aboutsummaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2024-01-16 12:12:27 +0100
committerAlex Auvolat <alex@adnab.me>2024-01-16 12:12:27 +0100
commit4c5be79b8015510618ad1df7451c50e3f2659978 (patch)
tree09f2dbdd30f8464c2d1f27532a690a46258aedb9 /src/util
parentd91a1de7315373271bce72088a4c73007f2154e8 (diff)
parent083e982f5fd0e88e496da7d67734abd8927f3f98 (diff)
downloadgarage-4c5be79b8015510618ad1df7451c50e3f2659978.tar.gz
garage-4c5be79b8015510618ad1df7451c50e3f2659978.zip
Merge tag 'v0.8.5' into sync-08-09
Garage v0.8.5 This minor release includes the following improvements and fixes: New features: - Configuration: make LMDB's `map_size` configurable and make `block_size` and `sled_cache_capacity` expressable as strings (such as `10M`) (#628, #630) - Add support for binding to Unix sockets for the S3, K2V, Admin and Web API servers (#640) - Move the `convert_db` command into the main Garage binary (#645) - Add support for specifying RPC secret and admin tokens as environment variables (#643) - Add `allow_world_readable_secrets` option to config file (#663, #685) Bug fixes: - Use `statvfs` instead of mount list to determine free space in metadata/data directories (#611, #631) - Add missing casts to fix 32-bit build (#632) - Fix error when none of the HTTP servers (S3/K2V/Admin/Web) is started and fix shutdown hang (#613, #633) - Add missing CORS headers to PostObject response (#609, #656) - Monitoring: finer histogram boundaries in Prometheus exported metrics (#531, #686) Other: - Documentation improvements (#641)
Diffstat (limited to 'src/util')
-rw-r--r--src/util/config.rs155
1 files changed, 12 insertions, 143 deletions
diff --git a/src/util/config.rs b/src/util/config.rs
index ad5c8e1f..65c0b5c0 100644
--- a/src/util/config.rs
+++ b/src/util/config.rs
@@ -1,6 +1,5 @@
//! Contains type and functions related to Garage configuration file
use std::convert::TryFrom;
-use std::io::Read;
use std::net::SocketAddr;
use std::path::PathBuf;
@@ -45,11 +44,15 @@ pub struct Config {
)]
pub compression_level: Option<i32>,
+ /// Skip the permission check of secret files. Useful when
+ /// POSIX ACLs (or more complex chmods) are used.
+ #[serde(default)]
+ pub allow_world_readable_secrets: bool,
+
/// RPC secret key: 32 bytes hex encoded
pub rpc_secret: Option<String>,
/// Optional file where RPC secret key is read from
pub rpc_secret_file: Option<String>,
-
/// Address to bind for RPC
pub rpc_bind_addr: SocketAddr,
/// Public IP address of this node
@@ -221,6 +224,13 @@ pub struct KubernetesDiscoveryConfig {
pub skip_crd: bool,
}
+/// Read and parse configuration
+pub fn read_config(config_file: PathBuf) -> Result<Config, Error> {
+ let config = std::fs::read_to_string(config_file)?;
+
+ Ok(toml::from_str(&config)?)
