From 73f8d3732896e42f89c492388eefc5d6a812ed9d Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 21:15:20 -0500 Subject: [PATCH 1/7] what is this like on github --- CONFIGURATION.md | 413 ++++++++++++++++++------------------ README.md | 129 ++++++++++- config-example.ini | 105 +++++++++ config-example.json | 37 ++++ scripts/generate-configs.js | 85 +++----- 5 files changed, 503 insertions(+), 266 deletions(-) create mode 100644 config-example.ini create mode 100644 config-example.json diff --git a/CONFIGURATION.md b/CONFIGURATION.md index 0208bed56..3a2688e17 100644 --- a/CONFIGURATION.md +++ b/CONFIGURATION.md @@ -1,213 +1,202 @@ -_This file was generated by `scripts/generate-configs.js` using `server/lib/config/configItems.js`._ - -# Configuration - -SQLPad may be configured via environment variables, config file, or command line flag. - -Config file path may be specified passing command line option `--config` or environment variable SQLPAD_CONFIG. -For example: - -```sh -sqlpad --config ~/.sqlpadrc -``` - -Using a config file or environment variables recommended. For list of command line flags run `sqlpad -h`. - -## Version 3 changes - -Previously SQLPad supported a default dbPath of `$HOME/sqlpad/db` and a default config file path of `$HOME/.sqlpadrc`. - -These defaults have been removed in version 3. - -## Environment Variables -```sh -SQLPAD_CONFIG= -SQLPAD_COOKIE_SECRET=secret-used-to-sign-cookies-please-set-and-make-strong -SQLPAD_SESSION_MINUTES=60 -SQLPAD_IP=0.0.0.0 -SQLPAD_PORT=80 -SQLPAD_SYSTEMD_SOCKET=false -SQLPAD_HTTPS_PORT=443 -SQLPAD_DB_PATH= -SQLPAD_BASE_URL= -SQLPAD_PASSPHRASE=At least the sensitive bits won't be plain text? -CERT_PASSPHRASE= -KEY_PATH= -CERT_PATH= -SQLPAD_ADMIN= -SQLPAD_DEBUG=false -GOOGLE_CLIENT_ID= -GOOGLE_CLIENT_SECRET= -PUBLIC_URL= -DISABLE_USERPASS_AUTH=false -SQLPAD_ALLOW_CSV_DOWNLOAD=true -SQLPAD_EDITOR_WORD_WRAP=false -SQLPAD_QUERY_RESULT_MAX_ROWS=50000 -SQLPAD_SLACK_WEBHOOK= -SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH=true -SQLPAD_SMTP_FROM= -SQLPAD_SMTP_HOST= -SQLPAD_SMTP_PORT= -SQLPAD_SMTP_SECURE=true -SQLPAD_SMTP_USER= -SQLPAD_SMTP_PASSWORD= -WHITELISTED_DOMAINS= -SAML_ENTRY_POINT= -SAML_ISSUER= -SAML_CALLBACK_URL= -SAML_CERT= -SAML_AUTH_CONTEXT= - -``` - -## INI config -```ini -; Secret used to sign cookies -cookieSecret="secret-used-to-sign-cookies-please-set-and-make-strong" - -; Minutes to keep a session active. Will extended by this amount each request. -sessionMinutes="60" - -; IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). -ip="0.0.0.0" - -; Port for SQLPad to listen on. -port="80" - -; Acquire socket from systemd if available -systemdSocket="false" - -; Port for SQLPad to listen on. -httpsPort="443" - -; Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. -dbPath="" - -; Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries -baseUrl="" - -; A string of text used to encrypt sensitive values when stored on disk. -passphrase="At least the sensitive bits won't be plain text?" - -; Passphrase for your SSL certification file -certPassphrase="" - -; Absolute path to where SSL certificate key is stored -keyPath="" - -; Absolute path to where SSL certificate is stored -certPath="" - -; Email address to whitelist/give admin permissions to -admin="" - -; Add a variety of logging to console while running SQLPad -debug="false" - -; Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' -googleClientId="" - -; Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' -googleClientSecret="" - -; Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com -publicUrl="" - -; Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. -disableUserpassAuth="false" - -; Enable csv and xlsx downloads. -allowCsvDownload="true" - -; Enable word wrapping in SQL editor. -editorWordWrap="false" - -; By default query results are limited to 50,000 records. -queryResultMaxRows="50000" - -; Supply incoming Slack webhook URL to post query when saved. -slackWebhook="" - -; When false, table and chart result links will be operational without login. -tableChartLinksRequireAuth="true" - -; From email address for SMTP. Required in order to send invitation emails. -smtpFrom="" - -; Host address for SMTP. Required in order to send invitation emails. -smtpHost="" - -; Port for SMTP. Required in order to send invitation emails. -smtpPort="" - -; Toggle to use secure connection when using SMTP. -smtpSecure="true" - -; Username for SMTP. Required in order to send invitation emails. -smtpUser="" - -; Password for SMTP. -smtpPassword="" - -; Allows pre-approval of email domains. Delimit multiple domains by empty space. -whitelistedDomains="" - -; SAML Entry point URL -samlEntryPoint="" - -; SAML Issuer -samlIssuer="" - -; SAML callback URL -samlCallbackUrl="" - -; SAML certificate in Base64 -samlCert="" - -; SAML authentication context URL -samlAuthContext="" - - -``` - -## JSON config -```json -{ - "cookieSecret": "secret-used-to-sign-cookies-please-set-and-make-strong", - "sessionMinutes": 60, - "ip": "0.0.0.0", - "port": 80, - "systemdSocket": false, - "httpsPort": 443, - "dbPath": "", - "baseUrl": "", - "passphrase": "At least the sensitive bits won't be plain text?", - "certPassphrase": "", - "keyPath": "", - "certPath": "", - "admin": "", - "debug": false, - "googleClientId": "", - "googleClientSecret": "", - "publicUrl": "", - "disableUserpassAuth": false, - "allowCsvDownload": true, - "editorWordWrap": false, - "queryResultMaxRows": 50000, - "slackWebhook": "", - "tableChartLinksRequireAuth": true, - "smtpFrom": "", - "smtpHost": "", - "smtpPort": "", - "smtpSecure": true, - "smtpUser": "", - "smtpPassword": "", - "whitelistedDomains": "", - "samlEntryPoint": "", - "samlIssuer": "", - "samlCallbackUrl": "", - "samlCert": "", - "samlAuthContext": "" -} -``` + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ key + + Env var + + default + + description +
adminSQLPAD_ADMINEmail address to whitelist/give admin permissions to
allowCsvDownloadSQLPAD_ALLOW_CSV_DOWNLOADtrueEnable csv and xlsx downloads.
baseUrlSQLPAD_BASE_URLPath to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries
certPassphraseCERT_PASSPHRASEPassphrase for your SSL certification file
certPathCERT_PATHAbsolute path to where SSL certificate is stored
configSQLPAD_CONFIGJSON/INI file to read for config
cookieSecretSQLPAD_COOKIE_SECRETsecret-used-to-sign-cookies-please-set-and-make-strongSecret used to sign cookies
dbPathSQLPAD_DB_PATHDirectory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc.
debugSQLPAD_DEBUGfalseAdd a variety of logging to console while running SQLPad
disableUserpassAuthDISABLE_USERPASS_AUTHfalseSet to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only.
editorWordWrapSQLPAD_EDITOR_WORD_WRAPfalseEnable word wrapping in SQL editor.
googleClientIdGOOGLE_CLIENT_IDGoogle Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'
googleClientSecretGOOGLE_CLIENT_SECRETGoogle Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'
httpsPortSQLPAD_HTTPS_PORT443Port for SQLPad to listen on.
ipSQLPAD_IP0.0.0.0IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0).
