monoadmin/the-other-dude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
33be7a9522d75c03e70630c15f72e0d684555dc2
the-other-dude/poller/internal/store/devices.go
Jason Staack 4ae39d2cb3 feat(02-01): add config backup env vars, NATS event, device SSH fields, migration, metrics 
- Config: CONFIG_BACKUP_INTERVAL (21600s), CONFIG_BACKUP_MAX_CONCURRENT (10), CONFIG_BACKUP_COMMAND_TIMEOUT (60s)
- NATS: ConfigSnapshotEvent type, PublishConfigSnapshot method, config.snapshot.> stream subject
- Device: SSHPort/SSHHostKeyFingerprint fields, UpdateSSHHostKey method, updated queries/scans
- Migration 028: ssh_port, ssh_host_key_fingerprint, timestamp columns with poller_user grants
- Metrics: ConfigBackupTotal (counter), ConfigBackupDuration (histogram), ConfigBackupActive (gauge)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 20:48:12 -05:00

183 lines
5.1 KiB
Go
Raw Blame History

// Package store provides database access for the poller service.
package store
import (
"context"
"fmt"
"github.com/jackc/pgx/v5/pgxpool"
)
// Device represents a device row fetched from the devices table.
// The poller reads ALL devices across all tenants (no RLS applied to poller_user).
type Device struct {
ID string
TenantID string
IPAddress string
APIPort int
APISSLPort int
EncryptedCredentials []byte // legacy AES-256-GCM BYTEA
EncryptedCredentialsTransit *string // OpenBao Transit ciphertext (TEXT, nullable)
RouterOSVersion *string
MajorVersion *int
TLSMode string // "insecure" or "portal_ca"
CACertPEM *string // PEM-encoded CA cert (only populated when TLSMode = "portal_ca")
SSHPort int // SSH port for config backup (default 22)
SSHHostKeyFingerprint *string // TOFU SSH host key fingerprint (SHA256:base64)
}
// DeviceStore manages PostgreSQL connections for device data access.
type DeviceStore struct {
pool *pgxpool.Pool
}
// NewDeviceStore creates a pgx connection pool and returns a DeviceStore.
//
// The databaseURL should use the poller_user role which has SELECT-only access
// to the devices table and is not subject to RLS policies.
func NewDeviceStore(ctx context.Context, databaseURL string) (*DeviceStore, error) {
pool, err := pgxpool.New(ctx, databaseURL)
if err != nil {
return nil, fmt.Errorf("creating pgx pool: %w", err)
}
// Verify connectivity immediately.
if err := pool.Ping(ctx); err != nil {
pool.Close()
return nil, fmt.Errorf("pinging database: %w", err)
}
return &DeviceStore{pool: pool}, nil
}
// FetchDevices returns all devices from the database.
//
// The query reads across all tenants intentionally — the poller_user role has
// SELECT-only access without RLS so it can poll all devices.
func (s *DeviceStore) FetchDevices(ctx context.Context) ([]Device, error) {
const query = `
SELECT
d.id::text,
d.tenant_id::text,
d.ip_address,
d.api_port,
d.api_ssl_port,
d.encrypted_credentials,
d.encrypted_credentials_transit,
d.routeros_version,
d.routeros_major_version,
d.tls_mode,
ca.cert_pem,
COALESCE(d.ssh_port, 22),
d.ssh_host_key_fingerprint
FROM devices d
LEFT JOIN certificate_authorities ca
ON d.tenant_id = ca.tenant_id
AND d.tls_mode = 'portal_ca'
WHERE d.encrypted_credentials IS NOT NULL
OR d.encrypted_credentials_transit IS NOT NULL
`
rows, err := s.pool.Query(ctx, query)
if err != nil {
return nil, fmt.Errorf("querying devices: %w", err)
}
defer rows.Close()
var devices []Device
for rows.Next() {
var d Device
if err := rows.Scan(
&d.ID,
&d.TenantID,
&d.IPAddress,
&d.APIPort,
&d.APISSLPort,
&d.EncryptedCredentials,
&d.EncryptedCredentialsTransit,
&d.RouterOSVersion,
&d.MajorVersion,
&d.TLSMode,
&d.CACertPEM,
&d.SSHPort,
&d.SSHHostKeyFingerprint,
); err != nil {
return nil, fmt.Errorf("scanning device row: %w", err)
}
devices = append(devices, d)
}
if err := rows.Err(); err != nil {
return nil, fmt.Errorf("iterating device rows: %w", err)
}
return devices, nil
}
// GetDevice returns a single device by ID for interactive command execution.
func (s *DeviceStore) GetDevice(ctx context.Context, deviceID string) (Device, error) {
const query = `
SELECT
d.id::text,
d.tenant_id::text,
d.ip_address,
d.api_port,
d.api_ssl_port,
d.encrypted_credentials,
d.encrypted_credentials_transit,
d.routeros_version,
d.routeros_major_version,
d.tls_mode,
ca.cert_pem,
COALESCE(d.ssh_port, 22),
d.ssh_host_key_fingerprint
FROM devices d
LEFT JOIN certificate_authorities ca
ON d.tenant_id = ca.tenant_id
AND d.tls_mode = 'portal_ca'
WHERE d.id = $1
`
var d Device
err := s.pool.QueryRow(ctx, query, deviceID).Scan(
&d.ID,
&d.TenantID,
&d.IPAddress,
&d.APIPort,
&d.APISSLPort,
&d.EncryptedCredentials,
&d.EncryptedCredentialsTransit,
&d.RouterOSVersion,
&d.MajorVersion,
&d.TLSMode,
&d.CACertPEM,
&d.SSHPort,
&d.SSHHostKeyFingerprint,
)
if err != nil {
return Device{}, fmt.Errorf("querying device %s: %w", deviceID, err)
}
return d, nil
}
// UpdateSSHHostKey stores the SSH host key fingerprint for TOFU verification.
// Called after a successful first-connect to persist the observed fingerprint.
func (s *DeviceStore) UpdateSSHHostKey(ctx context.Context, deviceID string, fingerprint string) error {
const query = `UPDATE devices SET ssh_host_key_fingerprint = $1, ssh_host_key_first_seen = COALESCE(ssh_host_key_first_seen, NOW()), ssh_host_key_last_verified = NOW() WHERE id = $2`
_, err := s.pool.Exec(ctx, query, fingerprint, deviceID)
if err != nil {
return fmt.Errorf("updating SSH host key for device %s: %w", deviceID, err)
}
return nil
}
// Pool returns the underlying pgxpool.Pool for shared use by other subsystems
// (e.g., credential cache key_access_log inserts).
func (s *DeviceStore) Pool() *pgxpool.Pool {
return s.pool
}
// Close closes the pgx connection pool.
func (s *DeviceStore) Close() {
s.pool.Close()
}
Reference in New Issue View Git Blame Copy Permalink