Config: Read secrets from file

internal/config/config.go

@@ -115,11 +115,34 @@ func NewConfig(ctx *cli.Context) *Config {
 		}
 	}
 
+	// All options loaded and overrides are applied, now some options can be initialized from files.
+	c.loadSecretsFromFile()
+
 	Ext().Init(c)
 
 	return c
 }
 
+func (c *Config) loadSecretsFromFile() *Config {
+	if adminPasswordFile := c.options.AdminPasswordFile; fs.FileExists(adminPasswordFile) {
+		if lines, err := fs.ReadLines(adminPasswordFile); err == nil {
+			c.options.AdminPassword = lines[0]
+		} else {
+			log.Warnf("config: failed to read admin password from file %s", adminPasswordFile)
+		}
+	}
+
+	if databasePasswordFile := c.options.DatabasePasswordFile; fs.FileExists(databasePasswordFile) {
+		if lines, err := fs.ReadLines(databasePasswordFile); err == nil {
+			c.options.DatabasePassword = lines[0]
+		} else {
+			log.Warnf("config: failed to read database password from file %s", databasePasswordFile)
+		}
+	}
+
+	return c
+}
+
 // Unsafe checks if unsafe settings are allowed.
 func (c *Config) Unsafe() bool {
 	return c.options.Unsafe

internal/config/config_auth.go

@@ -39,6 +39,11 @@ func (c *Config) AdminPassword() string {
 	return clean.Password(c.options.AdminPassword)
 }
 
+// AdminPasswordFile returns the file that contains an initial admin password.
+func (c *Config) AdminPasswordFile() string {
+	return c.options.AdminPasswordFile
+}
+
 // SessionMaxAge returns the time in seconds until API sessions expire automatically.
 func (c *Config) SessionMaxAge() int64 {
 	if c.options.SessionMaxAge < 0 {

internal/config/config_db.go

@@ -203,6 +203,11 @@ func (c *Config) DatabasePassword() string {
 	return c.options.DatabasePassword
 }
 
+// DatabasePasswordFile returns the file that contains database user password.
+func (c *Config) DatabasePasswordFile() string {
+	return c.options.DatabasePasswordFile
+}
+
 // DatabaseConns returns the maximum number of open connections to the database.
 func (c *Config) DatabaseConns() int {
 	limit := c.options.DatabaseConns

internal/config/config_test.go

@@ -567,3 +567,11 @@ func TestConfigOptions(t *testing.T) {
 	assert.Equal(t, r2.AutoImport, 0)
 	assert.Equal(t, r2.AutoIndex, 0)
 }
+
+func TestConfig_SecretsFiles(t *testing.T) {
+	ctx := CliTestContext()
+	ctx.GlobalSet("admin-password-file", "/go/src/github.com/photoprism/photoprism/internal/config/testdata/admin_password")
+	c := NewConfig(ctx)
+
+	assert.Equal(t, "test_password", c.AdminPassword())
+}

internal/config/flags.go

@@ -39,6 +39,11 @@ var Flags = CliFlags{
 			Usage:  fmt.Sprintf("initial superadmin `PASSWORD` (minimum %d characters)", entity.PasswordLength),
 			EnvVar: "PHOTOPRISM_ADMIN_PASSWORD",
 		}}, {
+		Flag: cli.StringFlag{
+			Name:   "admin-password-file",
+			Usage:  fmt.Sprintf("a file containing an initial admin user `PASSWORD`, which must have at least %d characters", entity.PasswordLength),
+			EnvVar: "PHOTOPRISM_ADMIN_PASSWORD_FILE",
+		}}, {
 		Flag: cli.Int64Flag{
 			Name:   "session-maxage",
 			Value:  DefaultSessionMaxAge,
@@ -510,6 +515,11 @@ var Flags = CliFlags{
 			Usage:  "database user `PASSWORD`",
 			EnvVar: "PHOTOPRISM_DATABASE_PASSWORD",
 		}}, {
+		Flag: cli.StringFlag{
+			Name:   "database-password-file",
+			Usage:  "a file containing a database user `PASSWORD`",
+			EnvVar: "PHOTOPRISM_DATABASE_PASSWORD_FILE",
+		}}, {
 		Flag: cli.IntFlag{
 			Name:   "database-conns",
 			Usage:  "maximum `NUMBER` of open database connections",

