Blur secret when creating (#15)

* upgraded docker to newest Signed-off-by: Gaardsholt <[email protected]> * circleci is now using golang 1.18 as well Signed-off-by: Gaardsholt <[email protected]> * did stuff Signed-off-by: Gaardsholt <[email protected]> * added server and health port config option Signed-off-by: Gaardsholt <[email protected]> * cleanup + restructure Signed-off-by: Gaardsholt <[email protected]> * added option to control log level Signed-off-by: Gaardsholt <[email protected]> * added a small blur transition Signed-off-by: Gaardsholt <[email protected]> * go mod Signed-off-by: Gaardsholt <[email protected]> * go mod upgrades Signed-off-by: Gaardsholt <[email protected]> * is now using a royalty free background image + when creating a new secret it will be blurred Signed-off-by: Gaardsholt <[email protected]>
Gaardsholt · May 19, 2022 · 8c21181 · 8c21181
1 parent 2bcd849
commit 8c21181
Show file tree

Hide file tree

Showing 16 changed files with 331 additions and 162 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -3,7 +3,7 @@ version: 2.1
 executors:
   go_image:
     docker:
-      - image: cimg/go:1.17
+      - image: cimg/go:1.18
   docker_image:
     docker:
       - image: cimg/base:stable-18.04

diff --git a/.gitignore b/.gitignore
@@ -40,4 +40,6 @@ pass-along
 .history
 .ionide
 
-# End of https://www.toptal.com/developers/gitignore/api/visualstudiocode,go
+# End of https://www.toptal.com/developers/gitignore/api/visualstudiocode,go
+
+.DS_Store
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -11,9 +11,9 @@
       "mode": "auto",
       "program": "${workspaceFolder}/main.go",
       "args": [],
-      "env": {
-        "DATABASETYPE": "redis"
-      }
+      // "env": {
+      //   "DATABASETYPE": "redis"
+      // }
     }
   ]
 }
diff --git a/Dockerfile b/Dockerfile
@@ -1,16 +1,15 @@
-FROM golang:1.17.1-alpine AS builder
+FROM golang:1.18-alpine AS builder
 WORKDIR $GOPATH/src/app
 COPY . .
-RUN GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o /tmp/app
+RUN GOOS=linux GOARCH=amd64 go build -buildvcs=false -ldflags="-w -s" -o /tmp/app
 
 FROM alpine
 RUN mkdir /app
 WORKDIR /app
 COPY --from=builder /tmp/app app
 ADD ./static static/
-ADD ./templates templates/
 
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup && chown -R appuser /app
-
 USER appuser
+
 CMD ["/app/app"]
diff --git a/api/api.go b/api/api.go
@@ -3,8 +3,6 @@ package api
 import (
 	"encoding/json"
 	"fmt"
-	"html/template"
-	"mime"
 	"net/http"
 	"sync"
 	"time"
@@ -16,7 +14,6 @@ import (
 	"github.com/Gaardsholt/pass-along/redis"
 	"github.com/Gaardsholt/pass-along/types"
 	"github.com/gorilla/mux"
-	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"github.com/rs/zerolog/log"
 )
@@ -25,10 +22,8 @@ const (
 	ErrServerShuttingDown = "http: Server closed"
 )
 
-var pr *prometheus.Registry
 var secretStore datastore.SecretStore
 var startupTime time.Time
-var templates map[string]*template.Template
 var lock = sync.RWMutex{}
 
 // StartServer starts the internal and external http server and initiates the secrets store
@@ -52,25 +47,19 @@ func StartServer() (internalServer *http.Server, externalServer *http.Server) {
 	}
 
 	registerPrometheusMetrics()
-	createTemplates()
 
 	internal := mux.NewRouter()
 	external := mux.NewRouter()
-	// Start of static stuff
-	fs := http.FileServer(http.Dir("./static"))
-	external.PathPrefix("/assets").Handler(http.StripPrefix("/assets", fs))
-	external.PathPrefix("/robots.txt").Handler(fs)
-	external.PathPrefix("/favicon.ico").Handler(fs)
-	// End of static stuff
+	external.HandleFunc("/api", NewHandler).Methods("POST")
+	external.HandleFunc("/api/{id}", GetHandler).Methods("GET")
+	external.PathPrefix("/").Handler(http.StripPrefix("/", http.FileServer(http.Dir("./static"))))
 
