From b242b59db4b27bac345d98f982def7c54955c84c Mon Sep 17 00:00:00 2001 From: Sheogorath Date: Sun, 24 Jun 2018 13:22:51 +0200 Subject: Rename environment variables and add legacy support. As we are no longer HackMD the short tag `HMD` doesn't match anymore. We move it to the matching prefix `CMD` and inform our users about the change. Signed-off-by: Sheogorath --- lib/config/environment.js | 172 ++++++++++++++++++++-------------------- lib/config/hackmdEnvironment.js | 124 +++++++++++++++++++++++++++++ lib/config/index.js | 6 ++ 3 files changed, 216 insertions(+), 86 deletions(-) create mode 100644 lib/config/hackmdEnvironment.js (limited to 'lib') diff --git a/lib/config/environment.js b/lib/config/environment.js index 0ca3d920..d850ac9d 100644 --- a/lib/config/environment.js +++ b/lib/config/environment.js @@ -3,123 +3,123 @@ const {toBooleanConfig, toArrayConfig, toIntegerConfig} = require('./utils') module.exports = { - domain: process.env.HMD_DOMAIN, - urlPath: process.env.HMD_URL_PATH, - port: toIntegerConfig(process.env.HMD_PORT), - urlAddPort: toBooleanConfig(process.env.HMD_URL_ADDPORT), - useSSL: toBooleanConfig(process.env.HMD_USESSL), + domain: process.env.CMD_DOMAIN, + urlPath: process.env.CMD_URL_PATH, + port: toIntegerConfig(process.env.CMD_PORT), + urlAddPort: toBooleanConfig(process.env.CMD_URL_ADDPORT), + useSSL: toBooleanConfig(process.env.CMD_USESSL), hsts: { - enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE), - maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE, - includeSubdomains: toBooleanConfig(process.env.HMD_HSTS_INCLUDE_SUBDOMAINS), - preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD) + enable: toBooleanConfig(process.env.CMD_HSTS_ENABLE), + maxAgeSeconds: process.env.CMD_HSTS_MAX_AGE, + includeSubdomains: toBooleanConfig(process.env.CMD_HSTS_INCLUDE_SUBDOMAINS), + preload: toBooleanConfig(process.env.CMD_HSTS_PRELOAD) }, csp: { - enable: toBooleanConfig(process.env.HMD_CSP_ENABLE), - reportURI: process.env.HMD_CSP_REPORTURI - }, - protocolUseSSL: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), - allowOrigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN), - useCDN: toBooleanConfig(process.env.HMD_USECDN), - allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS), - allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS), - allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), - defaultPermission: process.env.HMD_DEFAULT_PERMISSION, - dbURL: process.env.HMD_DB_URL, - sessionSecret: process.env.HMD_SESSION_SECRET, - sessionLife: toIntegerConfig(process.env.HMD_SESSION_LIFE), - imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE, + enable: toBooleanConfig(process.env.CMD_CSP_ENABLE), + reportURI: process.env.CMD_CSP_REPORTURI + }, + protocolUseSSL: toBooleanConfig(process.env.CMD_PROTOCOL_USESSL), + allowOrigin: toArrayConfig(process.env.CMD_ALLOW_ORIGIN), + useCDN: toBooleanConfig(process.env.CMD_USECDN), + allowAnonymous: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS), + allowAnonymousEdits: toBooleanConfig(process.env.CMD_ALLOW_ANONYMOUS_EDITS), + allowFreeURL: toBooleanConfig(process.env.CMD_ALLOW_FREEURL), + defaultPermission: process.env.CMD_DEFAULT_PERMISSION, + dbURL: process.env.CMD_DB_URL, + sessionSecret: