Skip to content

Break the installation defaults out into their structure.#218

Draft
albu-diku wants to merge 1 commit intonextfrom
refactor/split-out-install-defaults
Draft

Break the installation defaults out into their structure.#218
albu-diku wants to merge 1 commit intonextfrom
refactor/split-out-install-defaults

Conversation

@albu-diku
Copy link
Contributor

@albu-diku albu-diku commented Mar 31, 2025

Add tests that assert the consistency of the options that are accepted by the generateconfs command line with the internal library function. Additionally assert that the library routine itself matches the defaults structure thus making the structure the definitive source of truth.

Doing so highlighted the following missing command line options which are added as of this commit:
--seafile_secret
--seafile_ccnetid

jonasbardino
jonasbardino reviewed Apr 1, 2025
View reviewed changes
mig/install/generateconfs.py
'openid_port',
'openid_show_port',
'openid_session_lifetime',
'seafile_secret',
Copy link
Contributor

@jonasbardino jonasbardino Apr 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I have a hunch that we on purpose did not expose this option to prevent passing secrets on the command line, where they may be leak to shell history and any other local users. There's a note about the similar case for the OIDCCryptoPassphrase in mig/install/apache-MiG-template.conf.
At least we need to discuss the security implications before allowing anything like that.

jonasbardino
jonasbardino reviewed Apr 1, 2025
View reviewed changes
Copy link
Contributor

@jonasbardino jonasbardino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't had time to review thoroughly but we definitely need to resolve the seafile_secret exposure comment before this can be merged.

@albu-diku
Copy link
Contributor Author

albu-diku commented Apr 4, 2025

Let me know which keys should be hidden and I will make the change.

@jonasbardino
Copy link
Contributor

jonasbardino commented Apr 4, 2025

Well, anything that indicates a secret, including password/passphrase needs closer consideration. Perhaps rule of thumb for a migrid developer's guide.
For a few cases like X_salt and imnotify_password we support passing a special FILE::PATH form to read value from PATH, which makes such passing of secrets safe. Yet, that method only really works where we use the value in our own code, so that we read it on-demand through shared.configuration. For the seafile_secret and the oidc client password we need to insert the value verbatim in a conf file so that method is ill-suited.

@albu-diku
Break the installation defaults out into their structure.
b4022a6 
Add tests that assert the consistency of the options that are accepted
by the generateconfs command line with the internal library function.
Additionally assert that the library routine itself matches the defaults
structure thus making the _structure_ the definitive source of truth.

Doing so highlighted the following missing command line options which
are added as of this commit:
--seafile_secret
--seafile_ccnetid
@albu-diku albu-diku force-pushed the refactor/split-out-install-defaults branch from 2126a5d to b4022a6 Compare July 23, 2025 14:16
@albu-diku albu-diku marked this pull request as draft October 14, 2025 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jonasbardino jonasbardino jonasbardino left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@albu-diku @jonasbardino