scottk/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-03-22 11:41:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
4d84e1f12ee847bb440d40ff6bbc4c577f2fc607
firezone/elixir/config/runtime.exs
Jamil 3316d9098a fix(android): Fix auth flow and callback thread safety, and pass fd through FFI (#1930) 
* Refactor sharedPreferences to only save the AccountId
* Update TeamId -> AccountId to match naming elsewhere
* Update JWT -> Token to avoid confusion; this token is **not** a valid
JWT and should be treated as an opaque token
* Update FFI `connect` to accept an optional file descriptor (int32) as
a first argument. This seemed to be the most straightforward way to pass
it to the tunnel stack. Retrieving it via callback is another option,
but retrieving return vars with the `jni` was more complex. We could
have used a similar approach that we did in the Apple client
(enumerating all fd's in the `new()` function until we found ours) but
this approach is [explicitly
documented/recommended](https://developer.android.com/reference/android/net/VpnService.Builder#establish())
by the Android docs so I figured it's not likely to break.

Additionally, there was a thread safety bug in the recent JNI callback
implementation that consistently crashed the VM with `JNI DETECTED ERROR
IN APPLICATION: use of invalid jobject...`. The fix was to use
`GlobalRef` which has the explicit purpose of outliving the `JNIEnv`
lifetime so that no `static` lifetimes need to be used.

---------

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Pratik Velani <pratikvelani@gmail.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
2023-08-23 14:13:55 -07:00

145 lines
4.6 KiB
Elixir
Raw Blame History

import Config
if config_env() == :prod do
import Domain.Config, only: [compile_config!: 1]
###############################
##### Domain ##################
###############################
config :domain, Domain.Repo,
database: compile_config!(:database_name),
username: compile_config!(:database_user),
hostname: compile_config!(:database_host),
port: compile_config!(:database_port),
password: compile_config!(:database_password),
pool_size: compile_config!(:database_pool_size),
ssl: compile_config!(:database_ssl_enabled),
ssl_opts: compile_config!(:database_ssl_opts),
parameters: compile_config!(:database_parameters),
show_sensitive_data_on_connection_error: false
external_url = compile_config!(:external_url)
%{
scheme: external_url_scheme,
host: external_url_host,
port: external_url_port,
path: external_url_path
} = URI.parse(external_url)
config :domain, Domain.Devices, upstream_dns: compile_config!(:devices_upstream_dns)
config :domain, Domain.Gateways,
gateway_ipv4_masquerade: compile_config!(:gateway_ipv4_masquerade),
gateway_ipv6_masquerade: compile_config!(:gateway_ipv6_masquerade),
key_base: compile_config!(:gateways_auth_token_key_base),
salt: compile_config!(:gateways_auth_token_salt)
config :domain, Domain.Relays,
key_base: compile_config!(:relays_auth_token_key_base),
salt: compile_config!(:relays_auth_token_salt)
config :domain, Domain.Telemetry,
enabled: compile_config!(:telemetry_enabled),
id: compile_config!(:telemetry_id)
config :domain, Domain.Auth,
key_base: compile_config!(:auth_token_key_base),
salt: compile_config!(:auth_token_salt)
config :domain, Domain.Auth.Adapters.GoogleWorkspace.APIClient,
finch_transport_opts: compile_config!(:http_client_ssl_opts)
###############################
##### Web #####################
###############################
config :web, Web.Endpoint,
http: [
ip: compile_config!(:phoenix_listen_address).address,
port: compile_config!(:phoenix_http_web_port),
protocol_options: compile_config!(:phoenix_http_protocol_options)
],
url: [
scheme: external_url_scheme,
host: external_url_host,
port: external_url_port,
path: external_url_path
],
secret_key_base: compile_config!(:secret_key_base),
live_view: [
signing_salt: compile_config!(:live_view_signing_salt)
]
config :web,
external_trusted_proxies: compile_config!(:phoenix_external_trusted_proxies),
private_clients: compile_config!(:phoenix_private_clients)
config :web,
cookie_secure: compile_config!(:phoenix_secure_cookies),
cookie_signing_salt: compile_config!(:cookie_signing_salt),
cookie_encryption_salt: compile_config!(:cookie_encryption_salt)
###############################
##### API #####################
###############################
config :api, API.Endpoint,
http: [
ip: compile_config!(:phoenix_listen_address).address,
port: compile_config!(:phoenix_http_api_port),
protocol_options: compile_config!(:phoenix_http_protocol_options)
],
url: [
scheme: external_url_scheme,
host: external_url_host,
port: external_url_port,
path: external_url_path
],
secret_key_base: compile_config!(:secret_key_base)
config :api,
cookie_secure: compile_config!(:phoenix_secure_cookies),
cookie_signing_salt: compile_config!(:cookie_signing_salt),
cookie_encryption_salt: compile_config!(:cookie_encryption_salt)
config :api,
external_trusted_proxies: compile_config!(:phoenix_external_trusted_proxies),
private_clients: compile_config!(:phoenix_private_clients)
###############################
##### Erlang Cluster ##########
###############################
config :domain, Domain.Cluster,
adapter: compile_config!(:erlang_cluster_adapter),
adapter_config: compile_config!(:erlang_cluster_adapter_config)
###############################
##### Third-party configs #####
###############################
if System.get_env("OTLP_ENDPOINT") do
config :opentelemetry,
traces_exporter: :otlp
config :opentelemetry_exporter,
otlp_protocol: :http_protobuf,
otlp_endpoint: System.get_env("OTLP_ENDPOINT")
end
config :domain,
http_client_ssl_opts: compile_config!(:http_client_ssl_opts)
config :openid_connect,
finch_transport_opts: compile_config!(:http_client_ssl_opts)
config :web,
Web.Mailer,
[
adapter: compile_config!(:outbound_email_adapter),
from_email: compile_config!(:outbound_email_from)
] ++ compile_config!(:outbound_email_adapter_opts)
end
Reference in New Issue View Git Blame Copy Permalink