feat: Customizable auth for DB and S3

TODO.md

@@ -16,12 +16,9 @@ A more complex version of this list is available [here](https://trello.com/b/kJw
 - [ ] Message context menus
 - [ ] Message Timestamps
 - [x] Markdown Support
-- [ ] More Secure database passwords
-  - [ ] Minio
-  - [ ] Cassandra
-  - Ideas:
-    - User-controllable
-    - Randomly generated on each run
+- [x] More Secure database passwords
+  - [x] Minio
+  - [x] Cassandra
 - [x] Profile photos
 - [ ] Reactive channels list
 - [ ] Replies

compose.yaml

@@ -3,8 +3,12 @@ services:
     container_name: svchat-server
     image: ghcr.io/arithefirst/svchat
     environment:
-      NODE_ENV: docker_production
-      ORIGIN: http://localhost:3000
+      - NODE_ENV=docker_production
+      - ORIGIN=http://localhost:3000
+      - CASSANDRA_USER=admin
+      - CASSANDRA_PASSWORD=admin
+      - MINIO_ROOT_USER=minioadmin
+      - MINIO_ROOT_PASSWORD=minioadmin
     ports:
       - 3000:3000
     depends_on:
@@ -19,9 +23,9 @@ services:
     ports:
       - 9042:9042
     environment:
-      # TODO Change default passwords
-      - CASSANDRA_USER: admin
-      - CASSANDRA_PASSWORD: admin
+      # CHANGEME
+      - CASSANDRA_USER=admin
+      - CASSANDRA_PASSWORD=admin
     volumes:
       - svchat-cassandra:/var/lib/cassandra
 
@@ -33,9 +37,9 @@ services:
       - 9000:9000
       - 9001:9001
     environment:
-      # TODO Change default passwords
-      - MINIO_ROOT_USER: minioadmin
-      - MINIO_ROOT_PASSWORD: minioadmin
+      # CHANGEME
+      - MINIO_ROOT_USER=minioadmin
+      - MINIO_ROOT_PASSWORD=minioadmin
     volumes:
       - svchat-s3:/data
 

package.json

@@ -37,16 +37,17 @@
     "typescript-eslint": "^8.20.0"
   },
   "dependencies": {
-    "autoprefixer": "^10.4.20",
     "@sveltejs/adapter-node": "^5.2.12",
     "@tailwindcss/typography": "^0.5.16",
     "@types/better-sqlite3": "^7.6.12",
     "@types/express": "^5.0.0",
     "@types/minio": "^7.1.1",
+    "autoprefixer": "^10.4.20",
     "better-auth": "^1.1.16",
     "better-sqlite3": "^11.8.1",
     "bits-ui": "0.22.0",
     "cassandra-driver": "^4.7.2",
+    "dotenv": "^16.4.7",
     "express": "^4.21.2",
     "lucide-svelte": "^0.474.0",
     "markdown-it": "^14.1.0",
@@ -57,9 +58,9 @@
     "socket.io-client": "^4.8.1",
     "svelte-radix": "^2.0.1",
     "sveltekit-superforms": "^2.23.1",
-    "tailwindcss": "^3.4.17",
     "tailwind-merge": "^3.0.1",
     "tailwind-variants": "^0.3.1",
+    "tailwindcss": "^3.4.17",
     "tsm": "^2.3.0",
     "uuid": "^11.0.4",
     "vite": "^6.0.0",

src/lib/server/db/index.ts

@@ -1,4 +1,5 @@
 import cassandra from 'cassandra-driver';
+import 'dotenv/config';
 
 interface Messages {
   messages: cassandra.types.Row[] | null;
@@ -22,11 +23,15 @@ class Db {
   private client: cassandra.Client = new cassandra.Client({
     contactPoints: [this.clientUrl],
     localDataCenter: 'datacenter1',
-    authProvider: new cassandra.auth.PlainTextAuthProvider('admin', 'admin'),
+    authProvider: new cassandra.auth.PlainTextAuthProvider(process.env.CASSANDRA_USER!, process.env.CASSANDRA_PASSWORD!),
   });
 
   // Initalize and connect
   async init() {
+    if (!process.env.CASSANDRA_USER || !process.env.CASSANDRA_PASSWORD) {
+      console.error('Missing Cassandra username or password. Exiting.');
+      process.exit(1);
+    }
     while (true) {
       try {
         await this.client.connect();

src/lib/server/storage/minio-client.ts

@@ -1,3 +1,4 @@
+import 'dotenv/config';
 import * as Minio from 'minio';
 import { Readable } from 'stream';
 import { v4 } from 'uuid';
@@ -70,6 +71,11 @@ class MinioClient {
 let fsClient: MinioClient | undefined;
 
 if (process.env.BUILDING !== 'true') {
+  if (!process.env.MINIO_ROOT_USER || !process.env.MINIO_ROOT_PASSWORD) {
+    console.error('Missing Minio username or password. Exiting.');
+    process.exit(1);
+  }
+
   fsClient = new MinioClient({
     // Endpoint is 'minio' in compose, 'localhost' everywhere else
     endPoint: process.env.NODE_ENV === 'docker_production' ? 'minio' : 'localhost',