Commit 47f7825e authored by Diego Molteni's avatar Diego Molteni
Browse files

SSL parameters moved into the config abstraction

parent ea1fc442
Pipeline #32243 passed with stages
in 16 minutes and 10 seconds
......@@ -44,6 +44,9 @@ export interface ConfigModel {
JWT_ENABLE_FEATURE: boolean;
API_BASE_PATH: string;
TENANT_JOURNAL_ON_DATA_PARTITION: boolean;
SSL_ENABLED?: boolean;
SSL_KEY_PATH?: string;
SSL_CERT_PATH?: string;
FEATURE_FLAG_AUTHORIZATION: boolean;
FEATURE_FLAG_LEGALTAG: boolean;
FEATURE_FLAG_SEISMICMETA_STORAGE: boolean;
......@@ -125,6 +128,11 @@ export abstract class Config implements IConfig {
public static FEATURE_FLAG_LOGGING = true;
public static FEATURE_FLAG_STACKDRIVER_EXPORTER = true;
// Server SSL
public static SSL_ENABLED = false;
public static SSL_KEY_PATH: string;
public static SSL_CERT_PATH: string;
// WriteLock Skip
// This is an open issue to discuss.
// Checking the write lock is the correct behaviour and this varialbe shoudl be set to "false".
......@@ -187,6 +195,10 @@ export abstract class Config implements IConfig {
Config.TENANT_JOURNAL_ON_DATA_PARTITION = model.TENANT_JOURNAL_ON_DATA_PARTITION || false;
Config.SSL_ENABLED = model.SSL_ENABLED || false;
Config.SSL_KEY_PATH = model.SSL_KEY_PATH;
Config.SSL_CERT_PATH = model.SSL_CERT_PATH;
Config.checkRequiredConfig(Config.CLOUDPROVIDER, 'CLOUDPROVIDER');
Config.checkRequiredConfig(Config.SERVICE_ENV, 'SERVICE_ENV');
Config.checkRequiredConfig(Config.IMP_SERVICE_ACCOUNT_SIGNER, 'IMP_SERVICE_ACCOUNT_SIGNER');
......
......@@ -63,6 +63,9 @@ export class AWSConfig extends Config {
JWT_AUDIENCE: process.env.JWT_AUDIENCE||'',
JWT_ENABLE_FEATURE: process.env.JWT_ENABLE_FEATURE ? process.env.JWT_ENABLE_FEATURE === 'true' : false,
TENANT_JOURNAL_ON_DATA_PARTITION: true,
SSL_ENABLED: process.env.SSL_ENABLED === 'true',
SSL_KEY_PATH: process.env.SSL_KEY_PATH,
SSL_CERT_PATH: process.env.SSL_CERT_PATH,
FEATURE_FLAG_AUTHORIZATION: process.env.FEATURE_FLAG_AUTHORIZATION !== undefined ?
process.env.FEATURE_FLAG_AUTHORIZATION !== 'false' : true,
FEATURE_FLAG_LEGALTAG: process.env.FEATURE_FLAG_LEGALTAG !== undefined ?
......
......@@ -124,11 +124,11 @@ export class Server {
// SSL
if (process.env.SSL_ENABLED === 'true'){
const privateKey = fs.readFileSync(process.env.SSL_KEY_PATH, 'utf8');
const certificate = fs.readFileSync(process.env.SSL_CERT_PATH, 'utf8');
const credentials = {key: privateKey, cert: certificate};
this.httpsServer = https.createServer(credentials, this.app).listen(this.port, () => {
if (Config.SSL_ENABLED){
const privateKey = fs.readFileSync(Config.SSL_KEY_PATH, 'utf8');
const certificate = fs.readFileSync(Config.SSL_CERT_PATH, 'utf8');
const credentials = {key: privateKey, cert: certificate};
this.httpsServer = https.createServer(credentials, this.app).listen(this.port, () => {
// tslint:disable-next-line
console.log(`- Server is listening on port ${this.port}...`);
});
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment