forked from outline/outline
-
Notifications
You must be signed in to change notification settings - Fork 0
/
env.ts
679 lines (600 loc) · 17.8 KB
/
env.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
/* eslint-disable no-console */
// eslint-disable-next-line import/order
import environment from "./utils/environment";
import os from "os";
import {
validate,
IsNotEmpty,
IsUrl,
IsOptional,
IsByteLength,
IsNumber,
IsIn,
IsEmail,
IsBoolean,
} from "class-validator";
import uniq from "lodash/uniq";
import { languages } from "@shared/i18n";
import { CannotUseWithout } from "@server/utils/validators";
import Deprecated from "./models/decorators/Deprecated";
import { getArg } from "./utils/args";
import { Public, PublicEnvironmentRegister } from "./utils/decorators/Public";
export class Environment {
constructor() {
process.nextTick(() => {
void validate(this).then((errors) => {
if (errors.length > 0) {
let output =
"Environment configuration is invalid, please check the following:\n\n";
output += errors.map(
(error) => "- " + Object.values(error.constraints ?? {}).join(", ")
);
console.warn(output);
process.exit(1);
}
});
});
PublicEnvironmentRegister.registerEnv(this);
}
/**
* Returns an object consisting of env vars annotated with `@Public` decorator
*/
get public() {
return PublicEnvironmentRegister.getEnv();
}
/**
* The current environment name.
*/
@Public
@IsIn(["development", "production", "staging", "test"])
public ENVIRONMENT = environment.NODE_ENV ?? "production";
/**
* The secret key is used for encrypting data. Do not change this value once
* set or your users will be unable to login.
*/
@IsByteLength(32, 64, {
message: `The SECRET_KEY environment variable is invalid (Use \`openssl rand -hex 32\` to generate a value).`,
})
public SECRET_KEY = environment.SECRET_KEY ?? "";
/**
* The secret that should be passed to the cron utility endpoint to enable
* triggering of scheduled tasks.
*/
@IsNotEmpty()
public UTILS_SECRET = environment.UTILS_SECRET ?? "";
/**
* The url of the database.
*/
@IsNotEmpty()
@IsUrl({
require_tld: false,
allow_underscores: true,
protocols: ["postgres", "postgresql"],
})
public DATABASE_URL = environment.DATABASE_URL ?? "";
/**
* An optional database schema.
*/
@IsOptional()
public DATABASE_SCHEMA = this.toOptionalString(environment.DATABASE_SCHEMA);
/**
* The url of the database pool.
*/
@IsOptional()
@IsUrl({
require_tld: false,
allow_underscores: true,
protocols: ["postgres", "postgresql"],
})
public DATABASE_CONNECTION_POOL_URL = this.toOptionalString(
environment.DATABASE_CONNECTION_POOL_URL
);
/**
* Database connection pool configuration.
*/
@IsNumber()
@IsOptional()
public DATABASE_CONNECTION_POOL_MIN = this.toOptionalNumber(
environment.DATABASE_CONNECTION_POOL_MIN
);
/**
* Database connection pool configuration.
*/
@IsNumber()
@IsOptional()
public DATABASE_CONNECTION_POOL_MAX = this.toOptionalNumber(
environment.DATABASE_CONNECTION_POOL_MAX
);
/**
* Set to "disable" to disable SSL connection to the database. This option is
* passed through to Postgres. See:
*
* https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNECT-SSLMODE
*/
@IsIn(["disable", "allow", "require", "prefer", "verify-ca", "verify-full"])
@IsOptional()
public PGSSLMODE = environment.PGSSLMODE;
/**
* The url of redis. Note that redis does not have a database after the port.
* Note: More extensive validation isn't included here due to our support for
* base64-encoded configuration.
*/
@IsNotEmpty()
public REDIS_URL = environment.REDIS_URL;
/**
* The fully qualified, external facing domain name of the server.
