move config file to separate folder

Make default config smaller, allow all users by default there.

conf/README.md

@@ -0,0 +1 @@
+This directory is for config examples.

conf/default.yaml

@@ -0,0 +1,51 @@
+#
+# This is the default config file. It allows all users to do anything,
+# so don't use it on production systems.
+#
+# Look here for more config file examples:
+# https://github.com/rlidwka/sinopia/tree/master/conf
+#
+
+# path to a directory with all packages
+storage: ./storage
+
+web:
+  # web interface is disabled by default in 0.x, will be enabled soon in 1.x
+  # when all its issues will be fixed
+  #
+  # set this to `true` if you want to experiment with web ui now;
+  # this has a lot of issues, e.g. no auth yet, so use at your own risk
+  #enable: true
+
+auth:
+  htpasswd:
+    file: ./htpasswd
+    # Maximum amount of users allowed to register, defaults to "+inf".
+    # You can set this to -1 to disable registration.
+    #max_users: 1000
+
+# a list of other known repositories we can talk to
+uplinks:
+  npmjs:
+    url: https://registry.npmjs.org/
+
+packages:
+  '*':
+    # allow all users (including non-authenticated users) to read and
+    # publish all packages
+    #
+    # you can specify usernames/groupnames (depending on your auth plugin)
+    # and three keywords: "$all", "$anonymous", "$authenticated"
+    allow_access: $authenticated
+
+    # allow 'admin' to publish packages
+    allow_publish: $all
+
+    # if package is not available locally, proxy requests to 'npmjs' registry
+    proxy: npmjs
+
+# log settings
+logs:
+  - {type: stdout, format: pretty, level: http}
+  #- {type: file, path: sinopia.log, level: info}
+

conf/full.yaml

@@ -7,7 +7,7 @@ storage: ./storage
 users:
   admin:
     # crypto.createHash('sha1').update(pass).digest('hex')
-    password: __PASSWORD__
+    password: a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
 
 web:
   # web interface is disabled by default in 0.x, will be enabled soon in 1.x

lib/cli.js

@@ -65,10 +65,10 @@ try {
           if (x[0] == 'Y' || x[0] == 'y' || x === '') {
             rl.close()
 
-            var created_config = require('../lib/config_gen')()
-            config = YAML.safeLoad(created_config.yaml)
+            var created_config = fs.readFileSync(require.resolve('../conf/default.yaml'), 'utf8')
+            config = YAML.safeLoad(created_config)
             write_config_banner(created_config, config)
-            fs.writeFileSync(config_path, created_config.yaml)
+            fs.writeFileSync(config_path, created_config)
             afterConfigLoad()
           } else if (x[0] == 'N' || x[0] == 'n') {
             rl.close()
@@ -137,8 +137,6 @@ function write_config_banner(def, config) {
   log(' $ npm set registry http://%s:%s/', hostport[0], hostport[1])
   log(' $ npm set always-auth true')
   log(' $ npm adduser')
-  log('   Username: %s', def.user)
-  log('   Password: %s', def.pass)
   log('===========================================================')
 }
 

lib/config.js

@@ -26,7 +26,7 @@ function Config(config) {
   }
 
   // some weird shell scripts are valid yaml files parsed as string
-  assert.equal(typeof(config), 'object', 'CONFIG: self doesn\'t look like a valid config file')
+  assert.equal(typeof(config), 'object', 'CONFIG: it doesn\'t look like a valid config file')
 
   assert(self.storage, 'CONFIG: storage path not defined')
   self.localList = LocalList(

lib/config_gen.js

@@ -1,19 +0,0 @@
-var Crypto = require('crypto')
-var fs     = require('fs')
-
-module.exports = function create_config() {
-  var pass = Crypto.randomBytes(8).toString('base64').replace(/[=+\/]/g, '')
-  var pass_digest = Crypto.createHash('sha1').update(pass).digest('hex')
-
-  /*eslint no-sync:0*/
-  var config = fs.readFileSync(require.resolve('./config_def.yaml'), 'utf8')
-
-  config = config.replace('__PASSWORD__', pass_digest)
-
-  return {
-    yaml: config,
-    user: 'admin',
-    pass: pass,
-  }
-}
-