From f40454132410abfbe78fda0b5174dbd6a41d1095 Mon Sep 17 00:00:00 2001 From: Aaron Shaw Date: Wed, 16 Oct 2024 01:18:19 +0100 Subject: [PATCH] Allow hostname and password override from balena device variables Relates to #679 --- hw_diag/utilities/auth.py | 11 ++++++++++- hw_diag/utilities/network.py | 11 ++++++++++- hw_diag/views/auth.py | 12 ++++++++++-- hw_diag/views/diagnostics.py | 9 ++++++++- 4 files changed, 38 insertions(+), 5 deletions(-) diff --git a/hw_diag/utilities/auth.py b/hw_diag/utilities/auth.py index c7aab99f..327c2968 100644 --- a/hw_diag/utilities/auth.py +++ b/hw_diag/utilities/auth.py @@ -1,3 +1,5 @@ +import os +import logging import datetime import bcrypt @@ -68,12 +70,19 @@ def write_password(password): def read_password(): + PASSWORD_OVERRIDE = os.getenv('PASSWORD_OVERRIDE', 'false') try: password_row = g.db.query(AuthKeyValue). \ filter(AuthKeyValue.key == 'password_hash'). \ one() except NoResultFound: - default_password = generate_default_password() + if PASSWORD_OVERRIDE != "false": # nosec + default_password = PASSWORD_OVERRIDE + logging.info("Using password from override env var!") + else: + default_password = generate_default_password() + logging.info("No password override. Generating default!") + password_row = write_password(default_password) return password_row diff --git a/hw_diag/utilities/network.py b/hw_diag/utilities/network.py index c05b8948..fc215b93 100644 --- a/hw_diag/utilities/network.py +++ b/hw_diag/utilities/network.py @@ -1,3 +1,4 @@ +import os import logging import subprocess # nosec @@ -54,6 +55,7 @@ def setup_hostname(): # This runs before the Flask app is really fully running, so we do not have the # global "g" object with the db session, so we must spawn our own. db = get_db_session() + HOSTNAME_OVERRIDE = os.getenv('HOSTNAME_OVERRIDE', 'false') HOSTNAME_SET_KEY = "hostname_set" try: try: @@ -74,7 +76,14 @@ def setup_hostname(): # Set hostname via Balena supervisor... default_password = generate_default_password() hostname_suffix = default_password[6:] - hostname = "nebra-%s.local" % hostname_suffix + + if HOSTNAME_OVERRIDE != "false": + hostname = HOSTNAME_OVERRIDE + logging.info("Using hostname override from env var!") + else: + hostname = "nebra-%s.local" % hostname_suffix + logging.info("No hostname override, using default!") + balena_supervisor = BalenaSupervisor.new_from_env() balena_supervisor.set_hostname(hostname) hostname_set_row.value = "true" diff --git a/hw_diag/views/auth.py b/hw_diag/views/auth.py index 514c5d8e..1b5dd24d 100644 --- a/hw_diag/views/auth.py +++ b/hw_diag/views/auth.py @@ -70,9 +70,17 @@ def get_password_change_form(): @authenticate def handle_password_change(): current_password = request.form.get('txtOriginalPassword') - new_password = request.form.get('txtNewPassword') - confirm_password = request.form.get('txtConfirmPassword') + PASSWORD_OVERRIDE = os.getenv('PASSWORD_OVERRIDE', 'false') + if PASSWORD_OVERRIDE != "false": # nosec + new_password = PASSWORD_OVERRIDE + confirm_password = new_password + logging.info("Password overriden env var - not updating!") + else: + new_password = request.form.get('txtNewPassword') + confirm_password = request.form.get('txtConfirmPassword') + logging.info("No password override. Saving new password!") + result = update_password( current_password, new_password, diff --git a/hw_diag/views/diagnostics.py b/hw_diag/views/diagnostics.py index 9a866ac4..d576477b 100644 --- a/hw_diag/views/diagnostics.py +++ b/hw_diag/views/diagnostics.py @@ -376,8 +376,15 @@ def shutdown(): @authenticate def handle_hostname_update(): req_body = request.get_json() - new_hostname = req_body.get('hostname') + HOSTNAME_OVERRIDE = os.getenv('HOSTNAME_OVERRIDE', 'false') + if HOSTNAME_OVERRIDE != "false": + new_hostname = HOSTNAME_OVERRIDE + logging.info("Hostname overriden from env var. Not updating!") + else: + new_hostname = req_body.get('hostname') + logging.info("No hostname override, updating as per request!") + try: balena_supervisor = BalenaSupervisor.new_from_env() balena_supervisor.set_hostname(new_hostname)