221 lines
11 KiB
JavaScript
221 lines
11 KiB
JavaScript
'use strict'
|
|
// external modules
|
|
var fs = require('fs')
|
|
var path = require('path')
|
|
|
|
// configs
|
|
var env = process.env.NODE_ENV || 'development'
|
|
var config = require(path.join(__dirname, '..', 'config.json'))[env]
|
|
var debug = process.env.DEBUG ? (process.env.DEBUG === 'true') : ((typeof config.debug === 'boolean') ? config.debug : (env === 'development'))
|
|
|
|
// Create function that reads docker secrets but fails fast in case of a non docker environment
|
|
var handleDockerSecret = fs.existsSync('/run/secrets/') ? function (secret) {
|
|
return fs.existsSync('/run/secrets/' + secret) ? fs.readFileSync('/run/secrets/' + secret) : null
|
|
} : function () {
|
|
return null
|
|
}
|
|
|
|
// url
|
|
var domain = process.env.DOMAIN || process.env.HMD_DOMAIN || config.domain || ''
|
|
var urlpath = process.env.URL_PATH || process.env.HMD_URL_PATH || config.urlpath || ''
|
|
var port = process.env.PORT || process.env.HMD_PORT || config.port || 3000
|
|
var alloworigin = process.env.HMD_ALLOW_ORIGIN ? process.env.HMD_ALLOW_ORIGIN.split(',') : (config.alloworigin || ['localhost'])
|
|
|
|
var usessl = !!config.usessl
|
|
var protocolusessl = (usessl === true && typeof process.env.HMD_PROTOCOL_USESSL === 'undefined' && typeof config.protocolusessl === 'undefined')
|
|
? true : (process.env.HMD_PROTOCOL_USESSL ? (process.env.HMD_PROTOCOL_USESSL === 'true') : !!config.protocolusessl)
|
|
var urladdport = process.env.HMD_URL_ADDPORT ? (process.env.HMD_URL_ADDPORT === 'true') : !!config.urladdport
|
|
|
|
var usecdn = process.env.HMD_USECDN ? (process.env.HMD_USECDN === 'true') : ((typeof config.usecdn === 'boolean') ? config.usecdn : true)
|
|
|
|
var allowanonymous = process.env.HMD_ALLOW_ANONYMOUS ? (process.env.HMD_ALLOW_ANONYMOUS === 'true') : ((typeof config.allowanonymous === 'boolean') ? config.allowanonymous : true)
|
|
|
|
var allowfreeurl = process.env.HMD_ALLOW_FREEURL ? (process.env.HMD_ALLOW_FREEURL === 'true') : !!config.allowfreeurl
|
|
|
|
var permissions = ['editable', 'limited', 'locked', 'protected', 'private']
|
|
if (allowanonymous) {
|
|
permissions.unshift('freely')
|
|
}
|
|
|
|
var defaultpermission = process.env.HMD_DEFAULT_PERMISSION || config.defaultpermission
|
|
defaultpermission = permissions.indexOf(defaultpermission) !== -1 ? defaultpermission : 'editable'
|
|
|
|
// db
|
|
var dburl = process.env.HMD_DB_URL || process.env.DATABASE_URL || config.dburl
|
|
var db = config.db || {}
|
|
|
|
// ssl path
|
|
var sslkeypath = (fs.existsSync('/run/secrets/key.pem') ? '/run/secrets/key.pem' : null) || config.sslkeypath || ''
|
|
var sslcertpath = (fs.existsSync('/run/secrets/cert.pem') ? '/run/secrets/cert.pem' : null) || config.sslcertpath || ''
|
|
var sslcapath = (fs.existsSync('/run/secrets/ca.pem') ? '/run/secrets/ca.pem' : null) || config.sslcapath || ''
|
|
