From 6d7752b4b381658ff5f497054532047d1ebea0a2 Mon Sep 17 00:00:00 2001
From: Ayman Bagabas <ayman.bagabas@gmail.com>
Date: Fri, 13 Aug 2021 14:20:30 -0400
Subject: [PATCH] Import auth keys from env vars

---
 Dockerfile                   |  1 +
 main.go                      |  5 +++--
 server/middleware/git/git.go | 24 ++++++++++++++++--------
 3 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index de9075197..dfed51d22 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,6 +11,7 @@ VOLUME /smoothie
 
 # Environment variables
 ENV SMOOTHIE_KEY_PATH "/smoothie/ssh/smoothie_server_ed25519"
+ENV SMOOTHIE_REPO_KEYS ""
 ENV SMOOTHIE_REPO_KEYS_PATH "/smoothie/ssh/smoothie_git_authorized_keys"
 ENV SMOOTHIE_REPO_PATH "/smoothie/repos"
 
diff --git a/main.go b/main.go
index fae768a15..1ffd17098 100644
--- a/main.go
+++ b/main.go
@@ -15,7 +15,8 @@ import (
 type Config struct {
 	Port         int    `env:"SMOOTHIE_PORT" default:"23231"`
 	KeyPath      string `env:"SMOOTHIE_KEY_PATH" default:".ssh/smoothie_server_ed25519"`
-	RepoAuthPath string `env:"SMOOTHIE_REPO_KEYS_PATH" default:".ssh/smoothie_git_authorized_keys"`
+	RepoAuth     string `env:"SMOOTHIE_REPO_KEYS" default:""`
+	RepoAuthFile string `env:"SMOOTHIE_REPO_KEYS_PATH" default:".ssh/smoothie_git_authorized_keys"`
 	RepoPath     string `env:"SMOOTHIE_REPO_PATH" default:".repos"`
 }
 
@@ -29,7 +30,7 @@ func main() {
 		cfg.Port,
 		cfg.KeyPath,
 		bm.Middleware(tui.SessionHandler(cfg.RepoPath, time.Second*5)),
-		gm.Middleware(cfg.RepoPath, cfg.RepoAuthPath),
+		gm.Middleware(cfg.RepoPath, cfg.RepoAuth, cfg.RepoAuthFile),
 		lm.Middleware(),
 	)
 	if err != nil {
diff --git a/server/middleware/git/git.go b/server/middleware/git/git.go
index d098a62bb..e13652813 100644
--- a/server/middleware/git/git.go
+++ b/server/middleware/git/git.go
@@ -8,23 +8,31 @@ import (
 	"os"
 	"os/exec"
 	"smoothie/server/middleware"
+	"strings"
 
 	"github.com/gliderlabs/ssh"
 )
 
-func Middleware(repoDir string, authorizedKeysPath string) middleware.Middleware {
+func Middleware(repoDir, authorizedKeys, authorizedKeysFile string) middleware.Middleware {
 	authedKeys := make([]ssh.PublicKey, 0)
-	hasAuth, err := fileExists(authorizedKeysPath)
+	hasAuth, err := fileExists(authorizedKeysFile)
 	if err != nil {
 		log.Fatal(err)
 	}
-	if hasAuth {
-		f, err := os.Open(authorizedKeysPath)
-		if err != nil {
-			log.Fatal(err)
+	if hasAuth || authorizedKeys != "" {
+		var scanner *bufio.Scanner
+		if authorizedKeys == "" {
+			log.Printf("Importing authorized keys from file: %s", authorizedKeysFile)
+			f, err := os.Open(authorizedKeysFile)
+			if err != nil {
+				log.Fatal(err)
+			}
+			defer f.Close()
+			scanner = bufio.NewScanner(f)
+		} else {
+			log.Printf("Importing authorized keys from environment")
+			scanner = bufio.NewScanner(strings.NewReader(authorizedKeys))
 		}
-		defer f.Close()
-		scanner := bufio.NewScanner(f)
 		for scanner.Scan() {
 			pt := scanner.Text()
 			log.Printf("Adding authorized key: %s", pt)