feat(platform)!: add support for the application TOML configuration file

.dockerignore

@@ -6,3 +6,4 @@ LICENSE
 .env
 .gitignore
 *.json
+secutils.toml

.gitignore

@@ -4,3 +4,4 @@ target/
 .env
 
 *.private.env.json
+secutils.toml

Cargo.toml

@@ -1,7 +1,8 @@
 [package]
 name = "secutils"
 version = "1.0.0-beta.1"
-authors = ["Secutils <[email protected]>"]
+authors = ["Aleh Zasypkin <[email protected]>"]
+description = "An open-source, versatile, yet simple security toolbox for engineers and researchers."
 edition = "2021"
 
 [[bin]]
@@ -26,6 +27,7 @@ deno_core = "0.272.0"
 directories = "5.0.1"
 dotenvy = "0.15.7"
 structured-logger = "1.0.3"
+figment = "0.10.15"
 futures = "0.3.30"
 handlebars = "5.1.0"
 hex = "0.4.3"
@@ -66,6 +68,7 @@ zip = "0.6.6"
 ctor = "0.2.7"
 httpmock = "0.7.0"
 insta = "1.36.1"
+toml = "0.8.12"
 
 [patch.crates-io]
 tokio-cron-scheduler = { path = "./vendor/tokio-cron-scheduler" }
@@ -76,12 +79,15 @@ default = [
     "actix-web/cookies",
     "actix-web/secure-cookies",
     "bytes/serde",
+    "clap/cargo",
     "clap/env",
     "content-security-policy/serde",
+    "figment/toml",
     "handlebars/rust-embed",
     "insta/filters",
     "insta/json",
     "insta/redactions",
+    "insta/toml",
     "lettre/builder",
     "lettre/smtp-transport",
     "lettre/tokio1-rustls-tls",

README.md

@@ -35,27 +35,61 @@ Secutils.dev adheres to [open security principles](https://en.wikipedia.org/wiki
 
 ## Getting started
 
-Before running the Secutils.dev server locally, you need to provide several required parameters. The easiest way is to
-specify them through a local `.env` file:
+You can start the Secutils.dev server with `cargo run`. By default, the server will be accessible
+via http://localhost:7070. Use `curl` to verify that the server is up and running:
 
-```dotenv
-# An authenticated session key. For example, can be generated with `openssl rand -hex 32`
-SECUTILS_SESSION_KEY=a1a95f90e375d24ee4abb567c96ec3b053ceb083a4df726c76f8570230311c58
+```shell
+curl -XGET http://localhost:7070/api/status
+---
+{"version":"1.0.0-alpha.1","level":"available"}
+```
 
-# Defines a pipe-separated (`|`) list of predefined users in the following format: `email:password:role`.
-[email protected]:3efab73129f3d36e:admin
+The server can be configured with a TOML configuration file. See the example below for a basic configuration:
 
-# Path to a local SQLite database file. Refer to https://github.com/launchbadge/sqlx for more details.
-DATABASE_URL=sqlite:///home/user/.local/share/secutils/data.db
+```toml
+port = 7070
+
+# A session key used to encrypt session cookie. Should be at least 64 characters long. 
+# For example, can be generated with `openssl rand -hex 32`
+[security]
+session-key = "a1a95f90e375d24ee4abb567c96ec3b053ceb083a4df726c76f8570230311c58"
+
+# The configuration of the Deno runtime used to run responder scripts.
+[js-runtime]
+max-heap-size = 10_485_760 # 10 MB
+max-user-script-execution-time = 30_000 # 30 seconds
+
+# SMTP server configuration used to send emails (signup emails, notifications etc.).
+[smtp]
+address = "xxx"
+username = "xxx"
+password = "xxx"
+
+# Defines a list of predefined Secutils.dev users.
+[[security.builtin-users]]
+email = "[email protected]"
+handle = "local"
+password = "3efab73129f3d36e"
+tier = "ultimate"
+
+[utils]
+webhook-url-type = "path"
 ```
 
-Once the .env file is created, you can start the Secutils.dev server with `cargo run`. By default, the server will be
-accessible via http://localhost:7070. Use `curl` to verify that the server is up and running:
+If you saved your configuration to a file named `secutils.toml`, you can start the server with the following command:
 
-```shellThis command 
-curl -XGET http://localhost:7070/api/status
----
-{"version":"1.0.0-alpha.1","level":"available"}
+```shell
+cargo run -- -c secutils.toml
+```
+
+You can also use `.env` file to specify the location of the configuration file and the main database:
+
+```dotenv
+# Path to the configuration file.
+SECUTILS_CONFIG=${PWD}/secutils.toml
+
+# Path to a local SQLite database file. Refer to https://github.com/launchbadge/sqlx for more details.
+DATABASE_URL=sqlite:///home/user/.local/share/secutils/data.db
 ```
 
 ### Usage