Updated config example.

comment
Traded bug with queue.end() being called as volatile from functions which handle their own DB save, in which stale item was left in cache, for a simple queue rending bug.
2025-10-27 19:29:07 -04:00 · 2025-10-25 09:56:24 -04:00 · 2025-10-25 09:55:40 -04:00 · 2025-10-25 09:46:28 -04:00
6 changed files with 80 additions and 12 deletions
--- a/config.example.json
+++ b/config.example.json
@ -1,13 +1,14 @@
 {
    "instanceName": "Canopy",
    "verbose": false,
-    "port": 8080,
+    "port": 8443,
-    "proxied": false,
+    "proxied": true,
-    "protocol": "http",
+    "protocol": "https",
    "domain": "localhost",
    "ytdlpPath": "/home/canopy/.local/pipx/venvs/yt-dlp/bin/yt-dlp",
    "migrate": false,
    "dropLegacyTokes": false,
    "debug": false,
    "secrets":{
        "passwordSecret": "CHANGE_ME",
        "rememberMeSecret": "CHANGE_ME",
--- a/config.example.jsonc
+++ b/config.example.jsonc
@ -6,9 +6,9 @@
    //Scream about exceptions in the console
    "verbose": false,
    //Port to bind to (most linux/unix systems req root for ports below 1000, you should probably use nginx if you want port 80 or 443)
-    "port": 8080,
+    "port": 8443,
    //Lets the server know it's sitting behind a reverse-proxy
-    "proxied": false,
+    "proxied": true,
    //Protocol (either HTTP or HTTPS)
    "protocol": "http",
    //Domain the server is available at, used for server-side link generation
@ -24,6 +24,11 @@
    //Requires migration to be disabled before it takes effect.
    //WARNING: this does NOT affect user toke counts, migrated or otherwise. Use carefully!
    "dropLegacyTokes": false,
    //Enters the server into debug mode, allows specific commands to be emitted from the client-side dev console
    //Usually to get the server to dump some sort of internal data for debugging purposes.
    //Obviously, this means enabling this can have some gnar implications.
    //Probably don't enable this on your production server unless you REALLY REALLY have to, and you probably don't.
    "debug": false,
    //Server Secrets
    //Be careful with what you keep in secrets, you should use special chars, but test your deployment, as some chars may break account registration
    //An update to either kill the server and bitch about the issue in console is planned so it's not so confusing for new admins
--- a/src/app/channel/media/queue.js
+++ b/src/app/channel/media/queue.js
@ -18,10 +18,12 @@ along with this program.  If not, see <https://www.gnu.org/licenses/>.*/
 const validator = require('validator');
 //Local imports
 const config = require('../../../../config.json');
 const queuedMedia = require('./queuedMedia');
 const yanker = require('../../../utils/media/yanker');
 const loggerUtils = require('../../../utils/loggerUtils');
 const channelModel = require('../../../schemas/channel/channelSchema');
 const permissionModel = require('../../../schemas/permissionSchema');
 /**
 * Object represneting a single channel's media queue
@ -114,6 +116,11 @@ class queue{
        socket.on("move", (data) => {this.moveMedia(socket, data)});
        socket.on("lock", () => {this.toggleLock(socket)});
        socket.on("goLive", (data) => {this.goLive(socket, data)});
        //If debug mode is enabled
        if(config.debug){
            socket.on("dumpQueue", (data) => {this.dumpQueue(socket, data)});
        }
    }
    //--- USER FACING QUEUEING FUNCTIONS ---
@ -404,6 +411,44 @@ class queue{
        }
    }
    async dumpQueue(socket, data){
        //If we somehow got here while config.debug is disabled, or the user isn't allowed to preform server-side debugging
        if(!(config.debug && await permissionModel.permCheck(socket.user, "debug"))){
            //FUCKIN' CHEESE IT!