keyPathKEY_PATHAbsolute path to where SSL certificate key is stored
passphraseSQLPAD_PASSPHRASEAt least the sensitive bits won't be plain text?A string of text used to encrypt sensitive values when stored on disk.
portSQLPAD_PORT80Port for SQLPad to listen on.
publicUrlPUBLIC_URLPublic URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com
queryResultMaxRowsSQLPAD_QUERY_RESULT_MAX_ROWS50000By default query results are limited to 50,000 records.
samlAuthContextSAML_AUTH_CONTEXTSAML authentication context URL
samlCallbackUrlSAML_CALLBACK_URLSAML callback URL
samlCertSAML_CERTSAML certificate in Base64
samlEntryPointSAML_ENTRY_POINTSAML Entry point URL
samlIssuerSAML_ISSUERSAML Issuer
sessionMinutesSQLPAD_SESSION_MINUTES60Minutes to keep a session active. Will extended by this amount each request.
slackWebhookSQLPAD_SLACK_WEBHOOKSupply incoming Slack webhook URL to post query when saved.
smtpFromSQLPAD_SMTP_FROMFrom email address for SMTP. Required in order to send invitation emails.
smtpHostSQLPAD_SMTP_HOSTHost address for SMTP. Required in order to send invitation emails.
smtpPasswordSQLPAD_SMTP_PASSWORDPassword for SMTP.
smtpPortSQLPAD_SMTP_PORTPort for SMTP. Required in order to send invitation emails.
smtpSecureSQLPAD_SMTP_SECUREtrueToggle to use secure connection when using SMTP.
smtpUserSQLPAD_SMTP_USERUsername for SMTP. Required in order to send invitation emails.
systemdSocketSQLPAD_SYSTEMD_SOCKETfalseAcquire socket from systemd if available
tableChartLinksRequireAuthSQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTHtrueWhen false, table and chart result links will be operational without login.
whitelistedDomainsWHITELISTED_DOMAINSAllows pre-approval of email domains. Delimit multiple domains by empty space.
diff --git a/README.md b/README.md index 0915ac984..a52df85d1 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,134 @@ A docker image may be built using the Dockerfile located in `server` directory. ## Configuration -[CONFIGURATION.md](CONFIGURATION.md) +SQLPad may be configured via environment variables, config file, or command line flags. + +Config file path may be specified passing command line option `--config` or environment variable `SQLPAD_CONFIG`. +For example: + +```sh +node server.js --config ~/.sqlpadrc +``` + +For INI and JSON config file examples, see `config-example.ini` and `config-example.json` in GitHub repository. + +## Version 3 changes + +Previously SQLPad supported a default dbPath of `$HOME/sqlpad/db` and a default config file path of `$HOME/.sqlpadrc`. + +These defaults have been removed in version 3. + +## Environment Variables + +```sh +# Passphrase for your SSL certification file +CERT_PASSPHRASE="" + +# Absolute path to where SSL certificate is stored +CERT_PATH="" + +# Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. +DISABLE_USERPASS_AUTH="false" + +# Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +GOOGLE_CLIENT_ID="" + +# Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +GOOGLE_CLIENT_SECRET="" + +# Absolute path to where SSL certificate key is stored +KEY_PATH="" + +# Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com +PUBLIC_URL="" + +# SAML authentication context URL +SAML_AUTH_CONTEXT="" + +# SAML callback URL +SAML_CALLBACK_URL="" + +# SAML certificate in Base64 +SAML_CERT="" + +# SAML Entry point URL +SAML_ENTRY_POINT="" + +# SAML Issuer +SAML_ISSUER="" + +# Email address to whitelist/give admin permissions to +SQLPAD_ADMIN="" + +# Enable csv and xlsx downloads. +SQLPAD_ALLOW_CSV_DOWNLOAD="true" + +# Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries +SQLPAD_BASE_URL="" + +# JSON/INI file to read for config +SQLPAD_CONFIG="" + +# Secret used to sign cookies +SQLPAD_COOKIE_SECRET="secret-used-to-sign-cookies-please-set-and-make-strong" + +# Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. +SQLPAD_DB_PATH="" + +# Add a variety of logging to console while running SQLPad +SQLPAD_DEBUG="false" + +# Enable word wrapping in SQL editor. +SQLPAD_EDITOR_WORD_WRAP="false" + +# Port for SQLPad to listen on. +SQLPAD_HTTPS_PORT="443" + +# IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). +SQLPAD_IP="0.0.0.0" + +# A string of text used to encrypt sensitive values when stored on disk. +SQLPAD_PASSPHRASE="At least the sensitive bits won't be plain text?" + +# Port for SQLPad to listen on. +SQLPAD_PORT="80" + +# By default query results are limited to 50,000 records. +SQLPAD_QUERY_RESULT_MAX_ROWS="50000" + +# Minutes to keep a session active. Will extended by this amount each request. +SQLPAD_SESSION_MINUTES="60" + +# Supply incoming Slack webhook URL to post query when saved. +SQLPAD_SLACK_WEBHOOK="" + +# From email address for SMTP. Required in order to send invitation emails. +SQLPAD_SMTP_FROM="" + +# Host address for SMTP. Required in order to send invitation emails. +SQLPAD_SMTP_HOST="" + +# Password for SMTP. +SQLPAD_SMTP_PASSWORD="" + +# Port for SMTP. Required in order to send invitation emails. +SQLPAD_SMTP_PORT="" + +# Toggle to use secure connection when using SMTP. +SQLPAD_SMTP_SECURE="true" + +# Username for SMTP. Required in order to send invitation emails. +SQLPAD_SMTP_USER="" + +# Acquire socket from systemd if available +SQLPAD_SYSTEMD_SOCKET="false" + +# When false, table and chart result links will be operational without login. +SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH="true" + +# Allows pre-approval of email domains. Delimit multiple domains by empty space. +WHITELISTED_DOMAINS="" +``` ## Development diff --git a/config-example.ini b/config-example.ini new file mode 100644 index 000000000..6b9f58d2d --- /dev/null +++ b/config-example.ini @@ -0,0 +1,105 @@ +; Email address to whitelist/give admin permissions to +admin="" + +; Enable csv and xlsx downloads. +allowCsvDownload="true" + +; Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries +baseUrl="" + +; Passphrase for your SSL certification file +certPassphrase="" + +; Absolute path to where SSL certificate is stored +certPath="" + +; Secret used to sign cookies +cookieSecret="secret-used-to-sign-cookies-please-set-and-make-strong" + +; Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. +dbPath="" + +; Add a variety of logging to console while running SQLPad +debug="false" + +; Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. +disableUserpassAuth="false" + +; Enable word wrapping in SQL editor. +editorWordWrap="false" + +; Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +googleClientId="" + +; Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +googleClientSecret="" + +; Port for SQLPad to listen on. +httpsPort="443" + +; IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). +ip="0.0.0.0" + +; Absolute path to where SSL certificate key is stored +keyPath="" + +; A string of text used to encrypt sensitive values when stored on disk. +passphrase="At least the sensitive bits won't be plain text?" + +; Port for SQLPad to listen on. +port="80" + +; Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com +publicUrl="" + +; By default query results are limited to 50,000 records. +queryResultMaxRows="50000" + +; SAML authentication context URL +samlAuthContext="" + +; SAML callback URL +samlCallbackUrl="" + +; SAML certificate in Base64 +samlCert="" + +; SAML Entry point URL +samlEntryPoint="" + +; SAML Issuer +samlIssuer="" + +; Minutes to keep a session active. Will extended by this amount each request. +sessionMinutes="60" + +; Supply incoming Slack webhook URL to post query when saved. +slackWebhook="" + +; From email address for SMTP. Required in order to send