Consolidate .env files. More work on dev containers.

2025-05-10 12:25:02 +00:00 · 2022-06-26 14:34:54 +03:00 · 2022-06-26 14:34:54 +03:00 · 3773d659cc
commit 3773d659cc
parent 2a959f354c
17 changed files with 137 additions and 106 deletions
--- a/backend/src/api/auth.ts
+++ b/backend/src/api/auth.ts
@ -9,6 +9,7 @@ import { ApiPermissionAssignments } from "../data/ApiPermissionAssignments";
 import { ApiUserInfo } from "../data/ApiUserInfo";
 import { ApiUserInfoData } from "../data/entities/ApiUserInfo";
 import { ok } from "./responses";
+import { env } from "../env";

 interface IPassportApiUser {
  apiKey: string;
@ -54,22 +55,6 @@ function simpleDiscordAPIRequest(bearerToken, path): Promise<any> {
 export function initAuth(app: express.Express) {
  app.use(passport.initialize());

-  if (!process.env.CLIENT_ID) {
-    throw new Error("Auth: CLIENT ID missing");
-  }
-
-  if (!process.env.CLIENT_SECRET) {
-    throw new Error("Auth: CLIENT SECRET missing");
-  }
-
-  if (!process.env.OAUTH_CALLBACK_URL) {
-    throw new Error("Auth: OAUTH CALLBACK URL missing");
-  }
-
-  if (!process.env.DASHBOARD_URL) {
-    throw new Error("DASHBOARD_URL missing!");
-  }
-
  passport.serializeUser((user, done) => done(null, user));
  passport.deserializeUser((user, done) => done(null, user));

@ -101,9 +86,9 @@ export function initAuth(app: express.Express) {
      {
        authorizationURL: "https://discord.com/api/oauth2/authorize",
        tokenURL: "https://discord.com/api/oauth2/token",
-        clientID: process.env.CLIENT_ID,
-        clientSecret: process.env.CLIENT_SECRET,
-        callbackURL: process.env.OAUTH_CALLBACK_URL,
+        clientID: env.CLIENT_ID,
+        clientSecret: env.CLIENT_SECRET,
+        callbackURL: env.OAUTH_CALLBACK_URL,
        scope: ["identify"],
      },
      async (accessToken, refreshToken, profile, cb) => {
@ -132,9 +117,9 @@ export function initAuth(app: express.Express) {
    passport.authenticate("oauth2", { failureRedirect: "/", session: false }),
    (req: Request, res: Response) => {
      if (req.user && req.user.apiKey) {
-        res.redirect(`${process.env.DASHBOARD_URL}/login-callback/?apiKey=${req.user.apiKey}`);
+        res.redirect(`https://${env.DASHBOARD_DOMAIN}/login-callback/?apiKey=${req.user.apiKey}`);
      } else {
-        res.redirect(`${process.env.DASHBOARD_URL}/login-callback/?error=noAccess`);
+        res.redirect(`https://${env.DASHBOARD_DOMAIN}/login-callback/?error=noAccess`);
      }
    },
  );
--- a/backend/src/api/index.ts
+++ b/backend/src/api/index.ts
@ -1,8 +1,8 @@
 import { connect } from "../data/db";
 import { setIsAPI } from "../globals";
-import "./loadEnv";
+import { apiEnv } from "./loadApiEnv";

-if (!process.env.KEY) {
+if (!apiEnv.KEY) {
  // tslint:disable-next-line:no-console
  console.error("Project root .env with KEY is required!");
  process.exit(1);
--- a/backend/src/api/loadEnv.ts
+++ b/backend/src/api/loadEnv.ts
@ -1,4 +0,0 @@
-import path from "path";
-
-require("dotenv").config({ path: path.resolve(process.cwd(), "../.env") });
-require("dotenv").config({ path: path.resolve(process.cwd(), "api.env") });
--- a/backend/src/api/start.ts
+++ b/backend/src/api/start.ts
@ -8,12 +8,13 @@ import { initGuildsAPI } from "./guilds/index";
 import { clientError, error, notFound } from "./responses";
 import { startBackgroundTasks } from "./tasks";
 import multer from "multer";
+import { env } from "../env";

 const app = express();

 app.use(
  cors({
-    origin: process.env.DASHBOARD_URL,
+    origin: `https://${env.DASHBOARD_DOMAIN}`,
  }),
 );
 app.use(
@ -48,7 +49,7 @@ app.use((req, res, next) => {
  return notFound(res);
 });