process.env.CMD_SESSION_SECRET, + sessionLife: toIntegerConfig(process.env.CMD_SESSION_LIFE), + imageUploadType: process.env.CMD_IMAGE_UPLOAD_TYPE, imgur: { - clientID: process.env.HMD_IMGUR_CLIENTID + clientID: process.env.CMD_IMGUR_CLIENTID }, s3: { - accessKeyId: process.env.HMD_S3_ACCESS_KEY_ID, - secretAccessKey: process.env.HMD_S3_SECRET_ACCESS_KEY, - region: process.env.HMD_S3_REGION + accessKeyId: process.env.CMD_S3_ACCESS_KEY_ID, + secretAccessKey: process.env.CMD_S3_SECRET_ACCESS_KEY, + region: process.env.CMD_S3_REGION }, minio: { - accessKey: process.env.HMD_MINIO_ACCESS_KEY, - secretKey: process.env.HMD_MINIO_SECRET_KEY, - endPoint: process.env.HMD_MINIO_ENDPOINT, - secure: toBooleanConfig(process.env.HMD_MINIO_SECURE), - port: toIntegerConfig(process.env.HMD_MINIO_PORT) + accessKey: process.env.CMD_MINIO_ACCESS_KEY, + secretKey: process.env.CMD_MINIO_SECRET_KEY, + endPoint: process.env.CMD_MINIO_ENDPOINT, + secure: toBooleanConfig(process.env.CMD_MINIO_SECURE), + port: toIntegerConfig(process.env.CMD_MINIO_PORT) }, - s3bucket: process.env.HMD_S3_BUCKET, + s3bucket: process.env.CMD_S3_BUCKET, azure: { - connectionString: process.env.HMD_AZURE_CONNECTION_STRING, - container: process.env.HMD_AZURE_CONTAINER + connectionString: process.env.CMD_AZURE_CONNECTION_STRING, + container: process.env.CMD_AZURE_CONTAINER }, facebook: { - clientID: process.env.HMD_FACEBOOK_CLIENTID, - clientSecret: process.env.HMD_FACEBOOK_CLIENTSECRET + clientID: process.env.CMD_FACEBOOK_CLIENTID, + clientSecret: process.env.CMD_FACEBOOK_CLIENTSECRET }, twitter: { - consumerKey: process.env.HMD_TWITTER_CONSUMERKEY, - consumerSecret: process.env.HMD_TWITTER_CONSUMERSECRET + consumerKey: process.env.CMD_TWITTER_CONSUMERKEY, + consumerSecret: process.env.CMD_TWITTER_CONSUMERSECRET }, github: { - clientID: process.env.HMD_GITHUB_CLIENTID, - clientSecret: process.env.HMD_GITHUB_CLIENTSECRET + clientID: process.env.CMD_GITHUB_CLIENTID, + clientSecret: process.env.CMD_GITHUB_CLIENTSECRET }, gitlab: { - baseURL: process.env.HMD_GITLAB_BASEURL, - clientID: process.env.HMD_GITLAB_CLIENTID, - clientSecret: process.env.HMD_GITLAB_CLIENTSECRET, - scope: process.env.HMD_GITLAB_SCOPE + baseURL: process.env.CMD_GITLAB_BASEURL, + clientID: process.env.CMD_GITLAB_CLIENTID, + clientSecret: process.env.CMD_GITLAB_CLIENTSECRET, + scope: process.env.CMD_GITLAB_SCOPE }, mattermost: { - baseURL: process.env.HMD_MATTERMOST_BASEURL, - clientID: process.env.HMD_MATTERMOST_CLIENTID, - clientSecret: process.env.HMD_MATTERMOST_CLIENTSECRET + baseURL: process.env.CMD_MATTERMOST_BASEURL, + clientID: process.env.CMD_MATTERMOST_CLIENTID, + clientSecret: process.env.CMD_MATTERMOST_CLIENTSECRET }, oauth2: { - baseURL: process.env.HMD_OAUTH2_BASEURL, - userProfileURL: process.env.HMD_OAUTH2_USER_PROFILE_URL, - userProfileUsernameAttr: process.env.HMD_OAUTH2_USER_PROFILE_USERNAME_ATTR, - userProfileDisplayNameAttr: process.env.HMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR, - userProfileEmailAttr: process.env.HMD_OAUTH2_USER_PROFILE_EMAIL_ATTR, - tokenURL: process.env.HMD_OAUTH2_TOKEN_URL, - authorizationURL: process.env.HMD_OAUTH2_AUTHORIZATION_URL, - clientID: process.env.HMD_OAUTH2_CLIENT_ID, - clientSecret: process.env.HMD_OAUTH2_CLIENT_SECRET + baseURL: process.env.CMD_OAUTH2_BASEURL, + userProfileURL: process.env.CMD_OAUTH2_USER_PROFILE_URL, + userProfileUsernameAttr: process.env.CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR, + userProfileDisplayNameAttr: process.env.CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR, + userProfileEmailAttr: process.env.CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR, + tokenURL: process.env.CMD_OAUTH2_TOKEN_URL, + authorizationURL: process.env.CMD_OAUTH2_AUTHORIZATION_URL, + clientID: process.env.CMD_OAUTH2_CLIENT_ID, + clientSecret: process.env.CMD_OAUTH2_CLIENT_SECRET }, dropbox: { - clientID: process.env.HMD_DROPBOX_CLIENTID, - clientSecret: process.env.HMD_DROPBOX_CLIENTSECRET, - appKey: process.env.HMD_DROPBOX_APPKEY + clientID: process.env.CMD_DROPBOX_CLIENTID, + clientSecret: process.env.CMD_DROPBOX_CLIENTSECRET, + appKey: process.env.CMD_DROPBOX_APPKEY }, google: { - clientID: process.env.HMD_GOOGLE_CLIENTID, - clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET + clientID: process.env.CMD_GOOGLE_CLIENTID, + clientSecret: process.env.CMD_GOOGLE_CLIENTSECRET }, ldap: { - providerName: process.env.HMD_LDAP_PROVIDERNAME, - url: process.env.HMD_LDAP_URL, - bindDn: process.env.HMD_LDAP_BINDDN, - bindCredentials: process.env.HMD_LDAP_BINDCREDENTIALS, - searchBase: process.env.HMD_LDAP_SEARCHBASE, - searchFilter: process.env.HMD_LDAP_SEARCHFILTER, - searchAttributes: toArrayConfig(process.env.HMD_LDAP_SEARCHATTRIBUTES), - usernameField: process.env.HMD_LDAP_USERNAMEFIELD, - useridField: process.env.HMD_LDAP_USERIDFIELD, - tlsca: process.env.HMD_LDAP_TLS_CA + providerName: process.env.CMD_LDAP_PROVIDERNAME, + url: process.env.CMD_LDAP_URL, + bindDn: process.env.CMD_LDAP_BINDDN, + bindCredentials: process.env.CMD_LDAP_BINDCREDENTIALS, + searchBase: process.env.CMD_LDAP_SEARCHBASE, + searchFilter: process.env.CMD_LDAP_SEARCHFILTER, + searchAttributes: toArrayConfig(process.env.CMD_LDAP_SEARCHATTRIBUTES), + usernameField: process.env.CMD_LDAP_USERNAMEFIELD, + useridField: process.env.CMD_LDAP_USERIDFIELD, + tlsca: process.env.CMD_LDAP_TLS_CA }, saml: { - idpSsoUrl: process.env.HMD_SAML_IDPSSOURL, - idpCert: process.env.HMD_SAML_IDPCERT, - issuer: process.env.HMD_SAML_ISSUER, - identifierFormat: process.env.HMD_SAML_IDENTIFIERFORMAT, - groupAttribute: process.env.HMD_SAML_GROUPATTRIBUTE, - externalGroups: toArrayConfig(process.env.HMD_SAML_EXTERNALGROUPS, '|', []), - requiredGroups: toArrayConfig(process.env.HMD_SAML_REQUIREDGROUPS, '|', []), + idpSsoUrl: process.env.CMD_SAML_IDPSSOURL, + idpCert: process.env.CMD_SAML_IDPCERT, + issuer: process.env.CMD_SAML_ISSUER, + identifierFormat: process.env.CMD_SAML_IDENTIFIERFORMAT, + groupAttribute: process.env.CMD_SAML_GROUPATTRIBUTE, + externalGroups: toArrayConfig(process.env.CMD_SAML_EXTERNALGROUPS, '|', []), + requiredGroups: toArrayConfig(process.env.CMD_SAML_REQUIREDGROUPS, '|', []), attribute: { - id: process.env.HMD_SAML_ATTRIBUTE_ID, - username: process.env.HMD_SAML_ATTRIBUTE_USERNAME, - email: process.env.HMD_SAML_ATTRIBUTE_EMAIL + id: process.env.CMD_SAML_ATTRIBUTE_ID, + username: process.env.CMD_SAML_ATTRIBUTE_USERNAME, + email: process.env.CMD_SAML_ATTRIBUTE_EMAIL } }, - email: toBooleanConfig(process.env.HMD_EMAIL), - allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), - allowGravatar: toBooleanConfig(process.env.HMD_ALLOW_GRAVATAR), - allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) + email: toBooleanConfig(process.env.CMD_EMAIL), + allowEmailRegister: toBooleanConfig(process.env.CMD_ALLOW_EMAIL_REGISTER), + allowGravatar: toBooleanConfig(process.env.CMD_ALLOW_GRAVATAR), + allowPDFExport: toBooleanConfig(process.env.CMD_ALLOW_PDF_EXPORT) } diff --git a/lib/config/hackmdEnvironment.js b/lib/config/hackmdEnvironment.js new file mode 100644 index 00000000..e1c11569 --- /dev/null +++ b/lib/config/hackmdEnvironment.js @@ -0,0 +1,124 @@ +'use strict' + +const {toBooleanConfig, toArrayConfig, toIntegerConfig} = require('./utils') + +module.exports = { + domain: process.env.HMD_DOMAIN, + urlPath: process.env.HMD_URL_PATH, + port: toIntegerConfig(process.env.HMD_PORT), + urlAddPort: toBooleanConfig(process.env.HMD_URL_ADDPORT), + useSSL: toBooleanConfig(process.env.HMD_USESSL), + hsts: { + enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE), + maxAgeSeconds: process.env.HMD_HSTS_MAX_AGE, + includeSubdomains: toBooleanConfig(process.env.HMD_HSTS_INCLUDE_SUBDOMAINS), + preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD) + }, + csp: { + enable: toBooleanConfig(process.env.HMD_CSP_ENABLE), + reportURI: process.env.HMD_CSP_REPORTURI + }, + protocolUseSSL: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), + allowOrigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN), + useCDN: toBooleanConfig(process.env.HMD_USECDN), + allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS), + allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS), + allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), + defaultPermission: process.env.HMD_DEFAULT_PERMISSION, + dbURL: process.env.HMD_DB_URL, + sessionSecret: process.env.HMD_SESSION_SECRET, + sessionLife: toIntegerConfig(process.env.HMD_SESSION_LIFE), + imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE, + imgur: { + clientID: process.env.HMD_IMGUR_CLIENTID + }, + s3: { + accessKeyId: process.env.HMD_S3_ACCESS_KEY_ID, + secretAccessKey: process.env.HMD_S3_SECRET_ACCESS_KEY, + region: process.env.HMD_S3_REGION + }, + minio: { + accessKey: process.env.HMD_MINIO_ACCESS_KEY, + secretKey: process.env.HMD_MINIO_SECRET_KEY, + endPoint: process.env.HMD_MINIO_ENDPOINT, + secure: toBooleanConfig(process.env.HMD_MINIO_SECURE), + port: toIntegerConfig(process.env.HMD_MINIO_PORT) + }, + s3bucket: process.env.HMD_S3_BUCKET, + azure: { + connectionString: process.env.HMD_AZURE_CONNECTION_STRING, + container: process.env.HMD_AZURE_CONTAINER + }, + facebook: { + clientID: process.env.HMD_FACEBOOK_CLIENTID, + clientSecret: process.env.HMD_FACEBOOK_CLIENTSECRET + }, + twitter: { + consumerKey: process.env.HMD_TWITTER_CONSUMERKEY, + consumerSecret: process.env.HMD_TWITTER_CONSUMERSECRET + }, + github: { + clientID: process.env.HMD_GITHUB_CLIENTID, + clientSecret: process.env.HMD_GITHUB_CLIENTSECRET + }, + gitlab: { + baseURL: process.env.HMD_GITLAB_BASEURL, + clientID: process.env.HMD_GITLAB_CLIENTID, + clientSecret: process.env.HMD_GITLAB_CLIENTSECRET, + scope: process.env.HMD_GITLAB_SCOPE + }, + mattermost: { + baseURL: process.env.HMD_MATTERMOST_BASEURL, + clientID: process.env.HMD_MATTERMOST_CLIENTID, + clientSecret: