diff options
Diffstat (limited to 'lib/config')
| -rw-r--r-- | lib/config/default.js | 9 | ||||
| -rw-r--r-- | lib/config/defaultSSL.js | 8 | ||||
| -rw-r--r-- | lib/config/dockerSecret.js | 3 | ||||
| -rw-r--r-- | lib/config/environment.js | 6 | ||||
| -rw-r--r-- | lib/config/index.js | 19 |
5 files changed, 35 insertions, 10 deletions
diff --git a/lib/config/default.js b/lib/config/default.js index 19ddccf6..30ce2090 100644 --- a/lib/config/default.js +++ b/lib/config/default.js @@ -18,6 +18,8 @@ module.exports = { directives: { }, addDefaults: true, + addDisqus: true, + addGoogleAnalytics: true, upgradeInsecureRequests: 'auto', reportURI: undefined }, @@ -46,6 +48,7 @@ module.exports = { // session sessionName: 'connect.sid', sessionSecret: 'secret', + sessionSecretLen: 128, sessionLife: 14 * 24 * 60 * 60 * 1000, // 14 days staticCacheTime: 1 * 24 * 60 * 60 * 1000, // 1 day // socket.io @@ -53,7 +56,7 @@ module.exports = { heartbeatTimeout: 10000, // document documentMaxLength: 100000, - // image upload setting, available options are imgur/s3/filesystem + // image upload setting, available options are imgur/s3/filesystem/azure imageUploadType: 'filesystem', imgur: { clientID: undefined @@ -71,6 +74,10 @@ module.exports = { port: 9000 }, s3bucket: undefined, + azure: { + connectionString: undefined, + container: undefined + }, // authentication facebook: { clientID: undefined, diff --git a/lib/config/defaultSSL.js b/lib/config/defaultSSL.js index 362c62a1..ba020466 100644 --- a/lib/config/defaultSSL.js +++ b/lib/config/defaultSSL.js @@ -10,8 +10,8 @@ function getFile (path) { } module.exports = { - sslkeypath: getFile('/run/secrets/key.pem'), - sslcertpath: getFile('/run/secrets/cert.pem'), - sslcapath: getFile('/run/secrets/ca.pem') !== undefined ? [getFile('/run/secrets/ca.pem')] : [], - dhparampath: getFile('/run/secrets/dhparam.pem') + sslKeyPath: getFile('/run/secrets/key.pem'), + sslCertPath: getFile('/run/secrets/cert.pem'), + sslCAPath: getFile('/run/secrets/ca.pem') !== undefined ? [getFile('/run/secrets/ca.pem')] : [], + dhParamPath: getFile('/run/secrets/dhparam.pem') } diff --git a/lib/config/dockerSecret.js b/lib/config/dockerSecret.js index b9116cd3..fd66ddfe 100644 --- a/lib/config/dockerSecret.js +++ b/lib/config/dockerSecret.js @@ -22,6 +22,9 @@ if (fs.existsSync(basePath)) { accessKeyId: getSecret('s3_acccessKeyId'), secretAccessKey: getSecret('s3_secretAccessKey') }, + azure: { + connectionString: getSecret('azure_connectionString') + }, facebook: { clientID: getSecret('facebook_clientID'), clientSecret: getSecret('facebook_clientSecret') diff --git a/lib/config/environment.js b/lib/config/environment.js index cab3bc3e..810cb225 100644 --- a/lib/config/environment.js +++ b/lib/config/environment.js @@ -26,6 +26,8 @@ module.exports = { allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), defaultPermission: process.env.HMD_DEFAULT_PERMISSION, dbURL: process.env.HMD_DB_URL, + sessionSecret: process.env.HMD_SESSION_SECRET, + sessionLife: toIntegerConfig(process.env.HMD_SESSION_LIFE), imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE, imgur: { clientID: process.env.HMD_IMGUR_CLIENTID @@ -43,6 +45,10 @@ module.exports = { port: toIntegerConfig(process.env.HMD_MINIO_PORT) }, s3bucket: process.env.HMD_S3_BUCKET, + azure: { + connectionString: process.env.HMD_AZURE_CONNECTION_STRING, + container: process.env.HMD_AZURE_CONTAINER + }, facebook: { clientID: process.env.HMD_FACEBOOK_CLIENTID, clientSecret: process.env.HMD_FACEBOOK_CLIENTSECRET diff --git a/lib/config/index.js b/lib/config/index.js index fae51e52..f10eadb8 100644 --- a/lib/config/index.js +++ b/lib/config/index.js @@ -1,6 +1,7 @@ 'use strict' +const crypto = require('crypto') const fs = require('fs') const path = require('path') const {merge} = require('lodash') @@ -52,7 +53,7 @@ if (config.ldap.tlsca) { // Permission config.permission = Permission -if (!config.allowAnonymous && !config.allowAnonymousedits) { +if (!config.allowAnonymous && !config.allowAnonymousEdits) { delete config.permission.freely } if (!(config.defaultPermission in config.permission)) { @@ -110,16 +111,24 @@ for (let i = keys.length; i--;) { // and the config with uppercase is not set // we set the new config using the old key. if (uppercase.test(keys[i]) && - config[lowercaseKey] && - !config[keys[1]]) { + config[lowercaseKey] !== undefined && + fileConfig[keys[i]] === undefined) { logger.warn('config.js contains deprecated lowercase setting for ' + keys[i] + '. Please change your config.js file to replace ' + lowercaseKey + ' with ' + keys[i]) config[keys[i]] = config[lowercaseKey] } } +// Generate session secret if it stays on default values +if (config.sessionSecret === 'secret') { + logger.warn('Session secret not set. Using random generated one. Please set `sessionSecret` in your config.js file. All users will be logged out.') + config.sessionSecret = crypto.randomBytes(Math.ceil(config.sessionSecretLen / 2)) // generate crypto graphic random number + .toString('hex') // convert to hexadecimal format + .slice(0, config.sessionSecretLen) // return required number of characters +} + // Validate upload upload providers -if (['filesystem', 's3', 'minio', 'imgur'].indexOf(config.imageUploadType) === -1) { - logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio" or "imgur". Defaulting to "imgur"') +if (['filesystem', 's3', 'minio', 'imgur', 'azure'].indexOf(config.imageUploadType) === -1) { + logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio", "azure" or "imgur". Defaulting to "imgur"') config.imageUploadType = 'imgur' } |