*/
@Public
@IsNotEmpty()
@IsUrl({
protocols: ["http", "https"],
require_protocol: true,
require_tld: false,
})
public URL = (environment.URL ?? "").replace(/\/$/, "");
/**
* If using a Cloudfront/Cloudflare distribution or similar it can be set below.
* This will cause paths to javascript, stylesheets, and images to be updated to
* the hostname defined in CDN_URL. In your CDN configuration the origin server
* should be set to the same as URL.
*/
@Public
@IsOptional()
@IsUrl({
protocols: ["http", "https"],
require_protocol: true,
require_tld: false,
})
public CDN_URL = this.toOptionalString(
environment.CDN_URL ? environment.CDN_URL.replace(/\/$/, "") : undefined
);
/**
* The fully qualified, external facing domain name of the collaboration
* service, if different (unlikely)
*/
@Public
@IsUrl({
require_tld: false,
require_protocol: true,
protocols: ["http", "https", "ws", "wss"],
})
@IsOptional()
public COLLABORATION_URL = (environment.COLLABORATION_URL || this.URL)
.replace(/\/$/, "")
.replace(/^http/, "ws");
/**
* The maximum number of network clients that can be connected to a single
* document at once. Defaults to 100.
*/
@IsOptional()
@IsNumber()
public COLLABORATION_MAX_CLIENTS_PER_DOCUMENT = parseInt(
environment.COLLABORATION_MAX_CLIENTS_PER_DOCUMENT || "100",
10
);
/**
* The port that the server will listen on, defaults to 3000.
*/
@IsNumber()
@IsOptional()
public PORT = this.toOptionalNumber(environment.PORT) ?? 3000;
/**
* Optional extra debugging. Comma separated
*/
public DEBUG = environment.DEBUG || "";
/**
* Configure lowest severity level for server logs
*/
@IsIn(["error", "warn", "info", "http", "verbose", "debug", "silly"])
public LOG_LEVEL = environment.LOG_LEVEL || "info";
/**
* How many processes should be spawned. As a reasonable rule divide your
* server's available memory by 512 for a rough estimate
*/
@IsNumber()
@IsOptional()
public WEB_CONCURRENCY = this.toOptionalNumber(environment.WEB_CONCURRENCY);
/**
* How long a request should be processed before giving up and returning an
* error response to the client, defaults to 10s
*/
@IsNumber()
@IsOptional()
public REQUEST_TIMEOUT =
this.toOptionalNumber(environment.REQUEST_TIMEOUT) ?? 10 * 1000;
/**
* Base64 encoded protected key if Outline is to perform SSL termination.
*/
@IsOptional()
@CannotUseWithout("SSL_CERT")
public SSL_KEY = this.toOptionalString(environment.SSL_KEY);
/**
* Base64 encoded public certificate if Outline is to perform SSL termination.
*/
@IsOptional()
@CannotUseWithout("SSL_KEY")
public SSL_CERT = this.toOptionalString(environment.SSL_CERT);
/**
* The default interface language. See translate.getoutline.com for a list of
* available language codes and their percentage translated.
*/
@Public
@IsIn(languages)
public DEFAULT_LANGUAGE = environment.DEFAULT_LANGUAGE ?? "en_US";
/**
* A comma list of which services should be enabled on this instance – defaults to all.
*
* If a services flag is passed it takes priority over the environment variable
* for example: --services=web,worker
*/
public SERVICES = uniq(
(
getArg("services") ??
environment.SERVICES ??
"collaboration,websockets,worker,web"
)
.split(",")
.map((service) => service.toLowerCase().trim())
);
/**
* Auto-redirect to https in production. The default is true but you may set
* to false if you can be sure that SSL is terminated at an external
* loadbalancer.
*/
@IsBoolean()
public FORCE_HTTPS = this.toBoolean(environment.FORCE_HTTPS ?? "true");
/**
* Should the installation send anonymized statistics to the maintainers.
* Defaults to true.
