Remove yopass.yaml, in favor of env variables

* No more config files. * Proper Dockerfile * Updated docs
jhaals · Feb 12, 2015 · 3710fac · 3710fac
1 parent d0f7b06
commit 3710fac
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 39 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,12 @@
+FROM ruby:2
+RUN apt-get update
+RUN apt-get install libsasl2-dev
+RUN gem install thin --no-rdoc --no-ri
+
+
+# Replace with gem install yopass
+ADD . /yopass
+WORKDIR /yopass
+RUN bundle install
+EXPOSE 3000
+CMD ["thin", "start"]
diff --git a/README.md b/README.md
@@ -1,8 +1,10 @@
 # YoPass - Share Secrets Securely
 [![Build Status](https://travis-ci.org/jhaals/yopass.png?branch=master)](https://travis-ci.org/jhaals/yopass)
 
-YoPass is a website/API for sharing secrets in a quick and secure manner.
-This project is created to minimize the amount of passwords floating around in ticket management systems, IRC logs and emails. YoPass generates a one-time URL with an expiration date so you don't have to worry about passwords being visible forever
+YoPass is a project for sharing secrets in a quick and secure manner.
+The sole purpose of yopass is to minimize the amount of passwords floating around in ticket management systems, IRC logs and emails. YoPass generates a one-time URL with an expiration date so you don't have to worry about passwords being visible forever. The decryption key can also be transferred over SMS.
+
+You can easily integrate yopass into other systems using it's API and host it yourself.
 
 __[Demo site available here](http://yopass.jhaals.se)__
 
@@ -19,13 +21,17 @@ __[Demo site available here](http://yopass.jhaals.se)__
     gem install yopass
 
 * Install and start memcached
-* Edit `conf/yopass.yaml` and move it to desired location (don't forge to specify that path in the YOPASS_CONFIG environment variable)
 
-Most settings can be configured with environment variables.
+All settings are configured using environment variables
+
+    YP_MEMCACHED # default: localhost:11211
+    YP_SECRET_MAX_LENGTH # default: 10000
+
+
+#### Docker
 
-    YOPASS_CONFIG='/path/to/yopass.yaml'
-    YOPASS_BASE_URL='https://yopass.mydomain.com'
-    YOPASS_MEMCACHED_URL='memcached_address'
+    docker run --name memcached_yopass -d memcached
+    docker run -it -p 3000:3000 -e 'YP_MEMCACHED=memcache:11211' --link memcached_yopass:memcache -d jhaals/yopass
 
 ### API
 All endpoints expect JSON
@@ -40,8 +46,8 @@ Create secret - POST __/v1/secret__
     {
       key: "6738ecd96ac57c559c3d72387176b59b",
       decryption_key: "073d8b943",
-      full_url: "http://127.0.0.1:4567/v1/secret/6738ecd96ac57c559c3d72387176b59b/073d8b943",
-      short_url: "http://127.0.0.1:4567/v1/secret/6738ecd96ac57c559c3d72387176b59b",
+      full_url: "/v1/secret/6738ecd96ac57c559c3d72387176b59b/073d8b943",
+      short_url: "/v1/secret/6738ecd96ac57c559c3d72387176b59b",
       message: "secret stored"
     }
 Get secret - GET __/v1/secret/key/decryption_key__
@@ -51,14 +57,16 @@ Get secret - GET __/v1/secret/key/decryption_key__
     }
 
 ### SMS providers
-
-Supported SMS providers
-
-- Bulksms
+Yopass has a basic plugin system for SMS providers.
 
 Missing your favorite SMS provider? Just fork the repo and submit a pull request.
 Use the bulksms provider in ```lib/sms_provider/bulksms.rb``` as example
 
