This config object was originally ported from the HD1 config, but is not required anymore. HD2 does not support handling TLS anymore, so it does not make sense for it to set TLS-related headers. The reverse proxy terminating TLS can easily set HSTS headers. Signed-off-by: David Mehren <git@herrmehren.de>
3.6 KiB
Config
!!! info "Design Document" This is a design document, explaining the design and vision for a HedgeDoc 2 feature. It is not a user guide and may or may not be fully implemented.
The configuration of HedgeDoc 2 is handled entirely by environment variables.
Most of these variables are prefixed with HD_
(for HedgeDoc).
NestJS - the framework we use - is reading the variables from the environment and also from
the .env
file in the root of the project.
How the config code works
The config of HedgeDoc is split up into nine different modules:
app.config.ts
- General configuration of the app
auth.config.ts
- Which authentication providers are available and which options are set
csp.config.ts
- Configuration for Content Security Policy
customization.config.ts
- Config to customize the instance and set instance specific links
database.config.ts
- Which database should be used
external-services.config.ts
- Which external services are activated and where can they be called
media.config.ts
- Where media files are being stored
note.config.ts
- Configuration for notes
Each of those files (except auth.config.ts
which is discussed later) consists of three parts:
- An interface
- A Joi schema
- A default export
Interface
The interface just describes which options the configuration has and how the rest of HedgeDoc can
use them. All enums that are used in here are put in their own files with the extension .enum.ts
.
Joi Schema
We use Joi to validate each provided configuration to make sure the configuration of the user is sound and provides helpful error messages otherwise.
The most important part here is that each value ends with .label()
. This names the
environment variable that corresponds to each config option. It's very important that each config
option is assigned the correct label to have meaningful error messages that benefit the user.
Everything else about how Joi works and how you should write schemas can be read in their documentation.
A default export
The default exports are used by NestJS to provide the values to the rest of the application. We mostly do four things here:
- Populate the config interface with environment variables, creating the config object.
- Validate the config object against the Joi schema.
- Polish the error messages from Joi and present them to the user (if any occur).
- Return the validated config object.
How auth.config.ts
works
Because it's possible to configure some authentication providers multiple times (e.g. multiple LDAPs or GitLabs), we use user defined environment variable names. With the user defined names it's not possible to put the correct labels in the schema or build the config objects as we do in every other file.
Therefore, we have two big extra steps in the default export:
- To populate the config object we have some code at the top of the default export to gather all configured variables into arrays.
- The error messages are piped into the util method
replaceAuthErrorsWithEnvironmentVariables
. This replaces the error messages of the formgitlab[0].providerName
withHD_AUTH_GITLAB_<nameOfFirstGitlab>_PROVIDER_NAME
. For this the util function gets the error, the name of the config option (e.g'gitlab'
), the approriate prefix (e.g.'HD_AUTH_GITLAB_'
), and an array of the user defined names.
Mocks
Some config files also have a .mock.ts
file which defines the configuration for the e2e tests.
Those files just contain the default export and return the mock config object.