az/morz-infoboard
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
morz-infoboard/player/agent/internal/config/config.go
Jesko Anschütz dd3ec070f7 Security-Review + Phase 6: CSRF, Rate-Limiting, Tenant-Isolation, Screenshot, Ansible 
### Security-Fixes (K1–K6, W1–W4, W7, N1, N5–N6, V1, V5–V7)
- K1: CSRF-Schutz via Double-Submit-Cookie (httpapi/csrf.go + csrf_helpers.go)
- K2: requireScreenAccess() in allen manage-Handlern (Tenant-Isolation)
- K3: Tenant-Check bei DELETE /api/v1/media/{id}
- K4: requirePlaylistAccess() + GetByItemID() für JSON-API Playlist-Routen
- K5: Admin-Passwort nur noch als [gesetzt] geloggt
- K6: POST /api/v1/screens/register mit Pre-Shared-Secret (MORZ_INFOBOARD_REGISTER_SECRET)
- W1: Race Condition bei order_index behoben (atomare Subquery in AddItem)
- W2: Graceful Shutdown mit 15s Timeout auf SIGTERM/SIGINT
- W3: http.MaxBytesReader (512 MB) in allen Upload-Handlern
- W4: err.Error() nicht mehr an den Client
- W7: Template-Execution via bytes.Buffer (kein partial write bei Fehler)
- N1: Rate-Limiting auf /login (5 Versuche/Minute pro IP, httpapi/ratelimit.go)
- N5: Directory-Listing auf /uploads/ deaktiviert (neuteredFileSystem)
- N6: Uploads nach Tenant getrennt (uploads/{tenantSlug}/)
- V1: Upload-Logik konsolidiert in internal/fileutil/fileutil.go
- V5: Cookie-Name als Konstante reqcontext.SessionCookieName
- V6: Strukturiertes Logging mit log/slog + JSON-Handler
- V7: DB-Pool wird im Graceful-Shutdown geschlossen

### Phase 6: Screenshot-Erzeugung
- player/agent/internal/screenshot/screenshot.go erstellt
- Integration in app.go mit MORZ_INFOBOARD_SCREENSHOT_EVERY Config

### UX: PDF.js Integration
- pdf.min.js + pdf.worker.min.js als lokale Assets eingebettet
- Automatisches Seitendurchblättern im Player

### Ansible: Neue Rollen
- signage_base, signage_server, signage_provision erstellt
- inventory.yml und site.yml erweitert

### Konzept-Docs
- GRUPPEN-KONZEPT.md, KAMPAGNEN-AKTIVIERUNG.md, MONITORING-KONZEPT.md
- PROVISION-KONZEPT.md, TEMPLATE-EDITOR.md, WATCHDOG-KONZEPT.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-23 21:06:35 +01:00

