diff options
author | Felix Scheinost <fesc@symentis.com> | 2023-01-04 18:28:56 +0100 |
---|---|---|
committer | Felix Scheinost <fesc@symentis.com> | 2023-01-04 18:35:10 +0100 |
commit | f2106c27336d7d03671dbbbcd1401232c2beb61f (patch) | |
tree | e7847561add9e29dd002814085f1dd784684e2d3 /src | |
parent | 02e8eb167efa1f08d69fe7f8e6192cde726c45aa (diff) | |
download | garage-f2106c27336d7d03671dbbbcd1401232c2beb61f.tar.gz garage-f2106c27336d7d03671dbbbcd1401232c2beb61f.zip |
Implement `rpc_secret_file`
Diffstat (limited to 'src')
-rw-r--r-- | src/garage/main.rs | 2 | ||||
-rw-r--r-- | src/model/garage.rs | 2 | ||||
-rw-r--r-- | src/util/config.rs | 26 |
3 files changed, 26 insertions, 4 deletions
diff --git a/src/garage/main.rs b/src/garage/main.rs index 107b1389..736e11ec 100644 --- a/src/garage/main.rs +++ b/src/garage/main.rs @@ -173,7 +173,7 @@ async fn cli_command(opt: Opt) -> Result<(), Error> { let net_key_hex_str = opt .rpc_secret .as_ref() - .or_else(|| config.as_ref().map(|c| &c.rpc_secret)) + .or_else(|| config.as_ref().and_then(|c| c.rpc_secret.as_ref())) .ok_or("No RPC secret provided")?; let network_key = NetworkKey::from_slice( &hex::decode(net_key_hex_str).err_context("Invalid RPC secret key (bad hex)")?[..], diff --git a/src/model/garage.rs b/src/model/garage.rs index ac1846ce..ffa54dc5 100644 --- a/src/model/garage.rs +++ b/src/model/garage.rs @@ -159,7 +159,7 @@ impl Garage { }; let network_key = NetworkKey::from_slice( - &hex::decode(&config.rpc_secret).expect("Invalid RPC secret key")[..], + &hex::decode(&config.rpc_secret.as_ref().unwrap()).expect("Invalid RPC secret key")[..], ) .expect("Invalid RPC secret key"); diff --git a/src/util/config.rs b/src/util/config.rs index 04f8375a..e1120822 100644 --- a/src/util/config.rs +++ b/src/util/config.rs @@ -34,7 +34,10 @@ pub struct Config { pub compression_level: Option<i32>, /// RPC secret key: 32 bytes hex encoded - pub rpc_secret: String, + pub rpc_secret: Option<String>, + + /// Optional file where RPC secret key is read from + pub rpc_secret_file: Option<String>, /// Address to bind for RPC pub rpc_bind_addr: SocketAddr, @@ -177,7 +180,26 @@ pub fn read_config(config_file: PathBuf) -> Result<Config, Error> { let mut config = String::new(); file.read_to_string(&mut config)?; - Ok(toml::from_str(&config)?) + let mut parsed_config: Config = toml::from_str(&config)?; + + match (&parsed_config.rpc_secret, &parsed_config.rpc_secret_file) { + (Some(_), _) => {} + (None, Some(rpc_secret_file_path_string)) => { + let mut rpc_secret_file = std::fs::OpenOptions::new() + .read(true) + .open(rpc_secret_file_path_string)?; + let mut rpc_secret_from_file = String::new(); + rpc_secret_file.read_to_string(&mut rpc_secret_from_file)?; + // trim_end: allows for use case such as `echo "$(openssl rand -hex 32)" > somefile`. + // also editors sometimes add a trailing newline + parsed_config.rpc_secret = Some(String::from(rpc_secret_from_file.trim_end())); + } + (None, None) => { + return Err("either `rpc_secret` or `rpc_secret_file` needs to be set".into()) + } + }; + + Ok(parsed_config) } fn default_compression() -> Option<i32> { |