feat(configuration): load config from directory (#4616)

This allows specifying paths to a combination of files and directories with the --config option provided none of the specified file paths reside directly inside one of the specified directory paths. The directory paths are not recursive, and load .yml and .yaml files at this time.
pull/4617/head
James Elliott 2022-12-22 17:34:20 +11:00 committed by GitHub
parent 2eb820026b
commit cc1e58e004
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
66 changed files with 570 additions and 197 deletions

View File

@ -12,6 +12,18 @@ weight: 101200
toc: true toc: true
--- ---
## Loading Behaviour
There are several options which affect the loading of files:
| Name | Argument | Description |
|:-----------------:|:-------------------------------:|:----------------------------------------------------------------------------------:|
| Files/Directories | `--config`, `-c` | A list of file or directory (non-recursive) paths to load configuration files from |
| Filters | `--config.experimental.filters` | A list of filters applied to every file from the Files or Directories options |
__*Note:* when specifying directories and files, the individual files specified must not be within any of the
directories specified.__
## Formats ## Formats
The only supported configuration file format is [YAML](#yaml). The only supported configuration file format is [YAML](#yaml).
@ -164,6 +176,10 @@ The name used to enable this filter is `template`.
This filter uses the [Go template engine](https://pkg.go.dev/text/template) to render the configuration files. It uses This filter uses the [Go template engine](https://pkg.go.dev/text/template) to render the configuration files. It uses
similar syntax to Jinja2 templates with different function names. similar syntax to Jinja2 templates with different function names.
Comprehensive examples are beyond what we support and people wishing to use this should consult the official
[Go template engine](https://pkg.go.dev/text/template) documentation for syntax instructions. We also log the generated
output at each filter stage as a base64 string when trace logging is enabled.
#### Functions #### Functions
In addition to the standard builtin functions we support several other functions. In addition to the standard builtin functions we support several other functions.

View File

@ -24,7 +24,8 @@ An open-source authentication and authorization server providing
two-factor authentication and single sign-on (SSO) for your two-factor authentication and single sign-on (SSO) for your
applications via a web portal. applications via a web portal.
Documentation is available at: https://www.authelia.com/ General documentation is available at: https://www.authelia.com/
CLI documentation is available at: https://www.authelia.com/reference/cli/authelia/authelia/
``` ```
authelia [flags] authelia [flags]
@ -41,8 +42,8 @@ authelia --config /etc/authelia/config/
### Options ### Options
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-h, --help help for authelia -h, --help help for authelia
``` ```

View File

@ -35,8 +35,8 @@ authelia access-control --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -65,8 +65,8 @@ authelia access-control check-policy --config config.yml --url https://example.c
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -48,8 +48,8 @@ authelia build-info
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto certificate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto certificate ecdsa --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -62,8 +62,8 @@ authelia crypto certificate ecdsa generate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -57,8 +57,8 @@ authelia crypto certificate ecdsa request --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto certificate ed25519 --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -61,8 +61,8 @@ authelia crypto certificate ed25519 request --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -56,8 +56,8 @@ authelia crypto certificate ed25519 request --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto certificate rsa --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -62,8 +62,8 @@ authelia crypto certificate rsa generate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -57,8 +57,8 @@ authelia crypto certificate rsa request --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto hash --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -49,8 +49,8 @@ authelia crypto hash generate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -48,8 +48,8 @@ authelia crypto hash generate argon2 --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--no-confirm skip the password confirmation prompt --no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt --password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password --random uses a randomly generated password

View File

@ -43,8 +43,8 @@ authelia crypto hash generate bcrypt --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--no-confirm skip the password confirmation prompt --no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt --password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password --random uses a randomly generated password

View File

@ -44,8 +44,8 @@ authelia crypto hash generate pbkdf2 --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--no-confirm skip the password confirmation prompt --no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt --password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password --random uses a randomly generated password

View File

@ -46,8 +46,8 @@ authelia crypto hash generate scrypt --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--no-confirm skip the password confirmation prompt --no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt --password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password --random uses a randomly generated password

View File

@ -44,8 +44,8 @@ authelia crypto hash generate sha2crypt --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--no-confirm skip the password confirmation prompt --no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt --password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password --random uses a randomly generated password

