@atproto/pds 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/dist/api/app/bsky/actor/getPreferences.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/getPreferences.js +7 -2
- package/dist/api/app/bsky/actor/getPreferences.js.map +1 -1
- package/dist/api/app/bsky/actor/putPreferences.d.ts.map +1 -1
- package/dist/api/app/bsky/actor/putPreferences.js +7 -2
- package/dist/api/app/bsky/actor/putPreferences.js.map +1 -1
- package/dist/api/com/atproto/server/getServiceAuth.d.ts.map +1 -1
- package/dist/api/com/atproto/server/getServiceAuth.js +4 -0
- package/dist/api/com/atproto/server/getServiceAuth.js.map +1 -1
- package/dist/config/config.d.ts +5 -2
- package/dist/config/config.d.ts.map +1 -1
- package/dist/config/config.js +50 -46
- package/dist/config/config.js.map +1 -1
- package/dist/config/env.d.ts +1 -0
- package/dist/config/env.d.ts.map +1 -1
- package/dist/config/env.js +1 -0
- package/dist/config/env.js.map +1 -1
- package/dist/context.js +1 -1
- package/dist/context.js.map +1 -1
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.d.ts +2 -0
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.js +1 -0
- package/dist/lexicons/chat/bsky/actor/getStatus.defs.js.map +1 -1
- package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts +1 -1
- package/dist/lexicons/chat/bsky/convo/defs.defs.d.ts.map +1 -1
- package/dist/lexicons/chat/bsky/convo/defs.defs.js +1 -1
- package/dist/lexicons/chat/bsky/convo/defs.defs.js.map +1 -1
- package/dist/lexicons/com/atproto/server/getServiceAuth.defs.d.ts +2 -2
- package/dist/lexicons/com/atproto/server/getServiceAuth.defs.js +1 -1
- package/dist/lexicons/com/atproto/server/getServiceAuth.defs.js.map +1 -1
- package/dist/mailer/index.d.ts +3 -3
- package/dist/mailer/index.d.ts.map +1 -1
- package/dist/mailer/index.js +18 -9
- package/dist/mailer/index.js.map +1 -1
- package/dist/mailer/templates/confirm-email.js +11 -3
- package/dist/mailer/templates/confirm-email.js.map +2 -2
- package/dist/mailer/templates/delete-account.js +2 -2
- package/dist/mailer/templates/delete-account.js.map +2 -2
- package/dist/mailer/templates/plc-operation.js +2 -2
- package/dist/mailer/templates/plc-operation.js.map +2 -2
- package/dist/mailer/templates/reset-password.js +2 -2
- package/dist/mailer/templates/reset-password.js.map +2 -2
- package/dist/mailer/templates/update-email.js +2 -2
- package/dist/mailer/templates/update-email.js.map +2 -2
- package/dist/mailer/templates.d.ts +11 -0
- package/dist/mailer/templates.d.ts.map +1 -1
- package/dist/mailer/templates.js.map +1 -1
- package/dist/pipethrough.d.ts +3 -0
- package/dist/pipethrough.d.ts.map +1 -1
- package/dist/pipethrough.js +25 -9
- package/dist/pipethrough.js.map +1 -1
- package/package.json +11 -10
- package/src/api/app/bsky/actor/getPreferences.ts +11 -2
- package/src/api/app/bsky/actor/putPreferences.ts +11 -2
- package/src/api/com/atproto/server/getServiceAuth.ts +7 -0
- package/src/config/config.ts +69 -57
- package/src/config/env.ts +3 -0
- package/src/context.ts +1 -1
- package/src/mailer/index.ts +25 -9
- package/src/mailer/templates/confirm-email.hbs +18 -17
- package/src/mailer/templates/delete-account.hbs +6 -6
- package/src/mailer/templates/plc-operation.hbs +6 -6
- package/src/mailer/templates/reset-password.hbs +7 -7
- package/src/mailer/templates/update-email.hbs +6 -6
- package/src/mailer/templates.ts +12 -0
- package/src/pipethrough.ts +33 -12
- package/tests/app-passwords.test.ts +5 -5
- package/tests/get-service-auth.test.ts +81 -0
- package/tests/proxied/proxy-header.test.ts +1 -0
- package/tests/proxied/proxy-oauth-aud.test.ts +175 -0
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
# @atproto/pds
|
|
2
2
|
|
|
3
|
+
## 0.5.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- [#4992](https://github.com/bluesky-social/atproto/pull/4992) [`622d365`](https://github.com/bluesky-social/atproto/commit/622d365aeb240133f40763a3b1c43981112837fc) Thanks [@devinivy](https://github.com/devinivy)! - Fix OAuth service-proxying audience check to use combined `did#serviceId` form, matching the shape of granted `rpc:` scopes.
|
|
8
|
+
|
|
9
|
+
- [#5009](https://github.com/bluesky-social/atproto/pull/5009) [`d5ca2b8`](https://github.com/bluesky-social/atproto/commit/d5ca2b850463097710a69439f06a5fb14c2d4194) Thanks [@matthieusieben](https://github.com/matthieusieben)! - 3rd party branding, optional bsky link removal in email templates
|
|
10
|
+
|
|
11
|
+
- [#4992](https://github.com/bluesky-social/atproto/pull/4992) [`622d365`](https://github.com/bluesky-social/atproto/commit/622d365aeb240133f40763a3b1c43981112837fc) Thanks [@devinivy](https://github.com/devinivy)! - `getServiceAuth` now accepts the combined `did#serviceId` form for its `aud` parameter, in addition to the bare DID form.
|
|
12
|
+
|
|
13
|
+
- Updated dependencies [[`60721e6`](https://github.com/bluesky-social/atproto/commit/60721e69c8db193eb817c4238ac447505ac855bc), [`622d365`](https://github.com/bluesky-social/atproto/commit/622d365aeb240133f40763a3b1c43981112837fc), [`60721e6`](https://github.com/bluesky-social/atproto/commit/60721e69c8db193eb817c4238ac447505ac855bc), [`622d365`](https://github.com/bluesky-social/atproto/commit/622d365aeb240133f40763a3b1c43981112837fc)]:
|
|
14
|
+
- @atproto/lex@0.1.3
|
|
15
|
+
- @atproto/oauth-scopes@0.5.0
|
|
16
|
+
- @atproto/did@0.5.0
|
|
17
|
+
- @atproto/oauth-provider@0.18.1
|
|
18
|
+
|
|
3
19
|
## 0.5.0
|
|
4
20
|
|
|
5
21
|
### Minor Changes
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getPreferences.d.ts","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/getPreferences.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAE7C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;
|
|
1
|
+
{"version":3,"file":"getPreferences.d.ts","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/getPreferences.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAE7C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAQnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA8CvD"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AuthScope, isAccessFull } from '../../../../auth-scope.js';
|
|
2
2
|
import { app } from '../../../../lexicons/index.js';
|
|
3
|
-
import { computeProxyTo, pipethrough } from '../../../../pipethrough.js';
|
|
3
|
+
import { bareDidFromProxyTo, computeProxyTo, pipethrough, } from '../../../../pipethrough.js';
|
|
4
4
|
export default function (server, ctx) {
|
|
5
5
|
const { bskyAppView } = ctx;
|
|
6
6
|
if (!bskyAppView)
|
|
@@ -22,7 +22,12 @@ export default function (server, ctx) {
|
|
|
22
22
|
const lxm = app.bsky.actor.getPreferences.$lxm;
|
|
23
23
|
const aud = computeProxyTo(ctx, req, lxm);
|
|
24
24
|
if (aud !== `${bskyAppView.did}#bsky_appview`) {
|
|
25
|
-
|
|
25
|
+
// Phase 1 of service auth updates: outbound JWT keeps bare-DID aud.
|
|
26
|
+
return pipethrough(ctx, req, {
|
|
27
|
+
iss: did,
|
|
28
|
+
aud: bareDidFromProxyTo(aud),
|
|
29
|
+
lxm,
|
|
30
|
+
});
|
|
26
31
|
}
|
|
27
32
|
const hasAccessFull = auth.credentials.type === 'access' &&
|
|
28
33
|
isAccessFull(auth.credentials.scope);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getPreferences.js","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/getPreferences.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AAEnE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,
|
|
1
|
+
{"version":3,"file":"getPreferences.js","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/getPreferences.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AAEnE,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,WAAW,GACZ,MAAM,4BAA4B,CAAA;AAEnC,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,WAAW,EAAE,GAAG,GAAG,CAAA;IAC3B,IAAI,CAAC,WAAW;QAAE,OAAM;IAExB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE;QACxC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC;YACjC,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBAClC,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAA;gBAC9C,MAAM,GAAG,GAAG,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;gBACzC,WAAW,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YACrC,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE;YAC/B,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAA;YAEhC,sEAAsE;YACtE,0DAA0D;YAC1D,8EAA8E;YAC9E,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAA;YAC9C,MAAM,GAAG,GAAG,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;YACzC,IAAI,GAAG,KAAK,GAAG,WAAW,CAAC,GAAG,eAAe,EAAE,CAAC;gBAC9C,oEAAoE;gBACpE,OAAO,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE;oBAC3B,GAAG,EAAE,GAAG;oBACR,GAAG,EAAE,kBAAkB,CAAC,GAAG,CAAC;oBAC5B,GAAG;iBACJ,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,aAAa,GACjB,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,QAAQ;gBAClC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;YAEtC,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE,EAAE;gBAC3D,OAAO,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE;oBAC3C,aAAa;iBACd,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;YAEF,OAAO;gBACL,QAAQ,EAAE,kBAA2B;gBACrC,IAAI,EAAE,EAAE,WAAW,EAAE;aACtB,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { Server } from '@atproto/xrpc-server'\nimport { AuthScope, isAccessFull } from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { app } from '../../../../lexicons/index.js'\nimport {\n bareDidFromProxyTo,\n computeProxyTo,\n pipethrough,\n} from '../../../../pipethrough.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { bskyAppView } = ctx\n if (!bskyAppView) return\n\n server.add(app.bsky.actor.getPreferences, {\n auth: ctx.authVerifier.authorization({\n additional: [AuthScope.Takendown],\n authorize: (permissions, { req }) => {\n const lxm = app.bsky.actor.getPreferences.$lxm\n const aud = computeProxyTo(ctx, req, lxm)\n permissions.assertRpc({ aud, lxm })\n },\n }),\n handler: async ({ auth, req }) => {\n const { did } = auth.credentials\n\n // If the request has a proxy header different from the bsky app view,\n // we need to proxy the request to the requested app view.\n // @TODO This behavior should not be implemented as part of the XRPC framework\n const lxm = app.bsky.actor.getPreferences.$lxm\n const aud = computeProxyTo(ctx, req, lxm)\n if (aud !== `${bskyAppView.did}#bsky_appview`) {\n // Phase 1 of service auth updates: outbound JWT keeps bare-DID aud.\n return pipethrough(ctx, req, {\n iss: did,\n aud: bareDidFromProxyTo(aud),\n lxm,\n })\n }\n\n const hasAccessFull =\n auth.credentials.type === 'access' &&\n isAccessFull(auth.credentials.scope)\n\n const preferences = await ctx.actorStore.read(did, (store) => {\n return store.pref.getPreferences('app.bsky', {\n hasAccessFull,\n })\n })\n\n return {\n encoding: 'application/json' as const,\n body: { preferences },\n }\n },\n })\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"putPreferences.d.ts","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/putPreferences.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAGlE,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;
|
|
1
|
+
{"version":3,"file":"putPreferences.d.ts","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/putPreferences.ts"],"names":[],"mappings":"AAAA,OAAO,EAAuB,MAAM,EAAE,MAAM,sBAAsB,CAAA;AAGlE,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAQnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QAkDvD"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { InvalidRequestError } from '@atproto/xrpc-server';
|
|
2
2
|
import { isAccessFull } from '../../../../auth-scope.js';
|
|
3
3
|
import { app } from '../../../../lexicons/index.js';
|
|
4
|
-
import { computeProxyTo, pipethrough } from '../../../../pipethrough.js';
|
|
4
|
+
import { bareDidFromProxyTo, computeProxyTo, pipethrough, } from '../../../../pipethrough.js';
|
|
5
5
|
export default function (server, ctx) {
|
|
6
6
|
const { bskyAppView } = ctx;
|
|
7
7
|
if (!bskyAppView)
|
|
@@ -23,7 +23,12 @@ export default function (server, ctx) {
|
|
|
23
23
|
const lxm = app.bsky.actor.putPreferences.$lxm;
|
|
24
24
|
const aud = computeProxyTo(ctx, req, lxm);
|
|
25
25
|
if (aud !== `${bskyAppView.did}#bsky_appview`) {
|
|
26
|
-
|
|
26
|
+
// Phase 1 of service auth updates: outbound JWT keeps bare-DID aud.
