initial
This commit is contained in:
MacPro
@@ -0,0 +1,36 @@
|
||||
// Action: reveal the auto-generated admin API key.
|
||||
//
|
||||
// The operator rarely needs this — every other action in StartOS already
|
||||
// carries the key for them — but it's useful if they want to script against
|
||||
// the admin HTTP API directly.
|
||||
//
|
||||
// The BTCPay webhook secret used to live in the StartOS store; it now lives
|
||||
// inside the daemon's own SQLite database, generated automatically during
|
||||
// the "Connect BTCPay" authorize flow. Operators don't need to know it.
|
||||
|
||||
import { sdk } from '../sdk'
|
||||
|
||||
export const showCredentials = sdk.Action.withoutInput(
|
||||
'showCredentials',
|
||||
async ({ effects }) => ({
|
||||
name: 'Show admin API key',
|
||||
description:
|
||||
'Display the auto-generated admin API key. Treat it like a password — ' +
|
||||
'anyone with this key can mint and revoke licenses on this server.',
|
||||
warning:
|
||||
'Anyone with this value has full control of your Keysat server. ' +
|
||||
'Do not share it.',
|
||||
allowedStatuses: 'any',
|
||||
group: 'Credentials',
|
||||
visibility: 'enabled',
|
||||
}),
|
||||
).withoutRunner(async ({ effects }) => {
|
||||
const store = await sdk.store.getOwn(effects, sdk.StorePath).const()
|
||||
return {
|
||||
message:
|
||||
`Admin API key:\n${store.admin_api_key}\n\n` +
|
||||
`Used as 'Authorization: Bearer <key>' against /v1/admin/*. All ` +
|
||||
`StartOS actions already supply this for you — only export it if ` +
|
||||
`you intend to script against the admin API from outside the box.`,
|
||||
}
|
||||
})
|
||||
Reference in New Issue
Block a user