-	external.HandleFunc("/", IndexHandler).Methods("GET")
-	external.HandleFunc("/", NewHandler).Methods("POST")
-	external.HandleFunc("/{id}", GetHandler).Methods("GET")
+	// external.HandleFunc("/", IndexHandler).Methods("GET")
 
 	internal.HandleFunc("/healthz", healthz)
 	internal.Handle("/metrics", promhttp.HandlerFor(pr, promhttp.HandlerOpts{})).Methods("GET")
 
-	internalPort := 8888
+	internalPort := config.Config.GetHealthPort()
 	internalServer = &http.Server{
 		Addr:    fmt.Sprintf(":%d", internalPort),
 		Handler: internal,
@@ -83,7 +72,7 @@ func StartServer() (internalServer *http.Server, externalServer *http.Server) {
 		}
 	}()
 
-	externalPort := 8080
+	externalPort := config.Config.GetServerPort()
 	externalServer = &http.Server{
 		Addr:    fmt.Sprintf(":%d", externalPort),
 		Handler: external,
@@ -94,17 +83,15 @@ func StartServer() (internalServer *http.Server, externalServer *http.Server) {
 			log.Fatal().Err(err).Msgf("Unable to run the external server at port %d", externalPort)
 		}
 	}()
-	log.Info().Msgf("Starting server at port %d with %s as datastore", externalPort, databaseType)
+	log.Info().Msgf("Starting server with '%s' as datastore", databaseType)
+	log.Info().Msgf("Site can now be accessed at http://localhost:%d", externalPort)
+	log.Info().Msgf("Health and metrics and can be accessed on http://localhost:%d", internalPort)
 
 	go secretStore.DeleteExpiredSecrets()
 
 	return
 }
 
-func IndexHandler(w http.ResponseWriter, r *http.Request) {
-	templates["index"].Execute(w, types.Page{Startup: startupTime})
-}
-
 // NewHandler creates a new secret in the secretstore
 func NewHandler(w http.ResponseWriter, r *http.Request) {
 	var entry types.Entry
@@ -152,21 +139,6 @@ func NewHandler(w http.ResponseWriter, r *http.Request) {
 func GetHandler(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 
-	useHtml := false
-	ctHeader := r.Header.Get("Content-Type")
-	contentType, _, err := mime.ParseMediaType(ctHeader)
-	if err != nil || contentType != "application/json" {
-		useHtml = true
-	}
-
-	if useHtml {
-		newError := templates["read"].Execute(w, types.Page{Startup: startupTime})
-		if newError != nil {
-			fmt.Fprintf(w, "%s", newError)
-		}
-		return
-	}
-
 	id := vars["id"]
 	secretData, gotData := secretStore.Get(id)
 	if !gotData {
@@ -203,47 +175,3 @@ func GetHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 	fmt.Fprintf(w, "%s", decryptedSecret)
 }
-
-// healthz is a liveness probe.
-func healthz(w http.ResponseWriter, _ *http.Request) {
-	w.WriteHeader(http.StatusOK)
-}
-
-func registerPrometheusMetrics() {
-	pr = prometheus.NewRegistry()
-	// pr.MustRegister(types.NewSecretsInCache(&secretStore))
-	pr.MustRegister(metrics.SecretsRead)
-	pr.MustRegister(metrics.ExpiredSecretsRead)
-	pr.MustRegister(metrics.NonExistentSecretsRead)
-	pr.MustRegister(metrics.SecretsCreated)
-	pr.MustRegister(metrics.SecretsCreatedWithError)
-	pr.MustRegister(metrics.SecretsDeleted)
-}
-
-func createTemplates() {
-	templates = make(map[string]*template.Template)
-	templates["index"] = template.Must(template.ParseFiles("templates/base.html", "templates/index.html"))
-	templates["read"] = template.Must(template.ParseFiles("templates/base.html", "templates/read.html"))
-}
-
-// func secretCleaner() {
-// 	for {
-// 		time.Sleep(5 * time.Minute)
-// 		secretStore.Lock.RLock()
-// 		for k, v := range secretStore.Data {
-// 			s, err := types.Decrypt(v, k)
-// 			if err != nil {
-// 				continue
-// 			}
-
-// 			isNotExpired := s.Expires.UTC().After(time.Now().UTC())
-// 			if !isNotExpired {
-// 				log.Debug().Msg("Found expired secret, deleting...")
-// 				secretStore.Lock.RUnlock()
-// 				secretStore.Delete(k)
-// 				secretStore.Lock.RLock()
-// 			}
-// 		}
-// 		secretStore.Lock.RUnlock()
-// 	}
-// }
diff --git a/api/health.go b/api/health.go
@@ -0,0 +1,8 @@
+package api
+
+import "net/http"
+
+// healthz is a liveness probe.
+func healthz(w http.ResponseWriter, _ *http.Request) {
+	w.WriteHeader(http.StatusOK)
+}
diff --git a/api/prometheus.go b/api/prometheus.go
@@ -0,0 +1,19 @@
+package api
+
+import (
+	"github.com/Gaardsholt/pass-along/metrics"
+	"github.com/prometheus/client_golang/prometheus"
+)
+
+var pr *prometheus.Registry
+
+func registerPrometheusMetrics() {
+	pr = prometheus.NewRegistry()
+	// pr.MustRegister(types.NewSecretsInCache(&secretStore))
+	pr.MustRegister(metrics.SecretsRead)
+	pr.MustRegister(metrics.ExpiredSecretsRead)
+	pr.MustRegister(metrics.NonExistentSecretsRead)
+	pr.MustRegister(metrics.SecretsCreated)
+	pr.MustRegister(metrics.SecretsCreatedWithError)
+	pr.MustRegister(metrics.SecretsDeleted)
+}
diff --git a/config/config.go b/config/config.go
@@ -2,17 +2,22 @@ package config
 
