mirror of
https://github.com/mudler/LocalAI.git
synced 2026-06-07 00:06:51 -04:00
3a932a9803
* feat(distributed): NATS JWT auth, TLS/mTLS options, and e2e coverage Mint per-node NATS user JWTs at registration when LOCALAI_NATS_ACCOUNT_SEED is set, and connect workers with scoped credentials from the register response. Add optional LOCALAI_NATS_TLS_CA/CERT/KEY for private CA and mTLS alongside tls:// URLs, plus test-e2e-distributed and NatsJWT container e2e specs. Document JWT setup (nats-auth-setup.sh) and TLS env vars in distributed-mode. Assisted-by: Grok:grok grok-build Signed-off-by: Richard Palethorpe <io@richiejp.com> * fix(distributed): correct NATS JWT scoping and harden client auth The JWT-auth path added in 46467cc7 had several gaps that fail silently under LOCALAI_NATS_REQUIRE_AUTH: - Agent-worker minted JWTs did not allow the subjects the agent worker actually subscribes to (jobs.mcp-ci.new and nodes.<id>.backend.stop), so MCP-CI jobs and backend-stop session cleanup were silently dropped. Scope the agent permission set to those subjects. - NATS subscription permission violations were swallowed (Subscribe returned a live-but-dead subscription). Confirm subscriptions with a server round-trip so a denial surfaces synchronously, and log async permission errors. - The backend worker connected anonymously when given a JWT without its paired seed; reject the unpaired credential instead. - The documented service-user permissions in nats-auth-setup.sh omitted prefixcache.>, which the frontend publishes and subscribes; add it. Also: add a credential-provider hook to the messaging client (consumed by the follow-up credential-lifecycle change), drop the always-nil error from NatsMessagingOptions, run go mod tidy (jwt/v2 and nkeys are now direct), and gofmt the feature's files. Tests: an agent-JWT e2e spec that connects to the enforcing NATS server and exercises every subscription the agent worker makes, plus permission allow-list coverage unit tests. Assisted-by: Claude:claude-opus-4-8 [Claude Code] Signed-off-by: Richard Palethorpe <io@richiejp.com> * feat(distributed): acquire and auto-refresh worker NATS credentials Workers fetched NATS credentials once at startup, which broke two cases under JWT auth: a worker that registered while still pending admin approval never received a minted JWT (it connected unauthenticated and gave up), and a long-running worker's 24h JWT expired with no way to renew it. Introduce workerregistry.NATSCredentialManager, built on idempotent re-registration (the frontend preserves the node row and mints a fresh JWT each call): - Acquire re-registers through admin approval until the node is approved and credentials are minted (or returns the first success when auth is not required, preserving anonymous-NATS behavior). - RefreshLoop re-registers before the JWT expires (~75% of its lifetime), updating the credentials served to the connection. - Both are bounded (default 100 attempts / consecutive failures) and return an error on exhaustion, so an unapprovable or unrenewable worker exits non-zero and surfaces the problem instead of hanging or drifting toward an expired credential. The messaging client gains WithUserJWTProvider, fetching credentials on each (re)connect so the connection transparently adopts a refreshed JWT when the server expires the old one. RegisterFull exposes the approval status and full response; Register delegates to it. Both the backend worker and the agent worker are wired to this: explicit env credentials are used as-is, minted credentials are acquired-with-wait and refreshed, and a permanent refresh failure shuts the worker down so it restarts and re-acquires. Tests cover Acquire (wait-through-pending, bounded give-up, context cancel), RefreshLoop (refresh-before-expiry, bounded failure, no-expiry exit) and jwtExpiry decoding. Docs updated in distributed-mode.md. Assisted-by: Claude:claude-opus-4-8 [Claude Code] Signed-off-by: Richard Palethorpe <io@richiejp.com> --------- Signed-off-by: Richard Palethorpe <io@richiejp.com>
67 lines
2.2 KiB
Go
67 lines
2.2 KiB
Go
package natsauth
|
|
|
|
import (
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/mudler/xlog"
|
|
)
|
|
|
|
// DefaultWorkerJWTTTL is how long a worker may use a minted NATS user JWT before re-registering.
|
|
const DefaultWorkerJWTTTL = 24 * time.Hour
|
|
|
|
// Config holds NATS JWT authentication settings for distributed mode.
|
|
type Config struct {
|
|
// AccountSeed is the NATS account signing seed (SU...). Used to mint per-node worker JWTs.
|
|
AccountSeed string
|
|
// ServiceUserJWT is a pre-generated user JWT for frontends and agent workers (broad publish).
|
|
ServiceUserJWT string
|
|
// ServiceUserSeed is the signing seed (SU...) paired with ServiceUserJWT.
|
|
ServiceUserSeed string
|
|
// WorkerJWTTTL sets expiry on minted worker JWTs. Zero uses DefaultWorkerJWTTTL.
|
|
WorkerJWTTTL time.Duration
|
|
// RequireAuth rejects anonymous NATS when true (both ServiceUserJWT and AccountSeed expected).
|
|
RequireAuth bool
|
|
}
|
|
|
|
// Enabled reports whether any NATS credential material is configured.
|
|
func (c Config) Enabled() bool {
|
|
return c.AccountSeed != "" || c.ServiceUserJWT != ""
|
|
}
|
|
|
|
// CanMintWorkers reports whether per-node JWTs can be issued at registration.
|
|
func (c Config) CanMintWorkers() bool {
|
|
return c.AccountSeed != ""
|
|
}
|
|
|
|
// WorkerTTL returns the configured worker JWT lifetime.
|
|
func (c Config) WorkerTTL() time.Duration {
|
|
if c.WorkerJWTTTL > 0 {
|
|
return c.WorkerJWTTTL
|
|
}
|
|
return DefaultWorkerJWTTTL
|
|
}
|
|
|
|
// Validate checks consistency when distributed NATS auth is required.
|
|
func (c Config) Validate() error {
|
|
if !c.RequireAuth {
|
|
return nil
|
|
}
|
|
if c.ServiceUserJWT == "" || c.ServiceUserSeed == "" {
|
|
return fmt.Errorf("LOCALAI_NATS_REQUIRE_AUTH requires LOCALAI_NATS_SERVICE_JWT and LOCALAI_NATS_SERVICE_SEED")
|
|
}
|
|
if c.AccountSeed == "" {
|
|
return fmt.Errorf("LOCALAI_NATS_REQUIRE_AUTH is set but LOCALAI_NATS_ACCOUNT_SEED is empty")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// WarnIfInsecure logs when distributed NATS is reachable without credentials.
|
|
func (c Config) WarnIfInsecure(distributed bool) {
|
|
if !distributed || c.Enabled() {
|
|
return
|
|
}
|
|
xlog.Warn("NATS is used without JWT credentials — any client on the bus can publish backend.install. " +
|
|
"Set LOCALAI_NATS_ACCOUNT_SEED + LOCALAI_NATS_SERVICE_JWT (see docs/features/distributed-mode.md).")
|
|
}
|