serve.zone/onebox
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

feat: add secret settings manager and migration for legacy settings

Browse Source 
- Implemented SecretSettingsManager to handle secret settings with encryption.
- Added functionality to migrate legacy plaintext settings into encrypted storage.
- Introduced methods for setting, getting, and clearing secret settings.
- Created tests for verifying the migration and canonicalization of secret settings.
- Updated app state to handle service updates via socket communication.
- Added interface for push service updates to manage service state changes.
This commit is contained in:
Jürgen Kunz
2026-04-19 01:47:06 +00:00
parent 618d4d674f
commit 061ce7c3f2
17 changed files with 413 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ts/classes/backup-manager.ts
+5 -6
View File
@@ -65,7 +65,7 @@ export class BackupManager {
*/
async init(): Promise<void> {
const repoPath = this.getArchiveRepoPath();
const passphrase = this.getBackupPassword() || undefined;
const passphrase = await this.getBackupPassword() || undefined;
try {
// Try to open existing repo
@@ -503,7 +503,7 @@ export class BackupManager {
await Deno.remove(tempDir, { recursive: true });
// Encrypt for transport
const password = this.getBackupPassword();
const password = await this.getBackupPassword();
if (password) {
const encPath = `${tarPath}.enc`;
await this.encryptFile(tarPath, encPath, password);
@@ -526,9 +526,8 @@ export class BackupManager {
/**
* Get backup password from settings
*/
private getBackupPassword(): string | null {
return this.oneboxRef.database.getSetting('backup_encryption_password')
|| this.oneboxRef.database.getSetting('backupPassword');
private async getBackupPassword(): Promise<string | null> {
return await this.oneboxRef.database.getSecretSetting('backupPassword');
}
/**
@@ -551,7 +550,7 @@ export class BackupManager {
* Restore from a legacy .tar.enc file
*/
private async restoreLegacyBackup(backupPath: string, options: IRestoreOptions): Promise<IRestoreResult> {
const backupPassword = this.getBackupPassword();
const backupPassword = await this.getBackupPassword();
if (!backupPassword) {
throw new Error('Backup password not configured.');
}