStorage, NewStorage). maybe_start() -> case emqx_config:get([file_transfer]) of #{enable := true, storage := Storage} -> - ok = emqx_ft_storage:on_config_update(undefined, Storage), - ok = emqx_ft:hook(); + start(Storage); _ -> ok end. -stop() -> +maybe_stop() -> + case emqx_config:get([file_transfer]) of + #{enable := true, storage := Storage} -> + stop(Storage); + _ -> + ok + end. + +start(Storage) -> + ok = emqx_ft_storage:update_config(undefined, Storage), + ok = emqx_ft:hook(). + +stop(Storage) -> ok = emqx_ft:unhook(), - ok = emqx_ft_storage:on_config_update(storage(), undefined). + ok = emqx_ft_storage:update_config(Storage, undefined). diff --git a/apps/emqx_ft/src/emqx_ft_storage.erl b/apps/emqx_ft/src/emqx_ft_storage.erl index e2980c920..2d068466c 100644 --- a/apps/emqx_ft/src/emqx_ft_storage.erl +++ b/apps/emqx_ft/src/emqx_ft_storage.erl @@ -16,6 +16,8 @@ -module(emqx_ft_storage). +-include_lib("emqx/include/types.hrl"). + -export( [ store_filemeta/2, @@ -29,7 +31,7 @@ with_storage_type/3, backend/0, - on_config_update/2 + update_config/2 ] ). @@ -94,10 +96,10 @@ -callback files(storage(), query(Cursor)) -> {ok, page(file_info(), Cursor)} | {error, term()}. --callback start(emqx_config:config()) -> any(). --callback stop(emqx_config:config()) -> any(). +-callback start(storage()) -> any(). +-callback stop(storage()) -> any(). --callback on_config_update(_OldConfig :: emqx_config:config(), _NewConfig :: emqx_config:config()) -> +-callback update_config(_OldConfig :: maybe(storage()), _NewConfig :: maybe(storage())) -> any(). %%-------------------------------------------------------------------- @@ -157,9 +159,9 @@ with_storage_type(Type, Fun, Args) -> backend() -> backend(emqx_ft_conf:storage()). --spec on_config_update(_Old :: emqx_maybe:t(config()), _New :: emqx_maybe:t(config())) -> +-spec update_config(_Old :: emqx_maybe:t(config()), _New :: emqx_maybe:t(config())) -> ok. -on_config_update(ConfigOld, ConfigNew) -> +update_config(ConfigOld, ConfigNew) -> on_backend_update( emqx_maybe:apply(fun backend/1, ConfigOld), emqx_maybe:apply(fun backend/1, ConfigNew) @@ -168,13 +170,13 @@ on_config_update(ConfigOld, ConfigNew) -> on_backend_update({Type, _} = Backend, {Type, _} = Backend) -> ok; on_backend_update({Type, StorageOld}, {Type, StorageNew}) -> - ok = (mod(Type)):on_config_update(StorageOld, StorageNew); + ok = (mod(Type)):update_config(StorageOld, StorageNew); on_backend_update(BackendOld, BackendNew) when (BackendOld =:= undefined orelse is_tuple(BackendOld)) andalso (BackendNew =:= undefined orelse is_tuple(BackendNew)) -> - _ = emqx_maybe:apply(fun on_storage_stop/1, BackendOld), - _ = emqx_maybe:apply(fun on_storage_start/1, BackendNew), + _ = emqx_maybe:apply(fun stop_backend/1, BackendOld), + _ = emqx_maybe:apply(fun start_backend/1, BackendNew), ok. %%-------------------------------------------------------------------- @@ -185,10 +187,10 @@ on_backend_update(BackendOld, BackendNew) when backend(Config) -> emqx_ft_schema:backend(Config). -on_storage_start({Type, Storage}) -> +start_backend({Type, Storage}) -> (mod(Type)):start(Storage). -on_storage_stop({Type, Storage}) -> +stop_backend({Type, Storage}) -> (mod(Type)):stop(Storage). mod(local) -> diff --git a/apps/emqx_ft/src/emqx_ft_storage_exporter.erl b/apps/emqx_ft/src/emqx_ft_storage_exporter.erl index 4c9cac67a..bc1b5fb4d 100644 --- a/apps/emqx_ft/src/emqx_ft_storage_exporter.erl +++ b/apps/emqx_ft/src/emqx_ft_storage_exporter.erl @@ -31,7 +31,7 @@ -export([list/2]). %% Lifecycle API --export([on_config_update/2]). +-export([update_config/2]). %% Internal