feat: secrets.yml support (#170)

jakowenko · Nov 26, 2021 · 53b11c8 · 53b11c8
1 parent a55d8c9
commit 53b11c8
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 2 deletions.
diff --git a/api/src/constants/config.js b/api/src/constants/config.js
@@ -1,6 +1,8 @@
 const yaml = require('js-yaml');
 const fs = require('fs');
 const _ = require('lodash');
+const traverse = require('traverse');
+const yamlTypes = require('../util/yaml-types.util');
 const { objectKeysToUpperCase } = require('../util/object.util');
 const { detectors: DETECTORS, notify: NOTIFY, ...DEFAULTS } = require('./defaults');
 const { core: SYSTEM_CORE } = require('./system');
@@ -16,7 +18,7 @@ const customizer = (objValue, srcValue) => {
 
 const loadYaml = (file) => {
   try {
-    return yaml.load(fs.readFileSync(file, 'utf8'));
+    return yaml.load(fs.readFileSync(file, 'utf8'), { schema: yamlTypes() });
   } catch (error) {
     return error;
   }
@@ -45,6 +47,17 @@ module.exports = () => {
   if (configData && configData.code === 'ENOENT') setup('config.yml', '# Double Take');
   else CONFIG = { ...configData };
 
+  const secrets = loadYaml(`${SYSTEM_CORE.storage.config.path}/secrets.yml`);
+  if (secrets instanceof Error === false) {
+    // eslint-disable-next-line array-callback-return
+    CONFIG = traverse(CONFIG).map(function secret(val) {
+      if (typeof val === 'string' && val.includes('!secret ')) {
+        const key = val.replace('!secret ', '').trim();
+        if (secrets[key]) this.update(secrets[key]);
+      }
+    });
+  }
+
   if (!CONFIG.auth) delete DEFAULTS.token;
   if (!CONFIG.frigate) delete DEFAULTS.frigate;
   if (!CONFIG.mqtt) delete DEFAULTS.mqtt;

diff --git a/api/src/controllers/config.controller.js b/api/src/controllers/config.controller.js
@@ -1,5 +1,6 @@
 const fs = require('fs');
 const yaml = require('js-yaml');
+const yamlTypes = require('../util/yaml-types.util');
 const redact = require('../util/redact-secrets.util');
 const config = require('../constants/config');
 const { ui } = require('../constants/ui');
@@ -38,7 +39,7 @@ module.exports.patch = async (req, res) => {
   try {
     const isLegacyPath = fs.existsSync('./config.yml');
     const { code } = req.body;
-    yaml.load(code);
+    yaml.load(code, { schema: yamlTypes() });
     fs.writeFileSync(isLegacyPath ? './config.yml' : `${STORAGE.CONFIG.PATH}/config.yml`, code);
     res.send();
   } catch (error) {

diff --git a/api/src/util/yaml-types.util.js b/api/src/util/yaml-types.util.js
@@ -0,0 +1,17 @@
+// https://github.com/nodeca/js-yaml/blob/master/examples/handle_unknown_types.js
+const yaml = require('js-yaml');
+
+module.exports = () => {
+  const tags = ['scalar', 'sequence', 'mapping'].map((kind) => {
+    // first argument here is a prefix, so this type will handle anything starting with !
+    return new yaml.Type('!', {
+      kind,
+      multi: true,
+      construct(data, type) {
+        return `${type} ${data}`;
+      },
+    });
+  });
+
+  return yaml.DEFAULT_SCHEMA.extend(tags);
+};