2023-04-08 21:05:27 +00:00
|
|
|
# import everything from environment variables
|
|
|
|
import os
|
|
|
|
import sys
|
|
|
|
import json
|
|
|
|
|
2019-12-04 04:50:46 +00:00
|
|
|
# Defaults for Docker image
|
2019-12-21 14:43:03 +00:00
|
|
|
BIND_ADDRESS = '0.0.0.0'
|
|
|
|
PORT = 80
|
2020-04-20 22:23:57 +00:00
|
|
|
SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
|
2022-05-30 22:35:04 +00:00
|
|
|
SESSION_COOKIE_SAMESITE = 'Lax'
|
2022-05-27 10:53:28 +00:00
|
|
|
CSRF_COOKIE_HTTPONLY = True
|
2023-03-10 21:34:55 +00:00
|
|
|
SESSION_TYPE = 'sqlalchemy'
|
2019-07-12 12:53:31 +00:00
|
|
|
|
2019-07-12 09:10:15 +00:00
|
|
|
legal_envvars = (
|
|
|
|
'SECRET_KEY',
|
2022-12-18 11:50:59 +00:00
|
|
|
'OIDC_OAUTH_ENABLED',
|
|
|
|
'OIDC_OAUTH_KEY',
|
|
|
|
'OIDC_OAUTH_SECRET',
|
2021-11-05 16:22:38 +00:00
|
|
|
'OIDC_OAUTH_API_URL',
|
|
|
|
'OIDC_OAUTH_TOKEN_URL',
|
|
|
|
'OIDC_OAUTH_AUTHORIZE_URL',
|
2023-02-23 08:21:01 +00:00
|
|
|
'OIDC_OAUTH_METADATA_URL',
|
2022-12-18 11:50:59 +00:00
|
|
|
'OIDC_OAUTH_LOGOUT_URL',
|
|
|
|
'OIDC_OAUTH_SCOPE',
|
|
|
|
'OIDC_OAUTH_USERNAME',
|
|
|
|
'OIDC_OAUTH_FIRSTNAME',
|
|
|
|
'OIDC_OAUTH_LAST_NAME',
|
|
|
|
'OIDC_OAUTH_EMAIL',
|
2019-07-12 09:10:15 +00:00
|
|
|
'BIND_ADDRESS',
|
|
|
|
'PORT',
|
2023-04-08 21:05:27 +00:00
|
|
|
'SERVER_EXTERNAL_SSL',
|
2019-07-12 09:10:15 +00:00
|
|
|
'LOG_LEVEL',
|
|
|
|
'SALT',
|
|
|
|
'SQLALCHEMY_TRACK_MODIFICATIONS',
|
|
|
|
'SQLALCHEMY_DATABASE_URI',
|
2023-03-10 13:20:18 +00:00
|
|
|
'SQLALCHEMY_ENGINE_OPTIONS',
|
2019-12-21 14:43:03 +00:00
|
|
|
'MAIL_SERVER',
|
|
|
|
'MAIL_PORT',
|
|
|
|
'MAIL_DEBUG',
|
|
|
|
'MAIL_USE_TLS',
|
|
|
|
'MAIL_USE_SSL',
|
|
|
|
'MAIL_USERNAME',
|
|
|
|
'MAIL_PASSWORD',
|
|
|
|
'MAIL_DEFAULT_SENDER',
|
2019-07-12 09:10:15 +00:00
|
|
|
'SAML_ENABLED',
|
|
|
|
'SAML_DEBUG',
|
|
|
|
'SAML_PATH',
|
|
|
|
'SAML_METADATA_URL',
|
|
|
|
'SAML_METADATA_CACHE_LIFETIME',
|
|
|
|
'SAML_IDP_SSO_BINDING',
|
|
|
|
'SAML_IDP_ENTITY_ID',
|
|
|
|
'SAML_NAMEID_FORMAT',
|
|
|
|
'SAML_ATTRIBUTE_EMAIL',
|
|
|
|
'SAML_ATTRIBUTE_GIVENNAME',
|
|
|
|
'SAML_ATTRIBUTE_SURNAME',
|
|
|
|
'SAML_ATTRIBUTE_NAME',
|
|
|
|
'SAML_ATTRIBUTE_USERNAME',
|
|
|
|
'SAML_ATTRIBUTE_ADMIN',
|
|
|
|
'SAML_ATTRIBUTE_GROUP',
|
|
|
|
'SAML_GROUP_ADMIN_NAME',
|
|
|
|
'SAML_GROUP_TO_ACCOUNT_MAPPING',
|
|
|
|
'SAML_ATTRIBUTE_ACCOUNT',
|
|
|
|
'SAML_SP_ENTITY_ID',
|
|
|
|
'SAML_SP_CONTACT_NAME',
|
|
|
|
'SAML_SP_CONTACT_MAIL',
|
|
|
|
'SAML_SIGN_REQUEST',
|
|
|
|
'SAML_WANT_MESSAGE_SIGNED',
|
|
|
|
'SAML_LOGOUT',
|
|
|
|
'SAML_LOGOUT_URL',
|
2020-03-25 21:35:20 +00:00
|
|
|
'SAML_ASSERTION_ENCRYPTED',
|
2020-05-25 13:12:32 +00:00
|
|
|
'REMOTE_USER_LOGOUT_URL',
|
2021-01-24 08:09:53 +00:00
|
|
|
'REMOTE_USER_COOKIES',
|
2021-05-07 21:36:55 +00:00
|
|
|
'SIGNUP_ENABLED',
|
|
|
|
'LOCAL_DB_ENABLED',
|
|
|
|
'LDAP_ENABLED',
|
|
|
|
'SAML_CERT',
|
|
|
|
'SAML_KEY',
|
2023-03-08 10:08:07 +00:00
|
|
|
'SESSION_TYPE',
|
