Clean up ClientSecret usage
This commit is contained in:
parent
c5383639f5
commit
5300afa205
5 changed files with 49 additions and 30 deletions
|
@ -11,6 +11,7 @@ use std::sync::atomic::{AtomicBool, Ordering};
|
||||||
use clap::{crate_authors, crate_description, crate_version, Clap};
|
use clap::{crate_authors, crate_description, crate_version, Clap};
|
||||||
use log::LevelFilter;
|
use log::LevelFilter;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
use thiserror::Error;
|
||||||
use url::Url;
|
use url::Url;
|
||||||
|
|
||||||
use crate::units::{KilobitsPerSecond, Mebibytes, Port};
|
use crate::units::{KilobitsPerSecond, Mebibytes, Port};
|
||||||
|
@ -19,7 +20,17 @@ use crate::units::{KilobitsPerSecond, Mebibytes, Port};
|
||||||
pub static VALIDATE_TOKENS: AtomicBool = AtomicBool::new(false);
|
pub static VALIDATE_TOKENS: AtomicBool = AtomicBool::new(false);
|
||||||
pub static OFFLINE_MODE: AtomicBool = AtomicBool::new(false);
|
pub static OFFLINE_MODE: AtomicBool = AtomicBool::new(false);
|
||||||
|
|
||||||
pub fn load_config() -> Result<Config, serde_yaml::Error> {
|
#[derive(Error, Debug)]
|
||||||
|
pub enum ConfigError {
|
||||||
|
#[error("No config found. One has been created for you to modify.")]
|
||||||
|
NotInitialized,
|
||||||
|
#[error(transparent)]
|
||||||
|
Io(#[from] std::io::Error),
|
||||||
|
#[error(transparent)]
|
||||||
|
Parse(#[from] serde_yaml::Error),
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn load_config() -> Result<Config, ConfigError> {
|
||||||
// Load cli args first
|
// Load cli args first
|
||||||
let cli_args: CliArgs = CliArgs::parse();
|
let cli_args: CliArgs = CliArgs::parse();
|
||||||
|
|
||||||
|
@ -40,13 +51,10 @@ pub fn load_config() -> Result<Config, serde_yaml::Error> {
|
||||||
|
|
||||||
let default_config = include_str!("../settings.sample.yaml");
|
let default_config = include_str!("../settings.sample.yaml");
|
||||||
file.write_all(default_config.as_bytes()).unwrap();
|
file.write_all(default_config.as_bytes()).unwrap();
|
||||||
serde_yaml::from_str(default_config)
|
|
||||||
|
return Err(ConfigError::NotInitialized);
|
||||||
}
|
}
|
||||||
e => panic!(
|
Err(e) => return Err(e.into()),
|
||||||
"Failed to open file at {}: {:?}",
|
|
||||||
config_path.to_string_lossy(),
|
|
||||||
e
|
|
||||||
),
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -129,7 +137,11 @@ impl Config {
|
||||||
.unwrap_or(unsafe { NonZeroU16::new_unchecked(60) }),
|
.unwrap_or(unsafe { NonZeroU16::new_unchecked(60) }),
|
||||||
log_level,
|
log_level,
|
||||||
// secret should never be in CLI
|
// secret should never be in CLI
|
||||||
client_secret: file_args.server_settings.secret,
|
client_secret: if let Ok(v) = std::env::var("CLIENT_SECRET") {
|
||||||
|
ClientSecret(v)
|
||||||
|
} else {
|
||||||
|
file_args.server_settings.secret
|
||||||
|
},
|
||||||
port: cli_args.port.unwrap_or(file_args.server_settings.port),
|
port: cli_args.port.unwrap_or(file_args.server_settings.port),
|
||||||
bind_address: SocketAddr::new(
|
bind_address: SocketAddr::new(
|
||||||
file_args
|
file_args
|
||||||
|
@ -188,7 +200,7 @@ struct YamlServerSettings {
|
||||||
}
|
}
|
||||||
|
|
||||||
// this intentionally does not implement display or debug
|
// this intentionally does not implement display or debug
|
||||||
#[derive(Deserialize, Serialize)]
|
#[derive(Deserialize, Serialize, Clone)]
|
||||||
pub struct ClientSecret(String);
|
pub struct ClientSecret(String);
|
||||||
|
|
||||||
#[derive(Deserialize, Default)]
|
#[derive(Deserialize, Default)]
|
