diff --git a/config/options.go b/config/options.go index 98c25634..6b319518 100644 --- a/config/options.go +++ b/config/options.go @@ -483,9 +483,9 @@ func (o *Options) HasWatchdog() bool { } // SortedOptions returns options as a list of key value pairs, sorted by keys. -func (o *Options) SortedOptions() []*Option { +func (o *Options) SortedOptions(redactSecret bool) []*Option { var keyValues = map[string]interface{}{ - "ADMIN_PASSWORD": o.adminPassword, + "ADMIN_PASSWORD": redactSecretValue(o.adminPassword, redactSecret), "ADMIN_USERNAME": o.adminUsername, "AUTH_PROXY_HEADER": o.authProxyHeader, "AUTH_PROXY_USER_CREATION": o.authProxyUserCreation, @@ -503,10 +503,12 @@ func (o *Options) SortedOptions() []*Option { "DATABASE_MAX_CONNS": o.databaseMaxConns, "DATABASE_MIN_CONNS": o.databaseMinConns, "DATABASE_CONNECTION_LIFETIME": o.databaseConnectionLifetime, - "DATABASE_URL": o.databaseURL, + "DATABASE_URL": redactSecretValue(o.databaseURL, redactSecret), "DEBUG": o.debug, + "DISABLE_HSTS": !o.hsts, + "DISABLE_SCHEDULER_SERVICE": !o.schedulerService, + "DISABLE_HTTP_SERVICE": !o.httpService, "FETCH_YOUTUBE_WATCH_TIME": o.fetchYouTubeWatchTime, - "HSTS": o.hsts, "HTTPS": o.HTTPS, "HTTP_CLIENT_MAX_BODY_SIZE": o.httpClientMaxBodySize, "HTTP_CLIENT_PROXY": o.httpClientProxy, @@ -518,16 +520,16 @@ func (o *Options) SortedOptions() []*Option { "LOG_DATE_TIME": o.logDateTime, "MAINTENANCE_MESSAGE": o.maintenanceMessage, "MAINTENANCE_MODE": o.maintenanceMode, - "METRICS_ALLOWED_NETWORKS": o.metricsAllowedNetworks, + "METRICS_ALLOWED_NETWORKS": strings.Join(o.metricsAllowedNetworks, ","), "METRICS_COLLECTOR": o.metricsCollector, "METRICS_REFRESH_INTERVAL": o.metricsRefreshInterval, "OAUTH2_CLIENT_ID": o.oauth2ClientID, - "OAUTH2_CLIENT_SECRET": o.oauth2ClientSecret, + "OAUTH2_CLIENT_SECRET": redactSecretValue(o.oauth2ClientSecret, redactSecret), "OAUTH2_OIDC_DISCOVERY_ENDPOINT": o.oauth2OidcDiscoveryEndpoint, "OAUTH2_PROVIDER": o.oauth2Provider, "OAUTH2_REDIRECT_URL": o.oauth2RedirectURL, "OAUTH2_USER_CREATION": o.oauth2UserCreationAllowed, - "POCKET_CONSUMER_KEY": o.pocketConsumerKey, + "POCKET_CONSUMER_KEY": redactSecretValue(o.pocketConsumerKey, redactSecret), "POLLING_FREQUENCY": o.pollingFrequency, "POLLING_PARSING_ERROR_LIMIT": o.pollingParsingErrorLimit, "POLLING_SCHEDULER": o.pollingScheduler, @@ -558,9 +560,16 @@ func (o *Options) SortedOptions() []*Option { func (o *Options) String() string { var builder strings.Builder - for _, option := range o.SortedOptions() { + for _, option := range o.SortedOptions(false) { fmt.Fprintf(&builder, "%s=%v\n", option.Key, option.Value) } return builder.String() } + +func redactSecretValue(value string, redactSecret bool) string { + if redactSecret && value != "" { + return "******" + } + return value +} diff --git a/config/parser.go b/config/parser.go index 5e62b73a..ea77b6a6 100644 --- a/config/parser.go +++ b/config/parser.go @@ -215,12 +215,12 @@ func parseBaseURL(value string) (string, string, string, error) { url, err := url_parser.Parse(value) if err != nil { - return "", "", "", fmt.Errorf("Invalid BASE_URL: %v", err) + return "", "", "", fmt.Errorf("config: invalid BASE_URL: %w", err) } scheme := strings.ToLower(url.Scheme) if scheme != "https" && scheme != "http" { - return "", "", "", errors.New("Invalid BASE_URL: scheme must be http or https") + return "", "", "", errors.New("config: invalid BASE_URL: scheme must be http or https") } basePath := url.Path diff --git a/ui/about.go b/ui/about.go index 466cec76..caf4bcff 100644 --- a/ui/about.go +++ b/ui/about.go @@ -31,7 +31,7 @@ func (h *handler) showAboutPage(w http.ResponseWriter, r *http.Request) { view.Set("user", user) view.Set("countUnread", h.store.CountUnreadEntries(user.ID)) view.Set("countErrorFeeds", h.store.CountUserFeedsWithErrors(user.ID)) - view.Set("globalConfigOptions", config.Opts.SortedOptions()) + view.Set("globalConfigOptions", config.Opts.SortedOptions(true)) view.Set("postgres_version", h.store.DatabaseVersion()) html.OK(w, r, view.Render("about"))