Allow reading database connection string from file so we can make secret management easier on platforms that drop a secret in the filesystem

Author: diogob

database-uri.txt

@@ -0,0 +1 @@
+postgres://localhost:5432/postgres

sample-env

@@ -1,5 +1,5 @@
 ## PostgreSQL URI where the server will connect to issue NOTIFY and LISTEN commands
-export PGWS_DB_URI="postgres://localhost:5432/postgres"
+export PGWS_DB_URI="@./database-uri.txt"
 
 ## Size of connection pool used to issue notify commands (LISTEN commands are always issued on the same connection that is not part of the pool).
 export PGWS_POOL_SIZE=10

src/PostgresWebsockets/Config.hs

@@ -43,7 +43,7 @@ prettyVersion = intercalate "." $ map show $ versionBranch version
 
 -- | Load all postgres-websockets config from Environment variables. This can be used to use just the middleware or to feed into warpSettings
 loadConfig :: IO AppConfig
-loadConfig = readOptions >>= loadSecretFile
+loadConfig = readOptions >>= loadSecretFile >>= loadDatabaseURIFile
 
 -- | Given a shutdown handler and an AppConfig builds a Warp Settings to start a stand-alone server
 warpSettings :: (IO () -> IO ()) -> AppConfig -> Settings
@@ -73,6 +73,14 @@ readOptions =
                 <*> var auto "PGWS_POOL_SIZE" (def 10 <> helpDef show <> help "How many connection to the database should be used by the connection pool")
                 <*> var auto "PGWS_RETRIES" (def 5 <> helpDef show <> help "How many times it should try to connect to the database on startup before exiting with an error")
 
+loadDatabaseURIFile :: AppConfig -> IO AppConfig
+loadDatabaseURIFile conf@AppConfig{..} =
+  case stripPrefix "@" configDatabase of
+    Nothing       -> pure conf
+    Just filename -> setDatabase . strip <$> readFile (toS filename)
+  where
+    setDatabase uri = conf {configDatabase = uri}
+
 loadSecretFile :: AppConfig -> IO AppConfig
 loadSecretFile conf = extractAndTransform secret
   where