feat: add --overwrite-config and configurable uuid masking

KernelDeimos · KernelDeimos · commit ef6671da18f6 · 2024-08-03T21:07:56.000-04:00
This is in preparation for the chat completions driver. OpenAI asks that
a user ID be provided in requests when service is being provided to
other users, so we deterministically generate different UUIDs for this
purpose to prevent user information from being exposed.
diff --git a/src/backend/src/Kernel.js b/src/backend/src/Kernel.js
@@ -61,6 +61,7 @@ class Kernel extends AdvancedBase {
         const runtimeEnv = new RuntimeEnvironment({
             entry_path: this.entry_path,
             logger: bootLogger,
+            boot_parameters,
         });
         const environment = runtimeEnv.init();
         this.environment = environment;
diff --git a/src/backend/src/boot/RuntimeEnvironment.js b/src/backend/src/boot/RuntimeEnvironment.js
@@ -195,10 +195,11 @@ class RuntimeEnvironment extends AdvancedBase {
         format: require('string-template'),
     }
 
-    constructor ({ logger, entry_path }) {
+    constructor ({ logger, entry_path, boot_parameters }) {
         super();
         this.logger = logger;
         this.entry_path = entry_path;
+        this.boot_parameters = boot_parameters;
         this.path_checks = path_checks(this)(this.modules);
         this.config_paths = config_paths(this)(this.modules);
         this.runtime_paths = runtime_paths(this)(this.modules);
@@ -258,15 +259,44 @@ class RuntimeEnvironment extends AdvancedBase {
             }
         }
 
+        const owrite_config = this.boot_parameters.args.overwriteConfig;
+
         const { fs, path_, crypto } = this.modules;
-        let config_values = {};
-        if ( !using_config ) {
+        if ( !using_config || owrite_config ) {
+            const generated_values = {};
+            generated_values.cookie_name = crypto.randomUUID();
+            generated_values.jwt_secret = crypto.randomUUID();
+            generated_values.url_signature_secret = crypto.randomUUID();
+            generated_values.private_uid_secret = crypto.randomBytes(24).toString('hex');
+            generated_values.private_uid_namespace = crypto.randomUUID();
+            if ( using_config ) {
+                this.logger.info(
+                    `Overwriting ${quot(using_config)} because ` +
+                    `${hl('--overwrite-config')} is set`
+                );
+                // make backup
+                fs.copyFileSync(
+                    path_.join(config_path_entry.path, using_config),
+                    path_.join(config_path_entry.path, using_config + '.bak'),
+                );
+                // preserve generated values
+                {
+                    const config_raw = fs.readFileSync(
+                        path_.join(config_path_entry.path, using_config),
+                        'utf8',
+                    );
+                    const config_values = JSON.parse(config_raw);
+                    for ( const k in generated_values ) {
+                        if ( config_values[k] ) {
+                            generated_values[k] = config_values[k];
+                        }
+                    }
+                }
+            }
             const generated_config = {
                 ...default_config,
+                ...generated_values,
             };
-            generated_config.cookie_name = crypto.randomUUID();
-            generated_config.jwt_secret = crypto.randomUUID();
-            generated_config.url_signature_secret = crypto.randomUUID();
             generated_config[""] = null; // for trailing comma
             fs.writeFileSync(
                 path_.join(config_path_entry.path, 'config.json'),
diff --git a/src/backend/src/services/auth/Actor.js b/src/backend/src/services/auth/Actor.js
@@ -19,16 +19,14 @@
 const { AdvancedBase } = require("@heyputer/puter-js-common");
 const { Context } = require("../../util/context");
 const { get_user, get_app } = require("../../helpers");
+const config = require("../../config");
 
 // TODO: add these to configuration; production deployments should change these!
 
-// THIS IS NOT A LEAK
-// We use this to obscure user UUIDs, as some APIs require a user identifier
-// for abuse prevention. However, there are no services in selfhosted Puter
-// that currently make use of this, and we use different values on `puter.com`.
-const PRIVATE_UID_NAMESPACE = '1757dc3f-8f04-4d77-b939-ff899045696d';
-const PRIVATE_UID_SECRET = 'bf03f0e52f5d93c83822ad8558c625277ce3dddff8dc4a5cb0d3c8493571f770';
-// THIS IS NOT A LEAK (see above)
+const PRIVATE_UID_NAMESPACE = config.private_uid_namespace
+    ?? require('crypto').randomUUID();
+const PRIVATE_UID_SECRET = config.private_uid_secret
+    ?? require('crypto').randomBytes(24).toString('hex');
 
 class Actor extends AdvancedBase {
     static MODULES = {
