Development

docker/routlin-dash/app/main.py

@@ -152,7 +152,7 @@ app.register_blueprint(api_apply_health_bp)
 
 def _seed_initial_account():
     import uuid as _uuid, time as _t
-    email = os.environ.get('INITIAL_MANAGER_EMAIL', '').strip().lower()
+    email = settings.get_initial_manager_email()
     if not email:
         if not config_utils.list_accounts():
             print('[main] WARNING: No accounts exist and INITIAL_MANAGER_EMAIL is not set. '

docker/routlin-dash/app/pages/accountcreate/action.py

@@ -1,6 +1,6 @@
 from pathlib import Path
 from flask import Blueprint, request, session, redirect, flash
-import os, bcrypt, secrets, smtplib
+import bcrypt, secrets, smtplib
 import time
 from email.message import EmailMessage
 import auth
@@ -15,14 +15,16 @@ CODE_TTL_SECS = 15 * 60
 
 
 def _send_verification_email(to_address, code):
-    host      = os.environ.get('SMTP_HOST', '')
-    port      = int(os.environ.get('SMTP_PORT', 587))
-    user      = os.environ.get('SMTP_USER', '')
-    password  = os.environ.get('SMTP_PASSWORD', '')
-    from_addr = os.environ.get('SMTP_FROM', user)
+    import settings as _s
+    smtp      = _s.get_smtp_config()
+    host      = smtp['host']
+    port      = smtp['port']
+    user      = smtp['user']
+    password  = smtp['password']
+    from_addr = smtp['from'] or user
 
     if not host:
-        raise RuntimeError('SMTP_HOST is not configured.')
+        raise RuntimeError('SMTP host is not configured.')
 
     msg = EmailMessage()
     msg['Subject'] = f'{config_utils.WEB_APP_DISPLAY_NAME} - Email Verification'

docker/routlin-dash/app/pages/accountmanage/action.py

@@ -1,6 +1,7 @@
 from pathlib import Path
 from flask import Blueprint, request, session, redirect, flash
 import os, re, secrets, sqlite3, time
+import settings
 from datetime import datetime, timezone
 import auth
 import config_utils
@@ -215,7 +216,7 @@ def accounts_delete():
     target        = accounts[row_index]
     target_email  = target.get('email_address', '').lower()
     current_email = session.get('email_address', '').lower()
-    initial_email = os.environ.get('INITIAL_MANAGER_EMAIL', '').strip().lower()
+    initial_email = settings.get_initial_manager_email()
 
     if target_email == current_email and target_email != initial_email:
         flash('You cannot remove your own account.', 'error')

docker/routlin-dash/app/settings.py

@@ -1,5 +1,24 @@
+import json
 import os
 
+_APP_CONFIG_PATH = '/data/app_config.json'
+_app_config_cache = None
+_app_config_mtime = None
+
+
+def _load_app_config():
+    global _app_config_cache, _app_config_mtime
+    try:
+        mtime = os.path.getmtime(_APP_CONFIG_PATH)
+        if _app_config_cache is not None and mtime == _app_config_mtime:
+            return _app_config_cache
+        with open(_APP_CONFIG_PATH) as f:
+            _app_config_cache = json.load(f)
+        _app_config_mtime = mtime
+        return _app_config_cache
+    except Exception:
+        return {}
+
 
 def product_name():
     return os.environ.get('PRODUCT_NAME', 'routlin')
@@ -54,14 +73,34 @@ def get_host_timezone():
     return ''
 
 
+def get_initial_manager_email():
+    cfg = _load_app_config()
+    return str(cfg.get('initial_manager_email') or os.environ.get('INITIAL_MANAGER_EMAIL', '')).strip().lower()
+
+
 def get_credentials_key():
-    """Return a Fernet-compatible key derived from the CREDENTIALS_KEY environment variable,
-    or None if not set. SHA-256 hashes the raw string to produce 32 bytes, which are then
-    URL-safe base64-encoded as required by Fernet."""
+    """Return a Fernet-compatible key derived from the credentials_key in app_config.json
+    (or CREDENTIALS_KEY env var as fallback), or None if not set. SHA-256 hashes the raw
+    string to produce 32 bytes, URL-safe base64-encoded as required by Fernet."""
     import base64
     import hashlib
-    key_str = os.environ.get('CREDENTIALS_KEY', '')
+    cfg     = _load_app_config()
+    key_str = str(cfg.get('credentials_key') or os.environ.get('CREDENTIALS_KEY', '')).strip()
     if not key_str:
         return None
     raw = hashlib.sha256(key_str.encode()).digest()
     return base64.urlsafe_b64encode(raw)
+
+
+def get_smtp_config():
+    """Return SMTP settings from app_config.json, falling back to env vars."""
+    cfg  = _load_app_config()
+    smtp = cfg.get('smtp', {})
+    user = str(smtp.get('user') or os.environ.get('SMTP_USER', '')).strip()
+    return {
+        'host':     str(smtp.get('host')     or os.environ.get('SMTP_HOST', '')).strip(),
+        'port':     int(smtp.get('port')     or os.environ.get('SMTP_PORT', 587)),
+        'user':     user,
+        'password': str(smtp.get('password') or os.environ.get('SMTP_PASSWORD', '')).strip(),
+        'from':     str(smtp.get('from')     or os.environ.get('SMTP_FROM', user)).strip(),
+    }

docker/routlin-dash/docker-compose.yml

@@ -17,13 +17,6 @@ services:
       - /var/log/freeradius:/var/log/freeradius
     environment:
       - PYTHONPATH=/routlin_location
-      - INITIAL_MANAGER_EMAIL=mgrotke@gmail.com
-      - CREDENTIALS_KEY=TwnRAoORr7OaMVeS3q4JJP3NYvBDlyPB8qgl2ovAlm2OGsNf0qsnv0a67MXgaozKWf5Gc1CM0Z1m0xdTQeiw4R0RKK0fmLKMKfttOp2sfKg9lDsMZavJWzn5VS8dyD
-      - SMTP_HOST=smtp.gmail.com
-      - SMTP_PORT=587
-      - SMTP_USER=grotek.industries@gmail.com
-      - SMTP_PASSWORD=lfhrygyuwvlaczaw
-      - SMTP_FROM=grotek.industries@gmail.com
       - DEV_MODE=true
     user: "${UID:-1000}:${GID:-1000}"
     restart: unless-stopped