internal/config/options.go

@@ -30,6 +30,7 @@ type Options struct {
 	Public                bool          `yaml:"Public" json:"-" flag:"public"`
 	AdminUser             string        `yaml:"AdminUser" json:"-" flag:"admin-user"`
 	AdminPassword         string        `yaml:"AdminPassword" json:"-" flag:"admin-password"`
+	AdminPasswordFile     string        `yaml:"AdminPasswordFile" json:"-" flag:"admin-password-file"`
 	SessionMaxAge         int64         `yaml:"SessionMaxAge" json:"-" flag:"session-maxage"`
 	SessionTimeout        int64         `yaml:"SessionTimeout" json:"-" flag:"session-timeout"`
 	LogLevel              string        `yaml:"LogLevel" json:"-" flag:"log-level"`
@@ -113,6 +114,7 @@ type Options struct {
 	DatabaseServer        string        `yaml:"DatabaseServer" json:"-" flag:"database-server"`
 	DatabaseUser          string        `yaml:"DatabaseUser" json:"-" flag:"database-user"`
 	DatabasePassword      string        `yaml:"DatabasePassword" json:"-" flag:"database-password"`
+	DatabasePasswordFile  string        `yaml:"DatabasePasswordFile" json:"-" flag:"database-password-file"`
 	DatabaseConns         int           `yaml:"DatabaseConns" json:"-" flag:"database-conns"`
 	DatabaseConnsIdle     int           `yaml:"DatabaseConnsIdle" json:"-" flag:"database-conns-idle"`
 	DarktableBin          string        `yaml:"DarktableBin" json:"-" flag:"darktable-bin"`

internal/config/report.go

@@ -24,6 +24,7 @@ func (c *Config) Report() (rows [][]string, cols []string) {
 		{"auth-mode", fmt.Sprintf("%s", c.AuthMode())},
 		{"admin-user", c.AdminUser()},
 		{"admin-password", strings.Repeat("*", utf8.RuneCountInString(c.AdminPassword()))},
+		{"admin-password-file", c.AdminPasswordFile()},
 		{"public", fmt.Sprintf("%t", c.Public())},
 		{"session-maxage", fmt.Sprintf("%d", c.SessionMaxAge())},
 		{"session-timeout", fmt.Sprintf("%d", c.SessionTimeout())},
@@ -161,6 +162,7 @@ func (c *Config) Report() (rows [][]string, cols []string) {
 		{"database-port", c.DatabasePortString()},
 		{"database-user", c.DatabaseUser()},
 		{"database-password", strings.Repeat("*", utf8.RuneCountInString(c.DatabasePassword()))},
+		{"database-password-file", c.DatabasePasswordFile()},
 		{"database-conns", fmt.Sprintf("%d", c.DatabaseConns())},
 		{"database-conns-idle", fmt.Sprintf("%d", c.DatabaseConnsIdle())},
 

internal/config/test.go

@@ -202,6 +202,7 @@ func CliTestContext() *cli.Context {
 	globalSet := flag.NewFlagSet("test", 0)
 	globalSet.String("config-path", config.ConfigPath, "doc")
 	globalSet.String("admin-password", config.DarktableBin, "doc")
+	globalSet.String("admin-password-file", config.AdminPasswordFile, "doc")
 	globalSet.String("storage-path", config.StoragePath, "doc")
 	globalSet.String("backup-path", config.StoragePath, "doc")
 	globalSet.String("sidecar-path", config.SidecarPath, "doc")

internal/config/testdata/admin_password

@@ -0,0 +1 @@
+test_password