invitation emails. +smtpFrom="" + +; Host address for SMTP. Required in order to send invitation emails. +smtpHost="" + +; Password for SMTP. +smtpPassword="" + +; Port for SMTP. Required in order to send invitation emails. +smtpPort="" + +; Toggle to use secure connection when using SMTP. +smtpSecure="true" + +; Username for SMTP. Required in order to send invitation emails. +smtpUser="" + +; Acquire socket from systemd if available +systemdSocket="false" + +; When false, table and chart result links will be operational without login. +tableChartLinksRequireAuth="true" + +; Allows pre-approval of email domains. Delimit multiple domains by empty space. +whitelistedDomains="" + diff --git a/config-example.json b/config-example.json new file mode 100644 index 000000000..0d029937a --- /dev/null +++ b/config-example.json @@ -0,0 +1,37 @@ +{ + "admin": "", + "allowCsvDownload": true, + "baseUrl": "", + "certPassphrase": "", + "certPath": "", + "cookieSecret": "secret-used-to-sign-cookies-please-set-and-make-strong", + "dbPath": "", + "debug": false, + "disableUserpassAuth": false, + "editorWordWrap": false, + "googleClientId": "", + "googleClientSecret": "", + "httpsPort": 443, + "ip": "0.0.0.0", + "keyPath": "", + "passphrase": "At least the sensitive bits won't be plain text?", + "port": 80, + "publicUrl": "", + "queryResultMaxRows": 50000, + "samlAuthContext": "", + "samlCallbackUrl": "", + "samlCert": "", + "samlEntryPoint": "", + "samlIssuer": "", + "sessionMinutes": 60, + "slackWebhook": "", + "smtpFrom": "", + "smtpHost": "", + "smtpPassword": "", + "smtpPort": "", + "smtpSecure": true, + "smtpUser": "", + "systemdSocket": false, + "tableChartLinksRequireAuth": true, + "whitelistedDomains": "" +} diff --git a/scripts/generate-configs.js b/scripts/generate-configs.js index b3465d99e..4dbe9639e 100644 --- a/scripts/generate-configs.js +++ b/scripts/generate-configs.js @@ -2,60 +2,39 @@ const fs = require('fs'); const path = require('path'); const configItems = require('../server/lib/config/configItems') -let env = ''; -let json = {}; -let ini = ''; - -configItems.forEach(item => { - env += `${item.envVar}=${item.default}\n` - - if (item.key !== 'config') { - json[item.key] = item.default; - - if (item.description) { - ini += `; ${item.description}\n${item.key}="${item.default}"\n\n` - } else { - ini += `${item.key}="${item.default}"\n` - } - } +let rows = ``; + +configItems.sort((a, b) => a.key.localeCompare(b.key)).forEach(item => { + rows += ` + ${item.key} + ${item.envVar} + ${item.default} + ${item.description} + `; }) -const markdown = ` -_This file was generated by \`scripts/generate-configs.js\` using \`server/lib/config/configItems.js\`._ - -# Configuration - -SQLPad may be configured via environment variables, config file, or command line flag. - -Config file path may be specified passing command line option \`--config\` or environment variable SQLPAD_CONFIG. -For example: - -\`\`\`sh -sqlpad --config ~/.sqlpadrc -\`\`\` - -Using a config file or environment variables recommended. For list of command line flags run \`sqlpad -h\`. - -## Version 3 changes - -Previously SQLPad supported a default dbPath of \`$HOME/sqlpad/db\` and a default config file path of \`$HOME/.sqlpadrc\`. - -These defaults have been removed in version 3. - -## Environment Variables -\`\`\`sh -${env} -\`\`\` - -## INI config -\`\`\`ini -${ini} -\`\`\` - -## JSON config -\`\`\`json -${JSON.stringify(json, null, 2)} -\`\`\` +const html = ` + + + + + + + + + + + ${rows} + +
+ key + + Env var + + default + + description +
` -fs.writeFileSync(path.join(__dirname, '../CONFIGURATION.md'), markdown, { encoding: 'utf8'}) \ No newline at end of file +fs.writeFileSync(path.join(__dirname, '../CONFIGURATION.md'), html, { encoding: 'utf8'}) \ No newline at end of file From e05ab05d2bbc35b154a997427b2b7a4fec07c02c Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 21:18:24 -0500 Subject: [PATCH 2/7] consolidate table --- CONFIGURATION.md | 59 +++++++------------------------------ scripts/generate-configs.js | 7 ++--- 2 files changed, 12 insertions(+), 54 deletions(-) diff --git a/CONFIGURATION.md b/CONFIGURATION.md index 3a2688e17..5064861de 100644 --- a/CONFIGURATION.md +++ b/CONFIGURATION.md @@ -8,9 +8,6 @@ Env var - - default - description @@ -20,182 +17,146 @@ admin SQLPAD_ADMIN - Email address to whitelist/give admin permissions to allowCsvDownload SQLPAD_ALLOW_CSV_DOWNLOAD - true - Enable csv and xlsx downloads. + Enable csv and xlsx downloads.
default: true baseUrl SQLPAD_BASE_URL - Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries certPassphrase CERT_PASSPHRASE - Passphrase for your SSL certification file certPath CERT_PATH - Absolute path to where SSL certificate is stored config SQLPAD_CONFIG - JSON/INI file to read for config cookieSecret SQLPAD_COOKIE_SECRET - secret-used-to-sign-cookies-please-set-and-make-strong - Secret used to sign cookies + Secret used to sign cookies
default: secret-used-to-sign-cookies-please-set-and-make-strong dbPath SQLPAD_DB_PATH - Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. debug SQLPAD_DEBUG - false Add a variety of logging to console while running SQLPad disableUserpassAuth DISABLE_USERPASS_AUTH - false Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. editorWordWrap SQLPAD_EDITOR_WORD_WRAP - false Enable word wrapping in SQL editor. googleClientId GOOGLE_CLIENT_ID - Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' googleClientSecret GOOGLE_CLIENT_SECRET - Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' httpsPort SQLPAD_HTTPS_PORT - 443 - Port for SQLPad to listen on. + Port for SQLPad to listen on.
default: 443 ip SQLPAD_IP - 0.0.0.0 - IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). + IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0).
default: 0.0.0.0 keyPath KEY_PATH - Absolute path to where SSL certificate key is stored passphrase SQLPAD_PASSPHRASE - At least the sensitive bits won't be plain text? - A string of text used to encrypt sensitive values when stored on disk. + A string of text used to encrypt sensitive values when stored on disk.
default: At least the sensitive bits won't be plain text? port SQLPAD_PORT - 80 - Port for SQLPad to listen on. + Port for SQLPad to listen on.
default: 80 publicUrl PUBLIC_URL - Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com queryResultMaxRows SQLPAD_QUERY_RESULT_MAX_ROWS - 50000 - By default query results are limited to 50,000 records. + By default query results are limited to 50,000 records.
default: 50000 samlAuthContext SAML_AUTH_CONTEXT - SAML authentication context URL samlCallbackUrl SAML_CALLBACK_URL - SAML callback URL samlCert SAML_CERT - SAML certificate in Base64 samlEntryPoint SAML_ENTRY_POINT - SAML Entry point URL samlIssuer SAML_ISSUER - SAML Issuer sessionMinutes SQLPAD_SESSION_MINUTES - 60 - Minutes to keep a session active. Will extended by this amount each request. + Minutes to keep a session active. Will extended by this amount each request.
default: 60 slackWebhook SQLPAD_SLACK_WEBHOOK - Supply incoming Slack webhook URL to post query when saved. smtpFrom SQLPAD_SMTP_FROM - From email address for SMTP. Required in order to send invitation emails. smtpHost SQLPAD_SMTP_HOST - Host address for SMTP. Required in order to send invitation emails. smtpPassword SQLPAD_SMTP_PASSWORD - Password for SMTP. smtpPort SQLPAD_SMTP_PORT - Port for SMTP. Required in order to send invitation emails. smtpSecure SQLPAD_SMTP_SECURE - true - Toggle to use secure connection when using SMTP. + Toggle to use secure connection when using SMTP.