View File

@ -43,8 +43,8 @@ authelia crypto hash validate '$5$rounds=500000$WFjMpdCQxIkbNl0k$M0qZaZoK8Gwdh8C
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia crypto pair --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -41,8 +41,8 @@ authelia crypto pair ecdsa --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -46,8 +46,8 @@ authelia crypto pair ecdsa generate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -41,8 +41,8 @@ authelia crypto pair ed25519 --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -45,8 +45,8 @@ authelia crypto pair ed25519 generate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -41,8 +41,8 @@ authelia crypto pair rsa --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -46,8 +46,8 @@ authelia crypto pair rsa generate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -52,8 +52,8 @@ authelia crypto rand --characters 0123456789ABCDEF
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -56,8 +56,8 @@ authelia storage --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -37,8 +37,8 @@ authelia storage encryption --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -43,8 +43,8 @@ authelia storage encryption change-key --encryption-key b3453fde-ecc2-4a1f-9422-
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -45,8 +45,8 @@ authelia storage encryption check --verbose --encryption-key b3453fde-ecc2-4a1f-
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -37,8 +37,8 @@ authelia storage migrate --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -46,8 +46,8 @@ authelia storage migrate down --target 20 --encryption-key b3453fde-ecc2-4a1f-94
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -43,8 +43,8 @@ authelia storage migrate history --encryption-key b3453fde-ecc2-4a1f-9422-2707dd
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -44,8 +44,8 @@ authelia storage migrate list-down --encryption-key b3453fde-ecc2-4a1f-9422-2707
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -44,8 +44,8 @@ authelia storage migrate list-up --encryption-key b3453fde-ecc2-4a1f-9422-2707dd
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -46,8 +46,8 @@ authelia storage migrate up --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed49
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -43,8 +43,8 @@ authelia storage schema-info --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed4
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -37,8 +37,8 @@ authelia storage user --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -37,8 +37,8 @@ authelia storage user identifiers --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -46,8 +46,8 @@ authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -45,8 +45,8 @@ authelia storage user identifiers export --file export.yaml --encryption-key b34
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -48,8 +48,8 @@ authelia storage user identifiers generate --users john,mary --services openid -
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -48,8 +48,8 @@ authelia storage user identifiers import --file export.yaml --encryption-key b34
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -37,8 +37,8 @@ authelia storage user totp --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -43,8 +43,8 @@ authelia storage user totp delete john --encryption-key b3453fde-ecc2-4a1f-9422-
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -46,8 +46,8 @@ authelia storage user totp export --format png --dir ./totp-qr --encryption-key
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -55,8 +55,8 @@ authelia storage user totp generate john --algorithm SHA512 --config config.yml
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -37,8 +37,8 @@ authelia storage user webauthn --help
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -52,8 +52,8 @@ authelia storage user webauthn delete --kid abc123 --encryption-key b3453fde-ecc
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -46,8 +46,8 @@ authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-942
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
--encryption-key string the storage encryption key to use --encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia") --mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname --mysql.host string the MySQL hostname

View File

@ -43,8 +43,8 @@ authelia validate-config --config config.yml
### Options inherited from parent commands ### Options inherited from parent commands
``` ```
-c, --config strings configuration files to load (default [configuration.yml]) -c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env' --config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
``` ```
### SEE ALSO ### SEE ALSO

View File

@ -13,7 +13,8 @@ An open-source authentication and authorization server providing
two-factor authentication and single sign-on (SSO) for your two-factor authentication and single sign-on (SSO) for your
applications via a web portal. applications via a web portal.
Documentation is available at: https://www.authelia.com/` General documentation is available at: https://www.authelia.com/
CLI documentation is available at: https://www.authelia.com/reference/cli/authelia/authelia/`
cmdAutheliaExample = `authelia --config /etc/authelia/config.yml --config /etc/authelia/access-control.yml cmdAutheliaExample = `authelia --config /etc/authelia/config.yml --config /etc/authelia/access-control.yml
authelia --config /etc/authelia/config.yml,/etc/authelia/access-control.yml authelia --config /etc/authelia/config.yml,/etc/authelia/access-control.yml
@ -533,6 +534,9 @@ const (
cmdFlagNameSaltSize = "salt-size" cmdFlagNameSaltSize = "salt-size"
cmdFlagNameProfile = "profile" cmdFlagNameProfile = "profile"
cmdConfigDefaultContainer = "/config/configuration.yml"
cmdConfigDefaultDaemon = "/etc/authelia/configuration.yml"
cmdFlagNameConfig = "config" cmdFlagNameConfig = "config"
cmdFlagNameConfigExpFilters = "config.experimental.filters" cmdFlagNameConfigExpFilters = "config.experimental.filters"
@ -626,3 +630,29 @@ const (
var ( var (
validIdentifierServices = []string{identifierServiceOpenIDConnect} validIdentifierServices = []string{identifierServiceOpenIDConnect}
) )
const (
helpTopicConfigFilters = `Configuration Filters are an experimental system for templating configuration files.
Using the --config.experimental.filters flag users can define multiple filters to apply to all configuration files that
are loaded by Authelia. These filters are applied after loading the file data from the filesystem, but before they are
parsed by the relevant file format parser.
The filters are processed in the order specified, and the content of each configuration file is logged as a base64 raw
string when the log level is set to trace.
The following filters are available:
expand-env:
This filter expands environment variables in place where specified in the configuration. For example the string
${DOMAIN_NAME} will be replaced with the value from the DOMAIN_NAME environment variable or an empty string.
template:
This filter uses the go template system to filter the file. In addition to the standard functions, several
custom functions exist to facilitate this process. The 'env' function takes a single string does similar to the
'expand-env' filter for example.
For a full list of functions see: https://www.authelia.com/configuration/methods/files/#functions`
)

