RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added environment variable parsing for: 

*session secret
*e-mail service password
*smtp server password
*duo-auth api secret key
*ldap bind password
These still need to be specified in the configuration file
but can have dummy values there while the real values are
passed in via environment variables.
pull/378/head
Max Planck 2019-05-29 07:26:41 -06:00 committed by Clément Michaud
parent cb4eb710fb
commit 80b1428849
2 changed files with 67 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.dockerignore 100644
View File

@ -0,0 +1,3 @@
.git
.cache
**/node_modules

72
server/src/lib/Server.ts
View File

@ -74,16 +74,72 @@ export default class Server {
const app = Express();
const appConfiguration = ConfigurationParser.parse(configuration);
// We want to get the ldap binding password from the environment if it has been set, otherwise
// it will come from the configuration file
if (process.env.LDAP_BACKEND_PASSWORD) {
appConfiguration.authentication_backend.ldap.password = process.env.LDAP_BACKEND_PASSWORD;
that.globalLogger.debug("Got ldap binding password from environment");
}
// by default the level of logs is info
deps.winston.level = appConfiguration.logs_level;
// We want to get the ldap binding password from the environment if it has been set, otherwise it will come from
// the config file
if (process.env.LDAP_BACKEND_PASSWORD) {
if (appConfiguration.authentication_backend.ldap) {
appConfiguration.authentication_backend.ldap.password = process.env.LDAP_BACKEND_PASSWORD;
that.globalLogger.debug("Got ldap binding password from environment");
} else {
const erMsg =
"Environment variable LDAP_BACKEND_PASSWORD set, but no ldap configuration is specified in configuration file.";
that.globalLogger.error(erMsg);
throw new Error(erMsg);
}
}
// We want to get the session secret from the environment if it has been set, otherwise it will come from the
// config file
if (process.env.SESSION_SECRET) {
appConfiguration.session.secret = process.env.SESSION_SECRET;
that.globalLogger.debug("Got session secret from environment");
}
// We want to get the password for using an e-mail service from the environment if it has been set, otherwise it
// will come from the config file
if (process.env.EMAIL_SERVICE_PASSWORD) {
if (appConfiguration.notifier && appConfiguration.notifier.email) {
appConfiguration.notifier.email.password = process.env.EMAIL_SERVICE_PASSWORD;
that.globalLogger.debug("Got e-mail service notifier password from environment");
} else {
const erMsg = "Environment variable EMAIL_SERVICE_PASSWORD set, but no e-mail service is given in the " +
"notifier section of the configuration file.";
that.globalLogger.error(erMsg);
throw new Error(erMsg);
}
}
// We want to get the password for authenticating to an SMTP server for sending notifier e-mails if it has been set,
// otherwise it will come from the config file
if (process.env.SMTP_PASSWORD) {
if (appConfiguration.notifier && appConfiguration.notifier.smtp) {
appConfiguration.notifier.smtp.password = process.env.SMTP_PASSWORD;
that.globalLogger.debug("Got smtp service notifier password from environment");
} else {
const erMsg = "Environment variable SMTP_PASSWORD set, but no smtp entry is given in the notifier section of " +
"the configuration file.";
that.globalLogger.error(erMsg);
throw new Error(erMsg);
}
}
// We want to get the duo api secret key from the environment if it has been set, otherwise it will come from the
// config file
if (process.env.DUO_API_SECRET_KEY) {
if (appConfiguration.duo_api) {
appConfiguration.duo_api.secret_key = process.env.DUO_API_SECRET_KEY;
that.globalLogger.debug("Got duo api secret from environment");
} else {
const erMsg =
"Environment variable DUO_API_SECRET_KEY set, but no duo_api section given in the configuration file.";
that.globalLogger.error(erMsg);
throw new Error(erMsg);
}
}
this.displayConfigurations(appConfiguration);
return this.setup(appConfiguration, app, deps)