fankes/beszel
2
0
Fork 0
mirror of https://github.com/fankes/beszel.git synced 2025-10-19 17:59:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

config: prefix environment variables with BESZEL_HUB_ (#502)

Browse Source
This commit is contained in:
Henry Dollman
2025-01-29 19:25:12 -05:00
parent 3441b39a02
commit 7170b24160
1 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
beszel/internal/hub/hub.go
View File

@@ -8,7 +8,6 @@ import (
"beszel/internal/records" "beszel/internal/records"
"beszel/internal/users" "beszel/internal/users"
"beszel/site" "beszel/site"
"context" "context"
"crypto/ed25519" "crypto/ed25519"
"encoding/pem" "encoding/pem"
@@ -52,6 +51,15 @@ func NewHub(app *pocketbase.PocketBase) *Hub {
} }
} }
// GetEnv retrieves an environment variable with a "BESZEL_HUB_" prefix, or falls back to the unprefixed key.
func GetEnv(key string) (value string, exists bool) {
if value, exists = os.LookupEnv("BESZEL_HUB_" + key); exists {
return value, exists
}
// Fallback to the old unprefixed key
return os.LookupEnv(key)
}
func (h *Hub) Run() { func (h *Hub) Run() {
// loosely check if it was executed using "go run" // loosely check if it was executed using "go run"
isGoRun := strings.HasPrefix(os.Args[0], os.TempDir()) isGoRun := strings.HasPrefix(os.Args[0], os.TempDir())
@@ -80,14 +88,15 @@ func (h *Hub) Run() {
return err return err
} }
// disable email auth if DISABLE_PASSWORD_AUTH env var is set // disable email auth if DISABLE_PASSWORD_AUTH env var is set
usersCollection.PasswordAuth.Enabled = os.Getenv("DISABLE_PASSWORD_AUTH") != "true" disablePasswordAuth, _ := GetEnv("DISABLE_PASSWORD_AUTH")
usersCollection.PasswordAuth.Enabled = disablePasswordAuth != "true"
usersCollection.PasswordAuth.IdentityFields = []string{"email"} usersCollection.PasswordAuth.IdentityFields = []string{"email"}
// disable oauth if no providers are configured (todo: remove this in post 0.9.0 release) // disable oauth if no providers are configured (todo: remove this in post 0.9.0 release)
if usersCollection.OAuth2.Enabled { if usersCollection.OAuth2.Enabled {
usersCollection.OAuth2.Enabled = len(usersCollection.OAuth2.Providers) > 0 usersCollection.OAuth2.Enabled = len(usersCollection.OAuth2.Providers) > 0
} }
// allow oauth user creation if USER_CREATION is set // allow oauth user creation if USER_CREATION is set
if os.Getenv("USER_CREATION") == "true" { if userCreation, _ := GetEnv("USER_CREATION"); userCreation == "true" {
cr := "@request.context = 'oauth2'" cr := "@request.context = 'oauth2'"
usersCollection.CreateRule = &cr usersCollection.CreateRule = &cr
} else { } else {
@@ -114,14 +123,14 @@ func (h *Hub) Run() {
return nil return nil
}) })
default: default:
csp, cspExists := os.LookupEnv("CSP") csp, cspExists := GetEnv("CSP")
s := apis.Static(site.DistDirFS, true)
se.Router.Any("/{path...}", func(e *core.RequestEvent) error { se.Router.Any("/{path...}", func(e *core.RequestEvent) error {
if cspExists { if cspExists {
e.Response.Header().Del("X-Frame-Options") e.Response.Header().Del("X-Frame-Options")
e.Response.Header().Set("Content-Security-Policy", csp) e.Response.Header().Set("Content-Security-Policy", csp)
} }
indexFallback := !strings.HasPrefix(e.Request.URL.Path, "/static/") return s(e)
return apis.Static(site.DistDirFS, indexFallback)(e)
}) })
} }
return se.Next() return se.Next()
@@ -210,7 +219,6 @@ func (h *Hub) Run() {
go h.updateSystem(newRecord) go h.updateSystem(newRecord)
} else { } else {
h.am.HandleStatusAlerts(newStatus, oldRecord) h.am.HandleStatusAlerts(newStatus, oldRecord)
} }
return e.Next() return e.Next()
}) })