View File

@ -4,7 +4,6 @@ import (
"crypto/x509" "crypto/x509"
"fmt" "fmt"
"os" "os"
"strings"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -275,14 +274,23 @@ func (ctx *CmdCtx) ConfigEnsureExistsRunE(cmd *cobra.Command, _ []string) (err e
var ( var (
configs []string configs []string
created bool created bool
result XEnvCLIResult
) )
if configs, _, err = loadEnvCLIStringSliceValue(cmd, "", cmdFlagNameConfig); err != nil { if configs, result, err = loadXEnvCLIStringSliceValue(cmd, "", cmdFlagNameConfig); err != nil {
return err return err
} }
if len(configs) != 1 { switch {
case result == XEnvCLIResultCLIExplicit:
return nil return nil
case result == XEnvCLIResultEnvironment && len(configs) == 1:
switch configs[0] {
case cmdConfigDefaultContainer, cmdConfigDefaultDaemon:
break
default:
return nil
}
} }
if created, err = configuration.EnsureConfigurationExists(configs[0]); err != nil { if created, err = configuration.EnsureConfigurationExists(configs[0]); err != nil {
@ -300,23 +308,15 @@ func (ctx *CmdCtx) ConfigEnsureExistsRunE(cmd *cobra.Command, _ []string) (err e
// ConfigLoadRunE loads the configuration into the CmdCtx. // ConfigLoadRunE loads the configuration into the CmdCtx.
func (ctx *CmdCtx) ConfigLoadRunE(cmd *cobra.Command, _ []string) (err error) { func (ctx *CmdCtx) ConfigLoadRunE(cmd *cobra.Command, _ []string) (err error) {
var ( var (
configs, filterNames []string configs []string
filters []configuration.FileFilter filters []configuration.FileFilter
) )
if configs, _, err = loadEnvCLIStringSliceValue(cmd, "", cmdFlagNameConfig); err != nil { if configs, filters, err = loadXEnvCLIConfigValues(cmd); err != nil {
return err return err
} }
if filterNames, _, err = loadEnvCLIStringSliceValue(cmd, "", cmdFlagNameConfigExpFilters); err != nil {
return err
}
if filters, err = configuration.NewFileFilters(filterNames); err != nil {
return fmt.Errorf("error occurred loading configuration: flag '--%s' is invalid: %w", cmdFlagNameConfigExpFilters, err)
}
if ctx.cconfig == nil { if ctx.cconfig == nil {
ctx.cconfig = NewCmdCtxConfig() ctx.cconfig = NewCmdCtxConfig()
} }
@ -337,29 +337,3 @@ func (ctx *CmdCtx) ConfigLoadRunE(cmd *cobra.Command, _ []string) (err error) {
return nil return nil
} }
func loadEnvCLIStringSliceValue(cmd *cobra.Command, envKey, flagName string) (value []string, explicit bool, err error) { //nolint:unparam
if cmd.Flags().Changed(flagName) {
value, err = cmd.Flags().GetStringSlice(flagName)
return value, true, err
}
var (
env string
ok bool
)
if envKey != "" {
env, ok = os.LookupEnv(envKey)
}
switch {
case ok && env != "":
return strings.Split(env, ","), true, nil
default:
value, err = cmd.Flags().GetStringSlice(flagName)
return value, false, err
}
}

View File

@ -45,9 +45,9 @@ func NewRootCmd() (cmd *cobra.Command) {
DisableAutoGenTag: true, DisableAutoGenTag: true,
} }
cmd.PersistentFlags().StringSliceP(cmdFlagNameConfig, "c", []string{"configuration.yml"}, "configuration files to load") cmd.PersistentFlags().StringSliceP(cmdFlagNameConfig, "c", []string{"configuration.yml"}, "configuration files or directories to load")
cmd.PersistentFlags().StringSlice(cmdFlagNameConfigExpFilters, nil, "applies filters in order to the configuration file before the YAML parser, options are 'template', 'expand-env'") cmd.PersistentFlags().StringSlice(cmdFlagNameConfigExpFilters, nil, "list of filters to apply to all configuration files, for more information: authelia --help authelia filters")
cmd.AddCommand( cmd.AddCommand(
newAccessControlCommand(ctx), newAccessControlCommand(ctx),
@ -55,6 +55,8 @@ func NewRootCmd() (cmd *cobra.Command) {
newCryptoCmd(ctx), newCryptoCmd(ctx),
newStorageCmd(ctx), newStorageCmd(ctx),
newValidateConfigCmd(ctx), newValidateConfigCmd(ctx),
newHelpTopic("filters", "Help for the config filters", helpTopicConfigFilters),
) )
return cmd return cmd
@ -89,6 +91,8 @@ func (ctx *CmdCtx) RootRunE(_ *cobra.Command, _ []string) (err error) {
doStartupChecks(ctx) doStartupChecks(ctx)
ctx.cconfig = nil
runServices(ctx) runServices(ctx)
return nil return nil