*/
@IsBoolean()
public TELEMETRY = this.toBoolean(
environment.ENABLE_UPDATES ?? environment.TELEMETRY ?? "true"
);
/**
* An optional comma separated list of allowed domains.
*/
public ALLOWED_DOMAINS =
environment.ALLOWED_DOMAINS ?? environment.GOOGLE_ALLOWED_DOMAINS;
// Third-party services
/**
* The host of your SMTP server for enabling emails.
*/
public SMTP_HOST = environment.SMTP_HOST;
@Public
public EMAIL_ENABLED = !!this.SMTP_HOST || this.isDevelopment;
/**
* Optional hostname of the client, used for identifying to the server
* defaults to hostname of the machine.
*/
public SMTP_NAME = environment.SMTP_NAME;
/**
* The port of your SMTP server.
*/
@IsNumber()
@IsOptional()
public SMTP_PORT = this.toOptionalNumber(environment.SMTP_PORT);
/**
* The username of your SMTP server, if any.
*/
public SMTP_USERNAME = environment.SMTP_USERNAME;
/**
* The password for the SMTP username, if any.
*/
public SMTP_PASSWORD = environment.SMTP_PASSWORD;
/**
* The email address from which emails are sent.
*/
@IsEmail({ allow_display_name: true, allow_ip_domain: true })
@IsOptional()
public SMTP_FROM_EMAIL = this.toOptionalString(environment.SMTP_FROM_EMAIL);
/**
* The reply-to address for emails sent from Outline. If unset the from
* address is used by default.
*/
@IsEmail({ allow_display_name: true, allow_ip_domain: true })
@IsOptional()
public SMTP_REPLY_EMAIL = this.toOptionalString(environment.SMTP_REPLY_EMAIL);
/**
* Override the cipher used for SMTP SSL connections.
*/
public SMTP_TLS_CIPHERS = this.toOptionalString(environment.SMTP_TLS_CIPHERS);
/**
* If true (the default) the connection will use TLS when connecting to server.
* If false then TLS is used only if server supports the STARTTLS extension.
*
* Setting secure to false therefore does not mean that you would not use an
* encrypted connection.
*/
public SMTP_SECURE = this.toBoolean(environment.SMTP_SECURE ?? "true");
/**
* Sentry DSN for capturing errors and frontend performance.
*/
@Public
@IsUrl()
@IsOptional()
public SENTRY_DSN = this.toOptionalString(environment.SENTRY_DSN);
/**
* Sentry tunnel URL for bypassing ad blockers
*/
@Public
@IsUrl()
@IsOptional()
public SENTRY_TUNNEL = this.toOptionalString(environment.SENTRY_TUNNEL);
/**
* A release SHA or other identifier for Sentry.
*/
public RELEASE = this.toOptionalString(environment.RELEASE);
/**
* A Google Analytics tracking ID, supports v3 or v4 properties.
*/
@Public
@IsOptional()
public GOOGLE_ANALYTICS_ID = this.toOptionalString(
environment.GOOGLE_ANALYTICS_ID
);
/**
* A DataDog API key for tracking server metrics.
*/
public DD_API_KEY = environment.DD_API_KEY;
/**
* The name of the service to use in DataDog.
*/
public DD_SERVICE = environment.DD_SERVICE ?? "outline";
/**
* A string representing the version of the software.
*
* SOURCE_COMMIT is used by Docker Hub
* SOURCE_VERSION is used by Heroku
*/
@Public
public VERSION = this.toOptionalString(
environment.SOURCE_COMMIT || environment.SOURCE_VERSION
);
/**
* A boolean switch to toggle the rate limiter at application web server.
*/
@IsOptional()
@IsBoolean()
public RATE_LIMITER_ENABLED = this.toBoolean(
environment.RATE_LIMITER_ENABLED ?? "false"
);
/**
* Set max allowed requests in a given duration for default rate limiter to
* trigger throttling, per IP address.
