tweak config format (#133)

* switch from json to toml. I think this will be more user-friendly. It allows comments and has less punctuation. Fewer surprises than yaml (which has e.g. the "Norway problem"). I might have stayed with JSON if I could see a good serde json library that allows comments, but hson is unmaintained and serde-json strictly follows the spec. * switch from camelCase to snake_case. Seems more idiomatic for TOML and matches the Rust source. * forbid unknown keys. Better to spot errors sooner. * rename "trust_forward_hdrs" to "trust_forward_headers". Nothing else is abbreviated.
2025-11-07 12:52:58 -05:00 · 2022-03-16 12:28:08 -07:00
parent de28f6eed3
commit 892427592e
8 changed files with 57 additions and 59 deletions
--- a/server/Cargo.lock
+++ b/server/Cargo.lock
@@ -1138,6 +1138,7 @@ dependencies = [
 "tokio",
 "tokio-stream",
 "tokio-tungstenite",
+ "toml",
 "tracing",
 "url",
 "uuid",
@@ -2118,6 +2119,15 @@ dependencies = [
 "tokio",
 ]

+[[package]]
+name = "toml"
+version = "0.5.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a31142970826733df8241ef35dc040ef98c679ab14d7c3e54d827099b3acecaa"
+dependencies = [
+ "serde",
+]
+
 [[package]]
 name = "tower-service"
 version = "0.3.1"
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -60,6 +60,7 @@ time = "0.1"
 tokio = { version = "1.0", features = ["macros", "parking_lot", "rt-multi-thread", "signal", "sync", "time"] }
 tokio-stream = "0.1.5"
 tokio-tungstenite = "0.17.1"
+toml = "0.5"
 tracing = { version = "0.1", features = ["log"] }
 url = "2.1.1"
 uuid = { version = "0.8", features = ["serde", "std", "v4"] }
--- a/server/src/cmds/run/config.rs
+++ b/server/src/cmds/run/config.rs
@@ -2,7 +2,7 @@
 // Copyright (C) 2022 The Moonfire NVR Authors; see AUTHORS and LICENSE.txt.
 // SPDX-License-Identifier: GPL-v3.0-or-later WITH GPL-3.0-linking-exception.

-//! Runtime configuration file (`/etc/moonfire-nvr.conf`).
+//! Runtime configuration file (`/etc/moonfire-nvr.toml`).

 use std::path::PathBuf;

@@ -18,7 +18,7 @@ fn default_ui_dir() -> PathBuf {

 /// Top-level configuration file object.
 #[derive(Debug, Deserialize)]
-#[serde(rename_all = "camelCase")]
+#[serde(deny_unknown_fields)]
 pub struct ConfigFile {
    pub binds: Vec<BindConfig>,

@@ -46,7 +46,7 @@ pub struct ConfigFile {

 /// Per-bind configuration.
 #[derive(Debug, Deserialize)]
-#[serde(rename_all = "camelCase")]
+#[serde(deny_unknown_fields)]
 pub struct BindConfig {
    /// The address to bind to.
    #[serde(flatten)]
@@ -66,7 +66,7 @@ pub struct BindConfig {
    /// and that no untrusted requests bypass the proxy server. You may want to
    /// specify a localhost bind address.
    #[serde(default)]
-    pub trust_forward_hdrs: bool,
+    pub trust_forward_headers: bool,

    /// On Unix-domain sockets, treat clients with the Moonfire NVR server's own
    /// effective UID as privileged.
@@ -75,7 +75,8 @@ pub struct BindConfig {
 }

 #[derive(Debug, Deserialize)]
-#[serde(rename_all = "camelCase")]
+#[serde(rename_all = "lowercase")]
+#[serde(deny_unknown_fields)]
 pub enum AddressConfig {
    /// IPv4 address such as `0.0.0.0:8080` or `127.0.0.1:8080`.
    Ipv4(std::net::SocketAddrV4),
@@ -91,7 +92,7 @@ pub enum AddressConfig {

 /// JSON analog of `Permissions` defined in `db/proto/schema.proto`.
 #[derive(Debug, Default, Deserialize)]
-#[serde(rename_all = "camelCase")]
+#[serde(deny_unknown_fields)]
 pub struct Permissions {
    view_video: bool,
    read_camera_configs: bool,
--- a/server/src/cmds/run/mod.rs
+++ b/server/src/cmds/run/mod.rs
@@ -27,13 +27,13 @@ mod config;

 #[derive(StructOpt)]
 pub struct Args {
-    #[structopt(short, long, default_value = "/etc/moonfire-nvr.json")]
+    #[structopt(short, long, default_value = "/etc/moonfire-nvr.toml")]
    config: PathBuf,

    /// Open the database in read-only mode and disables recording.
    ///
    /// Note this is incompatible with session authentication; consider adding
-    /// a bind with `allowUnauthenticatedPermissions` your config.
+    /// a bind with `allow_unauthenticated_permissions` to your config.
    #[structopt(long)]
    read_only: bool,
 }
@@ -129,7 +129,7 @@ struct Syncer {

 fn read_config(path: &Path) -> Result<ConfigFile, Error> {
    let config = std::fs::read(path)?;
-    let config = serde_json::from_slice(&config)?;
+    let config = toml::from_slice(&config)?;
    Ok(config)
 }

@@ -370,7 +370,7 @@ async fn inner(
                    .allow_unauthenticated_permissions
                    .as_ref()
                    .map(Permissions::as_proto),
-                trust_forward_hdrs: b.trust_forward_hdrs,
+                trust_forward_hdrs: b.trust_forward_headers,
                time_zone_name: time_zone_name.clone(),
                privileged_unix_uid: b.own_uid_is_privileged.then(|| own_euid),
            })?);