fix(env): Retro-compatible precedence order for variables with defaults set in Dockerfile

- `BLOCK_NSA` has precedence over `BLOCK_SURVEILLANCE` - `HEALTH_OPENVPN_DURATION_ADDITION` has precedence over `HEALTH_VPN_DURATION_ADDITION` - `HEALTH_OPENVPN_DURATION_INITIAL` has precendence over `HEALTH_VPN_DURATION_INITIAL` - Chain of precedence: `PROXY` > `TINYPROXY` > `HTTPPROXY` - Chain of precedence: `PROXY_LOG_LEVEL` > `TINYPROXY_LOG` > `HTTPPROXY_LOG` - `PROTOCOL` has precendence over `OPENVPN_PROTOCOL` - `IP_STATUS_FILE` has precendence over `PUBLICIP_FILE` - `SHADOWSOCKS_PORT` has precedence over `SHADOWSOCKS_LISTENING_ADDRESS` - `SHADOWSOCKS_METHOD` has precedence over `SHADOWSOCKS_CIPHER`
2022-01-29 14:54:47 +00:00
parent fd23f1a29b
commit e7e4cfca4c
6 changed files with 43 additions and 47 deletions
--- a/internal/configuration/sources/env/dnsblacklist.go
+++ b/internal/configuration/sources/env/dnsblacklist.go
@@ -36,21 +36,22 @@ func (r *Reader) readDNSBlacklist() (blacklist settings.DNSBlacklist, err error)
 }

 func (r *Reader) readBlockSurveillance() (blocked *bool, err error) {
-	blocked, err = envToBoolPtr("BLOCK_SURVEILLANCE")
-	if err != nil {
-		return nil, fmt.Errorf("environment variable BLOCK_SURVEILLANCE: %w", err)
-	} else if blocked != nil {
-		return blocked, nil
-	}
-
 	blocked, err = envToBoolPtr("BLOCK_NSA")
 	if err != nil {
+		r.onRetroActive("BLOCK_NSA", "BLOCK_SURVEILLANCE")
 		return nil, fmt.Errorf("environment variable BLOCK_NSA: %w", err)
 	} else if blocked != nil {
 		r.onRetroActive("BLOCK_NSA", "BLOCK_SURVEILLANCE")
 		return blocked, nil
 	}

+	blocked, err = envToBoolPtr("BLOCK_SURVEILLANCE")
+	if err != nil {
+		return nil, fmt.Errorf("environment variable BLOCK_SURVEILLANCE: %w", err)
+	}
+		return blocked, nil
+	}
+
 	return nil, nil //nolint:nilnil
 }

--- a/internal/configuration/sources/env/health.go
+++ b/internal/configuration/sources/env/health.go
@@ -30,12 +30,13 @@ func (r *Reader) ReadHealth() (health settings.Health, err error) {
 }

 func (r *Reader) readDurationWithRetro(envKey, retroEnvKey string) (d *time.Duration, err error) {
-	s := os.Getenv(envKey)
+	s := os.Getenv(retroEnvKey)
 	if s == "" {
-		s = os.Getenv(retroEnvKey)
+		s = os.Getenv(envKey)
 		if s == "" {
 			return nil, nil //nolint:nilnil
 		}
+	} else {
 		r.onRetroActive(envKey, retroEnvKey)
 		envKey = retroEnvKey
 	}
--- a/internal/configuration/sources/env/httproxy.go
+++ b/internal/configuration/sources/env/httproxy.go
@@ -93,12 +93,14 @@ func (r *Reader) readHTTProxyListeningAddress() (listeningAddress string) {
 }

 func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) {
-	s := strings.ToLower(os.Getenv("HTTPPROXY"))
+	// Retro-compatibility
+	s := strings.ToLower(os.Getenv("PROXY"))
 	if s != "" {
+		r.onRetroActive("PROXY", "HTTPPROXY")
 		enabled = new(bool)
 		*enabled, err = binary.Validate(s)
 		if err != nil {
-			return nil, fmt.Errorf("environment variable HTTPPROXY: %w", err)
+			return nil, fmt.Errorf("environment variable PROXY: %w", err)
 		}
 		return enabled, nil
 	}
@@ -115,14 +117,12 @@ func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) {
 		return enabled, nil
 	}

-	// Retro-compatibility
-	s = strings.ToLower(os.Getenv("PROXY"))
+	s = strings.ToLower(os.Getenv("HTTPPROXY"))
 	if s != "" {
-		r.onRetroActive("PROXY", "HTTPPROXY")
 		enabled = new(bool)
 		*enabled, err = binary.Validate(s)
 		if err != nil {
-			return nil, fmt.Errorf("environment variable PROXY: %w", err)
+			return nil, fmt.Errorf("environment variable HTTPPROXY: %w", err)
 		}
 		return enabled, nil
 	}
@@ -131,18 +131,20 @@ func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) {
 }

 func (r *Reader) readHTTProxyLog() (enabled *bool, err error) {
-	s := strings.ToLower(os.Getenv("HTTPPROXY_LOG"))
+	// Retro-compatibility
+	retroOption := binary.OptionEnabled("on", "info", "connect", "notice")
+	s := strings.ToLower(os.Getenv("PROXY_LOG_LEVEL"))
 	if s != "" {
+		r.onRetroActive("PROXY_LOG_LEVEL", "HTTPPROXY_LOG")
 		enabled = new(bool)
-		*enabled, err = binary.Validate(s)
+		*enabled, err = binary.Validate(s, retroOption)
 		if err != nil {
-			return nil, fmt.Errorf("environment variable HTTPPROXY_LOG: %w", err)
+			return nil, fmt.Errorf("environment variable PROXY_LOG_LEVEL: %w", err)
 		}
 		return enabled, nil
 	}

