3
0
mirror of https://github.com/ergochat/ergo.git synced 2025-01-08 19:22:53 +01:00

Merge pull request #742 from slingamn/issue741_env

fix #741
This commit is contained in:
Shivaram Lingamneni 2020-01-09 16:46:39 -05:00 committed by GitHub
commit e10a5f07de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 6 deletions

View File

@ -5,6 +5,7 @@ package cloaks
import ( import (
"fmt" "fmt"
"net" "net"
"os"
"golang.org/x/crypto/sha3" "golang.org/x/crypto/sha3"
@ -15,6 +16,7 @@ type CloakConfig struct {
Enabled bool Enabled bool
Netname string Netname string
Secret string Secret string
SecretEnvVar string `yaml:"secret-environment-variable"`
CidrLenIPv4 int `yaml:"cidr-len-ipv4"` CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
CidrLenIPv6 int `yaml:"cidr-len-ipv6"` CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
NumBits int `yaml:"num-bits"` NumBits int `yaml:"num-bits"`
@ -25,6 +27,13 @@ type CloakConfig struct {
} }
func (cloakConfig *CloakConfig) Initialize() { func (cloakConfig *CloakConfig) Initialize() {
if cloakConfig.SecretEnvVar != "" {
envSecret := os.Getenv(cloakConfig.SecretEnvVar)
if envSecret != "" {
cloakConfig.Secret = envSecret
}
}
// sanity checks: // sanity checks:
numBits := cloakConfig.NumBits numBits := cloakConfig.NumBits
if 0 == numBits { if 0 == numBits {

View File

@ -226,6 +226,10 @@ server:
# note that rotating this key will invalidate all existing ban masks. # note that rotating this key will invalidate all existing ban masks.
secret: "siaELnk6Kaeo65K3RCrwJjlWaZ-Bt3WuZ2L8MXLbNb4" secret: "siaELnk6Kaeo65K3RCrwJjlWaZ-Bt3WuZ2L8MXLbNb4"
# name of an environment variable to pull the secret from, for use with
# k8s secret distribution:
# secret-environment-variable: "ORAGONO_CLOAKING_SECRET"
# the cloaked hostname is derived only from the CIDR (most significant bits # the cloaked hostname is derived only from the CIDR (most significant bits
# of the IP address), up to a configurable number of bits. this is the # of the IP address), up to a configurable number of bits. this is the
# granularity at which bans will take effect for IPv4. Note that changing # granularity at which bans will take effect for IPv4. Note that changing