From e4fc03baf716f879b44c6ce18781d3dc702354c3 Mon Sep 17 00:00:00 2001
From: Samuel Wilhelmsson <samuel.wilhelmsson@gmail.com>
Date: Sat, 11 Jan 2025 23:28:34 +0100
Subject: add age encrypted secrets in binary

---
 main.go | 43 ++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 38 insertions(+), 5 deletions(-)

(limited to 'main.go')

diff --git a/main.go b/main.go
index ae6a684..b24e683 100644
--- a/main.go
+++ b/main.go
@@ -2,18 +2,22 @@ package main
 
 import (
 	"bufio"
+	_ "embed"
 	"fmt"
 	"io"
 	"net/http"
 	"os"
 	"path"
 	"time"
+	"tinygram/internal/secrets"
 
+	"github.com/BurntSushi/toml"
 	"github.com/google/uuid"
 	"github.com/gorilla/sessions"
 	"github.com/labstack/echo-contrib/session"
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
+	"github.com/labstack/gommon/log"
 	"gorm.io/driver/sqlite"
 	"gorm.io/gorm"
 )
@@ -24,25 +28,53 @@ type Post struct {
 	ImageID     string
 }
 
+type Config struct {
+	SessionSecret    string
+	DbPath           string
+	AssetPath        string
+	PasswordFilepath string
+}
+
+//go:embed prod.toml.agebox
+var prodenv string
+
+//go:embed dev.toml.agebox
+var devenv string
+
+var config Config
+
 func main() {
 
-	dbPath := os.Getenv("DB_PATH")
+	secret, err := secrets.DecryptSecret(devenv)
+	if err != nil {
+		log.Errorf("could not decrypt a secret", err)
+		os.Exit(1)
+	}
+	fmt.Println(secret)
+
+	_, err = toml.Decode(secret, &config)
+	if err != nil {
+		fmt.Printf("could not parse config %v\n", err)
+		os.Exit(1)
+	}
+
+	dbPath := config.DbPath
 	if dbPath == "" {
 		dbPath = "tinygram.db"
 	}
 
-	sessionSecret := os.Getenv("SESSION_SECRET")
+	sessionSecret := config.SessionSecret
 	if sessionSecret == "" {
 		fmt.Println("NEED TO PROVIDE A SECRET")
-		return
+		os.Exit(1)
 	}
 
-	passwordFilePath := os.Getenv("PASSWORD_FILE_PATH")
+	passwordFilePath := config.PasswordFilepath
 	if passwordFilePath == "" {
 		passwordFilePath = "password.txt"
 	}
 
-	assetsPath := os.Getenv("ASSETS_PATH")
+	assetsPath := config.AssetPath
 	if assetsPath == "" {
 		assetsPath = "assets"
 	}
@@ -67,6 +99,7 @@ func main() {
 
 	if err != nil {
 		fmt.Printf("opening db: %v", err)
+		return
 	}
 
 	e.Static("/static", assetsPath)
-- 
cgit v1.2.3