||||||
|
|
21
src/main.rs
21
src/main.rs
|
@ -2,11 +2,10 @@
|
||||||
// We're end users, so these is ok
|
// We're end users, so these is ok
|
||||||
#![allow(clippy::module_name_repetitions)]
|
#![allow(clippy::module_name_repetitions)]
|
||||||
|
|
||||||
use std::env::{self, VarError};
|
use std::env::VarError;
|
||||||
use std::error::Error;
|
use std::error::Error;
|
||||||
use std::fmt::Display;
|
use std::fmt::Display;
|
||||||
use std::num::ParseIntError;
|
use std::num::ParseIntError;
|
||||||
use std::process;
|
|
||||||
use std::sync::atomic::{AtomicBool, Ordering};
|
use std::sync::atomic::{AtomicBool, Ordering};
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
use std::time::Duration;
|
use std::time::Duration;
|
||||||
|
@ -59,7 +58,14 @@ async fn main() -> Result<(), Box<dyn Error>> {
|
||||||
// Config loading
|
// Config loading
|
||||||
//
|
//
|
||||||
|
|
||||||
let config = config::load_config()?;
|
let config = match config::load_config() {
|
||||||
|
Ok(c) => c,
|
||||||
|
Err(e) => {
|
||||||
|
eprintln!("{}", e);
|
||||||
|
return Err(Box::new(e) as Box<_>);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
let memory_quota = config.memory_quota;
|
let memory_quota = config.memory_quota;
|
||||||
let disk_quota = config.disk_quota;
|
let disk_quota = config.disk_quota;
|
||||||
let cache_type = config.cache_type;
|
let cache_type = config.cache_type;
|
||||||
|
@ -80,13 +86,8 @@ async fn main() -> Result<(), Box<dyn Error>> {
|
||||||
return Err(e);
|
return Err(e);
|
||||||
}
|
}
|
||||||
|
|
||||||
let client_secret = if let Ok(v) = env::var("CLIENT_SECRET") {
|
let client_secret = config.client_secret.clone();
|
||||||
v
|
let client_secret_1 = config.client_secret.clone();
|
||||||
} else {
|
|
||||||
error!("Client secret not found in ENV. Please set CLIENT_SECRET.");
|
|
||||||
process::exit(1);
|
|
||||||
};
|
|
||||||
let client_secret_1 = client_secret.clone();
|
|
||||||
|
|
||||||
if config.ephemeral_disk_encryption {
|
if config.ephemeral_disk_encryption {
|
||||||
info!("Running with at-rest encryption!");
|
info!("Running with at-rest encryption!");
|
||||||
|
|
18
src/ping.rs
18
src/ping.rs
|
@ -11,7 +11,7 @@ use serde_repr::Deserialize_repr;
|
||||||
use sodiumoxide::crypto::box_::PrecomputedKey;
|
use sodiumoxide::crypto::box_::PrecomputedKey;
|
||||||
use url::Url;
|
use url::Url;
|
||||||
|
|
||||||
use crate::config::{Config, UnstableOptions, VALIDATE_TOKENS};
|
use crate::config::{ClientSecret, Config, UnstableOptions, VALIDATE_TOKENS};
|
||||||
use crate::state::{
|
use crate::state::{
|
||||||
RwLockServerState, PREVIOUSLY_COMPROMISED, PREVIOUSLY_PAUSED, TLS_CERTS,
|
RwLockServerState, PREVIOUSLY_COMPROMISED, PREVIOUSLY_PAUSED, TLS_CERTS,
|
||||||
TLS_PREVIOUSLY_CREATED, TLS_SIGNING_KEY,
|
TLS_PREVIOUSLY_CREATED, TLS_SIGNING_KEY,
|
||||||
|
@ -21,9 +21,9 @@ use crate::CLIENT_API_VERSION;
|
||||||
|
|
||||||
pub const CONTROL_CENTER_PING_URL: &str = "https://api.mangadex.network/ping";
|
pub const CONTROL_CENTER_PING_URL: &str = "https://api.mangadex.network/ping";
|
||||||
|
|
||||||
#[derive(Serialize, Debug)]
|
#[derive(Serialize)]
|
||||||
pub struct Request<'a> {
|
pub struct Request<'a> {
|
||||||
secret: &'a str,
|
secret: &'a ClientSecret,
|
||||||
port: Port,
|
port: Port,
|
||||||
disk_space: Mebibytes,
|
disk_space: Mebibytes,
|
||||||
network_speed: BytesPerSecond,
|
network_speed: BytesPerSecond,
|
||||||
|
@ -32,7 +32,7 @@ pub struct Request<'a> {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<'a> Request<'a> {
|
impl<'a> Request<'a> {
