Add on/off env var for HSTS

This commit is contained in:
Literallie 2017-10-13 01:14:50 +02:00
parent 56411ca0e1
commit 1634d5c567
No known key found for this signature in database
GPG key ID: 7BE463C902ED152C
3 changed files with 8 additions and 1 deletions

View file

@ -154,6 +154,7 @@ Environment variables (will overwrite other server configs)
| HMD_S3_SECRET_ACCESS_KEY | no example | AWS secret key | | HMD_S3_SECRET_ACCESS_KEY | no example | AWS secret key |
| HMD_S3_REGION | `ap-northeast-1` | AWS S3 region | | HMD_S3_REGION | `ap-northeast-1` | AWS S3 region |
| HMD_S3_BUCKET | no example | AWS S3 bucket name | | HMD_S3_BUCKET | no example | AWS S3 bucket name |
| HMD_HSTS_ENABLE | ` true` | set to enable [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) if HTTPS is also enabled (default is ` true`) |
Application settings `config.json` Application settings `config.json`
--- ---

View file

@ -23,7 +23,10 @@
"description": "Specify database type. See sequelize available databases. Default using postgres", "description": "Specify database type. See sequelize available databases. Default using postgres",
"value": "postgres" "value": "postgres"
}, },
"HMD_HSTS_ENABLE": {
"description": "whether to also use HSTS if HTTPS is enabled",
"required": false
},
"HMD_DOMAIN": { "HMD_DOMAIN": {
"description": "domain name", "description": "domain name",
"required": false "required": false

View file

@ -8,6 +8,9 @@ module.exports = {
port: process.env.HMD_PORT, port: process.env.HMD_PORT,
urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT), urladdport: toBooleanConfig(process.env.HMD_URL_ADDPORT),
usessl: toBooleanConfig(process.env.HMD_USESSL), usessl: toBooleanConfig(process.env.HMD_USESSL),
hsts: {
enable: toBooleanConfig(process.env.HMD_HSTS_ENABLE),
},
protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL), protocolusessl: toBooleanConfig(process.env.HMD_PROTOCOL_USESSL),
alloworigin: process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : undefined, alloworigin: process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : undefined,
usecdn: toBooleanConfig(process.env.HMD_USECDN), usecdn: toBooleanConfig(process.env.HMD_USECDN),