database

module
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 4, 2023 License: MIT

README

Go Nano Services Module Database

Database modules for Go Nano Services, this modules designed to concurrent safe

Installation

go get code.afis.me/go-nano-services/modules/database
Upgrading to latest version
go get -u code.afis.me/go-nano-services/modules/database
Upgrade or downgrade with tag version if available
go get -u code.afis.me/go-nano-services/modules/database@v1.0.0

Mysql Encryption

SHOW VARIABLES LIKE 'plugin_dir';

Copy file plugins/mysql/encryption-udf.so to mysql plugins directory

Using pre-build Mysql Docker Images
# docker file located in images/mysql/Dockerfile
docker pull afisme/mysql:8.0.30
Install mysql custom encrypted
CREATE FUNCTION aes_encrypt_udf RETURNS STRING SONAME 'encryption-udf.so';
CREATE FUNCTION aes_decrypt_udf RETURNS STRING SONAME 'encryption-udf.so';
Removing mysql custom encrypted
DROP FUNCTION IF EXISTS aes_encrypt_udf;
DROP FUNCTION IF EXISTS aes_decrypt_udf;
Mysql Encrypted Raw Query
# aes_encrypt_udf parameter : aes_encrypt_udf('raw_data','key','key_version')
SELECT aes_encrypt_udf('JUST MESSAGE FOR ENCRYPTION', 'key', '0') as result;
# aes_decrypt_udf parameter : aes_decrypt_udf('raw_data/field','key_version:key,key_version:key')
SELECT aes_decrypt_udf(email, '0:key,1:keyV1') as result FROM user_data;
Mysql Example Raw Query, with WHERE and JOIN
SELECT aes_decrypt_udf(users.email, '0:key') as `email`,
 aes_decrypt_udf(users.user_name, '0:key') as `user_name`, 
 aes_decrypt_udf(user_data.phone, '0:key') as `phone`, 
 aes_decrypt_udf(user_data.address, '0:key') as `address`, 
 user_data.name as name FROM `users` JOIN user_data WHERE user_data.email = users.email 
 AND aes_decrypt_udf(users.email, '0:key') LIKE '%user-2%' ORDER BY users.email desc

Limitation mysql custom encrypted

If the key version changes, ON DUPLICATE KEY won't work, you need to manually query WHERE to see if there are duplicates.

or you can use native encryption for column with have primary key or unique, but the key can't be rotated.

interfaces.NewSqlEncrypted(local.New("primary"), interfaces.EncryptTypeNative)

also, see example mysql example/mysql/main.go

Vault key provider (hashicorp)

You must enable read access for secret metadata in ACL Polices and token TTL must be disabled.

path "development/data/database/master" {
    capabilities = ["read"]
}

path "development/metadata/database/master" {
    capabilities = ["read"]
}

Run Mysql Example

make mysql-example

Mongodb encryption

For Debian Based (bullseye)
sudo apt-get update && sudo apt-get install -y curl gpg
sudo sh -c "curl -s --location https://www.mongodb.org/static/pgp/libmongocrypt.asc | sudo gpg --dearmor >/etc/apt/trusted.gpg.d/libmongocrypt.gpg"
sudo sh -c "curl -s --location https://www.mongodb.org/static/pgp/server-6.0.asc | sudo gpg --dearmor >/etc/apt/trusted.gpg.d/server-6.0.gpg"
echo "deb https://libmongocrypt.s3.amazonaws.com/apt/debian buster/libmongocrypt/1.6 main" | sudo tee /etc/apt/sources.list.d/libmongocrypt.list
echo "deb http://repo.mongodb.com/apt/debian bullseye/mongodb-enterprise/6.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list
sudo apt-get update && sudo apt-get install -y mongodb-enterprise-cryptd=6.0.3 libmongocrypt-dev libbson-dev
For Ubuntu Based (jammy)
sudo apt-get update && sudo apt-get install -y curl gpg
sudo sh -c "curl -s --location https://www.mongodb.org/static/pgp/libmongocrypt.asc | sudo gpg --dearmor >/etc/apt/trusted.gpg.d/libmongocrypt.gpg"
sudo sh -c "curl -s --location https://www.mongodb.org/static/pgp/server-6.0.asc | gpg --dearmor >/etc/apt/trusted.gpg.d/server-6.0.gpg"
echo "deb https://libmongocrypt.s3.amazonaws.com/apt/ubuntu focal/libmongocrypt/1.6 universe" | sudo tee /etc/apt/sources.list.d/libmongocrypt.list
echo "deb http://repo.mongodb.com/apt/debian bullseye/mongodb-enterprise/6.0 main" | sudo tee /etc/apt/sources.list.d/mongodb-enterprise.list
sudo apt-get update && sudo apt-get install -y mongodb-enterprise-cryptd=6.0.3 libmongocrypt-dev libbson-dev

Run Mongo Example

make mongo-example

Run Mongo Example With Docker

make mongo-example-docker

Directories

Path Synopsis
example
kafka command
mongo command
mysql command
rabbitmq command
lib
embedded
kafka
kms/local
kms/vault
mongo
orm
rabbitmq
redis
sqlserver
plugins
mysql command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.