DefaultEnvConfig returns the default configuration when running on a known environment. Currently this just includes Google Compute Engine. If the environment isn't known (nil, nil) is returned.
()
| 39 | // environment. Currently this just includes Google Compute Engine. |
| 40 | // If the environment isn't known (nil, nil) is returned. |
| 41 | func DefaultEnvConfig() (*Config, error) { |
| 42 | if !env.OnGCE() { |
| 43 | return nil, nil |
| 44 | } |
| 45 | auth := "none" |
| 46 | user, _ := metadata.InstanceAttributeValue("camlistore-username") |
| 47 | pass, _ := metadata.InstanceAttributeValue("camlistore-password") |
| 48 | confBucket, err := metadata.InstanceAttributeValue("camlistore-config-dir") |
| 49 | if confBucket == "" || err != nil { |
| 50 | return nil, fmt.Errorf("VM instance metadata key 'camlistore-config-dir' not set: %v", err) |
| 51 | } |
| 52 | blobBucket, err := metadata.InstanceAttributeValue("camlistore-blob-dir") |
| 53 | if blobBucket == "" || err != nil { |
| 54 | return nil, fmt.Errorf("VM instance metadata key 'camlistore-blob-dir' not set: %v", err) |
| 55 | } |
| 56 | if user != "" && pass != "" { |
| 57 | auth = "userpass:" + user + ":" + pass |
| 58 | } |
| 59 | |
| 60 | if v := osutil.SecretRingFile(); !strings.HasPrefix(v, "/gcs/") { |
| 61 | return nil, fmt.Errorf("Internal error: secret ring path on GCE should be at /gcs/, not %q", v) |
| 62 | } |
| 63 | keyID, secRing, err := getOrMakeKeyring() |
| 64 | if err != nil { |
| 65 | return nil, err |
| 66 | } |
| 67 | |
| 68 | highConf := &serverconfig.Config{ |
| 69 | Auth: auth, |
| 70 | HTTPS: true, |
| 71 | Identity: keyID, |
| 72 | IdentitySecretRing: secRing, |
| 73 | GoogleCloudStorage: ":" + strings.TrimPrefix(blobBucket, "gs://"), |
| 74 | PackRelated: true, |
| 75 | ShareHandler: true, |
| 76 | } |
| 77 | |
| 78 | hostName, _ := metadata.InstanceAttributeValue("camlistore-hostname") |
| 79 | // If they specified a hostname (previously common with old pk-deploy), then: |
| 80 | // if it looks like an FQDN, perkeepd is going to rely on Let's |
| 81 | // Encrypt, else perkeepd is going to generate some self-signed for that |
| 82 | // hostname. |
| 83 | // Also, if the hostname is in camlistore.net, we want Perkeep to initialize |
| 84 | // exactly as if the instance had no hostname, so that it registers its hostname/IP |
| 85 | // with the camlistore.net DNS server (possibly needlessly, if the instance IP has |
| 86 | // not changed) again. |
| 87 | if hostName != "" && !strings.HasSuffix(hostName, "camlistore.net") { |
| 88 | highConf.BaseURL = fmt.Sprintf("https://%s", hostName) |
| 89 | highConf.Listen = "0.0.0.0:443" |
| 90 | } else { |
| 91 | panic("unsupported legacy configuration using camlistore.net is no longer supported") |
| 92 | } |
| 93 | |
| 94 | // Detect a linked Docker MySQL container. It must have alias "mysqldb". |
| 95 | mysqlPort := os.Getenv("MYSQLDB_PORT") |
| 96 | if !strings.HasPrefix(mysqlPort, "tcp://") { |
| 97 | // No MySQL |
| 98 | // TODO: also detect Cloud SQL. |
no test coverage detected