Add db migrations to CV2 db

2025-05-25 06:33:44 +02:00 · 2025-05-13 13:11:27 -07:00 · 2025-05-13 13:11:27 -07:00 · c68acebe31
commit c68acebe31
parent 4b7c5159a3
6 changed files with 72 additions and 13 deletions
--- a/ext/central-controller-docker/Dockerfile
+++ b/ext/central-controller-docker/Dockerfile
@ -1,11 +1,16 @@
 # Dockerfile for ZeroTier Central Controllers
-FROM registry.zerotier.com/zerotier/ctlbuild:latest as builder
-MAINTAINER Adam Ierymekno <adam.ierymenko@zerotier.com>, Grant Limberg <grant.limberg@zerotier.com>
+FROM registry.zerotier.com/zerotier/ctlbuild:2025-05-13-01 AS builder
 ADD . /ZeroTierOne
 RUN export PATH=$PATH:~/.cargo/bin && cd ZeroTierOne && make clean && make central-controller -j8

-FROM registry.zerotier.com/zerotier/ctlrun:latest
+FROM golang:bookworm AS go_base
+RUN go install github.com/golang-migrate/migrate/v4/cmd/migrate@latest
+
+FROM registry.zerotier.com/zerotier/ctlrun:2025-05-13-01
 COPY --from=builder /ZeroTierOne/zerotier-one /usr/local/bin/zerotier-one
+COPY --from=go_base /go/bin/migrate /usr/local/bin/migrate
+COPY ext/central-controller-docker/migrations /migrations
+
 RUN chmod a+x /usr/local/bin/zerotier-one
 RUN echo "/usr/local/lib64" > /etc/ld.so.conf.d/usr-local-lib64.conf && ldconfig

--- a/ext/central-controller-docker/Dockerfile.builder
+++ b/ext/central-controller-docker/Dockerfile.builder
@ -1,8 +1,5 @@
 # Dockerfile for building ZeroTier Central Controllers
-FROM ubuntu:jammy as builder
-MAINTAINER Adam Ierymekno <adam.ierymenko@zerotier.com>, Grant Limberg <grant.limberg@zerotier.com>
-
-ARG git_branch=master
+FROM debian:bookworm

 RUN apt update && apt upgrade -y
 RUN apt -y install \
--- a/ext/central-controller-docker/Dockerfile.run_base
+++ b/ext/central-controller-docker/Dockerfile.run_base
@ -1,15 +1,17 @@
-FROM ubuntu:jammy
+FROM debian:bookworm
+
+

 RUN apt update && apt upgrade -y
-
 RUN apt -y install \
-    netcat \
+    netcat-traditional \
    postgresql-client \
    postgresql-client-common \
    libjemalloc2 \
    libpq5 \
    curl \
    binutils \
-    linux-tools-gke \
    perf-tools-unstable \
-    google-perftools 
+    google-perftools \
+    gnupg
+
--- a/ext/central-controller-docker/main.sh
+++ b/ext/central-controller-docker/main.sh
@ -21,7 +21,7 @@ if [ -z "$ZT_DB_PASSWORD" ]; then
    exit 1
 fi
 if [ -z "$ZT_DB_TYPE" ]; then
-    ZT_DB="postgres"
+    ZT_DB_TYPE="postgres"
 fi

 REDIS=""
@ -103,6 +103,11 @@ else
    done
 fi

+if [ "$ZT_DB_TYPE" == "cv2" ]; then
+    echo "Migrating database (if needed)..."
+    /usr/local/bin/migrate -source /migrations -database "postgres://$ZT_DB_USER:$ZT_DB_PASSWORD@$ZT_DB_HOST:$ZT_DB_PORT/$ZT_DB_NAME?x-migrations-table=controller_migrations" up
+fi
+
 if [ -n "$ZT_TEMPORAL_HOST" ] && [ -n "$ZT_TEMPORAL_PORT" ]; then
    echo "waiting for temporal..."
    while ! nc -z ${ZT_TEMPORAL_HOST} ${ZT_TEMPORAL_PORT}; do
--- a/ext/central-controller-docker/migrations/0001_init.down.sql
+++ b/ext/central-controller-docker/migrations/0001_init.down.sql
@ -0,0 +1,3 @@
+DROP TABLE IF EXISTS network_memberships_ctl;
+DROP TABLE IF EXISTS networks_ctl;
+DROP TABLE IF EXISTS controllers_ctl;
--- a/ext/central-controller-docker/migrations/0001_init.up.sql
+++ b/ext/central-controller-docker/migrations/0001_init.up.sql
@ -0,0 +1,47 @@
+-- inits controller db schema
+
+CREATE TABLE IF NOT EXISTS controllers_ctl (
+    id text NOT NULL PRIMARY KEY,
+    hostname text,
+    last_heartbeat timestamp with time zone,
+    public_identity text NOT NULL,
+    version text
+);
+
+CREATE TABLE IF NOT EXISTS networks_ctl (
+    id character varying(22) NOT NULL PRIMARY KEY,
+    name text NOT NULL,
+    configuration jsonb DEFAULT '{}'::jsonb NOT NULL,
+    controller_id text REFERENCES controllers_ctl(id),
+    revision integer DEFAULT 0 NOT NULL,
+    last_modified timestamp with time zone DEFAULT now(),
+    creation_time timestamp with time zone DEFAULT now()
+);
+
+CREATE TABLE IF NOT EXISTS network_memberships_ctl (
+    device_id character varying(22) NOT NULL,
+    network_id character varying(22) NOT NULL REFERENCES networks_ctl(id),
+    authorized boolean,
+    active_bridge boolean,
+    ip_assignments text[],
+    no_auto_assign_ips boolean,
+    sso_exempt boolean,
+    authentication_expiry_time timestamp with time zone,
+    capabilities jsonb,
+    creation_time timestamp with time zone DEFAULT now(),
+    last_modified timestamp with time zone DEFAULT now(),
+    identity text DEFAULT ''::text,
+    last_authorized_credential text,
+    last_authorized_time timestamp with time zone,
+    last_deauthorized_time timestamp with time zone,
+    last_seen jsonb DEFAULT '{}'::jsonb NOT NULL, -- in the context of the network
+    remote_trace_level integer DEFAULT 0 NOT NULL,
+    remote_trace_target text DEFAULT ''::text NOT NULL,
+    revision integer DEFAULT 0 NOT NULL,
+    tags jsonb,
+    version_major integer DEFAULT 0 NOT NULL,
+    version_minor integer DEFAULT 0 NOT NULL,
+    version_revision integer DEFAULT 0 NOT NULL,
+    version_protocol integer DEFAULT 0 NOT NULL,
+    PRIMARY KEY (device_id, network_id)
+);