MacPro
37 lines
1.4 KiB
TypeScript
37 lines
1.4 KiB
TypeScript
// Action: reveal the auto-generated admin API key.
|
|
//
|
|
// The operator rarely needs this — every other action in StartOS already
|
|
// carries the key for them — but it's useful if they want to script against
|
|
// the admin HTTP API directly.
|
|
//
|
|
// The BTCPay webhook secret used to live in the StartOS store; it now lives
|
|
// inside the daemon's own SQLite database, generated automatically during
|
|
// the "Connect BTCPay" authorize flow. Operators don't need to know it.
|
|
|
|
import { sdk } from '../sdk'
|
|
|
|
export const showCredentials = sdk.Action.withoutInput(
|
|
'showCredentials',
|
|
async ({ effects }) => ({
|
|
name: 'Show admin API key',
|
|
description:
|
|
'Display the auto-generated admin API key. Treat it like a password — ' +
|
|
'anyone with this key can mint and revoke licenses on this server.',
|
|
warning:
|
|
'Anyone with this value has full control of your Keysat server. ' +
|
|
'Do not share it.',
|
|
allowedStatuses: 'any',
|
|
group: 'Credentials',
|
|
visibility: 'enabled',
|
|
}),
|
|
).withoutRunner(async ({ effects }) => {
|
|
const store = await sdk.store.getOwn(effects, sdk.StorePath).const()
|
|
return {
|
|
message:
|
|
`Admin API key:\n${store.admin_api_key}\n\n` +
|
|
`Used as 'Authorization: Bearer <key>' against /v1/admin/*. All ` +
|
|
`StartOS actions already supply this for you — only export it if ` +
|
|
`you intend to script against the admin API from outside the box.`,
|
|
}
|
|
})
|