default: true smtpUser SQLPAD_SMTP_USER - Username for SMTP. Required in order to send invitation emails. systemdSocket SQLPAD_SYSTEMD_SOCKET - false Acquire socket from systemd if available tableChartLinksRequireAuth SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH - true - When false, table and chart result links will be operational without login. + When false, table and chart result links will be operational without login.
default: true whitelistedDomains WHITELISTED_DOMAINS - Allows pre-approval of email domains. Delimit multiple domains by empty space. diff --git a/scripts/generate-configs.js b/scripts/generate-configs.js index 4dbe9639e..4d48310e0 100644 --- a/scripts/generate-configs.js +++ b/scripts/generate-configs.js @@ -5,11 +5,11 @@ const configItems = require('../server/lib/config/configItems') let rows = ``; configItems.sort((a, b) => a.key.localeCompare(b.key)).forEach(item => { + const defaulthtml = item.default ? `
default: ${item.default}` : ''; rows += ` ${item.key} ${item.envVar} - ${item.default} - ${item.description} + ${item.description}${defaulthtml} `; }) @@ -23,9 +23,6 @@ const html = ` Env var - - default - description From 88efaf3a71ccd4067cfce6400b0bdf148a880370 Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 21:28:00 -0500 Subject: [PATCH 3/7] more config formatting --- CONFIGURATION.md | 271 ++++++++++++++++++++++++++---------- scripts/generate-configs.js | 19 ++- 2 files changed, 207 insertions(+), 83 deletions(-) diff --git a/CONFIGURATION.md b/CONFIGURATION.md index 5064861de..181fea027 100644 --- a/CONFIGURATION.md +++ b/CONFIGURATION.md @@ -1,12 +1,167 @@ + +## Config + +**admin** +Email address to whitelist/give admin permissions to +Env var: `SQLPAD_ADMIN` + +**allowCsvDownload** +Enable csv and xlsx downloads. +Env var: `SQLPAD_ALLOW_CSV_DOWNLOAD` +default: `true` + +**baseUrl** +Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries +Env var: `SQLPAD_BASE_URL` + +**certPassphrase** +Passphrase for your SSL certification file +Env var: `CERT_PASSPHRASE` + +**certPath** +Absolute path to where SSL certificate is stored +Env var: `CERT_PATH` + +**config** +JSON/INI file to read for config +Env var: `SQLPAD_CONFIG` + +**cookieSecret** +Secret used to sign cookies +Env var: `SQLPAD_COOKIE_SECRET` +default: `secret-used-to-sign-cookies-please-set-and-make-strong` + +**dbPath** +Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. +Env var: `SQLPAD_DB_PATH` + +**debug** +Add a variety of logging to console while running SQLPad +Env var: `SQLPAD_DEBUG` + +**disableUserpassAuth** +Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. +Env var: `DISABLE_USERPASS_AUTH` + +**editorWordWrap** +Enable word wrapping in SQL editor. +Env var: `SQLPAD_EDITOR_WORD_WRAP` + +**googleClientId** +Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +Env var: `GOOGLE_CLIENT_ID` + +**googleClientSecret** +Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +Env var: `GOOGLE_CLIENT_SECRET` + +**httpsPort** +Port for SQLPad to listen on. +Env var: `SQLPAD_HTTPS_PORT` +default: `443` + +**ip** +IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). +Env var: `SQLPAD_IP` +default: `0.0.0.0` + +**keyPath** +Absolute path to where SSL certificate key is stored +Env var: `KEY_PATH` + +**passphrase** +A string of text used to encrypt sensitive values when stored on disk. +Env var: `SQLPAD_PASSPHRASE` +default: `At least the sensitive bits won't be plain text?` + +**port** +Port for SQLPad to listen on. +Env var: `SQLPAD_PORT` +default: `80` + +**publicUrl** +Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com +Env var: `PUBLIC_URL` + +**queryResultMaxRows** +By default query results are limited to 50,000 records. +Env var: `SQLPAD_QUERY_RESULT_MAX_ROWS` +default: `50000` + +**samlAuthContext** +SAML authentication context URL +Env var: `SAML_AUTH_CONTEXT` + +**samlCallbackUrl** +SAML callback URL +Env var: `SAML_CALLBACK_URL` + +**samlCert** +SAML certificate in Base64 +Env var: `SAML_CERT` + +**samlEntryPoint** +SAML Entry point URL +Env var: `SAML_ENTRY_POINT` + +**samlIssuer** +SAML Issuer +Env var: `SAML_ISSUER` + +**sessionMinutes** +Minutes to keep a session active. Will extended by this amount each request. +Env var: `SQLPAD_SESSION_MINUTES` +default: `60` + +**slackWebhook** +Supply incoming Slack webhook URL to post query when saved. +Env var: `SQLPAD_SLACK_WEBHOOK` + +**smtpFrom** +From email address for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_FROM` + +**smtpHost** +Host address for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_HOST` + +**smtpPassword** +Password for SMTP. +Env var: `SQLPAD_SMTP_PASSWORD` + +**smtpPort** +Port for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_PORT` + +**smtpSecure** +Toggle to use secure connection when using SMTP. +Env var: `SQLPAD_SMTP_SECURE` +default: `true` + +**smtpUser** +Username for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_USER` + +**systemdSocket** +Acquire socket from systemd if available +Env var: `SQLPAD_SYSTEMD_SOCKET` + +**tableChartLinksRequireAuth** +When false, table and chart result links will be operational without login. +Env var: `SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH` +default: `true` + +**whitelistedDomains** +Allows pre-approval of email domains. Delimit multiple domains by empty space. +Env var: `WHITELISTED_DOMAINS` + + - - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + - - + diff --git a/scripts/generate-configs.js b/scripts/generate-configs.js index 4d48310e0..8d433e295 100644 --- a/scripts/generate-configs.js +++ b/scripts/generate-configs.js @@ -2,15 +2,23 @@ const fs = require('fs'); const path = require('path'); const configItems = require('../server/lib/config/configItems') +let md = ` + +## Config + +`; + let rows = ``; configItems.sort((a, b) => a.key.localeCompare(b.key)).forEach(item => { const defaulthtml = item.default ? `
default: ${item.default}` : ''; rows += ` - - + `; + + let defaultString = item.default ? 'default: `' + item.default + '`\n' : '' + md += '**' + item.key + '** \n' + item.description + ' \n' + 'Env var: `' + item.envVar + '` \n' + defaultString + '\n' }) const html = ` @@ -18,10 +26,7 @@ const html = ` -
- key - - Env var + key
ENV_VAR 		description @@ -15,148 +170,112 @@
adminSQLPAD_ADMINadmin
SQLPAD_ADMIN		 Email address to whitelist/give admin permissions to
allowCsvDownloadSQLPAD_ALLOW_CSV_DOWNLOADallowCsvDownload
SQLPAD_ALLOW_CSV_DOWNLOAD		 Enable csv and xlsx downloads.
default: true
baseUrlSQLPAD_BASE_URLbaseUrl
SQLPAD_BASE_URL		 Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries
certPassphraseCERT_PASSPHRASEcertPassphrase
CERT_PASSPHRASE		 Passphrase for your SSL certification file
certPathCERT_PATHcertPath
CERT_PATH		 Absolute path to where SSL certificate is stored
configSQLPAD_CONFIGconfig
SQLPAD_CONFIG		 JSON/INI file to read for config
cookieSecretSQLPAD_COOKIE_SECRETcookieSecret
SQLPAD_COOKIE_SECRET		 Secret used to sign cookies
default: secret-used-to-sign-cookies-please-set-and-make-strong
dbPathSQLPAD_DB_PATHdbPath
SQLPAD_DB_PATH		 Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc.
