Kitsune2 Bootstrap Server--Core

crates/bootstrap_srv/src/bin/kitsune2-bootstrap-srv.rs

@@ -0,0 +1,49 @@
+//! The binary kitsune2-bootstrap-srv.
+
+use kitsune2_bootstrap_srv::*;
+
+#[derive(clap::Parser, Debug)]
+#[command(version)]
+pub struct Args {
+    /// By default kitsune2-boot-srv runs in "testing" configuration
+    /// with much lighter resource usage settings. This testing mode
+    /// should be more than enough for most developer application testing
+    /// and continuous integration or automated tests.
+    ///
+    /// To setup the server to be ready to use most of the resources available
+    /// on a single given machine, you can set this "production" mode.
+    #[arg(long)]
+    pub production: bool,
+    // TODO - Implement the ability to specify TLS certificates
+    // TODO - Implement the ability to specify the listening address
+    // TODO - Implement the ability to override any other relevant
+    //        config params that we wish to expose
+}
+
+fn main() {
+    let args = <Args as clap::Parser>::parse();
+
+    let config = if args.production {
+        Config::production()
+    } else {
+        Config::testing()
+    };
+
+    println!("{args:?}--{config:?}");
+
+    let (send, recv) = std::sync::mpsc::channel();
+
+    ctrlc::set_handler(move || {
+        send.send(()).unwrap();
+    })
+    .unwrap();
+
+    let srv = BootstrapSrv::new(config);
+
+    let _ = recv.recv();
+
+    println!("Terminating...");
+    drop(srv);
+    println!("Done.");
+    std::process::exit(0);
+}

crates/bootstrap_srv/src/config.rs

@@ -0,0 +1,84 @@
+//! config types.
+
+/// Configuration for running a BootstrapSrv.
+#[derive(Debug)]
+pub struct Config {
+    /// Worker thread count.
+    ///
+    /// This server is currently built using blocking io and filesystem
+    /// storage. It is therefore beneficial to have more worker threads
+    /// than system cpus, since the workers will be bound on io, not
+    /// on cpu. On the other hand, increasing this will also increase
+    /// memory overhead and tempfile handle count, so we don't want to
+    /// set it too high.
+    ///
+    /// Defaults:
+    /// - `testing = 2`
+    /// - `production = 4 * cpu_count`
+    pub worker_thread_count: usize,
+
+    /// The maximum agent info entry count per space.
+    ///
+    /// All entries will be returned in a get space request, so
+    /// this count should be low enough to reasonably send this response
+    /// over http without needing pagination.
+    ///
+    /// Defaults:
+    /// - `testing = 32`
+    /// - `production = 32`
+    pub max_entries_per_space: usize,
+
+    /// The duration worker threads will block waiting for incoming connections
+    /// before checking to see if the server is shutting down.
+    ///
+    /// Setting this very high will cause ctrl-c / server shutdown to be slow.
+    /// Setting this very low will increase cpu overhead (and in extreme
+    /// conditions, could cause a lack of responsiveness in the server).
+    ///
+    /// Defaults:
+    /// - `testing = 10ms`
+    /// - `production = 2s`
+    pub request_listen_duration: std::time::Duration,
+
+    /// The address(es) at which to listen.
+    ///
+    /// Defaults:
+    /// - `testing = "127.0.0.1:0"`
+    /// - `production = "0.0.0.0:443"`
+    pub listen_address: std::net::SocketAddr,
+
+    /// The interval at which expired agents are purged from the cache.
+    /// This is a fairly expensive operation that requires iterating
+    /// through every registered space and loading all the infos off the disk,
+    /// so it should not be undertaken too frequently.
+    ///
+    /// Defaults:
+    ///
+    /// - `testing = 10s`
+    /// - `production = 60s`
+    pub prune_interval: std::time::Duration,
+}
+
+impl Config {
+    /// Get a boot_srv config suitable for testing.
+    pub fn testing() -> Self {
+        Self {
+            worker_thread_count: 2,
+            max_entries_per_space: 32,
+            request_listen_duration: std::time::Duration::from_millis(10),
+            listen_address: ([127, 0, 0, 1], 0).into(),
+            prune_interval: std::time::Duration::from_secs(10),
+        }
+    }
+
+    /// Get a boot_srv config suitable for production.
+    pub fn production() -> Self {
+        Self {
+            worker_thread_count: num_cpus::get() * 4,
+            max_entries_per_space: 32,
+            request_listen_duration: std::time::Duration::from_secs(2),
+            listen_address: ([0, 0, 0, 0], 443).into(),
+            prune_interval: std::time::Duration::from_secs(60),
+        }
+    }
+}