|
||||||
fn from_config_and_state(secret: &'a str, config: &Config) -> Self {
|
fn from_config_and_state(secret: &'a ClientSecret, config: &Config) -> Self {
|
||||||
Self {
|
Self {
|
||||||
secret,
|
secret,
|
||||||
port: config.port,
|
port: config.port,
|
||||||
|
@ -46,8 +46,8 @@ impl<'a> Request<'a> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<'a> From<(&'a str, &Config)> for Request<'a> {
|
impl<'a> From<(&'a ClientSecret, &Config)> for Request<'a> {
|
||||||
fn from((secret, config): (&'a str, &Config)) -> Self {
|
fn from((secret, config): (&'a ClientSecret, &Config)) -> Self {
|
||||||
Self {
|
Self {
|
||||||
secret,
|
secret,
|
||||||
port: config.port,
|
port: config.port,
|
||||||
|
@ -161,7 +161,11 @@ impl std::fmt::Debug for Tls {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn update_server_state(secret: &str, cli: &Config, data: &mut Arc<RwLockServerState>) {
|
pub async fn update_server_state(
|
||||||
|
secret: &ClientSecret,
|
||||||
|
cli: &Config,
|
||||||
|
data: &mut Arc<RwLockServerState>,
|
||||||
|
) {
|
||||||
let req = Request::from_config_and_state(secret, cli);
|
let req = Request::from_config_and_state(secret, cli);
|
||||||
let client = reqwest::Client::new();
|
let client = reqwest::Client::new();
|
||||||
let resp = client.post(CONTROL_CENTER_PING_URL).json(&req).send().await;
|
let resp = client.post(CONTROL_CENTER_PING_URL).json(&req).send().await;
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
use std::sync::atomic::{AtomicBool, Ordering};
|
use std::sync::atomic::{AtomicBool, Ordering};
|
||||||
|
|
||||||
use crate::config::{Config, UnstableOptions, OFFLINE_MODE, VALIDATE_TOKENS};
|
use crate::config::{ClientSecret, Config, UnstableOptions, OFFLINE_MODE, VALIDATE_TOKENS};
|
||||||
use crate::ping::{Request, Response, CONTROL_CENTER_PING_URL};
|
use crate::ping::{Request, Response, CONTROL_CENTER_PING_URL};
|
||||||
use arc_swap::ArcSwap;
|
use arc_swap::ArcSwap;
|
||||||
use log::{error, info, warn};
|
use log::{error, info, warn};
|
||||||
|
@ -45,7 +45,7 @@ pub enum ServerInitError {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl ServerState {
|
impl ServerState {
|
||||||
pub async fn init(secret: &str, config: &Config) -> Result<Self, ServerInitError> {
|
pub async fn init(secret: &ClientSecret, config: &Config) -> Result<Self, ServerInitError> {
|
||||||
let resp = reqwest::Client::new()
|
let resp = reqwest::Client::new()
|
||||||
.post(CONTROL_CENTER_PING_URL)
|
.post(CONTROL_CENTER_PING_URL)
|
||||||
.json(&Request::from((secret, config)))
|
.json(&Request::from((secret, config)))
|
||||||
|
|
|
@ -2,14 +2,16 @@ use log::{info, warn};
|
||||||
use reqwest::StatusCode;
|
use reqwest::StatusCode;
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
|
||||||
|
use crate::config::ClientSecret;
|
||||||
|
|
||||||
const CONTROL_CENTER_STOP_URL: &str = "https://api.mangadex.network/ping";
|
const CONTROL_CENTER_STOP_URL: &str = "https://api.mangadex.network/ping";
|
||||||
|
|
||||||
#[derive(Serialize)]
|
#[derive(Serialize)]
|
||||||
struct StopRequest<'a> {
|
struct StopRequest<'a> {
|
||||||
secret: &'a str,
|
secret: &'a ClientSecret,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn send_stop(secret: &str) {
|
pub async fn send_stop(secret: &ClientSecret) {
|
||||||
let request = StopRequest { secret };
|
let request = StopRequest { secret };
|
||||||
let client = reqwest::Client::new();
|
let client = reqwest::Client::new();
|
||||||
match client
|
match client
|
||||||
|
|
Loading…
Reference in a new issue