debugSQLPAD_DEBUGdebug
SQLPAD_DEBUG		 Add a variety of logging to console while running SQLPad
disableUserpassAuthDISABLE_USERPASS_AUTHdisableUserpassAuth
DISABLE_USERPASS_AUTH		 Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only.
editorWordWrapSQLPAD_EDITOR_WORD_WRAPeditorWordWrap
SQLPAD_EDITOR_WORD_WRAP		 Enable word wrapping in SQL editor.
googleClientIdGOOGLE_CLIENT_IDgoogleClientId
GOOGLE_CLIENT_ID		 Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'
googleClientSecretGOOGLE_CLIENT_SECRETgoogleClientSecret
GOOGLE_CLIENT_SECRET		 Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'
httpsPortSQLPAD_HTTPS_PORThttpsPort
SQLPAD_HTTPS_PORT		 Port for SQLPad to listen on.
default: 443
ipSQLPAD_IPip
SQLPAD_IP		 IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0).
default: 0.0.0.0
keyPathKEY_PATHkeyPath
KEY_PATH		 Absolute path to where SSL certificate key is stored
passphraseSQLPAD_PASSPHRASEpassphrase
SQLPAD_PASSPHRASE		 A string of text used to encrypt sensitive values when stored on disk.
default: At least the sensitive bits won't be plain text?
portSQLPAD_PORTport
SQLPAD_PORT		 Port for SQLPad to listen on.
default: 80
publicUrlPUBLIC_URLpublicUrl
PUBLIC_URL		 Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com
queryResultMaxRowsSQLPAD_QUERY_RESULT_MAX_ROWSqueryResultMaxRows
SQLPAD_QUERY_RESULT_MAX_ROWS		 By default query results are limited to 50,000 records.
default: 50000
samlAuthContextSAML_AUTH_CONTEXTsamlAuthContext
SAML_AUTH_CONTEXT		 SAML authentication context URL
samlCallbackUrlSAML_CALLBACK_URLsamlCallbackUrl
SAML_CALLBACK_URL		 SAML callback URL
samlCertSAML_CERTsamlCert
SAML_CERT		 SAML certificate in Base64
samlEntryPointSAML_ENTRY_POINTsamlEntryPoint
SAML_ENTRY_POINT		 SAML Entry point URL
samlIssuerSAML_ISSUERsamlIssuer
SAML_ISSUER		 SAML Issuer
sessionMinutesSQLPAD_SESSION_MINUTESsessionMinutes
SQLPAD_SESSION_MINUTES		 Minutes to keep a session active. Will extended by this amount each request.
default: 60
slackWebhookSQLPAD_SLACK_WEBHOOKslackWebhook
SQLPAD_SLACK_WEBHOOK		 Supply incoming Slack webhook URL to post query when saved.
smtpFromSQLPAD_SMTP_FROMsmtpFrom
SQLPAD_SMTP_FROM		 From email address for SMTP. Required in order to send invitation emails.
smtpHostSQLPAD_SMTP_HOSTsmtpHost
SQLPAD_SMTP_HOST		 Host address for SMTP. Required in order to send invitation emails.
smtpPasswordSQLPAD_SMTP_PASSWORDsmtpPassword
SQLPAD_SMTP_PASSWORD		 Password for SMTP.
smtpPortSQLPAD_SMTP_PORTsmtpPort
SQLPAD_SMTP_PORT		 Port for SMTP. Required in order to send invitation emails.
smtpSecureSQLPAD_SMTP_SECUREsmtpSecure
SQLPAD_SMTP_SECURE		 Toggle to use secure connection when using SMTP.
default: true
smtpUserSQLPAD_SMTP_USERsmtpUser
SQLPAD_SMTP_USER		 Username for SMTP. Required in order to send invitation emails.
systemdSocketSQLPAD_SYSTEMD_SOCKETsystemdSocket
SQLPAD_SYSTEMD_SOCKET		 Acquire socket from systemd if available
tableChartLinksRequireAuthSQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTHtableChartLinksRequireAuth
SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH		 When false, table and chart result links will be operational without login.
default: true
whitelistedDomainsWHITELISTED_DOMAINSwhitelistedDomains
WHITELISTED_DOMAINS		 Allows pre-approval of email domains. Delimit multiple domains by empty space.
${item.key}${item.envVar}${item.key}
${item.envVar}		 ${item.description}${defaulthtml}
- key - - Env var + key
ENV_VAR 		description @@ -34,4 +39,4 @@ const html = `
` -fs.writeFileSync(path.join(__dirname, '../CONFIGURATION.md'), html, { encoding: 'utf8'}) \ No newline at end of file +fs.writeFileSync(path.join(__dirname, '../CONFIGURATION.md'), md + html, { encoding: 'utf8'}) \ No newline at end of file From 007b870323429651084b675e3e3825eba4271a25 Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 21:44:20 -0500 Subject: [PATCH 4/7] Update hierarchy --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a52df85d1..f33ef53b3 100644 --- a/README.md +++ b/README.md @@ -76,13 +76,13 @@ node server.js --config ~/.sqlpadrc For INI and JSON config file examples, see `config-example.ini` and `config-example.json` in GitHub repository. -## Version 3 changes +### Version 3 changes Previously SQLPad supported a default dbPath of `$HOME/sqlpad/db` and a default config file path of `$HOME/.sqlpadrc`. These defaults have been removed in version 3. -## Environment Variables +### Config variables ```sh # Passphrase for your SSL certification file From f125ccfc9d1421405290e12be036c87e6342020c Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 21:58:15 -0500 Subject: [PATCH 5/7] Inline config documentation --- CONFIGURATION.md | 282 ------------------------------------ README.md | 258 +++++++++++++++++++-------------- scripts/generate-configs.js | 46 ++---- 3 files changed, 162 insertions(+), 424 deletions(-) delete mode 100644 CONFIGURATION.md diff --git a/CONFIGURATION.md b/CONFIGURATION.md deleted file mode 100644 index 181fea027..000000000 --- a/CONFIGURATION.md +++ /dev/null @@ -1,282 +0,0 @@ - - -## Config - -**admin** -Email address to whitelist/give admin permissions to -Env var: `SQLPAD_ADMIN` - -**allowCsvDownload** -Enable csv and xlsx downloads. -Env var: `SQLPAD_ALLOW_CSV_DOWNLOAD` -default: `true` - -**baseUrl** -Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries -Env var: `SQLPAD_BASE_URL` - -**certPassphrase** -Passphrase for your SSL certification file -Env var: `CERT_PASSPHRASE` - -**certPath** -Absolute path to where SSL certificate is stored -Env var: `CERT_PATH` - -**config** -JSON/INI file to read for config -Env var: `SQLPAD_CONFIG` - -**cookieSecret** -Secret used to sign cookies -Env var: `SQLPAD_COOKIE_SECRET` -default: `secret-used-to-sign-cookies-please-set-and-make-strong` - -**dbPath** -Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. -Env var: `SQLPAD_DB_PATH` - -**debug** -Add a variety of logging to console while running SQLPad -Env var: `SQLPAD_DEBUG` - -**disableUserpassAuth** -Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. -Env var: `DISABLE_USERPASS_AUTH` - -**editorWordWrap** -Enable word wrapping in SQL editor. -Env var: `SQLPAD_EDITOR_WORD_WRAP` - -**googleClientId** -Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' -Env var: `GOOGLE_CLIENT_ID` - -**googleClientSecret** -Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' -Env var: `GOOGLE_CLIENT_SECRET` - -**httpsPort** -Port for SQLPad to listen on. -Env var: `SQLPAD_HTTPS_PORT` -default: `443` - -**ip** -IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). -Env var: `SQLPAD_IP` -default: `0.0.0.0` - -**keyPath** -Absolute path to where SSL certificate key is stored -Env var: `KEY_PATH` - -**passphrase** -A string of text used to encrypt sensitive values when stored on disk. -Env var: `SQLPAD_PASSPHRASE` -default: `At least the sensitive bits won't be plain text?