josh/Vetting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove operator auth — trust the LAN
CI / Lint + build + test (push) Failing after 5m15s
Details

Browse Source 
Can't log in from a fresh LXC deploy, and the service is LAN-only by
design. Rip out the whole bcrypt-password / signed-cookie session
layer: internal/auth, login templates, gen-admin-password binary +
Makefile targets, auth config block, login/logout routes and the
RequireSession middleware wrap. Agent bearer-token auth on
/api/v1/runs/{id}/* is untouched.

Operators who want a password can front the service with a reverse
proxy — noted in README and docs/operations.md.
This commit is contained in:
Josh Wright
2026-04-17 22:31:49 -04:00
parent 273e7593bc
commit 42da48864f
19 changed files with 52 additions and 492 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/vetting/main.go
-32
View File
@@ -14,7 +14,6 @@ import (
"time"
"vetting/internal/api"
"vetting/internal/auth"
"vetting/internal/config"
"vetting/internal/db"
"vetting/internal/events"
@@ -54,19 +53,6 @@ func main() {
}
defer func() { _ = conn.Close() }()
secret, err := cfg.Auth.SessionSecret()
if err != nil {
log.Fatalf("auth: %v", err)
}
authMgr := &auth.Manager{
PasswordHash: cfg.Auth.AdminPasswordBcrypt,
Secret: secret,
TTL: time.Duration(cfg.Auth.SessionTTLHours) * time.Hour,
}
if err := validateAuth(cfg, authMgr); err != nil {
log.Fatalf("auth: %v", err)
}
hostStore := &store.Hosts{DB: conn}
runStore := &store.Runs{DB: conn}
stageStore := &store.Stages{DB: conn}
@@ -113,7 +99,6 @@ func main() {
Hosts: hostStore,
Runs: runStore,
Artifacts: artifactStore,
Auth: authMgr,
EventHub: hub,
Runner: runner,
Tiles: tiles,
@@ -163,7 +148,6 @@ func main() {
}
router := httpserver.NewRouter(httpserver.Deps{
Auth: authMgr,
UI: ui,
Agent: agentAPI,
LiveDir: cfg.PXE.LiveDir,
@@ -231,19 +215,3 @@ func main() {
}
_ = hub.Shutdown(ctx)
}
func validateAuth(cfg *config.Config, _ *auth.Manager) error {
if cfg.Auth.AdminPasswordBcrypt == "" || cfg.Auth.AdminPasswordBcrypt == "$2a$10$REPLACE_ME_WITH_A_REAL_BCRYPT_HASH_0123456789abcdefABCDEFxx" {
return errPlaceholderPassword
}
if len(cfg.Auth.AdminPasswordBcrypt) < 4 || cfg.Auth.AdminPasswordBcrypt[0] != '$' {
return errPlaceholderPassword
}
return nil
}
var errPlaceholderPassword = plainErr("auth.admin_password_bcrypt is the placeholder; run bin/gen-admin-password and paste the hash into your config")
type plainErr string
func (e plainErr) Error() string { return string(e) }