From 0745d36f7ebfa08d1715b51641671a7227e424da Mon Sep 17 00:00:00 2001
From: Zack Siri <me@zacksiri.dev>
Date: Wed, 19 Jun 2024 17:49:21 +0700
Subject: [PATCH] Setup ability to manage lxd cluster pool for testing images

---
 config/config.exs                             |  2 ++
 config/runtime.exs                            | 15 ++++++++++++
 lib/polar/encrypted/map.ex                    |  3 +++
 lib/polar/machines.ex                         |  2 ++
 lib/polar/machines/cluster.ex                 | 23 +++++++++++++++++++
 lib/polar/machines/cluster/manager.ex         |  0
 lib/polar/vault.ex                            |  3 +++
 mix.exs                                       |  3 +++
 mix.lock                                      |  2 ++
 .../20240619102744_create_clusters.exs        | 15 ++++++++++++
 10 files changed, 68 insertions(+)
 create mode 100644 lib/polar/encrypted/map.ex
 create mode 100644 lib/polar/machines.ex
 create mode 100644 lib/polar/machines/cluster.ex
 create mode 100644 lib/polar/machines/cluster/manager.ex
 create mode 100644 lib/polar/vault.ex
 create mode 100644 priv/repo/migrations/20240619102744_create_clusters.exs

diff --git a/config/config.exs b/config/config.exs
index 6d1c697..43e94c7 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -11,6 +11,8 @@ config :polar,
   ecto_repos: [Polar.Repo],
   generators: [timestamp_type: :utc_datetime]
 
+config :polar, Polar.Vault, json_library: Jason
+
 # Configures the endpoint
 config :polar, PolarWeb.Endpoint,
   url: [host: "localhost"],
diff --git a/config/runtime.exs b/config/runtime.exs
index 266a8ca..f0d2140 100644
--- a/config/runtime.exs
+++ b/config/runtime.exs
@@ -34,6 +34,21 @@ config :polar, Polar.Assets,
   endpoint: System.get_env("AWS_S3_ENDPOINT"),
   default_cdn_host: default_cdn_host
 
+cloak_key =
+  System.get_env("CLOAK_KEY") || System.get_env("POLAR_CLOAK_KEY") ||
+    raise """
+    environment variable CLOAK_KEY or INSTELLAR_CLOAK_KEY is missing.
+    You can generate one using 32 |> :crypto.strong_rand_bytes() |> Base.encode64()
+    """
+
+config :polar, Polar.Vault,
+  ciphers: [
+    default: {
+      Cloak.Ciphers.AES.GCM,
+      tag: "AES.GCM.V1", key: Base.decode64!(cloak_key)
+    }
+  ]
+
 if config_env() == :prod do
   database_url =
     System.get_env("DATABASE_URL") ||
diff --git a/lib/polar/encrypted/map.ex b/lib/polar/encrypted/map.ex
new file mode 100644
index 0000000..d1a1299
--- /dev/null
+++ b/lib/polar/encrypted/map.ex
@@ -0,0 +1,3 @@
+defmodule Polar.Encrypted.Map do
+  use Cloak.Ecto.Map, vault: Polar.Vault
+end
diff --git a/lib/polar/machines.ex b/lib/polar/machines.ex
new file mode 100644
index 0000000..bd5a857
--- /dev/null
+++ b/lib/polar/machines.ex
@@ -0,0 +1,2 @@
+defmodule Polar.Machines do
+end
diff --git a/lib/polar/machines/cluster.ex b/lib/polar/machines/cluster.ex
new file mode 100644
index 0000000..ec4b803
--- /dev/null
+++ b/lib/polar/machines/cluster.ex
@@ -0,0 +1,23 @@
+defmodule Polar.Machines.Cluster do
+  use Ecto.Schema
+  import Ecto.Changeset
+
+  schema "clusters" do
+    field :name, :string
+    field :current_state, :string, default: "created"
+
+    field :type, :string
+    field :architecture, :string
+
+    field :credential, Polar.Encrypted.Map
+
+    timestamps(type: :utc_datetime)
+  end
+
+  @doc false
+  def changeset(cluster, attrs) do
+    cluster
+    |> cast(attrs, [:name, :type, :architecture, :current_state, :credential])
+    |> validate_required([:name, :type, :architecture, :current_state, :credential])
+  end
+end
diff --git a/lib/polar/machines/cluster/manager.ex b/lib/polar/machines/cluster/manager.ex
new file mode 100644
index 0000000..e69de29
diff --git a/lib/polar/vault.ex b/lib/polar/vault.ex
new file mode 100644
index 0000000..2599083
--- /dev/null
+++ b/lib/polar/vault.ex
@@ -0,0 +1,3 @@
+defmodule Polar.Vault do
+  use Cloak.Vault, otp_app: :polar
+end
diff --git a/mix.exs b/mix.exs
index 15d080f..723b485 100644
--- a/mix.exs
+++ b/mix.exs
@@ -71,6 +71,9 @@ defmodule Polar.MixProject do
       # Cert
       {:x509, "~> 0.8"},
 
