Expand description
Configuration and authentication management. Configuration and authentication for the ROMM client.
This module is deliberately independent of any particular frontend:
both the TUI and the command-line subcommands share the same Config
and AuthConfig types.
§Configuration precedence
Call [load_config] to read config:
- Variables already set in the process environment (highest priority), including
API_TOKENand pathsROMM_TOKEN_FILE/API_TOKEN_FILE(file contents used as bearer token whenAPI_TOKENis unset). - User
config.json(see [user_config_json_path]) — fills any field not already set from the environment.
There is no automatic loading of a .env file; set variables in your shell or process manager,
or rely on config.json written by romm-cli init / the TUI setup wizard.
After env + JSON merge, secrets that are still placeholders (including [KEYRING_SECRET_PLACEHOLDER])
are resolved via the OS keyring (keyring crate, service name romm-cli). On Windows the stored
credential target is typically API_TOKEN.romm-cli, API_PASSWORD.romm-cli, or API_KEY.romm-cli.
Missing entries are silent; other keyring errors are logged at warn (never with secret values).
On save, a successful store is followed by read-back verification before writing the sentinel to JSON.
§load_config vs config.json
[load_config] merges sources per field: process environment wins over values from
config.json for API_BASE_URL, ROMM_ROMS_DIR/ROMM_DOWNLOAD_DIR, API_USE_HTTPS, and auth-related
fields. The keyring is used only to replace placeholder or sentinel secret strings after that merge.
Structs§
- Config
- High-level configuration for the
romm-cliapplication.
Enums§
- Auth
Config - Supported authentication modes for the RomM API.
Constants§
- KEYRING_
SECRET_ PLACEHOLDER - Written to
config.jsonwhen the real secret is stored in the OS keyring (persist_user_config).
Functions§
- auth_
for_ persist_ merge - Auth to pass to
persist_user_configwhen saving non-auth fields (e.g. TUI Settings). - disk_
has_ unresolved_ keyring_ sentinel - Returns true when
load_confighas no resolvedAuthConfig::Bearer(etc.) butconfig.jsonon disk still containsKEYRING_SECRET_PLACEHOLDER(OS keyring could not supply the secret). - is_
keyring_ placeholder - Returns true if
sis the sentinel written to disk when the secret lives in the keyring. - keyring_
store - Store a secret in the OS keyring under the
romm-cliservice name. - load_
config - Loads the merged configuration from the process environment,
config.json, and the OS keyring. - normalize_
romm_ origin - Normalizes a RomM site URL by trimming whitespace, trailing slashes, and removing the
/apisuffix. - openapi_
cache_ path - Where the OpenAPI spec is cached (
.../romm-cli/openapi.json). - persist_
user_ config - Persists the user configuration to
config.jsonand stores secrets in the OS keyring. - read_
user_ config_ json_ from_ disk - Reads
config.jsonfrom disk only (no env merge, no keyring resolution). Used by the TUI setup wizard to detect<stored-in-keyring>placeholders. - reset_
all_ settings - Deletes the config.json file and clears the secrets from the OS keyring.
- should_
check_ updates - Returns true if the application should check for updates on startup.
- user_
config_ dir - Directory for user-level config (
romm-cliunder the OS config dir). - user_
config_ json_ path - Path to the user-level
config.jsonfile (.../romm-cli/config.json).