 import (
 	"fmt"
-	"log"
+	"strings"
 
 	"github.com/kelseyhightower/envconfig"
+	"github.com/rs/zerolog"
+	"github.com/rs/zerolog/log"
 )
 
 // GlobalConfig holds config parameters
 type GlobalConfig struct {
-	ServerSalt   string  `required:"false"`
-	DatabaseType *string `required:"false" default:"in-memory"`
-	RedisServer  *string `required:"false"`
-	RedisPort    *int    `required:"false"`
+	ServerPort   *int    `required:"false" split_words:"true"`
+	HealthPort   *int    `required:"false" split_words:"true"`
+	ServerSalt   string  `required:"false" split_words:"true"`
+	DatabaseType *string `required:"false" split_words:"true" default:"in-memory"`
+	RedisServer  *string `required:"false" split_words:"true"`
+	RedisPort    *int    `required:"false" split_words:"true"`
+	LogLevel     string  `required:"false" split_words:"true"`
 }
 
 var Config GlobalConfig
@@ -21,8 +26,15 @@ var Config GlobalConfig
 func LoadConfig() {
 	err := envconfig.Process("", &Config)
 	if err != nil {
-		log.Fatal(err)
+		log.Fatal().Err(err).Msg("Failed to load config")
 	}
+
+	if Config.GetServerPort() == Config.GetHealthPort() {
+		log.Fatal().Err(nil).Msg("SERVER_PORT and HEALTH_PORT must be different")
+	}
+
+	setupLogLevel()
+
 }
 
