aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorFelix Scheinost <fesc@symentis.com>2023-01-04 18:28:56 +0100
committerFelix Scheinost <fesc@symentis.com>2023-01-04 18:35:10 +0100
commitf2106c27336d7d03671dbbbcd1401232c2beb61f (patch)
treee7847561add9e29dd002814085f1dd784684e2d3 /src
parent02e8eb167efa1f08d69fe7f8e6192cde726c45aa (diff)
downloadgarage-f2106c27336d7d03671dbbbcd1401232c2beb61f.tar.gz
garage-f2106c27336d7d03671dbbbcd1401232c2beb61f.zip
Implement `rpc_secret_file`
Diffstat (limited to 'src')
-rw-r--r--src/garage/main.rs2
-rw-r--r--src/model/garage.rs2
-rw-r--r--src/util/config.rs26
3 files changed, 26 insertions, 4 deletions
diff --git a/src/garage/main.rs b/src/garage/main.rs
index 107b1389..736e11ec 100644
--- a/src/garage/main.rs
+++ b/src/garage/main.rs
@@ -173,7 +173,7 @@ async fn cli_command(opt: Opt) -> Result<(), Error> {
let net_key_hex_str = opt
.rpc_secret
.as_ref()
- .or_else(|| config.as_ref().map(|c| &c.rpc_secret))
+ .or_else(|| config.as_ref().and_then(|c| c.rpc_secret.as_ref()))
.ok_or("No RPC secret provided")?;
let network_key = NetworkKey::from_slice(
&hex::decode(net_key_hex_str).err_context("Invalid RPC secret key (bad hex)")?[..],
diff --git a/src/model/garage.rs b/src/model/garage.rs
index ac1846ce..ffa54dc5 100644
--- a/src/model/garage.rs
+++ b/src/model/garage.rs
@@ -159,7 +159,7 @@ impl Garage {
};
let network_key = NetworkKey::from_slice(
- &hex::decode(&config.rpc_secret).expect("Invalid RPC secret key")[..],
+ &hex::decode(&config.rpc_secret.as_ref().unwrap()).expect("Invalid RPC secret key")[..],
)
.expect("Invalid RPC secret key");
diff --git a/src/util/config.rs b/src/util/config.rs
index 04f8375a..e1120822 100644
--- a/src/util/config.rs
+++ b/src/util/config.rs
@@ -34,7 +34,10 @@ pub struct Config {
pub compression_level: Option<i32>,
/// RPC secret key: 32 bytes hex encoded
- pub rpc_secret: String,
+ pub rpc_secret: Option<String>,
+
+ /// Optional file where RPC secret key is read from
+ pub rpc_secret_file: Option<String>,
/// Address to bind for RPC
pub rpc_bind_addr: SocketAddr,
@@ -177,7 +180,26 @@ pub fn read_config(config_file: PathBuf) -> Result<Config, Error> {
let mut config = String::new();
file.read_to_string(&mut config)?;
- Ok(toml::from_str(&config)?)
+ let mut parsed_config: Config = toml::from_str(&config)?;
+
+ match (&parsed_config.rpc_secret, &parsed_config.rpc_secret_file) {
+ (Some(_), _) => {}
+ (None, Some(rpc_secret_file_path_string)) => {
+ let mut rpc_secret_file = std::fs::OpenOptions::new()
+ .read(true)
+ .open(rpc_secret_file_path_string)?;
+ let mut rpc_secret_from_file = String::new();
+ rpc_secret_file.read_to_string(&mut rpc_secret_from_file)?;
+ // trim_end: allows for use case such as `echo "$(openssl rand -hex 32)" > somefile`.
+ // also editors sometimes add a trailing newline
+ parsed_config.rpc_secret = Some(String::from(rpc_secret_from_file.trim_end()));
+ }
+ (None, None) => {
+ return Err("either `rpc_secret` or `rpc_secret_file` needs to be set".into())
+ }
+ };
+
+ Ok(parsed_config)
}
fn default_compression() -> Option<i32> {