ff-admin-server/src/env.defaults.ts

import "dotenv/config";
import ms from "ms";
import ip from "ip";

export const DB_TYPE = process.env.DB_TYPE ?? "mysql";
export const DB_HOST = process.env.DB_HOST ?? "";
export const DB_PORT = Number(process.env.DB_PORT ?? 3306);
export const DB_NAME = process.env.DB_NAME ?? "";
export const DB_USERNAME = process.env.DB_USERNAME ?? "";
export const DB_PASSWORD = process.env.DB_PASSWORD ?? "";

export const SERVER_PORT = Number(process.env.SERVER_PORT ?? 5000);

export const JWT_SECRET = process.env.JWT_SECRET ?? "my_jwt_secret_string_ilughfnadiuhgq§$IUZGFVRweiouarbt1oub3h5q4a";
export const JWT_EXPIRATION = (process.env.JWT_EXPIRATION ?? "15m") as ms.StringValue;
export const REFRESH_EXPIRATION = (process.env.REFRESH_EXPIRATION ?? "1d") as ms.StringValue;
export const PWA_REFRESH_EXPIRATION = (process.env.PWA_REFRESH_EXPIRATION ?? "5d") as ms.StringValue;

export const MAIL_USERNAME = process.env.MAIL_USERNAME ?? "";
export const MAIL_PASSWORD = process.env.MAIL_PASSWORD ?? "";
export const MAIL_HOST = process.env.MAIL_HOST ?? "";
export const MAIL_PORT = Number(process.env.MAIL_PORT ?? "587");
export const MAIL_SECURE = process.env.MAIL_SECURE ?? "false";

export const CLUB_NAME = process.env.CLUB_NAME ?? "FF Admin";
export const CLUB_WEBSITE = process.env.CLUB_WEBSITE ?? "";

export const BACKUP_INTERVAL = Number(process.env.BACKUP_INTERVAL ?? "1");
export const BACKUP_COPIES = Number(process.env.BACKUP_COPIES ?? "7");
export const BACKUP_AUTO_RESTORE = process.env.BACKUP_AUTO_RESTORE ?? "true";

export const USE_SECURITY_STRICT_LIMIT = process.env.USE_SECURITY_STRICT_LIMIT ?? "true";
export const SECURITY_STRICT_LIMIT_WINDOW = (process.env.SECURITY_STRICT_LIMIT_WINDOW ?? "15m") as ms.StringValue;
export const SECURITY_STRICT_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_STRICT_LIMIT_REQUEST_COUNT ?? "15");
export const USE_SECURITY_LIMIT = process.env.USE_SECURITY_LIMIT ?? "true";
export const SECURITY_LIMIT_WINDOW = (process.env.SECURITY_LIMIT_WINDOW ?? "1m") as ms.StringValue;
export const SECURITY_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_LIMIT_REQUEST_COUNT ?? "500");

export const TRUST_PROXY = ((): Array<string> | string | boolean | number | null => {
  const proxyVal = process.env.TRUST_PROXY;
  if (!proxyVal) return null;
  if (proxyVal == "true" || proxyVal == "false") {
    return proxyVal == "true";
  }
  if (!isNaN(Number(proxyVal))) {
    return Number(proxyVal);
  }
  if (proxyVal.includes(",") && proxyVal.split(",").every((pv) => ip.isV4Format(pv) || ip.isV6Format(pv))) {
    return proxyVal.split(",");
  }
  if (ip.isV4Format(proxyVal) || ip.isV6Format(proxyVal)) {
    return proxyVal;
  }
  return null;
})();

export function configCheck() {
  if (DB_TYPE != "mysql" && DB_TYPE != "sqlite" && DB_TYPE != "postgres")
    throw new Error("set valid value to DB_TYPE (mysql|sqlite|postgres)");
  if ((DB_HOST == "" || typeof DB_HOST != "string") && DB_TYPE != "sqlite")
    throw new Error("set valid value to DB_HOST");
  if (DB_NAME == "" || typeof DB_NAME != "string") throw new Error("set valid value to DB_NAME");
  if ((DB_USERNAME == "" || typeof DB_USERNAME != "string") && DB_TYPE != "sqlite")
    throw new Error("set valid value to DB_USERNAME");
  if ((DB_PASSWORD == "" || typeof DB_PASSWORD != "string") && DB_TYPE != "sqlite")
    throw new Error("set valid value to DB_PASSWORD");

  if (isNaN(SERVER_PORT)) throw new Error("set valid numeric value to SERVER_PORT");

