fixed #452 - native MySQL and Postgres support

Cargo.lock

@@ -782,6 +782,12 @@ dependencies = [
  "tracing-subscriber",
 ]
 
+[[package]]
+name = "const-oid"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e4c78c047431fee22c1a7bb92e00ad095a02a983affe4d8a72e2a2c62c1b94f3"
+
 [[package]]
 name = "constant_time_eq"
 version = "0.2.1"
@@ -891,6 +897,16 @@ dependencies = [
  "lazy_static",
 ]
 
+[[package]]
+name = "crypto-bigint"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03c6a1d5fa1de37e071642dfa44ec552ca5b299adb128fab16138e24b548fd21"
+dependencies = [
+ "generic-array",
+ "subtle",
+]
+
 [[package]]
 name = "crypto-common"
 version = "0.1.6"
@@ -996,6 +1012,17 @@ dependencies = [
  "syn",
 ]
 
+[[package]]
+name = "der"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6919815d73839e7ad218de758883aae3a257ba6759ce7a9992501efbb53d705c"
+dependencies = [
+ "const-oid",
+ "crypto-bigint",
+ "pem-rfc7468",
+]
+
 [[package]]
 name = "derive_more"
 version = "0.99.17"
@@ -1064,6 +1091,15 @@ dependencies = [
  "dirs-sys",
 ]
 
+[[package]]
+name = "dirs"
+version = "4.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca3aa72a6f96ea37bbc5aa912f6788242832f75369bdfdadcb0e38423f100059"
+dependencies = [
+ "dirs-sys",
+]
+
 [[package]]
 name = "dirs-sys"
 version = "0.3.7"
@@ -1878,6 +1914,9 @@ name = "lazy_static"
 version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+dependencies = [
+ "spin 0.5.2",
+]
 
 [[package]]
 name = "lazycell"
@@ -1974,6 +2013,12 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "libm"
+version = "0.2.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "292a948cd991e376cf75541fe5b97a1081d713c618b4f1b9500f8844e49eb565"
+
 [[package]]
 name = "libsqlite3-sys"
 version = "0.24.2"
@@ -2241,6 +2286,23 @@ dependencies = [
  "rand 0.8.5",
 ]
 
+[[package]]
+name = "num-bigint-dig"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "566d173b2f9406afbc5510a90925d5a2cd80cae4605631f1212303df265de011"
+dependencies = [
+ "byteorder",
+ "lazy_static",
+ "libm",
+ "num-integer",
+ "num-iter",
+ "num-traits",
+ "rand 0.8.5",
+ "smallvec",
+ "zeroize",
+]
+
 [[package]]
 name = "num-integer"
 version = "0.1.44"
@@ -2251,6 +2313,17 @@ dependencies = [
  "num-traits",
 ]
 
+[[package]]
+name = "num-iter"
+version = "0.1.43"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252"
+dependencies = [
+ "autocfg",
+ "num-integer",
+ "num-traits",
+]
+
 [[package]]
 name = "num-traits"
 version = "0.2.14"
@@ -2258,6 +2331,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290"
 dependencies = [
  "autocfg",
+ "libm",
 ]
 
 [[package]]
@@ -2574,6 +2648,15 @@ dependencies = [
  "base64 0.13.0",
 ]
 
+[[package]]
+name = "pem-rfc7468"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "01de5d978f34aa4b2296576379fcc416034702fd94117c56ffd8a1a767cefb30"
+dependencies = [
+ "base64ct",
+]
+
 [[package]]
 name = "percent-encoding"
 version = "2.1.0"
@@ -2630,6 +2713,28 @@ version = "0.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
 