+}
+
fn default_db_engine() -> String {
"lmdb".into()
}
@@ -235,68 +245,6 @@ fn default_block_size() -> usize {
1048576
}
-/// Read and parse configuration
-pub fn read_config(config_file: PathBuf) -> Result<Config, Error> {
- let mut file = std::fs::OpenOptions::new()
- .read(true)
- .open(config_file.as_path())?;
-
- let mut config = String::new();
- file.read_to_string(&mut config)?;
-
- let mut parsed_config: Config = toml::from_str(&config)?;
-
- secret_from_file(
- &mut parsed_config.rpc_secret,
- &parsed_config.rpc_secret_file,
- "rpc_secret",
- )?;
- secret_from_file(
- &mut parsed_config.admin.metrics_token,
- &parsed_config.admin.metrics_token_file,
- "admin.metrics_token",
- )?;
- secret_from_file(
- &mut parsed_config.admin.admin_token,
- &parsed_config.admin.admin_token_file,
- "admin.admin_token",
- )?;
-
- Ok(parsed_config)
-}
-
-fn secret_from_file(
- secret: &mut Option<String>,
- secret_file: &Option<String>,
- name: &'static str,
-) -> Result<(), Error> {
- match (&secret, &secret_file) {
- (_, None) => {
- // no-op
- }
- (Some(_), Some(_)) => {
- return Err(format!("only one of `{}` and `{}_file` can be set", name, name).into());
- }
- (None, Some(file_path)) => {
- #[cfg(unix)]
- if std::env::var("GARAGE_ALLOW_WORLD_READABLE_SECRETS").as_deref() != Ok("true") {
- use std::os::unix::fs::MetadataExt;
- let metadata = std::fs::metadata(file_path)?;
- if metadata.mode() & 0o077 != 0 {
- return Err(format!("File {} is world-readable! (mode: 0{:o}, expected 0600)\nRefusing to start until this is fixed, or environment variable GARAGE_ALLOW_WORLD_READABLE_SECRETS is set to true.", file_path, metadata.mode()).into());
- }
- }
- let mut file = std::fs::OpenOptions::new().read(true).open(file_path)?;
- let mut secret_buf = String::new();
- file.read_to_string(&mut secret_buf)?;
- // trim_end: allows for use case such as `echo "$(openssl rand -hex 32)" > somefile`.
- // also editors sometimes add a trailing newline
- *secret = Some(String::from(secret_buf.trim_end()));
- }
- }
- Ok(())
-}
-
fn default_compression() -> Option<i32> {
Some(1)
}
@@ -425,83 +373,4 @@ mod tests {
Ok(())
}
-
- #[test]
- fn test_rpc_secret_file_works() -> Result<(), Error> {
- let path_secret = mktemp::Temp::new_file()?;
- let mut file_secret = File::create(path_secret.as_path())?;
- writeln!(file_secret, "foo")?;
- drop(file_secret);
-
- let path_config = mktemp::Temp::new_file()?;
- let mut file_config = File::create(path_config.as_path())?;
- let path_secret_path = path_secret.as_path();
- writeln!(
- file_config,
- r#"
- metadata_dir = "/tmp/garage/meta"
- data_dir = "/tmp/garage/data"
- replication_mode = "3"
- rpc_bind_addr = "[::]:3901"
- rpc_secret_file = "{}"
-
- [s3_api]
- s3_region = "garage"
- api_bind_addr = "[::]:3900"
- "#,
- path_secret_path.display()
- )?;
- let config = super::read_config(path_config.to_path_buf())?;
- assert_eq!("foo", config.rpc_secret.unwrap());
-
- #[cfg(unix)]
- {
- use std::os::unix::fs::PermissionsExt;
- let metadata = std::fs::metadata(&path_secret_path)?;
- let mut perm = metadata.permissions();
- perm.set_mode(0o660);
- std::fs::set_permissions(&path_secret_path, perm)?;
-
- std::env::set_var("GARAGE_ALLOW_WORLD_READABLE_SECRETS", "false");
- assert!(super::read_config(path_config.to_path_buf()).is_err());
-
- std::env::set_var("GARAGE_ALLOW_WORLD_READABLE_SECRETS", "true");
- assert!(super::read_config(path_config.to_path_buf()).is_ok());
- }
-
- drop(path_config);
- drop(path_secret);
- drop(file_config);
- Ok(())
- }
-
- #[test]
- fn test_rcp_secret_and_rpc_secret_file_cannot_be_set_both() -> Result<(), Error> {
- let path_config = mktemp::Temp::new_file()?;
- let mut file_config = File::create(path_config.as_path())?;
- writeln!(
- file_config,
- r#"
- metadata_dir = "/tmp/garage/meta"
- data_dir = "/tmp/garage/data"
- replication_mode = "3"
- rpc_bind_addr = "[::]:3901"
- rpc_secret= "dummy"
- rpc_secret_file = "dummy"
-
- [s3_api]
- s3_region = "garage"
- api_bind_addr = "[::]:3900"
- "#
- )?;
- assert_eq!(
- "only one of `rpc_secret` and `rpc_secret_file` can be set",
- super::read_config(path_config.to_path_buf())
- .unwrap_err()
- .to_string()
- );
- drop(path_config);
- drop(file_config);
- Ok(())
- }
}