feat: supports reading config values from CLI

crates/notary/server/Cargo.toml

@@ -15,6 +15,7 @@ axum-core = { version = "0.4" }
 axum-macros = { version = "0.4" }
 base64 = { version = "0.21" }
 chrono = { version = "0.4" }
+config = { version = "0.14", features = ["yaml"] }
 csv = { version = "1.3" }
 eyre = { version = "0.6" }
 futures = { workspace = true }

crates/notary/server/README.md

@@ -66,6 +66,34 @@ docker run --init -p 127.0.0.1:7047:7047 -v <your folder path>:/root/.notary-ser
 ```bash
 docker run --init -p 127.0.0.1:7047:7047 -v <your folder path>:/root/.notary-server/fixture/notary notary-server:local
 ```
+
+### Configuration
+
+The notary server can be configured using three methods: a configuration file, command-line interface (CLI) arguments, and environment variables. These methods provide flexibility in how you set up and run the server.
+
+1. Configuration File - By default, the server looks for a config.yaml file in the `notary/server/config/` directory. This file contains all the configurable settings for the server, e.g.
+   ```yaml
+   server:
+     name: "notary-server"
+     host: "0.0.0.0"
+     port: 7047
+
+   notarization:
+     max_sent_data: 4096
+     max_recv_data: 16384
+
+   ...
+    ```
+
+2. Command-Line Interface (CLI) Arguments - You can override *some* configuration file settings using CLI arguments when starting the server. This also takes precedence over the environment variable method below. E.g.
+   ```shell
+   cargo run -- --port 8080 --tls-enabled false --log-level INFO
+   ```
+
+3. Environment Variables - This can be used to configure all the server settings, where it will override the config file. It uses the prefix `NOTARY_SERVER__` followed by the configuration key(s) in uppercase. Double underscores are used in nested configuration keys, e.g. `tls.enabled` in the config file will be `NOTARY_SERVER__TLS__ENABLED`. E.g.   
+   ```shell
+   NOTARY_SERVER__SERVER__PORT=8080 NOTARY_SERVER__NOTARIZATION__MAX_SENT_DATA=2048 NOTARY_SERVER__TLS__ENABLED=false cargo run
+   ```
 ---
 ## API
 All APIs are TLS-protected, hence please use `https://` or `wss://`.

crates/notary/server/config/config.yaml

@@ -2,7 +2,7 @@ server:
   name: "notary-server"
   host: "0.0.0.0"
   port: 7047
-  html-info: |
+  html_info: |
     <h1>Notary Server {version}!</h1>
     <ul>
     <li>git commit hash: <a href="https://github.com/tlsnotary/tlsn/commit/{git_commit_hash}">{git_commit_hash}</a></li>
@@ -12,21 +12,21 @@ server:
     <a href="/healthcheck">health check</a> - <a href="/info">info</a><br/>
 
 notarization:
-  max-sent-data: 4096
-  max-recv-data: 16384
+  max_sent_data: 4096
+  max_recv_data: 16384
 
 tls:
   enabled: true
-  private-key-pem-path: "./fixture/tls/notary.key"
-  certificate-pem-path: "./fixture/tls/notary.crt"
+  private_key_pem_path: "./fixture/tls/notary.key"
+  certificate_pem_path: "./fixture/tls/notary.crt"
 
-notary-key:
-  private-key-pem-path: "./fixture/notary/notary.key"
-  public-key-pem-path: "./fixture/notary/notary.pub"
+notary_key:
+  private_key_pem_path: "./fixture/notary/notary.key"
+  public_key_pem_path: "./fixture/notary/notary.pub"
 
 logging:
   level: DEBUG
 
 authorization:
   enabled: false
-  whitelist-csv-path: "./fixture/auth/whitelist.csv"
+  whitelist_csv_path: "./fixture/auth/whitelist.csv"

crates/notary/server/src/config.rs

@@ -1,7 +1,6 @@
 use serde::Deserialize;
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct NotaryServerProperties {
     /// Name and address of the notary server
     pub server: ServerProperties,
@@ -18,7 +17,6 @@ pub struct NotaryServerProperties {
 }
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct AuthorizationProperties {
     /// Switch to turn on or off auth middleware
     pub enabled: bool,
@@ -27,7 +25,6 @@ pub struct AuthorizationProperties {
 }
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct NotarizationProperties {
     /// Global limit for maximum number of bytes that can be sent
     pub max_sent_data: usize,
@@ -36,7 +33,6 @@ pub struct NotarizationProperties {
 }
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct ServerProperties {
     /// Used for testing purpose
     pub name: String,
@@ -49,7 +45,6 @@ pub struct ServerProperties {
 }
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct TLSProperties {
     /// Flag to turn on/off TLS between prover and notary (should always be
     /// turned on unless TLS is handled by external setup e.g. reverse proxy,
@@ -60,14 +55,12 @@ pub struct TLSProperties {
 }
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct NotarySigningKeyProperties {
     pub private_key_pem_path: String,
     pub public_key_pem_path: String,
 }
 
