From 40188c140b9362a2eb4679260c33acd48301fe41 Mon Sep 17 00:00:00 2001 From: JimMoen Date: Thu, 12 May 2022 16:02:51 +0800 Subject: [PATCH 1/2] fix(exhook): show file paths for SSL certs in dashboard --- apps/emqx_exhook/src/emqx_exhook_api.erl | 7 +++++- apps/emqx_exhook/src/emqx_exhook_mgr.erl | 32 +++++++++++++++++++++--- 2 files changed, 34 insertions(+), 5 deletions(-) diff --git a/apps/emqx_exhook/src/emqx_exhook_api.erl b/apps/emqx_exhook/src/emqx_exhook_api.erl index f9ae46dc2..2ae99e3ca 100644 --- a/apps/emqx_exhook/src/emqx_exhook_api.erl +++ b/apps/emqx_exhook/src/emqx_exhook_api.erl @@ -471,11 +471,16 @@ call_cluster(Fun) -> get_raw_config() -> RawConfig = emqx:get_raw_config([exhook, servers], []), Schema = #{roots => emqx_exhook_schema:fields(exhook), fields => #{}}, - Conf = #{<<"servers">> => RawConfig}, + Conf = #{<<"servers">> => lists:map(fun drop_invalid_certs/1, RawConfig)}, Options = #{only_fill_defaults => true}, #{<<"servers">> := Servers} = hocon_tconf:check_plain(Schema, Conf, Options), Servers. +drop_invalid_certs(#{<<"ssl">> := SSL} = Conf) when SSL =/= undefined -> + Conf#{<<"ssl">> => emqx_tls_lib:drop_invalid_certs(SSL)}; +drop_invalid_certs(Conf) -> + Conf. + position_example() -> #{ front => diff --git a/apps/emqx_exhook/src/emqx_exhook_mgr.erl b/apps/emqx_exhook/src/emqx_exhook_mgr.erl index 90a702afe..3eddf3da9 100644 --- a/apps/emqx_exhook/src/emqx_exhook_mgr.erl +++ b/apps/emqx_exhook/src/emqx_exhook_mgr.erl @@ -149,13 +149,16 @@ update_config(KeyPath, UpdateReq) -> pre_config_update(_, {add, #{<<"name">> := Name} = Conf}, OldConf) -> case lists:any(fun(#{<<"name">> := ExistedName}) -> ExistedName =:= Name end, OldConf) of - true -> throw(already_exists); - false -> {ok, OldConf ++ [Conf]} + true -> + throw(already_exists); + false -> + NConf = maybe_write_certs(Conf), + {ok, OldConf ++ [NConf]} end; pre_config_update(_, {update, Name, Conf}, OldConf) -> case replace_conf(Name, fun(_) -> Conf end, OldConf) of not_found -> throw(not_found); - NewConf -> {ok, NewConf} + NewConf -> {ok, lists:map(fun maybe_write_certs/1, NewConf)} end; pre_config_update(_, {delete, ToDelete}, OldConf) -> case do_delete(ToDelete, OldConf) of @@ -176,7 +179,7 @@ pre_config_update(_, {enable, Name, Enable}, OldConf) -> ) of not_found -> throw(not_found); - NewConf -> {ok, NewConf} + NewConf -> {ok, lists:map(fun maybe_write_certs/1, NewConf)} end. post_config_update(_KeyPath, UpdateReq, NewConf, _OldConf, _AppEnvs) -> @@ -574,3 +577,24 @@ hooks(Name) -> Service -> emqx_exhook_server:hooks(Service) end. + +maybe_write_certs(#{<<"name">> := Name} = Conf) -> + case + emqx_tls_lib:ensure_ssl_files( + ssl_file_path(Name), maps:get(<<"ssl">>, Conf, undefined) + ) + of + {ok, SSL} -> + new_ssl_source(Conf, SSL); + {error, Reason} -> + ?SLOG(error, Reason#{msg => "bad_ssl_config"}), + throw({bad_ssl_config, Reason}) + end. + +ssl_file_path(Name) -> + filename:join(["exhook", Name]). + +new_ssl_source(Source, undefined) -> + Source; +new_ssl_source(Source, SSL) -> + Source#{<<"ssl">> => SSL}. From f25dd4b571cc391a8fd0735c0699ef2a908cf28c Mon Sep 17 00:00:00 2001 From: JimMoen Date: Thu, 12 May 2022 19:18:18 +0800 Subject: [PATCH 2/2] fix(exhook): use `lists:filter/2` to delete exhook server conf --- apps/emqx_exhook/src/emqx_exhook_mgr.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/emqx_exhook/src/emqx_exhook_mgr.erl b/apps/emqx_exhook/src/emqx_exhook_mgr.erl index 3eddf3da9..ceb5f59e2 100644 --- a/apps/emqx_exhook/src/emqx_exhook_mgr.erl +++ b/apps/emqx_exhook/src/emqx_exhook_mgr.erl @@ -430,8 +430,8 @@ move_to([], _Position, _Server, _HeadL) -> do_delete(ToDelete, OldConf) -> case lists:any(fun(#{<<"name">> := ExistedName}) -> ExistedName =:= ToDelete end, OldConf) of true -> - lists:dropwhile( - fun(#{<<"name">> := Name}) -> Name =:= ToDelete end, + lists:filter( + fun(#{<<"name">> := Name}) -> Name =/= ToDelete end, OldConf ); false ->