Add credentials dynamically

processone / eturnal

STUN / TURN standalone server

https://eturnal.net

Apache License 2.0

225 stars 22 forks source link

Add credentials dynamically #72

Open docjojo opened 1 month ago

docjojo commented 1 month ago

Hello,

is it possible to dynamically add credentials or read credentials from an external file?

I see that credentials are set in eturnal.yml like

credentials:
  alice: l0vesBob
  bob: l0vesAlice
  eve: stalksTh3m

but I would like to dynamically add credentials without touching the eturnal.yml file.

Any idea?

licaon-kter commented 1 month ago

reloading (not restart) the config does not help?

docjojo commented 1 month ago

sure but that would require to edit the file. i want to register new users and dynamically add user credentials.

licaon-kter commented 1 month ago

So you're editing all sorts of files, running all sorts of commands.... but you don't want to run eturnal reload_config for some reason?

docjojo commented 1 month ago

that's not the point. i do not want to manually edit the eturnal.yml and add credentials. i need some automated function.

i could move the credentials to end of eturnal.yml and then append the file with additional credentials. but i was looking for a more convenient solution.

weiss commented 1 month ago

I saw this issue coming when we added support for static credentials, mainly with the intention to allow for quick tests :smiley:

I wouldn't be keen on adding support for a full-blown DB, but a simple text file sounds okay to me (any suggestion on the exact format?).

docjojo commented 1 month ago

Hello Holger, could be the same format as eturnal.yml and would just include a credential section.

credentials:
  alice: l0vesBob
  bob: l0vesAlice
  eve: stalksTh3m

I would remove credentials from the eturnal.yml so that the two .yml could be merged.

could be a parameter for reload

eturnalctl reload credentials.yml

but that would not be loaded on start/restart so it should probably just be a file in /etc to be included if it exists, such as eturnal.credentials.yml

weiss commented 3 weeks ago

Just to give a short feedback, I'd like to either:

Add generic support for including YAML config snippets into the main config file (include /etc/eturnal.d/*.yml), not just for credentials specifically. Or
Stick to some simple credentials.txt format, just username:password lines or whatever.

I'm still thinking about this.

docjojo commented 3 weeks ago

would require some sort of duplicate check, in case a section already exists in the default config.
would probably be easier to implent as it only requires to read the user:pwd like being served in the credentials section.

docjojo commented 2 weeks ago

I do not want to open a new issues for this question, therefore here:

Is there a way to measure and limit bandwidth for a certain user?