View File

@ -5,11 +5,15 @@ import (
"fmt" "fmt"
"io" "io"
"os" "os"
"path/filepath"
"strings"
"syscall" "syscall"
"github.com/spf13/cobra"
"github.com/spf13/pflag" "github.com/spf13/pflag"
"golang.org/x/term" "golang.org/x/term"
"github.com/authelia/authelia/v4/internal/configuration"
"github.com/authelia/authelia/v4/internal/utils" "github.com/authelia/authelia/v4/internal/utils"
) )
@ -228,3 +232,130 @@ func termReadPasswordWithPrompt(prompt, flag string) (password string, err error
return password, nil return password, nil
} }
type XEnvCLIResult int
const (
XEnvCLIResultCLIExplicit XEnvCLIResult = iota
XEnvCLIResultCLIImplicit
XEnvCLIResultEnvironment
)
func loadXEnvCLIConfigValues(cmd *cobra.Command) (configs []string, filters []configuration.FileFilter, err error) {
var (
filterNames []string
)
if configs, _, err = loadXEnvCLIStringSliceValue(cmd, "", cmdFlagNameConfig); err != nil {
return nil, nil, err
}
if configs, err = loadXNormalizedPaths(configs); err != nil {
return nil, nil, err
}
if filterNames, _, err = loadXEnvCLIStringSliceValue(cmd, "", cmdFlagNameConfigExpFilters); err != nil {
return nil, nil, err
}
if filters, err = configuration.NewFileFilters(filterNames); err != nil {
return nil, nil, fmt.Errorf("error occurred loading configuration: flag '--%s' is invalid: %w", cmdFlagNameConfigExpFilters, err)
}
return
}
func loadXNormalizedPaths(paths []string) ([]string, error) {
var (
configs, files, dirs []string
err error
)
var stat os.FileInfo
for _, path := range paths {
if path, err = filepath.Abs(path); err != nil {
return nil, fmt.Errorf("failed to determine absolute path for '%s': %w", path, err)
}
switch stat, err = os.Stat(path); {
case err == nil && stat.IsDir():
configs = append(configs, path)
dirs = append(dirs, path)
case err == nil:
configs = append(configs, path)
files = append(files, path)
default:
if os.IsNotExist(err) {
configs = append(configs, path)
files = append(files, path)
continue
}
return nil, fmt.Errorf("error occurred stating file at path '%s': %w", path, err)
}
}
for i, file := range files {
if file, err = filepath.Abs(file); err != nil {
return nil, fmt.Errorf("failed to determine absolute path for '%s': %w", files[i], err)
}
if len(dirs) != 0 {
filedir := filepath.Dir(file)
for _, dir := range dirs {
if filedir == dir {
return nil, fmt.Errorf("failed to load config directory '%s': the config file '%s' is in that directory which is not supported", dir, file)
}
}
}
}
return configs, nil
}
func loadXEnvCLIStringSliceValue(cmd *cobra.Command, envKey, flagName string) (value []string, result XEnvCLIResult, err error) {
if cmd.Flags().Changed(flagName) {
value, err = cmd.Flags().GetStringSlice(flagName)
return value, XEnvCLIResultCLIExplicit, err
}
var (
env string
ok bool
)
if envKey != "" {
env, ok = os.LookupEnv(envKey)
}
switch {
case ok && env != "":
return strings.Split(env, ","), XEnvCLIResultEnvironment, nil
default:
value, err = cmd.Flags().GetStringSlice(flagName)
return value, XEnvCLIResultCLIImplicit, err
}
}
func newHelpTopic(topic, short, body string) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: topic,
Short: short,
}
cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) {
_ = cmd.Parent().Help()
fmt.Println()
fmt.Printf("Help Topic: %s\n\n", topic)
fmt.Print(body)
fmt.Print("\n\n")
})
return cmd
}