            return;
        }
        //If a full data dump was requested
        if(data != null && data.full){
            //Pull the channel DB doc
            const chanDB = await channelModel.findOne({name:this.channel.name});
            //Cook and emit a new object from all of the data
            socket.emit("dumpQueue", {
                cache: {
                    schedule: Array.from(this.schedule),
                    nowPlaying: this.nowPlaying
                },
                DB: {
                    schedule: chanDB.media.scheduled,
                    nowPlaying: chanDB.media.nowPlaying,
                    archived: chanDB.media.archived,
                }
            });
            //DONE.
            return;
        }
        //Otherwise, just dump whats in RAM
        socket.emit("dumpQueue", {
            cache: {
                schedule: Array.from(this.schedule),
                nowPlaying: this.nowPlaying
            }
        });
    }
    //--- INTERNAL USE ONLY QUEUEING FUNCTIONS ---
    /**
     * Clears and scheduling timers
@ -1164,6 +1209,13 @@ class queue{
                return this.endLivestream(wasPlaying, chanDB)
            }
            //Moved this from the block below to prevent accidental over-caching
            //We may need to throw this into it's own conditional if it causes issues
            //Take it out of the active schedule
            //Ultimitaly though, if something is voltaile it should handle saving chanDB on its own, so this should be a non-issue
            this.schedule.delete(wasPlaying.startTime);
            //If we're not in volatile mode and we're not ending a livestream
            if(!volatile){
                //If we wheren't handed a channel
@ -1184,9 +1236,6 @@ class queue{
                    await chanDB.media.nowPlaying.deleteOne();
                }
                //Take it out of the active schedule
                this.schedule.delete(wasPlaying.startTime);
                //If archiving is enabled
                if(!noArchive){
                    //Add the item to the channel archive
@ -1788,7 +1837,9 @@ class queue{
            chanDB.media.scheduled = newSched;
            //Save the DB
-            await chanDB.save();
+            await chanDB.save()
        //End the media;
        //if something fucked up
        }catch(err){
--- a/src/schemas/permissionSchema.js
+++ b/src/schemas/permissionSchema.js
@ -100,6 +100,12 @@ const permissionSchema = new mongoose.Schema({
        type: channelPermissionSchema,
        default: () => ({})
    },
    debug: {
        type: mongoose.SchemaTypes.String,
        enum: rankEnum,
        default: "admin",
        required: true
    },
 });
 //Statics
--- a/src/server.js
+++ b/src/server.js
@ -78,9 +78,6 @@ const config = require('../config.json');
 const port = config.port;
 const dbUrl = `mongodb://${config.db.user}:${config.db.pass}@${config.db.address}:${config.db.port}/${config.db.database}`;
 //Check for insecure config
 configCheck.securityCheck();
 //Define express
 const app = express();
@ -234,6 +231,9 @@ async function asyncKickStart(){
    //Kick off scheduled-jobs
    scheduler.kickoff();
    //Check for insecure config
    configCheck.securityCheck();
    //Increment launch counter
    await statModel.incrementLaunchCount();
--- a/src/utils/configCheck.js
+++ b/src/utils/configCheck.js
@ -74,4 +74,9 @@ module.exports.securityCheck = function(){
    if(!validator.isStrongPassword(config.mail.pass) || config.mail.pass == "CHANGE_ME"){
        loggerUtil.consoleWarn("Insecure Email Password! Change Email password!");
    }
    //check debug mode
    if(config.debug){
        loggerUtil.consoleWarn("Debug mode enabled! Understand the risks and security implications before enabling on production servers!");
    }
 }
Author	SHA1	Message	Date
rainbow napkin	787846c7d6	Updated config example.	2025-10-27 19:29:07 -04:00
rainbow napkin	166e174397	comment	2025-10-25 09:56:24 -04:00
rainbow napkin	37990ff8c3	Traded bug with queue.end() being called as volatile from functions which handle their own DB save, in which stale item was left in cache, for a simple queue rending bug.	2025-10-25 09:55:40 -04:00
rainbow napkin	f95a0ae48c	Added queue debugging.	2025-10-25 09:46:28 -04:00