diff options
author | Daniel Friesel <derf@finalrewind.org> | 2019-04-13 12:17:19 +0200 |
---|---|---|
committer | Daniel Friesel <derf@finalrewind.org> | 2019-04-13 12:18:26 +0200 |
commit | 80a6317ac55de020f606a5ca114466d3f0100511 (patch) | |
tree | 9bd5104c3f07cda2f07f3a783e71e1e5b948f943 | |
parent | 61b1ef398e275a110173ed77556ff211adc1ba82 (diff) |
Use travelynx.conf for configuration and secrets
This avoids having to specify secrets in the environment, where they can leak
easily.
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | README.md | 5 | ||||
-rw-r--r-- | examples/travelynx.conf | 23 | ||||
-rw-r--r-- | examples/travelynx.service | 13 | ||||
-rwxr-xr-x | lib/Travelynx.pm | 72 | ||||
-rw-r--r-- | lib/Travelynx/Helper/Sendmail.pm | 7 | ||||
-rw-r--r-- | templates/layouts/default.html.ep | 2 |
7 files changed, 70 insertions, 53 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f93666b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/travelynx.conf @@ -36,8 +36,9 @@ Debian 9 system, though setup on other distribution should be similar. * Create a postgres user for travelynx: `sudo -u postgres createuser -P travelynx` (enter password when prompted) * Create the database: `sudo -u postgres createdb -O travelynx travelynx` -* Initialize the database: `TRAVELYNX_DB_HOST=... TRAVELYNX_DB_NAME=... ` - `TRAVELYNX_DB_USER=... TRAVELYNX_DB_PASSWORD=... perl index.pl setup` +* Copy `examples/travelynx.conf` to the application root directory + (the one in which `index.pl` resides) and configure it +* Initialize the database: `perl index.pl database setup` Your server also needs to be able to send mail. Set up your MTA of choice and make sure that the sendmail binary can be used for outgoing mails. Mail diff --git a/examples/travelynx.conf b/examples/travelynx.conf new file mode 100644 index 0000000..ae61f7b --- /dev/null +++ b/examples/travelynx.conf @@ -0,0 +1,23 @@ +{ + cache => { + schedule => '/var/cache/travelynx/iris', + realtime => '/var/cache/travelynx/iris-rt', + }, + db => { + host => 'localhost', + database => 'travelynx', + user => 'travelynx', + password => die("Changeme!"), + }, + hypnotoad => { + accepts => 100, + clients => 10, + listen => [ 'http://127.0.0.1:8093' ], + pid_file => '/tmp/travelynx.pid', + workers => 2, + spare => 2, + }, + secrets => [ + die("Changeme!"), + ], +}; diff --git a/examples/travelynx.service b/examples/travelynx.service index a946984..0a2b2d5 100644 --- a/examples/travelynx.service +++ b/examples/travelynx.service @@ -16,19 +16,6 @@ WorkingDirectory=/srv/www/travelynx Environment=LANG=en_US.UTF-8 -Environment=TRAVELYNX_DB_NAME=travelynx -Environment=TRAVELYNX_DB_HOST=localhost -Environment=TRAVELYNX_DB_PORT=5432 -Environment=TRAVELYNX_DB_USER=travelynx -Environment=TRAVELYNX_DB_PASSWORD= ! CHANGEME ! - -Environment=TRAVELYNX_SECRETS= ! CHANGEME ! - -Environment=TRAVELYNX_WORKERS=2 -Environment=TRAVELYNX_LISTEN=http://127.0.0.1:8093 - -Environment=TRAVELYNX_IRIS_CACHE=/var/cache/dbf/iris -Environment=TRAVELYNX_IRISRT_CACHE=/var/cache/dbf/iris-rt [Install] WantedBy=multi-user.target diff --git a/lib/Travelynx.pm b/lib/Travelynx.pm index 1965da4..02f5f1b 100755 --- a/lib/Travelynx.pm +++ b/lib/Travelynx.pm @@ -17,18 +17,6 @@ use Travelynx::Helper::Sendmail; our $VERSION = qx{git describe --dirty} || 'experimental'; -my $cache_iris_main = Cache::File->new( - cache_root => $ENV{TRAVELYNX_IRIS_CACHE} // '/tmp/dbf-iris-main', - default_expires => '6 hours', - lock_level => Cache::File::LOCK_LOCAL(), -); - -my $cache_iris_rt = Cache::File->new( - cache_root => $ENV{TRAVELYNX_IRISRT_CACHE} // '/tmp/dbf-iris-realtime', - default_expires => '70 seconds', - lock_level => Cache::File::LOCK_LOCAL(), -); - sub check_password { my ( $password, $hash ) = @_; @@ -66,27 +54,18 @@ sub get_station { sub startup { my ($self) = @_; - if ( $ENV{TRAVELYNX_SECRETS} ) { - $self->secrets( [ split( qr{:}, $ENV{TRAVELYNX_SECRETS} ) ] ); - } - push( @{ $self->commands->namespaces }, 'Travelynx::Command' ); $self->defaults( layout => 'default' ); - $self->config( - hypnotoad => { - accepts => $ENV{TRAVELYNX_ACCEPTS} // 100, - clients => $ENV{TRAVELYNX_CLIENS} // 10, - listen => [ $ENV{TRAVELYNX_LISTEN} // 'http://*:8093' ], - pid_file => $ENV{TRAVELYNX_PID_FILE} // '/tmp/travelynx.pid', - workers => $ENV{TRAVELYNX_WORKERS} // 2, - spare => $ENV{TRAVELYNX_SPARE} // 2, - }, - ); - $self->types->type( json => 'application/json; charset=utf-8' ); + $self->plugin('Config'); + + if ( $self->config->{secrets} ) { + $self->secrets( $self->config->{secrets} ); + } + $self->plugin( authentication => { autoload_user => 1, @@ -117,6 +96,30 @@ sub startup { $self->defaults( layout => 'default' ); $self->attr( + cache_iris_main => sub { + my ($self) = @_; + + return Cache::File->new( + cache_root => $self->app->config->{cache}->{schedule}, + default_expires => '6 hours', + lock_level => Cache::File::LOCK_LOCAL(), + ); + } + ); + + $self->attr( + cache_iris_rt => sub { + my ($self) = @_; + + return Cache::File->new( + cache_root => $self->app->config->{cache}->{realtime}, + default_expires => '70 seconds', + lock_level => Cache::File::LOCK_LOCAL(), + ); + } + ); + + $self->attr( action_type => sub { return { checkin => 1, @@ -321,12 +324,13 @@ sub startup { $self->attr( dbh => sub { my ($self) = @_; + my $config = $self->app->config; - my $dbname = $ENV{TRAVELYNX_DB_NAME} // 'travelynx_dev'; - my $host = $ENV{TRAVELYNX_DB_HOST} // 'localhost'; - my $port = $ENV{TRAVELYNX_DB_PORT} // '5432'; - my $user = $ENV{TRAVELYNX_DB_USER}; - my $pw = $ENV{TRAVELYNX_DB_PASSWORD}; + my $dbname = $config->{db}->{database}; + my $host = $config->{db}->{host} // 'localhost'; + my $port = $config->{db}->{port} // 5432; + my $user = $config->{db}->{user}; + my $pw = $config->{db}->{password}; return DBI->connect( "dbi:Pg:dbname=${dbname};host=${host};port=${port}", @@ -593,8 +597,8 @@ qq{select * from pending_mails where email = ? and num_tries > 1;} $station = $station_matches[0][0]; my $status = Travel::Status::DE::IRIS->new( station => $station, - main_cache => $cache_iris_main, - realtime_cache => $cache_iris_rt, + main_cache => $self->app->cache_iris_main, + realtime_cache => $self->app->cache_iris_rt, lookbehind => 20, datetime => DateTime->now( time_zone => 'Europe/Berlin' ) ->subtract( minutes => $lookbehind ), diff --git a/lib/Travelynx/Helper/Sendmail.pm b/lib/Travelynx/Helper/Sendmail.pm index 6193884..09c8a0d 100644 --- a/lib/Travelynx/Helper/Sendmail.pm +++ b/lib/Travelynx/Helper/Sendmail.pm @@ -12,11 +12,11 @@ use Email::Simple; sub new { my ($class) = @_; - return bless({}, $class); + return bless( {}, $class ); } sub custom { - my ($self, $to, $subject, $body) = @_; + my ( $self, $to, $subject, $body ) = @_; my $reg_mail = Email::Simple->create( header => [ @@ -28,7 +28,8 @@ sub custom { body => encode( 'utf-8', $body ), ); - if ($ENV{TRAVELYNX_DB_NAME} =~ m{travelynx_dev}) { + if ( $self->app->config->{db}->{database} =~ m{travelynx_dev} ) { + # Do not send mail in dev mode say "sendmail to ${to}: ${subject}\n\n${body}"; return 1; diff --git a/templates/layouts/default.html.ep b/templates/layouts/default.html.ep index b76f1ab..1f82a2d 100644 --- a/templates/layouts/default.html.ep +++ b/templates/layouts/default.html.ep @@ -23,7 +23,7 @@ <nav class="deep-purple"> <div class="nav-wrapper container"> - <a href="/" class="brand-logo left"><%= $ENV{TRAVELYNX_DB_NAME} =~ m{travelynx_dev} ? 'develynx' : 'travelynx' %></a> + <a href="/" class="brand-logo left"><%= app->config->{db}->{database} =~ m{travelynx_dev} ? 'develynx' : 'travelynx' %></a> <ul id="nav-mobile" class="right"> % if (is_user_authenticated()) { <li class="<%= navbar_class('/history') %>"><a href='/history' title="History"><i class="material-icons">history</i></a></li> |