View File

@ -0,0 +1,183 @@
package commands
import (
"fmt"
"os"
"path/filepath"
"testing"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestLoadXEnvCLIStringSliceValue(t *testing.T) {
testCases := []struct {
name string
envKey, envValue, flagValue string
flagDefault []string
flag *pflag.Flag
expected []string
expectedResult XEnvCLIResult
expectedErr string
}{
{
"ShouldParseFromEnv",
"EXAMPLE_ONE", "abc",
"example-one", []string{"flagdef"}, &pflag.Flag{Name: "example-one", Changed: false},
[]string{"abc"}, XEnvCLIResultEnvironment, "",
},
{
"ShouldParseMultipleFromEnv",
"EXAMPLE_ONE", "abc,123",
"example-one", []string{"flagdef"}, &pflag.Flag{Name: "example-one", Changed: false},
[]string{"abc", "123"}, XEnvCLIResultEnvironment, "",
},
{
"ShouldParseCLIExplicit",
"EXAMPLE_ONE", "abc,123",
"example-from-flag,123", []string{"flagdef"}, &pflag.Flag{Name: "example-one", Changed: true},
[]string{"example-from-flag", "123"}, XEnvCLIResultCLIExplicit, "",
},
{
"ShouldParseCLIImplicit",
"EXAMPLE_ONE", "",
"example-one", []string{"example-from-flag-default", "123"}, &pflag.Flag{Name: "example-one", Changed: false},
[]string{"example-from-flag-default", "123"}, XEnvCLIResultCLIImplicit, "",
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
cmd := &cobra.Command{}
if tc.flag != nil {
cmd.Flags().StringSlice(tc.flag.Name, tc.flagDefault, "")
if tc.flag.Changed {
require.NoError(t, cmd.Flags().Set(tc.flag.Name, tc.flagValue))
}
}
if tc.envValue != "" {
require.NoError(t, os.Setenv(tc.envKey, tc.envValue))
}
actual, actualResult, actualErr := loadXEnvCLIStringSliceValue(cmd, tc.envKey, tc.flag.Name)
assert.Equal(t, tc.expected, actual)
assert.Equal(t, tc.expectedResult, actualResult)
if tc.expectedErr == "" {
assert.NoError(t, actualErr)
} else {
assert.EqualError(t, actualErr, tc.expectedErr)
}
if tc.envValue != "" {
require.NoError(t, os.Unsetenv(tc.envKey))
}
})
}
}
func TestLoadXNormalizedPaths(t *testing.T) {
root := t.TempDir()
configdir := filepath.Join(root, "config")
otherdir := filepath.Join(root, "other")
require.NoError(t, os.Mkdir(configdir, 0700))
require.NoError(t, os.Mkdir(otherdir, 0700))
var (
info os.FileInfo
file *os.File
err error
)
ayml := filepath.Join(configdir, "a.yml")
byml := filepath.Join(configdir, "b.yml")
cyml := filepath.Join(otherdir, "c.yml")
file, err = os.Create(ayml)
require.NoError(t, err)
require.NoError(t, file.Close())
file, err = os.Create(byml)
require.NoError(t, err)
require.NoError(t, file.Close())
file, err = os.Create(cyml)
require.NoError(t, err)
require.NoError(t, file.Close())
info, err = os.Stat(configdir)
require.NoError(t, err)
require.True(t, info.IsDir())
info, err = os.Stat(otherdir)
require.NoError(t, err)
require.True(t, info.IsDir())
info, err = os.Stat(ayml)
require.NoError(t, err)
require.False(t, info.IsDir())
info, err = os.Stat(byml)
require.NoError(t, err)
require.False(t, info.IsDir())
info, err = os.Stat(cyml)
require.NoError(t, err)
require.False(t, info.IsDir())
testCases := []struct {
name string
have, expected []string
expectedErr string
}{
{"ShouldAllowFiles",
[]string{ayml},
[]string{ayml}, "",
},
{"ShouldAllowDirectories",
[]string{configdir},
[]string{configdir}, "",
},
{"ShouldAllowFilesDirectories",
[]string{ayml, otherdir},
[]string{ayml, otherdir}, "",
},
{"ShouldRaiseErrOnOverlappingFilesDirectories",
[]string{ayml, configdir},
nil, fmt.Sprintf("failed to load config directory '%s': the config file '%s' is in that directory which is not supported", configdir, ayml),
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
actual, actualErr := loadXNormalizedPaths(tc.have)
assert.Equal(t, tc.expected, actual)
if tc.expectedErr == "" {
assert.NoError(t, actualErr)
} else {
assert.EqualError(t, actualErr, tc.expectedErr)
}
})
}
}

