Merge pull request #1567 from SkynetLabs/use-api-password-from-env

allow to use skyd api password from env
This commit is contained in:
Karol Wypchło 2022-01-19 15:41:01 +01:00 committed by GitHub
commit 58c1e403e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 8 deletions

View File

@ -1,14 +1,19 @@
local _M = {} local _M = {}
function _M.authorization_header() function _M.authorization_header()
local b64 = require("ngx.base64") -- read api password from env variable
-- open apipassword file for reading (b flag is required for some reason) local apipassword = os.getenv("SIA_API_PASSWORD")
-- (file /etc/.sia/apipassword has to be mounted from the host system) -- if api password is not available as env variable, read it from disk
local apipassword_file = io.open("/data/sia/apipassword", "rb") if not apipassword then
-- read apipassword file contents and trim newline (important) local b64 = require("ngx.base64")
local apipassword = apipassword_file:read("*all"):gsub("%s+", "") -- open apipassword file for reading (b flag is required for some reason)
-- make sure to close file after reading the password -- (file /etc/.sia/apipassword has to be mounted from the host system)
apipassword_file.close() local apipassword_file = io.open("/data/sia/apipassword", "rb")
-- read apipassword file contents and trim newline (important)
apipassword = apipassword_file:read("*all"):gsub("%s+", "")
-- make sure to close file after reading the password
apipassword_file.close()
end
-- encode the user:password authorization string -- encode the user:password authorization string
-- (in our case user is empty so it is just :password) -- (in our case user is empty so it is just :password)
local content = b64.encode_base64url(":" .. apipassword) local content = b64.encode_base64url(":" .. apipassword)

View File

@ -30,6 +30,7 @@ env SKYNET_PORTAL_API;
env SKYNET_SERVER_API; env SKYNET_SERVER_API;
env PORTAL_MODULES; env PORTAL_MODULES;
env ACCOUNTS_LIMIT_ACCESS; env ACCOUNTS_LIMIT_ACCESS;
env SIA_API_PASSWORD;
events { events {
worker_connections 8192; worker_connections 8192;