put shared code into own mod (common), + apicontext env vars

README.md

@@ -1,6 +1,22 @@
 # Cenophane
 Simple standalone file upload server with expiration
 
+## Features
+
+- RESTful API
+- Authentication and Authorization through bearer api token
+- multiple tenants supported (tenant == api context)
+- Each upload gets its own unique id
+- download uri is public, no api required, it is intended for end users
+- uploads may consist of one or multiple files
+- zipped automatically
+- uploads expire, either as soon as it gets downloaded or when a timer runs out
+- the command line client uses the api
+- configuration using HCL language
+- docker container build available
+- the server supports config by config file, environment variables or flags
+- restrictive defaults
+
 ## Server Usage
 
 ```
@@ -12,6 +28,7 @@ cenod -h
   -c, --config string       custom config file
   -D, --dbfile string       Bold database file to use (default "/tmp/uploads.db")
   -d, --debug               Enable debugging
+      --frontpage string    Content or filename to be displayed on / in case someone visits (default "welcome to upload api, use /api enpoint!")
   -4, --ipv4                Only listen on ipv4
   -6, --ipv6                Only listen on ipv6
   -l, --listen string       listen to custom ip:port (use [ip]:port for ipv6) (default ":8080")
@@ -22,6 +39,46 @@ cenod -h
   -v, --version             Print program version
 ```
 
+All flags can be set using environment variables, prefix the flag with `CENOD_` and uppercase it, eg: 
+```
+CENOD_LISTEN=:8080
+```
+
+In addition it is possible to set api contexts using env vars (otherwise only possible using the config file):
+```
+CENOD_CONTEXT_SUPPORT="support:tymag-fycyh-gymof-dysuf-doseb-puxyx"
+CENOD_CONTEXT_FOOBAR="foobar:U3VuIE1hciAxOSAxMjoyNTo1NyBQTSBDRVQgMjAyMwo"
+```
+
+Configuration can also be done using a config file (searched in the following locations):
+- `/etc/cenod.hcl`
+- `/usr/local/etc/cenod.hcl`
+- `~/.config/cenod/cenod.hcl`
+- `~/.cenod`
+- `$(pwd)/cenod.hcl`
+
+Or using the flag `-c`. Sample config file:
+```
+listen = ":8080"
+bodylimit = 10000
+
+apicontext = [
+  {
+    context = "root"
+    key = "0fddbff5d8010f81cd28a7d77f3e38981b13d6164c2fd6e1c3f60a4287630c37",
+  },
+  {
+    context = "foo",
+    key = "970b391f22f515d96b3e9b86a2c62c627968828e47b356994d2e583188b4190a"
+  }
+]
+
+#url = "https://sokrates.daemon.de"
+
+# this is the root context with all permissions
+super = "root"
+```
+
 ## Client Usage
 
 ```
@@ -52,33 +109,28 @@ Flags:
 Use "upctl [command] --help" for more information about a command.
 ```
 
-## Features
+The client must be configured using a config file. The following locations are searched for it:
+- `$(pwd)/upctl.hcl`
+- `~/.config/upctl/upctl.hcl`
+
+Sample config file for a client:
+```
+endpoint = "http://localhost:8080/api/v1"
+apikey = "970b391f22f515d96b3e9b86a2c62c627968828e47b356994d2e583188b4190a"
+```
+
 
-- RESTful API
-- Authentication and Authorization through bearer api token
-- multiple tenants supported (tenant == api context)
-- Each upload gets its own unique id
-- download uri is public, no api required, it is intended for end users
-- uploads may consist of one or multiple files
-- zipped automatically
-- uploads expire, either as soon as it gets downloaded or when a timer runs out
-- the command line client uses the api
-- configuration using HCL language
-- docker container build available
-- the server supports config by config file, environment variables or flags
-- restrictive defaults
 
 ## TODO
 
 - also serve a html upload page
 - add metrics (as in https://github.com/ansrivas/fiberprometheus)
-- add authorization checks for delete and list based on apicontext
 - do not manually generate output urls, use fiber.GetRoute()
-- import code from upd into upctl to avoid duplicates, like the time stuff we've now
 - upd: https://docs.gofiber.io/guide/error-handling/ to always use json output
 - upctl: get rid of HandleResponse(), used only once anyway
 - add form so that public users can upload
-- add support for custom front page
+
+
 
 ## BUGS