` - -**port** -Port for SQLPad to listen on. -Env var: `SQLPAD_PORT` -default: `80` - -**publicUrl** -Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com -Env var: `PUBLIC_URL` - -**queryResultMaxRows** -By default query results are limited to 50,000 records. -Env var: `SQLPAD_QUERY_RESULT_MAX_ROWS` -default: `50000` - -**samlAuthContext** -SAML authentication context URL -Env var: `SAML_AUTH_CONTEXT` - -**samlCallbackUrl** -SAML callback URL -Env var: `SAML_CALLBACK_URL` - -**samlCert** -SAML certificate in Base64 -Env var: `SAML_CERT` - -**samlEntryPoint** -SAML Entry point URL -Env var: `SAML_ENTRY_POINT` - -**samlIssuer** -SAML Issuer -Env var: `SAML_ISSUER` - -**sessionMinutes** -Minutes to keep a session active. Will extended by this amount each request. -Env var: `SQLPAD_SESSION_MINUTES` -default: `60` - -**slackWebhook** -Supply incoming Slack webhook URL to post query when saved. -Env var: `SQLPAD_SLACK_WEBHOOK` - -**smtpFrom** -From email address for SMTP. Required in order to send invitation emails. -Env var: `SQLPAD_SMTP_FROM` - -**smtpHost** -Host address for SMTP. Required in order to send invitation emails. -Env var: `SQLPAD_SMTP_HOST` - -**smtpPassword** -Password for SMTP. -Env var: `SQLPAD_SMTP_PASSWORD` - -**smtpPort** -Port for SMTP. Required in order to send invitation emails. -Env var: `SQLPAD_SMTP_PORT` - -**smtpSecure** -Toggle to use secure connection when using SMTP. -Env var: `SQLPAD_SMTP_SECURE` -default: `true` - -**smtpUser** -Username for SMTP. Required in order to send invitation emails. -Env var: `SQLPAD_SMTP_USER` - -**systemdSocket** -Acquire socket from systemd if available -Env var: `SQLPAD_SYSTEMD_SOCKET` - -**tableChartLinksRequireAuth** -When false, table and chart result links will be operational without login. -Env var: `SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH` -default: `true` - -**whitelistedDomains** -Allows pre-approval of email domains. Delimit multiple domains by empty space. -Env var: `WHITELISTED_DOMAINS` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- key
ENV_VAR - 		- description -
admin
SQLPAD_ADMIN		Email address to whitelist/give admin permissions to
allowCsvDownload
SQLPAD_ALLOW_CSV_DOWNLOAD		Enable csv and xlsx downloads.
default: true
baseUrl
SQLPAD_BASE_URL		Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries
certPassphrase
CERT_PASSPHRASE		Passphrase for your SSL certification file
certPath
CERT_PATH		Absolute path to where SSL certificate is stored
config
SQLPAD_CONFIG		JSON/INI file to read for config
cookieSecret
SQLPAD_COOKIE_SECRET		Secret used to sign cookies
default: secret-used-to-sign-cookies-please-set-and-make-strong
dbPath
SQLPAD_DB_PATH		Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc.
debug
SQLPAD_DEBUG		Add a variety of logging to console while running SQLPad
disableUserpassAuth
DISABLE_USERPASS_AUTH		Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only.
editorWordWrap
SQLPAD_EDITOR_WORD_WRAP		Enable word wrapping in SQL editor.
googleClientId
GOOGLE_CLIENT_ID		Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'
googleClientSecret
GOOGLE_CLIENT_SECRET		Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'
httpsPort
SQLPAD_HTTPS_PORT		Port for SQLPad to listen on.
default: 443
ip
SQLPAD_IP		IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0).
default: 0.0.0.0
keyPath
KEY_PATH		Absolute path to where SSL certificate key is stored
passphrase
SQLPAD_PASSPHRASE		A string of text used to encrypt sensitive values when stored on disk.
default: At least the sensitive bits won't be plain text?
port
SQLPAD_PORT		Port for SQLPad to listen on.
default: 80
publicUrl
PUBLIC_URL		Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com
queryResultMaxRows
SQLPAD_QUERY_RESULT_MAX_ROWS		By default query results are limited to 50,000 records.
default: 50000
samlAuthContext
SAML_AUTH_CONTEXT		SAML authentication context URL
samlCallbackUrl
SAML_CALLBACK_URL		SAML callback URL
samlCert
SAML_CERT		SAML certificate in Base64
samlEntryPoint
SAML_ENTRY_POINT		SAML Entry point URL
samlIssuer
SAML_ISSUER		SAML Issuer
sessionMinutes
SQLPAD_SESSION_MINUTES		Minutes to keep a session active. Will extended by this amount each request.
default: 60
slackWebhook
SQLPAD_SLACK_WEBHOOK		Supply incoming Slack webhook URL to post query when saved.
smtpFrom
SQLPAD_SMTP_FROM		From email address for SMTP. Required in order to send invitation emails.
smtpHost
SQLPAD_SMTP_HOST		Host address for SMTP. Required in order to send invitation emails.
smtpPassword
SQLPAD_SMTP_PASSWORD		Password for SMTP.
smtpPort
SQLPAD_SMTP_PORT		Port for SMTP. Required in order to send invitation emails.
smtpSecure
SQLPAD_SMTP_SECURE		Toggle to use secure connection when using SMTP.
default: true
smtpUser
SQLPAD_SMTP_USER		Username for SMTP. Required in order to send invitation emails.
systemdSocket
SQLPAD_SYSTEMD_SOCKET		Acquire socket from systemd if available
tableChartLinksRequireAuth
SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH		When false, table and chart result links will be operational without login.
default: true
whitelistedDomains
WHITELISTED_DOMAINS		Allows pre-approval of email domains. Delimit multiple domains by empty space.