+[[package]]
+name = "pkcs1"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a78f66c04ccc83dd4486fd46c33896f4e17b24a7a3a6400dedc48ed0ddd72320"
+dependencies = [
+ "der",
+ "pkcs8",
+ "zeroize",
+]
+
+[[package]]
+name = "pkcs8"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7cabda3fb821068a9a4fab19a683eac3af12edf0f34b94a8be53c4972b8149d0"
+dependencies = [
+ "der",
+ "spki",
+ "zeroize",
+]
+
 [[package]]
 name = "pkg-config"
 version = "0.3.25"
@@ -3127,6 +3232,26 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "rsa"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4cf22754c49613d2b3b119f0e5d46e34a2c628a937e3024b8762de4e7d8c710b"
+dependencies = [
+ "byteorder",
+ "digest 0.10.5",
+ "num-bigint-dig",
+ "num-integer",
+ "num-iter",
+ "num-traits",
+ "pkcs1",
+ "pkcs8",
+ "rand_core 0.6.3",
+ "smallvec",
+ "subtle",
+ "zeroize",
+]
+
 [[package]]
 name = "russh"
 version = "0.34.0-beta.16"
@@ -3185,7 +3310,7 @@ dependencies = [
  "cbc",
  "ctr",
  "data-encoding",
- "dirs",
+ "dirs 3.0.2",
  "ed25519-dalek",
  "futures",
  "hmac",
@@ -3755,6 +3880,16 @@ dependencies = [
  "lock_api",
 ]
 
+[[package]]
+name = "spki"
+version = "0.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "44d01ac02a6ccf3e07db148d2be087da624fea0221a16152ed01f0496a6b0a27"
+dependencies = [
+ "base64ct",
+ "der",
+]
+
 [[package]]
 name = "sqlformat"
 version = "0.1.8"
@@ -3784,12 +3919,15 @@ checksum = "6b69bf218860335ddda60d6ce85ee39f6cf6e5630e300e19757d1de15886a093"
 dependencies = [
  "ahash",
  "atoi",
+ "base64 0.13.0",
  "bitflags",
  "byteorder",
  "bytes 1.2.1",
  "chrono",
  "crc",
  "crossbeam-queue",
+ "digest 0.10.5",
+ "dirs 4.0.0",
  "either",
  "event-listener",
  "flume",
@@ -3798,19 +3936,27 @@ dependencies = [
  "futures-executor",
  "futures-intrusive",
  "futures-util",
+ "generic-array",
  "hashlink",
  "hex",
+ "hkdf",
+ "hmac",
  "indexmap",
  "itoa",
  "libc",
  "libsqlite3-sys",
  "log",
+ "md-5",
  "memchr",
+ "num-bigint",
  "once_cell",
  "paste",
  "percent-encoding",
+ "rand 0.8.5",
+ "rsa",
  "serde",
  "serde_json",
+ "sha-1",
  "sha2 0.10.2",
  "smallvec",
  "sqlformat",
@@ -3820,6 +3966,7 @@ dependencies = [
  "tokio-stream",
  "url",
  "uuid",
+ "whoami",
 ]
 
 [[package]]
@@ -4969,6 +5116,17 @@ dependencies = [
  "cc",
 ]
 
+[[package]]
+name = "whoami"
+version = "1.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d6631b6a2fd59b1841b622e8f1a7ad241ef0a46f2d580464ce8140ac94cbd571"
+dependencies = [
+ "bumpalo",
+ "wasm-bindgen",
+ "web-sys",
+]
+
 [[package]]
 name = "winapi"
 version = "0.3.9"

docker/Dockerfile

@@ -16,7 +16,7 @@ RUN cd /opt/warpgate \
     && just yarn \
     && just openapi \
     && just yarn build \
-    && cargo build --release
+    && cargo build --features mysql,postgres --release
 
 FROM debian:bullseye-20221024
 LABEL maintainer=heywoodlh

justfile

@@ -1,7 +1,7 @@
 projects := "warpgate warpgate-admin warpgate-common warpgate-db-entities warpgate-db-migrations warpgate-database-protocols warpgate-protocol-ssh warpgate-protocol-mysql warpgate-protocol-http warpgate-core warpgate-sso"
 
 run *ARGS:
-    RUST_BACKTRACE=1 RUST_LOG=warpgate cd warpgate && cargo run -- --config ../config.yaml {{ARGS}}
+    RUST_BACKTRACE=1 RUST_LOG=warpgate cargo run -- --config config.yaml {{ARGS}}
 
 fmt:
     for p in {{projects}}; do cargo fmt -p $p -v; done

warpgate-admin/Cargo.toml

@@ -27,7 +27,6 @@ poem-openapi = { version = "^2.0.10", features = [
 russh-keys = { version = "0.22.0-beta.4", features = ["openssl"] }
 rust-embed = "6.3"
 sea-orm = { version = "^0.9", features = [
-    "sqlx-sqlite",
     "runtime-tokio-native-tls",
     "macros",
 ], default-features = false }

