Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsDBEncrypted ¶
IsDBEncrypted checks whether a SQLite database file is encrypted. An encrypted DB will not have the standard "SQLite format 3" magic header.
Types ¶
type Options ¶
type Options struct {
// DBPath is the SQLite database path (default: ~/.lango/lango.db).
DBPath string
// KeyfilePath is the path to the passphrase keyfile (default: ~/.lango/keyfile).
KeyfilePath string
// ForceProfile overrides the active profile selection.
ForceProfile string
// KeepKeyfile prevents the keyfile from being shredded after crypto initialization.
// Default (false) shreds the keyfile for security.
KeepKeyfile bool
// DBEncryption configures SQLCipher transparent database encryption.
DBEncryption config.DBEncryptionConfig
// SkipSecureDetection disables secure hardware provider detection (biometric/TPM).
// When true, the bootstrap falls back to keyfile or interactive prompt only.
// Useful for testing and headless environments.
SkipSecureDetection bool
}
Options configures the bootstrap process.
type Phase ¶
type Phase struct {
Name string
Run func(ctx context.Context, state *State) error
Cleanup func(state *State) // called in reverse order if a later phase fails
}
Phase represents a single step in the bootstrap pipeline.
func DefaultPhases ¶
func DefaultPhases() []Phase
DefaultPhases returns the standard bootstrap phase sequence.
type Pipeline ¶
type Pipeline struct {
// contains filtered or unexported fields
}
Pipeline executes phases sequentially. If a phase fails, cleanup functions of all previously completed phases are called in reverse order.
func NewPipeline ¶
NewPipeline creates a pipeline from the given phases.
type Result ¶
type Result struct {
// Config is the decrypted, active configuration.
Config *config.Config
// DBClient is the shared ent.Client for the application database.
DBClient *ent.Client
// RawDB is the underlying *sql.DB for direct SQL operations (e.g., sqlite-vec).
RawDB *sql.DB
// Crypto is the initialized CryptoProvider for the session.
Crypto security.CryptoProvider
// ConfigStore provides encrypted profile CRUD operations.
ConfigStore *configstore.Store
// ProfileName is the name of the loaded profile.
ProfileName string
}
Result holds everything produced by the bootstrap process.
type State ¶
type State struct {
Options Options
Result Result
// Internal state passed between phases.
Home string
LangoDir string
// Encryption detection.
DBEncrypted bool
NeedsDBKey bool
// Passphrase acquisition.
Passphrase string
PassSource passphrase.Source
SecureProvider keyring.Provider
SecurityTier keyring.SecurityTier
FirstRunGuess bool
// Database handles (set by phaseOpenDatabase).
Client *ent.Client
RawDB *sql.DB
// Security state from DB.
Salt []byte
Checksum []byte
FirstRun bool
// Crypto.
DBKey string
Crypto security.CryptoProvider
}
State carries data between pipeline phases. Each phase can read from and write to State.
Source Files
Click to show internal directories.
Click to hide internal directories.