*/
@IsOptional()
@IsNumber()
@CannotUseWithout("RATE_LIMITER_ENABLED")
public RATE_LIMITER_REQUESTS =
this.toOptionalNumber(environment.RATE_LIMITER_REQUESTS) ?? 1000;
/**
* Set max allowed realtime connections before throttling. Defaults to 50
* requests/ip/duration window.
*/
@IsOptional()
@IsNumber()
public RATE_LIMITER_COLLABORATION_REQUESTS =
this.toOptionalNumber(environment.RATE_LIMITER_COLLABORATION_REQUESTS) ??
50;
/**
* Set fixed duration window(in secs) for default rate limiter, elapsing which
* the request quota is reset (the bucket is refilled with tokens).
*/
@IsOptional()
@IsNumber()
@CannotUseWithout("RATE_LIMITER_ENABLED")
public RATE_LIMITER_DURATION_WINDOW =
this.toOptionalNumber(environment.RATE_LIMITER_DURATION_WINDOW) ?? 60;
/**
* Set max allowed upload size for file attachments.
* @deprecated Use FILE_STORAGE_UPLOAD_MAX_SIZE instead
*/
@IsOptional()
@IsNumber()
@Deprecated("Use FILE_STORAGE_UPLOAD_MAX_SIZE instead")
public AWS_S3_UPLOAD_MAX_SIZE = this.toOptionalNumber(
environment.AWS_S3_UPLOAD_MAX_SIZE
);
/**
* Access key ID for AWS S3.
*/
@IsOptional()
public AWS_ACCESS_KEY_ID = this.toOptionalString(
environment.AWS_ACCESS_KEY_ID
);
/**
* Secret key for AWS S3.
*/
@IsOptional()
@CannotUseWithout("AWS_ACCESS_KEY_ID")
public AWS_SECRET_ACCESS_KEY = this.toOptionalString(
environment.AWS_SECRET_ACCESS_KEY
);
/**
* The name of the AWS S3 region to use.
*/
@IsOptional()
public AWS_REGION = this.toOptionalString(environment.AWS_REGION);
/**
* Optional AWS S3 endpoint URL for file attachments.
*/
@Public
@IsOptional()
public AWS_S3_ACCELERATE_URL = environment.AWS_S3_ACCELERATE_URL ?? "";
/**
* Optional AWS S3 endpoint URL for file attachments.
*/
@Public
@IsOptional()
public AWS_S3_UPLOAD_BUCKET_URL = environment.AWS_S3_UPLOAD_BUCKET_URL ?? "";
/**
* The bucket name to store file attachments in.
*/
@IsOptional()
public AWS_S3_UPLOAD_BUCKET_NAME = this.toOptionalString(
environment.AWS_S3_UPLOAD_BUCKET_NAME
);
/**
* Whether to force path style URLs for S3 objects, this is required for some
* S3-compatible storage providers.
*/
@IsOptional()
public AWS_S3_FORCE_PATH_STYLE = this.toBoolean(
environment.AWS_S3_FORCE_PATH_STYLE ?? "true"
);
/**
* Set default AWS S3 ACL for file attachments.
*/
@IsOptional()
public AWS_S3_ACL = environment.AWS_S3_ACL ?? "private";
/**
* Which file storage system to use
*/
@IsIn(["local", "s3"])
public FILE_STORAGE = this.toOptionalString(environment.FILE_STORAGE) ?? "s3";
/**
* Set default root dir path for local file storage
*/
public FILE_STORAGE_LOCAL_ROOT_DIR =
this.toOptionalString(environment.FILE_STORAGE_LOCAL_ROOT_DIR) ??
"/var/lib/outline/data";
/**
* Set max allowed upload size for file attachments.
*/
@IsNumber()
public FILE_STORAGE_UPLOAD_MAX_SIZE =
this.toOptionalNumber(environment.FILE_STORAGE_UPLOAD_MAX_SIZE) ??
this.toOptionalNumber(environment.AWS_S3_UPLOAD_MAX_SIZE) ??
