Migrate config to subobj (http and mysql) / .env fort prisma is written on startup / Add http.enable_csp config option

2025-04-21 00:26:01 +02:00 · 2025-04-21 00:26:01 +02:00 · 16ee092b35
commit 16ee092b35
parent 366f3297da
3 changed files with 40 additions and 14 deletions
--- a/src/handlers/config.ts
+++ b/src/handlers/config.ts
@ -1,17 +1,29 @@
 import log from './log.js';
 import ConfigManager from '../libs/configManager.js';
 import __path from './path.js';
 import _ from 'lodash';
 // Create a new config instance.
 const config = new ConfigManager(__path + '/config.json', true, {
-	db_connection_string: 'mysql://USER:PASSWORD@HOST:3306/DATABASE',
+//	db_connection_string: 'mysql://USER:PASSWORD@HOST:3306/DATABASE',
-	http_listen_address: '0.0.0.0',
+	http: {
-	http_port: 3000,
+		listen_address: '0.0.0.0',
-	http_domain: 'example.org',
+		port: 3000,
-	http_enable_hsts: false,
+		domain: 'example.org',
-	devmode: true,
+		enable_hsts: false,
-	devmode_fileupload: true
+		enable_csp: false
 	},
 	mysql: {
 		host: '',
 		port: 3306,
 		user: '',
 		password: '',
 		database: 'hydrationhub'
 	},
 	devmode: false,
 	devmode_fileupload: false
 });//, log.core); // Disabled due to Cyclic dependencies with log handler (specifically-> devmode for loglevel)
 export default config;
--- a/src/handlers/db.ts
+++ b/src/handlers/db.ts
@ -1,13 +1,27 @@
 import { PrismaClient, Prisma } from '@prisma/client'; // Database
 import { Response } from 'express';
 import config from './config.js';
 import __path from './path.js';
 import log from './log.js';
 import fs from 'fs';
 import path from 'path';
 // Generate .env file for Prisma commands
 const dotEnvPath = path.join(__path, '/.env')
 const dotEnvExist = !fs.existsSync(dotEnvPath);
 fs.writeFileSync(dotEnvPath, `DATABASE_URL="mysql://${config.global.mysql.user}:${config.global.mysql.password}@${config.global.mysql.host}:${config.global.mysql.port}/${config.global.mysql.database}"`);
 log.core.info('Generated .env file for Prisma.');
 if (dotEnvExist) {
 	log.core.error('Please run "npx prisma db push" to synchronize the database.');
 	process.exit(1);
 }
 // TODO: Add errorhandling with some sort of message.
 const prisma = new PrismaClient({
 	datasources: {
 		db: {
-			url: config.global.db_connection_string
+			url: `mysql://${config.global.mysql.user}:${config.global.mysql.password}@${config.global.mysql.host}:${config.global.mysql.port}/${config.global.mysql.database}`
 		}
 	}
 });
--- a/src/index.ts
+++ b/src/index.ts
@ -61,15 +61,15 @@ app.set('view engine', 'eta');
 // MARK: Express Middleware & Config
 app.set('x-powered-by', false); // helmet does this too. But not in devmode
-if (!config.global.devmode) {
+if (!config.global.devmode && config.global.http.enable_csp) {
 	app.use(
 		helmet({
-			strictTransportSecurity: config.global.http_enable_hsts,
+			strictTransportSecurity: config.global.http.enable_hsts,
 			contentSecurityPolicy: {
 				useDefaults: false,
 				directives: {
 					defaultSrc: ["'self'"],
-					scriptSrc: ["'self'", config.global.http_domain],
+					scriptSrc: ["'self'", config.global.http.domain],
 					objectSrc: ["'none'"],
 					upgradeInsecureRequests: config.global.devmode ? null : []
 				}
@ -85,8 +85,8 @@ app.use(bodyParser.json());
 app.use(routes);
 // TODO: Remove hardcoded http
-app.listen(config.global.http_port, config.global.http_listen_address, () => {
+app.listen(config.global.http.port, config.global.http.listen_address, () => {
-	log.web.info(`Listening at http://${config.global.http_listen_address}:${config.global.http_port}`);
+	log.web.info(`Listening at http://${config.global.http.listen_address}:${config.global.http.port}`);
 });
 log.core.trace('Running from path: ' + __path);