Skip to content

Break the installation defaults out into their structure. #218

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: next
Choose a base branch
from
Open

Break the installation defaults out into their structure. #218

wants to merge 1 commit into from

Conversation

albu-diku
Copy link

Add tests that assert the consistency of the options that are accepted by the generateconfs command line with the internal library function. Additionally assert that the library routine itself matches the defaults structure thus making the structure the definitive source of truth.

Doing so highlighted the following missing command line options which are added as of this commit:
--seafile_secret
--seafile_ccnetid

@albu-diku
Break the installation defaults out into their structure.
2126a5d 
Add tests that assert the consistency of the options that are accepted
by the generateconfs command line with the internal library function.
Additionally assert that the library routine itself matches the defaults
structure thus making the _structure_ the definitive source of truth.

Doing so highlighted the following missing command line options which
are added as of this commit:
--seafile_secret
--seafile_ccnetid
jonasbardino
jonasbardino reviewed Apr 1, 2025
View reviewed changes
mig/install/generateconfs.py
@@ -247,6 +247,8 @@ def main(argv, _generate_confs=generate_confs, _print=print):
'openid_port',
'openid_show_port',
'openid_session_lifetime',
'seafile_secret',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I have a hunch that we on purpose did not expose this option to prevent passing secrets on the command line, where they may be leak to shell history and any other local users. There's a note about the similar case for the OIDCCryptoPassphrase in mig/install/apache-MiG-template.conf.
At least we need to discuss the security implications before allowing anything like that.

jonasbardino
jonasbardino reviewed Apr 1, 2025
View reviewed changes
Copy link
Contributor

@jonasbardino jonasbardino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't had time to review thoroughly but we definitely need to resolve the seafile_secret exposure comment before this can be merged.

@albu-diku
Copy link
Author

Let me know which keys should be hidden and I will make the change.

@jonasbardino
Copy link
Contributor

Well, anything that indicates a secret, including password/passphrase needs closer consideration. Perhaps rule of thumb for a migrid developer's guide.
For a few cases like X_salt and imnotify_password we support passing a special FILE::PATH form to read value from PATH, which makes such passing of secrets safe. Yet, that method only really works where we use the value in our own code, so that we read it on-demand through shared.configuration. For the seafile_secret and the oidc client password we need to insert the value verbatim in a conf file so that method is ill-suited.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonasbardino jonasbardino jonasbardino left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@albu-diku @jonasbardino