ershisan99/coolify
1
0
Fork 0
mirror of https://github.com/ershisan99/coolify.git synced 2025-12-17 04:59:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Andras Bacsai
2023-07-14 22:30:40 +02:00
parent 6430e7b288
commit 055ff6dbbd
4 changed files with 51 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
apps/api/prisma/seed.js
View File

@@ -102,14 +102,14 @@ async function reEncryptSecrets() {
} }
if (secretOld !== secretNew) { if (secretOld !== secretNew) {
console.log('secrets are different, so re-encrypting'); console.log('secrets are different, so re-encrypting');
const secrets = await prisma.secret.findMany(); // const secrets = await prisma.secret.findMany();
if (secrets.length > 0) { // if (secrets.length > 0) {
for (const secret of secrets) { // for (const secret of secrets) {
const value = decrypt(secret.value, secretOld); // const value = decrypt(secret.value, secretOld);
const newValue = encrypt(value, secretNew); // const newValue = encrypt(value, secretNew);
console.log({ value: secret.value, newValue }); // console.log({ value: secret.value, newValue });
} // }
} // }
} }
} }
main() main()

9
apps/api/src/index.ts
View File

@@ -38,6 +38,7 @@ declare module 'fastify' {
config: { config: {
COOLIFY_APP_ID: string; COOLIFY_APP_ID: string;
COOLIFY_SECRET_KEY: string; COOLIFY_SECRET_KEY: string;
COOLIFY_SECRET_KEY_BETTER: string | null;
COOLIFY_DATABASE_URL: string; COOLIFY_DATABASE_URL: string;
COOLIFY_IS_ON: string; COOLIFY_IS_ON: string;
COOLIFY_WHITE_LABELED: string; COOLIFY_WHITE_LABELED: string;
@@ -67,6 +68,10 @@ const host = '0.0.0.0';
COOLIFY_SECRET_KEY: { COOLIFY_SECRET_KEY: {
type: 'string' type: 'string'
}, },
COOLIFY_SECRET_KEY_BETTER: {
type: 'string',
default: null
},
COOLIFY_DATABASE_URL: { COOLIFY_DATABASE_URL: {
type: 'string', type: 'string',
default: 'file:../db/dev.db' default: 'file:../db/dev.db'
@@ -402,7 +407,9 @@ async function autoUpdater() {
if (!isDev) { if (!isDev) {
const { isAutoUpdateEnabled } = await prisma.setting.findFirst(); const { isAutoUpdateEnabled } = await prisma.setting.findFirst();
if (isAutoUpdateEnabled) { if (isAutoUpdateEnabled) {
await executeCommand({ command: `docker pull ghcr.io/coollabsio/coolify:${latestVersion}` }); await executeCommand({
command: `docker pull ghcr.io/coollabsio/coolify:${latestVersion}`
});
await executeCommand({ shell: true, command: `env | grep '^COOLIFY' > .env` }); await executeCommand({ shell: true, command: `env | grep '^COOLIFY' > .env` });
await executeCommand({ await executeCommand({
command: `sed -i '/COOLIFY_AUTO_UPDATE=/cCOOLIFY_AUTO_UPDATE=${isAutoUpdateEnabled}' .env` command: `sed -i '/COOLIFY_AUTO_UPDATE=/cCOOLIFY_AUTO_UPDATE=${isAutoUpdateEnabled}' .env`

12
apps/api/src/lib/common.ts
View File

@@ -172,13 +172,19 @@ export const base64Encode = (text: string): string => {
export const base64Decode = (text: string): string => { export const base64Decode = (text: string): string => {
return Buffer.from(text, 'base64').toString('ascii'); return Buffer.from(text, 'base64').toString('ascii');
}; };
export const getSecretKey = () => {
if (process.env['COOLIFY_SECRET_KEY_BETTER']) {
return process.env['COOLIFY_SECRET_KEY_BETTER'];
}
return process.env['COOLIFY_SECRET_KEY'];
};
export const decrypt = (hashString: string) => { export const decrypt = (hashString: string) => {
if (hashString) { if (hashString) {
try { try {
const hash = JSON.parse(hashString); const hash = JSON.parse(hashString);
const decipher = crypto.createDecipheriv( const decipher = crypto.createDecipheriv(
algorithm, algorithm,
process.env['COOLIFY_SECRET_KEY'], getSecretKey(),
Buffer.from(hash.iv, 'hex') Buffer.from(hash.iv, 'hex')
); );
const decrpyted = Buffer.concat([ const decrpyted = Buffer.concat([
@@ -195,7 +201,7 @@ export const decrypt = (hashString: string) => {
export const encrypt = (text: string) => { export const encrypt = (text: string) => {
if (text) { if (text) {
const iv = crypto.randomBytes(16); const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv(algorithm, process.env['COOLIFY_SECRET_KEY'], iv); const cipher = crypto.createCipheriv(algorithm, getSecretKey(), iv);
const encrypted = Buffer.concat([cipher.update(text.trim()), cipher.final()]); const encrypted = Buffer.concat([cipher.update(text.trim()), cipher.final()]);
return JSON.stringify({ return JSON.stringify({
iv: iv.toString('hex'), iv: iv.toString('hex'),
@@ -841,7 +847,7 @@ export function generateToken() {
{ {
nbf: Math.floor(Date.now() / 1000) - 30 nbf: Math.floor(Date.now() / 1000) - 30
}, },
process.env['COOLIFY_SECRET_KEY'] getSecretKey()
); );
} }
export function generatePassword({ export function generatePassword({

32
apps/api/src/plugins/jwt.ts
View File

@@ -1,33 +1,33 @@
import fp from 'fastify-plugin' import fp from 'fastify-plugin';
import fastifyJwt, { FastifyJWTOptions } from '@fastify/jwt' import fastifyJwt, { FastifyJWTOptions } from '@fastify/jwt';
declare module "@fastify/jwt" { declare module '@fastify/jwt' {
interface FastifyJWT { interface FastifyJWT {
user: { user: {
userId: string, userId: string;
teamId: string, teamId: string;
permission: string, permission: string;
isAdmin: boolean isAdmin: boolean;
} };
} }
} }
export default fp<FastifyJWTOptions>(async (fastify, opts) => { export default fp<FastifyJWTOptions>(async (fastify, opts) => {
fastify.register(fastifyJwt, { fastify.register(fastifyJwt, {
secret: fastify.config.COOLIFY_SECRET_KEY secret: fastify.config.COOLIFY_SECRET_KEY_BETTER ?? fastify.config.COOLIFY_SECRET_KEY
}) });
fastify.decorate("authenticate", async function (request, reply) { fastify.decorate('authenticate', async function (request, reply) {
try { try {
await request.jwtVerify() await request.jwtVerify();
} catch (err) { } catch (err) {
reply.send(err) reply.send(err);
} }
}) });
}) });
declare module 'fastify' { declare module 'fastify' {
export interface FastifyInstance { export interface FastifyInstance {
authenticate(): Promise<void> authenticate(): Promise<void>;
} }
} }