use config, disable registrations

Author: MattDHill

package-lock.json

@@ -6,7 +6,7 @@
     "check": "tsc --noEmit"
   },
   "dependencies": {
-    "@start9labs/start-sdk": "^0.4.0-beta.45"
+    "@start9labs/start-sdk": "^0.4.0-beta.46"
   },
   "devDependencies": {
     "@types/node": "^22.19.3",

package.json

@@ -1,15 +1,15 @@
 import { T, utils } from '@start9labs/start-sdk'
-import { storeJson } from '../fileModels/store.json'
 import * as crypto from 'crypto'
 import { sdk } from '../sdk'
+import { configJson } from '../fileModels/config.json'
 
 export const setAdminToken = sdk.Action.withoutInput(
   // id
   'set-admin-token',
 
   // metadata
   async ({ effects }) => {
-    const existing = await storeJson.read((s) => s.ADMIN_TOKEN).const(effects)
+    const existing = await configJson.read((s) => s.admin_token).const(effects)
 
     return {
       name: existing ? 'Update Admin Token' : 'Create Admin Token',
@@ -32,7 +32,7 @@ export const setAdminToken = sdk.Action.withoutInput(
 
     const hash = await hashToken(effects, token)
 
-    await storeJson.merge(effects, { ADMIN_TOKEN: hash })
+    await configJson.merge(effects, { admin_token: hash })
 
     return {
       version: '1',

startos/actions/admin-token.ts

@@ -2,8 +2,10 @@ import { sdk } from '../sdk'
 import { setAdminToken } from './admin-token'
 import { manageSmtp } from './manageSmtp'
 import { setPrimaryDomain } from './setPrimaryUrl'
+import { toggleSignups } from './toggleSignups'
 
 export const actions = sdk.Actions.of()
+  .addAction(toggleSignups)
   .addAction(setAdminToken)
   .addAction(setPrimaryDomain)
   .addAction(manageSmtp)

startos/actions/index.ts

@@ -1,4 +1,5 @@
-import { storeJson } from '../fileModels/store.json'
+import { configJson } from '../fileModels/config.json'
+import { systemSmtpJson } from '../fileModels/systemSmtp.json'
 import { sdk } from '../sdk'
 
 const { InputSpec } = sdk
@@ -25,10 +26,64 @@ export const manageSmtp = sdk.Action.withInput(
   inputSpec,
 
   // optionally pre-fill the input form
-  async ({ effects }) => ({
-    smtp: (await storeJson.read((s) => s.smtp).once()) || undefined,
-  }),
+  async ({ effects }) => {
+    const smtp = await systemSmtpJson.read().once()
+
+    if (smtp?.enabled) {
+      return {
+        smtp: {
+          selection: 'system' as const,
+          value: { customFrom: smtp.customFrom || undefined },
+        },
+      }
+    }
+
+    const config = await configJson.read().once()
+
+    if (config?.smtp_host) {
+      const { smtp_host, smtp_port, smtp_from, smtp_username, smtp_password } =
+        config
+      return {
+        smtp: {
+          selection: 'custom' as const,
+          value: {
+            server: smtp_host,
+            port: smtp_port,
+            from: smtp_from,
+            login: smtp_username,
+            password: smtp_password,
+          },
+        },
+      }
+    }
+
+    return { smtp: { selection: 'disabled' as const, value: {} } }
+  },
 
   // the execution function
-  async ({ effects, input }) => storeJson.merge(effects, { smtp: input.smtp }),
+  async ({ effects, input }) => {
+    if (input.smtp.selection === 'system') {
+      await systemSmtpJson.merge(effects, {
+        enabled: true,
+        customFrom: input.smtp.value.customFrom,
+      })
+    } else if (input.smtp.selection === 'custom') {
+      const { server, port, from, login, password } = input.smtp.value
+      await configJson.merge(effects, {
+        smtp_host: server,
+        smtp_port: port,
+        smtp_from: from,
+        smtp_username: login,
+        smtp_password: password || undefined,
+      })
+    } else {
+      await configJson.merge(effects, {
+        smtp_host: undefined,
+        smtp_port: undefined,
+        smtp_from: undefined,
+        smtp_username: undefined,
+        smtp_password: undefined,
+      })
+    }
+  },
 )

startos/actions/manageSmtp.ts

@@ -1,4 +1,4 @@
-import { storeJson } from '../fileModels/store.json'
+import { configJson } from '../fileModels/config.json'
 import { sdk } from '../sdk'
 import { getVaultInterfaceUrls } from '../utils'
 
@@ -42,10 +42,10 @@ export const setPrimaryDomain = sdk.Action.withInput(
 
   // optionally pre-fill the input form
   async ({ effects }) => ({
-    domain: (await storeJson.read((s) => s.DOMAIN).once()) || undefined,
+    domain: (await configJson.read((c) => c.domain).once()) || undefined,
   }),
 
   // the execution function
   async ({ effects, input }) =>
-    storeJson.merge(effects, { DOMAIN: input.domain }),
+    configJson.merge(effects, { domain: input.domain }),
 )

startos/actions/setPrimaryUrl.ts

@@ -0,0 +1,38 @@
+import { configJson } from '../fileModels/config.json'
+import { sdk } from '../sdk'
+
+export const toggleSignups = sdk.Action.withoutInput(
+  // id
+  'toggle-signups',
+
+  // metadata
+  async ({ effects }) => {
+    const allowed = await configJson
+      .read((c) => c.signups_allowed)
+      .const(effects)
+
+    return {
+      name: allowed ? 'Disable Signups' : 'Enable Signups',
+      description: allowed
+        ? 'Signups are currently enabled. Run this action to prohibit new signups.'
+        : 'Signups are currently disabled. Run this action to permit new signups.',
+      warning: allowed
+        ? null
+        : 'Anyone with your Vaultwarden URL will be able to create an account on your server, which represents a security risk. Be careful!',
+      allowedStatuses: 'any',
+      group: null,
+      visibility: 'enabled',
+    }
+  },
+
+  // the execution function
+  async ({ effects }) => {
+    const allowed = await configJson
+      .read((c) => c.signups_allowed)
+      .const(effects)
+
+    await configJson.merge(effects, {
+      signups_allowed: !allowed,
+    })
+  },
+)

startos/actions/toggleSignups.ts

@@ -0,0 +1,21 @@
+import { matches, FileHelper } from '@start9labs/start-sdk'
+
+const { object, string, literal, natural, boolean } = matches
+
+const shape = object({
+  domain: string,
+  admin_token: string,
+  signups_allowed: boolean.onMismatch(false),
+  smtp_host: string.optional(),
+  smtp_security: literal('starttls').onMismatch('starttls'),
+  smtp_port: natural.optional().onMismatch(undefined),
+  smtp_from: string.optional().onMismatch(undefined),
+  smtp_from_name: string.optional().onMismatch(undefined),
+  smtp_username: string.optional().onMismatch(undefined),
+  smtp_password: string.optional().onMismatch(undefined),
+})
+
+export const configJson = FileHelper.json(
+  { volumeId: 'main', subpath: '/config.json' },
+  shape,
+)

startos/fileModels/config.json.ts

@@ -0,0 +1,13 @@
+import { matches, FileHelper } from '@start9labs/start-sdk'
+
+const { object, string, boolean } = matches
+
+const shape = object({
+  enabled: boolean,
+  customFrom: string.nullable(),
+})
+
+export const systemSmtpJson = FileHelper.json(
+  { volumeId: 'main', subpath: '/systemSmtp.json' },
+  shape,
+)