  if (JWT_SECRET == "" || typeof JWT_SECRET != "string") throw new Error("set valid value to JWT_SECRET");
  checkMS(JWT_EXPIRATION, "JWT_EXPIRATION");
  checkMS(REFRESH_EXPIRATION, "REFRESH_EXPIRATION");
  checkMS(PWA_REFRESH_EXPIRATION, "PWA_REFRESH_EXPIRATION");

  if (MAIL_USERNAME == "" || typeof MAIL_USERNAME != "string") throw new Error("set valid value to MAIL_USERNAME");
  if (MAIL_PASSWORD == "" || typeof MAIL_PASSWORD != "string") throw new Error("set valid value to MAIL_PASSWORD");
  if (MAIL_HOST == "" || typeof MAIL_HOST != "string") throw new Error("set valid value to MAIL_HOST");
  if (isNaN(MAIL_PORT)) throw new Error("set valid numeric value to MAIL_PORT");
  if (MAIL_SECURE != "true" && MAIL_SECURE != "false") throw new Error("set 'true' or 'false' to MAIL_SECURE");

  if (
    CLUB_WEBSITE != "" &&
    !/^(http(s):\/\/.)[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)$/.test(CLUB_WEBSITE)
  )
    throw new Error("CLUB_WEBSITE is not valid url");

  if (BACKUP_AUTO_RESTORE != "true" && BACKUP_AUTO_RESTORE != "false")
    throw new Error("set 'true' or 'false' to BACKUP_AUTO_RESTORE");
  if (BACKUP_INTERVAL < 1) throw new Error("BACKUP_INTERVAL has to be at least 1");
  if (BACKUP_COPIES < 1) throw new Error("BACKUP_COPIES has to be at least 1");

  if (USE_SECURITY_STRICT_LIMIT != "true" && USE_SECURITY_STRICT_LIMIT != "false")
    throw new Error("set 'true' or 'false' to USE_SECURITY_STRICT_LIMIT");
  checkMS(SECURITY_STRICT_LIMIT_WINDOW, "SECURITY_STRICT_LIMIT_WINDOW");
  if (isNaN(SECURITY_STRICT_LIMIT_REQUEST_COUNT))
    throw new Error("set valid numeric value to SECURITY_STRICT_LIMIT_REQUEST_COUNT");
  if (USE_SECURITY_LIMIT != "true" && USE_SECURITY_LIMIT != "false")
    throw new Error("set 'true' or 'false' to USE_SECURITY_LIMIT");
  checkMS(SECURITY_LIMIT_WINDOW, "SECURITY_LIMIT_WINDOW");
  if (isNaN(SECURITY_LIMIT_REQUEST_COUNT)) throw new Error("set valid numeric value to SECURITY_LIMIT_REQUEST_COUNT");

  if (!TRUST_PROXY && process.env.TRUST_PROXY) {
    throw new Error("set valid boolean, number, ip or ips value to TRUST_PROXY");
  }
}

function checkMS(input: ms.StringValue, origin: string) {
  try {
    const result = ms(input);
    if (result === undefined) {
      throw new Error(`set valid ms value to ${origin} -> [0-9]*(y|d|h|m|s)`);
    }
  } catch (e) {
    throw new Error(`set valid ms value to ${origin} -> [0-9]*(y|d|h|m|s)`);
  }
}
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`import "dotenv/config";`
			`import ms from "ms";`
change: trust proxy option 2025-02-08 11:04:46 +01:00			`import ip from "ip";`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00
dynamic db type 2024-08-26 17:00:23 +02:00			`export const DB_TYPE = process.env.DB_TYPE ?? "mysql";`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`export const DB_HOST = process.env.DB_HOST ?? "";`
DB Port inside env 2025-01-05 16:19:54 +01:00			`export const DB_PORT = Number(process.env.DB_PORT ?? 3306);`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`export const DB_NAME = process.env.DB_NAME ?? "";`
			`export const DB_USERNAME = process.env.DB_USERNAME ?? "";`
			`export const DB_PASSWORD = process.env.DB_PASSWORD ?? "";`

			`export const SERVER_PORT = Number(process.env.SERVER_PORT ?? 5000);`

			`export const JWT_SECRET = process.env.JWT_SECRET ?? "my_jwt_secret_string_ilughfnadiuhgq§$IUZGFVRweiouarbt1oub3h5q4a";`
update 2025-04-13 16:28:47 +02:00			`export const JWT_EXPIRATION = (process.env.JWT_EXPIRATION ?? "15m") as ms.StringValue;`
			`export const REFRESH_EXPIRATION = (process.env.REFRESH_EXPIRATION ?? "1d") as ms.StringValue;`
			`export const PWA_REFRESH_EXPIRATION = (process.env.PWA_REFRESH_EXPIRATION ?? "5d") as ms.StringValue;`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00
			`export const MAIL_USERNAME = process.env.MAIL_USERNAME ?? "";`
			`export const MAIL_PASSWORD = process.env.MAIL_PASSWORD ?? "";`
			`export const MAIL_HOST = process.env.MAIL_HOST ?? "";`
			`export const MAIL_PORT = Number(process.env.MAIL_PORT ?? "587");`
			`export const MAIL_SECURE = process.env.MAIL_SECURE ?? "false";`

