mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-29 07:29:31 +01:00
fix #741
This commit is contained in:
parent
68968d6868
commit
11ca86028c
@ -5,6 +5,7 @@ package cloaks
|
|||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net"
|
"net"
|
||||||
|
"os"
|
||||||
|
|
||||||
"golang.org/x/crypto/sha3"
|
"golang.org/x/crypto/sha3"
|
||||||
|
|
||||||
@ -15,6 +16,7 @@ type CloakConfig struct {
|
|||||||
Enabled bool
|
Enabled bool
|
||||||
Netname string
|
Netname string
|
||||||
Secret string
|
Secret string
|
||||||
|
SecretEnvVar string `yaml:"secret-environment-variable"`
|
||||||
CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
|
CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
|
||||||
CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
|
CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
|
||||||
NumBits int `yaml:"num-bits"`
|
NumBits int `yaml:"num-bits"`
|
||||||
@ -25,6 +27,13 @@ type CloakConfig struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (cloakConfig *CloakConfig) Initialize() {
|
func (cloakConfig *CloakConfig) Initialize() {
|
||||||
|
if cloakConfig.SecretEnvVar != "" {
|
||||||
|
envSecret := os.Getenv(cloakConfig.SecretEnvVar)
|
||||||
|
if envSecret != "" {
|
||||||
|
cloakConfig.Secret = envSecret
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// sanity checks:
|
// sanity checks:
|
||||||
numBits := cloakConfig.NumBits
|
numBits := cloakConfig.NumBits
|
||||||
if 0 == numBits {
|
if 0 == numBits {
|
||||||
|
@ -226,6 +226,10 @@ server:
|
|||||||
# note that rotating this key will invalidate all existing ban masks.
|
# note that rotating this key will invalidate all existing ban masks.
|
||||||
secret: "siaELnk6Kaeo65K3RCrwJjlWaZ-Bt3WuZ2L8MXLbNb4"
|
secret: "siaELnk6Kaeo65K3RCrwJjlWaZ-Bt3WuZ2L8MXLbNb4"
|
||||||
|
|
||||||
|
# name of an environment variable to pull the secret from, for use with
|
||||||
|
# k8s secret distribution:
|
||||||
|
# secret-environment-variable: "ORAGONO_CLOAKING_SECRET"
|
||||||
|
|
||||||
# the cloaked hostname is derived only from the CIDR (most significant bits
|
# the cloaked hostname is derived only from the CIDR (most significant bits
|
||||||
# of the IP address), up to a configurable number of bits. this is the
|
# of the IP address), up to a configurable number of bits. this is the
|
||||||
# granularity at which bans will take effect for IPv4. Note that changing
|
# granularity at which bans will take effect for IPv4. Note that changing
|
||||||
|
Loading…
Reference in New Issue
Block a user