var dhparampath = (fs.existsSync('/run/secrets/dhparam.pem') ? '/run/secrets/dhparam.pem' : null) || config.dhparampath || ''
|
|
|
|
// other path
|
|
var tmppath = config.tmppath || './tmp'
|
|
var defaultnotepath = config.defaultnotepath || './public/default.md'
|
|
var docspath = config.docspath || './public/docs'
|
|
var indexpath = config.indexpath || './public/views/index.ejs'
|
|
var hackmdpath = config.hackmdpath || './public/views/hackmd.ejs'
|
|
var errorpath = config.errorpath || './public/views/error.ejs'
|
|
var prettypath = config.prettypath || './public/views/pretty.ejs'
|
|
var slidepath = config.slidepath || './public/views/slide.ejs'
|
|
|
|
// session
|
|
var sessionname = config.sessionname || 'connect.sid'
|
|
var sessionsecret = handleDockerSecret('sessionsecret') || config.sessionsecret || 'secret'
|
|
var sessionlife = config.sessionlife || 14 * 24 * 60 * 60 * 1000 // 14 days
|
|
|
|
// static files
|
|
var staticcachetime = config.staticcachetime || 1 * 24 * 60 * 60 * 1000 // 1 day
|
|
|
|
// socket.io
|
|
var heartbeatinterval = config.heartbeatinterval || 5000
|
|
var heartbeattimeout = config.heartbeattimeout || 10000
|
|
|
|
// document
|
|
var documentmaxlength = config.documentmaxlength || 100000
|
|
|
|
// image upload setting, available options are imgur/s3/filesystem
|
|
var imageUploadType = process.env.HMD_IMAGE_UPLOAD_TYPE || config.imageUploadType || 'imgur'
|
|
|
|
config.s3 = config.s3 || {}
|
|
var s3 = {
|
|
accessKeyId: handleDockerSecret('s3_acccessKeyId') || process.env.HMD_S3_ACCESS_KEY_ID || config.s3.accessKeyId,
|
|
secretAccessKey: handleDockerSecret('s3_secretAccessKey') || process.env.HMD_S3_SECRET_ACCESS_KEY || config.s3.secretAccessKey,
|
|
region: process.env.HMD_S3_REGION || config.s3.region
|
|
}
|
|
var s3bucket = process.env.HMD_S3_BUCKET || config.s3.bucket
|
|
|
|
// auth
|
|
var facebook = ((process.env.HMD_FACEBOOK_CLIENTID && process.env.HMD_FACEBOOK_CLIENTSECRET) || (fs.existsSync('/run/secrets/facebook_clientID') && fs.existsSync('/run/secrets/facebook_clientSecret'))) ? {
|
|
clientID: handleDockerSecret('facebook_clientID') || process.env.HMD_FACEBOOK_CLIENTID,
|
|
clientSecret: handleDockerSecret('facebook_clientSecret') || process.env.HMD_FACEBOOK_CLIENTSECRET
|
|
} : config.facebook || false
|
|
var twitter = ((process.env.HMD_TWITTER_CONSUMERKEY && process.env.HMD_TWITTER_CONSUMERSECRET) || (fs.existsSync('/run/secrets/twitter_consumerKey') && fs.existsSync('/run/secrets/twitter_consumerSecret'))) ? {
|
|
consumerKey: handleDockerSecret('twitter_consumerKey') || process.env.HMD_TWITTER_CONSUMERKEY,
|
|
consumerSecret: handleDockerSecret('twitter_consumerSecret') || process.env.HMD_TWITTER_CONSUMERSECRET
|
|
} : config.twitter || false
|
|
var github = ((process.env.HMD_GITHUB_CLIENTID && process.env.HMD_GITHUB_CLIENTSECRET) || (fs.existsSync('/run/secrets/github_clientID') && fs.existsSync('/run/secrets/github_clientSecret'))) ? {