process.env.HMD_MATTERMOST_CLIENTSECRET + }, + oauth2: { + baseURL: process.env.HMD_OAUTH2_BASEURL, + userProfileURL: process.env.HMD_OAUTH2_USER_PROFILE_URL, + userProfileUsernameAttr: process.env.HMD_OAUTH2_USER_PROFILE_USERNAME_ATTR, + userProfileDisplayNameAttr: process.env.HMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR, + userProfileEmailAttr: process.env.HMD_OAUTH2_USER_PROFILE_EMAIL_ATTR, + tokenURL: process.env.HMD_OAUTH2_TOKEN_URL, + authorizationURL: process.env.HMD_OAUTH2_AUTHORIZATION_URL, + clientID: process.env.HMD_OAUTH2_CLIENT_ID, + clientSecret: process.env.HMD_OAUTH2_CLIENT_SECRET + }, + dropbox: { + clientID: process.env.HMD_DROPBOX_CLIENTID, + clientSecret: process.env.HMD_DROPBOX_CLIENTSECRET, + appKey: process.env.HMD_DROPBOX_APPKEY + }, + google: { + clientID: process.env.HMD_GOOGLE_CLIENTID, + clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET + }, + ldap: { + providerName: process.env.HMD_LDAP_PROVIDERNAME, + url: process.env.HMD_LDAP_URL, + bindDn: process.env.HMD_LDAP_BINDDN, + bindCredentials: process.env.HMD_LDAP_BINDCREDENTIALS, + searchBase: process.env.HMD_LDAP_SEARCHBASE, + searchFilter: process.env.HMD_LDAP_SEARCHFILTER, + searchAttributes: toArrayConfig(process.env.HMD_LDAP_SEARCHATTRIBUTES), + usernameField: process.env.HMD_LDAP_USERNAMEFIELD, + useridField: process.env.HMD_LDAP_USERIDFIELD, + tlsca: process.env.HMD_LDAP_TLS_CA + }, + saml: { + idpSsoUrl: process.env.HMD_SAML_IDPSSOURL, + idpCert: process.env.HMD_SAML_IDPCERT, + issuer: process.env.HMD_SAML_ISSUER, + identifierFormat: process.env.HMD_SAML_IDENTIFIERFORMAT, + groupAttribute: process.env.HMD_SAML_GROUPATTRIBUTE, + externalGroups: toArrayConfig(process.env.HMD_SAML_EXTERNALGROUPS, '|', []), + requiredGroups: toArrayConfig(process.env.HMD_SAML_REQUIREDGROUPS, '|', []), + attribute: { + id: process.env.HMD_SAML_ATTRIBUTE_ID, + username: process.env.HMD_SAML_ATTRIBUTE_USERNAME, + email: process.env.HMD_SAML_ATTRIBUTE_EMAIL + } + }, + email: toBooleanConfig(process.env.HMD_EMAIL), + allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), + allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) +} diff --git a/lib/config/index.js b/lib/config/index.js index 79330443..760d94a1 100644 --- a/lib/config/index.js +++ b/lib/config/index.js @@ -33,6 +33,7 @@ merge(config, debugConfig) merge(config, packageConfig) merge(config, fileConfig) merge(config, require('./oldEnvironment')) +merge(config, require('./hackmdEnvironment')) merge(config, require('./environment')) merge(config, require('./dockerSecret')) @@ -122,6 +123,11 @@ for (let i = keys.length; i--;) { } } +// Notify users about the prefix change and inform them they use legacy prefix for environment variables +if (Object.keys(process.env).toString().indexOf('HMD_') !== -1) { + logger.warn('Using legacy HMD prefix for environment variables. Please change your variables in future. For details see: https://github.com/hackmdio/codimd#environment-variables-will-overwrite-other-server-configs') +} + // Generate session secret if it stays on default values if (config.sessionSecret === 'secret') { logger.warn('Session secret not set. Using random generated one. Please set `sessionSecret` in your config.js file. All users will be logged out.') -- cgit v1.2.3