View File

@ -191,12 +191,12 @@ func TestShouldRaiseIOErrOnUnreadableFile(t *testing.T) {
cfg := filepath.Join(dir, "myconf.yml") cfg := filepath.Join(dir, "myconf.yml")
val := schema.NewStructValidator() val := schema.NewStructValidator()
_, _, err := Load(val, NewYAMLFileSource(cfg)) _, _, err := Load(val, NewFileSource(cfg))
assert.NoError(t, err) assert.NoError(t, err)
require.Len(t, val.Errors(), 1) require.Len(t, val.Errors(), 1)
assert.Len(t, val.Warnings(), 0) assert.Len(t, val.Warnings(), 0)
assert.EqualError(t, val.Errors()[0], fmt.Sprintf("failed to load configuration from yaml file(%s) source: open %s: permission denied", cfg, cfg)) assert.EqualError(t, val.Errors()[0], fmt.Sprintf("failed to load configuration from file path(%s) source: open %s: permission denied", cfg, cfg))
} }
func TestShouldValidateConfigurationWithEnvSecrets(t *testing.T) { func TestShouldValidateConfigurationWithEnvSecrets(t *testing.T) {
@ -417,28 +417,25 @@ func TestShouldNotReadConfigurationOnFSAccessDenied(t *testing.T) {
assert.NoError(t, testCreateFile(filepath.Join(dir, "config.yml"), "port: 9091\n", 0000)) assert.NoError(t, testCreateFile(filepath.Join(dir, "config.yml"), "port: 9091\n", 0000))
val := schema.NewStructValidator() val := schema.NewStructValidator()
_, _, err := Load(val, NewYAMLFileSource(cfg)) _, _, err := Load(val, NewFileSource(cfg))
assert.NoError(t, err) assert.NoError(t, err)
require.Len(t, val.Errors(), 1) require.Len(t, val.Errors(), 1)
assert.EqualError(t, val.Errors()[0], fmt.Sprintf("failed to load configuration from yaml file(%s) source: open %s: permission denied", cfg, cfg)) assert.EqualError(t, val.Errors()[0], fmt.Sprintf("failed to load configuration from file path(%s) source: open %s: permission denied", cfg, cfg))
} }
func TestShouldNotLoadDirectoryConfiguration(t *testing.T) { func TestShouldLoadDirectoryConfiguration(t *testing.T) {
testReset() testReset()
dir := t.TempDir() dir := t.TempDir()
val := schema.NewStructValidator() val := schema.NewStructValidator()
_, _, err := Load(val, NewYAMLFileSource(dir)) _, _, err := Load(val, NewFileSource(dir))
assert.NoError(t, err) assert.NoError(t, err)
require.Len(t, val.Errors(), 1) assert.Len(t, val.Errors(), 0)
assert.Len(t, val.Warnings(), 0) assert.Len(t, val.Warnings(), 0)
expectedErr := fmt.Sprintf(utils.GetExpectedErrTxt("yamlisdir"), dir)
assert.EqualError(t, val.Errors()[0], fmt.Sprintf("failed to load configuration from yaml file(%s) source: %s", dir, expectedErr))
} }
func testSetEnv(t *testing.T, key, value string) { func testSetEnv(t *testing.T, key, value string) {

