use envvars

2020-07-26 17:06:28 +01:00 · 2020-07-26 17:06:28 +01:00 · b78aec6eef
commit b78aec6eef
parent 189ec33874
4 changed files with 214 additions and 130 deletions
--- a/app/http/middleware/verifywhitelabel.go
+++ b/app/http/middleware/verifywhitelabel.go
@ -15,8 +15,8 @@ func VerifyWhitelabel(isApi bool) func(ctx *gin.Context) {

 		if rpc.PremiumClient.GetTierByUser(userId, false) < premium.Whitelabel {
 			var isForced bool
-			for _, forced := range config.Conf.ForceWhitelabel {
-				if forced == userId {
+			for _, id := range config.Conf.Admins {
+				if id == userId {
 					isForced = true
 					break
 				}
--- a/config/config.go
+++ b/config/config.go
@ -1,8 +1,10 @@
 package config

 import (
-	"github.com/BurntSushi/toml"
-	"io/ioutil"
+	"github.com/TicketsBot/common/sentry"
+	"os"
+	"strconv"
+	"strings"
 )

 type (
@ -37,7 +39,7 @@ type (
 	}

 	Oauth struct {
-		Id          int64
+		Id          uint64
 		Secret      string
 		RedirectUri string
 	}
@ -71,13 +73,71 @@ var (
 )

 func LoadConfig() {
-	raw, err := ioutil.ReadFile("config.toml")
-	if err != nil {
-		panic(err)
+	var admins []uint64
+	for _, id := range strings.Split(os.Getenv("ADMINS"), ",") {
+		if parsed, err := strconv.ParseUint(id, 10, 64); err == nil {
+			admins = append(admins, parsed)
+		} else {
+			sentry.Error(err)
+		}
 	}