diff --git a/README.md b/README.md index f33ef53b3..3418cf475 100644 --- a/README.md +++ b/README.md @@ -84,115 +84,155 @@ These defaults have been removed in version 3. ### Config variables -```sh -# Passphrase for your SSL certification file -CERT_PASSPHRASE="" - -# Absolute path to where SSL certificate is stored -CERT_PATH="" - -# Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. -DISABLE_USERPASS_AUTH="false" - -# Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' -GOOGLE_CLIENT_ID="" - -# Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' -GOOGLE_CLIENT_SECRET="" - -# Absolute path to where SSL certificate key is stored -KEY_PATH="" - -# Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com -PUBLIC_URL="" - -# SAML authentication context URL -SAML_AUTH_CONTEXT="" - -# SAML callback URL -SAML_CALLBACK_URL="" - -# SAML certificate in Base64 -SAML_CERT="" - -# SAML Entry point URL -SAML_ENTRY_POINT="" - -# SAML Issuer -SAML_ISSUER="" - -# Email address to whitelist/give admin permissions to -SQLPAD_ADMIN="" - -# Enable csv and xlsx downloads. -SQLPAD_ALLOW_CSV_DOWNLOAD="true" - -# Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries -SQLPAD_BASE_URL="" - -# JSON/INI file to read for config -SQLPAD_CONFIG="" - -# Secret used to sign cookies -SQLPAD_COOKIE_SECRET="secret-used-to-sign-cookies-please-set-and-make-strong" - -# Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. -SQLPAD_DB_PATH="" - -# Add a variety of logging to console while running SQLPad -SQLPAD_DEBUG="false" - -# Enable word wrapping in SQL editor. -SQLPAD_EDITOR_WORD_WRAP="false" - -# Port for SQLPad to listen on. -SQLPAD_HTTPS_PORT="443" - -# IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). -SQLPAD_IP="0.0.0.0" - -# A string of text used to encrypt sensitive values when stored on disk. -SQLPAD_PASSPHRASE="At least the sensitive bits won't be plain text?" - -# Port for SQLPad to listen on. -SQLPAD_PORT="80" - -# By default query results are limited to 50,000 records. -SQLPAD_QUERY_RESULT_MAX_ROWS="50000" - -# Minutes to keep a session active. Will extended by this amount each request. -SQLPAD_SESSION_MINUTES="60" - -# Supply incoming Slack webhook URL to post query when saved. -SQLPAD_SLACK_WEBHOOK="" - -# From email address for SMTP. Required in order to send invitation emails. -SQLPAD_SMTP_FROM="" - -# Host address for SMTP. Required in order to send invitation emails. -SQLPAD_SMTP_HOST="" - -# Password for SMTP. -SQLPAD_SMTP_PASSWORD="" - -# Port for SMTP. Required in order to send invitation emails. -SQLPAD_SMTP_PORT="" - -# Toggle to use secure connection when using SMTP. -SQLPAD_SMTP_SECURE="true" - -# Username for SMTP. Required in order to send invitation emails. -SQLPAD_SMTP_USER="" - -# Acquire socket from systemd if available -SQLPAD_SYSTEMD_SOCKET="false" - -# When false, table and chart result links will be operational without login. -SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH="true" - -# Allows pre-approval of email domains. Delimit multiple domains by empty space. -WHITELISTED_DOMAINS="" -``` +**admin** +Email address to whitelist/give admin permissions to +Env var: `SQLPAD_ADMIN` + +**allowCsvDownload** +Enable csv and xlsx downloads. +Env var: `SQLPAD_ALLOW_CSV_DOWNLOAD` +Default: `true` + +**baseUrl** +Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries +Env var: `SQLPAD_BASE_URL` + +**certPassphrase** +Passphrase for your SSL certification file +Env var: `CERT_PASSPHRASE` + +**certPath** +Absolute path to where SSL certificate is stored +Env var: `CERT_PATH` + +**cookieSecret** +Secret used to sign cookies +Env var: `SQLPAD_COOKIE_SECRET` +Default: `secret-used-to-sign-cookies-please-set-and-make-strong` + +**dbPath** +Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc. +Env var: `SQLPAD_DB_PATH` + +**debug** +Add a variety of logging to console while running SQLPad +Env var: `SQLPAD_DEBUG` + +**disableUserpassAuth** +Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only. +Env var: `DISABLE_USERPASS_AUTH` + +**editorWordWrap** +Enable word wrapping in SQL editor. +Env var: `SQLPAD_EDITOR_WORD_WRAP` + +**googleClientId** +Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +Env var: `GOOGLE_CLIENT_ID` + +**googleClientSecret** +Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback' +Env var: `GOOGLE_CLIENT_SECRET` + +**httpsPort** +Port for SQLPad to listen on. +Env var: `SQLPAD_HTTPS_PORT` +Default: `443` + +**ip** +IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0). +Env var: `SQLPAD_IP` +Default: `0.0.0.0` + +**keyPath** +Absolute path to where SSL certificate key is stored +Env var: `KEY_PATH` + +**passphrase** +A string of text used to encrypt sensitive values when stored on disk. +Env var: `SQLPAD_PASSPHRASE` +Default: `At least the sensitive bits won't be plain text?` + +**port** +Port for SQLPad to listen on. +Env var: `SQLPAD_PORT` +Default: `80` + +**publicUrl** +Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com +Env var: `PUBLIC_URL` + +**queryResultMaxRows** +By default query results are limited to 50,000 records. +Env var: `SQLPAD_QUERY_RESULT_MAX_ROWS` +Default: `50000` + +**samlAuthContext** +SAML authentication context URL +Env var: `SAML_AUTH_CONTEXT` + +**samlCallbackUrl** +SAML callback URL +Env var: `SAML_CALLBACK_URL` + +**samlCert** +SAML certificate in Base64 +Env var: `SAML_CERT` + +**samlEntryPoint** +SAML Entry point URL +Env var: `SAML_ENTRY_POINT` + +**samlIssuer** +SAML Issuer +Env var: `SAML_ISSUER` + +**sessionMinutes** +Minutes to keep a session active. Will extended by this amount each request. +Env var: `SQLPAD_SESSION_MINUTES` +Default: `60` + +**slackWebhook** +Supply incoming Slack webhook URL to post query when saved. +Env var: `SQLPAD_SLACK_WEBHOOK` + +**smtpFrom** +From email address for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_FROM` + +**smtpHost** +Host address for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_HOST` + +**smtpPassword** +Password for SMTP. +Env var: `SQLPAD_SMTP_PASSWORD` + +**smtpPort** +Port for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_PORT` + +**smtpSecure** +Toggle to use secure connection when using SMTP. +Env var: `SQLPAD_SMTP_SECURE` +Default: `true` + +**smtpUser** +Username for SMTP. Required in order to send invitation emails. +Env var: `SQLPAD_SMTP_USER` + +**systemdSocket** +Acquire socket from systemd if available +Env var: `SQLPAD_SYSTEMD_SOCKET` + +**tableChartLinksRequireAuth** +When false, table and chart result links will be operational without login. +Env var: `SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH` +Default: `true` + +**whitelistedDomains** +Allows pre-approval of email domains. Delimit multiple domains by empty space. +Env var: `WHITELISTED_DOMAINS` ## Development diff --git a/scripts/generate-configs.js b/scripts/generate-configs.js index 8d433e295..2ee174276 100644 --- a/scripts/generate-configs.js +++ b/scripts/generate-configs.js @@ -2,41 +2,21 @@ const fs = require('fs'); const path = require('path'); const configItems = require('../server/lib/config/configItems') -let md = ` +let md = ''; -## Config +configItems.filter(item => item.key !== 'config').sort((a, b) => a.key.localeCompare(b.key)).forEach(item => { + const key = `**${item.key}** \n`; + const description = `${item.description} \n`; + const envVar = `Env var: \`${item.envVar}\` \n`; + const defaultString = item.default ? 'Default: `' + item.default + '`\n' : ''; -`; - -let rows = ``; - -configItems.sort((a, b) => a.key.localeCompare(b.key)).forEach(item => { - const defaulthtml = item.default ? `
default: ${item.default}` : ''; - rows += ` - ${item.key}
${item.envVar} - ${item.description}${defaulthtml} - `; - - let defaultString = item.default ? 'default: `' + item.default + '`\n' : '' - md += '**' + item.key + '** \n' + item.description + ' \n' + 'Env var: `' + item.envVar + '` \n' + defaultString + '\n' + md += key + description + envVar + defaultString + '\n' }) -const html = ` - - - - - - - - - ${rows} - -
- key
ENV_VAR - 		- description -
