5 files changed, 35 insertions, 10 deletions
diff --git a/lib/config/default.js b/lib/config/default.js
index 48916c89..1b124b3e 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -18,6 +18,8 @@ module.exports = {
     directives: {
     },
     addDefaults: true,
+    addDisqus: true,
+    addGoogleAnalytics: true,
     upgradeInsecureRequests: 'auto',
     reportURI: undefined
   },
@@ -46,6 +48,7 @@ module.exports = {
   // session
   sessionName: 'connect.sid',
   sessionSecret: 'secret',
+  sessionSecretLen: 128,
   sessionLife: 14 * 24 * 60 * 60 * 1000, // 14 days
   staticCacheTime: 1 * 24 * 60 * 60 * 1000, // 1 day
   // socket.io
@@ -53,7 +56,7 @@ module.exports = {
   heartbeatTimeout: 10000,
   // document
   documentMaxLength: 100000,
-  // image upload setting, available options are imgur/s3/filesystem
+  // image upload setting, available options are imgur/s3/filesystem/azure
   imageUploadType: 'filesystem',
   imgur: {
     clientID: undefined
@@ -71,6 +74,10 @@ module.exports = {
     port: 9000
   },
   s3bucket: undefined,
+  azure: {
+    connectionString: undefined,
+    container: undefined
+  },
   // authentication
   oauth2: {
     authorizationURL: undefined,
diff --git a/lib/config/defaultSSL.js b/lib/config/defaultSSL.js
index 362c62a1..ba020466 100644
--- a/lib/config/defaultSSL.js
+++ b/lib/config/defaultSSL.js
@@ -10,8 +10,8 @@ function getFile (path) {
 }
 
 module.exports = {
-  sslkeypath: getFile('/run/secrets/key.pem'),
-  sslcertpath: getFile('/run/secrets/cert.pem'),
-  sslcapath: getFile('/run/secrets/ca.pem') !== undefined ? [getFile('/run/secrets/ca.pem')] : [],
-  dhparampath: getFile('/run/secrets/dhparam.pem')
+  sslKeyPath: getFile('/run/secrets/key.pem'),
+  sslCertPath: getFile('/run/secrets/cert.pem'),
+  sslCAPath: getFile('/run/secrets/ca.pem') !== undefined ? [getFile('/run/secrets/ca.pem')] : [],
+  dhParamPath: getFile('/run/secrets/dhparam.pem')
 }
diff --git a/lib/config/dockerSecret.js b/lib/config/dockerSecret.js
index b9116cd3..fd66ddfe 100644
--- a/lib/config/dockerSecret.js
+++ b/lib/config/dockerSecret.js
@@ -22,6 +22,9 @@ if (fs.existsSync(basePath)) {
       accessKeyId: getSecret('s3_acccessKeyId'),
       secretAccessKey: getSecret('s3_secretAccessKey')
     },
+    azure: {
+      connectionString: getSecret('azure_connectionString')
+    },
     facebook: {
       clientID: getSecret('facebook_clientID'),
       clientSecret: getSecret('facebook_clientSecret')
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 66fa5284..e1c11569 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -26,6 +26,8 @@ module.exports = {
   allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
   defaultPermission: process.env.HMD_DEFAULT_PERMISSION,
   dbURL: process.env.HMD_DB_URL,
+  sessionSecret: process.env.HMD_SESSION_SECRET,
+  sessionLife: toIntegerConfig(process.env.HMD_SESSION_LIFE),
   imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE,
   imgur: {
     clientID: process.env.HMD_IMGUR_CLIENTID
@@ -43,6 +45,10 @@ module.exports = {
     port: toIntegerConfig(process.env.HMD_MINIO_PORT)
   },
   s3bucket: process.env.HMD_S3_BUCKET,
+  azure: {
+    connectionString: process.env.HMD_AZURE_CONNECTION_STRING,
+    container: process.env.HMD_AZURE_CONTAINER
+  },
   facebook: {
     clientID: process.env.HMD_FACEBOOK_CLIENTID,
     clientSecret: process.env.HMD_FACEBOOK_CLIENTSECRET
diff --git a/lib/config/index.js b/lib/config/index.js
index 63c23f0c..484301c4 100644
--- a/lib/config/index.js
+++ b/lib/config/index.js
@@ -1,6 +1,7 @@
 
 'use strict'
 
+const crypto = require('crypto')
 const fs = require('fs')
 const path = require('path')
 const {merge} = require('lodash')
@@ -52,7 +53,7 @@ if (config.ldap.tlsca) {
 
 // Permission
 config.permission = Permission
-if (!config.allowAnonymous && !config.allowAnonymousedits) {
+if (!config.allowAnonymous && !config.allowAnonymousEdits) {
   delete config.permission.freely
 }
 if (!(config.defaultPermission in config.permission)) {
@@ -111,16 +112,24 @@ for (let i = keys.length; i--;) {
   // and the config with uppercase is not set
   // we set the new config using the old key.
   if (uppercase.test(keys[i]) &&
-  config[lowercaseKey] &&
-  !config[keys[1]]) {
+  config[lowercaseKey] !== undefined &&
+  fileConfig[keys[i]] === undefined) {
     logger.warn('config.js contains deprecated lowercase setting for ' + keys[i] + '. Please change your config.js file to replace ' + lowercaseKey + ' with ' + keys[i])
     config[keys[i]] = config[lowercaseKey]
   }
 }
 
+// Generate session secret if it stays on default values
+if (config.sessionSecret === 'secret') {
+  logger.warn('Session secret not set. Using random generated one. Please set `sessionSecret` in your config.js file. All users will be logged out.')
+  config.sessionSecret = crypto.randomBytes(Math.ceil(config.sessionSecretLen / 2)) // generate crypto graphic random number
+        .toString('hex')                                                            // convert to hexadecimal format
+        .slice(0, config.sessionSecretLen)                                           // return required number of characters
+}
+
 // Validate upload upload providers
-if (['filesystem', 's3', 'minio', 'imgur'].indexOf(config.imageUploadType) === -1) {
-  logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio" or "imgur". Defaulting to "imgur"')
+if (['filesystem', 's3', 'minio', 'imgur', 'azure'].indexOf(config.imageUploadType) === -1) {
+  logger.error('"imageuploadtype" is not correctly set. Please use "filesystem", "s3", "minio", "azure" or "imgur". Defaulting to "imgur"')
   config.imageUploadType = 'imgur'
 }