-	_, err = toml.Decode(string(raw), &Conf)
-	if err != nil {
-		panic(err)
+	var forcedWhitelabel []uint64
+	for _, id := range strings.Split(os.Getenv("FORCED_WHITELABEL"), ",") {
+		if parsed, err := strconv.ParseUint(id, 10, 64); err == nil {
+			forcedWhitelabel = append(forcedWhitelabel, parsed)
+		} else {
+			sentry.Error(err)
+		}
+	}
+
+	rateLimitWindow, _ := strconv.Atoi(os.Getenv("RATELIMIT_WINDOW"))
+	rateLimitMax, _ := strconv.Atoi(os.Getenv("RATELIMIT_MAX"))
+	sessionThreads, _ := strconv.Atoi(os.Getenv("SESSION_DB_THREADS"))
+	oauthId, _ := strconv.ParseUint(os.Getenv("OAUTH_ID"), 10, 64)
+	redisPort, _ := strconv.Atoi(os.Getenv("REDIS_PORT"))
+	redisThreads, _ := strconv.Atoi(os.Getenv("REDIS_THREADS"))
+
+	Conf = Config{
+		Admins:          admins,
+		ForceWhitelabel: forcedWhitelabel,
+		Server: Server{
+			Host:     os.Getenv("SERVER_ADDR"),
+			BaseUrl:  os.Getenv("BASE_URL"),
+			MainSite: os.Getenv("MAIN_SITE"),
+			Ratelimit: Ratelimit{
+				Window: rateLimitWindow,
+				Max:    rateLimitMax,
+			},
+			Session: Session{
+				Threads: sessionThreads,
+				Secret:  os.Getenv("SESSION_SECRET"),
+			},
+			Secret: os.Getenv("JWT_SECRET"),
+		},
+		Oauth: Oauth{
+			Id:          oauthId,
+			Secret:      os.Getenv("OAUTH_SECRET"),
+			RedirectUri: os.Getenv("OAUTH_REDIRECT_URI"),
+		},
+		Database: Database{
+			Uri: os.Getenv("DATABASE_URI"),
+		},
+		Bot: Bot{
+			Token:                 os.Getenv("BOT_TOKEN"),
+			PremiumLookupProxyUrl: os.Getenv("PREMIUM_PROXY_URL"),
+			PremiumLookupProxyKey: os.Getenv("PREMIUM_PROXY_KEY"),
+			ObjectStore:           os.Getenv("LOG_ARCHIVER_URL"),
+			AesKey:                os.Getenv("LOG_AES_KEY"),
+		},
+		Redis: Redis{
+			Host:     os.Getenv("REDIS_HOST"),
+			Port:     redisPort,
+			Password: os.Getenv("REDIS_PORT"),
+			Threads:  redisThreads,
+		},
+		Cache: Cache{
+			Uri: os.Getenv("CACHE_URI"),
+		},
 	}
 }
--- a/envvars.md
+++ b/envvars.md
@ -0,0 +1,24 @@
+- ADMINS
+- FORCED_WHITELABEL
+- SERVER_ADDR
+- BASE_URL
+- MAIN_SITE
+- RATELIMIT_WINDOW
+- RATELIMIT_MAX
+- SESSION_DB_THREADS
+- SESSION_SECRET
+- JWT_SECRET
+- OAUTH_ID
+- OAUTH_SECRET
+- OAUTH_REDIRECT_URI
+- DATABASE_URI
+- BOT_TOKEN
+- PREMIUM_PROXY_URL
+- PREMIUM_PROXY_KEY
+- LOG_ARCHIVER_URL
+- LOG_AES_KEY
+- REDIS_HOST
+- REDIS_PORT
+- REDIS_PASSWORD
+- REDIS_THREADS
+- CACHE_URI
--- a/utils/discord/auth.go
+++ b/utils/discord/auth.go
@ -1,119 +1,119 @@
-package discord
-
-import (
-	"bytes"
-	"encoding/json"
-	"github.com/TicketsBot/GoPanel/config"
-	"github.com/pasztorpisti/qs"
-	"io/ioutil"
-	"net/http"
-	"strconv"
-	"time"
-)
-
-type (
-	TokenData struct {
-		ClientId     string `qs:"client_id"`
-		ClientSecret string `qs:"client_secret"`
-		GrantType    string `qs:"grant_type"`
-		Code         string `qs:"code"`
-		RedirectUri  string `qs:"redirect_uri"`
-		Scope        string `qs:"scope"`
-	}
-
-	RefreshData struct {
-		ClientId     string `qs:"client_id"`
-		ClientSecret string `qs:"client_secret"`
-		GrantType    string `qs:"grant_type"`
-		RefreshToken string `qs:"refresh_token"`
-		RedirectUri  string `qs:"redirect_uri"`
-		Scope        string `qs:"scope"`
-	}
-
-	TokenResponse struct {
-		AccessToken  string `json:"access_token"`
-		TokenType    string `json:"token_type"`
-		ExpiresIn    int    `json:"expires_in"`
-		RefreshToken string `json:"refresh_token"`
-		Scope        string `json:"scope"`
-	}
-)
-
-const TokenEndpoint = "https://discordapp.com/api/oauth2/token"
-
-func AccessToken(code string) (TokenResponse, error) {
-	data := TokenData{
-		ClientId:     strconv.Itoa(int(config.Conf.Oauth.Id)),
-		ClientSecret: config.Conf.Oauth.Secret,
-		GrantType:    "authorization_code",
-		Code:         code,
-		RedirectUri:  config.Conf.Oauth.RedirectUri,
-		Scope:        "identify guilds",
-	}
-
-	res, err := tokenPost(data)
-	if err != nil {
-		return TokenResponse{}, err
-	}
-
-	var unmarshalled TokenResponse
-	if err = json.Unmarshal(res, &unmarshalled); err != nil {
-		return TokenResponse{}, err
-	}
-
-	return unmarshalled, nil