|
|
27
|
+
return pipethrough(ctx, req, {
|
|
28
|
+
iss: did,
|
|
29
|
+
aud: bareDidFromProxyTo(aud),
|
|
30
|
+
lxm,
|
|
31
|
+
});
|
|
27
32
|
}
|
|
28
33
|
const checkedPreferences = [];
|
|
29
34
|
for (const pref of input.body.preferences) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"putPreferences.js","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/putPreferences.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAU,MAAM,sBAAsB,CAAA;AAElE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AAExD,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,
|
|
1
|
+
{"version":3,"file":"putPreferences.js","sourceRoot":"","sources":["../../../../../src/api/app/bsky/actor/putPreferences.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAU,MAAM,sBAAsB,CAAA;AAElE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AAExD,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,WAAW,GACZ,MAAM,4BAA4B,CAAA;AAEnC,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,EAAE,WAAW,EAAE,GAAG,GAAG,CAAA;IAC3B,IAAI,CAAC,WAAW;QAAE,OAAM;IAExB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE;QACxC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAAC;YACnC,aAAa,EAAE,IAAI;YACnB,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;gBAClC,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAA;gBAC9C,MAAM,GAAG,GAAG,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;gBACzC,WAAW,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YACrC,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE;YACtC,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,WAAW,CAAA;YAEhC,sEAAsE;YACtE,0DAA0D;YAC1D,8EAA8E;YAC9E,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAA;YAC9C,MAAM,GAAG,GAAG,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;YACzC,IAAI,GAAG,KAAK,GAAG,WAAW,CAAC,GAAG,eAAe,EAAE,CAAC;gBAC9C,oEAAoE;gBACpE,OAAO,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE;oBAC3B,GAAG,EAAE,GAAG;oBACR,GAAG,EAAE,kBAAkB,CAAC,GAAG,CAAC;oBAC5B,GAAG;iBACJ,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,kBAAkB,GAAwB,EAAE,CAAA;YAClD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBAC1C,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACnC,kBAAkB,CAAC,IAAI,CAAC,IAAyB,CAAC,CAAA;gBACpD,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,mBAAmB,CAAC,+BAA+B,CAAC,CAAA;gBAChE,CAAC;YACH,CAAC;YAED,MAAM,aAAa,GACjB,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,QAAQ;gBAClC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAA;YAEtC,MAAM,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE;gBACpD,MAAM,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,kBAAkB,EAAE,UAAU,EAAE;oBACjE,aAAa;iBACd,CAAC,CAAA;YACJ,CAAC,CAAC,CAAA;QACJ,CAAC;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { InvalidRequestError, Server } from '@atproto/xrpc-server'\nimport { AccountPreference } from '../../../../actor-store/preference/reader.js'\nimport { isAccessFull } from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { app } from '../../../../lexicons/index.js'\nimport {\n bareDidFromProxyTo,\n computeProxyTo,\n pipethrough,\n} from '../../../../pipethrough.js'\n\nexport default function (server: Server, ctx: AppContext) {\n const { bskyAppView } = ctx\n if (!bskyAppView) return\n\n server.add(app.bsky.actor.putPreferences, {\n auth: ctx.authVerifier.authorization({\n checkTakedown: true,\n authorize: (permissions, { req }) => {\n const lxm = app.bsky.actor.putPreferences.$lxm\n const aud = computeProxyTo(ctx, req, lxm)\n permissions.assertRpc({ aud, lxm })\n },\n }),\n handler: async ({ req, auth, input }) => {\n const { did } = auth.credentials\n\n // If the request has a proxy header different from the bsky app view,\n // we need to proxy the request to the requested app view.\n // @TODO This behavior should not be implemented as part of the XRPC framework\n const lxm = app.bsky.actor.putPreferences.$lxm\n const aud = computeProxyTo(ctx, req, lxm)\n if (aud !== `${bskyAppView.did}#bsky_appview`) {\n // Phase 1 of service auth updates: outbound JWT keeps bare-DID aud.\n return pipethrough(ctx, req, {\n iss: did,\n aud: bareDidFromProxyTo(aud),\n lxm,\n })\n }\n\n const checkedPreferences: AccountPreference[] = []\n for (const pref of input.body.preferences) {\n if (typeof pref.$type === 'string') {\n checkedPreferences.push(pref as AccountPreference)\n } else {\n throw new InvalidRequestError('Preference is missing a $type')\n }\n }\n\n const hasAccessFull =\n auth.credentials.type === 'access' &&\n isAccessFull(auth.credentials.scope)\n\n await ctx.actorStore.transact(did, async (actorTxn) => {\n await actorTxn.pref.putPreferences(checkedPreferences, 'app.bsky', {\n hasAccessFull,\n })\n })\n },\n })\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAuth.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getServiceAuth.d.ts","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,MAAM,EAEP,MAAM,sBAAsB,CAAA;AAM7B,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AAOnD,MAAM,CAAC,OAAO,WAAW,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,QA0FvD"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { HOUR, MINUTE } from '@atproto/common';
|
|
2
|
+
import { isAtprotoDid, isAtprotoDidRefAbsolute } from '@atproto/did';
|
|
2
3
|
import { InvalidRequestError, createServiceJwt, } from '@atproto/xrpc-server';
|
|
3
4
|
import { AuthScope, isAccessPrivileged, isTakendown, } from '../../../../auth-scope.js';
|
|
4
5
|
import { com } from '../../../../lexicons/index.js';
|
|
@@ -16,6 +17,9 @@ export default function (server, ctx) {
|
|
|
16
17
|
const did = auth.credentials.did;
|
|
17
18
|
// @NOTE "exp" is expressed in seconds since epoch, not milliseconds
|
|
18
19
|
const { aud, exp, lxm = null } = params;
|
|
20
|
+
if (!isAtprotoDid(aud) && !isAtprotoDidRefAbsolute(aud)) {
|
|
21
|
+
throw new InvalidRequestError('aud must be a valid atproto DID or did#serviceId reference');
|
|
22
|
+
}
|
|
19
23
|
// Takendown accounts should not be able to generate service auth tokens except for methods necessary for account migration
|
|
20
24
|
if (auth.credentials.type === 'access') {
|
|
21
25
|
// @NOTE We should probably use "ForbiddenError" here. Using
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getServiceAuth.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;
|
|
1
|
+
{"version":3,"file":"getServiceAuth.js","sourceRoot":"","sources":["../../../../../src/api/com/atproto/server/getServiceAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,EAAE,YAAY,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAA;AAEpE,OAAO,EACL,mBAAmB,EAEnB,gBAAgB,GACjB,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACL,SAAS,EACT,kBAAkB,EAClB,WAAW,GACZ,MAAM,2BAA2B,CAAA;AAElC,OAAO,EAAE,GAAG,EAAE,MAAM,+BAA+B,CAAA;AACnD,OAAO,EACL,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,4BAA4B,CAAA;AAEnC,MAAM,CAAC,OAAO,WAAW,MAAc,EAAE,GAAe;IACtD,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE;QAC5C,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC,aAAa,CAElC;YACA,UAAU,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC;YACjC,SAAS,EAAE,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;gBACrC,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,MAAM,CAAA;gBACjC,WAAW,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAA;YACrC,CAAC;SACF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE;YAClC,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAA;YAEhC,oEAAoE;YACpE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,MAAM,CAAA;YAEvC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxD,MAAM,IAAI,mBAAmB,CAC3B,4DAA4D,CAC7D,CAAA;YACH,CAAC;YAED,2HAA2H;YAC3H,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvC,4DAA4D;gBAC5D,4CAA4C;gBAC5C,IACE,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;oBACnC,GAAG,KAAK,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EAC7C,CAAC;oBACD,MAAM,IAAI,mBAAmB,CAAC,iBAAiB,EAAE,cAAc,CAAC,CAAA;gBAClE,CAAC;gBAED,qEAAqE;gBACrE,mCAAmC;gBACnC,IACE,GAAG,IAAI,IAAI;oBACX,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC;oBAC3B,CAAC,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAC3C,CAAC;oBACD,MAAM,IAAI,mBAAmB,CAC3B,iFAAiF,GAAG,EAAE,CACvF,CAAA;gBACH,CAAC;YACH,CAAC;YAED,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,IAAI,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;gBACpC,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;oBACb,MAAM,IAAI,mBAAmB,CAC3B,uBAAuB,EACvB,eAAe,CAChB,CAAA;gBACH,CAAC;qBAAM,IAAI,IAAI,GAAG,IAAI,EAAE,CAAC;oBACvB,MAAM,IAAI,mBAAmB,CAC3B,2EAA2E,EAC3E,eAAe,CAChB,CAAA;gBACH,CAAC;qBAAM,IAAI,CAAC,GAAG,IAAI,IAAI,GAAG,MAAM,EAAE,CAAC;oBACjC,MAAM,IAAI,mBAAmB,CAC3B,wFAAwF,EACxF,eAAe,CAChB,CAAA;gBACH,CAAC;YACH,CAAC;YAED,IAAI,GAAG,IAAI,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtC,MAAM,IAAI,mBAAmB,CAC3B,2EAA2E,GAAG,EAAE,CACjF,CAAA;YACH,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAEjD,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC;gBACnC,GAAG,EAAE,GAAG;gBACR,GAAG;gBACH,GAAG;gBACH,GAAG;gBACH,OAAO;aACR,CAAC,CAAA;YACF,OAAO;gBACL,QAAQ,EAAE,kBAA2B;gBACrC,IAAI,EAAE;oBACJ,KAAK;iBACN;aACF,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC","sourcesContent":["import { HOUR, MINUTE } from '@atproto/common'\nimport { isAtprotoDid, isAtprotoDidRefAbsolute } from '@atproto/did'\nimport { l } from '@atproto/lex'\nimport {\n InvalidRequestError,\n Server,\n createServiceJwt,\n} from '@atproto/xrpc-server'\nimport {\n AuthScope,\n isAccessPrivileged,\n isTakendown,\n} from '../../../../auth-scope.js'\nimport { AppContext } from '../../../../context.js'\nimport { com } from '../../../../lexicons/index.js'\nimport {\n PRIVILEGED_METHODS,\n PROTECTED_METHODS,\n} from '../../../../pipethrough.js'\n\nexport default function (server: Server, ctx: AppContext) {\n server.add(com.atproto.server.getServiceAuth, {\n auth: ctx.authVerifier.authorization<\n l.InferMethodParams<typeof com.atproto.server.getServiceAuth.main>\n >({\n additional: [AuthScope.Takendown],\n authorize: (permissions, { params }) => {\n const { aud, lxm = '*' } = params\n permissions.assertRpc({ aud, lxm })\n },\n }),\n handler: async ({ params, auth }) => {\n const did = auth.credentials.did\n\n // @NOTE \"exp\" is expressed in seconds since epoch, not milliseconds\n const { aud, exp, lxm = null } = params\n\n if (!isAtprotoDid(aud) && !isAtprotoDidRefAbsolute(aud)) {\n throw new InvalidRequestError(\n 'aud must be a valid atproto DID or did#serviceId reference',\n )\n }\n\n // Takendown accounts should not be able to generate service auth tokens except for methods necessary for account migration\n if (auth.credentials.type === 'access') {\n // @NOTE We should probably use \"ForbiddenError\" here. Using\n // \"InvalidRequestError\" for legacy reasons.\n if (\n isTakendown(auth.credentials.scope) &&\n lxm !== com.atproto.server.createAccount.$lxm\n ) {\n throw new InvalidRequestError('Bad token scope', 'InvalidToken')\n }\n\n // @NOTE \"oauth\" based credentials already checked through permission\n // set in \"authorize\" method above.\n if (\n lxm != null &&\n PRIVILEGED_METHODS.has(lxm) &&\n !isAccessPrivileged(auth.credentials.scope)\n ) {\n throw new InvalidRequestError(\n `insufficient access to request a service auth token for the following method: ${lxm}`,\n )\n }\n }\n\n if (exp) {\n const diff = exp * 1000 - Date.now()\n if (diff < 0) {\n throw new InvalidRequestError(\n 'expiration is in past',\n 'BadExpiration',\n )\n } else if (diff > HOUR) {\n throw new InvalidRequestError(\n 'cannot request a token with an expiration more than an hour in the future',\n 'BadExpiration',\n )\n } else if (!lxm && diff > MINUTE) {\n throw new InvalidRequestError(\n 'cannot request a method-less token with an expiration more than a minute in the future',\n 'BadExpiration',\n )\n }\n }\n\n if (lxm && PROTECTED_METHODS.has(lxm)) {\n throw new InvalidRequestError(\n `cannot request a service auth token for the following protected method: ${lxm}`,\n )\n }\n\n const keypair = await ctx.actorStore.keypair(did)\n\n const token = await createServiceJwt({\n iss: did,\n aud,\n exp,\n lxm,\n keypair,\n })\n return {\n encoding: 'application/json' as const,\n body: {\n token,\n },\n }\n },\n })\n}\n"]}
|
package/dist/config/config.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import { BrandingInput, HcaptchaConfig } from '@atproto/oauth-provider';
|
|
1
|
+
import { BrandingInput as BrandingConfig, HcaptchaConfig } from '@atproto/oauth-provider';
|
|
2
2
|
import { ServerEnvironment } from './env.js';
|
|
3
|
+
export type { BrandingConfig };
|
|
3
4
|
export declare const envToCfg: (env: ServerEnvironment) => ServerConfig;
|
|
4
5
|
export type ServerConfig = {
|
|
5
6
|
service: ServiceConfig;
|
|
@@ -20,6 +21,7 @@ export type ServerConfig = {
|
|
|
20
21
|
crawlers: string[];
|
|
21
22
|
fetch: FetchConfig;
|
|
22
23
|
proxy: ProxyConfig;
|
|
24
|
+
branding: BrandingConfig;
|
|
23
25
|
oauth: OAuthConfig;
|
|
24
26
|
lexicon: LexiconResolverConfig;
|
|
25
27
|
};
|
|
@@ -105,7 +107,7 @@ export type OAuthConfig = {
|
|
|
105
107
|
issuer: string;
|
|
106
108
|
provider?: {
|
|
107
109
|
hcaptcha?: HcaptchaConfig;
|
|
108
|
-
branding:
|
|
110
|
+
branding: BrandingConfig;
|
|
