diff options
| author | Alex Auvolat <alex@adnab.me> | 2023-10-26 11:27:56 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2023-10-26 11:27:56 +0200 |
| commit | b1ee3e54ba7f34a32d4098fdbaa481da3363a81c (patch) | |
| tree | 0fc09b937c16567894e6492a5f33cfe5b11f7ee8 /src/garage/main.rs | |
| parent | f4d3905d157869d98f9855cba77b4ba452012703 (diff) | |
| parent | 4b3dee2ca3be35d2df73626ad36a8cddedc41e6f (diff) | |
| download | garage-b1ee3e54ba7f34a32d4098fdbaa481da3363a81c.tar.gz garage-b1ee3e54ba7f34a32d4098fdbaa481da3363a81c.zip | |
Merge branch 'main-0.8.x' into sync-08-09sync-08-09
Diffstat (limited to 'src/garage/main.rs')
| -rw-r--r-- | src/garage/main.rs | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/src/garage/main.rs b/src/garage/main.rs index 66403d05..4ee63fa9 100644 --- a/src/garage/main.rs +++ b/src/garage/main.rs @@ -28,7 +28,7 @@ use structopt::StructOpt; use netapp::util::parse_and_resolve_peer_addr; use netapp::NetworkKey; -use garage_util::config::Config; +use garage_util::config::{read_secret_file, Config}; use garage_util::error::*; use garage_rpc::system::*; @@ -73,15 +73,30 @@ pub struct Secrets { #[structopt(short = "s", long = "rpc-secret", env = "GARAGE_RPC_SECRET")] pub rpc_secret: Option<String>, - /// Metrics API authentication token, replaces admin.metrics_token in config.toml when + /// RPC secret network key, used to replace rpc_secret in config.toml and rpc-secret + /// when running the daemon or doing admin operations + #[structopt(long = "rpc-secret-file", env = "GARAGE_RPC_SECRET_FILE")] + pub rpc_secret_file: Option<String>, + + /// Admin API authentication token, replaces admin.admin_token in config.toml when /// running the Garage daemon #[structopt(long = "admin-token", env = "GARAGE_ADMIN_TOKEN")] pub admin_token: Option<String>, + /// Admin API authentication token file path, replaces admin.admin_token in config.toml + /// and admin-token when running the Garage daemon + #[structopt(long = "admin-token-file", env = "GARAGE_ADMIN_TOKEN_FILE")] + pub admin_token_file: Option<String>, + /// Metrics API authentication token, replaces admin.metrics_token in config.toml when /// running the Garage daemon #[structopt(long = "metrics-token", env = "GARAGE_METRICS_TOKEN")] pub metrics_token: Option<String>, + + /// Metrics API authentication token file path, replaces admin.metrics_token in config.toml + /// and metrics-token when running the Garage daemon + #[structopt(long = "metrics-token-file", env = "GARAGE_METRICS_TOKEN_FILE")] + pub metrics_token_file: Option<String>, } #[tokio::main] @@ -262,15 +277,24 @@ async fn cli_command(opt: Opt) -> Result<(), Error> { } } -fn fill_secrets(mut config: Config, secrets: Secrets) -> Config { +fn fill_secrets(mut config: Config, secrets: Secrets) -> Result<Config, Error> { if secrets.rpc_secret.is_some() { config.rpc_secret = secrets.rpc_secret; + } else if secrets.rpc_secret_file.is_some() { + config.rpc_secret = Some(read_secret_file(&secrets.rpc_secret_file.unwrap())?); } + if secrets.admin_token.is_some() { config.admin.admin_token = secrets.admin_token; + } else if secrets.admin_token_file.is_some() { + config.admin.admin_token = Some(read_secret_file(&secrets.admin_token_file.unwrap())?); } + if secrets.metrics_token.is_some() { config.admin.metrics_token = secrets.metrics_token; + } else if secrets.metrics_token_file.is_some() { + config.admin.metrics_token = Some(read_secret_file(&secrets.metrics_token_file.unwrap())?); } - config + + Ok(config) } |