-}
-
-func RefreshToken(refreshToken string) (TokenResponse, error) {
-	data := RefreshData{
-		ClientId:     strconv.Itoa(int(config.Conf.Oauth.Id)),
-		ClientSecret: config.Conf.Oauth.Secret,
-		GrantType:    "refresh_token",
-		RefreshToken: refreshToken,
-		RedirectUri:  config.Conf.Oauth.RedirectUri,
-		Scope:        "identify guilds",
-	}
-
-	res, err := tokenPost(data)
-	if err != nil {
-		return TokenResponse{}, err
-	}
-
-	var unmarshalled TokenResponse
-	if err = json.Unmarshal(res, &unmarshalled); err != nil {
-		return TokenResponse{}, err
-	}
-
-	return unmarshalled, nil
-}
-
-func tokenPost(body ...interface{}) ([]byte, error) {
-	str, err := qs.Marshal(body[0])
-	if err != nil {
-		return nil, err
-	}
-	encoded := []byte(str)
-
-	req, err := http.NewRequest("POST", TokenEndpoint, bytes.NewBuffer([]byte(encoded)))
-	if err != nil {
-		return nil, err
-	}
-
-	req.Header.Set("Content-Type", string(ApplicationFormUrlEncoded))
-
-	client := &http.Client{}
-	client.Timeout = 3 * time.Second
-
-	res, err := client.Do(req)
-	if err != nil {
-		return nil, err
-	}
-
-	defer res.Body.Close()
-	content, err := ioutil.ReadAll(res.Body)
-	if err != nil {
-		return nil, err
-	}
-
-	return content, nil
-}
+package discord
+
+import (
+	"bytes"
+	"encoding/json"
+	"github.com/TicketsBot/GoPanel/config"
+	"github.com/pasztorpisti/qs"
+	"io/ioutil"
+	"net/http"
+	"strconv"
+	"time"
+)
+
+type (
+	TokenData struct {
+		ClientId     string `qs:"client_id"`
+		ClientSecret string `qs:"client_secret"`
+		GrantType    string `qs:"grant_type"`
+		Code         string `qs:"code"`
+		RedirectUri  string `qs:"redirect_uri"`
+		Scope        string `qs:"scope"`
+	}
+
+	RefreshData struct {
+		ClientId     string `qs:"client_id"`
+		ClientSecret string `qs:"client_secret"`
+		GrantType    string `qs:"grant_type"`
+		RefreshToken string `qs:"refresh_token"`
+		RedirectUri  string `qs:"redirect_uri"`
+		Scope        string `qs:"scope"`
+	}
+
+	TokenResponse struct {
+		AccessToken  string `json:"access_token"`
+		TokenType    string `json:"token_type"`
+		ExpiresIn    int    `json:"expires_in"`
+		RefreshToken string `json:"refresh_token"`
+		Scope        string `json:"scope"`
+	}
+)
+
+const TokenEndpoint = "https://discordapp.com/api/oauth2/token"
+
+func AccessToken(code string) (TokenResponse, error) {
+	data := TokenData{
+		ClientId:     strconv.FormatUint(config.Conf.Oauth.Id, 10),
+		ClientSecret: config.Conf.Oauth.Secret,
+		GrantType:    "authorization_code",
+		Code:         code,
+		RedirectUri:  config.Conf.Oauth.RedirectUri,
+		Scope:        "identify guilds",
+	}
+
+	res, err := tokenPost(data)
+	if err != nil {
+		return TokenResponse{}, err
+	}
+
+	var unmarshalled TokenResponse
+	if err = json.Unmarshal(res, &unmarshalled); err != nil {
+		return TokenResponse{}, err
+	}
+
+	return unmarshalled, nil
+}
+
+func RefreshToken(refreshToken string) (TokenResponse, error) {
+	data := RefreshData{
+		ClientId:     strconv.FormatUint(config.Conf.Oauth.Id, 10),
+		ClientSecret: config.Conf.Oauth.Secret,
+		GrantType:    "refresh_token",
+		RefreshToken: refreshToken,
+		RedirectUri:  config.Conf.Oauth.RedirectUri,
+		Scope:        "identify guilds",
+	}
+
+	res, err := tokenPost(data)
+	if err != nil {
+		return TokenResponse{}, err
+	}
+
+	var unmarshalled TokenResponse
+	if err = json.Unmarshal(res, &unmarshalled); err != nil {
+		return TokenResponse{}, err
+	}
+
+	return unmarshalled, nil
+}
+
+func tokenPost(body ...interface{}) ([]byte, error) {
+	str, err := qs.Marshal(body[0])
+	if err != nil {
+		return nil, err
+	}
+	encoded := []byte(str)
+
+	req, err := http.NewRequest("POST", TokenEndpoint, bytes.NewBuffer([]byte(encoded)))
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("Content-Type", string(ApplicationFormUrlEncoded))
+
+	client := &http.Client{}
+	client.Timeout = 3 * time.Second
+
+	res, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+
+	defer res.Body.Close()
+	content, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	return content, nil
+}