# Festung

Remote multi-db SQLCipher server exposing a REST API

![](https://upload.wikimedia.org/wikipedia/commons/c/c1/SenjNehajgrad0.jpg)

## Build

The `festung` container is built with the help of an auxiliary container called `steinmetz`.
The `steinmetz` container gathers and compiles all build dependencies, so that build process
of `festung` itself is faster. You can build both containers by invoking `make` with no
target.

```sh
$ make
```

## Run

To spin up a festung instance do

```sh
$ docker run --rm --tty --interactive --publish 127.0.0.1:2728:2728 --name festung festung
```

or just do

```sh
$ make start
```

If you want to persist the vaults between multiple runs, you either have to mount a directory
from the host system or create a docker volume. The latter could be done by doing

```sh
$ docker volume create vaults
```

and then run festung like so

```sh
$ docker run --rm -it -p 127.0.0.1:2728:2728 --mount source=vaults,target=/var/festung --name festung festung
```

## Interact

Once you have a festung instance running you can interact with the API by using `curl`, `httpie` or an
HTTP client of your choice.

The databases that are handled by festung are encrypted. The key is provided through the Authorization
header whose value is base64 encoded

```sh
$ echo foo | base64
Zm9vCg==
```

The request body for issuing queries against festung contains the fields `sql` and `params`. To create a
new table `foo` in the database `1` (encrypted with the password `"foo"`) you can issue the following 
request:

```json
# http localhost:2728/1 Authorization:Zm9vCg== sql='CREATE TABLE foo (id INT, b VARCHAR)' params:='[]'
{
    "data": [],
    "headers": [],
    "last_row_id": 0,
    "rows_changed": 0
}
```

The `params` paramter can be used for parametrizing queries. Let's say we insterted some data in our
table

```json
# http localhost:2728/1 Authorization:Zm9vCg== sql='INSERT INTO foo VALUES (1, "b")' params:='[]'
{
    "data": [],
    "headers": [],
    "last_row_id": 0,
    "rows_changed": 0
}
```

then we could use `params` as follows:

```json
# http localhost:2728/1 Authorization:Zm9vCg== sql='SELECT * FROM foo WHERE id IN (?)' params:='[1]'
{
    "data": [
        [
            1,
            "b"
        ]
    ],
    "headers": [
        {
            "name": "id",
            "type": "INT"
        },
        {
            "name": "b",
            "type": "VARCHAR"
        }
    ],
    "last_row_id": 0,
    "rows_changed": -1
}
```