server: allow every config value to be specified as a file

By using https://crates.io/crates/figment_file_provider_adapter

Fixes https://github.com/nitnelave/lldap/issues/263
This commit is contained in:
Valentin Tolmer 2022-09-14 10:28:49 +02:00 committed by nitnelave
parent b6ee918ca9
commit 7e1ce10df1
4 changed files with 15 additions and 16 deletions

10
Cargo.lock generated
View file

@ -1202,6 +1202,15 @@ dependencies = [
"version_check", "version_check",
] ]
[[package]]
name = "figment_file_provider_adapter"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c33106424fdbb9b1fd89c18072ba94666496a8a468178911b832a3e406988500"
dependencies = [
"figment",
]
[[package]] [[package]]
name = "firestorm" name = "firestorm"
version = "0.5.1" version = "0.5.1"
@ -2111,6 +2120,7 @@ dependencies = [
"cron", "cron",
"derive_builder", "derive_builder",
"figment", "figment",
"figment_file_provider_adapter",
"futures", "futures",
"futures-util", "futures-util",
"hmac 0.10.1", "hmac 0.10.1",

View file

@ -1,20 +1,6 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
for SECRET in LLDAP_JWT_SECRET LLDAP_LDAP_USER_PASS LLDAP_SMTP_OPTIONS__PASSWORD; do
FILE_VAR="${SECRET}_FILE"
SECRET_FILE="${!FILE_VAR:-}"
if [[ -n "$SECRET_FILE" ]]; then
if [[ -f "$SECRET_FILE" ]]; then
declare "$SECRET=$(cat $SECRET_FILE)"
export "$SECRET"
echo "[entrypoint] Set $SECRET from $SECRET_FILE"
else
echo "[entrypoint] Could not read contents of $SECRET_FILE (specified in $FILE_VAR)" >&2
fi
fi
done
CONFIG_FILE=/data/lldap_config.toml CONFIG_FILE=/data/lldap_config.toml
if [[ ( ! -w "/data" ) ]] || [[ ( ! -d "/data" ) ]]; then if [[ ( ! -w "/data" ) ]] || [[ ( ! -d "/data" ) ]]; then

View file

@ -19,6 +19,7 @@ base64 = "0.13"
bincode = "1.3" bincode = "1.3"
cron = "*" cron = "*"
derive_builder = "0.10.2" derive_builder = "0.10.2"
figment_file_provider_adapter = "0.1"
futures = "*" futures = "*"
futures-util = "*" futures-util = "*"
hmac = "0.10" hmac = "0.10"

View file

@ -279,11 +279,13 @@ where
overrides.general_config().config_file overrides.general_config().config_file
); );
use figment_file_provider_adapter::FileAdapter;
let ignore_keys = ["key_file", "cert_file"];
let mut config: Configuration = Figment::from(Serialized::defaults( let mut config: Configuration = Figment::from(Serialized::defaults(
ConfigurationBuilder::default().private_build().unwrap(), ConfigurationBuilder::default().private_build().unwrap(),
)) ))
.merge(Toml::file(config_file)) .merge(FileAdapter::wrap(Toml::file(config_file)).ignore(&ignore_keys))
.merge(Env::prefixed("LLDAP_").split("__")) .merge(FileAdapter::wrap(Env::prefixed("LLDAP_").split("__")).ignore(&ignore_keys))
.extract()?; .extract()?;
overrides.override_config(&mut config); overrides.override_config(&mut config);