109
111
|
trustedClients?: string[];
|
|
110
112
|
};
|
|
111
113
|
};
|
|
@@ -122,6 +124,7 @@ export type InvitesConfig = {
|
|
|
122
124
|
export type EmailConfig = {
|
|
123
125
|
smtpUrl: string;
|
|
124
126
|
fromAddress: string;
|
|
127
|
+
disableConfirmationLink: boolean;
|
|
125
128
|
};
|
|
126
129
|
export type SubscriptionConfig = {
|
|
127
130
|
maxBuffer: number;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,aAAa,IAAI,cAAc,EAC/B,cAAc,EACf,MAAM,yBAAyB,CAAA;AAEhC,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAE5C,YAAY,EAAE,cAAc,EAAE,CAAA;AAK9B,eAAO,MAAM,QAAQ,GAAI,KAAK,iBAAiB,KAAG,YAqWjD,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,aAAa,CAAA;IACtB,EAAE,EAAE,cAAc,CAAA;IAClB,UAAU,EAAE,gBAAgB,CAAA;IAC5B,SAAS,EAAE,iBAAiB,GAAG,mBAAmB,CAAA;IAClD,QAAQ,EAAE,cAAc,CAAA;IACxB,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAA;IAC/B,OAAO,EAAE,aAAa,CAAA;IACtB,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;IACzB,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IACnC,YAAY,EAAE,kBAAkB,CAAA;IAChC,WAAW,EAAE,iBAAiB,GAAG,IAAI,CAAA;IACrC,UAAU,EAAE,gBAAgB,GAAG,IAAI,CAAA;IACnC,aAAa,EAAE,mBAAmB,GAAG,IAAI,CAAA;IACzC,KAAK,EAAE,kBAAkB,GAAG,IAAI,CAAA;IAChC,UAAU,EAAE,gBAAgB,CAAA;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,KAAK,EAAE,WAAW,CAAA;IAClB,QAAQ,EAAE,cAAc,CAAA;IACxB,KAAK,EAAE,WAAW,CAAA;IAClB,OAAO,EAAE,qBAAqB,CAAA;CAC/B,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,MAAM,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,gBAAgB,EAAE,OAAO,CAAA;IACzB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,wBAAwB,EAAE,OAAO,CAAA;CAClC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,QAAQ,EAAE,IAAI,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,WAAW,CAAC,EAAE;QACZ,WAAW,EAAE,MAAM,CAAA;QACnB,eAAe,EAAE,MAAM,CAAA;KACxB,CAAA;CACF,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,MAAM,CAAA;IACvB,aAAa,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAA;IAC9B,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAA;IAClC,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,eAAe,EAAE,MAAM,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;CACxB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,qBAAqB,EAAE,OAAO,CAAA;IAC9B,UAAU,EAAE,OAAO,CAAA;IACnB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,MAAM,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;IAElB;;;;;;OAMG;IACH,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,CAAC,EAAE;QACT,QAAQ,CAAC,EAAE,cAAc,CAAA;QACzB,QAAQ,EAAE,cAAc,CAAA;QACxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;KAC1B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,CAAC,EAAE,OAAO,MAAM,IAAI,MAAM,EAAE,CAAA;CACzC,CAAA;AAED,MAAM,MAAM,aAAa,GACrB;IACE,QAAQ,EAAE,IAAI,CAAA;IACd,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,KAAK,EAAE,MAAM,CAAA;CACd,GACD;IACE,QAAQ,EAAE,KAAK,CAAA;CAChB,CAAA;AAEL,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,uBAAuB,EAAE,OAAO,CAAA;CACjC,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,mBAAmB,EAAE,MAAM,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,gBAAgB,GACxB;IACE,OAAO,EAAE,IAAI,CAAA;IACb,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB,GACD;IAAE,OAAO,EAAE,KAAK,CAAA;CAAE,CAAA;AAEtB,MAAM,MAAM,iBAAiB,GAAG;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA;AAED,MAAM,MAAM,mBAAmB,GAAG;IAChC,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;CACZ,CAAA"}
|
package/dist/config/config.js
CHANGED
|
@@ -132,6 +132,7 @@ export const envToCfg = (env) => {
|
|
|
132
132
|
emailCfg = {
|
|
133
133
|
smtpUrl: env.emailSmtpUrl,
|
|
134
134
|
fromAddress: env.emailFromAddress,
|
|
135
|
+
disableConfirmationLink: env.emailDisableConfirmationLink ?? false,
|
|
135
136
|
};
|
|
136
137
|
}
|
|
137
138
|
let moderationEmailCfg;
|
|
@@ -145,6 +146,7 @@ export const envToCfg = (env) => {
|
|
|
145
146
|
moderationEmailCfg = {
|
|
146
147
|
smtpUrl: env.moderationEmailSmtpUrl,
|
|
147
148
|
fromAddress: env.moderationEmailAddress,
|
|
149
|
+
disableConfirmationLink: false,
|
|
148
150
|
};
|
|
149
151
|
}
|
|
150
152
|
const subscriptionCfg = {
|
|
@@ -209,6 +211,52 @@ export const envToCfg = (env) => {
|
|
|
209
211
|
: 0,
|
|
210
212
|
preferCompressed: env.proxyPreferCompressed ?? false,
|
|
211
213
|
};
|
|
214
|
+
const brandingCfg = {
|
|
215
|
+
name: env.serviceName ?? `${hostname} PDS`,
|
|
216
|
+
logo: env.logoUrl,
|
|
217
|
+
colors: {
|
|
218
|
+
light: env.lightColor,
|
|
219
|
+
dark: env.darkColor,
|
|
220
|
+
contrastSaturation: env.contrastSaturation,
|
|
221
|
+
primary: env.primaryColor,
|
|
222
|
+
primaryContrast: env.primaryColorContrast,
|
|
223
|
+
primaryHue: env.primaryColorHue,
|
|
224
|
+
error: env.errorColor,
|
|
225
|
+
errorContrast: env.errorColorContrast,
|
|
226
|
+
errorHue: env.errorColorHue,
|
|
227
|
+
warning: env.warningColor,
|
|
228
|
+
warningContrast: env.warningColorContrast,
|
|
229
|
+
warningHue: env.warningColorHue,
|
|
230
|
+
info: env.infoColor,
|
|
231
|
+
infoContrast: env.infoColorContrast,
|
|
232
|
+
infoHue: env.infoColorHue,
|
|
233
|
+
success: env.successColor,
|
|
234
|
+
successContrast: env.successColorContrast,
|
|
235
|
+
successHue: env.successColorHue,
|
|
236
|
+
},
|
|
237
|
+
links: [
|
|
238
|
+
{
|
|
239
|
+
title: { en: 'Home', fr: 'Accueil' },
|
|
240
|
+
href: env.homeUrl,
|
|
241
|
+
rel: 'canonical', // Prevents login page from being indexed
|
|
242
|
+
},
|
|
243
|
+
{
|
|
244
|
+
title: { en: 'Terms of Service' },
|
|
245
|
+
href: env.termsOfServiceUrl,
|
|
246
|
+
rel: 'terms-of-service',
|
|
247
|
+
},
|
|
248
|
+
{
|
|
249
|
+
title: { en: 'Privacy Policy' },
|
|
250
|
+
href: env.privacyPolicyUrl,
|
|
251
|
+
rel: 'privacy-policy',
|
|
252
|
+
},
|
|
253
|
+
{
|
|
254
|
+
title: { en: 'Support' },
|
|
255
|
+
href: env.supportUrl,
|
|
256
|
+
rel: 'help',
|
|
257
|
+
},
|
|
258
|
+
].filter((f) => f.href != null && f.href !== ''),
|
|
259
|
+
};
|
|
212
260
|
const oauthCfg = entrywayCfg
|
|
213
261
|
? {
|
|
214
262
|
issuer: entrywayCfg.url,
|
|
@@ -226,52 +274,7 @@ export const envToCfg = (env) => {
|
|
|
226
274
|
tokenSalt: env.hcaptchaTokenSalt,
|
|
227
275
|
}
|
|
228
276
|
: undefined,
|
|
229
|
-
branding:
|
|
230
|
-
name: env.serviceName ?? `${hostname} PDS`,
|
|
231
|
-
logo: env.logoUrl,
|
|
232
|
-
colors: {
|
|
233
|
-
light: env.lightColor,
|
|
234
|
-
dark: env.darkColor,
|
|
235
|
-
contrastSaturation: env.contrastSaturation,
|
|
236
|
-
primary: env.primaryColor,
|
|
237
|
-
primaryContrast: env.primaryColorContrast,
|
|
238
|
-
primaryHue: env.primaryColorHue,
|
|
239
|
-
error: env.errorColor,
|
|
240
|
-
errorContrast: env.errorColorContrast,
|
|
241
|
-
errorHue: env.errorColorHue,
|
|
242
|
-
warning: env.warningColor,
|
|
243
|
-
warningContrast: env.warningColorContrast,
|
|
244
|
-
warningHue: env.warningColorHue,
|
|
245
|
-
info: env.infoColor,
|
|
246
|
-
infoContrast: env.infoColorContrast,
|
|
247
|
-
infoHue: env.infoColorHue,
|
|
248
|
-
success: env.successColor,
|
|
249
|
-
successContrast: env.successColorContrast,
|
|
250
|
-
successHue: env.successColorHue,
|
|
251
|
-
},
|
|
252
|
-
links: [
|
|
253
|
-
{
|
|
254
|
-
title: { en: 'Home', fr: 'Accueil' },
|
|
255
|
-
href: env.homeUrl,
|
|
256
|
-
rel: 'canonical', // Prevents login page from being indexed
|
|
257
|
-
},
|
|
258
|
-
{
|
|
259
|
-
title: { en: 'Terms of Service' },
|
|
260
|
-
href: env.termsOfServiceUrl,
|
|
261
|
-
rel: 'terms-of-service',
|
|
262
|
-
},
|
|
263
|
-
{
|
|
264
|
-
title: { en: 'Privacy Policy' },
|
|
265
|
-
href: env.privacyPolicyUrl,
|
|
266
|
-
rel: 'privacy-policy',
|
|
267
|
-
},
|
|
268
|
-
{
|
|
269
|
-
title: { en: 'Support' },
|
|
270
|
-
href: env.supportUrl,
|
|
271
|
-
rel: 'help',
|
|
272
|
-
},
|
|
273
|
-
].filter((f) => f.href != null && f.href !== ''),
|
|
274
|
-
},
|
|
277
|
+
branding: brandingCfg,
|
|
275
278
|
trustedClients: env.trustedOAuthClients,
|
|
276
279
|
},
|
|
277
280
|
};
|
|
@@ -300,6 +303,7 @@ export const envToCfg = (env) => {
|
|
|
300
303
|
fetch: fetchCfg,
|
|
301
304
|
lexicon: lexiconCfg,
|
|
302
305
|
proxy: proxyCfg,
|
|
306
|
+
branding: brandingCfg,
|
|
303
307
|
oauth: oauthCfg,
|
|
304
308
|
};
|
|
305
309
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAChC,OAAO,IAAI,MAAM,WAAW,CAAA;AAC5B,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAEnD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAGhD,iCAAiC;AACjC,gEAAgE;AAEhE,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,GAAsB,EAAgB,EAAE;IAC/D,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,IAAI,CAAA;IAC7B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,WAAW,CAAA;IAC5C,MAAM,SAAS,GACb,QAAQ,KAAK,WAAW;QACtB,CAAC,CAAC,oBAAoB,IAAI,EAAE;QAC5B,CAAC,CAAC,WAAW,QAAQ,EAAE,CAAA;IAC3B,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,IAAI,WAAW,QAAQ,EAAE,CAAA;IACnD,MAAM,UAAU,GAA4B;QAC1C,IAAI;QACJ,QAAQ;QACR,SAAS;QACT,GAAG;QACH,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,WAAW;QACjC,gBAAgB,EAAE,GAAG,CAAC,gBAAgB;QACtC,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;QACxC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;QAC5C,gBAAgB,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QAC9C,aAAa,EAAE,GAAG,CAAC,aAAa;QAChC,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,IAAI,GAAG,IAAI,EAAE,MAAM;QAC/D,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,KAAK;KAC9B,CAAA;IAED,MAAM,KAAK,GAAG,CAAC,IAAY,EAAE,EAAE;QAC7B,OAAO,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACtE,CAAC,CAAA;IAED,MAAM,wBAAwB,GAAG,GAAG,CAAC,wBAAwB,IAAI,KAAK,CAAA;IAEtE,MAAM,KAAK,GAAuB;QAChC,YAAY,EAAE,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,gBAAgB,CAAC;QAC9D,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QACpE,aAAa,EAAE,GAAG,CAAC,kBAAkB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QAClE,wBAAwB;KACzB,CAAA;IAED,MAAM,aAAa,GAA+B;QAChD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,QAAQ,CAAC;QACrD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,GAAG;QACzC,wBAAwB;KACzB,CAAA;IAED,IAAI,YAAuC,CAAA;IAC3C,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IACD,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1B,YAAY,GAAG;YACb,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,eAAe,EAAE,GAAG,CAAC,0BAA0B,IAAI,KAAK;YACxD,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,QAAQ,EAAE,GAAG,CAAC,mBAAmB;YACjC,cAAc,EAAE,GAAG,CAAC,yBAAyB;SAC9C,CAAA;QACD,IAAI,GAAG,CAAC,sBAAsB,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACjE,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,0BAA0B,EAAE,CAAC;gBACnE,MAAM,IAAI,KAAK,CACb,6EAA6E,CAC9E,CAAA;YACH,CAAC;YACD,YAAY,CAAC,WAAW,GAAG;gBACzB,WAAW,EAAE,GAAG,CAAC,sBAAsB;gBACvC,eAAe,EAAE,GAAG,CAAC,0BAA0B;aAChD,CAAA;QACH,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACrC,YAAY,GAAG;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,GAAG,CAAC,qBAAqB;YACnC,YAAY,EAAE,GAAG,CAAC,wBAAwB;SAC3C,CAAA;IACH,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;IAC/D,CAAC;IAED,IAAI,oBAA8B,CAAA;IAClC,IAAI,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpE,oBAAoB,GAAG,GAAG,CAAC,oBAAoB,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC7B,oBAAoB,GAAG,CAAC,OAAO,CAAC,CAAA;QAClC,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;IACD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAC7C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CACzD,CAAA;IACD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,0BAA0B,aAAa,EAAE,CAAC,CAAA;IAC5D,CAAC;IAED,MAAM,WAAW,GAA6B;QAC5C,MAAM,EAAE,GAAG,CAAC,SAAS,IAAI,uBAAuB;QAChD,WAAW,EAAE,GAAG,CAAC,cAAc,IAAI,GAAG;QACtC,aAAa,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QAC3C,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,MAAM;QAClD,cAAc,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;QAC1C,oBAAoB;QACpB,uBAAuB,EAAE,GAAG,CAAC,uBAAuB;QACpD,uBAAuB,EAAE,CAAC,CAAC,GAAG,CAAC,uBAAuB;KACvD,CAAA;IAED,IAAI,WAAW,GAA6B,IAAI,CAAA;IAChD,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;QACpB,MAAM,CACJ,GAAG,CAAC,oCAAoC;YACtC,GAAG,CAAC,sBAAsB;YAC1B,GAAG,CAAC,WAAW,EACjB,iFAAiF,CAClF,CAAA;QACD,WAAW,GAAG;YACZ,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,eAAe,EAAE,GAAG,CAAC,oCAAoC;YACzD,cAAc,EAAE,GAAG,CAAC,sBAAsB;SAC3C,CAAA;IACH,CAAC;IAED,8CAA8C;IAC9C,MAAM,UAAU,GACd,GAAG,CAAC,cAAc,KAAK,KAAK;QAC1B,CAAC,CAAC;YACE,QAAQ,EAAE,KAAK;SAChB;QACH,CAAC,CAAC;YACE,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;YACpC,KAAK,EAAE,GAAG,CAAC,WAAW,IAAI,CAAC;SAC5B,CAAA;IAEP,IAAI,QAA+B,CAAA;IACnC,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC/C,QAAQ,GAAG,IAAI,CAAA;IACjB,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAA;QACH,CAAC;QACD,QAAQ,GAAG;YACT,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,WAAW,EAAE,GAAG,CAAC,gBAAgB;SAClC,CAAA;IACH,CAAC;IAED,IAAI,kBAAmD,CAAA;IACvD,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;QAC/D,kBAAkB,GAAG,IAAI,CAAA;IAC3B,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;QACH,CAAC;QACD,kBAAkB,GAAG;YACnB,OAAO,EAAE,GAAG,CAAC,sBAAsB;YACnC,WAAW,EAAE,GAAG,CAAC,sBAAsB;SACxC,CAAA;IACH,CAAC;IAED,MAAM,eAAe,GAAiC;QACpD,SAAS,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG;QAC3C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,GAAG;KACpD,CAAA;IAED,IAAI,cAAc,GAAgC,IAAI,CAAA;IACtD,