api Controller & token 2025-01-21 13:54:52 +01:00			`export const CLUB_NAME = process.env.CLUB_NAME ?? "FF Admin";`
print pdfs and send mails with ics file 2024-12-30 14:47:00 +01:00			`export const CLUB_WEBSITE = process.env.CLUB_WEBSITE ?? "";`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00
fix: newsletter receiver backup and env Defaults 2025-02-03 16:34:49 +01:00			`export const BACKUP_INTERVAL = Number(process.env.BACKUP_INTERVAL ?? "1");`
			`export const BACKUP_COPIES = Number(process.env.BACKUP_COPIES ?? "7");`
transform migrations to work with mysql, postgres and sqlite sqlite currently fails syntax of views 2025-02-01 13:11:10 +01:00			`export const BACKUP_AUTO_RESTORE = process.env.BACKUP_AUTO_RESTORE ?? "true";`
extend ENVs 2025-01-25 16:54:01 +01:00
change: security with ENV 2025-02-08 09:30:41 +01:00			`export const USE_SECURITY_STRICT_LIMIT = process.env.USE_SECURITY_STRICT_LIMIT ?? "true";`
update 2025-04-13 16:28:47 +02:00			`export const SECURITY_STRICT_LIMIT_WINDOW = (process.env.SECURITY_STRICT_LIMIT_WINDOW ?? "15m") as ms.StringValue;`
change: security with ENV 2025-02-08 09:30:41 +01:00			`export const SECURITY_STRICT_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_STRICT_LIMIT_REQUEST_COUNT ?? "15");`
			`export const USE_SECURITY_LIMIT = process.env.USE_SECURITY_LIMIT ?? "true";`
update 2025-04-13 16:28:47 +02:00			`export const SECURITY_LIMIT_WINDOW = (process.env.SECURITY_LIMIT_WINDOW ?? "1m") as ms.StringValue;`
change: security with ENV 2025-02-08 09:30:41 +01:00			`export const SECURITY_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_LIMIT_REQUEST_COUNT ?? "500");`

change: trust proxy option 2025-02-08 11:04:46 +01:00			`export const TRUST_PROXY = ((): Array<string> \| string \| boolean \| number \| null => {`
			`const proxyVal = process.env.TRUST_PROXY;`
			`if (!proxyVal) return null;`
			`if (proxyVal == "true" \|\| proxyVal == "false") {`
			`return proxyVal == "true";`
			`}`
			`if (!isNaN(Number(proxyVal))) {`
			`return Number(proxyVal);`
			`}`
			`if (proxyVal.includes(",") && proxyVal.split(",").every((pv) => ip.isV4Format(pv) \|\| ip.isV6Format(pv))) {`
			`return proxyVal.split(",");`
			`}`
			`if (ip.isV4Format(proxyVal) \|\| ip.isV6Format(proxyVal)) {`
			`return proxyVal;`
			`}`
			`return null;`
			`})();`