-const port = (process.env.PORT && parseInt(process.env.PORT, 10)) || 3000;
+const port = env.API_PORT;
 app.listen(port, "0.0.0.0", () => console.log(`API server listening on port ${port}`)); // tslint:disable-line

 startBackgroundTasks();
--- a/backend/src/data/Phisherman.ts
+++ b/backend/src/data/Phisherman.ts
@ -6,9 +6,10 @@ import { DAYS, DBDateFormat, HOURS, MINUTES } from "../utils";
 import moment from "moment-timezone";
 import { PhishermanKeyCacheEntry } from "./entities/PhishermanKeyCacheEntry";
 import crypto from "crypto";
+import { env } from "../env";

 const API_URL = "https://api.phisherman.gg";
-const MASTER_API_KEY = process.env.PHISHERMAN_API_KEY;
+const MASTER_API_KEY = env.PHISHERMAN_API_KEY;

 let caughtDomainTrackingMap: Map<string, Map<string, number[]>> = new Map();

--- a/backend/src/env.ts
+++ b/backend/src/env.ts
@ -0,0 +1,44 @@
+import path from "path";
+import fs from "fs";
+import dotenv from "dotenv";
+import { rootDir } from "./paths";
+import { z } from "zod";
+
+const envType = z.object({
+  KEY: z.string().length(32),
+
+  CLIENT_ID: z.string(),
+  CLIENT_SECRET: z.string(),
+  BOT_TOKEN: z.string(),
+
+  OAUTH_CALLBACK_URL: z.string().url(),
+  DASHBOARD_DOMAIN: z.string(),
+  API_DOMAIN: z.string(),
+
+  STAFF: z.preprocess((v) => String(v).split(","), z.array(z.string())).optional(),
+
+  PHISHERMAN_API_KEY: z.string().optional(),
+
+  API_PORT: z.number().min(1).max(65535),
+
+  DOCKER_MYSQL_PASSWORD: z.string().optional(), // Included here for the DB_PASSWORD default in development
+
+  DB_HOST: z.string().optional().default("mysql"),
+  DB_PORT: z.number().optional().default(3306),
+  DB_USER: z.string().optional().default("zeppelin"),
+  DB_PASSWORD: z.string().optional(), // Default is set to DOCKER_MYSQL_PASSWORD further below
+  DB_DATABASE: z.string().optional().default("zeppelin"),
+});
+
+let toValidate = {};
+const envPath = path.join(rootDir, "../.env");
+if (fs.existsSync(envPath)) {
+  const buf = fs.readFileSync(envPath);
+  toValidate = dotenv.parse(buf);
+}
+
+export const env = envType.parse(toValidate);
+
+if (env.DOCKER_MYSQL_PASSWORD && !env.DB_PASSWORD) {
+  env.DB_PASSWORD = env.DOCKER_MYSQL_PASSWORD;
+}
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@ -10,7 +10,6 @@ import { connect } from "./data/db";
 import { GuildLogs } from "./data/GuildLogs";
 import { LogType } from "./data/LogType";
 import { DiscordJSError } from "./DiscordJSError";
-import "./loadEnv";
 import { logger } from "./logger";
 import { baseGuildPlugins, globalPlugins, guildPlugins } from "./plugins/availablePlugins";
 import { RecoverablePluginError } from "./RecoverablePluginError";
@ -37,12 +36,7 @@ import { runPhishermanCacheCleanupLoop, runPhishermanReportingLoop } from "./dat
 import { hasPhishermanMasterAPIKey } from "./data/Phisherman";
 import { consumeQueryStats } from "./data/queryLogger";
 import { EventEmitter } from "events";
-
-if (!process.env.KEY) {
-  // tslint:disable-next-line:no-console
-  console.error("Project root .env with KEY is required!");
-  process.exit(1);
-}
+import { env } from "./env";