 #[derive(Clone, Debug, Deserialize, Default)]
-#[serde(rename_all = "kebab-case")]
 pub struct LoggingProperties {
     /// Log verbosity level of the default filtering logic, which is
     /// notary_server=<level>,tlsn_verifier=<level>,tls_mpc=<level> Must be either of <https://docs.rs/tracing/latest/tracing/struct.Level.html#implementations>

crates/notary/server/src/domain/cli.rs

@@ -7,4 +7,16 @@
     /// Configuration file location
     #[structopt(long, default_value = "./config/config.yaml")]
     pub config_file: String,
+
+    /// Port of notary server
+    #[structopt(long)]
+    pub port: Option<u16>,
+
+    /// Flag to turn on/off TLS when connecting to prover
+    #[structopt(long)]
+    pub tls_enabled: Option<bool>,
+
+    /// Level of logging
+    #[structopt(long)]
+    pub log_level: Option<String>,
 }

crates/notary/server/src/lib.rs

@@ -5,6 +5,7 @@ mod middleware;
 mod server;
 mod server_tracing;
 mod service;
+mod settings;
 mod signing;
 mod util;
 
@@ -19,4 +20,5 @@ pub use domain::{
 pub use error::NotaryServerError;
 pub use server::{read_pem_file, run_server};
 pub use server_tracing::init_tracing;
+pub use settings::Settings;
 pub use util::parse_config_file;

crates/notary/server/src/main.rs

@@ -1,25 +1,23 @@
 use eyre::{eyre, Result};
+use notary_server::{init_tracing, run_server, CliFields, NotaryServerError, Settings};
 use structopt::StructOpt;
 use tracing::debug;
 
-use notary_server::{
-    init_tracing, parse_config_file, run_server, CliFields, NotaryServerError,
-    NotaryServerProperties,
-};
-
 #[tokio::main]
 async fn main() -> Result<(), NotaryServerError> {
-    // Load command line arguments which contains the config file location
+    // Load command line arguments
     let cli_fields: CliFields = CliFields::from_args();
-    let config: NotaryServerProperties = parse_config_file(&cli_fields.config_file)?;
+
+    let settings =
+        Settings::new(&cli_fields).map_err(|err| eyre!("Failed to load settings: {}", err))?;
 
     // Set up tracing for logging
-    init_tracing(&config).map_err(|err| eyre!("Failed to set up tracing: {err}"))?;
+    init_tracing(&settings.config).map_err(|err| eyre!("Failed to set up tracing: {err}"))?;
 
-    debug!(?config, "Server config loaded");
+    debug!(?settings.config, "Server config loaded");
 
     // Run the server
-    run_server(&config).await?;
+    run_server(&settings.config).await?;
 
     Ok(())
 }

crates/notary/server/src/settings.rs

@@ -0,0 +1,45 @@
+use crate::{CliFields, NotaryServerProperties};
+use config::{Config, ConfigError, Environment, File};
+use serde::Deserialize;
+use std::path::Path;
+
+#[derive(Debug, Deserialize)]
+pub struct Settings {
+    #[serde(flatten)]
+    pub config: NotaryServerProperties,
+}
+
+impl Settings {
+    pub fn new(cli_fields: &CliFields) -> Result<Self, ConfigError> {
+        let config_path = Path::new(&cli_fields.config_file);
+
+        let mut builder = Config::builder()
+            // Load base configuration
+            .add_source(File::from(config_path))
+            // Add in settings from environment variables (with a prefix of NOTARY_SERVER and '__'
+            // as separator).
+            .add_source(
+                Environment::with_prefix("NOTARY_SERVER")
+                    .try_parsing(true)
+                    .prefix_separator("__")
+                    .separator("__"),
+            );
+
+        // Apply CLI argument overrides
+        if let Some(port) = cli_fields.port {
+            builder = builder.set_override("server.port", port)?;
+        }
+        if let Some(tls_enabled) = cli_fields.tls_enabled {
+            builder = builder.set_override("tls.enabled", tls_enabled)?;
+        }
+        if let Some(log_level) = &cli_fields.log_level {
+            builder = builder.set_override("logging.level", log_level.clone())?;
+        }
+
+        let config = builder.build()?;
+
+        let settings: Settings = config.try_deserialize()?;
+
+        Ok(settings)
+    }
+}