warpgate-common/Cargo.toml

@@ -28,7 +28,6 @@ rand = "0.8"
 rand_chacha = "0.3"
 rand_core = { version = "0.6", features = ["std"] }
 sea-orm = { version = "^0.9", features = [
-    "sqlx-sqlite",
     "runtime-tokio-native-tls",
     "macros",
 ], default-features = false }

warpgate-core/Cargo.toml

@@ -32,7 +32,6 @@ rand = "0.8"
 rand_chacha = "0.3"
 rand_core = { version = "0.6", features = ["std"] }
 sea-orm = { version = "^0.9", features = [
-    "sqlx-sqlite",
     "runtime-tokio-native-tls",
     "macros",
 ], default-features = false }
@@ -50,3 +49,8 @@ warpgate-sso = { version = "*", path = "../warpgate-sso" }
 rustls = { version = "0.20", features = ["dangerous_configuration"] }
 rustls-pemfile = "1.0"
 webpki = "0.22"
+
+[features]
+postgres = ["sea-orm/sqlx-postgres"]
+mysql = ["sea-orm/sqlx-mysql"]
+sqlite = ["sea-orm/sqlx-sqlite"]

warpgate-core/src/db/mod.rs

@@ -44,7 +44,6 @@ pub async fn connect_to_db(config: &WarpgateConfig) -> Result<DatabaseConnection
 
         let db = Database::connect(ConnectOptions::new(url.to_string())).await?;
         db.begin().await?.commit().await?;
-        drop(db);
 
         secure_file(&abs_path)?;
     }

warpgate-db-entities/Cargo.toml

@@ -5,10 +5,15 @@ name = "warpgate-db-entities"
 version = "0.6.4"
 
 [dependencies]
-chrono = {version = "0.4", features = ["serde"]}
-poem-openapi = {version = "^2.0.10", features = ["chrono", "uuid"]}
-sea-orm = {version = "^0.9", features = ["macros", "with-chrono", "with-uuid", "with-json"], default-features = false}
+chrono = { version = "0.4", features = ["serde"] }
+poem-openapi = { version = "^2.0.10", features = ["chrono", "uuid"] }
+sea-orm = { version = "^0.9", features = [
+    "macros",
+    "with-chrono",
+    "with-uuid",
+    "with-json",
+], default-features = false }
 serde = "1.0"
 serde_json = "1.0"
-uuid = {version = "1.0", features = ["v4", "serde"]}
+uuid = { version = "1.0", features = ["v4", "serde"] }
 warpgate-common = { version = "*", path = "../warpgate-common" }

warpgate-db-entities/src/TargetRoleAssignment.rs

@@ -7,7 +7,7 @@ use uuid::Uuid;
 #[sea_orm(table_name = "target_roles")]
 #[oai(rename = "TargetRoleAssignment")]
 pub struct Model {
-    #[sea_orm(primary_key, auto_increment = false)]
+    #[sea_orm(primary_key, auto_increment = true)]
     pub id: u32,
     pub target_id: Uuid,
     pub role_id: Uuid,

warpgate-db-entities/src/UserRoleAssignment.rs

@@ -7,7 +7,7 @@ use uuid::Uuid;
 #[sea_orm(table_name = "user_roles")]
 #[oai(rename = "UserRoleAssignment")]
 pub struct Model {
-    #[sea_orm(primary_key, auto_increment = false)]
+    #[sea_orm(primary_key, auto_increment = true)]
     pub id: u32,
     pub user_id: Uuid,
     pub role_id: Uuid,

warpgate-db-migrations/Cargo.toml

@@ -10,7 +10,13 @@ version = "0.6.4"
 [dependencies]
 async-std = "^1.11"
 chrono = "0.4"
-sea-orm = {version = "^0.9", features = ["sqlx-sqlite", "runtime-tokio-native-tls", "macros", "with-chrono", "with-uuid", "with-json"], default-features = false}
-sea-orm-migration = {version = "^0.9", default-features = false}
-uuid = {version = "1.0", features = ["v4", "serde"]}
+sea-orm = { version = "^0.9", features = [
+    "runtime-tokio-native-tls",
+    "macros",
+    "with-chrono",
+    "with-uuid",
+    "with-json",
+], default-features = false }
+sea-orm-migration = { version = "^0.9", default-features = false }
+uuid = { version = "1.0", features = ["v4", "serde"] }
 serde_json = "1.0"