-` +const readme = fs.readFileSync(path.join(__dirname, '../README.md'), { encoding: 'utf8' }); + +const findRegEx = /### Config variables.*## Development/s; +const replaceVal = `### Config variables \n\n${md}## Development`; +const writeVal = readme.replace(findRegEx, replaceVal); -fs.writeFileSync(path.join(__dirname, '../CONFIGURATION.md'), md + html, { encoding: 'utf8'}) \ No newline at end of file +fs.writeFileSync(path.join(__dirname, '../README.md'), writeVal, { encoding: 'utf8'}) \ No newline at end of file From 7e0c0ce3bfc9d3aca6913ad41c9ad489a6642e09 Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 22:07:14 -0500 Subject: [PATCH 6/7] Delete generate-configs.js --- scripts/generate-configs.js | 22 ---------------------- 1 file changed, 22 deletions(-) delete mode 100644 scripts/generate-configs.js diff --git a/scripts/generate-configs.js b/scripts/generate-configs.js deleted file mode 100644 index 2ee174276..000000000 --- a/scripts/generate-configs.js +++ /dev/null @@ -1,22 +0,0 @@ -const fs = require('fs'); -const path = require('path'); -const configItems = require('../server/lib/config/configItems') - -let md = ''; - -configItems.filter(item => item.key !== 'config').sort((a, b) => a.key.localeCompare(b.key)).forEach(item => { - const key = `**${item.key}** \n`; - const description = `${item.description} \n`; - const envVar = `Env var: \`${item.envVar}\` \n`; - const defaultString = item.default ? 'Default: `' + item.default + '`\n' : ''; - - md += key + description + envVar + defaultString + '\n' -}) - -const readme = fs.readFileSync(path.join(__dirname, '../README.md'), { encoding: 'utf8' }); - -const findRegEx = /### Config variables.*## Development/s; -const replaceVal = `### Config variables \n\n${md}## Development`; -const writeVal = readme.replace(findRegEx, replaceVal); - -fs.writeFileSync(path.join(__dirname, '../README.md'), writeVal, { encoding: 'utf8'}) \ No newline at end of file From 3f2ff7d6b8154e8938483c05d0d16a8ceca01a87 Mon Sep 17 00:00:00 2001 From: Rick Bergfalk Date: Sat, 14 Sep 2019 22:10:48 -0500 Subject: [PATCH 7/7] Remove description and options from configItems.js --- server/lib/config/configItems.js | 84 ++++++-------------------------- 1 file changed, 15 insertions(+), 69 deletions(-) diff --git a/server/lib/config/configItems.js b/server/lib/config/configItems.js index f5b406f52..a8e5abeb7 100644 --- a/server/lib/config/configItems.js +++ b/server/lib/config/configItems.js @@ -2,235 +2,181 @@ const configItems = [ { key: 'config', envVar: 'SQLPAD_CONFIG', - default: '', - description: 'JSON/INI file to read for config' + default: '' }, { key: 'cookieSecret', envVar: 'SQLPAD_COOKIE_SECRET', - default: 'secret-used-to-sign-cookies-please-set-and-make-strong', - description: 'Secret used to sign cookies' + default: 'secret-used-to-sign-cookies-please-set-and-make-strong' }, { key: 'sessionMinutes', envVar: 'SQLPAD_SESSION_MINUTES', - default: 60, - description: - 'Minutes to keep a session active. Will extended by this amount each request.' + default: 60 }, { key: 'ip', envVar: 'SQLPAD_IP', - default: '0.0.0.0', - description: - 'IP address to bind to. By default SQLPad will listen from all available addresses (0.0.0.0).' + default: '0.0.0.0' }, { key: 'port', envVar: 'SQLPAD_PORT', - default: 80, - description: 'Port for SQLPad to listen on.' + default: 80 }, { key: 'systemdSocket', envVar: 'SQLPAD_SYSTEMD_SOCKET', - default: false, - description: 'Acquire socket from systemd if available' + default: false }, { key: 'httpsPort', envVar: 'SQLPAD_HTTPS_PORT', - default: 443, - description: 'Port for SQLPad to listen on.' + default: 443 }, { key: 'dbPath', envVar: 'SQLPAD_DB_PATH', - default: '', - description: - 'Directory to store SQLPad embedded database content. This includes queries, users, query result cache files, etc.' + default: '' }, { key: 'baseUrl', envVar: 'SQLPAD_BASE_URL', - default: '', - description: - "Path to mount sqlpad app following domain. Example, if '/sqlpad' is provided queries page would be mydomain.com/sqlpad/queries" + default: '' }, { key: 'passphrase', envVar: 'SQLPAD_PASSPHRASE', - default: "At least the sensitive bits won't be plain text?", - description: - 'A string of text used to encrypt sensitive values when stored on disk.' + default: "At least the sensitive bits won't be plain text?" }, { key: 'certPassphrase', envVar: 'CERT_PASSPHRASE', - default: '', - description: 'Passphrase for your SSL certification file' + default: '' }, { key: 'keyPath', envVar: 'KEY_PATH', - default: '', - description: 'Absolute path to where SSL certificate key is stored' + default: '' }, { key: 'certPath', envVar: 'CERT_PATH', - default: '', - description: 'Absolute path to where SSL certificate is stored' + default: '' }, { key: 'admin', envVar: 'SQLPAD_ADMIN', - default: '', - description: 'Email address to whitelist/give admin permissions to' + default: '' }, { key: 'debug', envVar: 'SQLPAD_DEBUG', - default: false, - description: 'Add a variety of logging to console while running SQLPad' + default: false }, { key: 'googleClientId', envVar: 'GOOGLE_CLIENT_ID', - description: - "Google Client ID used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'", default: '' }, { key: 'googleClientSecret', envVar: 'GOOGLE_CLIENT_SECRET', - description: - "Google Client Secret used for OAuth setup. Authorized redirect URI for sqlpad is '[baseurl]/auth/google/callback'", default: '' }, { key: 'publicUrl', envVar: 'PUBLIC_URL', - description: - 'Public URL used for OAuth setup and email links. Protocol expected. Example: https://mysqlpad.com', default: '' }, { key: 'disableUserpassAuth', envVar: 'DISABLE_USERPASS_AUTH', - description: - 'Set to TRUE to disable built-in user authentication. Use to restrict auth to OAuth only.', default: false }, { key: 'allowCsvDownload', envVar: 'SQLPAD_ALLOW_CSV_DOWNLOAD', - description: 'Enable csv and xlsx downloads.', - options: [true, false], default: true }, { key: 'editorWordWrap', envVar: 'SQLPAD_EDITOR_WORD_WRAP', - description: 'Enable word wrapping in SQL editor.', - options: [true, false], default: false }, { key: 'queryResultMaxRows', envVar: 'SQLPAD_QUERY_RESULT_MAX_ROWS', - description: 'By default query results are limited to 50,000 records.', default: 50000 }, { key: 'slackWebhook', envVar: 'SQLPAD_SLACK_WEBHOOK', - description: 'Supply incoming Slack webhook URL to post query when saved.', default: '' }, { key: 'tableChartLinksRequireAuth', envVar: 'SQLPAD_TABLE_CHART_LINKS_REQUIRE_AUTH', - description: - 'When false, table and chart result links will be operational without login.', - options: [true, false], default: true }, { key: 'smtpFrom', envVar: 'SQLPAD_SMTP_FROM', - description: - 'From email address for SMTP. Required in order to send invitation emails.', default: '' }, { key: 'smtpHost', envVar: 'SQLPAD_SMTP_HOST', - description: - 'Host address for SMTP. Required in order to send invitation emails.', default: '' }, { key: 'smtpPort', envVar: 'SQLPAD_SMTP_PORT', - description: 'Port for SMTP. Required in order to send invitation emails.', default: '' }, { key: 'smtpSecure', envVar: 'SQLPAD_SMTP_SECURE', - options: [true, false], - description: 'Toggle to use secure connection when using SMTP.', default: true }, { key: 'smtpUser', envVar: 'SQLPAD_SMTP_USER', - description: - 'Username for SMTP. Required in order to send invitation emails.', default: '' }, { key: 'smtpPassword', envVar: 'SQLPAD_SMTP_PASSWORD', - description: 'Password for SMTP.', default: '' }, { key: 'whitelistedDomains', envVar: 'WHITELISTED_DOMAINS', - description: - 'Allows pre-approval of email domains. Delimit multiple domains by empty space.', default: '' }, { key: 'samlEntryPoint', envVar: 'SAML_ENTRY_POINT', - description: 'SAML Entry point URL', default: '' }, { key: 'samlIssuer', envVar: 'SAML_ISSUER', - description: 'SAML Issuer', default: '' }, { key: 'samlCallbackUrl', envVar: 'SAML_CALLBACK_URL', - description: 'SAML callback URL', default: '' }, { key: 'samlCert', envVar: 'SAML_CERT', - description: 'SAML certificate in Base64', default: '' }, { key: 'samlAuthContext', envVar: 'SAML_AUTH_CONTEXT', - description: 'SAML authentication context URL', default: '' } ];