112 lines
3.9 KiB
Go
112 lines
3.9 KiB
Go
package store
|
|
|
|
import "helix-proxy/internal/models"
|
|
|
|
// Convenience type aliases so that code importing "helix-proxy/internal/store"
|
|
// can refer to the domain models as e.g. store.ProxyHost (historical API surface).
|
|
type (
|
|
Root = models.Root
|
|
User = models.User
|
|
ProxyHost = models.ProxyHost
|
|
HeaderRule = models.HeaderRule
|
|
Location = models.Location
|
|
AccessList = models.AccessList
|
|
AccessClient = models.AccessClient
|
|
AccessItem = models.AccessItem
|
|
Stream = models.Stream
|
|
Certificate = models.Certificate
|
|
RedirectionHost = models.RedirectionHost
|
|
DeadHost = models.DeadHost
|
|
AuditLog = models.AuditLog
|
|
)
|
|
|
|
// New returns the default Store implementation (bbolt, a pure-Go
|
|
// embedded transactional database). This is the recommended constructor for
|
|
// normal operation.
|
|
//
|
|
// It provides real ACID transactions and good concurrency while remaining a
|
|
// single static binary with no external database process.
|
|
func New() (Store, error) {
|
|
return NewBboltStore()
|
|
}
|
|
|
|
// Store is the interface for all persistent state in Helix Proxy.
|
|
//
|
|
// We use bbolt (pure-Go embedded transactional key/value store) as the one and only
|
|
// implementation. The interface exists primarily to:
|
|
// - Make the rest of the code (engine, cert manager, API handlers) easy to test with fakes.
|
|
// - Keep a clean boundary (in case we ever need to evolve the storage layer).
|
|
//
|
|
// All methods are safe for concurrent use.
|
|
//
|
|
// Models live in internal/models.
|
|
|
|
type Store interface {
|
|
// --- meta / bootstrap ---
|
|
IsSetup() bool
|
|
GetUsers() []models.User
|
|
|
|
// --- ProxyHost ---
|
|
GetProxyHosts() []models.ProxyHost
|
|
GetProxyHost(id int) (models.ProxyHost, bool)
|
|
CreateProxyHost(h models.ProxyHost) (models.ProxyHost, error)
|
|
UpdateProxyHost(h models.ProxyHost) (models.ProxyHost, error)
|
|
DeleteProxyHost(id int) error
|
|
SetProxyHostEnabled(id int, enabled bool) error
|
|
|
|
// --- AccessList ---
|
|
GetAccessLists() []models.AccessList
|
|
GetAccessList(id int) (models.AccessList, bool)
|
|
CreateAccessList(al models.AccessList) (models.AccessList, error)
|
|
UpdateAccessList(al models.AccessList) (models.AccessList, error)
|
|
DeleteAccessList(id int) error
|
|
|
|
// --- Stream ---
|
|
GetStreams() []models.Stream
|
|
GetStream(id int) (models.Stream, bool)
|
|
CreateStream(st models.Stream) (models.Stream, error)
|
|
UpdateStream(st models.Stream) (models.Stream, error)
|
|
DeleteStream(id int) error
|
|
SetStreamEnabled(id int, enabled bool) error
|
|
|
|
// --- Certificate ---
|
|
GetCertificates() []models.Certificate
|
|
GetCertificate(id int) (models.Certificate, bool)
|
|
CreateCertificate(c models.Certificate) (models.Certificate, error)
|
|
SetCertificate(c models.Certificate) error // used after LE issuance/renewal mutates meta+expires
|
|
DeleteCertificate(id int) error
|
|
|
|
// --- RedirectionHost ---
|
|
GetRedirectionHosts() []models.RedirectionHost
|
|
GetRedirectionHost(id int) (models.RedirectionHost, bool)
|
|
CreateRedirectionHost(h models.RedirectionHost) (models.RedirectionHost, error)
|
|
UpdateRedirectionHost(h models.RedirectionHost) (models.RedirectionHost, error)
|
|
DeleteRedirectionHost(id int) error
|
|
SetRedirectionHostEnabled(id int, enabled bool) error
|
|
|
|
// --- DeadHost ---
|
|
GetDeadHosts() []models.DeadHost
|
|
GetDeadHost(id int) (models.DeadHost, bool)
|
|
CreateDeadHost(h models.DeadHost) (models.DeadHost, error)
|
|
UpdateDeadHost(h models.DeadHost) (models.DeadHost, error)
|
|
DeleteDeadHost(id int) error
|
|
SetDeadHostEnabled(id int, enabled bool) error
|
|
|
|
// --- Settings (global) ---
|
|
GetSettings() map[string]any
|
|
SetSetting(name string, value any) error
|
|
|
|
// --- Audit ---
|
|
GetAuditLogs() []models.AuditLog
|
|
AddAuditLog(log models.AuditLog) (models.AuditLog, error)
|
|
|
|
// --- Users + 2FA ---
|
|
GetUserByEmail(email string) (models.User, bool)
|
|
CreateUser(u models.User) (models.User, error)
|
|
UpdateUser(u models.User) error
|
|
UpdateUserFull(u models.User) error // used when updating without changing password
|
|
DeleteUser(id int) error
|
|
|
|
// GetUsers avoids needing to fetch the entire root for user lists.
|
|
}
|