diff options
Diffstat (limited to '')
-rw-r--r-- | lib/config.js | 44 |
1 files changed, 31 insertions, 13 deletions
diff --git a/lib/config.js b/lib/config.js index ab2f67b5..1e5838e8 100644 --- a/lib/config.js +++ b/lib/config.js @@ -1,4 +1,5 @@ // external modules +var fs = require('fs'); var path = require('path'); var fs = require('fs'); @@ -27,8 +28,16 @@ var allowanonymous = process.env.HMD_ALLOW_ANONYMOUS ? (process.env.HMD_ALLOW_AN var allowfreeurl = process.env.HMD_ALLOW_FREEURL ? (process.env.HMD_ALLOW_FREEURL === 'true') : !!config.allowfreeurl; +var permissions = ['editable', 'limited', 'locked', 'protected', 'private']; +if (allowanonymous) { + permissions.unshift('freely'); +} + +var defaultpermission = process.env.HMD_DEFAULT_PERMISSION || config.defaultpermission; +defaultpermission = permissions.indexOf(defaultpermission) != -1 ? defaultpermission : 'editable'; + // db -var dburl = config.dburl || process.env.HMD_DB_URL || process.env.DATABASE_URL; +var dburl = process.env.HMD_DB_URL || process.env.DATABASE_URL || config.dburl; var db = config.db || {}; // ssl path @@ -91,15 +100,16 @@ var gitlab = (process.env.HMD_GITLAB_CLIENTID && process.env.HMD_GITLAB_CLIENTSE clientID: handleDockerSecret('gitlab_clientID') || process.env.HMD_GITLAB_CLIENTID, clientSecret: handleDockerSecret('gitlab_clientSecret') || process.env.HMD_GITLAB_CLIENTSECRET } : config.gitlab || false; -var dropbox = (process.env.HMD_DROPBOX_CLIENTID && process.env.HMD_DROPBOX_CLIENTSECRET || fs.existsSync('/run/secrets/dropbox_clientID') && fs.existsSync('/run/secrets/dropbox_clientSecret')) ? { +var dropbox = ((process.env.HMD_DROPBOX_CLIENTID && process.env.HMD_DROPBOX_CLIENTSECRET) || (fs.existsSync('/run/secrets/dropbox_clientID') && fs.existsSync('/run/secrets/dropbox_clientSecret'))) ? { clientID: handleDockerSecret('dropbox_clientID') || process.env.HMD_DROPBOX_CLIENTID, clientSecret: handleDockerSecret('dropbox_clientSecret') || process.env.HMD_DROPBOX_CLIENTSECRET -} : config.dropbox || false; -var google = (process.env.HMD_GOOGLE_CLIENTID && process.env.HMD_GOOGLE_CLIENTSECRET || fs.existsSync('/run/secrets/google_clientID') && fs.existsSync('/run/secrets/google_clientSecret')) ? { - clientID: process.env.HMD_GOOGLE_CLIENTID, - clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET -} : config.google || false; -var ldap = config.ldap || ( +} : (config.dropbox && config.dropbox.clientID && config.dropbox.clientSecret && config.dropbox) || false; +var google = ((process.env.HMD_GOOGLE_CLIENTID && process.env.HMD_GOOGLE_CLIENTSECRET) + || (fs.existsSync('/run/secrets/google_clientID') && fs.existsSync('/run/secrets/google_clientSecret'))) ? { + clientID: handleDockerSecret('google_clientID') || process.env.HMD_GOOGLE_CLIENTID, + clientSecret: handleDockerSecret('google_clientSecret') || process.env.HMD_GOOGLE_CLIENTSECRET +} : (config.google && config.google.clientID && config.google.clientSecret && config.google) || false; +var ldap = config.ldap || (( process.env.HMD_LDAP_URL || process.env.HMD_LDAP_BINDDN || process.env.HMD_LDAP_BINDCREDENTIALS || @@ -107,10 +117,9 @@ var ldap = config.ldap || ( process.env.HMD_LDAP_SEARCHBASE || process.env.HMD_LDAP_SEARCHFILTER || process.env.HMD_LDAP_SEARCHATTRIBUTES || + process.env.HMD_LDAP_TLS_CA || process.env.HMD_LDAP_PROVIDERNAME -) || false; -if (ldap == true) - ldap = {}; +) ? {} : false); if (process.env.HMD_LDAP_URL) ldap.url = process.env.HMD_LDAP_URL; if (process.env.HMD_LDAP_BINDDN) @@ -127,9 +136,17 @@ if (process.env.HMD_LDAP_SEARCHATTRIBUTES) ldap.searchAttributes = process.env.HMD_LDAP_SEARCHATTRIBUTES; if (process.env.HMD_LDAP_TLS_CA) { var ca = { - ca: process.env.HMD_LDAP_TLS_CA + ca: process.env.HMD_LDAP_TLS_CA.split(',') + } + ldap.tlsOptions = ldap.tlsOptions ? Object.assign(ldap.tlsOptions, ca) : ca; + if (Array.isArray(ldap.tlsOptions.ca) && ldap.tlsOptions.ca.length > 0) { + var i, len, results; + results = []; + for (i = 0, len = ldap.tlsOptions.ca.length; i < len; i++) { + results.push(fs.readFileSync(ldap.tlsOptions.ca[i], 'utf8')); + } + ldap.tlsOptions.ca = results; } - ldap.tlsOptions = ldap.tlsOptions ? Object.assign(ldap.tlsOptions, ca) : ca } if (process.env.HMD_LDAP_PROVIDERNAME) { ldap.providerName = process.env.HMD_LDAP_PROVIDERNAME; @@ -169,6 +186,7 @@ module.exports = { usecdn: usecdn, allowanonymous: allowanonymous, allowfreeurl: allowfreeurl, + defaultpermission: defaultpermission, dburl: dburl, db: db, sslkeypath: path.join(cwd, sslkeypath), |