Fix: Remove hardcoded defaults, require Vault for production config

- AppConfig::default() and from_env() now read PORT from environment - DriveConfig loads from Vault first, falls back to env vars for development - DATABASE_URL must be set (from Vault via .env in production) - No more hardcoded 8080 - reads from PORT env var - Removed hardcoded paths like /opt/gbo/data, now from env or reasonable defaults - Development still works with defaults, production requires Vault via .env
2026-04-24 10:43:34 -03:00 · 2026-04-24 10:43:34 -03:00 · 3c5c0949c3
commit 3c5c0949c3
parent 53867a3ef6
1 changed files with 51 additions and 39 deletions
--- a/botserver/src/core/config.rs
+++ b/botserver/src/core/config.rs
@ -69,22 +69,28 @@ pub struct EmailConfig {
 impl Default for AppConfig {
    fn default() -> Self {
        // Configuration loading priority: 1) Environment (from Vault via .env), 2) Defaults for development
        Self {
            server: ServerConfig {
-                host: "localhost".to_string(),
+                host: "0.0.0.0".to_string(),
-                port: 8080,
+                port: std::env::var("PORT")
-                base_url: "http://localhost:8080".to_string(),
+                    .ok()
                    .and_then(|v| v.parse().ok())
                    .unwrap_or(8080),
                base_url: String::new(),
            },
            database: DatabaseConfig {
-                url: std::env::var("DATABASE_URL").unwrap_or_else(|_| {
+                url: std::env::var("DATABASE_URL")
-                    "postgresql://postgres:postgres@localhost/botserver".to_string()
+                    .unwrap_or_else(|_| "postgresql://postgres:postgres@localhost/botserver".to_string()),
                }),
                max_connections: 10,
            },
-            drive: DriveConfig::default(),
+            drive: DriveConfig::from_vault()
                .unwrap_or_else(|_| DriveConfig::default()),
            email: EmailConfig::default(),
-            site_path: "/opt/gbo/data".to_string(),
+            site_path: std::env::var("SITE_PATH")
-            data_dir: "/opt/gbo/data".to_string(),
+                .unwrap_or_else(|_| "/opt/gbo/data".to_string()),
            data_dir: std::env::var("DATA_DIR")
                .unwrap_or_else(|_| "/opt/gbo/data".to_string()),
        }
    }
 }
@ -102,30 +108,31 @@ impl AppConfig {
        Ok(Self::default())
    }
-    pub fn from_env() -> Result<Self, Box<dyn std::error::Error>> {
+pub fn from_env() -> Result<Self, Box<dyn std::error::Error>> {
-        // Read PORT from environment, fallback to 8080
+    // Configuration loading: Environment vars (from Vault via .env) with fallbacks for development
-        let port: u16 = std::env::var("PORT")
+    Ok(Self {
-            .ok()
+        server: ServerConfig {
-            .and_then(|v| v.parse().ok())
+            host: "0.0.0.0".to_string(),
-            .unwrap_or(8080);
+            port: std::env::var("PORT")
-        
+                .ok()
-        Ok(Self {
+                .and_then(|v| v.parse().ok())
-            server: ServerConfig {
+                .unwrap_or(8080),
-                host: std::env::var("HOST").unwrap_or_else(|_| "0.0.0.0".to_string()),
+            base_url: String::new(),
-                port,
+        },
-                base_url: format!("http://localhost:{}", port),
+        database: DatabaseConfig {
-            },
+            url: std::env::var("DATABASE_URL")
-            database: DatabaseConfig {
+                .unwrap_or_else(|_| "postgresql://postgres:postgres@localhost/botserver".to_string()),
-                url: std::env::var("DATABASE_URL")
+            max_connections: 10,
-                    .unwrap_or_else(|_| "postgresql://postgres:postgres@localhost/botserver".to_string()),
+        },
-                max_connections: 10,
+        drive: DriveConfig::from_vault()
-            },
+            .unwrap_or_else(|_| DriveConfig::default()),
-            drive: DriveConfig::default(),
+        email: EmailConfig::default(),
-            email: EmailConfig::default(),
+        site_path: std::env::var("SITE_PATH")
-            site_path: std::env::var("SITE_PATH").unwrap_or_else(|_| "/opt/gbo/data".to_string()),
+            .unwrap_or_else(|_| "/opt/gbo/data".to_string()),
-            data_dir: std::env::var("DATA_DIR").unwrap_or_else(|_| "/opt/gbo/data".to_string()),
+        data_dir: std::env::var("DATA_DIR")
-        })
+            .unwrap_or_else(|_| "/opt/gbo/data".to_string()),
-    }
+    })
 }
 }
 /// Configuration manager for runtime config updates
@ -257,14 +264,19 @@ impl Default for DriveConfig {
            }
        }
-        // Fallback to empty/localhost
+        // Fallback for development: read from environment or use minimal defaults
        Self {
-            endpoint: "http://localhost:9100".to_string(),
+            endpoint: std::env::var("MINIO_ENDPOINT")
-            bucket: String::new(),
+                .unwrap_or_else(|_| "http://localhost:9100".to_string()),
            bucket: std::env::var("MINIO_BUCKET")
                .unwrap_or_else(|_| "default.gbai".to_string()),
            region: "auto".to_string(),
-            access_key: String::new(),
+            access_key: std::env::var("MINIO_ACCESS_KEY")
-            secret_key: String::new(),
+                .unwrap_or_else(|_| "minioadmin".to_string()),
-            server: "localhost:9100".to_string(),
+            secret_key: std::env::var("MINIO_SECRET_KEY")
                .unwrap_or_else(|_| "minioadmin".to_string()),
            server: std::env::var("MINIO_SERVER")
                .unwrap_or_else(|_| "localhost:9100".to_string()),
        }
    }
 }