|
|
clientID: handleDockerSecret('github_clientID') || process.env.HMD_GITHUB_CLIENTID,
|
|
clientSecret: handleDockerSecret('github_clientSecret') || process.env.HMD_GITHUB_CLIENTSECRET
|
|
} : config.github || false
|
|
var gitlab = ((process.env.HMD_GITLAB_CLIENTID && process.env.HMD_GITLAB_CLIENTSECRET) || (fs.existsSync('/run/secrets/gitlab_clientID') && fs.existsSync('/run/secrets/gitlab_clientSecret'))) ? {
|
|
baseURL: process.env.HMD_GITLAB_BASEURL,
|
|
clientID: handleDockerSecret('gitlab_clientID') || process.env.HMD_GITLAB_CLIENTID,
|
|
clientSecret: handleDockerSecret('gitlab_clientSecret') || process.env.HMD_GITLAB_CLIENTSECRET,
|
|
scope: process.env.HMD_GITLAB_SCOPE
|
|
} : (config.gitlab && config.gitlab.clientID && config.gitlab.clientSecret && config.gitlab) || false
|
|
var dropbox = ((process.env.HMD_DROPBOX_CLIENTID && process.env.HMD_DROPBOX_CLIENTSECRET) || (fs.existsSync('/run/secrets/dropbox_clientID') && fs.existsSync('/run/secrets/dropbox_clientSecret'))) ? {
|
|
clientID: handleDockerSecret('dropbox_clientID') || process.env.HMD_DROPBOX_CLIENTID,
|
|
clientSecret: handleDockerSecret('dropbox_clientSecret') || process.env.HMD_DROPBOX_CLIENTSECRET
|
|
} : (config.dropbox && config.dropbox.clientID && config.dropbox.clientSecret && config.dropbox) || false
|
|
var google = ((process.env.HMD_GOOGLE_CLIENTID && process.env.HMD_GOOGLE_CLIENTSECRET) ||
|
|
(fs.existsSync('/run/secrets/google_clientID') && fs.existsSync('/run/secrets/google_clientSecret'))) ? {
|
|
clientID: handleDockerSecret('google_clientID') || process.env.HMD_GOOGLE_CLIENTID,
|
|
clientSecret: handleDockerSecret('google_clientSecret') || process.env.HMD_GOOGLE_CLIENTSECRET
|
|
} : (config.google && config.google.clientID && config.google.clientSecret && config.google) || false
|
|
var ldap = config.ldap || ((
|
|
process.env.HMD_LDAP_URL ||
|
|
process.env.HMD_LDAP_BINDDN ||
|
|
process.env.HMD_LDAP_BINDCREDENTIALS ||
|
|
process.env.HMD_LDAP_TOKENSECRET ||
|
|
process.env.HMD_LDAP_SEARCHBASE ||
|
|
process.env.HMD_LDAP_SEARCHFILTER ||
|
|
process.env.HMD_LDAP_SEARCHATTRIBUTES ||
|
|
process.env.HMD_LDAP_TLS_CA ||
|
|
process.env.HMD_LDAP_PROVIDERNAME
|
|
) ? {} : false)
|
|
if (process.env.HMD_LDAP_URL) { ldap.url = process.env.HMD_LDAP_URL }
|
|
if (process.env.HMD_LDAP_BINDDN) { ldap.bindDn = process.env.HMD_LDAP_BINDDN }
|
|
if (process.env.HMD_LDAP_BINDCREDENTIALS) { ldap.bindCredentials = process.env.HMD_LDAP_BINDCREDENTIALS }
|
|
if (process.env.HMD_LDAP_TOKENSECRET) { ldap.tokenSecret = process.env.HMD_LDAP_TOKENSECRET }
|
|
if (process.env.HMD_LDAP_SEARCHBASE) { ldap.searchBase = process.env.HMD_LDAP_SEARCHBASE }
|
|
if (process.env.HMD_LDAP_SEARCHFILTER) { ldap.searchFilter = process.env.HMD_LDAP_SEARCHFILTER }
|
|
if (process.env.HMD_LDAP_SEARCHATTRIBUTES) { ldap.searchAttributes = process.env.HMD_LDAP_SEARCHATTRIBUTES }
|
|
if (process.env.HMD_LDAP_TLS_CA) {
|
|
var ca = {