122 lines
3.9 KiB
Go
Raw Blame History

package config
import (
"encoding/json"
"fmt"
"os"
)
type Config struct {
// ScreenID is the unique slug for this screen — used for self-registration and playlist fetching.
ScreenID string `json:"screen_id"`
// ScreenName is the human-readable display name shown in the admin UI. Falls back to ScreenID.
ScreenName string `json:"screen_name"`
// ScreenOrientation is "landscape" (default) or "portrait".
ScreenOrientation string `json:"screen_orientation"`
ServerBaseURL string `json:"server_base_url"`
MQTTBroker string `json:"mqtt_broker"`
MQTTUsername string `json:"mqtt_username"`
MQTTPassword string `json:"mqtt_password"`
HeartbeatEvery int `json:"heartbeat_every_seconds"`
StatusReportEvery int `json:"status_report_every_seconds"`
PlayerListenAddr string `json:"player_listen_addr"`
// PlayerContentURL is a fallback URL shown when no playlist is available from the server.
PlayerContentURL string `json:"player_content_url"`
// RegisterSecret ist das Pre-Shared-Secret für POST /api/v1/screens/register (K6).
// Muss mit MORZ_INFOBOARD_REGISTER_SECRET auf dem Server übereinstimmen.
// Wenn leer, wird kein Header gesendet (kompatibel mit Servern ohne Secret).
RegisterSecret string `json:"register_secret"`
// ScreenshotEvery gibt das Intervall in Sekunden für periodische Screenshots an (Phase 6).
// 0 oder negativ = Screenshots deaktiviert.
ScreenshotEvery int `json:"screenshot_every_seconds"`
}
const defaultConfigPath = "/etc/signage/config.json"
func Load() (Config, error) {
cfg := defaultConfig()
configPath := getenv("MORZ_INFOBOARD_CONFIG", defaultConfigPath)
if err := loadFromFile(configPath, &cfg); err != nil {
if !os.IsNotExist(err) {
return Config{}, fmt.Errorf("load config file: %w", err)
}
}
overrideFromEnv(&cfg)
if cfg.ScreenID == "" {
return Config{}, fmt.Errorf("screen id is required")
}
if cfg.ScreenName == "" {
cfg.ScreenName = cfg.ScreenID
}
if cfg.HeartbeatEvery <= 0 {
cfg.HeartbeatEvery = defaultConfig().HeartbeatEvery
}
if cfg.StatusReportEvery <= 0 {
cfg.StatusReportEvery = defaultConfig().StatusReportEvery
}
return cfg, nil
}
func defaultConfig() Config {
return Config{
ScreenID: "unset-screen",
ScreenOrientation: "landscape",
ServerBaseURL: "http://127.0.0.1:8080",
MQTTBroker: "",
HeartbeatEvery: 30,
StatusReportEvery: 60,
PlayerListenAddr: "127.0.0.1:8090",
PlayerContentURL: "",
}
}
func loadFromFile(path string, cfg *Config) error {
data, err := os.ReadFile(path)
if err != nil {
return err
}
return json.Unmarshal(data, cfg)
}
func overrideFromEnv(cfg *Config) {
cfg.ScreenID = getenv("MORZ_INFOBOARD_SCREEN_ID", cfg.ScreenID)
cfg.ServerBaseURL = getenv("MORZ_INFOBOARD_SERVER_URL", cfg.ServerBaseURL)
cfg.MQTTBroker = getenv("MORZ_INFOBOARD_MQTT_BROKER", cfg.MQTTBroker)
cfg.MQTTUsername = getenv("MORZ_INFOBOARD_MQTT_USERNAME", cfg.MQTTUsername)
cfg.MQTTPassword = getenv("MORZ_INFOBOARD_MQTT_PASSWORD", cfg.MQTTPassword)
cfg.PlayerListenAddr = getenv("MORZ_INFOBOARD_PLAYER_ADDR", cfg.PlayerListenAddr)
cfg.ScreenName = getenv("MORZ_INFOBOARD_SCREEN_NAME", cfg.ScreenName)
cfg.ScreenOrientation = getenv("MORZ_INFOBOARD_SCREEN_ORIENTATION", cfg.ScreenOrientation)
cfg.PlayerContentURL = getenv("MORZ_INFOBOARD_PLAYER_CONTENT_URL", cfg.PlayerContentURL)
cfg.RegisterSecret = getenv("MORZ_INFOBOARD_REGISTER_SECRET", cfg.RegisterSecret)
if value := getenv("MORZ_INFOBOARD_SCREENSHOT_EVERY", ""); value != "" {
var parsed int
_, _ = fmt.Sscanf(value, "%d", &parsed)
cfg.ScreenshotEvery = parsed
}
if value := getenv("MORZ_INFOBOARD_STATUS_REPORT_EVERY", ""); value != "" {
var parsed int
_, _ = fmt.Sscanf(value, "%d", &parsed)
if parsed > 0 {
cfg.StatusReportEvery = parsed
}
}
}
func getenv(key, fallback string) string {
value := os.Getenv(key)
if value == "" {
return fallback
}
return value
}
Reference in a new issue View git blame Copy permalink