 	// Retro-compatibility
-	retroOption := binary.OptionEnabled("on", "info", "connect", "notice")
 	s = strings.ToLower(os.Getenv("TINYPROXY_LOG"))
 	if s != "" {
 		r.onRetroActive("TINYPROXY_LOG", "HTTPPROXY_LOG")
@@ -154,14 +156,12 @@ func (r *Reader) readHTTProxyLog() (enabled *bool, err error) {
 		return enabled, nil
 	}

-	// Retro-compatibility
-	s = strings.ToLower(os.Getenv("PROXY_LOG_LEVEL"))
+	s = strings.ToLower(os.Getenv("HTTPPROXY_LOG"))
 	if s != "" {
-		r.onRetroActive("PROXY_LOG_LEVEL", "HTTPPROXY_LOG")
 		enabled = new(bool)
-		*enabled, err = binary.Validate(s, retroOption)
+		*enabled, err = binary.Validate(s)
 		if err != nil {
-			return nil, fmt.Errorf("environment variable PROXY_LOG_LEVEL: %w", err)
+			return nil, fmt.Errorf("environment variable HTTPPROXY_LOG: %w", err)
 		}
 		return enabled, nil
 	}
--- a/internal/configuration/sources/env/openvpnselection.go
+++ b/internal/configuration/sources/env/openvpnselection.go
@@ -36,16 +36,17 @@ func (r *Reader) readOpenVPNSelection() (
 var ErrOpenVPNProtocolNotValid = errors.New("OpenVPN protocol is not valid")

 func (r *Reader) readOpenVPNProtocol() (tcp *bool, err error) {
-	envKey := "OPENVPN_PROTOCOL"
-	protocol := strings.ToLower(os.Getenv("OPENVPN_PROTOCOL"))
-	if protocol == "" {
 		// Retro-compatibility
-		protocol = strings.ToLower(os.Getenv("PROTOCOL"))
+	envKey := "PROTOCOL"
+	protocol := strings.ToLower(os.Getenv("PROTOCOL"))
+	if protocol == "" {
+		protocol = strings.ToLower(os.Getenv("OPENVPN_PROTOCOL"))
 		if protocol != "" {
-			envKey = "PROTOCOL"
+			envKey = "OPENVPN_PROTOCOL"
+		}
+	} else {
 			r.onRetroActive("PROTOCOL", "OPENVPN_PROTOCOL")
 		}
-	}

 	switch protocol {
 	case "":
--- a/internal/configuration/sources/env/publicip.go
+++ b/internal/configuration/sources/env/publicip.go
@@ -35,17 +35,17 @@ func readPublicIPPeriod() (period *time.Duration, err error) {
 }

 func (r *Reader) readPublicIPFilepath() (filepath *string) {
-	s := os.Getenv("PUBLICIP_FILE")
-	if s != "" {
-		return &s
-	}
-
 	// Retro-compatibility
-	s = os.Getenv("IP_STATUS_FILE")
+	s := os.Getenv("IP_STATUS_FILE")
 	if s != "" {
 		r.onRetroActive("IP_STATUS_FILE", "PUBLICIP_FILE")
 		return &s
 	}

+	s = os.Getenv("PUBLICIP_FILE")
+	if s != "" {
+		return &s
+	}
+
 	return nil
 }
--- a/internal/configuration/sources/env/shadowsocks.go
+++ b/internal/configuration/sources/env/shadowsocks.go
@@ -25,11 +25,6 @@ func (r *Reader) readShadowsocks() (shadowsocks settings.Shadowsocks, err error)
 }

 func (r *Reader) readShadowsocksAddress() (address string) {
-	address = os.Getenv("SHADOWSOCKS_LISTENING_ADDRESS")
-	if address != "" {
-		return address
-	}
-
 	// Retro-compatibility
 	portString := os.Getenv("SHADOWSOCKS_PORT")
 	if portString != "" {
@@ -37,18 +32,16 @@ func (r *Reader) readShadowsocksAddress() (address string) {
 		return ":" + portString
 	}

-	return ""
+	return os.Getenv("SHADOWSOCKS_LISTENING_ADDRESS")
 }

 func (r *Reader) readShadowsocksCipher() (cipher string) {
-	cipher = os.Getenv("SHADOWSOCKS_CIPHER")
-	if cipher != "" {
-		return cipher
-	}
 	// Retro-compatibility
 	cipher = os.Getenv("SHADOWSOCKS_METHOD")
 	if cipher != "" {
 		r.onRetroActive("SHADOWSOCKS_METHOD", "SHADOWSOCKS_CIPHER")
-	}
 	return cipher
+	}
+
+	return os.Getenv("SHADOWSOCKS_CIPHER")
 }