use crate::libvirt_lib_structures::XMLUuid; use clap::Parser; use std::path::{Path, PathBuf}; /// VirtWeb backend API #[derive(Parser, Debug, Clone)] #[clap(author, version, about, long_about = None)] pub struct AppConfig { /// Listen address #[clap(short, long, env, default_value = "0.0.0.0:8000")] pub listen_address: String, /// Website origin #[clap(short, long, env, default_value = "http://localhost:3000")] pub website_origin: String, /// Proxy IP, might end with a star "*" #[clap(short, long, env)] pub proxy_ip: Option, /// Secret key, used to sign some resources. Must be randomly generated #[clap(long, env, default_value = "")] secret: String, /// Specify whether the cookie should be transmitted only over secure connections #[clap(long, env)] pub cookie_secure: bool, /// Auth username #[arg(long, env, default_value = "admin")] pub auth_username: String, /// Auth password #[arg(long, env, default_value = "admin")] pub auth_password: String, /// Disable authentication WARNING! THIS IS UNSECURE, it was designed only for development /// purpose, it should NEVER be used in production #[arg(long, env)] pub unsecure_disable_auth: bool, /// Disable local auth #[arg(long, env)] pub disable_local_auth: bool, /// Request header that can be added by a reverse proxy to disable local authentication #[arg(long, env, default_value = "X-Disable-Local-Auth")] pub disable_auth_header_token: String, /// URL where the OpenID configuration can be found #[arg( long, env, default_value = "http://localhost:9001/.well-known/openid-configuration" )] pub oidc_configuration_url: String, /// Disable OpenID authentication #[arg(long, env)] pub disable_oidc: bool, /// OpenID client ID #[arg(long, env, default_value = "foo")] pub oidc_client_id: String, /// OpenID client secret #[arg(long, env, default_value = "bar")] pub oidc_client_secret: String, /// OpenID login redirect URL #[arg(long, env, default_value = "APP_ORIGIN/oidc_cb")] oidc_redirect_url: String, /// Storage directory #[arg(long, env, default_value = "storage")] pub storage: String, /// Directory where temporary files are stored #[arg(long, env, default_value = "/tmp")] pub temp_dir: String, /// Hypervisor URI. If not specified, "" will be used instead #[arg(long, env)] pub hypervisor_uri: Option, } lazy_static::lazy_static! { static ref ARGS: AppConfig = { AppConfig::parse() }; } impl AppConfig { /// Get parsed command line arguments pub fn get() -> &'static AppConfig { &ARGS } /// Get auth cookie domain pub fn cookie_domain(&self) -> Option { let domain = self.website_origin.split_once("://")?.1; Some( domain .split_once(':') .map(|s| s.0) .unwrap_or(domain) .to_string(), ) } /// Get app secret pub fn secret(&self) -> &str { let mut secret = self.secret.as_str(); if cfg!(debug_assertions) && secret.is_empty() { secret = "DEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEYDEBUGKEY"; } if secret.is_empty() { panic!("SECRET is undefined or too short (min 64 chars)!") } secret } /// Check out whether provided credentials are valid or not for local authentication pub fn check_local_login(&self, user: &str, pass: &str) -> bool { self.auth_username == user && self.auth_password == pass } /// Get OpenID providers configuration pub fn openid_provider(&self) -> Option> { if self.disable_oidc { return None; } Some(OIDCProvider { client_id: self.oidc_client_id.as_str(), client_secret: self.oidc_client_secret.as_str(), configuration_url: self.oidc_configuration_url.as_str(), }) } /// Get OIDC callback URL pub fn oidc_redirect_url(&self) -> String { self.oidc_redirect_url .replace("APP_ORIGIN", &self.website_origin) } /// Get root storage directory pub fn storage_path(&self) -> PathBuf { Path::new(&self.storage).canonicalize().unwrap() } /// Get iso storage directory pub fn iso_storage_path(&self) -> PathBuf { self.storage_path().join("iso") } /// Get VM vnc sockets directory pub fn vnc_sockets_path(&self) -> PathBuf { self.storage_path().join("vnc") } /// Get VM vnc sockets directory pub fn disks_storage_path(&self) -> PathBuf { self.storage_path().join("disks") } pub fn vm_storage_path(&self, id: XMLUuid) -> PathBuf { self.disks_storage_path().join(id.as_string()) } } #[derive(Debug, Clone, serde::Serialize)] pub struct OIDCProvider<'a> { #[serde(skip_serializing)] pub client_id: &'a str, #[serde(skip_serializing)] pub client_secret: &'a str, #[serde(skip_serializing)] pub configuration_url: &'a str, }