ondra/ironmount
1
1
Fork 0
mirror of https://github.com/nicotsx/ironmount.git synced 2025-12-10 12:10:51 +01:00
Code Issues Packages Projects Releases 1 Wiki Activity

feat: implement encryption for sensitive fields in volume backends

Browse Source
This commit is contained in:
Jakub Trávník
2025-12-04 00:04:26 +01:00
committed by Nicolas Meienberger
parent da8e9c4ada
commit 2df1fa53a0
4 changed files with 40 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/server/modules/backends/webdav/webdav-backend.ts
View File

@@ -3,6 +3,7 @@ import * as fs from "node:fs/promises";
import * as os from "node:os";
import { promisify } from "node:util";
import { OPERATION_TIMEOUT } from "../../../core/constants";
import { cryptoUtils } from "../../../utils/crypto";
import { toMessage } from "../../../utils/errors";
import { logger } from "../../../utils/logger";
import { getMountForPath } from "../../../utils/mountinfo";
@@ -49,8 +50,9 @@ const mount = async (config: BackendConfig, path: string) => {
: ["uid=1000", "gid=1000", "file_mode=0664", "dir_mode=0775"];
if (config.username && config.password) {
const password = await cryptoUtils.decrypt(config.password);
const secretsFile = "/etc/davfs2/secrets";
const secretsContent = `${source} ${config.username} ${config.password}\n`;
const secretsContent = `${source} ${config.username} ${password}\n`;
await fs.appendFile(secretsFile, secretsContent, { mode: 0o600 });
}