|
|
ca: process.env.HMD_LDAP_TLS_CA.split(',')
|
|
}
|
|
ldap.tlsOptions = ldap.tlsOptions ? Object.assign(ldap.tlsOptions, ca) : ca
|
|
if (Array.isArray(ldap.tlsOptions.ca) && ldap.tlsOptions.ca.length > 0) {
|
|
var i, len, results
|
|
results = []
|
|
for (i = 0, len = ldap.tlsOptions.ca.length; i < len; i++) {
|
|
results.push(fs.readFileSync(ldap.tlsOptions.ca[i], 'utf8'))
|
|
}
|
|
ldap.tlsOptions.ca = results
|
|
}
|
|
}
|
|
if (process.env.HMD_LDAP_PROVIDERNAME) {
|
|
ldap.providerName = process.env.HMD_LDAP_PROVIDERNAME
|
|
}
|
|
var imgur = handleDockerSecret('imgur_clientid') || process.env.HMD_IMGUR_CLIENTID || config.imgur || false
|
|
var email = process.env.HMD_EMAIL ? (process.env.HMD_EMAIL === 'true') : !!config.email
|
|
var allowemailregister = process.env.HMD_ALLOW_EMAIL_REGISTER ? (process.env.HMD_ALLOW_EMAIL_REGISTER === 'true') : ((typeof config.allowemailregister === 'boolean') ? config.allowemailregister : true)
|
|
|
|
function getserverurl () {
|
|
var url = ''
|
|
if (domain) {
|
|
var protocol = protocolusessl ? 'https://' : 'http://'
|
|
url = protocol + domain
|
|
if (urladdport && ((usessl && port !== 443) || (!usessl && port !== 80))) { url += ':' + port }
|
|
}
|
|
if (urlpath) { url += '/' + urlpath }
|
|
return url
|
|
}
|
|
|
|
var version = '0.5.0'
|
|
var minimumCompatibleVersion = '0.5.0'
|
|
var maintenance = true
|
|
var cwd = path.join(__dirname, '..')
|
|
|
|
module.exports = {
|
|
version: version,
|
|
minimumCompatibleVersion: minimumCompatibleVersion,
|
|
maintenance: maintenance,
|
|
debug: debug,
|
|
urlpath: urlpath,
|
|
port: port,
|
|
alloworigin: alloworigin,
|
|
usessl: usessl,
|
|
serverurl: getserverurl(),
|
|
usecdn: usecdn,
|
|
allowanonymous: allowanonymous,
|
|
allowfreeurl: allowfreeurl,
|
|
defaultpermission: defaultpermission,
|
|
dburl: dburl,
|
|
db: db,
|
|
sslkeypath: path.join(cwd, sslkeypath),
|
|
sslcertpath: path.join(cwd, sslcertpath),
|
|
sslcapath: path.join(cwd, sslcapath),
|
|
dhparampath: path.join(cwd, dhparampath),
|
|
tmppath: path.join(cwd, tmppath),
|
|
defaultnotepath: path.join(cwd, defaultnotepath),
|
|
docspath: path.join(cwd, docspath),
|
|
indexpath: path.join(cwd, indexpath),
|
|
hackmdpath: path.join(cwd, hackmdpath),
|
|
errorpath: path.join(cwd, errorpath),
|
|
prettypath: path.join(cwd, prettypath),
|
|
slidepath: path.join(cwd, slidepath),
|
|
sessionname: sessionname,
|
|
sessionsecret: sessionsecret,
|
|
sessionlife: sessionlife,
|
|
staticcachetime: staticcachetime,
|
|
heartbeatinterval: heartbeatinterval,
|
|
heartbeattimeout: heartbeattimeout,
|
|
documentmaxlength: documentmaxlength,
|
|
facebook: facebook,
|
|
twitter: twitter,
|
|
github: github,
|
|
gitlab: gitlab,
|
|
dropbox: dropbox,
|
|
google: google,
|
|
ldap: ldap,
|
|
imgur: imgur,
|
|
email: email,
|
|
allowemailregister: allowemailregister,
|
|
imageUploadType: imageUploadType,
|
|
s3: s3,
|
|
s3bucket: s3bucket
|
|
}
|