warpgate-db-migrations/src/m00007_targets_and_roles.rs

@@ -78,7 +78,7 @@ mod target_role_assignment {
     #[derive(Clone, Debug, PartialEq, Eq, DeriveEntityModel)]
     #[sea_orm(table_name = "target_roles")]
     pub struct Model {
-        #[sea_orm(primary_key, auto_increment = false)]
+        #[sea_orm(primary_key, auto_increment = true)]
         pub id: u32,
         pub target_id: Uuid,
         pub role_id: Uuid,

warpgate-db-migrations/src/m00008_users.rs

@@ -38,7 +38,7 @@ mod user_role_assignment {
     #[derive(Clone, Debug, PartialEq, Eq, DeriveEntityModel)]
     #[sea_orm(table_name = "user_roles")]
     pub struct Model {
-        #[sea_orm(primary_key, auto_increment = false)]
+        #[sea_orm(primary_key, auto_increment = true)]
         pub id: u32,
         pub user_id: Uuid,
         pub role_id: Uuid,

warpgate-protocol-http/Cargo.toml

@@ -7,27 +7,35 @@ version = "0.6.4"
 [dependencies]
 anyhow = "1.0"
 async-trait = "0.1"
-chrono = {version = "0.4", features = ["serde"]}
+chrono = { version = "0.4", features = ["serde"] }
 cookie = "0.16"
 data-encoding = "2.3"
 delegate = "0.6"
 futures = "0.3"
 http = "0.2"
 lazy_static = "1.4"
-poem = {version = "^1.3.42", features = ["cookie", "session", "anyhow", "rustls", "websocket", "sse", "embed"]}
-poem-openapi = {version = "^2.0.10", features = ["swagger-ui"]}
-reqwest = {version = "0.11", features = ["rustls-tls-native-roots", "stream"]}
+poem = { version = "^1.3.42", features = [
+    "cookie",
+    "session",
+    "anyhow",
+    "rustls",
+    "websocket",
+    "sse",
+    "embed",
+] }
+poem-openapi = { version = "^2.0.10", features = ["swagger-ui"] }
+reqwest = { version = "0.11", features = ["rustls-tls-native-roots", "stream"] }
 serde = "1.0"
 serde_json = "1.0"
-tokio = {version = "1.20", features = ["tracing", "signal"]}
-tokio-tungstenite = {version = "0.17", features = ["rustls-tls-native-roots"]}
+tokio = { version = "1.20", features = ["tracing", "signal"] }
+tokio-tungstenite = { version = "0.17", features = ["rustls-tls-native-roots"] }
 tracing = "0.1"
-warpgate-admin = {version = "*", path = "../warpgate-admin"}
-warpgate-common = {version = "*", path = "../warpgate-common"}
-warpgate-core = {version = "*", path = "../warpgate-core"}
-warpgate-db-entities = {version = "*", path = "../warpgate-db-entities"}
-warpgate-web = {version = "*", path = "../warpgate-web"}
-warpgate-sso = {version = "*", path = "../warpgate-sso"}
+warpgate-admin = { version = "*", path = "../warpgate-admin" }
+warpgate-common = { version = "*", path = "../warpgate-common" }
+warpgate-core = { version = "*", path = "../warpgate-core" }
+warpgate-db-entities = { version = "*", path = "../warpgate-db-entities" }
+warpgate-web = { version = "*", path = "../warpgate-web" }
+warpgate-sso = { version = "*", path = "../warpgate-sso" }
 percent-encoding = "2.1"
-uuid = {version = "1.0", features = ["v4"]}
+uuid = { version = "1.0", features = ["v4"] }
 regex = "1.6"

warpgate/Cargo.toml

@@ -6,40 +6,47 @@ version = "0.6.4"
 
