selfhosted
/
dashy
mirror of https://github.com/lissy93/dashy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add env vars parser to avoid leaking secrets

This commit is contained in:
zigotica 2024-01-15 18:45:40 +01:00
parent d77c188a7e
commit 19da2ec829
4 changed files with 66 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.env
View File

@ -38,3 +38,7 @@
# Directory for conf.yml backups
# BACKUP_DIR=./public/
# Setup any other user defined vars by prepending VUE_APP_ to the var name
# VUE_APP_pihole_ip=http://your.pihole.ip
# VUE_APP_pihole_key=your_pihole_secret_key

13
docs/widgets.md
View File

@ -1551,6 +1551,19 @@ Displays the number of queries blocked by [Pi-Hole](https://pi-hole.net/).
apiKey: xxxxxxxxxxxxxxxxxxxxxxx
```
> [!TIP]
> In order to avoid leaking secret data, both `hostname` and `apiKey` can leverage environment variables. Simply pass the name of the variable, which MUST start with `VUE_APP_`.
```yaml
- type: pi-hole-stats
options:
hostname: VUE_APP_pihole_ip
apiKey: VUE_APP_pihole_key
```
> [!IMPORTANT]
> You will need to restart the server (or the docker image) if adding/editing an env var for this to be refreshed.
#### Info
- **CORS**: 🟢 Enabled

7
src/components/Widgets/PiHoleStats.vue
View File

@ -36,13 +36,14 @@ export default {
computed: {
/* Let user select which comic to display: random, latest or a specific number */
hostname() {
const usersChoice = this.options.hostname;
const usersChoice = this.parseAsEnvVar(this.options.hostname);
if (!usersChoice) this.error('You must specify the hostname for your Pi-Hole server');
return usersChoice || 'http://pi.hole';
},
apiKey() {
if (!this.options.apiKey) this.error('API Key is required, please see the docs');
return this.options.apiKey;
const usersChoice = this.parseAsEnvVar(this.options.apiKey);
if (!usersChoice) this.error('API Key is required, please see the docs');
return usersChoice;
},
endpoint() {
return `${this.hostname}/admin/api.php?summary&auth=${this.apiKey}`;

5
src/mixins/WidgetMixin.js
View File

@ -131,6 +131,11 @@ const WidgetMixin = {
});
});
},
/* Check if a value is an environment variable, return its value if so. */
parseAsEnvVar(str) {
if (str.includes('VUE_APP_')) return process.env[str];
return str;
},
},
};