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;QACvB,MAAM,CACJ,GAAG,CAAC,cAAc,EAClB,4EAA4E,CAC7E,CAAA;QACD,cAAc,GAAG;YACf,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,aAAa,EAAE,GAAG,CAAC,wBAAwB;SAC5C,CAAA;IACH,CAAC;IAED,IAAI,aAAa,GAA+B,IAAI,CAAA;IACpD,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QACtB,MAAM,CACJ,GAAG,CAAC,aAAa,EACjB,mEAAmE,CACpE,CAAA;QACD,aAAa,GAAG;YACd,GAAG,EAAE,GAAG,CAAC,aAAa;YACtB,GAAG,EAAE,GAAG,CAAC,aAAa;SACvB,CAAA;IACH,CAAC;IAED,IAAI,gBAAgB,GAAkC,IAAI,CAAA;IAC1D,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACzB,MAAM,CACJ,GAAG,CAAC,gBAAgB,EACpB,sEAAsE,CACvE,CAAA;QACD,gBAAgB,GAAG;YACjB,GAAG,EAAE,GAAG,CAAC,gBAAgB;YACzB,GAAG,EAAE,GAAG,CAAC,gBAAgB;SAC1B,CAAA;IACH,CAAC;IAED,2DAA2D;IAC3D,IAAI,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACvC,gBAAgB,GAAG,aAAa,CAAA;IAClC,CAAC;IAED,MAAM,QAAQ,GAA0B,GAAG,CAAC,mBAAmB;QAC7D,CAAC,CAAC;YACE,OAAO,EAAE,GAAG,CAAC,mBAAmB;YAChC,QAAQ,EAAE,GAAG,CAAC,oBAAoB;SACnC;QACH,CAAC,CAAC,IAAI,CAAA;IAER,MAAM,aAAa,GAA+B,GAAG,CAAC,iBAAiB;QACrE,CAAC,CAAC;YACE,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,kBAAkB;YACjC,SAAS,EAAE,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClD,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAC/B;SACF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IAEtB,MAAM,WAAW,GAA6B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAA;IAEhE,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,GAAG,GAAG,IAAI,EAAE,QAAQ;KAClE,CAAA;IAED,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,UAAU,EAAE,GAAG,CAAC,eAAe,IAAI,KAAK;QACxC,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,IAAI;QAC/C,WAAW,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QACzC,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;QACtE,UAAU,EACR,GAAG,CAAC,eAAe,IAAI,IAAI,IAAI,GAAG,CAAC,eAAe,GAAG,CAAC;YACpD,CAAC,CAAC,GAAG,CAAC,eAAe;YACrB,CAAC,CAAC,CAAC;QACP,gBAAgB,EAAE,GAAG,CAAC,qBAAqB,IAAI,KAAK;KACrD,CAAA;IAED,MAAM,QAAQ,GAA0B,WAAW;QACjD,CAAC,CAAC;YACE,MAAM,EAAE,WAAW,CAAC,GAAG;YACvB,QAAQ,EAAE,SAAS;SACpB;QACH,CAAC,CAAC;YACE,MAAM,EAAE,UAAU,CAAC,SAAS;YAC5B,QAAQ,EAAE;gBACR,QAAQ,EACN,GAAG,CAAC,eAAe;oBACnB,GAAG,CAAC,iBAAiB;oBACrB,GAAG,CAAC,iBAAiB;oBACnB,CAAC,CAAC;wBACE,OAAO,EAAE,GAAG,CAAC,eAAe;wBAC5B,SAAS,EAAE,GAAG,CAAC,iBAAiB;wBAChC,SAAS,EAAE,GAAG,CAAC,iBAAiB;qBACjC;oBACH,CAAC,CAAC,SAAS;gBACf,QAAQ,EAAE;oBACR,IAAI,EAAE,GAAG,CAAC,WAAW,IAAI,GAAG,QAAQ,MAAM;oBAC1C,IAAI,EAAE,GAAG,CAAC,OAAO;oBACjB,MAAM,EAAE;wBACN,KAAK,EAAE,GAAG,CAAC,UAAU;wBACrB,IAAI,EAAE,GAAG,CAAC,SAAS;wBAEnB,kBAAkB,EAAE,GAAG,CAAC,kBAAkB;wBAE1C,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;wBAE/B,KAAK,EAAE,GAAG,CAAC,UAAU;wBACrB,aAAa,EAAE,GAAG,CAAC,kBAAkB;wBACrC,QAAQ,EAAE,GAAG,CAAC,aAAa;wBAE3B,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;wBAE/B,IAAI,EAAE,GAAG,CAAC,SAAS;wBACnB,YAAY,EAAE,GAAG,CAAC,iBAAiB;wBACnC,OAAO,EAAE,GAAG,CAAC,YAAY;wBAEzB,OAAO,EAAE,GAAG,CAAC,YAAY;wBACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;wBACzC,UAAU,EAAE,GAAG,CAAC,eAAe;qBAChC;oBACD,KAAK,EAAE;wBACL;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE;4BACpC,IAAI,EAAE,GAAG,CAAC,OAAO;4BACjB,GAAG,EAAE,WAAoB,EAAE,yCAAyC;yBACrE;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,kBAAkB,EAAE;4BACjC,IAAI,EAAE,GAAG,CAAC,iBAAiB;4BAC3B,GAAG,EAAE,kBAA2B;yBACjC;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,gBAAgB,EAAE;4BAC/B,IAAI,EAAE,GAAG,CAAC,gBAAgB;4BAC1B,GAAG,EAAE,gBAAyB;yBAC/B;wBACD;4BACE,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE;4BACxB,IAAI,EAAE,GAAG,CAAC,UAAU;4BACpB,GAAG,EAAE,MAAe;yBACrB;qBACF,CAAC,MAAM,CACN,CAA8B,CAAI,EAA6B,EAAE,CAC/D,CAAC,CAAC,IAAI,IAAI,IAAI,IAAI,CAAC,CAAC,IAAI,KAAK,EAAE,CAClC;iBACF;gBACD,cAAc,EAAE,GAAG,CAAC,mBAAmB;aACxC;SACF,CAAA;IAEL,MAAM,UAAU,GAA0B,EAAE,CAAA;IAE5C,IAAI,GAAG,CAAC,mBAAmB,IAAI,IAAI,EAAE,CAAC;QACpC,cAAc,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;QACvC,UAAU,CAAC,YAAY,GAAG,GAAG,CAAC,mBAAmB,CAAA;IACnD,CAAC;IAED,OAAO;QACL,OAAO,EAAE,UAAU;QACnB,EAAE,EAAE,KAAK;QACT,UAAU,EAAE,aAAa;QACzB,SAAS,EAAE,YAAY;QACvB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW;QACrB,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,eAAe,EAAE,kBAAkB;QACnC,YAAY,EAAE,eAAe;QAC7B,WAAW,EAAE,cAAc;QAC3B,UAAU,EAAE,aAAa;QACzB,aAAa,EAAE,gBAAgB;QAC/B,KAAK,EAAE,QAAQ;QACf,UAAU,EAAE,aAAa;QACzB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE,QAAQ;KAChB,CAAA;AACH,CAAC,CAAA","sourcesContent":["import assert from 'node:assert'\nimport path from 'node:path'\nimport { DAY, HOUR, SECOND } from '@atproto/common'\nimport { BrandingInput, HcaptchaConfig } from '@atproto/oauth-provider'\nimport { ensureValidDid } from '@atproto/syntax'\nimport { ServerEnvironment } from './env.js'\n\n// off-config but still from env:\n// logging: LOG_LEVEL, LOG_SYSTEMS, LOG_ENABLED, LOG_DESTINATION\n\nexport const envToCfg = (env: ServerEnvironment): ServerConfig => {\n const port = env.port ?? 2583\n const hostname = env.hostname ?? 'localhost'\n const publicUrl =\n hostname === 'localhost'\n ? `http://localhost:${port}`\n : `https://${hostname}`\n const did = env.serviceDid ?? `did:web:${hostname}`\n const serviceCfg: ServerConfig['service'] = {\n port,\n hostname,\n publicUrl,\n did,\n version: env.version, // default?\n privacyPolicyUrl: env.privacyPolicyUrl,\n termsOfServiceUrl: env.termsOfServiceUrl,\n contactEmailAddress: env.contactEmailAddress,\n acceptingImports: env.acceptingImports ?? true,\n maxImportSize: env.maxImportSize,\n blobUploadLimit: env.blobUploadLimit ?? 5 * 1024 * 1024, // 5mb\n devMode: env.devMode ?? false,\n }\n\n const dbLoc = (name: string) => {\n return env.dataDirectory ? path.join(env.dataDirectory, name) : name\n }\n\n const disableWalAutoCheckpoint = env.disableWalAutoCheckpoint ?? false\n\n const dbCfg: ServerConfig['db'] = {\n accountDbLoc: env.accountDbLocation ?? dbLoc('account.sqlite'),\n sequencerDbLoc: env.sequencerDbLocation ?? dbLoc('sequencer.sqlite'),\n didCacheDbLoc: env.didCacheDbLocation ?? dbLoc('did_cache.sqlite'),\n disableWalAutoCheckpoint,\n }\n\n const actorStoreCfg: ServerConfig['actorStore'] = {\n directory: env.actorStoreDirectory ?? dbLoc('actors'),\n cacheSize: env.actorStoreCacheSize ?? 100,\n disableWalAutoCheckpoint,\n }\n\n let blobstoreCfg: ServerConfig['blobstore']\n if (env.blobstoreS3Bucket && env.blobstoreDiskLocation) {\n throw new Error('Cannot set both S3 and disk blobstore env vars')\n }\n if (env.blobstoreS3Bucket) {\n blobstoreCfg = {\n provider: 's3',\n bucket: env.blobstoreS3Bucket,\n uploadTimeoutMs: env.blobstoreS3UploadTimeoutMs || 20000,\n region: env.blobstoreS3Region,\n endpoint: env.blobstoreS3Endpoint,\n forcePathStyle: env.blobstoreS3ForcePathStyle,\n }\n if (env.blobstoreS3AccessKeyId || env.blobstoreS3SecretAccessKey) {\n if (!env.blobstoreS3AccessKeyId || !env.blobstoreS3SecretAccessKey) {\n throw new Error(\n 'Must specify both S3 access key id and secret access key blobstore env vars',\n )\n }\n blobstoreCfg.credentials = {\n accessKeyId: env.blobstoreS3AccessKeyId,\n secretAccessKey: env.blobstoreS3SecretAccessKey,\n }\n }\n } else if (env.blobstoreDiskLocation) {\n blobstoreCfg = {\n provider: 'disk',\n location: env.blobstoreDiskLocation,\n tempLocation: env.blobstoreDiskTmpLocation,\n }\n } else {\n throw new Error('Must configure either S3 or disk blobstore')\n }\n\n let serviceHandleDomains: string[]\n if (env.serviceHandleDomains && env.serviceHandleDomains.length > 0) {\n serviceHandleDomains = env.serviceHandleDomains\n } else {\n if (hostname === 'localhost') {\n serviceHandleDomains = ['.test']\n } else {\n serviceHandleDomains = [`.${hostname}`]\n }\n }\n const invalidDomain = serviceHandleDomains.find(\n (domain) => domain.length < 1 || !domain.startsWith('.'),\n )\n if (invalidDomain) {\n throw new Error(`Invalid handle domain: ${invalidDomain}`)\n }\n\n const identityCfg: ServerConfig['identity'] = {\n plcUrl: env.didPlcUrl ?? 'https://plc.directory',\n cacheMaxTTL: env.didCacheMaxTTL ?? DAY,\n cacheStaleTTL: env.didCacheStaleTTL ?? HOUR,\n resolverTimeout: env.resolverTimeout ?? 3 * SECOND,\n recoveryDidKey: env.recoveryDidKey ?? null,\n serviceHandleDomains,\n handleBackupNameservers: env.handleBackupNameservers,\n enableDidDocWithSession: !!env.enableDidDocWithSession,\n }\n\n let entrywayCfg: ServerConfig['entryway'] = null\n if (env.entrywayUrl) {\n assert(\n env.entrywayJwtVerifyKeyK256PublicKeyHex &&\n env.entrywayPlcRotationKey &&\n env.entrywayDid,\n 'if entryway url is configured, must include all required entryway configuration',\n )\n entrywayCfg = {\n url: env.entrywayUrl,\n did: env.entrywayDid,\n jwtPublicKeyHex: env.entrywayJwtVerifyKeyK256PublicKeyHex,\n plcRotationKey: env.entrywayPlcRotationKey,\n }\n }\n\n // default to being required if left undefined\n const invitesCfg: ServerConfig['invites'] =\n env.inviteRequired === false\n ? {\n required: false,\n }\n : {\n required: true,\n interval: env.inviteInterval ?? null,\n epoch: env.inviteEpoch ?? 0,\n }\n\n let emailCfg: ServerConfig['email']\n if (!env.emailFromAddress && !env.emailSmtpUrl) {\n emailCfg = null\n } else {\n if (!env.emailFromAddress || !env.emailSmtpUrl) {\n throw new Error(\n 'Partial email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n emailCfg = {\n smtpUrl: env.emailSmtpUrl,\n fromAddress: env.emailFromAddress,\n }\n }\n\n let moderationEmailCfg: ServerConfig['moderationEmail']\n if (!env.moderationEmailAddress && !env.moderationEmailSmtpUrl) {\n moderationEmailCfg = null\n } else {\n if (!env.moderationEmailAddress || !env.moderationEmailSmtpUrl) {\n throw new Error(\n 'Partial moderation email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n moderationEmailCfg = {\n smtpUrl: env.moderationEmailSmtpUrl,\n fromAddress: env.moderationEmailAddress,\n }\n }\n\n const subscriptionCfg: ServerConfig['subscription'] = {\n maxBuffer: env.maxSubscriptionBuffer ?? 500,\n repoBackfillLimitMs: env.repoBackfillLimitMs ?? DAY,\n }\n\n let bskyAppViewCfg: ServerConfig['bskyAppView'] = null\n if (env.bskyAppViewUrl) {\n assert(\n env.bskyAppViewDid,\n 'if bsky appview service url is configured, must configure its did as well.',\n )\n bskyAppViewCfg = {\n url: env.bskyAppViewUrl,\n did: env.bskyAppViewDid,\n cdnUrlPattern: env.bskyAppViewCdnUrlPattern,\n }\n }\n\n let modServiceCfg: ServerConfig['modService'] = null\n if (env.modServiceUrl) {\n assert(\n env.modServiceDid,\n 'if mod service url is configured, must configure its did as well.',\n )\n modServiceCfg = {\n url: env.modServiceUrl,\n did: env.modServiceDid,\n }\n }\n\n let reportServiceCfg: ServerConfig['reportService'] = null\n if (env.reportServiceUrl) {\n assert(\n env.reportServiceDid,\n 'if report service url is configured, must configure its did as well.',\n )\n reportServiceCfg = {\n url: env.reportServiceUrl,\n did: env.reportServiceDid,\n }\n }\n\n // if there's a mod service, default report service into it\n if (modServiceCfg && !reportServiceCfg) {\n reportServiceCfg = modServiceCfg\n }\n\n const redisCfg: ServerConfig['redis'] = env.redisScratchAddress\n ? {\n address: env.redisScratchAddress,\n password: env.redisScratchPassword,\n }\n : null\n\n const rateLimitsCfg: ServerConfig['rateLimits'] = env.rateLimitsEnabled\n ? {\n enabled: true,\n bypassKey: env.rateLimitBypassKey,\n bypassIps: env.rateLimitBypassIps?.map((ipOrCidr) =>\n ipOrCidr.split('/')[0]?.trim(),\n ),\n }\n : { enabled: false }\n\n const crawlersCfg: ServerConfig['crawlers'] = env.crawlers ?? []\n\n const fetchCfg: ServerConfig['fetch'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n maxResponseSize: env.fetchMaxResponseSize ?? 512 * 1024, // 512kb\n }\n\n const proxyCfg: ServerConfig['proxy'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n allowHTTP2: env.proxyAllowHTTP2 ?? false,\n headersTimeout: env.proxyHeadersTimeout ?? 10e3,\n bodyTimeout: env.proxyBodyTimeout ?? 30e3,\n maxResponseSize: env.proxyMaxResponseSize ?? 10 * 1024 * 1024, // 10mb\n maxRetries:\n env.proxyMaxRetries != null && env.proxyMaxRetries > 0\n ? env.proxyMaxRetries\n : 0,\n preferCompressed: env.proxyPreferCompressed ?? false,\n }\n\n const oauthCfg: ServerConfig['oauth'] = entrywayCfg\n ? {\n issuer: entrywayCfg.url,\n provider: undefined,\n }\n : {\n issuer: serviceCfg.publicUrl,\n provider: {\n hcaptcha:\n env.hcaptchaSiteKey &&\n env.hcaptchaSecretKey &&\n env.hcaptchaTokenSalt\n ? {\n siteKey: env.hcaptchaSiteKey,\n secretKey: env.hcaptchaSecretKey,\n tokenSalt: env.hcaptchaTokenSalt,\n }\n : undefined,\n branding: {\n name: env.serviceName ?? `${hostname} PDS`,\n logo: env.logoUrl,\n colors: {\n light: env.lightColor,\n dark: env.darkColor,\n\n contrastSaturation: env.contrastSaturation,\n\n primary: env.primaryColor,\n primaryContrast: env.primaryColorContrast,\n primaryHue: env.primaryColorHue,\n\n error: env.errorColor,\n errorContrast: env.errorColorContrast,\n errorHue: env.errorColorHue,\n\n warning: env.warningColor,\n warningContrast: env.warningColorContrast,\n warningHue: env.warningColorHue,\n\n info: env.infoColor,\n infoContrast: env.infoColorContrast,\n infoHue: env.infoColorHue,\n\n success: env.successColor,\n successContrast: env.successColorContrast,\n successHue: env.successColorHue,\n },\n links: [\n {\n title: { en: 'Home', fr: 'Accueil' },\n href: env.homeUrl,\n rel: 'canonical' as const, // Prevents login page from being indexed\n },\n {\n title: { en: 'Terms of Service' },\n href: env.termsOfServiceUrl,\n rel: 'terms-of-service' as const,\n },\n {\n title: { en: 'Privacy Policy' },\n href: env.privacyPolicyUrl,\n rel: 'privacy-policy' as const,\n },\n {\n title: { en: 'Support' },\n href: env.supportUrl,\n rel: 'help' as const,\n },\n ].filter(\n <T extends { href?: string }>(f: T): f is T & { href: string } =>\n f.href != null && f.href !