Move passwords around a bit more.

gizmo71 · gizmo71 · commit b75c81a2e739 · 2017-11-29T21:52:03.000Z
diff --git a/README.md b/README.md
@@ -27,11 +27,13 @@ paths, hostnames, usernames and so on in the code itself:
     SetEnv SROU_HOST_UKGPL www.ukgpl.com
     SetEnv SROU_DB_HOST an.internal.host.name
     SetEnv SROU_DB_PREFIX some_random_prefix_
-    SetEnv SROU_DB_PASSWD 'aPasswordNotTheRealOneHereObviously'
     SetEnv SROU_ROOT /srv/www/SimRacing.org.uk
+    SetEnv SROU_S3_ACCESS '$$theRealCode$$'
 </Directory>
 ```
 
+In addition, the most sensitive information such as passwords are stored in their own files in the [`cfg` directory](cfg).
+
 As a consequence, changing certain SMF settings from the forum's own administrative pages tends to overwrite places
 in [`Settings.php`](public_html.srou/www/smf/Settings.php) which are supposed to get values from the environment
 with the values themselves. One must be careful when committing to restore such code to use the environment again.
diff --git a/cfg/.gitignore b/cfg/.gitignore
@@ -0,0 +1 @@
+*
diff --git a/cfg/README.md b/cfg/README.md
@@ -0,0 +1,7 @@
+This directory should contain the following files, which should be read only and visible only to the relevant user.
+
+Under no circumstances should these files be committed to source control.
+
+* `s3.secret`: secret key for making AWS S3 calls
+* `smf-db.password`: password matching SROU_DB_USER
+* `migrate-login.options`: user/password options for `mysql` when doing migration activities which cannot use normal login
diff --git a/dories/common.sh b/dories/common.sh
@@ -7,12 +7,11 @@ if [ ! -d .git ]; then
 fi
 
 eval $(grep -E 'SetEnv\s+SROU_' $(grep -l "SetEnv SROU_ROOT $(pwd)" /etc/httpd/conf.d/*.conf) |
-    sed -re 's/\s+SetEnv\s+//' |
+    sed -re 's/^\s+SetEnv\s+//' |
     while read name value; do echo $name=$value; done
 )
 set | grep SROU
 
-SMF_LOGIN="--user=${SROU_DB_PREFIX}smf --password=${SROU_DB_PASSWD}"
-# The following file should not be world readable, and should set MIGRATE_LOGIN in thesame format as SMF_LOGIN
-. ~/.srou-migrate
-SHARED_OPTIONS="--host=${SROU_DB_HOST} --batch $LOGIN_OPTIONS"
+SMF_LOGIN="--user=${SROU_DB_PREFIX}smf --password=$(cat cfg/smf-db.password)"
+MIGRATE_LOGIN=$(cat cfg/migrate-login.options)
+SHARED_OPTIONS="--host=${SROU_DB_HOST} --batch"
diff --git a/dories/recreate-db-users.zsh b/dories/recreate-db-users.zsh
@@ -8,6 +8,6 @@
 	# then afterwards: SET GLOBAL validate_password_policy = 'MEDIUM';
 	cat <<-EOF
 		DROP USER IF EXISTS '${SROU_DB_PREFIX}smf'@'%';
-		CREATE USER '${SROU_DB_PREFIX}smf'@'%' IDENTIFIED BY '${SROU_DB_PASSWD}';
+		CREATE USER '${SROU_DB_PREFIX}smf'@'%' IDENTIFIED BY '$(cat cfg/smf-db.password)';
 	EOF
 ) | mysql ${=SHARED_OPTIONS} ${=MIGRATE_LOGIN}
diff --git a/public_html.srou/downloads/s3.php b/public_html.srou/downloads/s3.php
@@ -61,7 +61,7 @@
 ($bucket = $_REQUEST['bucket']) || ($bucket = $defaultBucket);
 $bucket = rawurlencode($bucket);
 $accessKey = $_SERVER['SROU_S3_ACCESS'];
-$secretKey = $_SERVER['SROU_S3_SECRET'];
+$secretKey = trim(file_get_contents("{$_SERVER['SROU_ROOT']}/cfg/s3.secret"));
 
 function encodeKey($key) {
 	$key = rawurlencode($key);
diff --git a/public_html.srou/www/smf/Settings.php b/public_html.srou/www/smf/Settings.php
@@ -73,7 +73,7 @@
 $db_server = $_SERVER['SROU_DB_HOST'];
 $db_name = "{$_SERVER['SROU_DB_PREFIX']}smf";
 $db_user = $db_name;
-$db_passwd = $_SERVER['SROU_DB_PASSWD'];
+$db_passwd = trim(file_get_contents("{$_SERVER['SROU_ROOT']}/cfg/smf-db.password"));
 $db_prefix = 'smf_';
 $db_persist = 0;
 $db_error_send = 0;