1000000;
/**
* Set max allowed upload size for document imports.
*/
@Public
@IsNumber()
public FILE_STORAGE_IMPORT_MAX_SIZE =
this.toOptionalNumber(environment.FILE_STORAGE_IMPORT_MAX_SIZE) ??
this.toOptionalNumber(environment.MAXIMUM_IMPORT_SIZE) ??
this.toOptionalNumber(environment.FILE_STORAGE_UPLOAD_MAX_SIZE) ??
1000000;
/**
* Set max allowed upload size for imports at workspace level.
*/
@IsNumber()
public FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE =
this.toOptionalNumber(environment.FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE) ??
this.toOptionalNumber(environment.MAXIMUM_IMPORT_SIZE) ??
this.toOptionalNumber(environment.FILE_STORAGE_UPLOAD_MAX_SIZE) ??
1000000;
/**
* Because imports can be much larger than regular file attachments and are
* deleted automatically we allow an optional separate limit on the size of
* imports.
*
* @deprecated Use `FILE_STORAGE_IMPORT_MAX_SIZE` or `FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE` instead
*/
@IsOptional()
@IsNumber()
@Deprecated("Use FILE_STORAGE_IMPORT_MAX_SIZE instead")
public MAXIMUM_IMPORT_SIZE = this.toOptionalNumber(
environment.MAXIMUM_IMPORT_SIZE
);
/**
* Limit on export size in bytes. Defaults to the total memory available to
* the container.
*/
@IsNumber()
public MAXIMUM_EXPORT_SIZE =
this.toOptionalNumber(environment.MAXIMUM_EXPORT_SIZE) ?? os.totalmem();
/**
* Enable unsafe-inline in script-src CSP directive
*/
@IsBoolean()
public DEVELOPMENT_UNSAFE_INLINE_CSP = this.toBoolean(
environment.DEVELOPMENT_UNSAFE_INLINE_CSP ?? "false"
);
/**
* The product name
*/
@Public
public APP_NAME = "Outline";
/**
* Returns true if the current installation is the cloud hosted version at
* getoutline.com
*/
public get isCloudHosted() {
return [
"https://app.getoutline.com",
"https://app.outline.dev",
"https://app.outline.dev:3000",
].includes(this.URL);
}
/**
* Returns true if the current installation is running in production.
*/
public get isProduction() {
return this.ENVIRONMENT === "production";
}
/**
* Returns true if the current installation is running in the development environment.
*/
public get isDevelopment() {
return this.ENVIRONMENT === "development";
}
/**
* Returns true if the current installation is running in a test environment.
*/
public get isTest() {
return this.ENVIRONMENT === "test";
}
protected toOptionalString(value: string | undefined) {
return value ? value : undefined;
}
protected toOptionalCommaList(value: string | undefined) {
return value ? value.split(",").map((item) => item.trim()) : undefined;
}
protected toOptionalNumber(value: string | undefined) {
return value ? parseInt(value, 10) : undefined;
}
/**
* Convert a string to a boolean. Supports the following:
*
* 0 = false
* 1 = true
* "true" = true
* "false" = false
* "" = false
*
* @param value The string to convert
* @returns A boolean
*/
protected toBoolean(value: string) {
try {
return value ? !!JSON.parse(value) : false;
} catch (err) {
throw new Error(
`"${value}" could not be parsed as a boolean, must be "true" or "false"`
);
}
}
/**
* Convert a string to an optional boolean. Supports the following:
*
* 0 = false
* 1 = true
* "true" = true
* "false" = false
* "" = undefined
*
* @param value The string to convert
* @returns A boolean or undefined
*/
protected toOptionalBoolean(value: string | undefined) {
try {
return value ? !!JSON.parse(value) : undefined;
} catch (err) {
return undefined;
}
}
}
export default new Environment();