(fix): grabbing envs from $env was a mistake

Dockerfile

@@ -5,10 +5,6 @@ WORKDIR /app
 ENV TZ=UTC
 RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
 
-ENV PNPM_HOME="/pnpm"
-ENV PATH="$PNPM_HOME:$PATH"
-RUN corepack enable
-
 COPY --from=chriswayg/tor-alpine:latest /usr/local/bin/obfs4proxy /usr/local/bin/obfs4proxy
 COPY --from=chriswayg/tor-alpine:latest /usr/local/bin/meek-server /usr/local/bin/meek-server
 
@@ -40,6 +36,10 @@ RUN rm -rf /var/cache/apk/*
 
 FROM base AS deps
 
+ENV PNPM_HOME="/pnpm"
+ENV PATH="$PNPM_HOME:$PATH"
+RUN corepack enable
+
 RUN mkdir -p /temp/dev
 COPY web/package.json web/pnpm-lock.yaml /temp/dev/
 RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --frozen-lockfile -C /temp/dev/
@@ -55,11 +55,7 @@ COPY web .
 
 # build
 ENV NODE_ENV=production
-
-RUN export WG_HOST="127.0.0.1" &&\
-    export AUTH_SECRET="$(openssl rand -base64 32)" &&\
-    export HASHED_PASSWORD="$(openssl passwd -6 -salt $(openssl rand -base64 32) $(openssl rand -base64 32))" &&\
-    npm run build
+RUN npm run build
 
 
 FROM base AS release

Dockerfile-Dev

@@ -5,10 +5,6 @@ WORKDIR /app
 ENV TZ=UTC
 RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
 
-ENV PNPM_HOME="/pnpm"
-ENV PATH="$PNPM_HOME:$PATH"
-RUN corepack enable
-
 COPY --from=chriswayg/tor-alpine:latest /usr/local/bin/obfs4proxy /usr/local/bin/obfs4proxy
 COPY --from=chriswayg/tor-alpine:latest /usr/local/bin/meek-server /usr/local/bin/meek-server
 
@@ -40,6 +36,10 @@ RUN rm -rf /var/cache/apk/*
 
 FROM base AS deps
 
+ENV PNPM_HOME="/pnpm"
+ENV PATH="$PNPM_HOME:$PATH"
+RUN corepack enable
+
 RUN mkdir -p /temp/dev/
 
 COPY web/package.json web/pnpm-lock.yaml /temp/dev/

web/package.json

@@ -4,7 +4,7 @@
   "private": true,
   "scripts": {
     "dev": "vite dev",
-    "build": "WG_HOST=localhost vite build",
+    "build": "vite build",
     "preview": "vite preview",
     "check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
     "check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",

web/src/hooks.server.ts

@@ -1,8 +1,10 @@
 import type { Handle } from '@sveltejs/kit';
 import { verifyToken } from '$lib/auth';
-import { HASHED_PASSWORD } from '$env/static/private';
+import 'dotenv/config';
 
 export const handle: Handle = async ({ event, resolve }) => {
+  const { HASHED_PASSWORD } = process.env;
+
   if (!!HASHED_PASSWORD && !AUTH_EXCEPTION.includes(event.url.pathname)) {
     const token = event.cookies.get('authorization');
     const token_valid = await verifyToken(token ?? '');

web/src/lib/auth.ts

@@ -1,5 +1,10 @@
 import jwt from 'jsonwebtoken';
-import { AUTH_SECRET } from '$env/static/private';
+import 'dotenv/config';
+import Hex from 'crypto-js/enc-hex';
+import { randomUUID } from 'node:crypto';
+import SHA256 from 'crypto-js/sha256';
+
+export const AUTH_SECRET = process.env.AUTH_SECRET || Hex.stringify(SHA256(randomUUID()));
 
 export async function generateToken(): Promise<string> {
   const now = Math.floor(Date.now() / 1000);

web/src/routes/api/host/+server.ts

@@ -1,22 +1,22 @@
 import type { RequestHandler } from '@sveltejs/kit';
-import { WG_HOST } from '$env/static/private';
 import Shell from '$lib/shell';
+import 'dotenv/config';
 
 export const GET: RequestHandler = async () => {
 
-  let HOSTNAME = WG_HOST;
+  let { WG_HOST } = process.env
 
   // if the host is not set, then we are using the server's public IP
-  if (!HOSTNAME) {
+  if (!WG_HOST) {
     const resp = await Shell.exec('curl -s ifconfig.me', true);
-    HOSTNAME = resp.trim();
+    WG_HOST = resp.trim();
   }
 
   // check if WG_HOST is still not set
-  if (!HOSTNAME) {
+  if (!WG_HOST) {
     console.error('WG_HOST is not set');
     return new Response('NOT_SET', { status: 500, headers: { 'Content-Type': 'text/plain' } });
   }
 
-  return new Response(HOSTNAME, { status: 200, headers: { 'Content-Type': 'text/plain' } });
+  return new Response(WG_HOST, { status: 200, headers: { 'Content-Type': 'text/plain' } });
 };