== '',\n ),\n },\n trustedClients: env.trustedOAuthClients,\n },\n }\n\n const lexiconCfg: LexiconResolverConfig = {}\n\n if (env.lexiconDidAuthority != null) {\n ensureValidDid(env.lexiconDidAuthority)\n lexiconCfg.didAuthority = env.lexiconDidAuthority\n }\n\n return {\n service: serviceCfg,\n db: dbCfg,\n actorStore: actorStoreCfg,\n blobstore: blobstoreCfg,\n identity: identityCfg,\n entryway: entrywayCfg,\n invites: invitesCfg,\n email: emailCfg,\n moderationEmail: moderationEmailCfg,\n subscription: subscriptionCfg,\n bskyAppView: bskyAppViewCfg,\n modService: modServiceCfg,\n reportService: reportServiceCfg,\n redis: redisCfg,\n rateLimits: rateLimitsCfg,\n crawlers: crawlersCfg,\n fetch: fetchCfg,\n lexicon: lexiconCfg,\n proxy: proxyCfg,\n oauth: oauthCfg,\n }\n}\n\nexport type ServerConfig = {\n service: ServiceConfig\n db: DatabaseConfig\n actorStore: ActorStoreConfig\n blobstore: S3BlobstoreConfig | DiskBlobstoreConfig\n identity: IdentityConfig\n entryway: EntrywayConfig | null\n invites: InvitesConfig\n email: EmailConfig | null\n moderationEmail: EmailConfig | null\n subscription: SubscriptionConfig\n bskyAppView: BksyAppViewConfig | null\n modService: ModServiceConfig | null\n reportService: ReportServiceConfig | null\n redis: RedisScratchConfig | null\n rateLimits: RateLimitsConfig\n crawlers: string[]\n fetch: FetchConfig\n proxy: ProxyConfig\n oauth: OAuthConfig\n lexicon: LexiconResolverConfig\n}\n\nexport type ServiceConfig = {\n port: number\n hostname: string\n publicUrl: string\n did: string\n version?: string\n privacyPolicyUrl?: string\n termsOfServiceUrl?: string\n acceptingImports: boolean\n maxImportSize?: number\n blobUploadLimit: number\n contactEmailAddress?: string\n devMode: boolean\n}\n\nexport type DatabaseConfig = {\n accountDbLoc: string\n sequencerDbLoc: string\n didCacheDbLoc: string\n disableWalAutoCheckpoint: boolean\n}\n\nexport type ActorStoreConfig = {\n directory: string\n cacheSize: number\n disableWalAutoCheckpoint: boolean\n}\n\nexport type S3BlobstoreConfig = {\n provider: 's3'\n bucket: string\n region?: string\n endpoint?: string\n forcePathStyle?: boolean\n uploadTimeoutMs?: number\n credentials?: {\n accessKeyId: string\n secretAccessKey: string\n }\n}\n\nexport type DiskBlobstoreConfig = {\n provider: 'disk'\n location: string\n tempLocation?: string\n}\n\nexport type IdentityConfig = {\n plcUrl: string\n resolverTimeout: number\n cacheStaleTTL: number\n cacheMaxTTL: number\n recoveryDidKey: string | null\n serviceHandleDomains: string[]\n handleBackupNameservers?: string[]\n enableDidDocWithSession: boolean\n}\n\nexport type EntrywayConfig = {\n url: string\n did: string\n jwtPublicKeyHex: string\n plcRotationKey: string\n}\n\nexport type FetchConfig = {\n disableSsrfProtection: boolean\n maxResponseSize: number\n}\n\nexport type ProxyConfig = {\n disableSsrfProtection: boolean\n allowHTTP2: boolean\n headersTimeout: number\n bodyTimeout: number\n maxResponseSize: number\n maxRetries: number\n\n /**\n * When proxying requests that might get intercepted (for read-after-write) we\n * negotiate the encoding based on the client's preferences. We will however\n * use or own weights in order to be able to better control if the PDS will\n * need to perform content decoding. This settings allows to prefer compressed\n * content over uncompressed one.\n */\n preferCompressed: boolean\n}\n\nexport type OAuthConfig = {\n issuer: string\n provider?: {\n hcaptcha?: HcaptchaConfig\n branding: BrandingInput\n trustedClients?: string[]\n }\n}\n\nexport type LexiconResolverConfig = {\n didAuthority?: `did:${string}:${string}`\n}\n\nexport type InvitesConfig =\n | {\n required: true\n interval: number | null\n epoch: number\n }\n | {\n required: false\n }\n\nexport type EmailConfig = {\n smtpUrl: string\n fromAddress: string\n}\n\nexport type SubscriptionConfig = {\n maxBuffer: number\n repoBackfillLimitMs: number\n}\n\nexport type RedisScratchConfig = {\n address: string\n password?: string\n}\n\nexport type RateLimitsConfig =\n | {\n enabled: true\n bypassKey?: string\n bypassIps?: string[]\n }\n | { enabled: false }\n\nexport type BksyAppViewConfig = {\n url: string\n did: string\n cdnUrlPattern?: string\n}\n\nexport type ModServiceConfig = {\n url: string\n did: string\n}\n\nexport type ReportServiceConfig = {\n url: string\n did: string\n}\n"]}
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/config/config.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAA;AAChC,OAAO,IAAI,MAAM,WAAW,CAAA;AAC5B,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAKnD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAKhD,iCAAiC;AACjC,gEAAgE;AAEhE,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,GAAsB,EAAgB,EAAE;IAC/D,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,IAAI,CAAA;IAC7B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,WAAW,CAAA;IAC5C,MAAM,SAAS,GACb,QAAQ,KAAK,WAAW;QACtB,CAAC,CAAC,oBAAoB,IAAI,EAAE;QAC5B,CAAC,CAAC,WAAW,QAAQ,EAAE,CAAA;IAC3B,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,IAAI,WAAW,QAAQ,EAAE,CAAA;IACnD,MAAM,UAAU,GAA4B;QAC1C,IAAI;QACJ,QAAQ;QACR,SAAS;QACT,GAAG;QACH,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,WAAW;QACjC,gBAAgB,EAAE,GAAG,CAAC,gBAAgB;QACtC,iBAAiB,EAAE,GAAG,CAAC,iBAAiB;QACxC,mBAAmB,EAAE,GAAG,CAAC,mBAAmB;QAC5C,gBAAgB,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QAC9C,aAAa,EAAE,GAAG,CAAC,aAAa;QAChC,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,IAAI,GAAG,IAAI,EAAE,MAAM;QAC/D,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,KAAK;KAC9B,CAAA;IAED,MAAM,KAAK,GAAG,CAAC,IAAY,EAAE,EAAE;QAC7B,OAAO,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACtE,CAAC,CAAA;IAED,MAAM,wBAAwB,GAAG,GAAG,CAAC,wBAAwB,IAAI,KAAK,CAAA;IAEtE,MAAM,KAAK,GAAuB;QAChC,YAAY,EAAE,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,gBAAgB,CAAC;QAC9D,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QACpE,aAAa,EAAE,GAAG,CAAC,kBAAkB,IAAI,KAAK,CAAC,kBAAkB,CAAC;QAClE,wBAAwB;KACzB,CAAA;IAED,MAAM,aAAa,GAA+B;QAChD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,KAAK,CAAC,QAAQ,CAAC;QACrD,SAAS,EAAE,GAAG,CAAC,mBAAmB,IAAI,GAAG;QACzC,wBAAwB;KACzB,CAAA;IAED,IAAI,YAAuC,CAAA;IAC3C,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IACD,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAC1B,YAAY,GAAG;YACb,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,eAAe,EAAE,GAAG,CAAC,0BAA0B,IAAI,KAAK;YACxD,MAAM,EAAE,GAAG,CAAC,iBAAiB;YAC7B,QAAQ,EAAE,GAAG,CAAC,mBAAmB;YACjC,cAAc,EAAE,GAAG,CAAC,yBAAyB;SAC9C,CAAA;QACD,IAAI,GAAG,CAAC,sBAAsB,IAAI,GAAG,CAAC,0BAA0B,EAAE,CAAC;YACjE,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,0BAA0B,EAAE,CAAC;gBACnE,MAAM,IAAI,KAAK,CACb,6EAA6E,CAC9E,CAAA;YACH,CAAC;YACD,YAAY,CAAC,WAAW,GAAG;gBACzB,WAAW,EAAE,GAAG,CAAC,sBAAsB;gBACvC,eAAe,EAAE,GAAG,CAAC,0BAA0B;aAChD,CAAA;QACH,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,qBAAqB,EAAE,CAAC;QACrC,YAAY,GAAG;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,GAAG,CAAC,qBAAqB;YACnC,YAAY,EAAE,GAAG,CAAC,wBAAwB;SAC3C,CAAA;IACH,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;IAC/D,CAAC;IAED,IAAI,oBAA8B,CAAA;IAClC,IAAI,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpE,oBAAoB,GAAG,GAAG,CAAC,oBAAoB,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC7B,oBAAoB,GAAG,CAAC,OAAO,CAAC,CAAA;QAClC,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAA;QACzC,CAAC;IACH,CAAC;IACD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAC7C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CACzD,CAAA;IACD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,0BAA0B,aAAa,EAAE,CAAC,CAAA;IAC5D,CAAC;IAED,MAAM,WAAW,GAA6B;QAC5C,MAAM,EAAE,GAAG,CAAC,SAAS,IAAI,uBAAuB;QAChD,WAAW,EAAE,GAAG,CAAC,cAAc,IAAI,GAAG;QACtC,aAAa,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QAC3C,eAAe,EAAE,GAAG,CAAC,eAAe,IAAI,CAAC,GAAG,MAAM;QAClD,cAAc,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;QAC1C,oBAAoB;QACpB,uBAAuB,EAAE,GAAG,CAAC,uBAAuB;QACpD,uBAAuB,EAAE,CAAC,CAAC,GAAG,CAAC,uBAAuB;KACvD,CAAA;IAED,IAAI,WAAW,GAA6B,IAAI,CAAA;IAChD,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;QACpB,MAAM,CACJ,GAAG,CAAC,oCAAoC;YACtC,GAAG,CAAC,sBAAsB;YAC1B,GAAG,CAAC,WAAW,EACjB,iFAAiF,CAClF,CAAA;QACD,WAAW,GAAG;YACZ,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,GAAG,EAAE,GAAG,CAAC,WAAW;YACpB,eAAe,EAAE,GAAG,CAAC,oCAAoC;YACzD,cAAc,EAAE,GAAG,CAAC,sBAAsB;SAC3C,CAAA;IACH,CAAC;IAED,8CAA8C;IAC9C,MAAM,UAAU,GACd,GAAG,CAAC,cAAc,KAAK,KAAK;QAC1B,CAAC,CAAC;YACE,QAAQ,EAAE,KAAK;SAChB;QACH,CAAC,CAAC;YACE,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,cAAc,IAAI,IAAI;YACpC,KAAK,EAAE,GAAG,CAAC,WAAW,IAAI,CAAC;SAC5B,CAAA;IAEP,IAAI,QAA+B,CAAA;IACnC,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC/C,QAAQ,GAAG,IAAI,CAAA;IACjB,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAC/C,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAA;QACH,CAAC;QACD,QAAQ,GAAG;YACT,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,WAAW,EAAE,GAAG,CAAC,gBAAgB;YACjC,uBAAuB,EAAE,GAAG,CAAC,4BAA4B,IAAI,KAAK;SACnE,CAAA;IACH,CAAC;IAED,IAAI,kBAAmD,CAAA;IACvD,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;QAC/D,kBAAkB,GAAG,IAAI,CAAA;IAC3B,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;QACH,CAAC;QACD,kBAAkB,GAAG;YACnB,OAAO,EAAE,GAAG,CAAC,sBAAsB;YACnC,WAAW,EAAE,GAAG,CAAC,sBAAsB;YACvC,uBAAuB,EAAE,KAAK;SAC/B,CAAA;IACH,CAAC;IAED,MAAM,eAAe,GAAiC;QACpD,SAAS,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG;QAC3C,mBAAmB,EAAE,GAAG,CAAC,mBAAmB,IAAI,GAAG;KACpD,CAAA;IAED,IAAI,cAAc,GAAgC,IAAI,CAAA;IACtD,IAAI,GAAG,CAAC,cAAc,EAAE,CAAC;QACvB,MAAM,CACJ,GAAG,CAAC,cAAc,EAClB,4EAA4E,CAC7E,CAAA;QACD,cAAc,GAAG;YACf,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,GAAG,EAAE,GAAG,CAAC,cAAc;YACvB,aAAa,EAAE,GAAG,CAAC,wBAAwB;SAC5C,CAAA;IACH,CAAC;IAED,IAAI,aAAa,GAA+B,IAAI,CAAA;IACpD,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QACtB,MAAM,CACJ,GAAG,CAAC,aAAa,EACjB,mEAAmE,CACpE,CAAA;QACD,aAAa,GAAG;YACd,GAAG,EAAE,GAAG,CAAC,aAAa;YACtB,GAAG,EAAE,GAAG,CAAC,aAAa;SACvB,CAAA;IACH,CAAC;IAED,IAAI,gBAAgB,GAAkC,IAAI,CAAA;IAC1D,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACzB,MAAM,CACJ,GAAG,CAAC,gBAAgB,EACpB,sEAAsE,CACvE,CAAA;QACD,gBAAgB,GAAG;YACjB,GAAG,EAAE,GAAG,CAAC,gBAAgB;YACzB,GAAG,EAAE,GAAG,CAAC,gBAAgB;SAC1B,CAAA;IACH,CAAC;IAED,2DAA2D;IAC3D,IAAI,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACvC,gBAAgB,GAAG,aAAa,CAAA;IAClC,CAAC;IAED,MAAM,QAAQ,GAA0B,GAAG,CAAC,mBAAmB;QAC7D,CAAC,CAAC;YACE,OAAO,EAAE,GAAG,CAAC,mBAAmB;YAChC,QAAQ,EAAE,GAAG,CAAC,oBAAoB;SACnC;QACH,CAAC,CAAC,IAAI,CAAA;IAER,MAAM,aAAa,GAA+B,GAAG,CAAC,iBAAiB;QACrE,CAAC,CAAC;YACE,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,kBAAkB;YACjC,SAAS,EAAE,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAClD,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAC/B;SACF;QACH,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;IAEtB,MAAM,WAAW,GAA6B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAA;IAEhE,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,GAAG,GAAG,IAAI,EAAE,QAAQ;KAClE,CAAA;IAED,MAAM,QAAQ,GAA0B;QACtC,qBAAqB,EAAE,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,OAAO,IAAI,KAAK;QACxE,UAAU,EAAE,GAAG,CAAC,eAAe,IAAI,KAAK;QACxC,cAAc,EAAE,GAAG,CAAC,mBAAmB,IAAI,IAAI;QAC/C,WAAW,EAAE,GAAG,CAAC,gBAAgB,IAAI,IAAI;QACzC,eAAe,EAAE,GAAG,CAAC,oBAAoB,IAAI,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;QACtE,UAAU,EACR,GAAG,CAAC,eAAe,IAAI,IAAI,IAAI,GAAG,CAAC,eAAe,GAAG,CAAC;YACpD,CAAC,CAAC,GAAG,CAAC,eAAe;YACrB,CAAC,CAAC,CAAC;QACP,gBAAgB,EAAE,GAAG,CAAC,qBAAqB,IAAI,KAAK;KACrD,CAAA;IAED,MAAM,WAAW,GAAG;QAClB,IAAI,EAAE,GAAG,CAAC,WAAW,IAAI,GAAG,QAAQ,MAAM;QAC1C,IAAI,EAAE,GAAG,CAAC,OAAO;QACjB,MAAM,EAAE;YACN,KAAK,EAAE,GAAG,CAAC,UAAU;YACrB,IAAI,EAAE,GAAG,CAAC,SAAS;YAEnB,kBAAkB,EAAE,GAAG,CAAC,kBAAkB;YAE1C,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;YACzC,UAAU,EAAE,GAAG,CAAC,eAAe;YAE/B,KAAK,EAAE,GAAG,CAAC,UAAU;YACrB,aAAa,EAAE,GAAG,CAAC,kBAAkB;YACrC,QAAQ,EAAE,GAAG,CAAC,aAAa;YAE3B,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;YACzC,UAAU,EAAE,GAAG,CAAC,eAAe;YAE/B,IAAI,EAAE,GAAG,CAAC,SAAS;YACnB,YAAY,EAAE,GAAG,CAAC,iBAAiB;YACnC,OAAO,EAAE,GAAG,CAAC,YAAY;YAEzB,OAAO,EAAE,GAAG,CAAC,YAAY;YACzB,eAAe,EAAE,GAAG,CAAC,oBAAoB;YACzC,UAAU,EAAE,GAAG,CAAC,eAAe;SAChC;QACD,KAAK,EAAE;YACL;gBACE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE;gBACpC,IAAI,EAAE,GAAG,CAAC,OAAO;gBACjB,GAAG,EAAE,WAAoB,EAAE,yCAAyC;aACrE;YACD;gBACE,KAAK,EAAE,EAAE,EAAE,EAAE,kBAAkB,EAAE;gBACjC,IAAI,EAAE,GAAG,CAAC,iBAAiB;gBAC3B,GAAG,EAAE,kBAA2B;aACjC;YACD;gBACE,KAAK,EAAE,EAAE,EAAE,EAAE,gBAAgB,EAAE;gBAC/B,IAAI,EAAE,GAAG,CAAC,gBAAgB;gBAC1B,GAAG,EAAE,gBAAyB;aAC/B;YACD;gBACE,KAAK,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE;gBACxB,IAAI,EAAE,GAAG,CAAC,UAAU;gBACpB,GAAG,EAAE,MAAe;aACrB;SACF,CAAC,MAAM,CACN,CAA8B,CAAI,EAA6B,EAAE,CAC/D,CAAC,CAAC,IAAI,IAAI,IAAI,IAAI,CAAC,CAAC,IAAI,KAAK,EAAE,CAClC;KACF,CAAA;IAED,MAAM,QAAQ,GAA0B,WAAW;QACjD,CAAC,CAAC;YACE,MAAM,EAAE,WAAW,CAAC,GAAG;YACvB,QAAQ,EAAE,SAAS;SACpB;QACH,CAAC,CAAC;YACE,MAAM,EAAE,UAAU,CAAC,SAAS;YAC5B,QAAQ,EAAE;gBACR,QAAQ,EACN,GAAG,CAAC,eAAe;oBACnB,GAAG,CAAC,iBAAiB;oBACrB,GAAG,CAAC,iBAAiB;oBACnB,CAAC,CAAC;wBACE,OAAO,EAAE,GAAG,CAAC,eAAe;wBAC5B,SAAS,EAAE,GAAG,CAAC,iBAAiB;wBAChC,SAAS,EAAE,GAAG,CAAC,iBAAiB;qBACjC;oBACH,CAAC,CAAC,SAAS;gBACf,QAAQ,EAAE,WAAW;gBACrB,cAAc,EAAE,GAAG,CAAC,mBAAmB;aACxC;SACF,CAAA;IAEL,MAAM,UAAU,GAA0B,EAAE,CAAA;IAE5C,IAAI,GAAG,CAAC,mBAAmB,IAAI,IAAI,EAAE,CAAC;QACpC,cAAc,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;QACvC,UAAU,CAAC,YAAY,GAAG,GAAG,CAAC,mBAAmB,CAAA;IACnD,CAAC;IAED,OAAO;QACL,OAAO,EAAE,UAAU;QACnB,EAAE,EAAE,KAAK;QACT,UAAU,EAAE,aAAa;QACzB,SAAS,EAAE,YAAY;QACvB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW;QACrB,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,eAAe,EAAE,kBAAkB;QACnC,YAAY,EAAE,eAAe;QAC7B,WAAW,EAAE,cAAc;QAC3B,UAAU,EAAE,aAAa;QACzB,aAAa,EAAE,gBAAgB;QAC/B,KAAK,EAAE,QAAQ;QACf,UAAU,EAAE,aAAa;QACzB,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,QAAQ;QACf,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,QAAQ;KAChB,CAAA;AACH,CAAC,CAAA","sourcesContent":["import assert from 'node:assert'\nimport path from 'node:path'\nimport { DAY, HOUR, SECOND } from '@atproto/common'\nimport {\n BrandingInput as BrandingConfig,\n HcaptchaConfig,\n} from '@atproto/oauth-provider'\nimport { ensureValidDid } from '@atproto/syntax'\nimport { ServerEnvironment } from './env.js'\n\nexport type { BrandingConfig }\n\n// off-config but still from env:\n// logging: LOG_LEVEL, LOG_SYSTEMS, LOG_ENABLED, LOG_DESTINATION\n\nexport const envToCfg = (env: ServerEnvironment): ServerConfig => {\n const port = env.port ?? 