yusiboyz/platform
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9e13984b0571d067c8ade00a3438892c4abf6bee
platform/gateway/config.py
Yusuf Suleman 7c05ef14c7
Some checks failed
Security Checks / dependency-audit (push) Has been cancelled
Details
Security Checks / secret-scanning (push) Has been cancelled
Details
Security Checks / dockerfile-lint (push) Has been cancelled
Details
fix(gateway): remove no-verify SSL context from proxy (#7) 
All internal services use plain HTTP (Docker network). The
_internal_ssl_ctx with disabled cert verification was a no-op
for HTTP URLs but suggested TLS bypass was in use.

- Removed _internal_ssl_ctx from config.py
- Removed ssl import from config.py
- proxy.py now calls urlopen() without context parameter
- External calls (OpenAI, SMTP2GO, Open Library) already use
  default TLS verification

Verified: dashboard, trips, fitness, budget, inventory all respond correctly.
2026-03-29 13:46:11 -05:00

68 lines
2.8 KiB
Python
Raw Blame History

"""
Platform Gateway — Configuration constants and environment variables.
"""
import os
from pathlib import Path
# ── Server ──
PORT = int(os.environ.get("PORT", 8100))
DATA_DIR = Path(os.environ.get("DATA_DIR", "/app/data"))
DB_PATH = DATA_DIR / "platform.db"
# ── Service backends ──
TRIPS_URL = os.environ.get("TRIPS_BACKEND_URL", "http://localhost:8087")
FITNESS_URL = os.environ.get("FITNESS_BACKEND_URL", "http://localhost:8095")
INVENTORY_URL = os.environ.get("INVENTORY_BACKEND_URL", "http://localhost:4499")
NOCODB_API_TOKEN = os.environ.get("NOCODB_API_TOKEN", "")
MINIFLUX_URL = os.environ.get("MINIFLUX_URL", "http://localhost:8767")
MINIFLUX_API_KEY = os.environ.get("MINIFLUX_API_KEY", "")
TRIPS_API_TOKEN = os.environ.get("TRIPS_API_TOKEN", "")
SHELFMARK_URL = os.environ.get("SHELFMARK_URL", "http://shelfmark:8084")
SPOTIZERR_URL = os.environ.get("SPOTIZERR_URL", "http://spotizerr-app:7171")
BUDGET_URL = os.environ.get("BUDGET_BACKEND_URL", "http://localhost:3001")
# ── Service API keys (for internal service auth) ──
INVENTORY_SERVICE_API_KEY = os.environ.get("INVENTORY_SERVICE_API_KEY", "")
BUDGET_SERVICE_API_KEY = os.environ.get("BUDGET_SERVICE_API_KEY", "")
# ── Booklore (book library manager) ──
BOOKLORE_URL = os.environ.get("BOOKLORE_URL", "http://booklore:6060")
BOOKLORE_USER = os.environ.get("BOOKLORE_USER", "")
BOOKLORE_PASS = os.environ.get("BOOKLORE_PASS", "")
BOOKLORE_BOOKS_DIR = Path("/booklore-books")
BOOKDROP_DIR = Path("/bookdrop")
# ── SMTP2GO (email / Send to Kindle) ──
SMTP2GO_API_KEY = os.environ.get("SMTP2GO_API_KEY", "")
SMTP2GO_FROM_EMAIL = os.environ.get("SMTP2GO_FROM_EMAIL", "")
SMTP2GO_FROM_NAME = os.environ.get("SMTP2GO_FROM_NAME", "Platform")
KINDLE_EMAIL_1 = os.environ.get("KINDLE_EMAIL_1", "")
KINDLE_EMAIL_2 = os.environ.get("KINDLE_EMAIL_2", "")
KINDLE_LABELS = os.environ.get("KINDLE_LABELS", "Kindle 1,Kindle 2")
# ── Karakeep (bookmarking) ──
KARAKEEP_URL = os.environ.get("KARAKEEP_URL", "http://192.168.1.42:3005")
KARAKEEP_API_KEY = os.environ.get("KARAKEEP_API_KEY", "")
# ── qBittorrent ──
QBITTORRENT_HOST = os.environ.get("QBITTORRENT_HOST", "192.168.1.42")
QBITTORRENT_PORT = os.environ.get("QBITTORRENT_PORT", "8080")
QBITTORRENT_USERNAME = os.environ.get("QBITTORRENT_USERNAME", "admin")
QBITTORRENT_PASSWORD = os.environ.get("QBITTORRENT_PASSWORD", "")
# ── AI ──
OPENAI_API_KEY = os.environ.get("OPENAI_API_KEY", "")
OPENAI_MODEL = os.environ.get("OPENAI_MODEL", "gpt-5.2")
# ── Session config ──
SESSION_MAX_AGE = int(os.environ.get("SESSION_MAX_AGE", 30 * 86400)) # 30 days
# ── Ensure data dir exists ──
DATA_DIR.mkdir(parents=True, exist_ok=True)
# Note: All internal services use plain HTTP (Docker network).
# No custom SSL context needed. External calls (OpenAI, SMTP2GO, Open Library)
# use default TLS verification.
Reference in New Issue View Git Blame Copy Permalink