Refactor server config: single --config flag replaces --secrets/--mail-perms

- New server/config.mjs loads config.json, resolves secrets path relative to config dir, returns users/smtp/mail_perms_path/bind/port - server/secrets.mjs removed (logic absorbed into config.mjs) - smtp moves from secrets.json to config.json - secrets.json now contains only users (pure credentials) - config.example.json added as reference template - .gitignore/.npmignore updated to cover config.json and mail-perms.json - README updated with new setup and flags Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-17 23:16:30 +00:00
parent d06e11197a
commit ba8c0701f8
8 changed files with 113 additions and 50 deletions
--- a/server/index.mjs
+++ b/server/index.mjs
@@ -1,7 +1,7 @@
 import express from 'express';
 import { actions } from './actions.mjs';
 import { enqueue, get_entry, list_pending, resolve } from './queue.mjs';
-import { load_secrets } from './secrets.mjs';
+import { load_config } from './config.mjs';
 import { create_auth_middleware, check_can_approve } from './auth.mjs';
 import { create_mailer } from './mailer.mjs';
 import { exec as real_exec } from './helpers.mjs';
@@ -16,22 +16,22 @@ function ts() {
 	return new Date().toLocaleTimeString();
 }

-const PORT     = process.env.CONDUIT_PORT || 3015;
-const BIND     = get_arg(process.argv, '--bind') || process.env.CONDUIT_BIND || '127.0.0.1';
 const VERBOSE  = process.argv.includes('--verbose');
 const DRY_RUN  = process.argv.includes('--dry-run');

-const secrets_path    = get_arg(process.argv, '--secrets');
-const mail_perms_path = get_arg(process.argv, '--mail-perms') || process.env.CONDUIT_MAIL_PERMS || null;
+const config_path = get_arg(process.argv, '--config') || process.env.CONDUIT_CONFIG;

-let secrets;
+let cfg;
 try {
-	secrets = load_secrets(secrets_path);
+	cfg = load_config(config_path);
 } catch (err) {
 	console.error(`Fatal: ${err.message}`);
 	process.exit(1);
 }
-const { users, smtp } = secrets;
+
+const { users, smtp, mail_perms_path } = cfg;
+const PORT  = process.env.CONDUIT_PORT || cfg.port  || 3015;
+const BIND  = process.env.CONDUIT_BIND || cfg.bind  || '127.0.0.1';

 let mail_perm_store;
 try {
@@ -42,7 +42,7 @@ try {
 }

 if (!mail_perms_path) {
-	console.warn('Warning: --mail-perms not set; mail permissions will not persist across restarts');
+	console.warn('Warning: mail_perms not set in config; mail permissions will not persist across restarts');
 }

 const real_mailer_send = create_mailer(smtp);