Warn about hmac key deadline (#3855)

This commit is contained in:
Émilien Devos (perso) 2023-06-04 19:18:30 +02:00 committed by GitHub
commit 35694cc7e3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 2 deletions

View File

@ -57,8 +57,9 @@ end
# Simple alias to make code easier to read # Simple alias to make code easier to read
alias IV = Invidious alias IV = Invidious
CONFIG = Config.load CONFIG = Config.load
HMAC_KEY = CONFIG.hmac_key || Random::Secure.hex(32) HMAC_KEY_CONFIGURED = CONFIG.hmac_key != nil
HMAC_KEY = CONFIG.hmac_key || Random::Secure.hex(32)
PG_DB = DB.open CONFIG.database_url PG_DB = DB.open CONFIG.database_url
ARCHIVE_URL = URI.parse("https://archive.org") ARCHIVE_URL = URI.parse("https://archive.org")
@ -230,6 +231,10 @@ Kemal.config.host_binding = Kemal.config.host_binding != "0.0.0.0" ? Kemal.confi
Kemal.config.port = Kemal.config.port != 3000 ? Kemal.config.port : CONFIG.port Kemal.config.port = Kemal.config.port != 3000 ? Kemal.config.port : CONFIG.port
Kemal.config.app_name = "Invidious" Kemal.config.app_name = "Invidious"
if !HMAC_KEY_CONFIGURED
LOGGER.warn("Please configure hmac_key by July 1st, see more here: https://github.com/iv-org/invidious/issues/3854")
end
# Use in kemal's production mode. # Use in kemal's production mode.
# Users can also set the KEMAL_ENV environmental variable for this to be set automatically. # Users can also set the KEMAL_ENV environmental variable for this to be set automatically.
{% if flag?(:release) || flag?(:production) %} {% if flag?(:release) || flag?(:production) %}

View File

@ -111,6 +111,14 @@
</div> </div>
<% end %> <% end %>
<% if env.get? "user" %>
<% if !HMAC_KEY_CONFIGURED && CONFIG.admins.includes? env.get("user").as(Invidious::User).email %>
<div class="h-box">
<h3><p>Message for admin: please configure hmac_key, <a href="https://github.com/iv-org/invidious/issues/3854">see more here</a>.</p></h3>
</div>
<% end %>
<% end %>
<%= content %> <%= content %>
<footer> <footer>