View File

@ -3,6 +3,8 @@ package configuration
import ( import (
"errors" "errors"
"fmt" "fmt"
"os"
"path/filepath"
"github.com/knadh/koanf" "github.com/knadh/koanf"
"github.com/knadh/koanf/parsers/yaml" "github.com/knadh/koanf/parsers/yaml"
@ -14,29 +16,29 @@ import (
"github.com/authelia/authelia/v4/internal/configuration/schema" "github.com/authelia/authelia/v4/internal/configuration/schema"
) )
// NewYAMLFileSource returns a configuration.Source configured to load from a specified YAML path. If there is an issue // NewFileSource returns a configuration.Source configured to load from a specified path. If there is an issue
// accessing this path it also returns an error. // accessing this path it also returns an error.
func NewYAMLFileSource(path string) (source *YAMLFileSource) { func NewFileSource(path string) (source *FileSource) {
return &YAMLFileSource{ return &FileSource{
koanf: koanf.New(constDelimiter), koanf: koanf.New(constDelimiter),
path: path, path: path,
} }
} }
// NewYAMLFileTemplatedSource returns a configuration.Source configured to load from a specified YAML path. If there is // NewFilteredFileSource returns a configuration.Source configured to load from a specified path. If there is
// an issue accessing this path it also returns an error. // an issue accessing this path it also returns an error.
func NewYAMLFileTemplatedSource(path string, filters ...FileFilter) (source *YAMLFileSource) { func NewFilteredFileSource(path string, filters ...FileFilter) (source *FileSource) {
return &YAMLFileSource{ return &FileSource{
koanf: koanf.New(constDelimiter), koanf: koanf.New(constDelimiter),
path: path, path: path,
filters: filters, filters: filters,
} }
} }
// NewYAMLFileSources returns a slice of configuration.Source configured to load from specified YAML files. // NewFileSources returns a slice of configuration.Source configured to load from specified files.
func NewYAMLFileSources(paths []string) (sources []*YAMLFileSource) { func NewFileSources(paths []string) (sources []*FileSource) {
for _, path := range paths { for _, path := range paths {
source := NewYAMLFileSource(path) source := NewFileSource(path)
sources = append(sources, source) sources = append(sources, source)
} }
@ -44,10 +46,10 @@ func NewYAMLFileSources(paths []string) (sources []*YAMLFileSource) {
return sources return sources
} }
// NewYAMLFilteredFileSources returns a slice of configuration.Source configured to load from specified YAML files. // NewFilteredFileSources returns a slice of configuration.Source configured to load from specified files.
func NewYAMLFilteredFileSources(paths []string, filters []FileFilter) (sources []*YAMLFileSource) { func NewFilteredFileSources(paths []string, filters []FileFilter) (sources []*FileSource) {
for _, path := range paths { for _, path := range paths {
source := NewYAMLFileTemplatedSource(path, filters...) source := NewFilteredFileSource(path, filters...)
sources = append(sources, source) sources = append(sources, source)
} }
@ -56,24 +58,59 @@ func NewYAMLFilteredFileSources(paths []string, filters []FileFilter) (sources [
} }
// Name of the Source. // Name of the Source.
func (s *YAMLFileSource) Name() (name string) { func (s *FileSource) Name() (name string) {
return fmt.Sprintf("yaml file(%s)", s.path) return fmt.Sprintf("file path(%s)", s.path)
} }
// Merge the YAMLFileSource koanf.Koanf into the provided one. // Merge the FileSource koanf.Koanf into the provided one.
func (s *YAMLFileSource) Merge(ko *koanf.Koanf, _ *schema.StructValidator) (err error) { func (s *FileSource) Merge(ko *koanf.Koanf, _ *schema.StructValidator) (err error) {
return ko.Merge(s.koanf) return ko.Merge(s.koanf)
} }
// Load the Source into the YAMLFileSource koanf.Koanf. // Load the Source into the FileSource koanf.Koanf.
func (s *YAMLFileSource) Load(_ *schema.StructValidator) (err error) { func (s *FileSource) Load(val *schema.StructValidator) (err error) {
if s.path == "" { if s.path == "" {
return errors.New("invalid yaml path source configuration") return errors.New("invalid file path source configuration")
}
var info os.FileInfo
if info, err = os.Stat(s.path); err != nil {
return err
}
if info.IsDir() {
return s.loadDir(val)
} }
return s.koanf.Load(FilteredFileProvider(s.path, s.filters...), yaml.Parser()) return s.koanf.Load(FilteredFileProvider(s.path, s.filters...), yaml.Parser())
} }
func (s *FileSource) loadDir(_ *schema.StructValidator) (err error) {
var entries []os.DirEntry
if entries, err = os.ReadDir(s.path); err != nil {
return err
}
for _, entry := range entries {
if entry.IsDir() {
continue
}
name := entry.Name()
switch ext := filepath.Ext(name); ext {
case ".yml", ".yaml":
if err = s.koanf.Load(FilteredFileProvider(filepath.Join(s.path, name), s.filters...), yaml.Parser()); err != nil {
return err
}
}
}
return nil
}
// NewEnvironmentSource returns a Source configured to load from environment variables. // NewEnvironmentSource returns a Source configured to load from environment variables.
func NewEnvironmentSource(prefix, delimiter string) (source *EnvironmentSource) { func NewEnvironmentSource(prefix, delimiter string) (source *EnvironmentSource) {
return &EnvironmentSource{ return &EnvironmentSource{
@ -156,7 +193,7 @@ func (s *CommandLineSource) Merge(ko *koanf.Koanf, val *schema.StructValidator)
return ko.Merge(s.koanf) return ko.Merge(s.koanf)
} }
// Load the Source into the YAMLFileSource koanf.Koanf. // Load the Source into the FileSource koanf.Koanf.
func (s *CommandLineSource) Load(_ *schema.StructValidator) (err error) { func (s *CommandLineSource) Load(_ *schema.StructValidator) (err error) {
if s.callback != nil { if s.callback != nil {
return s.koanf.Load(posflag.ProviderWithFlag(s.flags, ".", s.koanf, s.callback), nil) return s.koanf.Load(posflag.ProviderWithFlag(s.flags, ".", s.koanf, s.callback), nil)
@ -183,14 +220,14 @@ func (s *MapSource) Merge(ko *koanf.Koanf, val *schema.StructValidator) (err err
return ko.Merge(s.koanf) return ko.Merge(s.koanf)
} }
// Load the Source into the YAMLFileSource koanf.Koanf. // Load the Source into the FileSource koanf.Koanf.
func (s *MapSource) Load(_ *schema.StructValidator) (err error) { func (s *MapSource) Load(_ *schema.StructValidator) (err error) {
return s.koanf.Load(confmap.Provider(s.m, constDelimiter), nil) return s.koanf.Load(confmap.Provider(s.m, constDelimiter), nil)
} }
// NewDefaultSources returns a slice of Source configured to load from specified YAML files. // NewDefaultSources returns a slice of Source configured to load from specified YAML files.
func NewDefaultSources(filePaths []string, prefix, delimiter string, additionalSources ...Source) (sources []Source) { func NewDefaultSources(paths []string, prefix, delimiter string, additionalSources ...Source) (sources []Source) {
fileSources := NewYAMLFileSources(filePaths) fileSources := NewFileSources(paths)
for _, source := range fileSources { for _, source := range fileSources {
sources = append(sources, source) sources = append(sources, source)
} }
@ -206,8 +243,8 @@ func NewDefaultSources(filePaths []string, prefix, delimiter string, additionalS
} }
// NewDefaultSourcesFiltered returns a slice of Source configured to load from specified YAML files. // NewDefaultSourcesFiltered returns a slice of Source configured to load from specified YAML files.
func NewDefaultSourcesFiltered(files []string, filters []FileFilter, prefix, delimiter string, additionalSources ...Source) (sources []Source) { func NewDefaultSourcesFiltered(paths []string, filters []FileFilter, prefix, delimiter string, additionalSources ...Source) (sources []Source) {
fileSources := NewYAMLFilteredFileSources(files, filters) fileSources := NewFilteredFileSources(paths, filters)
for _, source := range fileSources { for _, source := range fileSources {
sources = append(sources, source) sources = append(sources, source)
} }
@ -223,15 +260,15 @@ func NewDefaultSourcesFiltered(files []string, filters []FileFilter, prefix, del
} }
// NewDefaultSourcesWithDefaults returns a slice of Source configured to load from specified YAML files with additional sources. // NewDefaultSourcesWithDefaults returns a slice of Source configured to load from specified YAML files with additional sources.
func NewDefaultSourcesWithDefaults(files []string, filters []FileFilter, prefix, delimiter string, defaults Source, additionalSources ...Source) (sources []Source) { func NewDefaultSourcesWithDefaults(paths []string, filters []FileFilter, prefix, delimiter string, defaults Source, additionalSources ...Source) (sources []Source) {
if defaults != nil { if defaults != nil {
sources = []Source{defaults} sources = []Source{defaults}
} }
if len(filters) == 0 { if len(filters) == 0 {
sources = append(sources, NewDefaultSources(files, prefix, delimiter, additionalSources...)...) sources = append(sources, NewDefaultSources(paths, prefix, delimiter, additionalSources...)...)
} else { } else {
sources = append(sources, NewDefaultSourcesFiltered(files, filters, prefix, delimiter, additionalSources...)...) sources = append(sources, NewDefaultSourcesFiltered(paths, filters, prefix, delimiter, additionalSources...)...)
} }
return sources return sources