2583\n const hostname = env.hostname ?? 'localhost'\n const publicUrl =\n hostname === 'localhost'\n ? `http://localhost:${port}`\n : `https://${hostname}`\n const did = env.serviceDid ?? `did:web:${hostname}`\n const serviceCfg: ServerConfig['service'] = {\n port,\n hostname,\n publicUrl,\n did,\n version: env.version, // default?\n privacyPolicyUrl: env.privacyPolicyUrl,\n termsOfServiceUrl: env.termsOfServiceUrl,\n contactEmailAddress: env.contactEmailAddress,\n acceptingImports: env.acceptingImports ?? true,\n maxImportSize: env.maxImportSize,\n blobUploadLimit: env.blobUploadLimit ?? 5 * 1024 * 1024, // 5mb\n devMode: env.devMode ?? false,\n }\n\n const dbLoc = (name: string) => {\n return env.dataDirectory ? path.join(env.dataDirectory, name) : name\n }\n\n const disableWalAutoCheckpoint = env.disableWalAutoCheckpoint ?? false\n\n const dbCfg: ServerConfig['db'] = {\n accountDbLoc: env.accountDbLocation ?? dbLoc('account.sqlite'),\n sequencerDbLoc: env.sequencerDbLocation ?? dbLoc('sequencer.sqlite'),\n didCacheDbLoc: env.didCacheDbLocation ?? dbLoc('did_cache.sqlite'),\n disableWalAutoCheckpoint,\n }\n\n const actorStoreCfg: ServerConfig['actorStore'] = {\n directory: env.actorStoreDirectory ?? dbLoc('actors'),\n cacheSize: env.actorStoreCacheSize ?? 100,\n disableWalAutoCheckpoint,\n }\n\n let blobstoreCfg: ServerConfig['blobstore']\n if (env.blobstoreS3Bucket && env.blobstoreDiskLocation) {\n throw new Error('Cannot set both S3 and disk blobstore env vars')\n }\n if (env.blobstoreS3Bucket) {\n blobstoreCfg = {\n provider: 's3',\n bucket: env.blobstoreS3Bucket,\n uploadTimeoutMs: env.blobstoreS3UploadTimeoutMs || 20000,\n region: env.blobstoreS3Region,\n endpoint: env.blobstoreS3Endpoint,\n forcePathStyle: env.blobstoreS3ForcePathStyle,\n }\n if (env.blobstoreS3AccessKeyId || env.blobstoreS3SecretAccessKey) {\n if (!env.blobstoreS3AccessKeyId || !env.blobstoreS3SecretAccessKey) {\n throw new Error(\n 'Must specify both S3 access key id and secret access key blobstore env vars',\n )\n }\n blobstoreCfg.credentials = {\n accessKeyId: env.blobstoreS3AccessKeyId,\n secretAccessKey: env.blobstoreS3SecretAccessKey,\n }\n }\n } else if (env.blobstoreDiskLocation) {\n blobstoreCfg = {\n provider: 'disk',\n location: env.blobstoreDiskLocation,\n tempLocation: env.blobstoreDiskTmpLocation,\n }\n } else {\n throw new Error('Must configure either S3 or disk blobstore')\n }\n\n let serviceHandleDomains: string[]\n if (env.serviceHandleDomains && env.serviceHandleDomains.length > 0) {\n serviceHandleDomains = env.serviceHandleDomains\n } else {\n if (hostname === 'localhost') {\n serviceHandleDomains = ['.test']\n } else {\n serviceHandleDomains = [`.${hostname}`]\n }\n }\n const invalidDomain = serviceHandleDomains.find(\n (domain) => domain.length < 1 || !domain.startsWith('.'),\n )\n if (invalidDomain) {\n throw new Error(`Invalid handle domain: ${invalidDomain}`)\n }\n\n const identityCfg: ServerConfig['identity'] = {\n plcUrl: env.didPlcUrl ?? 'https://plc.directory',\n cacheMaxTTL: env.didCacheMaxTTL ?? DAY,\n cacheStaleTTL: env.didCacheStaleTTL ?? HOUR,\n resolverTimeout: env.resolverTimeout ?? 3 * SECOND,\n recoveryDidKey: env.recoveryDidKey ?? null,\n serviceHandleDomains,\n handleBackupNameservers: env.handleBackupNameservers,\n enableDidDocWithSession: !!env.enableDidDocWithSession,\n }\n\n let entrywayCfg: ServerConfig['entryway'] = null\n if (env.entrywayUrl) {\n assert(\n env.entrywayJwtVerifyKeyK256PublicKeyHex &&\n env.entrywayPlcRotationKey &&\n env.entrywayDid,\n 'if entryway url is configured, must include all required entryway configuration',\n )\n entrywayCfg = {\n url: env.entrywayUrl,\n did: env.entrywayDid,\n jwtPublicKeyHex: env.entrywayJwtVerifyKeyK256PublicKeyHex,\n plcRotationKey: env.entrywayPlcRotationKey,\n }\n }\n\n // default to being required if left undefined\n const invitesCfg: ServerConfig['invites'] =\n env.inviteRequired === false\n ? {\n required: false,\n }\n : {\n required: true,\n interval: env.inviteInterval ?? null,\n epoch: env.inviteEpoch ?? 0,\n }\n\n let emailCfg: ServerConfig['email']\n if (!env.emailFromAddress && !env.emailSmtpUrl) {\n emailCfg = null\n } else {\n if (!env.emailFromAddress || !env.emailSmtpUrl) {\n throw new Error(\n 'Partial email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n emailCfg = {\n smtpUrl: env.emailSmtpUrl,\n fromAddress: env.emailFromAddress,\n disableConfirmationLink: env.emailDisableConfirmationLink ?? false,\n }\n }\n\n let moderationEmailCfg: ServerConfig['moderationEmail']\n if (!env.moderationEmailAddress && !env.moderationEmailSmtpUrl) {\n moderationEmailCfg = null\n } else {\n if (!env.moderationEmailAddress || !env.moderationEmailSmtpUrl) {\n throw new Error(\n 'Partial moderation email config, must set both emailFromAddress and emailSmtpUrl',\n )\n }\n moderationEmailCfg = {\n smtpUrl: env.moderationEmailSmtpUrl,\n fromAddress: env.moderationEmailAddress,\n disableConfirmationLink: false,\n }\n }\n\n const subscriptionCfg: ServerConfig['subscription'] = {\n maxBuffer: env.maxSubscriptionBuffer ?? 500,\n repoBackfillLimitMs: env.repoBackfillLimitMs ?? DAY,\n }\n\n let bskyAppViewCfg: ServerConfig['bskyAppView'] = null\n if (env.bskyAppViewUrl) {\n assert(\n env.bskyAppViewDid,\n 'if bsky appview service url is configured, must configure its did as well.',\n )\n bskyAppViewCfg = {\n url: env.bskyAppViewUrl,\n did: env.bskyAppViewDid,\n cdnUrlPattern: env.bskyAppViewCdnUrlPattern,\n }\n }\n\n let modServiceCfg: ServerConfig['modService'] = null\n if (env.modServiceUrl) {\n assert(\n env.modServiceDid,\n 'if mod service url is configured, must configure its did as well.',\n )\n modServiceCfg = {\n url: env.modServiceUrl,\n did: env.modServiceDid,\n }\n }\n\n let reportServiceCfg: ServerConfig['reportService'] = null\n if (env.reportServiceUrl) {\n assert(\n env.reportServiceDid,\n 'if report service url is configured, must configure its did as well.',\n )\n reportServiceCfg = {\n url: env.reportServiceUrl,\n did: env.reportServiceDid,\n }\n }\n\n // if there's a mod service, default report service into it\n if (modServiceCfg && !reportServiceCfg) {\n reportServiceCfg = modServiceCfg\n }\n\n const redisCfg: ServerConfig['redis'] = env.redisScratchAddress\n ? {\n address: env.redisScratchAddress,\n password: env.redisScratchPassword,\n }\n : null\n\n const rateLimitsCfg: ServerConfig['rateLimits'] = env.rateLimitsEnabled\n ? {\n enabled: true,\n bypassKey: env.rateLimitBypassKey,\n bypassIps: env.rateLimitBypassIps?.map((ipOrCidr) =>\n ipOrCidr.split('/')[0]?.trim(),\n ),\n }\n : { enabled: false }\n\n const crawlersCfg: ServerConfig['crawlers'] = env.crawlers ?? []\n\n const fetchCfg: ServerConfig['fetch'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n maxResponseSize: env.fetchMaxResponseSize ?? 512 * 1024, // 512kb\n }\n\n const proxyCfg: ServerConfig['proxy'] = {\n disableSsrfProtection: env.disableSsrfProtection ?? env.devMode ?? false,\n allowHTTP2: env.proxyAllowHTTP2 ?? false,\n headersTimeout: env.proxyHeadersTimeout ?? 10e3,\n bodyTimeout: env.proxyBodyTimeout ?? 30e3,\n maxResponseSize: env.proxyMaxResponseSize ?? 10 * 1024 * 1024, // 10mb\n maxRetries:\n env.proxyMaxRetries != null && env.proxyMaxRetries > 0\n ? env.proxyMaxRetries\n : 0,\n preferCompressed: env.proxyPreferCompressed ?? false,\n }\n\n const brandingCfg = {\n name: env.serviceName ?? `${hostname} PDS`,\n logo: env.logoUrl,\n colors: {\n light: env.lightColor,\n dark: env.darkColor,\n\n contrastSaturation: env.contrastSaturation,\n\n primary: env.primaryColor,\n primaryContrast: env.primaryColorContrast,\n primaryHue: env.primaryColorHue,\n\n error: env.errorColor,\n errorContrast: env.errorColorContrast,\n errorHue: env.errorColorHue,\n\n warning: env.warningColor,\n warningContrast: env.warningColorContrast,\n warningHue: env.warningColorHue,\n\n info: env.infoColor,\n infoContrast: env.infoColorContrast,\n infoHue: env.infoColorHue,\n\n success: env.successColor,\n successContrast: env.successColorContrast,\n successHue: env.successColorHue,\n },\n links: [\n {\n title: { en: 'Home', fr: 'Accueil' },\n href: env.homeUrl,\n rel: 'canonical' as const, // Prevents login page from being indexed\n },\n {\n title: { en: 'Terms of Service' },\n href: env.termsOfServiceUrl,\n rel: 'terms-of-service' as const,\n },\n {\n title: { en: 'Privacy Policy' },\n href: env.privacyPolicyUrl,\n rel: 'privacy-policy' as const,\n },\n {\n title: { en: 'Support' },\n href: env.supportUrl,\n rel: 'help' as const,\n },\n ].filter(\n <T extends { href?: string }>(f: T): f is T & { href: string } =>\n f.href != null && f.href !== '',\n ),\n }\n\n const oauthCfg: ServerConfig['oauth'] = entrywayCfg\n ? {\n issuer: entrywayCfg.url,\n provider: undefined,\n }\n : {\n issuer: serviceCfg.publicUrl,\n provider: {\n hcaptcha:\n env.hcaptchaSiteKey &&\n env.hcaptchaSecretKey &&\n env.hcaptchaTokenSalt\n ? {\n siteKey: env.hcaptchaSiteKey,\n secretKey: env.hcaptchaSecretKey,\n tokenSalt: env.hcaptchaTokenSalt,\n }\n : undefined,\n branding: brandingCfg,\n trustedClients: env.trustedOAuthClients,\n },\n }\n\n const lexiconCfg: LexiconResolverConfig = {}\n\n if (env.lexiconDidAuthority != null) {\n ensureValidDid(env.lexiconDidAuthority)\n lexiconCfg.didAuthority = env.lexiconDidAuthority\n }\n\n return {\n service: serviceCfg,\n db: dbCfg,\n actorStore: actorStoreCfg,\n blobstore: blobstoreCfg,\n identity: identityCfg,\n entryway: entrywayCfg,\n invites: invitesCfg,\n email: emailCfg,\n moderationEmail: moderationEmailCfg,\n subscription: subscriptionCfg,\n bskyAppView: bskyAppViewCfg,\n modService: modServiceCfg,\n reportService: reportServiceCfg,\n redis: redisCfg,\n rateLimits: rateLimitsCfg,\n crawlers: crawlersCfg,\n fetch: fetchCfg,\n lexicon: lexiconCfg,\n proxy: proxyCfg,\n branding: brandingCfg,\n oauth: oauthCfg,\n }\n}\n\nexport type ServerConfig = {\n service: ServiceConfig\n db: DatabaseConfig\n actorStore: ActorStoreConfig\n blobstore: S3BlobstoreConfig | DiskBlobstoreConfig\n identity: IdentityConfig\n entryway: EntrywayConfig | null\n invites: InvitesConfig\n email: EmailConfig | null\n moderationEmail: EmailConfig | null\n subscription: SubscriptionConfig\n bskyAppView: BksyAppViewConfig | null\n modService: ModServiceConfig | null\n reportService: ReportServiceConfig | null\n redis: RedisScratchConfig | null\n rateLimits: RateLimitsConfig\n crawlers: string[]\n fetch: FetchConfig\n proxy: ProxyConfig\n branding: BrandingConfig\n oauth: OAuthConfig\n lexicon: LexiconResolverConfig\n}\n\nexport type ServiceConfig = {\n port: number\n hostname: string\n publicUrl: string\n did: string\n version?: string\n privacyPolicyUrl?: string\n termsOfServiceUrl?: string\n acceptingImports: boolean\n maxImportSize?: number\n blobUploadLimit: number\n contactEmailAddress?: string\n devMode: boolean\n}\n\nexport type DatabaseConfig = {\n accountDbLoc: string\n sequencerDbLoc: string\n didCacheDbLoc: string\n disableWalAutoCheckpoint: boolean\n}\n\nexport type ActorStoreConfig = {\n directory: string\n cacheSize: number\n disableWalAutoCheckpoint: boolean\n}\n\nexport type S3BlobstoreConfig = {\n provider: 's3'\n bucket: string\n region?: string\n endpoint?: string\n forcePathStyle?: boolean\n uploadTimeoutMs?: number\n credentials?: {\n accessKeyId: string\n secretAccessKey: string\n }\n}\n\nexport type DiskBlobstoreConfig = {\n provider: 'disk'\n location: string\n tempLocation?: string\n}\n\nexport type IdentityConfig = {\n plcUrl: string\n resolverTimeout: number\n cacheStaleTTL: number\n cacheMaxTTL: number\n recoveryDidKey: string | null\n serviceHandleDomains: string[]\n handleBackupNameservers?: string[]\n enableDidDocWithSession: boolean\n}\n\nexport type EntrywayConfig = {\n url: string\n did: string\n jwtPublicKeyHex: string\n plcRotationKey: string\n}\n\nexport type FetchConfig = {\n disableSsrfProtection: boolean\n maxResponseSize: number\n}\n\nexport type ProxyConfig = {\n disableSsrfProtection: boolean\n allowHTTP2: boolean\n headersTimeout: number\n bodyTimeout: number\n maxResponseSize: number\n maxRetries: number\n\n /**\n * When proxying requests that might get intercepted (for read-after-write) we\n * negotiate the encoding based on the client's preferences. We will however\n * use or own weights in order to be able to better control if the PDS will\n * need to perform content decoding. This settings allows to prefer compressed\n * content over uncompressed one.