+      # Encryption
+      {:cloak_ecto, "~> 1.3"},
+
       # Dev / Test
       {:dialyxir, "~> 1.0", only: [:dev], runtime: false}
     ]
diff --git a/mix.lock b/mix.lock
index a712e81..5aafdc5 100644
--- a/mix.lock
+++ b/mix.lock
@@ -4,6 +4,8 @@
   "bandit": {:hex, :bandit, "1.2.0", "2b5784909cc25b2514868055ff27458cdc63314514b90d86448ff91d18bece80", [:mix], [{:hpax, "~> 0.1.1", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "05688b883d87cc3b32991517a61e8c2ce8ee2dd6aa6eb73635426002a6661491"},
   "bcrypt_elixir": {:hex, :bcrypt_elixir, "3.1.0", "0b110a9a6c619b19a7f73fa3004aa11d6e719a67e672d1633dc36b6b2290a0f7", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "2ad2acb5a8bc049e8d5aa267802631912bb80d5f4110a178ae7999e69dca1bf7"},
   "castore": {:hex, :castore, "1.0.5", "9eeebb394cc9a0f3ae56b813459f990abb0a3dedee1be6b27fdb50301930502f", [:mix], [], "hexpm", "8d7c597c3e4a64c395980882d4bca3cebb8d74197c590dc272cfd3b6a6310578"},
+  "cloak": {:hex, :cloak, "1.1.4", "aba387b22ea4d80d92d38ab1890cc528b06e0e7ef2a4581d71c3fdad59e997e7", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}], "hexpm", "92b20527b9aba3d939fab0dd32ce592ff86361547cfdc87d74edce6f980eb3d7"},
+  "cloak_ecto": {:hex, :cloak_ecto, "1.3.0", "0de127c857d7452ba3c3367f53fb814b0410ff9c680a8d20fbe8b9a3c57a1118", [:mix], [{:cloak, "~> 1.1.1", [hex: :cloak, repo: "hexpm", optional: false]}, {:ecto, "~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}], "hexpm", "314beb0c123b8a800418ca1d51065b27ba3b15f085977e65c0f7b2adab2de1cc"},
   "comeonin": {:hex, :comeonin, "5.4.0", "246a56ca3f41d404380fc6465650ddaa532c7f98be4bda1b4656b3a37cc13abe", [:mix], [], "hexpm", "796393a9e50d01999d56b7b8420ab0481a7538d0caf80919da493b4a6e51faf1"},
   "db_connection": {:hex, :db_connection, "2.6.0", "77d835c472b5b67fc4f29556dee74bf511bbafecdcaf98c27d27fa5918152086", [:mix], [{:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "c2f992d15725e721ec7fbc1189d4ecdb8afef76648c746a8e1cad35e3b8a35f3"},
   "decimal": {:hex, :decimal, "2.1.1", "5611dca5d4b2c3dd497dec8f68751f1f1a54755e8ed2a966c2633cf885973ad6", [:mix], [], "hexpm", "53cfe5f497ed0e7771ae1a475575603d77425099ba5faef9394932b35020ffcc"},
diff --git a/priv/repo/migrations/20240619102744_create_clusters.exs b/priv/repo/migrations/20240619102744_create_clusters.exs
new file mode 100644
index 0000000..8188eca
--- /dev/null
+++ b/priv/repo/migrations/20240619102744_create_clusters.exs
@@ -0,0 +1,15 @@
+defmodule Polar.Repo.Migrations.CreateClusters do
+  use Ecto.Migration
+
+  def change do
+    create table(:clusters) do
+      add :name, :citext, null: false
+      add :type, :citext, null: false
+      add :arch, :citext, null: false
+      add :credential, :binary, null: false
+      add :current_state, :citext, default: "created"
+
+      timestamps(type: :utc_datetime_usec)
+    end
+  end
+end