default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`export function configCheck() {`
transform migrations to work with mysql, postgres and sqlite sqlite currently fails syntax of views 2025-02-01 13:11:10 +01:00			`if (DB_TYPE != "mysql" && DB_TYPE != "sqlite" && DB_TYPE != "postgres")`
			`throw new Error("set valid value to DB_TYPE (mysql\|sqlite\|postgres)");`
			`if ((DB_HOST == "" \|\| typeof DB_HOST != "string") && DB_TYPE != "sqlite")`
			`throw new Error("set valid value to DB_HOST");`
Dockerfile inital 2024-10-21 10:38:14 +02:00			`if (DB_NAME == "" \|\| typeof DB_NAME != "string") throw new Error("set valid value to DB_NAME");`
transform migrations to work with mysql, postgres and sqlite sqlite currently fails syntax of views 2025-02-01 13:11:10 +01:00			`if ((DB_USERNAME == "" \|\| typeof DB_USERNAME != "string") && DB_TYPE != "sqlite")`
			`throw new Error("set valid value to DB_USERNAME");`
			`if ((DB_PASSWORD == "" \|\| typeof DB_PASSWORD != "string") && DB_TYPE != "sqlite")`
			`throw new Error("set valid value to DB_PASSWORD");`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00
change: trust proxy option 2025-02-08 11:04:46 +01:00			`if (isNaN(SERVER_PORT)) throw new Error("set valid numeric value to SERVER_PORT");`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00
Dockerfile inital 2024-10-21 10:38:14 +02:00			`if (JWT_SECRET == "" \|\| typeof JWT_SECRET != "string") throw new Error("set valid value to JWT_SECRET");`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`checkMS(JWT_EXPIRATION, "JWT_EXPIRATION");`
			`checkMS(REFRESH_EXPIRATION, "REFRESH_EXPIRATION");`
enhance: allow extended refresh duration to PWAs 2025-01-12 11:41:02 +01:00			`checkMS(PWA_REFRESH_EXPIRATION, "PWA_REFRESH_EXPIRATION");`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00
Dockerfile inital 2024-10-21 10:38:14 +02:00			`if (MAIL_USERNAME == "" \|\| typeof MAIL_USERNAME != "string") throw new Error("set valid value to MAIL_USERNAME");`
			`if (MAIL_PASSWORD == "" \|\| typeof MAIL_PASSWORD != "string") throw new Error("set valid value to MAIL_PASSWORD");`
			`if (MAIL_HOST == "" \|\| typeof MAIL_HOST != "string") throw new Error("set valid value to MAIL_HOST");`
change: trust proxy option 2025-02-08 11:04:46 +01:00			`if (isNaN(MAIL_PORT)) throw new Error("set valid numeric value to MAIL_PORT");`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`if (MAIL_SECURE != "true" && MAIL_SECURE != "false") throw new Error("set 'true' or 'false' to MAIL_SECURE");`
print pdfs and send mails with ics file 2024-12-30 14:47:00 +01:00
			`if (`
			`CLUB_WEBSITE != "" &&`
			`!/^(http(s):\/\/.)[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)$/.test(CLUB_WEBSITE)`
			`)`
			`throw new Error("CLUB_WEBSITE is not valid url");`
extend ENVs 2025-01-25 16:54:01 +01:00
			`if (BACKUP_AUTO_RESTORE != "true" && BACKUP_AUTO_RESTORE != "false")`
			`throw new Error("set 'true' or 'false' to BACKUP_AUTO_RESTORE");`
fix: newsletter receiver backup and env Defaults 2025-02-03 16:34:49 +01:00			`if (BACKUP_INTERVAL < 1) throw new Error("BACKUP_INTERVAL has to be at least 1");`
			`if (BACKUP_COPIES < 1) throw new Error("BACKUP_COPIES has to be at least 1");`
change: security with ENV 2025-02-08 09:30:41 +01:00
			`if (USE_SECURITY_STRICT_LIMIT != "true" && USE_SECURITY_STRICT_LIMIT != "false")`
			`throw new Error("set 'true' or 'false' to USE_SECURITY_STRICT_LIMIT");`
			`checkMS(SECURITY_STRICT_LIMIT_WINDOW, "SECURITY_STRICT_LIMIT_WINDOW");`
change: trust proxy option 2025-02-08 11:04:46 +01:00			`if (isNaN(SECURITY_STRICT_LIMIT_REQUEST_COUNT))`
change: security with ENV 2025-02-08 09:30:41 +01:00			`throw new Error("set valid numeric value to SECURITY_STRICT_LIMIT_REQUEST_COUNT");`
			`if (USE_SECURITY_LIMIT != "true" && USE_SECURITY_LIMIT != "false")`
			`throw new Error("set 'true' or 'false' to USE_SECURITY_LIMIT");`
			`checkMS(SECURITY_LIMIT_WINDOW, "SECURITY_LIMIT_WINDOW");`
change: trust proxy option 2025-02-08 11:04:46 +01:00			`if (isNaN(SECURITY_LIMIT_REQUEST_COUNT)) throw new Error("set valid numeric value to SECURITY_LIMIT_REQUEST_COUNT");`

			`if (!TRUST_PROXY && process.env.TRUST_PROXY) {`
			`throw new Error("set valid boolean, number, ip or ips value to TRUST_PROXY");`
			`}`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`}`

update 2025-04-13 16:28:47 +02:00			`function checkMS(input: ms.StringValue, origin: string) {`
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`try {`
			`const result = ms(input);`
			`if (result === undefined) {`
change: security with ENV 2025-02-08 09:30:41 +01:00			throw new Error(`set valid ms value to ${origin} -> [0-9]*(y\|d\|h\|m\|s)`);
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`}`
			`} catch (e) {`
change: security with ENV 2025-02-08 09:30:41 +01:00			throw new Error(`set valid ms value to ${origin} -> [0-9]*(y\|d\|h\|m\|s)`);
default values for env and critic check for values 2024-08-25 18:07:34 +02:00			`}`
			`}`