configuration: move default values inline

2023-04-12 14:25:13 +00:00 · 2021-11-03 16:01:34 +09:00 · 2021-11-03 16:01:34 +09:00 · 808f0f4469
commit 808f0f4469
parent cebbefc6f8
3 changed files with 26 additions and 26 deletions
--- a/server/src/infra/cli.rs
+++ b/server/src/infra/cli.rs
@ -25,11 +25,11 @@ pub struct RunOpts {
    #[clap(short, long, default_value = "lldap_config.toml")]
    pub config_file: String,

-    /// Change ldap port. Default: 389
+    /// Change ldap port. Default: 3890
    #[clap(long)]
    pub ldap_port: Option<u16>,

-    /// Change ldap ssl port. Default: 636
+    /// Change ldap ssl port. Default: 6360
    #[clap(long)]
    pub ldaps_port: Option<u16>,

--- a/server/src/infra/configuration.rs
+++ b/server/src/infra/configuration.rs
@ -12,19 +12,28 @@ use crate::infra::cli::RunOpts;
 #[derive(Clone, Debug, Deserialize, Serialize, derive_builder::Builder)]
 #[builder(
    pattern = "owned",
-    default = "Configuration::default()",
    build_fn(name = "private_build", validate = "Self::validate")
 )]
 pub struct Configuration {
+    #[builder(default = "3890")]
    pub ldap_port: u16,
+    #[builder(default = "6360")]
    pub ldaps_port: u16,
+    #[builder(default = "17170")]
    pub http_port: u16,
+    #[builder(default = r#"String::from("secretjwtsecret")"#)]
    pub jwt_secret: String,
+    #[builder(default = r#"String::from("dc=example,dc=com")"#)]
    pub ldap_base_dn: String,
+    #[builder(default = r#"String::from("admin")"#)]
    pub ldap_user_dn: String,
+    #[builder(default = r#"String::from("password")"#)]
    pub ldap_user_pass: String,
+    #[builder(default = r#"String::from("sqlite://users.db?mode=rwc")"#)]
    pub database_url: String,
+    #[builder(default = "false")]
    pub verbose: bool,
+    #[builder(default = r#"String::from("server_key")"#)]
    pub key_file: String,
    #[serde(skip)]
    #[builder(field(private), setter(strip_option))]
@ -32,7 +41,6 @@ pub struct Configuration {
 }

 impl ConfigurationBuilder {
-    #[cfg(test)]
    pub fn build(self) -> Result<Configuration> {
        let server_setup = get_server_setup(self.key_file.as_deref().unwrap_or("server_key"))?;
        Ok(self.server_setup(server_setup).private_build()?)
@ -71,23 +79,6 @@ impl Configuration {

        self
    }
-
-    pub(super) fn default() -> Self {
-        Configuration {
-            ldap_port: 3890,
-            ldaps_port: 6360,
-            http_port: 17170,
-            jwt_secret: String::from("secretjwtsecret"),
-            ldap_base_dn: String::from("dc=example,dc=com"),
-            // cn=admin,dc=example,dc=com
-            ldap_user_dn: String::from("admin"),
-            ldap_user_pass: String::from("password"),
-            database_url: String::from("sqlite://users.db?mode=rwc"),
-            verbose: false,
-            key_file: String::from("server_key"),
-            server_setup: None,
-        }
-    }
 }

 fn get_server_setup(file_path: &str) -> Result<ServerSetup> {
@ -111,14 +102,22 @@ fn get_server_setup(file_path: &str) -> Result<ServerSetup> {
 pub fn init(cli_opts: RunOpts) -> Result<Configuration> {
    let config_file = cli_opts.config_file.clone();

-    info!("Loading configuration from {}", cli_opts.config_file);
+    println!("Loading configuration from {}", cli_opts.config_file);

-    let config: Configuration = Figment::from(Serialized::defaults(Configuration::default()))
-        .merge(Toml::file(config_file))
-        .merge(Env::prefixed("LLDAP_"))
-        .extract()?;
+    let config: Configuration = Figment::from(Serialized::defaults(
+        ConfigurationBuilder::default().build().unwrap(),
+    ))
+    .merge(Toml::file(config_file))
+    .merge(Env::prefixed("LLDAP_"))
+    .extract()?;

    let mut config = config.merge_with_cli(cli_opts);
    config.server_setup = Some(get_server_setup(&config.key_file)?);
+    if config.jwt_secret == "secretjwtsecret" {
+        println!("WARNING: Default JWT secret used! This is highly unsafe and can allow attackers to log in as admin.");
+    }
+    if config.ldap_user_pass == "password" {
+        println!("WARNING: Unsecure default admin password is used.");
+    }
    Ok(config)
 }
--- a/server/src/infra/logging.rs
+++ b/server/src/infra/logging.rs
@ -13,6 +13,7 @@ pub fn init(config: Configuration) -> anyhow::Result<()> {
        .finish();
    LogTracer::init().context("Failed to set logger")?;
    set_global_default(subscriber).context("Failed to set subscriber")?;
+    // TODO: Only log SQL statements >= warn unless verbose.
    Ok(())
 }