View File

@ -14,8 +14,8 @@ type Source interface {
Load(val *schema.StructValidator) (err error) Load(val *schema.StructValidator) (err error)
} }
// YAMLFileSource is a YAML file configuration.Source. // FileSource is a file configuration.Source.
type YAMLFileSource struct { type FileSource struct {
koanf *koanf.Koanf koanf *koanf.Koanf
path string path string
filters []FileFilter filters []FileFilter

View File

@ -10,7 +10,7 @@ import (
"testing" "testing"
"github.com/stretchr/testify/suite" "github.com/stretchr/testify/suite"
"gopkg.in/yaml.v3" yaml "gopkg.in/yaml.v3"
"github.com/authelia/authelia/v4/internal/model" "github.com/authelia/authelia/v4/internal/model"
"github.com/authelia/authelia/v4/internal/storage" "github.com/authelia/authelia/v4/internal/storage"
@ -81,7 +81,7 @@ func (s *CLISuite) TestShouldValidateConfig() {
func (s *CLISuite) TestShouldFailValidateConfig() { func (s *CLISuite) TestShouldFailValidateConfig() {
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "validate-config", "--config=/config/invalid.yml"}) output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "validate-config", "--config=/config/invalid.yml"})
s.Assert().NoError(err) s.Assert().NoError(err)
s.Assert().Contains(output, "failed to load configuration from yaml file(/config/invalid.yml) source: open /config/invalid.yml: no such file or directory") s.Assert().Contains(output, "failed to load configuration from file path(/config/invalid.yml) source: stat /config/invalid.yml: no such file or directory\n")
} }
func (s *CLISuite) TestShouldHashPasswordArgon2() { func (s *CLISuite) TestShouldHashPasswordArgon2() {