\n */\n preferCompressed: boolean\n}\n\nexport type OAuthConfig = {\n issuer: string\n provider?: {\n hcaptcha?: HcaptchaConfig\n branding: BrandingConfig\n trustedClients?: string[]\n }\n}\n\nexport type LexiconResolverConfig = {\n didAuthority?: `did:${string}:${string}`\n}\n\nexport type InvitesConfig =\n | {\n required: true\n interval: number | null\n epoch: number\n }\n | {\n required: false\n }\n\nexport type EmailConfig = {\n smtpUrl: string\n fromAddress: string\n disableConfirmationLink: boolean\n}\n\nexport type SubscriptionConfig = {\n maxBuffer: number\n repoBackfillLimitMs: number\n}\n\nexport type RedisScratchConfig = {\n address: string\n password?: string\n}\n\nexport type RateLimitsConfig =\n | {\n enabled: true\n bypassKey?: string\n bypassIps?: string[]\n }\n | { enabled: false }\n\nexport type BksyAppViewConfig = {\n url: string\n did: string\n cdnUrlPattern?: string\n}\n\nexport type ModServiceConfig = {\n url: string\n did: string\n}\n\nexport type ReportServiceConfig = {\n url: string\n did: string\n}\n"]}
|
package/dist/config/env.d.ts
CHANGED
|
@@ -69,6 +69,7 @@ export declare function readEnv(): {
|
|
|
69
69
|
inviteEpoch: number | undefined;
|
|
70
70
|
emailSmtpUrl: string | undefined;
|
|
71
71
|
emailFromAddress: string | undefined;
|
|
72
|
+
emailDisableConfirmationLink: boolean | undefined;
|
|
72
73
|
moderationEmailSmtpUrl: string | undefined;
|
|
73
74
|
moderationEmailAddress: string | undefined;
|
|
74
75
|
maxSubscriptionBuffer: number | undefined;
|
package/dist/config/env.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAEA,wBAAgB,OAAO
|
|
1
|
+
{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAEA,wBAAgB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAkKtB;AAED,MAAM,MAAM,iBAAiB,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,OAAO,CAAC,CAAC,CAAA"}
|
package/dist/config/env.js
CHANGED
|
@@ -84,6 +84,7 @@ export function readEnv() {
|
|
|
84
84
|
// email
|
|
85
85
|
emailSmtpUrl: envStr('PDS_EMAIL_SMTP_URL'),
|
|
86
86
|
emailFromAddress: envStr('PDS_EMAIL_FROM_ADDRESS'),
|
|
87
|
+
emailDisableConfirmationLink: envBool('PDS_EMAIL_DISABLE_CONFIRMATION_LINK'),
|
|
87
88
|
moderationEmailSmtpUrl: envStr('PDS_MODERATION_EMAIL_SMTP_URL'),
|
|
88
89
|
moderationEmailAddress: envStr('PDS_MODERATION_EMAIL_ADDRESS'),
|
|
89
90
|
// subscription
|
package/dist/config/env.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAElE,MAAM,UAAU,OAAO;IACrB,OAAO;QACL,UAAU;QACV,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC,cAAc,CAAC;QAChC,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QACvC,OAAO,EAAE,MAAM,CAAC,aAAa,CAAC;QAC9B,OAAO,EAAE,MAAM,CAAC,cAAc,CAAC;QAC/B,OAAO,EAAE,MAAM,CAAC,cAAc,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,iBAAiB,EAAE,MAAM,CAAC,0BAA0B,CAAC;QACrD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,OAAO,CAAC,4BAA4B,CAAC;QACvD,aAAa,EAAE,MAAM,CAAC,0BAA0B,CAAC;QACjD,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,OAAO,EAAE,OAAO,CAAC,cAAc,CAAC;QAEhC,WAAW;QACX,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QAEpD,QAAQ;QACR,mBAAmB,EAAE,OAAO,CAAC,2BAA2B,CAAC;QAEzD,WAAW;QACX,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;QACnC,kBAAkB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACrD,YAAY,EAAE,MAAM,CAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,kBAAkB,EAAE,MAAM,CAAC,0BAA0B,CAAC;QACtD,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAC5C,YAAY,EAAE,MAAM,CAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;QACnC,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,YAAY,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC1C,YAAY,EAAE,MAAM,CAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAEhD,WAAW;QACX,aAAa,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC3C,wBAAwB,EAAE,OAAO,CAAC,wCAAwC,CAAC;QAC3E,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,kBAAkB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QAEvD,cAAc;QACd,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,mBAAmB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAEzD,0BAA0B;QAC1B,KAAK;QACL,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,yBAAyB,EAAE,OAAO,CAAC,mCAAmC,CAAC;QACvE,sBAAsB,EAAE,MAAM,CAAC,gCAAgC,CAAC;QAChE,0BAA0B,EAAE,MAAM,CAAC,oCAAoC,CAAC;QACxE,0BAA0B,EAAE,MAAM,CAAC,oCAAoC,CAAC;QACxE,OAAO;QACP,qBAAqB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAC5D,wBAAwB,EAAE,MAAM,CAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACpC,gBAAgB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACnD,cAAc,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAC/C,eAAe,EAAE,MAAM,CAAC,yBAAyB,CAAC;QAClD,cAAc,EAAE,MAAM,CAAC,sBAAsB,CAAC;QAC9C,oBAAoB,EAAE,OAAO,CAAC,4BAA4B,CAAC,EAAE,6BAA6B;QAC1F,uBAAuB,EAAE,OAAO,CAAC,+BAA+B,CAAC;QACjE,uBAAuB,EAAE,OAAO,CAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QACvC,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QACvC,oCAAoC,EAAE,MAAM,CAC1C,iDAAiD,CAClD;QACD,sBAAsB,EAAE,MAAM,CAAC,+BAA+B,CAAC;QAE/D,UAAU;QACV,cAAc,EAAE,OAAO,CAAC,qBAAqB,CAAC;QAC9C,cAAc,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAC7C,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QAEvC,QAAQ;QACR,YAAY,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC1C,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,sBAAsB,EAAE,MAAM,CAAC,+BAA+B,CAAC;QAC/D,sBAAsB,EAAE,MAAM,CAAC,8BAA8B,CAAC;QAE9D,eAAe;QACf,qBAAqB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAC5D,mBAAmB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAEzD,UAAU;QACV,cAAc,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAC/C,cAAc,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAC/C,wBAAwB,EAAE,MAAM,CAAC,mCAAmC,CAAC;QAErE,cAAc;QACd,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAC5C,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAE5C,iBAAiB;QACjB,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAElD,cAAc;QACd,iBAAiB,EAAE,OAAO,CAAC,yBAAyB,CAAC;QACrD,kBAAkB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACvD,kBAAkB,EAAE,OAAO,CAAC,2BAA2B,CAAC;QAExD,QAAQ;QACR,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAE1D,WAAW;QACX,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;QAEjC,UAAU;QACV,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;QACnC,aAAa,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC3C,kBAAkB,EAAE,MAAM,CAAC,0BAA0B,CAAC;QAEtD,MAAM;QACN,sBAAsB,EAAE,MAAM,CAAC,iCAAiC,CAAC;QACjE,SAAS;QACT,+BAA+B,EAAE,MAAM,CACrC,2CAA2C,CAC5C;QAED,kCAAkC;QAClC,qBAAqB,EAAE,OAAO,CAAC,6BAA6B,CAAC;QAE7D,QAAQ;QACR,oBAAoB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAE3D,QAAQ;QACR,eAAe,EAAE,OAAO,CAAC,uBAAuB,CAAC;QACjD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,oBAAoB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAC3D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,qBAAqB,EAAE,OAAO,CAAC,6BAA6B,CAAC;QAE7D,qBAAqB;QACrB,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;KACzD,CAAA;AACH,CAAC","sourcesContent":["import { envBool, envInt, envList, envStr } from '@atproto/common'\n\nexport function readEnv() {\n return {\n // service\n port: envInt('PDS_PORT'),\n hostname: envStr('PDS_HOSTNAME'),\n serviceDid: envStr('PDS_SERVICE_DID'),\n serviceName: envStr('PDS_SERVICE_NAME'),\n version: envStr('PDS_VERSION'),\n homeUrl: envStr('PDS_HOME_URL'),\n logoUrl: envStr('PDS_LOGO_URL'),\n privacyPolicyUrl: envStr('PDS_PRIVACY_POLICY_URL'),\n supportUrl: envStr('PDS_SUPPORT_URL'),\n termsOfServiceUrl: envStr('PDS_TERMS_OF_SERVICE_URL'),\n contactEmailAddress: envStr('PDS_CONTACT_EMAIL_ADDRESS'),\n acceptingImports: envBool('PDS_ACCEPTING_REPO_IMPORTS'),\n maxImportSize: envInt('PDS_MAX_REPO_IMPORT_SIZE'),\n blobUploadLimit: envInt('PDS_BLOB_UPLOAD_LIMIT'),\n devMode: envBool('PDS_DEV_MODE'),\n\n // hCaptcha\n hcaptchaSiteKey: envStr('PDS_HCAPTCHA_SITE_KEY'),\n hcaptchaSecretKey: envStr('PDS_HCAPTCHA_SECRET_KEY'),\n hcaptchaTokenSalt: envStr('PDS_HCAPTCHA_TOKEN_SALT'),\n\n // OAuth\n trustedOAuthClients: envList('PDS_OAUTH_TRUSTED_CLIENTS'),\n\n // branding\n lightColor: envStr('PDS_LIGHT_COLOR'),\n darkColor: envStr('PDS_DARK_COLOR'),\n contrastSaturation: envInt('PDS_CONTRAST_SATURATION'),\n primaryColor: envStr('PDS_PRIMARY_COLOR'),\n primaryColorContrast: envStr('PDS_PRIMARY_COLOR_CONTRAST'),\n primaryColorHue: envInt('PDS_PRIMARY_COLOR_HUE'),\n errorColor: envStr('PDS_ERROR_COLOR'),\n errorColorContrast: envStr('PDS_ERROR_COLOR_CONTRAST'),\n errorColorHue: envInt('PDS_ERROR_COLOR_HUE'),\n warningColor: envStr('PDS_WARNING_COLOR'),\n warningColorContrast: envStr('PDS_WARNING_COLOR_CONTRAST'),\n warningColorHue: envInt('PDS_WARNING_COLOR_HUE'),\n infoColor: envStr('PDS_INFO_COLOR'),\n infoColorContrast: envStr('PDS_INFO_COLOR_CONTRAST'),\n infoColorHue: envInt('PDS_INFO_COLOR_HUE'),\n successColor: envStr('PDS_SUCCESS_COLOR'),\n successColorContrast: envStr('PDS_SUCCESS_COLOR_CONTRAST'),\n successColorHue: envInt('PDS_SUCCESS_COLOR_HUE'),\n\n // database\n dataDirectory: envStr('PDS_DATA_DIRECTORY'),\n disableWalAutoCheckpoint: envBool('PDS_SQLITE_DISABLE_WAL_AUTO_CHECKPOINT'),\n accountDbLocation: envStr('PDS_ACCOUNT_DB_LOCATION'),\n sequencerDbLocation: envStr('PDS_SEQUENCER_DB_LOCATION'),\n didCacheDbLocation: envStr('PDS_DID_CACHE_DB_LOCATION'),\n\n // actor store\n actorStoreDirectory: envStr('PDS_ACTOR_STORE_DIRECTORY'),\n actorStoreCacheSize: envInt('PDS_ACTOR_STORE_CACHE_SIZE'),\n\n // blobstore: one required\n // s3\n blobstoreS3Bucket: envStr('PDS_BLOBSTORE_S3_BUCKET'),\n blobstoreS3Region: envStr('PDS_BLOBSTORE_S3_REGION'),\n blobstoreS3Endpoint: envStr('PDS_BLOBSTORE_S3_ENDPOINT'),\n blobstoreS3ForcePathStyle: envBool('PDS_BLOBSTORE_S3_FORCE_PATH_STYLE'),\n blobstoreS3AccessKeyId: envStr('PDS_BLOBSTORE_S3_ACCESS_KEY_ID'),\n blobstoreS3SecretAccessKey: envStr('PDS_BLOBSTORE_S3_SECRET_ACCESS_KEY'),\n blobstoreS3UploadTimeoutMs: envInt('PDS_BLOBSTORE_S3_UPLOAD_TIMEOUT_MS'),\n // disk\n blobstoreDiskLocation: envStr('PDS_BLOBSTORE_DISK_LOCATION'),\n blobstoreDiskTmpLocation: envStr('PDS_BLOBSTORE_DISK_TMP_LOCATION'),\n\n // identity\n didPlcUrl: envStr('PDS_DID_PLC_URL'),\n didCacheStaleTTL: envInt('PDS_DID_CACHE_STALE_TTL'),\n didCacheMaxTTL: envInt('PDS_DID_CACHE_MAX_TTL'),\n resolverTimeout: envInt('PDS_ID_RESOLVER_TIMEOUT'),\n recoveryDidKey: envStr('PDS_RECOVERY_DID_KEY'),\n serviceHandleDomains: envList('PDS_SERVICE_HANDLE_DOMAINS'), // public hostname by default\n handleBackupNameservers: envList('PDS_HANDLE_BACKUP_NAMESERVERS'),\n enableDidDocWithSession: envBool('PDS_ENABLE_DID_DOC_WITH_SESSION'),\n\n // entryway\n entrywayUrl: envStr('PDS_ENTRYWAY_URL'),\n entrywayDid: envStr('PDS_ENTRYWAY_DID'),\n entrywayJwtVerifyKeyK256PublicKeyHex: envStr(\n 'PDS_ENTRYWAY_JWT_VERIFY_KEY_K256_PUBLIC_KEY_HEX',\n ),\n entrywayPlcRotationKey: envStr('PDS_ENTRYWAY_PLC_ROTATION_KEY'),\n\n // invites\n inviteRequired: envBool('PDS_INVITE_REQUIRED'),\n inviteInterval: envInt('PDS_INVITE_INTERVAL'),\n inviteEpoch: envInt('PDS_INVITE_EPOCH'),\n\n // email\n emailSmtpUrl: envStr('PDS_EMAIL_SMTP_URL'),\n emailFromAddress: envStr('PDS_EMAIL_FROM_ADDRESS'),\n moderationEmailSmtpUrl: envStr('PDS_MODERATION_EMAIL_SMTP_URL'),\n moderationEmailAddress: envStr('PDS_MODERATION_EMAIL_ADDRESS'),\n\n // subscription\n maxSubscriptionBuffer: envInt('PDS_MAX_SUBSCRIPTION_BUFFER'),\n repoBackfillLimitMs: envInt('PDS_REPO_BACKFILL_LIMIT_MS'),\n\n // appview\n bskyAppViewUrl: envStr('PDS_BSKY_APP_VIEW_URL'),\n bskyAppViewDid: envStr('PDS_BSKY_APP_VIEW_DID'),\n bskyAppViewCdnUrlPattern: envStr('PDS_BSKY_APP_VIEW_CDN_URL_PATTERN'),\n\n // mod service\n modServiceUrl: envStr('PDS_MOD_SERVICE_URL'),\n modServiceDid: envStr('PDS_MOD_SERVICE_DID'),\n\n // report service\n reportServiceUrl: envStr('PDS_REPORT_SERVICE_URL'),\n reportServiceDid: envStr('PDS_REPORT_SERVICE_DID'),\n\n // rate limits\n rateLimitsEnabled: envBool('PDS_RATE_LIMITS_ENABLED'),\n rateLimitBypassKey: envStr('PDS_RATE_LIMIT_BYPASS_KEY'),\n rateLimitBypassIps: envList('PDS_RATE_LIMIT_BYPASS_IPS'),\n\n // redis\n redisScratchAddress: envStr('PDS_REDIS_SCRATCH_ADDRESS'),\n redisScratchPassword: envStr('PDS_REDIS_SCRATCH_PASSWORD'),\n\n // crawlers\n crawlers: envList('PDS_CRAWLERS'),\n\n // secrets\n dpopSecret: envStr('PDS_DPOP_SECRET'),\n jwtSecret: envStr('PDS_JWT_SECRET'),\n adminPassword: envStr('PDS_ADMIN_PASSWORD'),\n entrywayAdminToken: envStr('PDS_ENTRYWAY_ADMIN_TOKEN'),\n\n // kms\n plcRotationKeyKmsKeyId: envStr('PDS_PLC_ROTATION_KEY_KMS_KEY_ID'),\n // memory\n plcRotationKeyK256PrivateKeyHex: envStr(\n 'PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX',\n ),\n\n // user provided url http requests\n disableSsrfProtection: envBool('PDS_DISABLE_SSRF_PROTECTION'),\n\n // fetch\n fetchMaxResponseSize: envInt('PDS_FETCH_MAX_RESPONSE_SIZE'),\n\n // proxy\n proxyAllowHTTP2: envBool('PDS_PROXY_ALLOW_HTTP2'),\n proxyHeadersTimeout: envInt('PDS_PROXY_HEADERS_TIMEOUT'),\n proxyBodyTimeout: envInt('PDS_PROXY_BODY_TIMEOUT'),\n proxyMaxResponseSize: envInt('PDS_PROXY_MAX_RESPONSE_SIZE'),\n proxyMaxRetries: envInt('PDS_PROXY_MAX_RETRIES'),\n proxyPreferCompressed: envBool('PDS_PROXY_PREFER_COMPRESSED'),\n\n // lexicon resolution\n lexiconDidAuthority: envStr('PDS_LEXICON_AUTHORITY_DID'),\n }\n}\n\nexport type ServerEnvironment = Partial<ReturnType<typeof readEnv>>\n"]}
