Config: Mandatory hmac key (#3955)

2025-10-31 04:32:02 +00:00 · 2023-07-01 21:33:45 +02:00
parent 75c4c0b349 e2a6f5ddf2
commit 9060cc4e53
3 changed files with 19 additions and 4 deletions
--- a/config/config.example.yml
+++ b/config/config.example.yml
@@ -455,13 +455,17 @@ jobs:
 #use_pubsub_feeds: false

 ##
-## HMAC signing key used for CSRF tokens and pubsub
+## HMAC signing key used for CSRF tokens, cookies and pubsub
 ## subscriptions verification.
 ##
+## Note: This parameter is mandatory and should be a random string.
+## Such random string can be generated on linux with the following
+## command: `pwdgen 20 1`
+##
 ## Accepted values: a string
 ## Default: <none>
 ##
-#hmac_key:
+hmac_key: "CHANGE_ME!!"

 ##
 ## List of video IDs where the "download" widget must be
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -30,6 +30,7 @@ services:
        # domain:
        # https_only: false
        # statistics_enabled: false
+        hmac_key: "CHANGE_ME!!"
    healthcheck:
      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
      interval: 30s
--- a/src/invidious/config.cr
+++ b/src/invidious/config.cr
@@ -85,7 +85,7 @@ class Config
  # Used to tell Invidious it is behind a proxy, so links to resources should be https://
  property https_only : Bool?
  # HMAC signing key for CSRF tokens and verifying pubsub subscriptions
-  property hmac_key : String?
+  property hmac_key : String = ""
  # Domain to be used for links to resources on the site where an absolute URL is required
  property domain : String?
  # Subscribe to channels using PubSubHubbub (requires domain, hmac_key)
@@ -204,6 +204,16 @@ class Config
        end
    {% end %}

+    # HMAC_key is mandatory
+    # See: https://github.com/iv-org/invidious/issues/3854
+    if config.hmac_key.empty?
+      puts "Config: 'hmac_key' is required/can't be empty"
+      exit(1)
+    elsif config.hmac_key == "CHANGE_ME!!"
+      puts "Config: The value of 'hmac_key' needs to be changed!!"
+      exit(1)
+    end
+
    # Build database_url from db.* if it's not set directly
    if config.database_url.to_s.empty?
      if db = config.db
@@ -216,7 +226,7 @@ class Config
          path: db.dbname,
        )
      else
-        puts "Config : Either database_url or db.* is required"
+        puts "Config: Either database_url or db.* is required"
        exit(1)
      end
    end