Compare commits
1 Commits
9c5d1bd27f
...
26e8e386b9
| Author | SHA1 | Date | |
|---|---|---|---|
| 26e8e386b9 |
@ -22,18 +22,12 @@ pub struct OPNSenseFirewall {
|
|||||||
host: LogicalHost,
|
host: LogicalHost,
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO figure out a design to have a unique identifiere for this firewall
|
|
||||||
// I think a project identifier would be good enough, then the secrets module configuration will
|
|
||||||
// point to the project's vault and this opnsense modules doesn't need to know anything about it
|
|
||||||
const OPNSENSE_CREDENTIALS: &str = "OPNSENSE_CREDENTIALS";
|
|
||||||
|
|
||||||
impl OPNSenseFirewall {
|
impl OPNSenseFirewall {
|
||||||
pub fn get_ip(&self) -> IpAddress {
|
pub fn get_ip(&self) -> IpAddress {
|
||||||
self.host.ip
|
self.host.ip
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn new(host: LogicalHost, port: Option<u16>, username: &str, password: &str) -> Self {
|
pub async fn new(host: LogicalHost, port: Option<u16>, username: &str, password: &str) -> Self {
|
||||||
// let credentials = Secrets::get_by_name(OPNSENSE_CREDENTIALS)
|
|
||||||
Self {
|
Self {
|
||||||
opnsense_config: Arc::new(RwLock::new(
|
opnsense_config: Arc::new(RwLock::new(
|
||||||
opnsense_config::Config::from_credentials(host.ip, port, username, password).await,
|
opnsense_config::Config::from_credentials(host.ip, port, username, password).await,
|
||||||
|
|||||||
@ -1,51 +0,0 @@
|
|||||||
use async_trait::async_trait;
|
|
||||||
use chrono::{DateTime, Utc};
|
|
||||||
use serde::Serialize;
|
|
||||||
|
|
||||||
use crate::{interpret::InterpretError, score::Score, topology::Topology};
|
|
||||||
|
|
||||||
/// Create and manage Tenant Credentials.
|
|
||||||
///
|
|
||||||
/// This is meant to be used by cluster administrators who need to provide their tenant users and
|
|
||||||
/// services with credentials to access their resources.
|
|
||||||
#[derive(Debug, Clone, Serialize)]
|
|
||||||
pub struct TenantCredentialScore;
|
|
||||||
|
|
||||||
impl<T: Topology + TenantCredentialManager> Score<T> for TenantCredentialScore {
|
|
||||||
fn create_interpret(&self) -> Box<dyn crate::interpret::Interpret<T>> {
|
|
||||||
todo!()
|
|
||||||
}
|
|
||||||
|
|
||||||
fn name(&self) -> String {
|
|
||||||
todo!()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[async_trait]
|
|
||||||
pub trait TenantCredentialManager {
|
|
||||||
async fn create_user(&self) -> Result<TenantCredentialBundle, InterpretError>;
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone)]
|
|
||||||
pub struct CredentialMetadata {
|
|
||||||
pub tenant_id: String,
|
|
||||||
pub credential_id: String,
|
|
||||||
pub description: String,
|
|
||||||
pub created_at: DateTime<Utc>,
|
|
||||||
pub expires_at: Option<DateTime<Utc>>,
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Debug, Clone)]
|
|
||||||
pub enum CredentialData {
|
|
||||||
/// Used to store login instructions destined to a human. Akin to AWS login instructions email
|
|
||||||
/// upon new console user creation.
|
|
||||||
PlainText(String),
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
pub struct TenantCredentialBundle {
|
|
||||||
_metadata: CredentialMetadata,
|
|
||||||
_content: CredentialData,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl TenantCredentialBundle {}
|
|
||||||
Loading…
Reference in New Issue
Block a user