2022-05-27 10:53:32 +00:00
|
|
|
'SESSION_COOKIE_SECURE',
|
|
|
|
'CSRF_COOKIE_SECURE',
|
2023-02-20 14:22:25 +00:00
|
|
|
'CAPTCHA_ENABLE',
|
2019-07-12 09:10:15 +00:00
|
|
|
)
|
|
|
|
|
2019-12-21 14:43:03 +00:00
|
|
|
legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME')
|
2019-07-12 09:10:15 +00:00
|
|
|
|
|
|
|
legal_envvars_bool = (
|
|
|
|
'SQLALCHEMY_TRACK_MODIFICATIONS',
|
2019-12-04 04:50:46 +00:00
|
|
|
'HSTS_ENABLED',
|
2019-12-21 14:43:03 +00:00
|
|
|
'MAIL_DEBUG',
|
|
|
|
'MAIL_USE_TLS',
|
|
|
|
'MAIL_USE_SSL',
|
2022-12-18 11:50:59 +00:00
|
|
|
'OIDC_OAUTH_ENABLED',
|
2019-07-12 09:10:15 +00:00
|
|
|
'SAML_ENABLED',
|
|
|
|
'SAML_DEBUG',
|
|
|
|
'SAML_SIGN_REQUEST',
|
|
|
|
'SAML_WANT_MESSAGE_SIGNED',
|
|
|
|
'SAML_LOGOUT',
|
2020-03-25 21:35:20 +00:00
|
|
|
'SAML_ASSERTION_ENCRYPTED',
|
2021-01-24 08:09:53 +00:00
|
|
|
'REMOTE_USER_ENABLED',
|
2021-05-07 21:36:55 +00:00
|
|
|
'SIGNUP_ENABLED',
|
|
|
|
'LOCAL_DB_ENABLED',
|
|
|
|
'LDAP_ENABLED',
|
2022-05-27 10:53:32 +00:00
|
|
|
'SESSION_COOKIE_SECURE',
|
|
|
|
'CSRF_COOKIE_SECURE',
|
2023-02-20 14:22:25 +00:00
|
|
|
'CAPTCHA_ENABLE',
|
2023-04-08 21:05:27 +00:00
|
|
|
'SERVER_EXTERNAL_SSL',
|
2019-07-12 09:10:15 +00:00
|
|
|
)
|
|
|
|
|
2023-03-10 13:20:18 +00:00
|
|
|
legal_envvars_dict = (
|
|
|
|
'SQLALCHEMY_ENGINE_OPTIONS',
|
|
|
|
)
|
|
|
|
|
2020-04-02 02:41:26 +00:00
|
|
|
def str2bool(v):
|
|
|
|
return v.lower() in ("true", "yes", "1")
|
|
|
|
|
2023-04-08 21:05:27 +00:00
|
|
|
|
|
|
|
def dictfromstr(v, ret):
|
2023-03-10 13:20:18 +00:00
|
|
|
try:
|
|
|
|
return json.loads(ret)
|
|
|
|
except Exception as e:
|
|
|
|
print('Cannot parse json {} for variable {}'.format(ret, v))
|
|
|
|
print(e)
|
|
|
|
raise ValueError
|
2020-04-02 02:41:26 +00:00
|
|
|
|
2023-04-08 21:05:27 +00:00
|
|
|
|
2019-07-12 09:10:15 +00:00
|
|
|
for v in legal_envvars:
|
2020-03-26 23:59:28 +00:00
|
|
|
|
|
|
|
ret = None
|
2023-04-08 21:05:27 +00:00
|
|
|
# _FILE suffix will allow to read value from file, useful for Docker containers.
|
2020-03-26 23:59:28 +00:00
|
|
|
# secrets feature
|
|
|
|
if v + '_FILE' in os.environ:
|
|
|
|
if v in os.environ:
|
2020-04-02 02:41:26 +00:00
|
|
|
raise AttributeError(
|
|
|
|
"Both {} and {} are set but are exclusive.".format(
|
|
|
|
v, v + '_FILE'))
|
2020-03-26 23:59:28 +00:00
|
|
|
with open(os.environ[v + '_FILE']) as f:
|
|
|
|
ret = f.read()
|
|
|
|
f.close()
|
|
|
|
|
|
|
|
elif v in os.environ:
|
2019-07-12 09:10:15 +00:00
|
|
|
ret = os.environ[v]
|
2020-03-26 23:59:28 +00:00
|
|
|
|
|
|
|
if ret is not None:
|
2019-07-12 09:10:15 +00:00
|
|
|
if v in legal_envvars_bool:
|
2020-04-02 02:41:26 +00:00
|
|
|
ret = str2bool(ret)
|
2019-07-12 09:10:15 +00:00
|
|
|
if v in legal_envvars_int:
|
|
|
|
ret = int(ret)
|
2023-03-10 13:20:18 +00:00
|
|
|
if v in legal_envvars_dict:
|
|
|
|
ret = dictfromstr(v, ret)
|
2019-07-12 09:10:15 +00:00
|
|
|
sys.modules[__name__].__dict__[v] = ret
|