crates/bootstrap_srv/src/lib.rs

@@ -175,3 +175,25 @@
 ///   interval.
 #[cfg(doc)]
 pub mod spec {}
+
+fn now() -> i64 {
+    std::time::SystemTime::now()
+        .duration_since(std::time::SystemTime::UNIX_EPOCH)
+        .expect("InvalidSystemTime")
+        .as_micros() as i64
+}
+
+mod config;
+pub use config::*;
+
+mod parse;
+use parse::*;
+
+mod store;
+use store::*;
+
+mod space;
+use space::*;
+
+mod server;
+pub use server::*;

crates/bootstrap_srv/src/parse.rs

@@ -0,0 +1,83 @@
+/// An entry with known content.
+#[derive(Debug)]
+pub struct ParsedEntry {
+    /// agent
+    pub agent: ed25519_dalek::VerifyingKey,
+
+    /// space
+    pub space: bytes::Bytes,
+
+    /// created_at
+    pub created_at: i64,
+
+    /// expires_at
+    pub expires_at: i64,
+
+    /// is_tombstone
+    pub is_tombstone: bool,
+
+    /// encoded
+    pub encoded: String,
+
+    /// signature
+    pub signature: ed25519_dalek::Signature,
+}
+
+impl ParsedEntry {
+    /// Parse entry from a slice.
+    pub fn from_slice(slice: &[u8]) -> std::io::Result<Self> {
+        use base64::prelude::*;
+
+        #[derive(serde::Deserialize)]
+        #[serde(rename_all = "camelCase")]
+        struct Outer {
+            agent_info: String,
+            signature: String,
+        }
+
+        #[derive(serde::Deserialize)]
+        #[serde(rename_all = "camelCase")]
+        struct Inner {
+            agent: String,
+            space: String,
+            created_at: String,
+            expires_at: String,
+            is_tombstone: bool,
+        }
+
+        let out: Outer = serde_json::from_slice(slice)?;
+        let inn: Inner = serde_json::from_str(&out.agent_info)?;
+
+        let agent: [u8; 32] = BASE64_URL_SAFE_NO_PAD
+            .decode(inn.agent)
+            .map_err(std::io::Error::other)?
+            .try_into()
+            .map_err(|_| std::io::Error::other("InvalidAgentPubKey"))?;
+
+        let signature: [u8; 64] = BASE64_URL_SAFE_NO_PAD
+            .decode(out.signature)
+            .map_err(std::io::Error::other)?
+            .try_into()
+            .map_err(|_| std::io::Error::other("InvalidSignature"))?;
+
+        Ok(ParsedEntry {
+            agent: ed25519_dalek::VerifyingKey::from_bytes(&agent)
+                .map_err(std::io::Error::other)?,
+            space: BASE64_URL_SAFE_NO_PAD
+                .decode(inn.space)
+                .map_err(std::io::Error::other)?
+                .into(),
+            created_at: inn
+                .created_at
+                .parse()
+                .map_err(std::io::Error::other)?,
+            expires_at: inn
+                .expires_at
+                .parse()
+                .map_err(std::io::Error::other)?,
+            is_tombstone: inn.is_tombstone,
+            encoded: out.agent_info,
+            signature: ed25519_dalek::Signature::from_bytes(&signature),
+        })
+    }
+}