ae39f24 node: Support systemd credential for secret — heartwood

Radicle Heartwood Protocol & Stack

node: Support systemd credential for secret

Lorenz Leutgeb committed 7 months ago

commit ae39f24b5882c280c5c9608ddab43722c36ddcdb
parent 0c513e981f729d11dc7d3b46cf70377f4c972204

2 files changed +21 -2

modified CHANGELOG.md

@@ -15,6 +15,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 - `rad issue` now uses `clap` to parse its command-line arguments.
    This affects error reporting as well as help output.
 - `radicle-node` now supports systemd Credentials (refer to
   <https://systemd.io/CREDENTIALS> for more information) to load
   the secret key, in addition to the commandline argument
   `--secret` (higher priority than the credential) and the
   configuration file (lower priority than the credential).
   The identifier of the credential is "xyz.radicle.node.secret".
 ## Fixed Bugs

modified crates/radicle-node/src/main.rs

@@ -237,8 +237,21 @@ fn execute(options: Options) -> Result<(), ExecutionError> {

     let passphrase = profile::env::passphrase();
     let secret_path = options
         .secret
     let secret_path = options.secret;
     #[cfg(all(feature = "systemd", target_os = "linux"))]
     let secret_path = secret_path.or_else(|| {
         const ID: &str = "xyz.radicle.node.secret";
         match radicle_systemd::credential::path(ID) {
             Err(err) => {
                 log::warn!(target: "node", "Failed to obtain path of the secret key via systemd credential with ID '{ID}': {err}");
                 None
             },
             Ok(path) => path
         }
     });
     let secret_path = secret_path
         .or_else(|| config.node.secret.clone())
         .unwrap_or_else(|| home.keys().join("radicle"));