Ability to set configuration through environment variables

[zodac]

Is there an existing issue for this?

• [X] I have searched the existing open and closed issues

Am I willing to test this? 🧪

• [X] I will do my best to test this feature on the netlertx-dev image when requested within 48h and report bugs to help deliver a great user experience for everyone and not to break existing installations.

Can I help implement this? 👩‍💻👨‍💻

• [ ] Yes
• [X] No

Is your feature request related to a problem? Please describe

It would be great if we could configure NetAlertX through environment variables. If I'm deploying a fresh install, having to reconfigure everything from the UI can be a bit of a pain.

Describe the solution you'd like

If an environment variable is set matching a value in app.conf (such as SCAN_SUBNETS or SMTP_RUN), it populates the application configuration on first start-up.

Describe alternatives you've considered

Configuring an app.conf file and passing that into the container is also an option, though the current one says not to update it, and might break on upgrades.

Anything else?

I didn't see any issues around this, so apologies if it's been brought up before. The UI does mention each parameter in the appropriate settings section, so perhaps it is meant to work already, and I haven't configured things correctly?

[jokob-sk]

Hey @zodac ,

Great idea, but I would need some help. This was discussed in this issue: https://github.com/jokob-sk/NetAlertX/issues/669#issuecomment-2105382077

Quote:

Number 3) I'm more then happy if you or someone helps me to achieve a universal way how to initialize any setting via an ENV variable. This has to be done dynamically as new settings are introduced constantly and maintaining the code otherwise would become unsustainable. This also means when users save the given settings in the UI it may be overridden again - so corresponding UI warnings should ideally be shown.

[zodac]

Hmm... I haven't gone through the code in depth, but is there a check for the initial run of the system? If not, that could be added, and the environment variables only applied the very first time. That would allow the UI updates to not be overridden on a restart?

I did see something in main.py for some variables being defaulted, like SCAN_SUBNETS. Could we do something like that for all values in app.conf, and only use default values where no environment variable is set?

[jokob-sk]

I did see something in main.py for some variables being defaulted, like SCAN_SUBNETS. Could we do something like that for all values in app.conf, and only use default values where no environment variable is set?

Sure, that's possible, but again, this has to be done dynamically - something like:

1. Check passed ENV variable touples/key value pairs
2. during init replace default values
3. if custom mvalues set in conf use those instead

Think about what the priority of those values should be, e.g.:

app.conf fvalue > env value > default value. Not sure, think about it :)

Here is probably the place where ENV variables should be checked: https://github.com/jokob-sk/NetAlertX/blob/f9b16081d69c6aa6ce0661d3011af6c85c952304/server/initialise.py#L31

[FlyingToto]

if I may jump in...

1. if you need help testing this feature, I can do that with my omada plugin since I have nice sample of different settings including strings, lists, checkboxes, etc...
2. I would suggest to rename the env variables at the OS layer NAX_$VARNAME so we don't have conflicts for instance NAX_TIMEZONE
3. It would be great opportunity to also review some of the default values that could be automated... for instance, the interface(s), netmask(s) and default gateway(s) can be extracted programmatically (or this could be a separate issue).
4. as you said you would allow different sources prioritzed, it would be nice-to-have if we could see on the config screen where this value was coming from (not critical since ultimately you can change it and overwrite but nice to have).
5. as an alternative to ENV, would it make sense to allow a 'NAX.conf' file listing all the variables/values... One advantage is that this could get extracted directly from a running instance config and loaded back (might require less coding)...

[jokob-sk]

@zodac @FlyingToto @sbe-arg I just pushed an experimental implementation of this. If you have time, please check the netalertx-dev image in about 15 min from now:

- APP_CONF_OVERRIDE={"SCAN_SUBNETS":"['192.168.1.0/24 --interface=eth1']","UI_dark_mode":"True"}

The JSON can't have spaces between key:value pairs.