+#### Configure provider
+
+    YP_SEND_SMS=1
+    YP_SMS_SETTINGS='{"provider": "bulksms", "settings": {"username": "smsuser", "password": "xxxx"}}'
+
 ### Screenshot
 ![YoPass website](http://f.cl.ly/items/1N1C3I1q1i0E343r1v3p/Screenshot%202015-02-07%2018.51.17.png)
 
diff --git a/lib/yopass.rb b/lib/yopass.rb
@@ -2,7 +2,6 @@
 require 'sinatra/base'
 require 'securerandom'
 require 'encryptor'
-require 'yaml'
 require 'uri'
 require 'yopass/sms_provider'
 require 'sinatra/json'
@@ -31,15 +30,15 @@ class Yopass < Sinatra::Base
   end
 
   configure do
-    config = ENV['YOPASS_CONFIG'] || 'yopass.yaml'
-    cfg = YAML.load_file(config)
-    set :config, cfg
-    set :base_url, ENV['YOPASS_BASE_URL'] || cfg['base_url']
     set :public_folder, File.dirname(__FILE__) + '/public'
+    set :max_length, 10000
+    if ENV['YP_SECRET_MAX_LENGTH']
+      set :max_length, ENV['YP_SECRET_MAX_LENGTH'].to_i
+    end
   end
 
   get '/v1/secret/:key/:password' do
-    m = Memcached.new(ENV['YOPASS_MEMCACHED_URL'] || settings.config['memcached_url'])
+    m = Memcached.new(ENV['YP_MEMCACHED'] || 'localhost:11211')
     begin
       result = m.get params[:key]
     rescue Memcached::NotFound
@@ -81,7 +80,7 @@ class Yopass < Sinatra::Base
     return json message: 'No secret submitted' if secret.nil?
     return json message: 'No secret submitted' if secret.empty?
 
-    if secret.length >= settings.config['secret_max_length']
+    if secret.length >= settings.max_length
       return json message: 'error: This site is meant to store secrets not novels'
     end
 
@@ -92,7 +91,7 @@ class Yopass < Sinatra::Base
     # encrypt secret with generated decryption_key
     data = Encryptor.encrypt(secret, key: decryption_key)
 
-    m = Memcached.new(ENV['YOPASS_MEMCACHED_URL'] || settings.config['memcached_url'])
+    m = Memcached.new(ENV['YP_MEMCACHED'] || 'localhost:11211')
     # store secret in memcached
     begin
       m.set key, data, lifetime_options[lifetime]
@@ -101,28 +100,28 @@ class Yopass < Sinatra::Base
       return json message: 'Error: Unable to contact memcached'
     end
     mobile_number = r['mobile_number']
-    if settings.config['send_sms'] && !mobile_number.nil?
+    if ENV['YP_SEND_SMS'] && !mobile_number.nil?
       unless mobile_number.empty?
         # strip everything except digits
         mobile_number = mobile_number.gsub(/[^0-9]/, '')
         # load SMS provider
+        sms_settings = JSON.parse(ENV['YP_SMS_SETTINGS'])
         sms = SmsProvider.create(
-          settings.config['sms::provider'],
-          settings.config['sms::settings'])
+          sms_settings['provider'],
+          sms_settings['settings'])
         sms.send(mobile_number, decryption_key)
       end
     end
     status 200
     json key: key,
       decryption_key: decryption_key,
-      full_url: URI.join(settings.base_url,
-        "/v1/secret/#{key}/#{decryption_key}"),
-      short_url: URI.join(settings.base_url, "/v1/secret/#{key}"),
+      full_url: "/v1/secret/#{key}/#{decryption_key}",
+      short_url: "/v1/secret/#{key}",
       message: 'secret stored'
   end
 
   get '/' do
-    # This is not a way of serving a static file
+    # Ugly way of serving index...
     File.read(File.join(settings.public_folder, 'index.html'))
   end
   run! if app_file == $PROGRAM_NAME

diff --git a/spec/yopass_spec.rb b/spec/yopass_spec.rb
@@ -32,7 +32,6 @@
     allow_any_instance_of(Memcached).to receive(:set).and_return true
     post '/v1/secret', JSON.dump('lifetime' => '1h', 'secret' => 'test')
 
-    expect(last_response.body).to match(/http:\/\/127.0.0.1:4567/)
     expect(last_response.body).to match(/full_url/)
     expect(last_response.body).to match(/decryption_key/)
     expect(last_response.body).to match(/key/)

diff --git a/yopass.yaml b/yopass.yaml