SSL parameters moved into the config abstraction

src/cloud/config.ts

@@ -44,6 +44,9 @@ export interface ConfigModel {
     JWT_ENABLE_FEATURE: boolean;
     API_BASE_PATH: string;
     TENANT_JOURNAL_ON_DATA_PARTITION: boolean;
+    SSL_ENABLED?: boolean;
+    SSL_KEY_PATH?: string;
+    SSL_CERT_PATH?: string;
     FEATURE_FLAG_AUTHORIZATION: boolean;
     FEATURE_FLAG_LEGALTAG: boolean;
     FEATURE_FLAG_SEISMICMETA_STORAGE: boolean;
@@ -125,6 +128,11 @@ export abstract class Config implements IConfig {
     public static FEATURE_FLAG_LOGGING = true;
     public static FEATURE_FLAG_STACKDRIVER_EXPORTER = true;
 
+    // Server SSL
+    public static SSL_ENABLED = false;
+    public static SSL_KEY_PATH: string;
+    public static SSL_CERT_PATH: string;
+
     // WriteLock Skip
     // This is an open issue to discuss.
     // Checking the write lock is the correct behaviour and this varialbe shoudl be set to "false".
@@ -187,6 +195,10 @@ export abstract class Config implements IConfig {
 
         Config.TENANT_JOURNAL_ON_DATA_PARTITION = model.TENANT_JOURNAL_ON_DATA_PARTITION || false;
 
+        Config.SSL_ENABLED = model.SSL_ENABLED || false;
+        Config.SSL_KEY_PATH = model.SSL_KEY_PATH;
+        Config.SSL_CERT_PATH = model.SSL_CERT_PATH;
+
         Config.checkRequiredConfig(Config.CLOUDPROVIDER, 'CLOUDPROVIDER');
         Config.checkRequiredConfig(Config.SERVICE_ENV, 'SERVICE_ENV');
         Config.checkRequiredConfig(Config.IMP_SERVICE_ACCOUNT_SIGNER, 'IMP_SERVICE_ACCOUNT_SIGNER');

src/cloud/providers/aws/config.ts

@@ -63,6 +63,9 @@ export class AWSConfig extends Config {
             JWT_AUDIENCE: process.env.JWT_AUDIENCE||'',
             JWT_ENABLE_FEATURE: process.env.JWT_ENABLE_FEATURE ? process.env.JWT_ENABLE_FEATURE === 'true' : false,
             TENANT_JOURNAL_ON_DATA_PARTITION: true,
+            SSL_ENABLED: process.env.SSL_ENABLED === 'true',
+            SSL_KEY_PATH: process.env.SSL_KEY_PATH,
+            SSL_CERT_PATH: process.env.SSL_CERT_PATH,
             FEATURE_FLAG_AUTHORIZATION: process.env.FEATURE_FLAG_AUTHORIZATION !== undefined ?
                 process.env.FEATURE_FLAG_AUTHORIZATION !== 'false' : true,
             FEATURE_FLAG_LEGALTAG: process.env.FEATURE_FLAG_LEGALTAG !== undefined ?

src/server/server.ts

@@ -124,11 +124,11 @@ export class Server {
 
 
         // SSL
-        if (process.env.SSL_ENABLED === 'true'){
-        const privateKey  = fs.readFileSync(process.env.SSL_KEY_PATH, 'utf8');
-        const certificate = fs.readFileSync(process.env.SSL_CERT_PATH, 'utf8');
-        const credentials = {key: privateKey, cert: certificate};
-        this.httpsServer = https.createServer(credentials, this.app).listen(this.port, () => {
+        if (Config.SSL_ENABLED){
+            const privateKey  = fs.readFileSync(Config.SSL_KEY_PATH, 'utf8');
+            const certificate = fs.readFileSync(Config.SSL_CERT_PATH, 'utf8');
+            const credentials = {key: privateKey, cert: certificate};
+            this.httpsServer = https.createServer(credentials, this.app).listen(this.port, () => {
                 // tslint:disable-next-line
                 console.log(`- Server is listening on port ${this.port}...`);
             });