 // Error handling
 let recentPluginErrors = 0;
@ -413,5 +407,5 @@ connect().then(async () => {
  bot.initialize();
  logger.info("Bot Initialized");
  logger.info("Logging in...");
-  await client.login(process.env.TOKEN);
+  await client.login(env.BOT_TOKEN);
 });
--- a/backend/src/loadEnv.ts
+++ b/backend/src/loadEnv.ts
@ -1,4 +0,0 @@
-import path from "path";
-
-require("dotenv").config({ path: path.resolve(process.cwd(), "../.env") });
-require("dotenv").config({ path: path.resolve(process.cwd(), "bot.env") });
--- a/backend/src/plugins/Automod/actions/clean.ts
+++ b/backend/src/plugins/Automod/actions/clean.ts
@ -4,8 +4,6 @@ import { LogType } from "../../../data/LogType";
 import { noop } from "../../../utils";
 import { automodAction } from "../helpers";

-const cleanDebugServer = process.env.TEMP_CLEAN_DEBUG_SERVER;
-
 export const CleanAction = automodAction({
  configType: t.boolean,
  defaultConfig: false,
@ -29,26 +27,13 @@ export const CleanAction = automodAction({
      }
    }

-    if (pluginData.guild.id === cleanDebugServer) {
-      const toDeleteFormatted = Array.from(messageIdsToDeleteByChannelId.entries())
-        .map(([channelId, messageIds]) => `- ${channelId}: ${messageIds.join(", ")}`)
-        .join("\n");
-      // tslint:disable-next-line:no-console
-      console.log(`[DEBUG] Cleaning messages (${ruleName}):\n${toDeleteFormatted}`);
-    }
-
    for (const [channelId, messageIds] of messageIdsToDeleteByChannelId.entries()) {
      for (const id of messageIds) {
        pluginData.state.logs.ignoreLog(LogType.MESSAGE_DELETE, id);
      }

      const channel = pluginData.guild.channels.cache.get(channelId as Snowflake) as TextChannel;
-      await channel.bulkDelete(messageIds as Snowflake[]).catch((err) => {
-        if (pluginData.guild.id === cleanDebugServer) {
-          // tslint:disable-next-line:no-console
-          console.error(`[DEBUG] Failed to bulk delete messages (${ruleName}): ${err}`);
-        }
-      });
+      await channel.bulkDelete(messageIds as Snowflake[]).catch(noop);
    }
  },
 });
--- a/backend/src/staff.ts
+++ b/backend/src/staff.ts
@ -1,6 +1,8 @@
+import { env } from "./env";
+
 /**
 * Zeppelin staff have full access to the dashboard
 */
 export function isStaff(userId: string) {
-  return (process.env.STAFF ?? "").split(",").includes(userId);
+  return (env.STAFF ?? []).includes(userId);
 }
--- a/backend/src/utils/crypt.ts
+++ b/backend/src/utils/crypt.ts
@ -1,21 +1,14 @@
 import { spawn, Worker, Pool } from "threads";
-import "../loadEnv";
 import type { CryptFns } from "./cryptWorker";
 import { MINUTES } from "../utils";
+import { env } from "../env";

-if (!process.env.KEY) {
-  // tslint:disable-next-line:no-console
-  console.error("Environment value KEY required for encryption");
-  process.exit(1);
-}
-
-const KEY = process.env.KEY;
 const pool = Pool(() => spawn(new Worker("./cryptWorker"), { timeout: 10 * MINUTES }), 8);

 export async function encrypt(data: string) {
-  return pool.queue((w) => w.encrypt(data, KEY));
+  return pool.queue((w) => w.encrypt(data, env.KEY));
 }

 export async function decrypt(data: string) {
-  return pool.queue((w) => w.decrypt(data, KEY));
+  return pool.queue((w) => w.decrypt(data, env.KEY));
 }