 // GetDatabaseType determines if a correct db is set
@@ -50,3 +62,37 @@ func (c GlobalConfig) GetRedisPort() int {
 	}
 	return 6379
 }
+
+func (c GlobalConfig) GetServerPort() int {
+	if c.ServerPort != nil {
+		return *c.ServerPort
+	}
+	return 8080
+}
+
+func (c GlobalConfig) GetHealthPort() int {
+	if c.HealthPort != nil {
+		return *c.HealthPort
+	}
+	return 8888
+}
+
+func setupLogLevel() {
+	// default is info
+	switch strings.ToLower(Config.LogLevel) {
+	case "debug":
+		zerolog.SetGlobalLevel(zerolog.DebugLevel)
+		break
+	case "info":
+		zerolog.SetGlobalLevel(zerolog.InfoLevel)
+		break
+	case "warn":
+		zerolog.SetGlobalLevel(zerolog.WarnLevel)
+		break
+	case "error":
+		zerolog.SetGlobalLevel(zerolog.ErrorLevel)
+		break
+	default:
+		zerolog.SetGlobalLevel(zerolog.InfoLevel)
+	}
+}
diff --git a/go.mod b/go.mod
@@ -1,15 +1,15 @@
 module github.com/Gaardsholt/pass-along
 
-go 1.17
+go 1.18
 
 require (
-	github.com/alicebob/miniredis/v2 v2.18.0
+	github.com/alicebob/miniredis/v2 v2.21.0
 	github.com/gomodule/redigo v1.8.8
 	github.com/gorilla/mux v1.8.0
 	github.com/kelseyhightower/envconfig v1.4.0
-	github.com/prometheus/client_golang v1.12.1
+	github.com/prometheus/client_golang v1.12.2
 	github.com/rs/zerolog v1.26.1
-	golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e
+	golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898
 	gotest.tools v2.2.0+incompatible
 )
 
@@ -24,7 +24,7 @@ require (
 	github.com/prometheus/client_model v0.2.0 // indirect
 	github.com/prometheus/common v0.32.1 // indirect
 	github.com/prometheus/procfs v0.7.3 // indirect
-	github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da // indirect
+	github.com/yuin/gopher-lua v0.0.0-20210529063254-f4c35e4016d9 // indirect
 	golang.org/x/sys v0.0.0-20220114195835-da31bd327af9 // indirect
 	google.golang.org/protobuf v1.26.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -40,8 +40,8 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a h1:HbKu58rmZpUGpz5+4FfNmIU+FmZg2P3Xaj2v2bfNWmk=
 github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc=
-github.com/alicebob/miniredis/v2 v2.18.0 h1:EPUGD69ou4Uw4c81t9NLh0+dSou46k4tFEvf498FJ0g=
-github.com/alicebob/miniredis/v2 v2.18.0/go.mod h1:gquAfGbzn92jvtrSC69+6zZnwSODVXVpYDRaGhWaL6I=
+github.com/alicebob/miniredis/v2 v2.21.0 h1:CdmwIlKUWFBDS+4464GtQiQ0R1vpzOgu4Vnd74rBL7M=
+github.com/alicebob/miniredis/v2 v2.21.0/go.mod h1:XNqvJdQJv5mSuVMc0ynneafpnL/zv52acZ6kqeS0t88=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -172,8 +172,8 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.12.1 h1:ZiaPsmm9uiBeaSMRznKsCDNtPCS0T3JVDGF+06gjBzk=
-github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
+github.com/prometheus/client_golang v1.12.2 h1:51L9cDoUHVrXx4zWYlcLQIZ+d+VXHgqnYKkIuq4g/34=
+github.com/prometheus/client_golang v1.12.2/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
@@ -208,8 +208,8 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da h1:NimzV1aGyq29m5ukMK0AMWEhFaL/lrEOaephfuoiARg=
-github.com/yuin/gopher-lua v0.0.0-20200816102855-ee81675732da/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
+github.com/yuin/gopher-lua v0.0.0-20210529063254-f4c35e4016d9 h1:k/gmLsJDWwWqbLCur2yWnJzwQEKRcAHXo6seXGuSwWw=
+github.com/yuin/gopher-lua v0.0.0-20210529063254-f4c35e4016d9/go.mod h1:E1AXubJBdNmFERAOucpDIxNzeGfLzg0mYh+UfMWdChA=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
@@ -221,8 +221,9 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e h1:1SzTfNOXwIS2oWiMF+6qu0OUDKb0dauo6MoDUQyu+yU=
 golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
+golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898 h1:SLP7Q4Di66FONjDJbCYrCRrh97focO6sLogHO7/g8F0=
+golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=

diff --git a/static/background.jpg b/static/background.jpg