ewpt3ch/pkgstash
1
1
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

updated for changed config structure

Browse Source
This commit is contained in:
Eric Phillips
2026-05-07 13:42:57 -06:00
parent 08d744076b
commit 8531555609
2 changed files with 49 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/server/config.go
+44 -8
View File
@@ -2,20 +2,23 @@ package main
import ( import (
"fmt" "fmt"
"os"
"strings"
"github.com/BurntSushi/toml" "github.com/BurntSushi/toml"
) )
type rawConfig struct {
Config
EnvFile string `toml:"env_file"`
}
type Config struct { type Config struct {
CacheRoot string `toml:"cache_root"` CacheRoot string `toml:"cache_root"`
MirrorURLs []string `toml:"mirror_urls"` MirrorURLs []string `toml:"mirror_urls"`
MirroredRepos []string `toml:"mirrored_repos"` MirroredRepos []string `toml:"mirrored_repos"`
Port string `toml:"port"` Port string `toml:"port"`
Auth AuthConfig `toml:"auth"` Token string
}
type AuthConfig struct {
Token string `toml:"token"`
} }
/* Function kept for reference for future logic /* Function kept for reference for future logic
@@ -31,12 +34,19 @@ func NewConfig() *Config {
func ReadConfig(path string) (*Config, error) { func ReadConfig(path string) (*Config, error) {
var cfg Config var rawcfg rawConfig
_, err := toml.DecodeFile(path, &cfg) _, err := toml.DecodeFile(path, &rawcfg)
if err != nil { if err != nil {
return nil, fmt.Errorf("error loading config from %s: %w", path, err) return nil, fmt.Errorf("error loading config from %s: %w", path, err)
} }
cfg := rawcfg.Config
err = cfg.loadToken(rawcfg.EnvFile)
if err != nil {
return nil, fmt.Errorf("error getting token: %v", err)
}
if err = cfg.validate(); err != nil { if err = cfg.validate(); err != nil {
return nil, fmt.Errorf("invalid config: %w", err) return nil, fmt.Errorf("invalid config: %w", err)
} }
@@ -44,6 +54,32 @@ func ReadConfig(path string) (*Config, error) {
return &cfg, nil return &cfg, nil
} }
func (c *Config) loadToken(path string) error {
info, err := os.Stat(path)
if err != nil {
return fmt.Errorf("failed to stat env file: %v", err)
}
if info.Mode().Perm() != 0600 {
return fmt.Errorf("env file perms not secure, expected 0600 got %o", info.Mode().Perm())
}
data, err := os.ReadFile(path)
if err != nil {
return fmt.Errorf("failed to read env file: %v", err)
}
key, val, ok := strings.Cut(strings.TrimSpace(string(data)), "=")
if !ok || key != "PKGSTASH_TOKEN" {
return fmt.Errorf("invalid env file format")
}
c.Token = val
return nil
}
func (c *Config) validate() error { func (c *Config) validate() error {
if c.CacheRoot == "" { if c.CacheRoot == "" {
return fmt.Errorf("cache root is required") return fmt.Errorf("cache root is required")
@@ -57,7 +93,7 @@ func (c *Config) validate() error {
if c.Port == "" { if c.Port == "" {
return fmt.Errorf("port required") return fmt.Errorf("port required")
} }
if c.Auth.Token == "" { if c.Token == "" || c.Token == "changeme" {
return fmt.Errorf("auth token is required") return fmt.Errorf("auth token is required")
} }
return nil return nil
cmd/server/handler_api.go
+2 -2
View File
@@ -8,7 +8,7 @@ import (
) )
func (s *Server) handlerRefresh(w http.ResponseWriter, req *http.Request) { func (s *Server) handlerRefresh(w http.ResponseWriter, req *http.Request) {
if req.Header.Get("Authorization") != "Bearer "+s.cfg.Auth.Token { if req.Header.Get("Authorization") != "Bearer "+s.cfg.Token {
ip := req.Header.Get("X-Real-IP") ip := req.Header.Get("X-Real-IP")
if ip == "" { if ip == "" {
ip = req.RemoteAddr ip = req.RemoteAddr
@@ -27,7 +27,7 @@ func (s *Server) handlerRefresh(w http.ResponseWriter, req *http.Request) {
} }
func (s *Server) handlerLogLevel(w http.ResponseWriter, req *http.Request) { func (s *Server) handlerLogLevel(w http.ResponseWriter, req *http.Request) {
if req.Header.Get("Authorization") != "Bearer "+s.cfg.Auth.Token { if req.Header.Get("Authorization") != "Bearer "+s.cfg.Token {
ip := req.Header.Get("X-Real-IP") ip := req.Header.Get("X-Real-IP")
if ip == "" { if ip == "" {
ip = req.RemoteAddr ip = req.RemoteAddr