API -export([exporter/1]). @@ -81,7 +81,7 @@ -callback stop(exporter_conf()) -> ok. --callback update(exporter_conf(), exporter_conf()) -> +-callback update_config(exporter_conf(), exporter_conf()) -> ok | {error, _Reason}. %%------------------------------------------------------------------------------ @@ -148,8 +148,8 @@ list(Storage, Query) -> %% Lifecycle --spec on_config_update(storage(), storage()) -> ok | {error, term()}. -on_config_update(StorageOld, StorageNew) -> +-spec update_config(storage(), storage()) -> ok | {error, term()}. +update_config(StorageOld, StorageNew) -> on_exporter_update( emqx_maybe:apply(fun exporter/1, StorageOld), emqx_maybe:apply(fun exporter/1, StorageNew) @@ -158,7 +158,7 @@ on_config_update(StorageOld, StorageNew) -> on_exporter_update(Config, Config) -> ok; on_exporter_update({ExporterMod, ConfigOld}, {ExporterMod, ConfigNew}) -> - ExporterMod:update(ConfigOld, ConfigNew); + ExporterMod:update_config(ConfigOld, ConfigNew); on_exporter_update(ExporterOld, ExporterNew) -> _ = emqx_maybe:apply(fun stop/1, ExporterOld), _ = emqx_maybe:apply(fun start/1, ExporterNew), diff --git a/apps/emqx_ft/src/emqx_ft_storage_exporter_fs.erl b/apps/emqx_ft/src/emqx_ft_storage_exporter_fs.erl index e37ba25af..9f2e5fd58 100644 --- a/apps/emqx_ft/src/emqx_ft_storage_exporter_fs.erl +++ b/apps/emqx_ft/src/emqx_ft_storage_exporter_fs.erl @@ -31,7 +31,7 @@ -export([ start/1, stop/1, - update/2 + update_config/2 ]). %% Internal API for RPC @@ -161,8 +161,8 @@ start(_Options) -> ok. -spec stop(options()) -> ok. stop(_Options) -> ok. --spec update(options(), options()) -> ok. -update(_OldOptions, _NewOptions) -> ok. +-spec update_config(options(), options()) -> ok. +update_config(_OldOptions, _NewOptions) -> ok. %%-------------------------------------------------------------------- %% Internal API diff --git a/apps/emqx_ft/src/emqx_ft_storage_exporter_s3.erl b/apps/emqx_ft/src/emqx_ft_storage_exporter_s3.erl index 4db2255f6..ac06ab957 100644 --- a/apps/emqx_ft/src/emqx_ft_storage_exporter_s3.erl +++ b/apps/emqx_ft/src/emqx_ft_storage_exporter_s3.erl @@ -28,7 +28,12 @@ -export([ start/1, stop/1, - update/2 + update_config/2 +]). + +-export([ + pre_config_update/3, + post_config_update/3 ]). -type options() :: emqx_s3:profile_config(). @@ -112,12 +117,22 @@ start(Options) -> -spec stop(options()) -> ok. stop(_Options) -> - ok = emqx_s3:stop_profile(?S3_PROFILE_ID). + emqx_s3:stop_profile(?S3_PROFILE_ID). --spec update(options(), options()) -> ok. -update(_OldOptions, NewOptions) -> +-spec update_config(options(), options()) -> ok. +update_config(_OldOptions, NewOptions) -> emqx_s3:update_profile(?S3_PROFILE_ID, NewOptions). +%%-------------------------------------------------------------------- +%% Config update hooks +%%-------------------------------------------------------------------- + +pre_config_update(_ConfKey, NewOptions, OldOptions) -> + emqx_s3:pre_config_update(?S3_PROFILE_ID, NewOptions, OldOptions). + +post_config_update(_ConfKey, NewOptions, OldOptions) -> + emqx_s3:post_config_update(?S3_PROFILE_ID, NewOptions, OldOptions). + %%-------------------------------------------------------------------- %% Internal functions %% ------------------------------------------------------------------- diff --git a/apps/emqx_ft/src/emqx_ft_storage_fs.erl b/apps/emqx_ft/src/emqx_ft_storage_fs.erl index 85aa08405..1fd4d3a5d 100644 --- a/apps/emqx_ft/src/emqx_ft_storage_fs.erl +++ b/apps/emqx_ft/src/emqx_ft_storage_fs.erl @@ -48,9 +48,9 @@ -export([files/2]). --export([on_config_update/2]). -export([start/1]). -export([stop/1]). +-export([update_config/2]). -export_type([storage/0]). -export_type([filefrag/1]). @@ -230,10 +230,10 @@ files(Storage, Query) -> %% -on_config_update(StorageOld, StorageNew) -> +update_config(StorageOld, StorageNew) -> % NOTE: this will reset GC timer, frequent changes would postpone GC indefinitely ok = emqx_ft_storage_fs_gc:reset(StorageNew), - emqx_ft_storage_exporter:on_config_update(StorageOld, StorageNew). + emqx_ft_storage_exporter:update_config(StorageOld, StorageNew). start(Storage) -> ok = lists:foreach( @@ -242,11 +242,11 @@ start(Storage) -> end, child_spec(Storage) ), - ok = emqx_ft_storage_exporter:on_config_update(undefined, Storage), + ok = emqx_ft_storage_exporter:update_config(undefined, Storage), ok. stop(Storage) -> - ok = emqx_ft_storage_exporter:on_config_update(Storage, undefined), + ok = emqx_ft_storage_exporter:update_config(Storage, undefined), ok = lists:foreach( fun(#{id := ChildId}) -> _ = supervisor:terminate_child(emqx_ft_sup, ChildId), diff --git a/apps/emqx_ft/test/emqx_ft_conf_SUITE.erl b/apps/emqx_ft/test/emqx_ft_conf_SUITE.erl index bc0adf416..f61283eae 100644 --- a/apps/emqx_ft/test/emqx_ft_conf_SUITE.erl +++ b/apps/emqx_ft/test/emqx_ft_conf_SUITE.erl @@ -53,16 +53,13 @@ end_per_testcase(_Case, Config) -> t_update_config(_Config) -> ?assertMatch( {error, #{kind := validation_error}}, - emqx_conf:update( - [file_transfer], - #{<<"storage">> => #{<<"unknown">> => #{<<"foo">> => 42}}}, - #{} + emqx_ft_conf:update( + #{<<"storage">> => #{<<"unknown">> => #{<<"foo">> => 42}}} ) ), ?assertMatch( {ok, _}, - emqx_conf:update( - [file_transfer], + emqx_ft_conf:update( #{ <<"enable">> => true, <<"storage">> => #{ @@ -81,8 +78,7 @@ t_update_config(_Config) -> } } } - }, - #{} + } ) ), ?assertEqual( @@ -101,13 +97,8 @@ t_update_config(_Config) -> t_disable_restore_config(Config) -> ?assertMatch( {ok, _}, - emqx_conf:update( - [file_transfer], - #{ - <<"enable">> => true, - <<"storage">> => #{<<"local">> => #{}} - }, - #{} + emqx_ft_conf:update( + #{<<"enable">> => true, <<"storage">> => #{<<"local">> => #{}}} ) ), ?assertEqual( @@ -119,11 +110,7 @@ t_disable_restore_config(Config) -> % Verify that clearing storage settings reverts config to defaults ?assertMatch( {ok, _}, - emqx_conf:update( - [file_transfer], - #{<<"enable">> => false, <<"storage">> => undefined}, - #{} - ) + emqx_ft_conf:update(#{<<"enable">> => false, <<"storage">> => undefined}) ), ?assertEqual( false, @@ -155,8 +142,7 @@ t_disable_restore_config(Config) -> Root = emqx_ft_test_helpers:root(Config, node(), [segments]), ?assertMatch( {ok, _}, - emqx_conf:update( - [file_transfer], + emqx_ft_conf:update( #{ <<"enable">> => true, <<"storage">> => #{ @@ -167,8 +153,7 @@ t_disable_restore_config(Config) -> } } } - }, - #{} + } ) ), % Verify that GC is getting triggered eventually @@ -192,11 +177,7 @@ t_disable_restore_config(Config) -> t_switch_exporter(_Config) -> ?assertMatch( {ok, _}, - emqx_conf:update( - [file_transfer], - #{<<"enable">> => true}, - #{} - ) + emqx_ft_conf:update(#{<<"enable">> => true}) ), ?assertMatch( #{local := #{exporter := #{local := _}}}, @@ -248,5 +229,96 @@ t_switch_exporter(_Config) -> % Verify that transfers work ok = emqx_ft_test_helpers:upload_file(gen_clientid(), <<"f1">>, "f1", <>). +t_persist_ssl_certfiles(Config) -> + ?assertMatch( + {ok, _}, + emqx_ft_conf:update(mk_storage(true)) + ), + ?assertEqual( + [], + list_ssl_certfiles(Config) + ), + S3Config = #{ + <<"bucket">> => <<"emqx">>, + <<"host">> => <<"https://localhost">>, + <<"port">> => 9000 + }, + ?assertMatch( + {error, {pre_config_update, _, {bad_ssl_config, #{}}}}, + emqx_ft_conf:update( + mk_storage(true, #{ + <<"s3">> => S3Config#{ + <<"transport_options">> => #{ + <<"ssl">> => #{ + <<"certfile">> => <<"cert.pem">>, + <<"keyfile">> => <<"key.pem">> + } + } + } + }) + ) + ), + ?assertMatch( + {ok, _}, + emqx_ft_conf:update( + mk_storage(false, #{ + <<"s3">> => S3Config#{ + <<"transport_options">> => #{ + <<"ssl">> => #{ + <<"certfile">> => emqx_ft_test_helpers:pem_privkey(), + <<"keyfile">> => emqx_ft_test_helpers:pem_privkey() + } + } + } + }) + ) + ), + ?assertMatch( + #{ + local := #{ + exporter := #{ + s3 := #{ + transport_options := #{ + ssl := #{ + certfile := <<"/", _CertFilepath/binary>>, + keyfile := <<"/", _KeyFilepath/binary>> + } + } + } + } + } + }, + emqx_ft_conf:storage() + ), + ?assertMatch( + [_Certfile, _Keyfile], + list_ssl_certfiles(Config) + ), + ?assertMatch( + {ok, _}, + emqx_ft_conf:update(mk_storage(true)) + ), + ?assertEqual( + [], + list_ssl_certfiles(Config) + ). + +mk_storage(Enabled) -> + mk_storage(Enabled, #{<<"local">> => #{}}). + +mk_storage(Enabled, Exporter) -> + #{ + <<"enable">> => Enabled, + <<"storage">> => #{ + <<"local">> => #{ + <<"exporter">> => Exporter + } + } + }. + gen_clientid() -> emqx_base62:encode(emqx_guid:gen()). + +list_ssl_certfiles(_Config) -> + CertDir = emqx:mutable_certs_dir(), + filelib:fold_files(CertDir, ".*", true, fun(Filepath, Acc) -> [Filepath | Acc] end, []). diff --git a/apps/emqx_ft/test/emqx_ft_test_helpers.erl b/apps/emqx_ft/test/emqx_ft_test_helpers.erl index fbb3e7d6f..7a7d86d9a 100644 --- a/apps/emqx_ft/test/emqx_ft_test_helpers.erl +++ b/apps/emqx_ft/test/emqx_ft_test_helpers.erl @@ -136,3 +136,13 @@ upload_file(ClientId, FileId, Name, Data, Node) -> aws_config() -> emqx_s3_test_helpers:aws_config(tcp, binary_to_list(?S3_HOST), ?S3_PORT). + +pem_privkey() -> + << + "\n" + "-----BEGIN EC PRIVATE KEY-----\n" + "MHQCAQEEICKTbbathzvD8zvgjL7qRHhW4alS0+j0Loo7WeYX9AxaoAcGBSuBBAAK\n" + "oUQDQgAEJBdF7MIdam5T4YF3JkEyaPKdG64TVWCHwr/plC0QzNVJ67efXwxlVGTo\n" + "ju0VBj6tOX1y6C0U+85VOM0UU5xqvw==\n" + "-----END EC PRIVATE KEY-----\n" + >>. diff --git a/apps/emqx_s3/src/emqx_s3.erl b/apps/emqx_s3/src/emqx_s3.erl index cc48cdb93..3fa3c4b71 100644 --- a/apps/emqx_s3/src/emqx_s3.erl +++ b/apps/emqx_s3/src/emqx_s3.erl @@ -14,6 +14,11 @@ with_client/2 ]). +-export([ + pre_config_update/3, + post_config_update/3 +]). + -export_type([ profile_id/0, profile_config/0, @@ -94,3 +99,35 @@ with_client(ProfileId, Fun) when is_function(Fun, 1) andalso ?IS_PROFILE_ID(Prof {error, _} = Error -> Error end. + +%% + +-spec pre_config_update( + profile_id(), maybe(emqx_config:raw_config()), maybe(emqx_config:raw_config()) +) -> + {ok, maybe(profile_config())} | {error, term()}. +pre_config_update(ProfileId, NewConfig = #{<<"transport_options">> := TransportOpts}, _OldConfig) -> + case emqx_connector_ssl:convert_certs(mk_certs_dir(ProfileId), TransportOpts) of + {ok, TransportOptsConv} -> + {ok, NewConfig#{<<"transport_options">> := TransportOptsConv}}; + {error, Reason} -> + {error, Reason} + end; +pre_config_update(_ProfileId, NewConfig, _OldConfig) -> + {ok, NewConfig}. + +-spec post_config_update( + profile_id(), + maybe(emqx_config:config()), + maybe(emqx_config:config()) +) -> + ok. +post_config_update(ProfileId, NewConfig, OldConfig) -> + emqx_connector_ssl:try_clear_certs( + mk_certs_dir(ProfileId), + maps:get(transport_options, emqx_maybe:define(NewConfig, #{}), undefined), + maps:get(transport_options, emqx_maybe:define(OldConfig, #{}), undefined) + ). + +mk_certs_dir(ProfileId) -> + filename:join([s3, profiles, ProfileId]).