summaryrefslogtreecommitdiff
path: root/lib/config/hackmdEnvironment.js
blob: dcfda0bc1fe437f919d38fac30158422007fb772 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
'use strict'

const { toBooleanConfig, toArrayConfig, toIntegerConfig } = require('./utils')

module.exports = {
  domain: process.env.HMD_DOMAIN,
  urlPath: process.env.HMD_URL_PATH,
  port: toIntegerConfig(process.env.HMD_PORT),
  urlAddPort: toBooleanConfig(process.env.HMD_URL_ADDPORT),
  useSSL: toBooleanConfig(process.env.HMD_USESSL),
  hsts: {
    enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE),
    maxAgeSeconds: toIntegerConfig(process.env.HMD_HSTS_MAX_AGE),
    includeSubdomains: toBooleanConfig(process.env.HMD_HSTS_INCLUDE_SUBDOMAINS),
    preload: toBooleanConfig(process.env.HMD_HSTS_PRELOAD)
  },
  csp: {
    enable: toBooleanConfig(process.env.HMD_CSP_ENABLE),
    reportURI: process.env.HMD_CSP_REPORTURI
  },
  protocolUseSSL: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL),
  allowOrigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
  useCDN: toBooleanConfig(process.env.HMD_USECDN),
  allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
  allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
  allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
  defaultPermission: process.env.HMD_DEFAULT_PERMISSION,
  dbURL: process.env.HMD_DB_URL,
  sessionSecret: process.env.HMD_SESSION_SECRET,
  sessionLife: toIntegerConfig(process.env.HMD_SESSION_LIFE),
  imageUploadType: process.env.HMD_IMAGE_UPLOAD_TYPE,
  imgur: {
    clientID: process.env.HMD_IMGUR_CLIENTID
  },
  s3: {
    accessKeyId: process.env.HMD_S3_ACCESS_KEY_ID,
    secretAccessKey: process.env.HMD_S3_SECRET_ACCESS_KEY,
    region: process.env.HMD_S3_REGION
  },
  minio: {
    accessKey: process.env.HMD_MINIO_ACCESS_KEY,
    secretKey: process.env.HMD_MINIO_SECRET_KEY,
    endPoint: process.env.HMD_MINIO_ENDPOINT,
    secure: toBooleanConfig(process.env.HMD_MINIO_SECURE),
    port: toIntegerConfig(process.env.HMD_MINIO_PORT)
  },
  s3bucket: process.env.HMD_S3_BUCKET,
  azure: {
    connectionString: process.env.HMD_AZURE_CONNECTION_STRING,
    container: process.env.HMD_AZURE_CONTAINER
  },
  facebook: {
    clientID: process.env.HMD_FACEBOOK_CLIENTID,
    clientSecret: process.env.HMD_FACEBOOK_CLIENTSECRET
  },
  twitter: {
    consumerKey: process.env.HMD_TWITTER_CONSUMERKEY,
    consumerSecret: process.env.HMD_TWITTER_CONSUMERSECRET
  },
  github: {
    clientID: process.env.HMD_GITHUB_CLIENTID,
    clientSecret: process.env.HMD_GITHUB_CLIENTSECRET
  },
  gitlab: {
    baseURL: process.env.HMD_GITLAB_BASEURL,
    clientID: process.env.HMD_GITLAB_CLIENTID,
    clientSecret: process.env.HMD_GITLAB_CLIENTSECRET,
    scope: process.env.HMD_GITLAB_SCOPE
  },
  mattermost: {
    baseURL: process.env.HMD_MATTERMOST_BASEURL,
    clientID: process.env.HMD_MATTERMOST_CLIENTID,
    clientSecret: process.env.HMD_MATTERMOST_CLIENTSECRET
  },
  oauth2: {
    baseURL: process.env.HMD_OAUTH2_BASEURL,
    userProfileURL: process.env.HMD_OAUTH2_USER_PROFILE_URL,
    userProfileUsernameAttr: process.env.HMD_OAUTH2_USER_PROFILE_USERNAME_ATTR,
    userProfileDisplayNameAttr: process.env.HMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR,
    userProfileEmailAttr: process.env.HMD_OAUTH2_USER_PROFILE_EMAIL_ATTR,
    tokenURL: process.env.HMD_OAUTH2_TOKEN_URL,
    authorizationURL: process.env.HMD_OAUTH2_AUTHORIZATION_URL,
    clientID: process.env.HMD_OAUTH2_CLIENT_ID,
    clientSecret: process.env.HMD_OAUTH2_CLIENT_SECRET
  },
  dropbox: {
    clientID: process.env.HMD_DROPBOX_CLIENTID,
    clientSecret: process.env.HMD_DROPBOX_CLIENTSECRET,
    appKey: process.env.HMD_DROPBOX_APPKEY
  },
  google: {
    clientID: process.env.HMD_GOOGLE_CLIENTID,
    clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET
  },
  ldap: {
    providerName: process.env.HMD_LDAP_PROVIDERNAME,
    url: process.env.HMD_LDAP_URL,
    bindDn: process.env.HMD_LDAP_BINDDN,
    bindCredentials: process.env.HMD_LDAP_BINDCREDENTIALS,
    searchBase: process.env.HMD_LDAP_SEARCHBASE,
    searchFilter: process.env.HMD_LDAP_SEARCHFILTER,
    searchAttributes: toArrayConfig(process.env.HMD_LDAP_SEARCHATTRIBUTES),
    usernameField: process.env.HMD_LDAP_USERNAMEFIELD,
    useridField: process.env.HMD_LDAP_USERIDFIELD,
    tlsca: process.env.HMD_LDAP_TLS_CA
  },
  saml: {
    idpSsoUrl: process.env.HMD_SAML_IDPSSOURL,
    idpCert: process.env.HMD_SAML_IDPCERT,
    issuer: process.env.HMD_SAML_ISSUER,
    identifierFormat: process.env.HMD_SAML_IDENTIFIERFORMAT,
    disableRequestedAuthnContext: toBooleanConfig(process.env.HMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT),
    groupAttribute: process.env.HMD_SAML_GROUPATTRIBUTE,
    externalGroups: toArrayConfig(process.env.HMD_SAML_EXTERNALGROUPS, '|', []),
    requiredGroups: toArrayConfig(process.env.HMD_SAML_REQUIREDGROUPS, '|', []),
    attribute: {
      id: process.env.HMD_SAML_ATTRIBUTE_ID,
      username: process.env.HMD_SAML_ATTRIBUTE_USERNAME,
      email: process.env.HMD_SAML_ATTRIBUTE_EMAIL
    }
  },
  email: toBooleanConfig(process.env.HMD_EMAIL),
  allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER),
  allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT)
}