 [dependencies]
 ansi_term = "0.12"
-anyhow = {version = "1.0", features = ["backtrace"]}
+anyhow = { version = "1.0", features = ["backtrace"] }
 async-trait = "0.1"
 atty = "0.2"
 bytes = "1.2"
-clap = {version = "3.2", features = ["derive"]}
-config = {version = "0.13", features = ["yaml"], default_features = false}
-console = {version = "0.15", default_features = false}
-console-subscriber = {version = "0.1", optional = true}
+clap = { version = "3.2", features = ["derive"] }
+config = { version = "0.13", features = ["yaml"], default_features = false }
+console = { version = "0.15", default_features = false }
+console-subscriber = { version = "0.1", optional = true }
 data-encoding = "2.3"
-dhat = {version = "0.3", optional = true}
+dhat = { version = "0.3", optional = true }
 dialoguer = "0.10"
 futures = "0.3"
 notify = "^5.0.0"
-rcgen = {version = "0.10", features = ["zeroize"]}
+rcgen = { version = "0.10", features = ["zeroize"] }
 serde_json = "1.0"
 serde_yaml = "0.8.23"
 sea-orm = { version = "^0.9", default-features = false }
 time = "0.3"
-tokio = {version = "1.20", features = ["tracing", "signal", "macros"]}
+tokio = { version = "1.20", features = ["tracing", "signal", "macros"] }
 tracing = "0.1"
-tracing-subscriber = {version = "0.3", features = ["env-filter", "local-time"]}
+tracing-subscriber = { version = "0.3", features = [
+    "env-filter",
+    "local-time",
+] }
 uuid = "1.0"
-warpgate-admin = {version = "*", path = "../warpgate-admin"}
-warpgate-common = {version = "*", path = "../warpgate-common"}
-warpgate-core = {version = "*", path = "../warpgate-core"}
-warpgate-db-entities = {version = "*", path = "../warpgate-db-entities"}
-warpgate-protocol-http = {version = "*", path = "../warpgate-protocol-http"}
-warpgate-protocol-mysql = {version = "*", path = "../warpgate-protocol-mysql"}
-warpgate-protocol-ssh = {version = "*", path = "../warpgate-protocol-ssh"}
+warpgate-admin = { version = "*", path = "../warpgate-admin" }
+warpgate-common = { version = "*", path = "../warpgate-common" }
+warpgate-core = { version = "*", path = "../warpgate-core" }
+warpgate-db-entities = { version = "*", path = "../warpgate-db-entities" }
+warpgate-protocol-http = { version = "*", path = "../warpgate-protocol-http" }
+warpgate-protocol-mysql = { version = "*", path = "../warpgate-protocol-mysql" }
+warpgate-protocol-ssh = { version = "*", path = "../warpgate-protocol-ssh" }
 
 [target.'cfg(target_os = "linux")'.dependencies]
 sd-notify = "0.4"
 
 [features]
+default = ["sqlite"]
 dhat-ad-hoc = ["dhat"]
 dhat-heap = ["dhat"]
 tokio-console = ["dep:console-subscriber", "tokio/tracing"]
+postgres = ["warpgate-core/postgres"]
+mysql = ["warpgate-core/mysql"]
+sqlite = ["warpgate-core/sqlite"]

warpgate/src/commands/setup.rs

@@ -112,15 +112,23 @@ pub(crate) async fn command(cli: &crate::Cli) -> Result<()> {
     create_dir_all(&db_path)?;
     secure_directory(&db_path)?;
 
+    store.database_url = Secret::new(
+        if let Commands::UnattendedSetup {
+            database_url: Some(url),
+            ..
+        } = &cli.command
+        {
+            url.to_owned()
+        } else {
             let mut db_path = db_path.to_string_lossy().to_string();
 
             if let Some(x) = db_path.strip_suffix("./") {
                 db_path = x.to_string();
             }
 
-    let mut database_url = "sqlite:".to_owned();
-    database_url.push_str(&db_path);
-    store.database_url = Secret::new(database_url);
+            format!("sqlite:{db_path}")
+        },
+    );
 
     if let Commands::UnattendedSetup { http_port, .. } = &cli.command {
         store.http.enable = true;

warpgate/src/main.rs

@@ -35,6 +35,10 @@ pub(crate) enum Commands {
     Setup,
     /// Run first-time setup non-interactively
     UnattendedSetup {
+        /// Database URL
+        #[clap(long)]
+        database_url: Option<String>,
+
         /// Directory to store data in
         #[clap(long)]
         data_path: String,