feat(cli): allow setting config vars via cli

4 years ago · d9ff95bbbb
parent e8b9462c58
commit d9ff95bbbb
4 changed files with 59 additions and 21 deletions
--- a/config.js
+++ b/config.js
@ -23,10 +23,10 @@ module.exports = {
 	authentication: 'GoogleLDAPAuth',
 	authenticationOptions: {
 		base: 'dc=hokify,dc=com',
-		tlsOptions: {
-			// get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client
-			key: fs.readFileSync('ldap.gsuite.key'),
-			cert: fs.readFileSync('ldap.gsuite.crt')
+		// get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client
+		tls: {
+			keyFile: 'ldap.gsuite.key',
+			certFile: 'ldap.gsuite.crt'
 		}
 	}

@ -35,9 +35,11 @@ module.exports = {
 	authenticationOptions: {
 		url: 'ldaps://ldap.google.com',
 		base: 'dc=hokify,dc=com',
+		tls: {
+			keyFile: 'ldap.gsuite.key',
+			certFile: 'ldap.gsuite.crt'
+		},
 		tlsOptions: {
-			key: fs.readFileSync('ldap.gsuite.key'),
-			cert: fs.readFileSync('ldap.gsuite.crt'),
 			servername: 'ldap.google.com'
 		}
 	}
--- a/src/app.ts
+++ b/src/app.ts
@ -1,3 +1,4 @@
+import * as yargs from 'yargs';
 import { UDPServer } from './server/UDPServer';
 import { RadiusService } from './radius/RadiusService';

@ -15,9 +16,25 @@ if (typeof (testSocket.tls as any).exportKeyingMaterial !== 'function') {
 	process.exit(-1);
 }

-console.log(`Listener Port: ${config.port || 1812}`);
-console.log(`RADIUS Secret: ${config.secret}`);
-console.log(`Auth Mode: ${config.authentication}`);
+const { argv } = yargs
+	.usage('NODE RADIUS Server\nUsage: radius-server')
+	.example('radius-server --port 1812 -s radiussecret')
+	.default({
+		port: config.port || 1812,
+		s: config.secret || 'testing123',
+		authentication: config.authentication,
+		authenticationOptions: config.authenticationOptions
+	})
+	.describe('port', 'RADIUS server listener port')
+	.alias('s', 'secret')
+	.describe('secret', 'RADIUS secret')
+	.number('port')
+	.string(['secret', 'authentication']);
+
+console.log(`Listener Port: ${argv.port || 1812}`);
+console.log(`RADIUS Secret: ${argv.secret}`);
+console.log(`Auth ${argv.authentication}`);
+console.log(`Auth Config: ${JSON.stringify(argv.authenticationOptions, undefined, 3)}`);

 (async () => {
 	/* configure auth mechansim */
--- a/src/auth/GoogleLDAPAuth.ts
+++ b/src/auth/GoogleLDAPAuth.ts
@ -1,6 +1,7 @@
 import { ClientOptions, createClient } from 'ldapjs';
 import debug from 'debug';
 import * as tls from 'tls';
+import * as fs from 'fs';
 import { IAuthentication } from '../types/Authentication';

 const usernameFields = ['posixUid', 'mail'];
@ -13,12 +14,16 @@ interface IGoogleLDAPAuthOptions {
 	/** base DN
 	 *  e.g. 'dc=hokify,dc=com', */
 	base: string;
+	tls: {
+		keyFile: string;
+		certFile: string;
+	};
 	/** tls options
 	 * e.g. {
 			key: fs.readFileSync('ldap.gsuite.key'),
 			cert: fs.readFileSync('ldap.gsuite.crt')
 		} */
-	tlsOptions: tls.TlsOptions;
+	tlsOptions?: tls.TlsOptions;
 }

 export class GoogleLDAPAuth implements IAuthentication {
@ -33,12 +38,16 @@ export class GoogleLDAPAuth implements IAuthentication {
 	constructor(config: IGoogleLDAPAuthOptions) {
 		this.base = config.base;

+		const tlsOptions = {
+			key: fs.readFileSync(config.tls.keyFile),
+			cert: fs.readFileSync(config.tls.certFile),
+			servername: 'ldap.google.com',
+			...config.tlsOptions
+		};
+
 		this.config = {
 			url: 'ldaps://ldap.google.com:636',
-			tlsOptions: {
-				...config.tlsOptions,
-				servername: 'ldap.google.com'
-			}
+			tlsOptions
 		};

 		this.fetchDNs();
--- a/src/auth/LDAPAuth.ts
+++ b/src/auth/LDAPAuth.ts
@ -1,4 +1,5 @@
 import * as LdapAuth from 'ldapauth-fork';
+import * as fs from 'fs';
 import { IAuthentication } from '../types/Authentication';

 interface ILDAPAuthOptions {
@ -9,10 +10,13 @@ interface ILDAPAuthOptions {
 	/** base DN
 	 *  e.g. 'dc=hokify,dc=com', */
 	base: string;
+
+	tls: {
+		keyFile: string;
+		certFile: string;
+	};
 	/** tls options
 	 * e.g. {
-			key: fs.readFileSync('ldap.gsuite.key'),
-			cert: fs.readFileSync('ldap.gsuite.crt'),
 			servername: 'ldap.google.com'
 		} */
 	tlsOptions?: any;
@ -25,12 +29,18 @@ interface ILDAPAuthOptions {
 export class LDAPAuth implements IAuthentication {
 	private ldap: LdapAuth;

-	constructor(options: ILDAPAuthOptions) {
+	constructor(config: ILDAPAuthOptions) {
+		const tlsOptions = {
+			key: fs.readFileSync(config.tls.keyFile),
+			cert: fs.readFileSync(config.tls.certFile),
+			...config.tlsOptions
+		};
+
 		this.ldap = new LdapAuth({
-			url: options.url,
-			searchBase: options.base,
-			tlsOptions: options.tlsOptions,
-			searchFilter: options.searchFilter || '(uid={{username}})',
+			url: config.url,
+			searchBase: config.base,
+			tlsOptions,
+			searchFilter: config.searchFilter || '(uid={{username}})',
 			reconnect: true
 		});
 		this.ldap.on('error', function(err) {