Rename HTTPS env vars

This commit is contained in:
Tankred Hase 2016-06-10 19:42:00 +02:00
parent 7a8600ae9c
commit 7ae7c6da87
4 changed files with 11 additions and 11 deletions

View File

@ -231,9 +231,9 @@ The `config/development.js` file can be used to configure a local development in
* SMTP_PASS=smtp_pass * SMTP_PASS=smtp_pass
* SENDER_NAME="OpenPGP Key Server" * SENDER_NAME="OpenPGP Key Server"
* SENDER_EMAIL=noreply@example.com * SENDER_EMAIL=noreply@example.com
* UPGRADE_HTTPS=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security)) * HTTPS_UPGRADE=true (upgrade HTTP requests to HTTPS and use [HSTS](https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security))
* PUBLIC_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning)) * HTTPS_KEY_PIN=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))
* PUBLIC_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning)) * HTTPS_KEY_PIN_BACKUP=base64_encoded_sha256 (optional, see [HPKP](https://developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning))

View File

@ -6,9 +6,9 @@ module.exports = {
server: { server: {
port: process.env.PORT || 8888, port: process.env.PORT || 8888,
upgradeHTTPS: process.env.UPGRADE_HTTPS, httpsUpgrade: process.env.HTTPS_UPGRADE,
publicKeyPin: process.env.PUBLIC_KEY_PIN, httpsKeyPin: process.env.HTTPS_KEY_PIN,
publicKeyPinBackup: process.env.PUBLIC_KEY_PIN_BACKUP httpsKeyPinBackup: process.env.HTTPS_KEY_PIN_BACKUP
}, },
mongo: { mongo: {

View File

@ -5,7 +5,7 @@ module.exports = {
}, },
server: { server: {
upgradeHTTPS: process.env.UPGRADE_HTTPS || true // use HTTPS by default httpsUpgrade: process.env.HTTPS_UPGRADE || true // use HTTPS by default
} }
}; };

View File

@ -75,7 +75,7 @@ router.get('/', home);
// Redirect all http traffic to https // Redirect all http traffic to https
app.use(function *(next) { app.use(function *(next) {
if (util.isTrue(config.server.upgradeHTTPS) && util.checkHTTP(this)) { if (util.isTrue(config.server.httpsUpgrade) && util.checkHTTP(this)) {
this.redirect('https://' + this.hostname + this.url); this.redirect('https://' + this.hostname + this.url);
} else { } else {
yield next; yield next;
@ -84,11 +84,11 @@ app.use(function *(next) {
// Set HTTP response headers // Set HTTP response headers
app.use(function *(next) { app.use(function *(next) {
if (util.isTrue(config.server.upgradeHTTPS)) { if (util.isTrue(config.server.httpsUpgrade)) {
this.set('Strict-Transport-Security', 'max-age=16070400'); this.set('Strict-Transport-Security', 'max-age=16070400');
} }
if (config.server.publicKeyPin && config.server.publicKeyPinBackup) { if (config.server.httpsKeyPin && config.server.httpsKeyPinBackup) {
this.set('Public-Key-Pins', 'pin-sha256="' + config.server.publicKeyPin + '"; pin-sha256="' + config.server.publicKeyPinBackup + '"; max-age=16070400'); this.set('Public-Key-Pins', 'pin-sha256="' + config.server.httpsKeyPin + '"; pin-sha256="' + config.server.httpsKeyPinBackup + '"; max-age=16070400');
} }
this.set('Access-Control-Allow-Origin', '*'); this.set('Access-Control-Allow-Origin', '*');
this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');