mirror of
https://github.com/ergochat/ergo.git
synced 2024-12-22 10:42:52 +01:00
commit
e10a5f07de
@ -5,6 +5,7 @@ package cloaks
|
||||
import (
|
||||
"fmt"
|
||||
"net"
|
||||
"os"
|
||||
|
||||
"golang.org/x/crypto/sha3"
|
||||
|
||||
@ -12,12 +13,13 @@ import (
|
||||
)
|
||||
|
||||
type CloakConfig struct {
|
||||
Enabled bool
|
||||
Netname string
|
||||
Secret string
|
||||
CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
|
||||
CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
|
||||
NumBits int `yaml:"num-bits"`
|
||||
Enabled bool
|
||||
Netname string
|
||||
Secret string
|
||||
SecretEnvVar string `yaml:"secret-environment-variable"`
|
||||
CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
|
||||
CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
|
||||
NumBits int `yaml:"num-bits"`
|
||||
|
||||
numBytes int
|
||||
ipv4Mask net.IPMask
|
||||
@ -25,6 +27,13 @@ type CloakConfig struct {
|
||||
}
|
||||
|
||||
func (cloakConfig *CloakConfig) Initialize() {
|
||||
if cloakConfig.SecretEnvVar != "" {
|
||||
envSecret := os.Getenv(cloakConfig.SecretEnvVar)
|
||||
if envSecret != "" {
|
||||
cloakConfig.Secret = envSecret
|
||||
}
|
||||
}
|
||||
|
||||
// sanity checks:
|
||||
numBits := cloakConfig.NumBits
|
||||
if 0 == numBits {
|
||||
|
@ -226,6 +226,10 @@ server:
|
||||
# note that rotating this key will invalidate all existing ban masks.
|
||||
secret: "siaELnk6Kaeo65K3RCrwJjlWaZ-Bt3WuZ2L8MXLbNb4"
|
||||
|
||||
# name of an environment variable to pull the secret from, for use with
|
||||
# k8s secret distribution:
|
||||
# secret-environment-variable: "ORAGONO_CLOAKING_SECRET"
|
||||
|
||||
# the cloaked hostname is derived only from the CIDR (most significant bits
|
||||
# of the IP address), up to a configurable number of bits. this is the
|
||||
# granularity at which bans will take effect for IPv4. Note that changing
|
||||
|
Loading…
Reference in New Issue
Block a user