|
|
1
|
+
{"version":3,"file":"env.js","sourceRoot":"","sources":["../../src/config/env.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAElE,MAAM,UAAU,OAAO;IACrB,OAAO;QACL,UAAU;QACV,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC,cAAc,CAAC;QAChC,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QACvC,OAAO,EAAE,MAAM,CAAC,aAAa,CAAC;QAC9B,OAAO,EAAE,MAAM,CAAC,cAAc,CAAC;QAC/B,OAAO,EAAE,MAAM,CAAC,cAAc,CAAC;QAC/B,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,iBAAiB,EAAE,MAAM,CAAC,0BAA0B,CAAC;QACrD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,OAAO,CAAC,4BAA4B,CAAC;QACvD,aAAa,EAAE,MAAM,CAAC,0BAA0B,CAAC;QACjD,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,OAAO,EAAE,OAAO,CAAC,cAAc,CAAC;QAEhC,WAAW;QACX,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QAEpD,QAAQ;QACR,mBAAmB,EAAE,OAAO,CAAC,2BAA2B,CAAC;QAEzD,WAAW;QACX,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;QACnC,kBAAkB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACrD,YAAY,EAAE,MAAM,CAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,kBAAkB,EAAE,MAAM,CAAC,0BAA0B,CAAC;QACtD,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAC5C,YAAY,EAAE,MAAM,CAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;QACnC,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,YAAY,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC1C,YAAY,EAAE,MAAM,CAAC,mBAAmB,CAAC;QACzC,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAC1D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAEhD,WAAW;QACX,aAAa,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC3C,wBAAwB,EAAE,OAAO,CAAC,wCAAwC,CAAC;QAC3E,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,kBAAkB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QAEvD,cAAc;QACd,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,mBAAmB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAEzD,0BAA0B;QAC1B,KAAK;QACL,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,iBAAiB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACpD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,yBAAyB,EAAE,OAAO,CAAC,mCAAmC,CAAC;QACvE,sBAAsB,EAAE,MAAM,CAAC,gCAAgC,CAAC;QAChE,0BAA0B,EAAE,MAAM,CAAC,oCAAoC,CAAC;QACxE,0BAA0B,EAAE,MAAM,CAAC,oCAAoC,CAAC;QACxE,OAAO;QACP,qBAAqB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAC5D,wBAAwB,EAAE,MAAM,CAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACpC,gBAAgB,EAAE,MAAM,CAAC,yBAAyB,CAAC;QACnD,cAAc,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAC/C,eAAe,EAAE,MAAM,CAAC,yBAAyB,CAAC;QAClD,cAAc,EAAE,MAAM,CAAC,sBAAsB,CAAC;QAC9C,oBAAoB,EAAE,OAAO,CAAC,4BAA4B,CAAC,EAAE,6BAA6B;QAC1F,uBAAuB,EAAE,OAAO,CAAC,+BAA+B,CAAC;QACjE,uBAAuB,EAAE,OAAO,CAAC,iCAAiC,CAAC;QAEnE,WAAW;QACX,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QACvC,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QACvC,oCAAoC,EAAE,MAAM,CAC1C,iDAAiD,CAClD;QACD,sBAAsB,EAAE,MAAM,CAAC,+BAA+B,CAAC;QAE/D,UAAU;QACV,cAAc,EAAE,OAAO,CAAC,qBAAqB,CAAC;QAC9C,cAAc,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAC7C,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC;QAEvC,QAAQ;QACR,YAAY,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC1C,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,4BAA4B,EAAE,OAAO,CACnC,qCAAqC,CACtC;QACD,sBAAsB,EAAE,MAAM,CAAC,+BAA+B,CAAC;QAC/D,sBAAsB,EAAE,MAAM,CAAC,8BAA8B,CAAC;QAE9D,eAAe;QACf,qBAAqB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAC5D,mBAAmB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAEzD,UAAU;QACV,cAAc,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAC/C,cAAc,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAC/C,wBAAwB,EAAE,MAAM,CAAC,mCAAmC,CAAC;QAErE,cAAc;QACd,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAC5C,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC;QAE5C,iBAAiB;QACjB,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAElD,cAAc;QACd,iBAAiB,EAAE,OAAO,CAAC,yBAAyB,CAAC;QACrD,kBAAkB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACvD,kBAAkB,EAAE,OAAO,CAAC,2BAA2B,CAAC;QAExD,QAAQ;QACR,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,oBAAoB,EAAE,MAAM,CAAC,4BAA4B,CAAC;QAE1D,WAAW;QACX,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;QAEjC,UAAU;QACV,UAAU,EAAE,MAAM,CAAC,iBAAiB,CAAC;QACrC,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;QACnC,aAAa,EAAE,MAAM,CAAC,oBAAoB,CAAC;QAC3C,kBAAkB,EAAE,MAAM,CAAC,0BAA0B,CAAC;QAEtD,MAAM;QACN,sBAAsB,EAAE,MAAM,CAAC,iCAAiC,CAAC;QACjE,SAAS;QACT,+BAA+B,EAAE,MAAM,CACrC,2CAA2C,CAC5C;QAED,kCAAkC;QAClC,qBAAqB,EAAE,OAAO,CAAC,6BAA6B,CAAC;QAE7D,QAAQ;QACR,oBAAoB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAE3D,QAAQ;QACR,eAAe,EAAE,OAAO,CAAC,uBAAuB,CAAC;QACjD,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;QACxD,gBAAgB,EAAE,MAAM,CAAC,wBAAwB,CAAC;QAClD,oBAAoB,EAAE,MAAM,CAAC,6BAA6B,CAAC;QAC3D,eAAe,EAAE,MAAM,CAAC,uBAAuB,CAAC;QAChD,qBAAqB,EAAE,OAAO,CAAC,6BAA6B,CAAC;QAE7D,qBAAqB;QACrB,mBAAmB,EAAE,MAAM,CAAC,2BAA2B,CAAC;KACzD,CAAA;AACH,CAAC","sourcesContent":["import { envBool, envInt, envList, envStr } from '@atproto/common'\n\nexport function readEnv() {\n return {\n // service\n port: envInt('PDS_PORT'),\n hostname: envStr('PDS_HOSTNAME'),\n serviceDid: envStr('PDS_SERVICE_DID'),\n serviceName: envStr('PDS_SERVICE_NAME'),\n version: envStr('PDS_VERSION'),\n homeUrl: envStr('PDS_HOME_URL'),\n logoUrl: envStr('PDS_LOGO_URL'),\n privacyPolicyUrl: envStr('PDS_PRIVACY_POLICY_URL'),\n supportUrl: envStr('PDS_SUPPORT_URL'),\n termsOfServiceUrl: envStr('PDS_TERMS_OF_SERVICE_URL'),\n contactEmailAddress: envStr('PDS_CONTACT_EMAIL_ADDRESS'),\n acceptingImports: envBool('PDS_ACCEPTING_REPO_IMPORTS'),\n maxImportSize: envInt('PDS_MAX_REPO_IMPORT_SIZE'),\n blobUploadLimit: envInt('PDS_BLOB_UPLOAD_LIMIT'),\n devMode: envBool('PDS_DEV_MODE'),\n\n // hCaptcha\n hcaptchaSiteKey: envStr('PDS_HCAPTCHA_SITE_KEY'),\n hcaptchaSecretKey: envStr('PDS_HCAPTCHA_SECRET_KEY'),\n hcaptchaTokenSalt: envStr('PDS_HCAPTCHA_TOKEN_SALT'),\n\n // OAuth\n trustedOAuthClients: envList('PDS_OAUTH_TRUSTED_CLIENTS'),\n\n // branding\n lightColor: envStr('PDS_LIGHT_COLOR'),\n darkColor: envStr('PDS_DARK_COLOR'),\n contrastSaturation: envInt('PDS_CONTRAST_SATURATION'),\n primaryColor: envStr('PDS_PRIMARY_COLOR'),\n primaryColorContrast: envStr('PDS_PRIMARY_COLOR_CONTRAST'),\n primaryColorHue: envInt('PDS_PRIMARY_COLOR_HUE'),\n errorColor: envStr('PDS_ERROR_COLOR'),\n errorColorContrast: envStr('PDS_ERROR_COLOR_CONTRAST'),\n errorColorHue: envInt('PDS_ERROR_COLOR_HUE'),\n warningColor: envStr('PDS_WARNING_COLOR'),\n warningColorContrast: envStr('PDS_WARNING_COLOR_CONTRAST'),\n warningColorHue: envInt('PDS_WARNING_COLOR_HUE'),\n infoColor: envStr('PDS_INFO_COLOR'),\n infoColorContrast: envStr('PDS_INFO_COLOR_CONTRAST'),\n infoColorHue: envInt('PDS_INFO_COLOR_HUE'),\n successColor: envStr('PDS_SUCCESS_COLOR'),\n successColorContrast: envStr('PDS_SUCCESS_COLOR_CONTRAST'),\n successColorHue: envInt('PDS_SUCCESS_COLOR_HUE'),\n\n // database\n dataDirectory: envStr('PDS_DATA_DIRECTORY'),\n disableWalAutoCheckpoint: envBool('PDS_SQLITE_DISABLE_WAL_AUTO_CHECKPOINT'),\n accountDbLocation: envStr('PDS_ACCOUNT_DB_LOCATION'),\n sequencerDbLocation: envStr('PDS_SEQUENCER_DB_LOCATION'),\n didCacheDbLocation: envStr('PDS_DID_CACHE_DB_LOCATION'),\n\n // actor store\n actorStoreDirectory: envStr('PDS_ACTOR_STORE_DIRECTORY'),\n actorStoreCacheSize: envInt('PDS_ACTOR_STORE_CACHE_SIZE'),\n\n // blobstore: one required\n // s3\n blobstoreS3Bucket: envStr('PDS_BLOBSTORE_S3_BUCKET'),\n blobstoreS3Region: envStr('PDS_BLOBSTORE_S3_REGION'),\n blobstoreS3Endpoint: envStr('PDS_BLOBSTORE_S3_ENDPOINT'),\n blobstoreS3ForcePathStyle: envBool('PDS_BLOBSTORE_S3_FORCE_PATH_STYLE'),\n blobstoreS3AccessKeyId: envStr('PDS_BLOBSTORE_S3_ACCESS_KEY_ID'),\n blobstoreS3SecretAccessKey: envStr('PDS_BLOBSTORE_S3_SECRET_ACCESS_KEY'),\n blobstoreS3UploadTimeoutMs: envInt('PDS_BLOBSTORE_S3_UPLOAD_TIMEOUT_MS'),\n // disk\n blobstoreDiskLocation: envStr('PDS_BLOBSTORE_DISK_LOCATION'),\n blobstoreDiskTmpLocation: envStr('PDS_BLOBSTORE_DISK_TMP_LOCATION'),\n\n // identity\n didPlcUrl: envStr('PDS_DID_PLC_URL'),\n didCacheStaleTTL: envInt('PDS_DID_CACHE_STALE_TTL'),\n didCacheMaxTTL: envInt('PDS_DID_CACHE_MAX_TTL'),\n resolverTimeout: envInt('PDS_ID_RESOLVER_TIMEOUT'),\n recoveryDidKey: envStr('PDS_RECOVERY_DID_KEY'),\n serviceHandleDomains: envList('PDS_SERVICE_HANDLE_DOMAINS'), // public hostname by default\n handleBackupNameservers: envList('PDS_HANDLE_BACKUP_NAMESERVERS'),\n enableDidDocWithSession: envBool('PDS_ENABLE_DID_DOC_WITH_SESSION'),\n\n // entryway\n entrywayUrl: envStr('PDS_ENTRYWAY_URL'),\n entrywayDid: envStr('PDS_ENTRYWAY_DID'),\n entrywayJwtVerifyKeyK256PublicKeyHex: envStr(\n 'PDS_ENTRYWAY_JWT_VERIFY_KEY_K256_PUBLIC_KEY_HEX',\n ),\n entrywayPlcRotationKey: envStr('PDS_ENTRYWAY_PLC_ROTATION_KEY'),\n\n // invites\n inviteRequired: envBool('PDS_INVITE_REQUIRED'),\n inviteInterval: envInt('PDS_INVITE_INTERVAL'),\n inviteEpoch: envInt('PDS_INVITE_EPOCH'),\n\n // email\n emailSmtpUrl: envStr('PDS_EMAIL_SMTP_URL'),\n emailFromAddress: envStr('PDS_EMAIL_FROM_ADDRESS'),\n emailDisableConfirmationLink: envBool(\n 'PDS_EMAIL_DISABLE_CONFIRMATION_LINK',\n ),\n moderationEmailSmtpUrl: envStr('PDS_MODERATION_EMAIL_SMTP_URL'),\n moderationEmailAddress: envStr('PDS_MODERATION_EMAIL_ADDRESS'),\n\n // subscription\n maxSubscriptionBuffer: envInt('PDS_MAX_SUBSCRIPTION_BUFFER'),\n repoBackfillLimitMs: envInt('PDS_REPO_BACKFILL_LIMIT_MS'),\n\n // appview\n bskyAppViewUrl: envStr('PDS_BSKY_APP_VIEW_URL'),\n bskyAppViewDid: envStr('PDS_BSKY_APP_VIEW_DID'),\n bskyAppViewCdnUrlPattern: envStr('PDS_BSKY_APP_VIEW_CDN_URL_PATTERN'),\n\n // mod service\n modServiceUrl: envStr('PDS_MOD_SERVICE_URL'),\n modServiceDid: envStr('PDS_MOD_SERVICE_DID'),\n\n // report service\n reportServiceUrl: envStr('PDS_REPORT_SERVICE_URL'),\n reportServiceDid: envStr('PDS_REPORT_SERVICE_DID'),\n\n // rate limits\n rateLimitsEnabled: envBool('PDS_RATE_LIMITS_ENABLED'),\n rateLimitBypassKey: envStr('PDS_RATE_LIMIT_BYPASS_KEY'),\n rateLimitBypassIps: envList('PDS_RATE_LIMIT_BYPASS_IPS'),\n\n // redis\n redisScratchAddress: envStr('PDS_REDIS_SCRATCH_ADDRESS'),\n redisScratchPassword: envStr('PDS_REDIS_SCRATCH_PASSWORD'),\n\n // crawlers\n crawlers: envList('PDS_CRAWLERS'),\n\n // secrets\n dpopSecret: envStr('PDS_DPOP_SECRET'),\n jwtSecret: envStr('PDS_JWT_SECRET'),\n adminPassword: envStr('PDS_ADMIN_PASSWORD'),\n entrywayAdminToken: envStr('PDS_ENTRYWAY_ADMIN_TOKEN'),\n\n // kms\n plcRotationKeyKmsKeyId: envStr('PDS_PLC_ROTATION_KEY_KMS_KEY_ID'),\n // memory\n plcRotationKeyK256PrivateKeyHex: envStr(\n 'PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX',\n ),\n\n // user provided url http requests\n disableSsrfProtection: envBool('PDS_DISABLE_SSRF_PROTECTION'),\n\n // fetch\n fetchMaxResponseSize: envInt('PDS_FETCH_MAX_RESPONSE_SIZE'),\n\n // proxy\n proxyAllowHTTP2: envBool('PDS_PROXY_ALLOW_HTTP2'),\n proxyHeadersTimeout: envInt('PDS_PROXY_HEADERS_TIMEOUT'),\n proxyBodyTimeout: envInt('PDS_PROXY_BODY_TIMEOUT'),\n proxyMaxResponseSize: envInt('PDS_PROXY_MAX_RESPONSE_SIZE'),\n proxyMaxRetries: envInt('PDS_PROXY_MAX_RETRIES'),\n proxyPreferCompressed: envBool('PDS_PROXY_PREFER_COMPRESSED'),\n\n // lexicon resolution\n lexiconDidAuthority: envStr('PDS_LEXICON_AUTHORITY_DID'),\n }\n}\n\nexport type ServerEnvironment = Partial<ReturnType<typeof readEnv>>\n"]}
|
package/dist/context.js
CHANGED
|
@@ -69,7 +69,7 @@ export class AppContext {
|
|
|
69
69
|
const mailTransport = cfg.email !== null
|
|
70
70
|
? nodemailer.createTransport(cfg.email.smtpUrl)
|
|
71
71
|
: nodemailer.createTransport({ jsonTransport: true });
|
|
72
|
-
const mailer = new ServerMailer(mailTransport, cfg);
|
|
72
|
+
const mailer = new ServerMailer(mailTransport, cfg.email, cfg.branding);
|
|
73
73
|
const modMailTransport = cfg.moderationEmail !== null
|
|
74
74
|
? nodemailer.createTransport(cfg.moderationEmail.smtpUrl)
|
|
75
75
|
: nodemailer.createTransport({ jsonTransport: true });
|